Author: jra Date: 2007-01-13 02:34:43 +0000 (Sat, 13 Jan 2007) New Revision: 20724
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20724 Log: Get closer to passing RAW-OPEN. If the client is using create disposition of FILE_CREATE then there's no need to check can_delete_file_in_directory(). Jeremy. Modified: branches/SAMBA_3_0/source/smbd/nttrans.c branches/SAMBA_3_0_24/source/smbd/nttrans.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/nttrans.c =================================================================== --- branches/SAMBA_3_0/source/smbd/nttrans.c 2007-01-13 02:27:54 UTC (rev 20723) +++ branches/SAMBA_3_0/source/smbd/nttrans.c 2007-01-13 02:34:43 UTC (rev 20724) @@ -640,20 +640,19 @@ return UNIXERROR(ERRDOS,ERRbadpath); } -#if 0 /* This is the correct thing to do (check every time) but can_delete is expensive (it may have to read the parent directory permissions). So for now we're not doing it unless we have a strong hint the client - is really going to delete this file. */ - if ((desired_access & DELETE_ACCESS) - && !can_delete_file_in_directory(conn, fname)) { -#else + is really going to delete this file. If the client is forcing FILE_CREATE + let the filesystem take care of the permissions. */ + /* Setting FILE_SHARE_DELETE is the hint. */ + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) && !can_delete_file_in_directory(conn, fname)) { -#endif restore_case_semantics(conn, file_attributes); END_PROFILE(SMBntcreateX); return ERROR_NT(NT_STATUS_ACCESS_DENIED); @@ -1265,20 +1264,19 @@ return UNIXERROR(ERRDOS,ERRbadpath); } -#if 0 /* This is the correct thing to do (check every time) but can_delete is expensive (it may have to read the parent directory permissions). So for now we're not doing it unless we have a strong hint the client - is really going to delete this file. */ - if ((desired_access & DELETE_ACCESS) - && !can_delete_file_in_directory(conn, fname)) { -#else + is really going to delete this file. If the client is forcing FILE_CREATE + let the filesystem take care of the permissions. */ + /* Setting FILE_SHARE_DELETE is the hint. */ + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) && !can_delete_file_in_directory(conn, fname)) { -#endif restore_case_semantics(conn, file_attributes); return ERROR_NT(NT_STATUS_ACCESS_DENIED); } Modified: branches/SAMBA_3_0_24/source/smbd/nttrans.c =================================================================== --- branches/SAMBA_3_0_24/source/smbd/nttrans.c 2007-01-13 02:27:54 UTC (rev 20723) +++ branches/SAMBA_3_0_24/source/smbd/nttrans.c 2007-01-13 02:34:43 UTC (rev 20724) @@ -640,20 +640,19 @@ return UNIXERROR(ERRDOS,ERRbadpath); } -#if 0 /* This is the correct thing to do (check every time) but can_delete is expensive (it may have to read the parent directory permissions). So for now we're not doing it unless we have a strong hint the client - is really going to delete this file. */ - if ((desired_access & DELETE_ACCESS) - && !can_delete_file_in_directory(conn, fname)) { -#else + is really going to delete this file. If the client is forcing FILE_CREATE + let the filesystem take care of the permissions. */ + /* Setting FILE_SHARE_DELETE is the hint. */ + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) && !can_delete_file_in_directory(conn, fname)) { -#endif restore_case_semantics(conn, file_attributes); END_PROFILE(SMBntcreateX); return ERROR_NT(NT_STATUS_ACCESS_DENIED); @@ -1265,20 +1264,19 @@ return UNIXERROR(ERRDOS,ERRbadpath); } -#if 0 /* This is the correct thing to do (check every time) but can_delete is expensive (it may have to read the parent directory permissions). So for now we're not doing it unless we have a strong hint the client - is really going to delete this file. */ - if ((desired_access & DELETE_ACCESS) - && !can_delete_file_in_directory(conn, fname)) { -#else + is really going to delete this file. If the client is forcing FILE_CREATE + let the filesystem take care of the permissions. */ + /* Setting FILE_SHARE_DELETE is the hint. */ + if (lp_acl_check_permissions(SNUM(conn)) + && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) && !can_delete_file_in_directory(conn, fname)) { -#endif restore_case_semantics(conn, file_attributes); return ERROR_NT(NT_STATUS_ACCESS_DENIED); }
