mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2581 lines
74 KiB
2581 lines
74 KiB
/*++
|
|
|
|
creatfil.cxx
|
|
|
|
Exports API for creating/opening a file, given the filename.
|
|
The file handle and other information are cached for the given user handle.
|
|
|
|
History:
|
|
Heath Hunnicutt ( t-heathh) ??-??-??
|
|
|
|
Murali R. Krishnan ( MuraliK) Dec 30, 1994
|
|
Added SetLastError() to set error code as appropriate
|
|
|
|
Murali R. Krishnan ( MuraliK) Jan 4, 1994
|
|
Added ability to obtain and set the BY_HANDLE_FILE_INFORMATION
|
|
as part of TS_OPEN_FILE_INFO
|
|
--*/
|
|
|
|
#include "TsunamiP.Hxx"
|
|
#pragma hdrstop
|
|
#include <lonsi.hxx>
|
|
#include "auxctrs.h"
|
|
#include <dbgutil.h>
|
|
|
|
#include <iistypes.hxx>
|
|
#include <iisver.h>
|
|
#include <iiscnfg.h>
|
|
#include <imd.h>
|
|
#include <mb.hxx>
|
|
|
|
LONG g_IISCacheAuxCounters[ AacIISCacheMaxCounters];
|
|
|
|
GENERIC_MAPPING g_gmFile = {
|
|
FILE_GENERIC_READ,
|
|
FILE_GENERIC_WRITE,
|
|
FILE_GENERIC_EXECUTE,
|
|
FILE_ALL_ACCESS
|
|
};
|
|
|
|
//
|
|
// Routines and macros for manipulating the "init complete" state of
|
|
// a PHYS_OPEN_FILE_INFO structure.
|
|
//
|
|
|
|
VOID
|
|
WaitForPhysInitComplete(
|
|
IN PPHYS_OPEN_FILE_INFO lpPFInfo
|
|
);
|
|
|
|
#define WAIT_FOR_PHYS_INIT_COMPLETE( lpPFInfo ) \
|
|
if( !lpPFInfo->fInitComplete ) { \
|
|
WaitForPhysInitComplete( lpPFInfo ); \
|
|
} else
|
|
|
|
#define MARK_PHYS_INIT_COMPLETE( lpPFInfo ) \
|
|
if( TRUE ) { \
|
|
ASSERT( (lpPFInfo)->Signature == PHYS_OBJ_SIGNATURE ); \
|
|
(lpPFInfo)->fInitComplete = TRUE; \
|
|
} else
|
|
|
|
#define PHYS_INIT_SLEEP_START 100 // ms
|
|
#define PHYS_INIT_SLEEP_INCR 100 // ms
|
|
#define PHYS_INIT_SLEEP_MAX 1000 // ms
|
|
|
|
dllexp
|
|
PSECURITY_DESCRIPTOR
|
|
TsGetFileSecDesc(
|
|
LPTS_OPEN_FILE_INFO pFile
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Returns the security descriptor associated to the file
|
|
To be freed using LocalFree()
|
|
|
|
Arguments:
|
|
|
|
pFile - ptr to fie object
|
|
|
|
Return Value:
|
|
|
|
ptr to security descriptor or NULL if error
|
|
|
|
--*/
|
|
{
|
|
SECURITY_INFORMATION si
|
|
= OWNER_SECURITY_INFORMATION |
|
|
GROUP_SECURITY_INFORMATION |
|
|
DACL_SECURITY_INFORMATION;
|
|
BYTE abSecDesc[ SECURITY_DESC_DEFAULT_SIZE ];
|
|
DWORD dwSecDescSize;
|
|
PSECURITY_DESCRIPTOR pAcl;
|
|
|
|
if ( GetKernelObjectSecurity(
|
|
pFile->QueryFileHandle(),
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)abSecDesc,
|
|
SECURITY_DESC_DEFAULT_SIZE,
|
|
&dwSecDescSize ) )
|
|
{
|
|
if ( dwSecDescSize > SECURITY_DESC_DEFAULT_SIZE )
|
|
{
|
|
if ( !(pAcl = (PSECURITY_DESCRIPTOR)LocalAlloc( LMEM_FIXED, dwSecDescSize )) )
|
|
{
|
|
return NULL;
|
|
}
|
|
if ( !GetKernelObjectSecurity(
|
|
pFile->QueryFileHandle(),
|
|
si,
|
|
pAcl,
|
|
dwSecDescSize,
|
|
&dwSecDescSize ) )
|
|
{
|
|
LocalFree( pAcl );
|
|
|
|
return NULL;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if ( dwSecDescSize = GetSecurityDescriptorLength(abSecDesc) )
|
|
{
|
|
if ( !(pAcl = (PSECURITY_DESCRIPTOR)LocalAlloc( LMEM_FIXED,
|
|
dwSecDescSize )) )
|
|
{
|
|
return NULL;
|
|
}
|
|
memcpy( pAcl, abSecDesc, dwSecDescSize );
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// Security descriptor is empty : do not return ptr to security descriptor
|
|
//
|
|
|
|
pAcl = NULL;
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
pAcl = NULL;
|
|
}
|
|
|
|
return pAcl;
|
|
}
|
|
|
|
BOOL
|
|
TsReInitPhysFile(
|
|
IN PPHYS_OPEN_FILE_INFO pPhysFileInfo
|
|
)
|
|
|
|
/*+++
|
|
|
|
TsReInitPhysFile
|
|
|
|
Called when we get a valid, initialized phys file info structure that
|
|
has an invalid file handle. We acquire the cache critical section and
|
|
check to see if the file is still valid and still has an invalid handle
|
|
value. If it does, we're the first to try to do this, so we'll mark
|
|
the structure and initing, and let our caller try to initialize it.
|
|
Otherwise we'll just return and let our caller try again.
|
|
|
|
Arguments:
|
|
|
|
pPhysFileInfo - Pointer to the phys file info structure.
|
|
|
|
Returns:
|
|
|
|
FALSE if we reinited, TRUE otherwise.
|
|
---*/
|
|
{
|
|
BOOL bRetVal;
|
|
|
|
EnterCriticalSection( &CacheTable.CriticalSection );
|
|
|
|
if ( pPhysFileInfo->fInitComplete &&
|
|
pPhysFileInfo->hOpenFile == INVALID_HANDLE_VALUE
|
|
)
|
|
{
|
|
pPhysFileInfo->fInitComplete = FALSE;
|
|
bRetVal = FALSE;
|
|
}
|
|
else
|
|
{
|
|
bRetVal = TRUE;
|
|
}
|
|
|
|
LeaveCriticalSection( &CacheTable.CriticalSection );
|
|
|
|
return bRetVal;
|
|
}
|
|
|
|
VOID
|
|
WaitForPhysInitComplete(
|
|
IN PPHYS_OPEN_FILE_INFO lpPFInfo
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Waits for the specified physical open file info structure to become
|
|
fully initialized.
|
|
|
|
Arguments:
|
|
|
|
lpPFInfo - The PHYS_OPEN_FILE_INFO structure to wait for.
|
|
|
|
Return Value:
|
|
|
|
None.
|
|
|
|
--*/
|
|
{
|
|
|
|
DWORD sleepTime;
|
|
|
|
//
|
|
// Sanity check.
|
|
//
|
|
|
|
ASSERT( lpPFInfo != NULL );
|
|
|
|
//
|
|
// Perform a linear backoff delay while waiting for init complete.
|
|
//
|
|
|
|
sleepTime = PHYS_INIT_SLEEP_START;
|
|
|
|
while( !lpPFInfo->fInitComplete ) {
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
Sleep( sleepTime );
|
|
|
|
sleepTime += PHYS_INIT_SLEEP_INCR;
|
|
|
|
if( sleepTime > PHYS_INIT_SLEEP_MAX ) {
|
|
sleepTime = PHYS_INIT_SLEEP_MAX;
|
|
}
|
|
|
|
}
|
|
|
|
} // WaitForPhysInitComplete
|
|
|
|
VOID
|
|
OplockCreateFile(
|
|
PVOID Context,
|
|
DWORD Status
|
|
)
|
|
{
|
|
POPLOCK_OBJECT lpOplock = (POPLOCK_OBJECT)Context;
|
|
PBLOB_HEADER pbhBlob;
|
|
PCACHE_OBJECT cache;
|
|
PCACHE_OBJECT pCacheTmp;
|
|
PCACHE_OBJECT TmpCache;
|
|
BOOL result = FALSE;
|
|
LIST_ENTRY ListHead;
|
|
LIST_ENTRY * pEntry;
|
|
LIST_ENTRY * pNextEntry;
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"OplockCreateFile(%08lx, %08lx) - Entered\n", Context, Status ));
|
|
}
|
|
|
|
if (lpOplock == NULL) {
|
|
return;
|
|
}
|
|
|
|
ASSERT(lpOplock->Signature == OPLOCK_OBJ_SIGNATURE);
|
|
if ( Status != OPLOCK_BREAK_NO_OPLOCK ) {
|
|
WaitForSingleObject( lpOplock->hOplockInitComplete, (DWORD)(-1) );
|
|
}
|
|
|
|
if ( Status == OPLOCK_BREAK_OPEN ) {
|
|
if ( lpOplock->lpPFInfo != NULL ) {
|
|
pbhBlob = (( PBLOB_HEADER )lpOplock->lpPFInfo ) - 1;
|
|
if ( pbhBlob->IsCached ) {
|
|
cache = pbhBlob->pCache;
|
|
|
|
InitializeListHead( &ListHead );
|
|
|
|
EnterCriticalSection( &CacheTable.CriticalSection );
|
|
EnterCriticalSection( &csVirtualRoots );
|
|
|
|
for ( pEntry = CacheTable.MruList.Flink;
|
|
pEntry != &CacheTable.MruList;
|
|
pEntry = pNextEntry ) {
|
|
|
|
pNextEntry = pEntry->Flink;
|
|
|
|
pCacheTmp = CONTAINING_RECORD( pEntry, CACHE_OBJECT, MruList );
|
|
|
|
ASSERT( pCacheTmp->Signature == CACHE_OBJ_SIGNATURE );
|
|
|
|
if ( pCacheTmp != cache ) {
|
|
continue;
|
|
}
|
|
|
|
result = TRUE;
|
|
|
|
while ( !IsListEmpty( &lpOplock->lpPFInfo->OpenReferenceList ) ) {
|
|
pEntry = RemoveHeadList( &lpOplock->lpPFInfo->OpenReferenceList );
|
|
pbhBlob = CONTAINING_RECORD( pEntry, BLOB_HEADER, PFList );
|
|
TmpCache = pbhBlob->pCache;
|
|
if (!RemoveCacheObjFromLists( TmpCache, FALSE ) ) {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"OplockCreateFile(%08lx, %08lx, %08lx) - Error Processing Open Reference %08lx\n", Context, Status, pEntry, TmpCache ));
|
|
}
|
|
break;
|
|
}
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"OplockCreateFile(%08lx, %08lx, %08lx) - Processing Open Reference %08lx\n", Context, Status, pEntry, TmpCache ));
|
|
}
|
|
InsertTailList( &ListHead, pEntry );
|
|
}
|
|
|
|
break;
|
|
}
|
|
|
|
LeaveCriticalSection( &csVirtualRoots );
|
|
LeaveCriticalSection( &CacheTable.CriticalSection );
|
|
|
|
if ( result ) {
|
|
while ( !IsListEmpty( &ListHead ) ) {
|
|
pEntry = RemoveHeadList( &ListHead );
|
|
pbhBlob = CONTAINING_RECORD( pEntry, BLOB_HEADER, PFList );
|
|
TmpCache = pbhBlob->pCache;
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"OplockCreateFile(%08lx, %08lx) - Processing Open Reference %08lx %08lx\n", Context, Status, pEntry, TmpCache ));
|
|
}
|
|
TsDereferenceCacheObj( TmpCache, TRUE );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
CloseHandle( lpOplock->hOplockInitComplete );
|
|
lpOplock->Signature = 0;
|
|
LocalFree(lpOplock);
|
|
}
|
|
|
|
VOID
|
|
TsRemovePhysFile(
|
|
PPHYS_OPEN_FILE_INFO lpPFInfo
|
|
)
|
|
{
|
|
PBLOB_HEADER pbhBlob;
|
|
PCACHE_OBJECT cache;
|
|
PCACHE_OBJECT pCacheTmp;
|
|
PCACHE_OBJECT TmpCache;
|
|
BOOL result = FALSE;
|
|
BOOL bSuccess;
|
|
LIST_ENTRY * pEntry;
|
|
LIST_ENTRY * pNextEntry;
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsRemovePhysFile(%08lx) - Entered\n", lpPFInfo ));
|
|
}
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
TSUNAMI_TRACE( TRACE_PHYS_REMOVE, lpPFInfo );
|
|
|
|
pbhBlob = (( PBLOB_HEADER )lpPFInfo ) - 1;
|
|
if ( pbhBlob->IsCached ) {
|
|
cache = pbhBlob->pCache;
|
|
|
|
EnterCriticalSection( &CacheTable.CriticalSection );
|
|
EnterCriticalSection( &csVirtualRoots );
|
|
|
|
if ( cache->references > 1 ) {
|
|
|
|
TsCheckInCachedBlob( (PVOID)lpPFInfo );
|
|
|
|
} else {
|
|
|
|
for ( pEntry = CacheTable.MruList.Flink;
|
|
pEntry != &CacheTable.MruList;
|
|
pEntry = pNextEntry ) {
|
|
|
|
pNextEntry = pEntry->Flink;
|
|
|
|
pCacheTmp = CONTAINING_RECORD( pEntry, CACHE_OBJECT, MruList );
|
|
|
|
ASSERT( pCacheTmp->Signature == CACHE_OBJ_SIGNATURE );
|
|
|
|
if ( pCacheTmp != cache ) {
|
|
continue;
|
|
}
|
|
|
|
if ( !RemoveCacheObjFromLists( cache, FALSE ) ) {
|
|
ASSERT( FALSE );
|
|
continue;
|
|
}
|
|
|
|
result = TRUE;
|
|
|
|
break;
|
|
}
|
|
}
|
|
|
|
LeaveCriticalSection( &csVirtualRoots );
|
|
LeaveCriticalSection( &CacheTable.CriticalSection );
|
|
|
|
if ( result ) {
|
|
TsDereferenceCacheObj( cache, TRUE );
|
|
}
|
|
} else {
|
|
if ( pbhBlob->pfnFreeRoutine ) {
|
|
bSuccess = pbhBlob->pfnFreeRoutine( (PVOID)lpPFInfo );
|
|
} else {
|
|
bSuccess = TRUE;
|
|
}
|
|
|
|
if ( bSuccess ) {
|
|
//
|
|
// Free the memory used by the Blob.
|
|
//
|
|
|
|
FREE( pbhBlob );
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
dllexp
|
|
BOOL
|
|
TsDeleteOnClose(PW3_URI_INFO pURIInfo,
|
|
HANDLE OpeningUser,
|
|
BOOL *fDeleted)
|
|
{
|
|
PPHYS_OPEN_FILE_INFO lpPFInfo;
|
|
LPTS_OPEN_FILE_INFO lpOpenFile;
|
|
BYTE psFile[SIZE_PRIVILEGE_SET];
|
|
DWORD dwPS;
|
|
DWORD dwGrantedAccess;
|
|
BOOL fAccess;
|
|
|
|
if ( DisableSPUD || pURIInfo == NULL ) {
|
|
return FALSE;
|
|
}
|
|
|
|
#if 0
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsDeleteOnClose(%08lx) - Waiting On hFileEvent!\n", pURIInfo ));
|
|
}
|
|
WaitForSingleObject( pURIInfo->hFileEvent, (DWORD)(-1) );
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsDeleteOnClose(%08lx) - Returned from Waiting On hFileEvent!\n", pURIInfo ));
|
|
}
|
|
|
|
lpOpenFile = pURIInfo->pOpenFileInfo;
|
|
if ( lpOpenFile == NULL ) {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsDeleteOnClose(%08lx) - lpOpenFile == NULL!\n", pURIInfo ));
|
|
}
|
|
return FALSE;
|
|
}
|
|
|
|
*fDeleted = FALSE;
|
|
lpPFInfo = lpOpenFile->QueryPhysFileInfo();
|
|
if ( lpPFInfo->fIsCached && lpPFInfo->fSecurityDescriptor ) {
|
|
dwPS = sizeof(psFile);
|
|
((PRIVILEGE_SET*)&psFile)->PrivilegeCount = 0;
|
|
if ( AccessCheck(
|
|
lpPFInfo->abSecurityDescriptor,
|
|
OpeningUser,
|
|
FILE_GENERIC_READ | FILE_GENERIC_WRITE,
|
|
&g_gmFile,
|
|
(PRIVILEGE_SET*)psFile,
|
|
&dwPS,
|
|
&dwGrantedAccess,
|
|
&fAccess) ) {
|
|
if ( fAccess ) {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsDeleteOnClose(%08lx) - Marking file for delete!\n", lpPFInfo ));
|
|
}
|
|
lpPFInfo->fDeleteOnClose = TRUE;
|
|
*fDeleted = TRUE;
|
|
}
|
|
}
|
|
} else {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsDeleteOnClose(%08lx) - !fIsCached || !fSecurityDescriptor\n", lpPFInfo ));
|
|
}
|
|
return FALSE;
|
|
}
|
|
#endif //!oplock
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
BOOL
|
|
TsAccessCheck(
|
|
IN PPHYS_OPEN_FILE_INFO pFile,
|
|
IN HANDLE hUser
|
|
)
|
|
|
|
/*+++
|
|
|
|
TsAccessCheck
|
|
|
|
This routine validates that the user identified by hUser has permissions
|
|
to access the file associated with the input physical file open structure.
|
|
We use the cached security descriptor in pFile to do so if we can;
|
|
otherwise we'll try and read the security descriptor first.
|
|
|
|
Arguments:
|
|
|
|
pFile - A pointer to the physical file open structure
|
|
identifying the file.
|
|
|
|
hUser - User access token to be checked.
|
|
|
|
Returns:
|
|
|
|
TRUE if the file can be accessed, FALSE otherwise.
|
|
|
|
---*/
|
|
{
|
|
|
|
PSECURITY_DESCRIPTOR pSecDesc;
|
|
BOOL bHaveAccess;
|
|
CHAR cBuffer[SIZE_PRIVILEGE_SET];
|
|
DWORD dwPSSize;
|
|
PPRIVILEGE_SET pPS;
|
|
DWORD dwGrantedAccess;
|
|
|
|
|
|
// See if we've got a cached security descriptor; if not, read one
|
|
// from the file.
|
|
|
|
if ( !pFile->fSecurityDescriptor )
|
|
{
|
|
DWORD dwError;
|
|
DWORD dwInputSize;
|
|
DWORD dwSizeNeeded;
|
|
|
|
// Don't have one cached, need to read one. Allocate a buffer and
|
|
// set up the basic information we need for this call.
|
|
|
|
dwInputSize = SECURITY_DESC_DEFAULT_SIZE;
|
|
pSecDesc = (PSECURITY_DESCRIPTOR)ALLOC( dwInputSize );
|
|
|
|
if ( pSecDesc == NULL )
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
for (;;)
|
|
{
|
|
// Try and read the security descriptor. If we can, then we're done
|
|
// with this loop.
|
|
if ( GetKernelObjectSecurity(
|
|
pFile->hOpenFile,
|
|
OWNER_SECURITY_INFORMATION |
|
|
GROUP_SECURITY_INFORMATION |
|
|
DACL_SECURITY_INFORMATION,
|
|
pSecDesc,
|
|
dwInputSize,
|
|
&dwSizeNeeded ) )
|
|
{
|
|
break;
|
|
}
|
|
|
|
// Couldn't read it. If it happened because our buffer was too
|
|
// small, allocate a bigger one and try again. Otherwise so other
|
|
// error happened. In that case we can't read the descriptor, so
|
|
// return failure.
|
|
|
|
dwError = GetLastError();
|
|
|
|
FREE( pSecDesc ); // Don't need this anymore, in any case.
|
|
|
|
if ( dwError != ERROR_INSUFFICIENT_BUFFER )
|
|
{
|
|
// Some other error, fail.
|
|
|
|
return FALSE;
|
|
}
|
|
|
|
// Now try and allocate a buffer of the size the API said we need.
|
|
|
|
dwInputSize = dwSizeNeeded;
|
|
|
|
pSecDesc = (PSECURITY_DESCRIPTOR)ALLOC( dwInputSize );
|
|
|
|
if ( pSecDesc == NULL )
|
|
{
|
|
return FALSE;
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
// Have one cached, use that.
|
|
pSecDesc = pFile->abSecurityDescriptor;
|
|
}
|
|
|
|
// Have a security descriptor now, so do the check.
|
|
|
|
pPS = (PPRIVILEGE_SET)cBuffer;
|
|
dwPSSize = SIZE_PRIVILEGE_SET;
|
|
pPS->PrivilegeCount = 0;
|
|
|
|
if (
|
|
!AccessCheck(
|
|
pSecDesc,
|
|
hUser,
|
|
FILE_GENERIC_READ,
|
|
&g_gmFile,
|
|
pPS,
|
|
&dwPSSize,
|
|
&dwGrantedAccess,
|
|
&bHaveAccess )
|
|
)
|
|
{
|
|
bHaveAccess = FALSE;
|
|
}
|
|
|
|
// Free our temporary buffer if neccessary.
|
|
|
|
if ( !pFile->fSecurityDescriptor )
|
|
{
|
|
FREE( pSecDesc );
|
|
}
|
|
|
|
return bHaveAccess;
|
|
}
|
|
|
|
dllexp
|
|
LPTS_OPEN_FILE_INFO
|
|
TsCreateFile(
|
|
IN const TSVC_CACHE &TSvcCache,
|
|
IN LPCSTR pszName,
|
|
IN HANDLE OpeningUser,
|
|
IN DWORD dwOptions
|
|
)
|
|
{
|
|
HANDLE hFile;
|
|
PVOID pvBlob;
|
|
PPHYS_OPEN_FILE_INFO lpPFInfo;
|
|
LPTS_OPEN_FILE_INFO lpOpenFile;
|
|
POPLOCK_OBJECT lpOplock;
|
|
BOOL bSuccess;
|
|
BOOL fAtRoot;
|
|
BOOL fImpersonated = FALSE;
|
|
DWORD dwSecDescSize;
|
|
DWORD dwReadN;
|
|
SECURITY_INFORMATION si
|
|
= OWNER_SECURITY_INFORMATION
|
|
| GROUP_SECURITY_INFORMATION
|
|
| DACL_SECURITY_INFORMATION;
|
|
PSECURITY_DESCRIPTOR abSecDesc;
|
|
BOOL fDoReadObjectSecurity;
|
|
BOOL fObjectSecurityPresent;
|
|
BOOL fOplockSucceeded = TRUE;
|
|
SECURITY_ATTRIBUTES sa;
|
|
BOOL fPhysFileCacheHit = FALSE;
|
|
BOOL fNoCanon = (dwOptions & TS_USE_WIN32_CANON) == 0;
|
|
BOOL fAccess;
|
|
DWORD dwGrantedAccess;
|
|
DWORD dwPS;
|
|
DWORD cch;
|
|
DWORD cbPrefix;
|
|
LPCSTR pszPath;
|
|
WCHAR awchPath[MAX_PATH+8+1];
|
|
BYTE psFile[SIZE_PRIVILEGE_SET];
|
|
BOOL fDontUseSpud = (DisableSPUD || !fNoCanon);
|
|
DWORD err;
|
|
|
|
//
|
|
// Mask out options that are not applicable
|
|
//
|
|
|
|
dwOptions &= TsValidCreateFileOptions;
|
|
if ( TsIsWindows95() ) {
|
|
dwOptions |= (TS_NO_ACCESS_CHECK | TS_DONT_CACHE_ACCESS_TOKEN);
|
|
}
|
|
|
|
//
|
|
// Have we cached a handle to this file?
|
|
//
|
|
|
|
if ( dwOptions & TS_CACHING_DESIRED )
|
|
{
|
|
|
|
bSuccess = TsCheckOutCachedBlob( TSvcCache,
|
|
pszName,
|
|
RESERVED_DEMUX_OPEN_FILE,
|
|
&pvBlob );
|
|
|
|
if ( bSuccess )
|
|
{
|
|
|
|
ASSERT( BLOB_IS_OR_WAS_CACHED( pvBlob ) );
|
|
|
|
//
|
|
// The following is a brutal casting of PVOID to C++ object
|
|
// Well. there is no way to extract the object clearly from the
|
|
// memory map :(
|
|
//
|
|
|
|
lpOpenFile = (LPTS_OPEN_FILE_INFO )pvBlob;
|
|
|
|
//
|
|
// Make sure the user tokens match
|
|
//
|
|
|
|
if ( (OpeningUser == lpOpenFile->QueryOpeningUser()
|
|
&& NULL != lpOpenFile->QueryOpeningUser())
|
|
|| (dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
ASSERT ( lpOpenFile->IsValid());
|
|
TSUNAMI_TRACE( TRACE_OPENFILE_REFERENCE, lpOpenFile );
|
|
|
|
return( lpOpenFile);
|
|
}
|
|
|
|
//
|
|
// User token doesn't match
|
|
//
|
|
|
|
if ( !g_fCacheSecDesc )
|
|
{
|
|
//
|
|
// Check in object, will have to
|
|
// open the file with the new user access token
|
|
//
|
|
|
|
bSuccess = TsCheckInCachedBlob( pvBlob );
|
|
|
|
ASSERT( bSuccess );
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// attempt to validate access using cached
|
|
// security descriptor
|
|
//
|
|
|
|
if ( lpOpenFile->IsSecurityDescriptorValid() )
|
|
{
|
|
dwPS = sizeof( psFile );
|
|
((PRIVILEGE_SET*)&psFile)->PrivilegeCount = 0;
|
|
|
|
if ( !AccessCheck(
|
|
lpOpenFile->GetSecurityDescriptor(),
|
|
OpeningUser,
|
|
FILE_GENERIC_READ,
|
|
&g_gmFile,
|
|
(PRIVILEGE_SET*)psFile,
|
|
&dwPS,
|
|
&dwGrantedAccess,
|
|
&fAccess ) )
|
|
{
|
|
DBGPRINTF(( DBG_CONTEXT,
|
|
"[TsCreateFile]: AccessCheck failed, error %d\n",
|
|
GetLastError() ));
|
|
|
|
fAccess = FALSE;
|
|
}
|
|
|
|
if ( fAccess )
|
|
{
|
|
return( lpOpenFile );
|
|
}
|
|
}
|
|
|
|
//
|
|
// not validated using cached information
|
|
//
|
|
|
|
bSuccess = TsCheckInCachedBlob( pvBlob );
|
|
|
|
ASSERT( bSuccess );
|
|
|
|
if ( lpOpenFile->IsSecurityDescriptorValid() )
|
|
{
|
|
return( NULL );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if ( TsIsWindows95() )
|
|
{
|
|
fNoCanon = FALSE;
|
|
}
|
|
|
|
fDoReadObjectSecurity = FALSE;
|
|
|
|
sa.nLength = sizeof(sa);
|
|
sa.lpSecurityDescriptor = NULL;
|
|
sa.bInheritHandle = FALSE;
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - Calling TsCheckOutCachedPhysFile\n", pszName ));
|
|
}
|
|
|
|
fPhysFileCacheHit = TsCheckOutCachedPhysFile( TSvcCache,
|
|
pszName,
|
|
(VOID **)&lpPFInfo );
|
|
|
|
while (fPhysFileCacheHit)
|
|
{
|
|
DWORD dwLastError;
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
WAIT_FOR_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
|
|
hFile = lpPFInfo->hOpenFile;
|
|
|
|
if (hFile != INVALID_HANDLE_VALUE)
|
|
{
|
|
break;
|
|
}
|
|
|
|
dwLastError = lpPFInfo->dwLastError;
|
|
|
|
if (dwLastError != ERROR_FILE_NOT_FOUND &&
|
|
dwLastError != ERROR_PATH_NOT_FOUND &&
|
|
dwLastError != ERROR_INVALID_NAME )
|
|
{
|
|
fPhysFileCacheHit = TsReInitPhysFile(lpPFInfo);
|
|
}
|
|
else
|
|
{
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError(dwLastError);
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
if ( fPhysFileCacheHit )
|
|
{
|
|
|
|
DBG_ASSERT( hFile != INVALID_HANDLE_VALUE );
|
|
|
|
abSecDesc = lpPFInfo->abSecurityDescriptor;
|
|
dwSecDescSize = lpPFInfo->cbSecDescMaxSize;
|
|
fObjectSecurityPresent = lpPFInfo->fSecurityDescriptor;
|
|
|
|
//
|
|
// We've got a file handle from the cache. If we're doing access
|
|
// checking make sure we can use it.
|
|
//
|
|
if (!(dwOptions & TS_NO_ACCESS_CHECK))
|
|
{
|
|
if ( !TsAccessCheck(lpPFInfo, OpeningUser) )
|
|
{
|
|
// Don't have permission to use this handle, so fail.
|
|
//
|
|
TsCheckInOrFree( (PVOID)lpPFInfo );
|
|
SetLastError(ERROR_ACCESS_DENIED);
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
if ( lpPFInfo == NULL ) {
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
return NULL;
|
|
}
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
|
|
if ( (dwOptions & TS_NOT_IMPERSONATED) &&
|
|
!(dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
if ( !::ImpersonateLoggedOnUser( OpeningUser ) )
|
|
{
|
|
DBGPRINTF(( DBG_CONTEXT,
|
|
"ImpersonateLoggedOnUser[%d] failed with %d\n",
|
|
OpeningUser, GetLastError()));
|
|
|
|
err = lpPFInfo->dwLastError;
|
|
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
|
|
SetLastError( err );
|
|
return NULL;
|
|
}
|
|
fImpersonated = TRUE;
|
|
}
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - Not in cache, Opening!\n", pszName ));
|
|
}
|
|
|
|
abSecDesc = lpPFInfo->abSecurityDescriptor;
|
|
dwSecDescSize = lpPFInfo->cbSecDescMaxSize;
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - abSecDesc = %08lx, size = %08lx\n", pszName, abSecDesc, SECURITY_DESC_DEFAULT_SIZE ));
|
|
}
|
|
|
|
if ( abSecDesc == NULL ) {
|
|
if( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
return( NULL );
|
|
}
|
|
|
|
if ( fNoCanon )
|
|
{
|
|
if ( (pszName[0] == '\\') && (pszName[1] == '\\') )
|
|
{
|
|
CopyMemory(
|
|
awchPath,
|
|
L"\\\\?\\UNC\\",
|
|
(sizeof("\\\\?\\UNC\\")-1) * sizeof(WCHAR)
|
|
);
|
|
|
|
cbPrefix = sizeof("\\\\?\\UNC\\")-1;
|
|
pszPath = pszName + sizeof( "\\\\" ) -1;
|
|
}
|
|
else
|
|
{
|
|
CopyMemory(
|
|
awchPath,
|
|
L"\\\\?\\",
|
|
(sizeof("\\\\?\\")-1) * sizeof(WCHAR)
|
|
);
|
|
|
|
cbPrefix = sizeof("\\\\?\\")-1;
|
|
pszPath = pszName;
|
|
}
|
|
|
|
cch = MultiByteToWideChar( CP_ACP,
|
|
MB_PRECOMPOSED,
|
|
pszPath,
|
|
-1,
|
|
awchPath + cbPrefix,
|
|
sizeof(awchPath)/sizeof(WCHAR) - cbPrefix );
|
|
if ( !cch )
|
|
{
|
|
hFile = INVALID_HANDLE_VALUE;
|
|
}
|
|
else
|
|
{
|
|
if ( (pszName[1] == ':') && (pszName[2] == '\0') )
|
|
{
|
|
wcscat( awchPath, L"\\" );
|
|
}
|
|
|
|
sa.nLength = sizeof(sa);
|
|
sa.lpSecurityDescriptor = NULL;
|
|
sa.bInheritHandle = FALSE;
|
|
|
|
#if 1
|
|
// if ( fDontUseSpud ) {
|
|
hFile = CreateFileW( awchPath,
|
|
GENERIC_READ,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
OPEN_EXISTING,
|
|
TsCreateFileFlags,
|
|
NULL );
|
|
#else
|
|
} else {
|
|
lpOplock = ( POPLOCK_OBJECT )LocalAlloc(LPTR, sizeof(OPLOCK_OBJECT));
|
|
|
|
if ( lpOplock == NULL ) {
|
|
DBGPRINTF((DBG_CONTEXT,"LocalAlloc lpOplock[%s] failed with %d\n",
|
|
pszName, GetLastError()));
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
|
|
ASSERT( !fImpersonated );
|
|
return( NULL );
|
|
}
|
|
|
|
lpOplock->Signature = OPLOCK_OBJ_SIGNATURE;
|
|
lpOplock->lpPFInfo = NULL;
|
|
lpOplock->hOplockInitComplete = IIS_CREATE_EVENT(
|
|
"OPLOCK_OBJECT::hOplockInitComplete",
|
|
lpOplock,
|
|
TRUE,
|
|
FALSE
|
|
);
|
|
|
|
hFile = AtqCreateFileW( awchPath,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
TsCreateFileFlags,
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)abSecDesc,
|
|
( ( g_fCacheSecDesc
|
|
&& !(dwOptions & TS_NO_ACCESS_CHECK)
|
|
&& (dwOptions & TS_CACHING_DESIRED) ) ?
|
|
SECURITY_DESC_DEFAULT_SIZE : 0 ),
|
|
&dwSecDescSize,
|
|
OplockCreateFile,
|
|
(PVOID)lpOplock );
|
|
}
|
|
#endif //!oplock
|
|
}
|
|
}
|
|
else
|
|
{
|
|
hFile = CreateFile( pszName,
|
|
GENERIC_READ,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
OPEN_EXISTING,
|
|
TsCreateFileFlags,
|
|
NULL );
|
|
}
|
|
|
|
//
|
|
// If we're supposed to cache the security descriptor, do so now.
|
|
// This should only be done once, by the thread intializing the physical
|
|
// file entry.
|
|
//
|
|
|
|
if (DisableSPUD && hFile != INVALID_HANDLE_VALUE)
|
|
{
|
|
if ( g_fCacheSecDesc )
|
|
{
|
|
DWORD dwInputSize;
|
|
|
|
dwInputSize = dwSecDescSize;
|
|
|
|
// Loop, reading the security info each time, until we either
|
|
// read it succesfully, are unable to allocate a big enough buffer,
|
|
// or get some error other than buffer too smal.
|
|
|
|
for (;;)
|
|
{
|
|
|
|
if ( GetKernelObjectSecurity(
|
|
hFile,
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)lpPFInfo->abSecurityDescriptor,
|
|
dwInputSize,
|
|
&dwSecDescSize ) )
|
|
{
|
|
lpPFInfo->fSecurityDescriptor = TRUE ;
|
|
fObjectSecurityPresent = TRUE;
|
|
abSecDesc = (PSECURITY_DESCRIPTOR)lpPFInfo->abSecurityDescriptor;
|
|
dwSecDescSize = dwInputSize;
|
|
break;
|
|
}
|
|
|
|
// Had some sort of error on the attempt to get the security
|
|
// descriptor.
|
|
|
|
if ( GetLastError() == ERROR_INSUFFICIENT_BUFFER )
|
|
{
|
|
|
|
// Need a bigger buffer for the descriptor.
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile() - Realloc Security Desc !!!\n" ));
|
|
}
|
|
|
|
FREE( lpPFInfo->abSecurityDescriptor );
|
|
lpPFInfo->abSecurityDescriptor = (PSECURITY_DESCRIPTOR)ALLOC( dwSecDescSize );
|
|
|
|
if ( lpPFInfo->abSecurityDescriptor == NULL )
|
|
{
|
|
CloseHandle( hFile );
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
|
|
if ( fImpersonated )
|
|
{
|
|
::RevertToSelf();
|
|
}
|
|
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
return NULL;
|
|
}
|
|
|
|
dwInputSize = dwSecDescSize;
|
|
|
|
} else
|
|
{
|
|
// This wasn't too small a buffer, so quit trying.
|
|
|
|
dwSecDescSize = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - SECURITY_DESC_DEFAULT_SIZE = %08lx, dwSecDescSize = %08lx\n",
|
|
pszName, SECURITY_DESC_DEFAULT_SIZE, dwSecDescSize ));
|
|
}
|
|
|
|
if ( hFile == INVALID_HANDLE_VALUE )
|
|
{
|
|
DBGPRINTF((DBG_CONTEXT,"CreateFile[%s] failed with %d\n",
|
|
pszName, GetLastError()));
|
|
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
lpPFInfo->dwLastError = GetLastError();
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
err = lpPFInfo->dwLastError;
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError( err );
|
|
return( NULL );
|
|
}
|
|
|
|
|
|
if ( !fDontUseSpud ) {
|
|
|
|
if ( GetLastError() != ERROR_SUCCESS || fPhysFileCacheHit ) {
|
|
fOplockSucceeded = FALSE;
|
|
}
|
|
if ( fPhysFileCacheHit || (dwSecDescSize == SECURITY_DESC_DEFAULT_SIZE ) ) {
|
|
fObjectSecurityPresent = TRUE;
|
|
lpPFInfo->fSecurityDescriptor = TRUE ;
|
|
} else {
|
|
if ( dwSecDescSize > SECURITY_DESC_DEFAULT_SIZE ) {
|
|
fDoReadObjectSecurity = TRUE;
|
|
|
|
dwSecDescSize = ( (dwSecDescSize + SECURITY_DESC_GRANULARITY - 1)
|
|
/ SECURITY_DESC_GRANULARITY )
|
|
* SECURITY_DESC_GRANULARITY;
|
|
|
|
} else {
|
|
dwSecDescSize = 0;
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//
|
|
// Increment the miss count after we've confirmed it's a valid resource
|
|
//
|
|
|
|
bSuccess = TsAllocateEx( TSvcCache,
|
|
sizeof( TS_OPEN_FILE_INFO ),
|
|
&pvBlob,
|
|
DisposeOpenFileInfo );
|
|
|
|
if ( !bSuccess )
|
|
{
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
return( NULL );
|
|
}
|
|
|
|
lpOpenFile = (LPTS_OPEN_FILE_INFO)pvBlob;
|
|
|
|
if ( !fPhysFileCacheHit )
|
|
{
|
|
lpPFInfo->hOpenFile = hFile;
|
|
if (BLOB_IS_OR_WAS_CACHED( lpPFInfo ))
|
|
{
|
|
INC_COUNTER( TSvcCache.GetServiceId(), CurrentOpenFileHandles );
|
|
}
|
|
}
|
|
|
|
#if 0
|
|
if ( !fDontUseSpud && !fPhysFileCacheHit ) {
|
|
if ( fOplockSucceeded ) {
|
|
lpOplock->lpPFInfo = lpPFInfo;
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
} else {
|
|
dwOptions &= ~TS_CACHING_DESIRED;
|
|
}
|
|
}
|
|
#endif //!oplock
|
|
|
|
//
|
|
// The file must be fully qualified so it must be at least three characters
|
|
// plus the terminator
|
|
//
|
|
|
|
fAtRoot = (pszName[1] == ':' &&
|
|
((pszName[2] == '\\' && pszName[3] == '\0')
|
|
|| (pszName[2] == '\0')) );
|
|
|
|
bSuccess = lpOpenFile->SetFileInfo( lpPFInfo,
|
|
(dwOptions & TS_DONT_CACHE_ACCESS_TOKEN) ? NULL : OpeningUser,
|
|
fAtRoot,
|
|
dwSecDescSize );
|
|
|
|
if (!fDontUseSpud)
|
|
InsertHeadPhysFile( lpPFInfo, pvBlob );
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
//
|
|
// Check if security descriptor to be read.
|
|
// Failure to read it will not make TsCreateFile to fail :
|
|
// security descriptor size may have grown since previous call
|
|
//
|
|
|
|
if ( fDoReadObjectSecurity )
|
|
{
|
|
|
|
FREE( abSecDesc );
|
|
abSecDesc = (PSECURITY_DESCRIPTOR)ALLOC( dwSecDescSize );
|
|
lpPFInfo->abSecurityDescriptor = abSecDesc;
|
|
bSuccess = lpOpenFile->SetFileInfo( lpPFInfo,
|
|
(dwOptions & TS_DONT_CACHE_ACCESS_TOKEN) ? NULL : OpeningUser,
|
|
fAtRoot,
|
|
dwSecDescSize );
|
|
|
|
if ( GetKernelObjectSecurity(
|
|
hFile,
|
|
si,
|
|
lpOpenFile->GetSecurityDescriptor(),
|
|
dwSecDescSize,
|
|
&dwReadN ) )
|
|
{
|
|
sec_succ:
|
|
lpOpenFile->SetSecurityDescriptorValid( TRUE );
|
|
|
|
}
|
|
else
|
|
{
|
|
ASSERT( GetLastError() != 0 );
|
|
}
|
|
}
|
|
else if ( fObjectSecurityPresent )
|
|
{
|
|
goto sec_succ;
|
|
}
|
|
|
|
if ( !bSuccess)
|
|
{
|
|
|
|
//
|
|
// Error in setting up the file information.
|
|
//
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
|
|
#if 0
|
|
if ( !fDontUseSpud && fOplockSucceeded ) {
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif //oplock
|
|
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
err = lpPFInfo->dwLastError;
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError( err );
|
|
return ( NULL);
|
|
}
|
|
|
|
//
|
|
// If this is a UNC connection check and make sure we haven't exceeded
|
|
// the maximum UNC handles we will cache (SMB FID limits count to 2048)
|
|
//
|
|
|
|
if ( !g_fDisableCaching &&
|
|
(dwOptions & TS_CACHING_DESIRED ) &&
|
|
(cCachedUNCHandles < MAX_CACHED_UNC_HANDLES ||
|
|
pszName[1] != '\\') )
|
|
{
|
|
bSuccess = TsCacheDirectoryBlob( TSvcCache,
|
|
pszName,
|
|
RESERVED_DEMUX_OPEN_FILE,
|
|
pvBlob,
|
|
TRUE );
|
|
|
|
//
|
|
// Only count it if we successfully added the item to the
|
|
// cache
|
|
//
|
|
|
|
if ( bSuccess )
|
|
{
|
|
if ( pszName[1] == '\\' )
|
|
{
|
|
InterlockedIncrement( (LONG *) &cCachedUNCHandles );
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
else
|
|
{
|
|
//
|
|
// Too many cached UNC handles, don't cache it. It would be nice
|
|
// to do an LRU for these handles but it's probably not generally
|
|
// worth it
|
|
//
|
|
|
|
bSuccess = FALSE;
|
|
}
|
|
|
|
#if DBG
|
|
if ( !bSuccess )
|
|
{
|
|
ASSERT( !BLOB_IS_OR_WAS_CACHED( pvBlob ) );
|
|
}
|
|
else
|
|
{
|
|
ASSERT( BLOB_IS_OR_WAS_CACHED( pvBlob ) );
|
|
}
|
|
#endif
|
|
if ( !fPhysFileCacheHit ) {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - Not in cache, Open Complete Causing Event!\n", pszName ));
|
|
}
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
|
|
#if 0
|
|
if ( !fDontUseSpud && fOplockSucceeded ) {
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif //!oplock
|
|
|
|
} else {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFile(%s) - Already in cache, Open Complete!\n", pszName ));
|
|
}
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
TSUNAMI_TRACE( TRACE_OPENFILE_CREATE, lpOpenFile );
|
|
return( lpOpenFile );
|
|
|
|
} // TsCreateFile
|
|
|
|
|
|
|
|
dllexp
|
|
LPTS_OPEN_FILE_INFO
|
|
TsCreateFileFromURI(
|
|
IN const TSVC_CACHE &TSvcCache,
|
|
IN PW3_URI_INFO pURIInfo,
|
|
IN HANDLE OpeningUser,
|
|
IN DWORD dwOptions,
|
|
IN DWORD *dwError
|
|
)
|
|
|
|
/*+++
|
|
|
|
TsCreateFileFromURI
|
|
|
|
This routine takes a (checked out) URI block and retrieves a file
|
|
handle from it. If the file handle in the URI info block is valid and
|
|
we have the right security for it, we'll use that. Otherwise if it's
|
|
invalid we'll create a valid handle and save it. If it's valid but we
|
|
don't have security for it we'll open a new handle but not cache it.
|
|
|
|
Not caching a new handle may become a performance problem in the future
|
|
if authenticated file access becomes common. There are several possible
|
|
solutions to this problem if this occurs. One would be to have a list
|
|
of cached TS_OPEN_FILE_INFO class structures chained off the URI block,
|
|
one for each 'distinct' security class, and then select the best one to
|
|
return. Another would be to have a second level of cache, i.e. put the
|
|
URI blocks in a second hash table and keep one OPEN_FILE_INFO in the
|
|
URI block, looking up other in the other hash table if we need to. Any
|
|
solution would have to exhibit the property of being able to handle
|
|
mapping from a single URI to multiple file handles.
|
|
|
|
Arguments:
|
|
|
|
TsvcCache -
|
|
pURIInfo - A pointer to the URI block from which we're to derive
|
|
file information.
|
|
OpeningUser - A handle identifying the opening used.
|
|
dwOptions - A set of options indicating how we're to open the file.
|
|
|
|
Returns:
|
|
|
|
A pointer to a TS_OPEN_FILE_INFO class structure if we're succesfull,
|
|
or NULL if we're not.
|
|
---*/
|
|
|
|
{
|
|
HANDLE hFile = INVALID_HANDLE_VALUE;
|
|
LPTS_OPEN_FILE_INFO lpOpenFile;
|
|
POPLOCK_OBJECT lpOplock;
|
|
BOOL fAtRoot;
|
|
BOOL bSuccess;
|
|
PVOID pvBlob;
|
|
PPHYS_OPEN_FILE_INFO lpPFInfo;
|
|
BOOL fImpersonated = FALSE;
|
|
BOOL SPUDdidCall = FALSE;
|
|
DWORD dwSecDescSize;
|
|
BOOL fOplockSucceeded = FALSE;
|
|
SECURITY_INFORMATION si
|
|
= OWNER_SECURITY_INFORMATION
|
|
| GROUP_SECURITY_INFORMATION
|
|
| DACL_SECURITY_INFORMATION;
|
|
SECURITY_ATTRIBUTES sa;
|
|
BOOL fPhysFileCacheHit = FALSE;
|
|
BOOL fNoCanon = (dwOptions & TS_USE_WIN32_CANON) == 0;
|
|
BOOL fAccess;
|
|
DWORD dwGrantedAccess;
|
|
DWORD dwPS;
|
|
DWORD cch;
|
|
DWORD cbPrefix;
|
|
LPCSTR pszPath;
|
|
PCHAR pName;
|
|
DWORD dwInputSize;
|
|
WCHAR awchPath[MAX_PATH+8+1];
|
|
BYTE psFile[SIZE_PRIVILEGE_SET];
|
|
|
|
AcIncrement( CacOpenURI);
|
|
|
|
ASSERT(pURIInfo != NULL);
|
|
|
|
//
|
|
// Mask out options that are not applicable
|
|
//
|
|
|
|
dwOptions &= TsValidCreateFileOptions;
|
|
|
|
if ( TsIsWindows95() ) {
|
|
dwOptions |= (TS_NO_ACCESS_CHECK | TS_DONT_CACHE_ACCESS_TOKEN);
|
|
}
|
|
|
|
*dwError = pURIInfo->dwFileOpenError;
|
|
|
|
// Check to see if the open file info is valid. If it it, try to use it.
|
|
|
|
if ( pURIInfo->bFileInfoValid )
|
|
{
|
|
|
|
|
|
// Get the open file info. If it's non-NULL (the file exists)
|
|
// see if we have permission to access it.
|
|
|
|
lpOpenFile = pURIInfo->pOpenFileInfo;
|
|
|
|
//
|
|
// Make sure the user tokens match, or that lpOpenFile is NULL.
|
|
// In the latter case the file doesn't exist - this is a negative
|
|
// hit.
|
|
//
|
|
|
|
if ( ( lpOpenFile == NULL ) ||
|
|
(OpeningUser == lpOpenFile->QueryOpeningUser()
|
|
&& lpOpenFile->QueryOpeningUser() != NULL)
|
|
|| (dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
|
|
return( lpOpenFile);
|
|
}
|
|
|
|
//
|
|
// User token doesn't match
|
|
//
|
|
|
|
if ( g_fCacheSecDesc )
|
|
{
|
|
|
|
//
|
|
// attempt to validate access using cached
|
|
// security descriptor
|
|
//
|
|
|
|
if ( lpOpenFile->IsSecurityDescriptorValid() )
|
|
{
|
|
dwPS = sizeof( psFile );
|
|
((PRIVILEGE_SET*)&psFile)->PrivilegeCount = 0;
|
|
|
|
if ( !AccessCheck(
|
|
lpOpenFile->GetSecurityDescriptor(),
|
|
OpeningUser,
|
|
FILE_GENERIC_READ,
|
|
&g_gmFile,
|
|
(PRIVILEGE_SET*)psFile,
|
|
&dwPS,
|
|
&dwGrantedAccess,
|
|
&fAccess ) )
|
|
{
|
|
DBGPRINTF(( DBG_CONTEXT,
|
|
"[TsCreateFileFromURI]: AccessCheck failed, \
|
|
error %d\n",
|
|
GetLastError() ));
|
|
|
|
fAccess = FALSE;
|
|
}
|
|
|
|
// See if we have access to the file. If we get here we know
|
|
// we have a valid security descriptor, so if we didn't get
|
|
// access on this check then there's no point in attemptint to
|
|
// open the file.
|
|
|
|
if ( fAccess )
|
|
{
|
|
return( lpOpenFile );
|
|
}
|
|
else
|
|
{
|
|
*dwError = GetLastError();
|
|
|
|
return NULL;
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
|
|
// At this point, either the file info in the structure isn't
|
|
// valid, or we're not allowed to cache security descriptors, or
|
|
// the cache descriptor isn't valid. In any of these cases we need
|
|
// to try to open the file. If this succeeds and the file info in the
|
|
// URI block isn't valid, save the newly opened file info there.
|
|
//
|
|
// If we open the file but the file info isn't valid, we'll tag the
|
|
// open file info structure as non cached so that we won't try to
|
|
// check it in later.
|
|
//
|
|
// Since the file info isn't valid, the error we set in *dwError
|
|
// is bad also. All exits from this point on need to make sure to
|
|
// set that to the proper value. We also want to update the cached
|
|
// error in the URI info if we're going to make the file info valid.
|
|
//
|
|
//
|
|
// Now try to open the actual file.
|
|
//
|
|
|
|
if ( TsIsWindows95() )
|
|
{
|
|
fNoCanon = FALSE;
|
|
}
|
|
|
|
sa.nLength = sizeof(sa);
|
|
sa.lpSecurityDescriptor = NULL;
|
|
sa.bInheritHandle = FALSE;
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - Calling TsCheckOutCachedPhysFile\n", pURIInfo->pszName ));
|
|
}
|
|
|
|
fPhysFileCacheHit = TsCheckOutCachedPhysFile( TSvcCache,
|
|
pURIInfo->pszName,
|
|
(VOID **)&lpPFInfo );
|
|
|
|
while (fPhysFileCacheHit)
|
|
{
|
|
DWORD dwLastError;
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
WAIT_FOR_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
|
|
hFile = lpPFInfo->hOpenFile;
|
|
|
|
if (hFile != INVALID_HANDLE_VALUE)
|
|
{
|
|
break;
|
|
}
|
|
|
|
dwLastError = lpPFInfo->dwLastError;
|
|
|
|
if (dwLastError != ERROR_FILE_NOT_FOUND &&
|
|
dwLastError != ERROR_PATH_NOT_FOUND &&
|
|
dwLastError != ERROR_INVALID_NAME )
|
|
{
|
|
fPhysFileCacheHit = TsReInitPhysFile(lpPFInfo);
|
|
}
|
|
else
|
|
{
|
|
TsRemovePhysFile(lpPFInfo);
|
|
SetLastError(dwLastError);
|
|
*dwError = dwLastError;
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
if ( fPhysFileCacheHit )
|
|
{
|
|
|
|
dwSecDescSize = lpPFInfo->cbSecDescMaxSize;
|
|
|
|
DBG_ASSERT(hFile != INVALID_HANDLE_VALUE);
|
|
|
|
//
|
|
// We've got a file handle from the cache. If we're doing access
|
|
// checking make sure we can use it.
|
|
//
|
|
if (!(dwOptions & TS_NO_ACCESS_CHECK))
|
|
{
|
|
if ( !TsAccessCheck(lpPFInfo, OpeningUser) )
|
|
{
|
|
// Don't have permission to use this handle, so fail.
|
|
//
|
|
TsCheckInOrFree( (PVOID)lpPFInfo );
|
|
SetLastError(ERROR_ACCESS_DENIED);
|
|
*dwError = ERROR_ACCESS_DENIED;
|
|
return NULL;
|
|
}
|
|
}
|
|
|
|
} else {
|
|
|
|
if ( lpPFInfo == NULL ) {
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
*dwError = ERROR_NOT_ENOUGH_MEMORY;
|
|
return NULL;
|
|
}
|
|
|
|
ASSERT( lpPFInfo->Signature == PHYS_OBJ_SIGNATURE );
|
|
|
|
//
|
|
// If we're not impersonating right now, do that before we try to
|
|
// open the file.
|
|
//
|
|
|
|
if ( (dwOptions & TS_NOT_IMPERSONATED) &&
|
|
!(dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
if ( !::ImpersonateLoggedOnUser( OpeningUser ) )
|
|
{
|
|
*dwError = GetLastError();
|
|
|
|
DBGPRINTF(( DBG_CONTEXT,
|
|
"ImpersonateLoggedOnUser[%d] failed with %d\n",
|
|
OpeningUser, *dwError));
|
|
|
|
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
return NULL;
|
|
}
|
|
|
|
fImpersonated = TRUE;
|
|
}
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - Not in Cache, Opening!\n", pURIInfo->pszName ));
|
|
}
|
|
|
|
dwSecDescSize = lpPFInfo->cbSecDescMaxSize;
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - lpPFInfo->abSecurityDescriptor = %08lx, size = %08lx\n", pURIInfo->pszName, lpPFInfo->abSecurityDescriptor, SECURITY_DESC_DEFAULT_SIZE ));
|
|
}
|
|
|
|
if ( lpPFInfo->abSecurityDescriptor == NULL ) {
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
|
|
if ( fNoCanon )
|
|
{
|
|
if ( (pURIInfo->pszName[0] == '\\') && (pURIInfo->pszName[1] == '\\') )
|
|
{
|
|
CopyMemory(
|
|
awchPath,
|
|
L"\\\\?\\UNC\\",
|
|
(sizeof("\\\\?\\UNC\\")-1) * sizeof(WCHAR)
|
|
);
|
|
|
|
cbPrefix = sizeof("\\\\?\\UNC\\")-1;
|
|
pszPath = pURIInfo->pszName + sizeof( "\\\\" ) -1;
|
|
}
|
|
else
|
|
{
|
|
CopyMemory(
|
|
awchPath,
|
|
L"\\\\?\\",
|
|
(sizeof("\\\\?\\")-1) * sizeof(WCHAR)
|
|
);
|
|
|
|
cbPrefix = sizeof("\\\\?\\")-1;
|
|
pszPath = pURIInfo->pszName;
|
|
}
|
|
|
|
cch = MultiByteToWideChar( CP_ACP,
|
|
MB_PRECOMPOSED,
|
|
pszPath,
|
|
-1,
|
|
awchPath + cbPrefix,
|
|
sizeof(awchPath)/sizeof(WCHAR) - cbPrefix );
|
|
if ( !cch )
|
|
{
|
|
hFile = INVALID_HANDLE_VALUE;
|
|
}
|
|
else
|
|
{
|
|
if ( (pURIInfo->pszName[1] == ':') && (pURIInfo->pszName[2] == '\0') )
|
|
{
|
|
wcscat( awchPath, L"\\" );
|
|
}
|
|
|
|
sa.nLength = sizeof(sa);
|
|
sa.lpSecurityDescriptor = NULL;
|
|
sa.bInheritHandle = FALSE;
|
|
|
|
#if 1
|
|
//if ( DisableSPUD ) {
|
|
hFile = CreateFileW( awchPath,
|
|
GENERIC_READ,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
OPEN_EXISTING,
|
|
TsCreateFileFlags,
|
|
NULL );
|
|
#else
|
|
} else {
|
|
|
|
if ( g_fCacheSecDesc &&
|
|
!(dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
// Assume we can get by with the default size, and just allocate
|
|
// that.
|
|
|
|
lpOpenFile = ( LPTS_OPEN_FILE_INFO )LocalAlloc(LPTR,
|
|
sizeof(TS_OPEN_FILE_INFO));
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - lpOpenFile = %08lx\n", pURIInfo->pszName, lpOpenFile ));
|
|
}
|
|
|
|
if (lpOpenFile == NULL)
|
|
{
|
|
// Couldn't get the memory we needed, so fail.
|
|
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
lpOpenFile->SetFileInfo( lpPFInfo,
|
|
(dwOptions & TS_DONT_CACHE_ACCESS_TOKEN) ? NULL : OpeningUser,
|
|
FALSE,
|
|
dwSecDescSize );
|
|
|
|
}
|
|
|
|
SPUDdidCall = TRUE;
|
|
|
|
lpOplock = ( POPLOCK_OBJECT )LocalAlloc(LPTR, sizeof(OPLOCK_OBJECT));
|
|
|
|
if ( lpOplock == NULL ) {
|
|
LocalFree( lpOpenFile );
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
lpOplock->Signature = OPLOCK_OBJ_SIGNATURE;
|
|
lpOplock->lpPFInfo = NULL;
|
|
lpOplock->hOplockInitComplete = IIS_CREATE_EVENT(
|
|
"OPLOCK_OBJECT::hOplockInitComplete",
|
|
lpOplock,
|
|
TRUE,
|
|
FALSE
|
|
);
|
|
|
|
hFile = AtqCreateFileW( awchPath,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
TsCreateFileFlags,
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)lpOpenFile->GetSecurityDescriptor(),
|
|
( ( g_fCacheSecDesc
|
|
&& !(dwOptions & TS_NO_ACCESS_CHECK)) ?
|
|
SECURITY_DESC_DEFAULT_SIZE : 0 ),
|
|
&dwSecDescSize,
|
|
OplockCreateFile,
|
|
(PVOID)lpOplock );
|
|
}
|
|
#endif //!oplock
|
|
}
|
|
}
|
|
else
|
|
{
|
|
hFile = CreateFile( pURIInfo->pszName,
|
|
GENERIC_READ,
|
|
TsCreateFileShareMode,
|
|
&sa,
|
|
OPEN_EXISTING,
|
|
TsCreateFileFlags,
|
|
NULL );
|
|
}
|
|
|
|
//
|
|
// If we're supposed to cache the security descriptor, do so now.
|
|
// This should only be done once, by the thread intializing the physical
|
|
// file entry.
|
|
//
|
|
|
|
if (DisableSPUD && hFile != INVALID_HANDLE_VALUE)
|
|
{
|
|
if ( g_fCacheSecDesc )
|
|
{
|
|
dwInputSize = dwSecDescSize;
|
|
|
|
// Loop, reading the security info each time, until we either
|
|
// read it succesfully, are unable to allocate a big enough buffer,
|
|
// or get some error other than buffer too smal.
|
|
|
|
for (;;)
|
|
{
|
|
|
|
if ( GetKernelObjectSecurity(
|
|
hFile,
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)lpPFInfo->abSecurityDescriptor,
|
|
dwInputSize,
|
|
&dwSecDescSize ) )
|
|
{
|
|
lpPFInfo->fSecurityDescriptor = TRUE ;
|
|
dwSecDescSize = dwInputSize;
|
|
break;
|
|
}
|
|
|
|
// Had some sort of error on the attempt to get the security
|
|
// descriptor.
|
|
|
|
if ( GetLastError() == ERROR_INSUFFICIENT_BUFFER )
|
|
{
|
|
|
|
// Need a bigger buffer for the descriptor.
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - Realloc Security Desc !!!\n", pURIInfo->pszName ));
|
|
}
|
|
|
|
FREE( lpPFInfo->abSecurityDescriptor );
|
|
lpPFInfo->abSecurityDescriptor = (PSECURITY_DESCRIPTOR)ALLOC( dwSecDescSize );
|
|
|
|
if ( lpPFInfo->abSecurityDescriptor == NULL )
|
|
{
|
|
CloseHandle( hFile );
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
dwInputSize = dwSecDescSize;
|
|
|
|
} else
|
|
{
|
|
// This wasn't too small a buffer, so quit trying.
|
|
|
|
dwSecDescSize = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if ( hFile != INVALID_HANDLE_VALUE )
|
|
{
|
|
AcIncrement( AacOpenURIFiles);
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
lpPFInfo->hOpenFile = hFile;
|
|
|
|
if (BLOB_IS_OR_WAS_CACHED( lpPFInfo ))
|
|
{
|
|
INC_COUNTER( TSvcCache.GetServiceId(), CurrentOpenFileHandles );
|
|
}
|
|
}
|
|
|
|
//
|
|
// If we're supposed to cache the security descriptor we'll do that
|
|
// now. In order to do this we need to allocate the OPEN_FILE_INFO
|
|
// structure that we'll use.
|
|
//
|
|
|
|
#if 1 // Oplocks are always disabled
|
|
//if ( DisableSPUD ) {
|
|
|
|
lpOpenFile = ( LPTS_OPEN_FILE_INFO )LocalAlloc(LPTR,
|
|
sizeof(TS_OPEN_FILE_INFO));
|
|
|
|
|
|
if (lpOpenFile == NULL)
|
|
{
|
|
// Couldn't get the memory we needed, so fail.
|
|
|
|
goto not_enough_memory;
|
|
}
|
|
#else
|
|
} else {
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
if ( GetLastError() == ERROR_SUCCESS ) {
|
|
fOplockSucceeded = TRUE;
|
|
}
|
|
if ( g_fCacheSecDesc &&
|
|
!(dwOptions & TS_NO_ACCESS_CHECK) )
|
|
{
|
|
dwInputSize = dwSecDescSize;
|
|
|
|
if (dwSecDescSize > SECURITY_DESC_DEFAULT_SIZE ) {
|
|
|
|
PSECURITY_DESCRIPTOR TmpSd;
|
|
|
|
TmpSd = lpOpenFile->GetSecurityDescriptor();
|
|
|
|
FREE( TmpSd );
|
|
TmpSd = (PSECURITY_DESCRIPTOR)ALLOC( dwSecDescSize );
|
|
lpPFInfo->abSecurityDescriptor = TmpSd;
|
|
|
|
if ( TmpSd == NULL )
|
|
{
|
|
LocalFree( lpOpenFile );
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
lpOpenFile->SetFileInfo( lpPFInfo,
|
|
(dwOptions & TS_DONT_CACHE_ACCESS_TOKEN) ? NULL : OpeningUser,
|
|
FALSE,
|
|
dwSecDescSize );
|
|
|
|
// Now loop, reading the security info each time, until we either
|
|
// read it succesfully, are unable to allocate a big enough buffer,
|
|
// or get some error other than buffer too smal.
|
|
|
|
|
|
if ( !GetKernelObjectSecurity(
|
|
hFile,
|
|
si,
|
|
(PSECURITY_DESCRIPTOR)lpOpenFile->GetSecurityDescriptor(),
|
|
dwInputSize,
|
|
&dwSecDescSize ) )
|
|
{
|
|
|
|
// Had some sort of error on the attempt to get the security
|
|
// descriptor.
|
|
|
|
// This wasn't too small a buffer, so quit trying.
|
|
|
|
dwSecDescSize = 0;
|
|
|
|
}
|
|
lpPFInfo->fSecurityDescriptor = TRUE ;
|
|
|
|
} else {
|
|
lpPFInfo->fSecurityDescriptor = TRUE ;
|
|
}
|
|
|
|
} else {
|
|
lpOpenFile = ( LPTS_OPEN_FILE_INFO )LocalAlloc(LPTR,
|
|
sizeof(TS_OPEN_FILE_INFO));
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - lpOpenFile = %08lx\n", pURIInfo->pszName, lpOpenFile ));
|
|
}
|
|
|
|
if (lpOpenFile == NULL)
|
|
{
|
|
// Couldn't get the memory we needed, so fail.
|
|
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
}
|
|
} else {
|
|
lpOpenFile = ( LPTS_OPEN_FILE_INFO )LocalAlloc(LPTR,
|
|
sizeof(TS_OPEN_FILE_INFO));
|
|
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - lpOpenFile = %08lx\n", pURIInfo->pszName, lpOpenFile ));
|
|
}
|
|
|
|
if (lpOpenFile == NULL)
|
|
{
|
|
// Couldn't get the memory we needed, so fail.
|
|
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
}
|
|
}
|
|
#endif //!oplock
|
|
|
|
*dwError = ERROR_SUCCESS;
|
|
lpOpenFile->SetCachedFlag(TRUE);
|
|
|
|
//
|
|
// The file must be fully qualified so it must be at least three
|
|
// characters plus the terminator
|
|
//
|
|
|
|
pName = pURIInfo->pszName;
|
|
|
|
fAtRoot = (pName[1] == ':' &&
|
|
((pName[2] == '\\' && pName[3] == '\0')
|
|
|| (pName[2] == '\0')) );
|
|
|
|
bSuccess = lpOpenFile->SetFileInfo( lpPFInfo,
|
|
(dwOptions & TS_DONT_CACHE_ACCESS_TOKEN) ? NULL : OpeningUser,
|
|
fAtRoot,
|
|
dwSecDescSize );
|
|
|
|
if ( !bSuccess )
|
|
{
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
AcDecrement( AacOpenURIFiles);
|
|
|
|
LocalFree(lpOpenFile);
|
|
|
|
*dwError = GetLastError();
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
#if 0 //!oplock
|
|
if ( !DisableSPUD && fOplockSucceeded ) {
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
return NULL;
|
|
}
|
|
|
|
}
|
|
else
|
|
{
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
lpPFInfo->dwLastError = GetLastError();
|
|
} else {
|
|
SetLastError(lpPFInfo->dwLastError);
|
|
}
|
|
|
|
IF_DEBUG(ERROR) {
|
|
DBGPRINTF((DBG_CONTEXT,"Create file[%s] failed with %d\n",
|
|
pURIInfo->pszName, GetLastError()));
|
|
}
|
|
|
|
//
|
|
// Couldn't open the file! If the reason we failed was because
|
|
// the file or path didn't exist, cache this information.
|
|
//
|
|
|
|
*dwError = GetLastError();
|
|
|
|
//
|
|
// if this is win95 (does not support dir opens),
|
|
// do the right thing.
|
|
//
|
|
|
|
if ( TsNoDirOpenSupport ) {
|
|
|
|
DBG_ASSERT(TsIsWindows95());
|
|
goto no_dir_open_support;
|
|
}
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
if (*dwError != ERROR_FILE_NOT_FOUND &&
|
|
*dwError != ERROR_PATH_NOT_FOUND &&
|
|
*dwError != ERROR_INVALID_NAME )
|
|
{
|
|
|
|
// Not a 'not found error'. We don't cache those.
|
|
|
|
lpPFInfo->hOpenFile = INVALID_HANDLE_VALUE;
|
|
if ( !fPhysFileCacheHit ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
#if 0
|
|
if ( !DisableSPUD && fOplockSucceeded ) {
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif //!oplock
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
return( NULL );
|
|
}
|
|
|
|
// Go ahead and set the file info structure to valid, or try to. We
|
|
// use compare and exchange to handle the race condition where the
|
|
// file is open by someone else, and has been deleted while the handle
|
|
// is still open. but we couldn't use the cached values because of
|
|
// lack of a security descriptor. In this case we could get file not
|
|
// found when the file info in the cached URI block is valid for
|
|
// someone else. We don't want to blindly stomp the information in
|
|
// that case. Note that since the cached pOpenFileInfo field is
|
|
// initialized to NULL, all we need to do is set bFileInfoValid to
|
|
// TRUE.
|
|
|
|
if (!pfnInterlockedCompareExchange( (PVOID *)&pURIInfo->bFileInfoValid,
|
|
(PVOID)TRUE,
|
|
FALSE) )
|
|
{
|
|
// The compare&exchange worked, so we now officially have
|
|
// a negatively cached file. Go ahead and save the error
|
|
// value in the URI info.
|
|
|
|
pURIInfo->dwFileOpenError = *dwError;
|
|
|
|
}
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
#if 0
|
|
if ( !DisableSPUD && fOplockSucceeded ) {
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif //!oplock
|
|
}
|
|
TsRemovePhysFile( lpPFInfo );
|
|
|
|
ASSERT( !fImpersonated );
|
|
lpOpenFile = NULL;
|
|
return lpOpenFile;
|
|
|
|
}
|
|
|
|
// We're all done with file operations now, so revert back to who we were.
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
// OK, at this point we have an LP_OPEN_FILE info, or the file doesn't
|
|
// exist. If the file info in the URI block isn't valid, save this now.
|
|
|
|
if ( !pURIInfo->bFileInfoValid )
|
|
{
|
|
PVOID Temp;
|
|
|
|
// Now that we've opened the file, set the information to valid.
|
|
|
|
Temp = pfnInterlockedCompareExchange( (PVOID *)&pURIInfo->pOpenFileInfo,
|
|
lpOpenFile,
|
|
NULL
|
|
);
|
|
if ( Temp == NULL )
|
|
{
|
|
// The exchange worked. A few notes are in order: if we're
|
|
// caching a negative hit, we wouldn't have come through
|
|
// this path, we'd have gone through the code above where
|
|
// we do a compate&exchange on bFileInfoValid. There is a
|
|
// race between that code and this - if one thread opens the
|
|
// file, the file is deleted, and another thread fails to
|
|
// open the file we have a race. In that race this code path
|
|
// always wins. Either we get here first and set bFileInfoValid
|
|
// to TRUE so the negative hit cache c&e fails, or the negative
|
|
// c&e succeeds in setting it to TRUE, and then we set the
|
|
// file info pointer to a valid file and set bFileInfo to TRUE
|
|
// also. In either case we end up with bFileInfo at TRUE and
|
|
// a valid pOpenFileInfo pointer. It is possible in this case
|
|
// that the cached file open error will be incorrect, but that's
|
|
// OK because this is valid only when the return from this
|
|
// function is NULL. In any case, this is a transitory state. A
|
|
// change notify should fire shortly after this race and clean
|
|
// all of this mess up.
|
|
|
|
pURIInfo->bFileInfoValid = TRUE;
|
|
|
|
pURIInfo->dwFileOpenError = ERROR_SUCCESS; // For debugging purposes.
|
|
|
|
if ( lpOpenFile != NULL )
|
|
{
|
|
TsIncreaseFileHandleCount( FALSE );
|
|
}
|
|
}
|
|
else
|
|
{
|
|
|
|
// The exchange didn't work, which means someone else snuck
|
|
// in and set it to valid while we were doing this. In this
|
|
// case mark our file info as not cached.
|
|
|
|
ASSERT(pURIInfo->bFileInfoValid);
|
|
|
|
if (lpOpenFile != NULL)
|
|
{
|
|
lpOpenFile->SetCachedFlag(FALSE);
|
|
*dwError = ERROR_SUCCESS;
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
// The cached file info is already valid. This could be because of a
|
|
// race and someone else got here first, or it could be because we
|
|
// had a valid cached file before but the security tokens don't match.
|
|
// Either way, mark the open file info as not cached so the handle gets
|
|
// closed when we're done.
|
|
|
|
|
|
if (lpOpenFile != NULL)
|
|
{
|
|
lpOpenFile->SetCachedFlag(FALSE);
|
|
*dwError = ERROR_SUCCESS;
|
|
}
|
|
|
|
}
|
|
|
|
#if 0
|
|
SetEvent( pURIInfo->hFileEvent );
|
|
|
|
// And now we're done.
|
|
if ( (lpOpenFile != NULL) && !DisableSPUD ) {
|
|
InsertHeadPhysFile( lpPFInfo, (PVOID)pURIInfo );
|
|
}
|
|
|
|
if ( !DisableSPUD && !fPhysFileCacheHit && fOplockSucceeded ) {
|
|
lpOplock->lpPFInfo = lpPFInfo;
|
|
SetEvent( lpOplock->hOplockInitComplete );
|
|
}
|
|
#endif //!oplock
|
|
|
|
if ( !fPhysFileCacheHit ) {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - Not in Cache, Open Complete Causing Event!\n", pURIInfo->pszName ));
|
|
}
|
|
if ( lpOpenFile != NULL ) {
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
}
|
|
} else {
|
|
IF_DEBUG(OPLOCKS) {
|
|
DBGPRINTF( (DBG_CONTEXT,"TsCreateFileFromURI(%s) - In Cache, Open Complete!\n", pURIInfo->pszName ));
|
|
}
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
return lpOpenFile;
|
|
|
|
not_enough_memory:
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
ASSERT( lpPFInfo != NULL );
|
|
if ( !fPhysFileCacheHit )
|
|
{
|
|
MARK_PHYS_INIT_COMPLETE( lpPFInfo );
|
|
TsRemovePhysFile(lpPFInfo);
|
|
}
|
|
else
|
|
{
|
|
TsCheckInOrFree( (PVOID)lpPFInfo );
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
SetLastError( ERROR_NOT_ENOUGH_MEMORY);
|
|
*dwError = ERROR_NOT_ENOUGH_MEMORY;
|
|
return( NULL );
|
|
|
|
no_dir_open_support:
|
|
|
|
//
|
|
// This is to support win95 where opening directories are not
|
|
// allowed.
|
|
//
|
|
|
|
DWORD dwAttributes;
|
|
BOOL fDirectory = FALSE;
|
|
|
|
if ( fImpersonated ) {
|
|
::RevertToSelf();
|
|
fImpersonated = FALSE;
|
|
}
|
|
|
|
//
|
|
// if this is not a directory, fail it.
|
|
//
|
|
|
|
dwAttributes = GetFileAttributes(pURIInfo->pszName);
|
|
if( dwAttributes != (DWORD)-1) {
|
|
if (dwAttributes & FILE_ATTRIBUTE_DIRECTORY) {
|
|
fDirectory = TRUE;
|
|
}
|
|
}
|
|
|
|
if (!fDirectory) {
|
|
IF_DEBUG(ERROR) {
|
|
DBGPRINTF((DBG_CONTEXT,"Not a directory[%x]. Fail\n",
|
|
dwAttributes ));
|
|
}
|
|
|
|
ASSERT( !fImpersonated );
|
|
return( NULL );
|
|
}
|
|
|
|
lpOpenFile = (LPTS_OPEN_FILE_INFO)LocalAlloc(LPTR,
|
|
sizeof(TS_OPEN_FILE_INFO));
|
|
|
|
if (lpOpenFile == NULL) {
|
|
|
|
//
|
|
// Couldn't get the memory we needed, so fail.
|
|
//
|
|
|
|
DBGPRINTF((DBG_CONTEXT,"Cannot allocate memory for file info[%d]\n",
|
|
GetLastError()));
|
|
goto not_enough_memory;
|
|
}
|
|
|
|
//
|
|
// set properties
|
|
//
|
|
|
|
lpPFInfo->hOpenFile = BOGUS_WIN95_DIR_HANDLE;
|
|
|
|
lpOpenFile->SetFileInfo(lpPFInfo,
|
|
NULL,
|
|
FALSE,
|
|
0,
|
|
dwAttributes
|
|
);
|
|
|
|
ASSERT( !fImpersonated );
|
|
return lpOpenFile;
|
|
|
|
} // TsCreateFileFromURI
|
|
|
|
|
|
|
|
dllexp
|
|
BOOL
|
|
TsCloseHandle(
|
|
IN const TSVC_CACHE &TSvcCache,
|
|
IN LPTS_OPEN_FILE_INFO lpOpenFile
|
|
)
|
|
{
|
|
PVOID pvBlob;
|
|
BOOL bSuccess;
|
|
|
|
ASSERT( lpOpenFile != NULL );
|
|
TSUNAMI_TRACE( TRACE_OPENFILE_CLOSE, lpOpenFile );
|
|
|
|
pvBlob = ( PVOID )lpOpenFile;
|
|
|
|
bSuccess = TsCheckInOrFree( pvBlob );
|
|
|
|
return( bSuccess );
|
|
} // TsCloseHandle
|
|
|
|
dllexp
|
|
BOOL
|
|
TsCloseURIFile(
|
|
IN LPTS_OPEN_FILE_INFO lpOpenFile
|
|
)
|
|
{
|
|
|
|
PVOID pvBlob;
|
|
|
|
AcIncrement( CacCloseURI);
|
|
if ( lpOpenFile != NULL ) {
|
|
|
|
if ( !lpOpenFile->QueryCachedFlag() )
|
|
{
|
|
// This file isn't actually part of a URI cache block, so
|
|
// close it.
|
|
|
|
|
|
AcDecrement( AacOpenURIFiles);
|
|
|
|
if ( lpOpenFile->QueryFileHandle() != BOGUS_WIN95_DIR_HANDLE ) {
|
|
pvBlob = ( PVOID )lpOpenFile->QueryPhysFileInfo();
|
|
TsCheckInOrFree( pvBlob );
|
|
}
|
|
|
|
LocalFree( lpOpenFile);
|
|
}
|
|
}
|
|
|
|
return TRUE;
|
|
|
|
} // TsCloseURIFile
|
|
|
|
dllexp
|
|
BOOL TsCreateETagFromHandle(
|
|
IN HANDLE hFile,
|
|
IN PCHAR ETag,
|
|
IN BOOL *bWeakETag
|
|
)
|
|
/*+++
|
|
|
|
TsCreateETagFromHandle
|
|
|
|
This routine takes a file handle as input, and creates an ETag in
|
|
the supplied buffer for that file handle.
|
|
|
|
Arguments:
|
|
|
|
hFile - File handle for which to create an ETag.
|
|
ETag - Where to store the ETag. This must be long
|
|
enough to hold the maximum length ETag.
|
|
bWeakETag - Set to TRUE if the newly created ETag is weak.
|
|
|
|
Returns:
|
|
|
|
TRUE if we create an ETag, FALSE otherwise.
|
|
---*/
|
|
{
|
|
BY_HANDLE_FILE_INFORMATION FileInfo;
|
|
BOOL bReturn;
|
|
PUCHAR Temp;
|
|
FILETIME ftNow;
|
|
SYSTEMTIME stNow;
|
|
MB mb( (IMDCOM*) IIS_SERVICE::QueryMDObject() );
|
|
DWORD dwChangeNumber;
|
|
|
|
|
|
bReturn = GetFileInformationByHandle(
|
|
hFile,
|
|
&FileInfo
|
|
);
|
|
|
|
if (!bReturn)
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
dwChangeNumber = 0;
|
|
mb.GetSystemChangeNumber(&dwChangeNumber);
|
|
|
|
FORMAT_ETAG(ETag, FileInfo.ftLastWriteTime, dwChangeNumber );
|
|
|
|
::GetSystemTime(&stNow);
|
|
|
|
if (::SystemTimeToFileTime((CONST SYSTEMTIME *)&stNow, &ftNow))
|
|
{
|
|
__int64 iNow, iFileTime;
|
|
|
|
iNow = (__int64)*(__int64 UNALIGNED *)&ftNow;
|
|
|
|
iFileTime = (__int64)*(__int64 UNALIGNED *)&FileInfo.ftLastWriteTime;
|
|
|
|
if ((iNow - iFileTime) > STRONG_ETAG_DELTA )
|
|
{
|
|
*bWeakETag = FALSE;
|
|
}
|
|
else
|
|
{
|
|
*bWeakETag = TRUE;
|
|
}
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
dllexp
|
|
BOOL TsLastWriteTimeFromHandle(
|
|
IN HANDLE hFile,
|
|
IN FILETIME *tm
|
|
)
|
|
/*+++
|
|
|
|
TsLastWriteTimeFromHandle
|
|
|
|
This routine takes a file handle as input, and returns the last write time
|
|
for that handle.
|
|
|
|
Arguments:
|
|
|
|
hFile - File handle for which to get the last write time.
|
|
tm - Where to return the last write time.
|
|
|
|
Returns:
|
|
|
|
TRUE if we succeed, FALSE otherwise.
|
|
---*/
|
|
{
|
|
BY_HANDLE_FILE_INFORMATION FileInfo;
|
|
BOOL bReturn;
|
|
|
|
bReturn = GetFileInformationByHandle(
|
|
hFile,
|
|
&FileInfo
|
|
);
|
|
|
|
if (!bReturn)
|
|
{
|
|
return FALSE;
|
|
}
|
|
|
|
*tm = FileInfo.ftLastWriteTime;
|
|
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
|
|
|
|
const char * g_IISAuxCounterNames[] =
|
|
{
|
|
"Aac Open URI Files",
|
|
"Cac Calls to TsOpenURI()",
|
|
"Cac Calls to TsCloseURI()",
|
|
"Max Counters"
|
|
};
|
|
|
|
|
|
|
|
extern "C"
|
|
VOID
|
|
TsDumpCacheCounters( OUT CHAR * pchBuffer, IN OUT LPDWORD lpcbBuffer )
|
|
{
|
|
DWORD cb = 0;
|
|
|
|
DBG_ASSERT( NULL != lpcbBuffer);
|
|
|
|
if ( *lpcbBuffer > 30) {
|
|
cb = wsprintf( pchBuffer, " IIS Cache Aux Counters. <p> <UL>");
|
|
} else {
|
|
cb = 30;
|
|
}
|
|
|
|
for ( DWORD i = 0; i < AacIISCacheMaxCounters; i++) {
|
|
|
|
if ( *lpcbBuffer > cb + 30) {
|
|
cb += wsprintf( pchBuffer + cb, " <LI> %s = %d",
|
|
g_IISAuxCounterNames[i],
|
|
AcCounter(i));
|
|
} else {
|
|
cb += 30;
|
|
}
|
|
} // for
|
|
|
|
if ( *lpcbBuffer > cb + 5) {
|
|
cb += wsprintf( pchBuffer + cb, " </UL> ");
|
|
} else {
|
|
cb += 5;
|
|
}
|
|
|
|
*lpcbBuffer = cb;
|
|
return ;
|
|
} // TsDumpCacheCounters()
|
|
|
|
|
|
|
|
|
|
|
|
|