3.3.5.51 Receiving an SMB_COM_NT_CREATE_ANDX Request

This command can be used by the client to create a new file, open or truncate an existing file, create a directory, or open a named pipe or device. It is similar to other SMB Open and Create commands, except that the variety of options is much greater.

Upon receipt of an SMB_COM_NT_CREATE_ANDX Request (section 2.2.4.64.1), the server MUST follow the steps as specified in section 3.3.5.2 and MUST determine the pathname of the object to open or create. This involves the interaction of three fields:

  • If the RootDirectoryFID is nonzero, it represents a directory within the share represented by the TID. The FileName MUST be evaluated relative to the RootDirectoryFID, not the TID.

  • If the RootDirectoryFID is zero, the FileName MUST be evaluated relative to the TID.

When opening a file, the server MUST strip any trailing backslash characters from the FileName field before opening the file from the underlying object store. When opening a named pipe, the FileName field MUST contain only the relative name of the pipe. That is, the "\PIPE\" prefix MUST NOT be present. This is in contrast with other commands, such as SMB_COM_OPEN_ANDX and TRANS2_OPEN2, which require that the "\PIPE" prefix be present in the path name. If Server.Session.IsAnonymous is TRUE, the server MUST invoke the event specified in [MS-SRVS] section 3.1.6.17 by providing the FileName field with the "\PIPE\" prefix removed as input parameter. If the event returns FALSE, indicating that no matching named pipe is found that allows an anonymous user, the server MUST fail the request with STATUS_ACCESS_DENIED and MUST increase Server.Statistics.sts0_permerrors by 1. Otherwise, the server MUST continue the create processing.

If Server.EnableOplock is TRUE, the Flags field in the request allows the client to request an exclusive or batch OpLock. The level of OpLock granted (or not) MUST be returned in the OpLockLevel field in the response. The Flags field also allows the user to request opening a directory.

If the object opened is a directory, the server MUST set the Directory field of the response to a nonzero value (TRUE); a zero value (FALSE) indicates that the object is not a directory.

The DesiredAccess field is used to indicate the access modes that the client requests. If DesiredAccess is not granted in Share.FileSecurity for the user indicated by the UID, the server MUST fail the request with STATUS_ACCESS_DENIED. If the user's security context indicated by the UID does not have appropriate privileges, the server SHOULD fail the request with STATUS_PRIVILEGE_NOT_HELD or STATUS_ACCESS_DENIED (ERRDOS/ERRnoaccess).<314> If no access is granted for the client on this file, the server MUST increase Server.Statistics.sts0_permerrors by 1 and MUST fail the open with STATUS_ACCESS_DENIED (ERRDOS/ERRnoaccess).

If the object is a regular file and it is being created or overwritten, the AllocationSize indicates the number of bytes to pre-allocate.

ShareAccess provides the set of sharing modes that the client has requested. If any of these sharing modes is unavailable, the server MUST fail the open with STATUS_SHARING_VIOLATION (ERRDOS/ERRbadshare). If ShareAccess values of FILE_SHARE_READ, FILE_SHARE_WRITE, or FILE_SHARE_DELETE are set for a printer file or a named pipe, the server SHOULD ignore these values.

If the object already exists, the action that the server SHOULD attempt is determined by interpreting the CreateDisposition field as follows:<315>

  • FILE_SUPERSEDE, FILE_OVERWRITE, FILE_OVERWRITE_IF: Overwrite the file.

  • FILE_OPEN, FILE_OPEN_IF: Open the existing file.

  • FILE_CREATE: Fail.

If the object does not already exist, the action the server MUST attempt is determined by interpreting the CreateDisposition field as follows:

  • FILE_SUPERSEDE, FILE_CREATE, FILE_OPEN_IF, FILE_OVERWRITE_IF: Create the file.

  • FILE_OPEN, FILE_OVERWRITE: Fail.

If the object is a regular file and it is being created or overwritten, the AllocationSize indicates the number of bytes to pre-allocate.

If the object is being created, ExtFileAttributes represents a set of requested attributes to be assigned to the object. The set of attributes actually assigned is returned to the client in the ExtFileAttributes field of the response.

The server MUST include FILE_READ_ATTRIBUTES in the DesiredAccess field of the request.

If the open or create is successful,<316> the server MUST provide additional file attribute information, including:

  • The type of the object that has been opened.

  • The creation, last write, last change, and last access times of the object.

  • The file size (determined by the EndOfFile field) and file allocation size, if the object is a file.

  • The named pipe state, if the object is a named pipe.

If the command is successful, the server MUST increase Server.Statistics.sts0_fopens by 1 and MUST allocate an Open object and insert it into Server.Connection.FileOpenTable with the following default values:

  • A new FID MUST be created to uniquely identify this Open in Server.Connection.FileOpenTable.

  • If a requested OpLock was granted, the type of OpLock MUST be set in Server.Open.OpLock and Server.Open.OplockState MUST be set to Held; otherwise, Server.Open.OpLock MUST be set to None and Server.Open.OplockState MUST be set to None.

  • Server.Open.TreeConnect MUST be set to the TreeConnect on which the open request was performed, and Server.Open.TreeConnect.OpenCount MUST be increased by 1.

  • Server.Open.Session MUST be set to Server.Open.TreeConnect.Session.

  • Server.Open.Connection MUST be set to the Server.Open.Session.Connection.

  • Server.Open.Locks MUST be set to an empty list.

  • Server.Open.PID MUST be set to the PID provided in the request.

  • Server.Open.PathName MUST be set to the FileName field of the request.

  • Server.Open.GrantedAccess MUST be set to the DesiredAccess field of the request.

The server MUST register the Open by invoking the event Server Registers a New Open ([MS-SRVS] section 3.1.6.4) and MUST assign the return value to Server.Open.FileGlobalId.

The FID MUST be placed into an SMB_COM_NT_CREATE_ANDX Response (section 2.2.4.64.2) message. If an error is generated, an error response MUST be used instead.

If the SMB_COM_NT_CREATE_ANDX is successful, this information, along with the FID generated by the command, MUST be placed into an SMB_COM_NT_CREATE_ANDX Response message. The PID and TID from the request header and new FID MUST be entered into the Server.Connection.FileOpenTable. If an error is generated, an error response MUST be used instead.

The response MUST be sent to the client as specified in section 3.3.4.1.

Show: