source: branches/samba-3.5.x/source3/smbd/filename.c@ 738

Last change on this file since 738 was 732, checked in by Silvan Scherrer, 13 years ago

Samba Server 3.5: update branche to 3.5.12
File size: 32.8 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 filename handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1999-2007
6 Copyright (C) Ying Chen 2000
7 Copyright (C) Volker Lendecke 2007
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21*/
22
23/*
24 * New hash table stat cache code added by Ying Chen.
25 */
26
27#include "includes.h"
28
29static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
30 connection_struct *conn,
31 const char *orig_path,
32 struct smb_filename *smb_fname);
33
34/****************************************************************************
35 Mangle the 2nd name and check if it is then equal to the first name.
36****************************************************************************/
37
38static bool mangled_equal(const char *name1,
39 const char *name2,
40 const struct share_params *p)
41{
42 char mname[13];
43
44 if (!name_to_8_3(name2, mname, False, p)) {
45 return False;
46 }
47 return strequal(name1, mname);
48}
49
50/****************************************************************************
51 Cope with the differing wildcard and non-wildcard error cases.
52****************************************************************************/
53
54static NTSTATUS determine_path_error(const char *name,
55 bool allow_wcard_last_component)
56{
57 const char *p;
58
59 if (!allow_wcard_last_component) {
60 /* Error code within a pathname. */
61 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
62 }
63
64 /* We're terminating here so we
65 * can be a little slower and get
66 * the error code right. Windows
67 * treats the last part of the pathname
68 * separately I think, so if the last
69 * component is a wildcard then we treat
70 * this ./ as "end of component" */
71
72 p = strchr(name, '/');
73
74 if (!p && (ms_has_wild(name) || ISDOT(name))) {
75 /* Error code at the end of a pathname. */
76 return NT_STATUS_OBJECT_NAME_INVALID;
77 } else {
78 /* Error code within a pathname. */
79 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
80 }
81}
82
83static NTSTATUS check_for_dot_component(const struct smb_filename *smb_fname)
84{
85 /* Ensure we catch all names with in "/."
86 this is disallowed under Windows and
87 in POSIX they've already been removed. */
88 const char *p = strstr(smb_fname->base_name, "/."); /*mb safe*/
89 if (p) {
90 if (p[2] == '/') {
91 /* Error code within a pathname. */
92 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
93 } else if (p[2] == '\0') {
94 /* Error code at the end of a pathname. */
95 return NT_STATUS_OBJECT_NAME_INVALID;
96 }
97 }
98 return NT_STATUS_OK;
99}
100
101/****************************************************************************
102This routine is called to convert names from the dos namespace to unix
103namespace. It needs to handle any case conversions, mangling, format changes,
104streams etc.
105
106We assume that we have already done a chdir() to the right "root" directory
107for this service.
108
109The function will return an NTSTATUS error if some part of the name except for
110the last part cannot be resolved, else NT_STATUS_OK.
111
112Note NT_STATUS_OK doesn't mean the name exists or is valid, just that we
113didn't get any fatal errors that should immediately terminate the calling SMB
114processing whilst resolving.
115
116If the UCF_SAVE_LCOMP flag is passed in, then the unmodified last component
117of the pathname is set in smb_filename->original_lcomp.
118
119If UCF_ALWAYS_ALLOW_WCARD_LCOMP is passed in, then a MS wildcard was detected
120and should be allowed in the last component of the path only.
121
122If the orig_path was a stream, smb_filename->base_name will point to the base
123filename, and smb_filename->stream_name will point to the stream name. If
124orig_path was not a stream, then smb_filename->stream_name will be NULL.
125
126On exit from unix_convert, the smb_filename->st stat struct will be populated
127if the file exists and was found, if not this stat struct will be filled with
128zeros (and this can be detected by checking for nlinks = 0, which can never be
129true for any file).
130****************************************************************************/
131
132NTSTATUS unix_convert(TALLOC_CTX *ctx,
133 connection_struct *conn,
134 const char *orig_path,
135 struct smb_filename **smb_fname_out,
136 uint32_t ucf_flags)
137{
138 struct smb_filename *smb_fname = NULL;
139 char *start, *end;
140 char *dirpath = NULL;
141 char *stream = NULL;
142 bool component_was_mangled = False;
143 bool name_has_wildcard = False;
144 bool posix_pathnames = false;
145 bool allow_wcard_last_component =
146 (ucf_flags & UCF_ALWAYS_ALLOW_WCARD_LCOMP);
147 bool save_last_component = ucf_flags & UCF_SAVE_LCOMP;
148 NTSTATUS status;
149 int ret = -1;
150
151 *smb_fname_out = NULL;
152
153 smb_fname = talloc_zero(ctx, struct smb_filename);
154 if (smb_fname == NULL) {
155 return NT_STATUS_NO_MEMORY;
156 }
157
158 if (conn->printer) {
159 /* we don't ever use the filenames on a printer share as a
160 filename - so don't convert them */
161 if (!(smb_fname->base_name = talloc_strdup(smb_fname,
162 orig_path))) {
163 status = NT_STATUS_NO_MEMORY;
164 goto err;
165 }
166 goto done;
167 }
168
169 DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path));
170
171 /*
172 * Conversion to basic unix format is already done in
173 * check_path_syntax().
174 */
175
176 /*
177 * Names must be relative to the root of the service - any leading /.
178 * and trailing /'s should have been trimmed by check_path_syntax().
179 */
180
181#ifdef DEVELOPER
182 SMB_ASSERT(*orig_path != '/');
183#endif
184
185 /*
186 * If we trimmed down to a single '\0' character
187 * then we should use the "." directory to avoid
188 * searching the cache, but not if we are in a
189 * printing share.
190 * As we know this is valid we can return true here.
191 */
192
193 if (!*orig_path) {
194 if (!(smb_fname->base_name = talloc_strdup(smb_fname, "."))) {
195 status = NT_STATUS_NO_MEMORY;
196 goto err;
197 }
198 if (SMB_VFS_STAT(conn, smb_fname) != 0) {
199 status = map_nt_error_from_unix(errno);
200 goto err;
201 }
202 DEBUG(5, ("conversion finished \"\" -> %s\n",
203 smb_fname->base_name));
204 goto done;
205 }
206
207 if (orig_path[0] == '.' && (orig_path[1] == '/' ||
208 orig_path[1] == '\0')) {
209 /* Start of pathname can't be "." only. */
210 if (orig_path[1] == '\0' || orig_path[2] == '\0') {
211 status = NT_STATUS_OBJECT_NAME_INVALID;
212 } else {
213 status =determine_path_error(&orig_path[2],
214 allow_wcard_last_component);
215 }
216 goto err;
217 }
218
219 /* Start with the full orig_path as given by the caller. */
220 if (!(smb_fname->base_name = talloc_strdup(smb_fname, orig_path))) {
221 DEBUG(0, ("talloc_strdup failed\n"));
222 status = NT_STATUS_NO_MEMORY;
223 goto err;
224 }
225
226 /*
227 * Large directory fix normalization. If we're case sensitive, and
228 * the case preserving parameters are set to "no", normalize the case of
229 * the incoming filename from the client WHETHER IT EXISTS OR NOT !
230 * This is in conflict with the current (3.0.20) man page, but is
231 * what people expect from the "large directory howto". I'll update
232 * the man page. Thanks to jht@samba.org for finding this. JRA.
233 */
234
235 if (conn->case_sensitive && !conn->case_preserve &&
236 !conn->short_case_preserve) {
237 strnorm(smb_fname->base_name, lp_defaultcase(SNUM(conn)));
238 }
239
240 /*
241 * Ensure saved_last_component is valid even if file exists.
242 */
243
244 if(save_last_component) {
245 end = strrchr_m(smb_fname->base_name, '/');
246 if (end) {
247 smb_fname->original_lcomp = talloc_strdup(smb_fname,
248 end + 1);
249 } else {
250 smb_fname->original_lcomp =
251 talloc_strdup(smb_fname, smb_fname->base_name);
252 }
253 if (smb_fname->original_lcomp == NULL) {
254 status = NT_STATUS_NO_MEMORY;
255 goto err;
256 }
257 }
258
259 posix_pathnames = (lp_posix_pathnames() ||
260 (ucf_flags & UCF_POSIX_PATHNAMES));
261
262 /*
263 * Strip off the stream, and add it back when we're done with the
264 * base_name.
265 */
266 if (!posix_pathnames) {
267 stream = strchr_m(smb_fname->base_name, ':');
268
269 if (stream != NULL) {
270 char *tmp = talloc_strdup(smb_fname, stream);
271 if (tmp == NULL) {
272 status = NT_STATUS_NO_MEMORY;
273 goto err;
274 }
275 /*
276 * Since this is actually pointing into
277 * smb_fname->base_name this truncates base_name.
278 */
279 *stream = '\0';
280 stream = tmp;
281 }
282 }
283
284 start = smb_fname->base_name;
285
286 /*
287 * If we're providing case insentive semantics or
288 * the underlying filesystem is case insensitive,
289 * then a case-normalized hit in the stat-cache is
290 * authoratitive. JRA.
291 *
292 * Note: We're only checking base_name. The stream_name will be
293 * added and verified in build_stream_path().
294 */
295
296 if((!conn->case_sensitive || !(conn->fs_capabilities &
297 FILE_CASE_SENSITIVE_SEARCH)) &&
298 stat_cache_lookup(conn, posix_pathnames, &smb_fname->base_name, &dirpath, &start,
299 &smb_fname->st)) {
300 goto done;
301 }
302
303 /*
304 * Make sure "dirpath" is an allocated string, we use this for
305 * building the directories with asprintf and free it.
306 */
307
308 if ((dirpath == NULL) && (!(dirpath = talloc_strdup(ctx,"")))) {
309 DEBUG(0, ("talloc_strdup failed\n"));
310 status = NT_STATUS_NO_MEMORY;
311 goto err;
312 }
313
314 /*
315 * If we have a wildcard we must walk the path to
316 * find where the error is, even if case sensitive
317 * is true.
318 */
319
320 name_has_wildcard = ms_has_wild(smb_fname->base_name);
321 if (name_has_wildcard && !allow_wcard_last_component) {
322 /* Wildcard not valid anywhere. */
323 status = NT_STATUS_OBJECT_NAME_INVALID;
324 goto fail;
325 }
326
327 DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
328 smb_fname->base_name, dirpath, start));
329
330 if (!name_has_wildcard) {
331 /*
332 * stat the name - if it exists then we can add the stream back (if
333 * there was one) and be done!
334 */
335
336 if (posix_pathnames) {
337 ret = SMB_VFS_LSTAT(conn, smb_fname);
338 } else {
339 ret = SMB_VFS_STAT(conn, smb_fname);
340 }
341
342 if (ret == 0) {
343 status = check_for_dot_component(smb_fname);
344 if (!NT_STATUS_IS_OK(status)) {
345 goto fail;
346 }
347 /* Add the path (not including the stream) to the cache. */
348 stat_cache_add(orig_path, smb_fname->base_name,
349 conn->case_sensitive);
350 DEBUG(5,("conversion of base_name finished %s -> %s\n",
351 orig_path, smb_fname->base_name));
352 goto done;
353 }
354
355 /* Stat failed - ensure we don't use it. */
356 SET_STAT_INVALID(smb_fname->st);
357
358 /*
359 * A special case - if we don't have any wildcards or mangling chars and are case
360 * sensitive or the underlying filesystem is case insentive then searching
361 * won't help.
362 */
363
364 if ((conn->case_sensitive || !(conn->fs_capabilities &
365 FILE_CASE_SENSITIVE_SEARCH)) &&
366 !mangle_is_mangled(smb_fname->base_name, conn->params)) {
367
368 status = check_for_dot_component(smb_fname);
369 if (!NT_STATUS_IS_OK(status)) {
370 goto fail;
371 }
372
373 /*
374 * The stat failed. Could be ok as it could be
375 * a new file.
376 */
377
378 if (errno == ENOTDIR || errno == ELOOP) {
379 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
380 goto fail;
381 } else if (errno == ENOENT) {
382 /*
383 * Was it a missing last component ?
384 * or a missing intermediate component ?
385 */
386 struct smb_filename parent_fname;
387 ZERO_STRUCT(parent_fname);
388 if (!parent_dirname(ctx, smb_fname->base_name,
389 &parent_fname.base_name,
390 NULL)) {
391 status = NT_STATUS_NO_MEMORY;
392 goto fail;
393 }
394 if (posix_pathnames) {
395 ret = SMB_VFS_LSTAT(conn, &parent_fname);
396 } else {
397 ret = SMB_VFS_STAT(conn, &parent_fname);
398 }
399 if (ret == -1) {
400 if (errno == ENOTDIR ||
401 errno == ENOENT ||
402 errno == ELOOP) {
403 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
404 goto fail;
405 }
406 }
407 /*
408 * Missing last component is ok - new file.
409 * Also deal with permission denied elsewhere.
410 * Just drop out to done.
411 */
412 goto done;
413 }
414 }
415 }
416
417 /*
418 * is_mangled() was changed to look at an entire pathname, not
419 * just a component. JRA.
420 */
421
422 if (mangle_is_mangled(start, conn->params)) {
423 component_was_mangled = True;
424 }
425
426 /*
427 * Now we need to recursively match the name against the real
428 * directory structure.
429 */
430
431 /*
432 * Match each part of the path name separately, trying the names
433 * as is first, then trying to scan the directory for matching names.
434 */
435
436 for (; start ; start = (end?end+1:(char *)NULL)) {
437 /*
438 * Pinpoint the end of this section of the filename.
439 */
440 /* mb safe. '/' can't be in any encoded char. */
441 end = strchr(start, '/');
442
443 /*
444 * Chop the name at this point.
445 */
446 if (end) {
447 *end = 0;
448 }
449
450 if (save_last_component) {
451 TALLOC_FREE(smb_fname->original_lcomp);
452 smb_fname->original_lcomp = talloc_strdup(smb_fname,
453 end ? end + 1 : start);
454 if (!smb_fname->original_lcomp) {
455 DEBUG(0, ("talloc failed\n"));
456 status = NT_STATUS_NO_MEMORY;
457 goto err;
458 }
459 }
460
461 /* The name cannot have a component of "." */
462
463 if (ISDOT(start)) {
464 if (!end) {
465 /* Error code at the end of a pathname. */
466 status = NT_STATUS_OBJECT_NAME_INVALID;
467 } else {
468 status = determine_path_error(end+1,
469 allow_wcard_last_component);
470 }
471 goto fail;
472 }
473
474 /* The name cannot have a wildcard if it's not
475 the last component. */
476
477 name_has_wildcard = ms_has_wild(start);
478
479 /* Wildcards never valid within a pathname. */
480 if (name_has_wildcard && end) {
481 status = NT_STATUS_OBJECT_NAME_INVALID;
482 goto fail;
483 }
484
485 /*
486 * Check if the name exists up to this point.
487 */
488
489 if (posix_pathnames) {
490 ret = SMB_VFS_LSTAT(conn, smb_fname);
491 } else {
492 ret = SMB_VFS_STAT(conn, smb_fname);
493 }
494
495 if (ret == 0) {
496 /*
497 * It exists. it must either be a directory or this must
498 * be the last part of the path for it to be OK.
499 */
500 if (end && !S_ISDIR(smb_fname->st.st_ex_mode)) {
501 /*
502 * An intermediate part of the name isn't
503 * a directory.
504 */
505 DEBUG(5,("Not a dir %s\n",start));
506 *end = '/';
507 /*
508 * We need to return the fact that the
509 * intermediate name resolution failed. This
510 * is used to return an error of ERRbadpath
511 * rather than ERRbadfile. Some Windows
512 * applications depend on the difference between
513 * these two errors.
514 */
515 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
516 goto fail;
517 }
518
519 } else {
520 char *found_name = NULL;
521
522 /* Stat failed - ensure we don't use it. */
523 SET_STAT_INVALID(smb_fname->st);
524
525 /*
526 * Reset errno so we can detect
527 * directory open errors.
528 */
529 errno = 0;
530
531 /*
532 * Try to find this part of the path in the directory.
533 */
534
535 if (name_has_wildcard ||
536 (get_real_filename(conn, dirpath, start,
537 talloc_tos(),
538 &found_name) == -1)) {
539 char *unmangled;
540
541 if (end) {
542 /*
543 * An intermediate part of the name
544 * can't be found.
545 */
546 DEBUG(5,("Intermediate not found %s\n",
547 start));
548 *end = '/';
549
550 /*
551 * We need to return the fact that the
552 * intermediate name resolution failed.
553 * This is used to return an error of
554 * ERRbadpath rather than ERRbadfile.
555 * Some Windows applications depend on
556 * the difference between these two
557 * errors.
558 */
559
560 /*
561 * ENOENT, ENOTDIR and ELOOP all map
562 * to NT_STATUS_OBJECT_PATH_NOT_FOUND
563 * in the filename walk.
564 */
565
566 if (errno == ENOENT ||
567 errno == ENOTDIR ||
568 errno == ELOOP) {
569 status =
570 NT_STATUS_OBJECT_PATH_NOT_FOUND;
571 }
572 else {
573 status =
574 map_nt_error_from_unix(errno);
575 }
576 goto fail;
577 }
578
579 /*
580 * ENOENT/EACCESS are the only valid errors
581 * here. EACCESS needs handling here for
582 * "dropboxes", i.e. directories where users
583 * can only put stuff with permission -wx.
584 */
585 if ((errno != 0) && (errno != ENOENT)
586 && (errno != EACCES)) {
587 /*
588 * ENOTDIR and ELOOP both map to
589 * NT_STATUS_OBJECT_PATH_NOT_FOUND
590 * in the filename walk.
591 */
592 if (errno == ENOTDIR ||
593 errno == ELOOP) {
594 status =
595 NT_STATUS_OBJECT_PATH_NOT_FOUND;
596 } else {
597 status =
598 map_nt_error_from_unix(errno);
599 }
600 goto fail;
601 }
602
603 /*
604 * Just the last part of the name doesn't exist.
605 * We need to strupper() or strlower() it as
606 * this conversion may be used for file creation
607 * purposes. Fix inspired by
608 * Thomas Neumann <t.neumann@iku-ag.de>.
609 */
610 if (!conn->case_preserve ||
611 (mangle_is_8_3(start, False,
612 conn->params) &&
613 !conn->short_case_preserve)) {
614 strnorm(start,
615 lp_defaultcase(SNUM(conn)));
616 }
617
618 /*
619 * check on the mangled stack to see if we can
620 * recover the base of the filename.
621 */
622
623 if (mangle_is_mangled(start, conn->params)
624 && mangle_lookup_name_from_8_3(ctx,
625 start,
626 &unmangled,
627 conn->params)) {
628 char *tmp;
629 size_t start_ofs =
630 start - smb_fname->base_name;
631
632 if (*dirpath != '\0') {
633 tmp = talloc_asprintf(
634 smb_fname, "%s/%s",
635 dirpath, unmangled);
636 TALLOC_FREE(unmangled);
637 }
638 else {
639 tmp = unmangled;
640 }
641 if (tmp == NULL) {
642 DEBUG(0, ("talloc failed\n"));
643 status = NT_STATUS_NO_MEMORY;
644 goto err;
645 }
646 TALLOC_FREE(smb_fname->base_name);
647 smb_fname->base_name = tmp;
648 start =
649 smb_fname->base_name + start_ofs;
650 end = start + strlen(start);
651 }
652
653 DEBUG(5,("New file %s\n",start));
654 goto done;
655 }
656
657
658 /*
659 * Restore the rest of the string. If the string was
660 * mangled the size may have changed.
661 */
662 if (end) {
663 char *tmp;
664 size_t start_ofs =
665 start - smb_fname->base_name;
666
667 if (*dirpath != '\0') {
668 tmp = talloc_asprintf(smb_fname,
669 "%s/%s/%s", dirpath,
670 found_name, end+1);
671 }
672 else {
673 tmp = talloc_asprintf(smb_fname,
674 "%s/%s", found_name,
675 end+1);
676 }
677 if (tmp == NULL) {
678 DEBUG(0, ("talloc_asprintf failed\n"));
679 status = NT_STATUS_NO_MEMORY;
680 goto err;
681 }
682 TALLOC_FREE(smb_fname->base_name);
683 smb_fname->base_name = tmp;
684 start = smb_fname->base_name + start_ofs;
685 end = start + strlen(found_name);
686 *end = '\0';
687 } else {
688 char *tmp;
689 size_t start_ofs =
690 start - smb_fname->base_name;
691
692 if (*dirpath != '\0') {
693 tmp = talloc_asprintf(smb_fname,
694 "%s/%s", dirpath,
695 found_name);
696 } else {
697 tmp = talloc_strdup(smb_fname,
698 found_name);
699 }
700 if (tmp == NULL) {
701 DEBUG(0, ("talloc failed\n"));
702 status = NT_STATUS_NO_MEMORY;
703 goto err;
704 }
705 TALLOC_FREE(smb_fname->base_name);
706 smb_fname->base_name = tmp;
707 start = smb_fname->base_name + start_ofs;
708
709 /*
710 * We just scanned for, and found the end of
711 * the path. We must return a valid stat struct
712 * if it exists. JRA.
713 */
714
715 if (posix_pathnames) {
716 ret = SMB_VFS_LSTAT(conn, smb_fname);
717 } else {
718 ret = SMB_VFS_STAT(conn, smb_fname);
719 }
720
721 if (ret != 0) {
722 SET_STAT_INVALID(smb_fname->st);
723 }
724 }
725
726 TALLOC_FREE(found_name);
727 } /* end else */
728
729#ifdef DEVELOPER
730 /*
731 * This sucks!
732 * We should never provide different behaviors
733 * depending on DEVELOPER!!!
734 */
735 if (VALID_STAT(smb_fname->st)) {
736 bool delete_pending;
737 get_file_infos(vfs_file_id_from_sbuf(conn,
738 &smb_fname->st),
739 &delete_pending, NULL);
740 if (delete_pending) {
741 status = NT_STATUS_DELETE_PENDING;
742 goto fail;
743 }
744 }
745#endif
746
747 /*
748 * Add to the dirpath that we have resolved so far.
749 */
750
751 if (*dirpath != '\0') {
752 char *tmp = talloc_asprintf(ctx,
753 "%s/%s", dirpath, start);
754 if (!tmp) {
755 DEBUG(0, ("talloc_asprintf failed\n"));
756 status = NT_STATUS_NO_MEMORY;
757 goto err;
758 }
759 TALLOC_FREE(dirpath);
760 dirpath = tmp;
761 }
762 else {
763 TALLOC_FREE(dirpath);
764 if (!(dirpath = talloc_strdup(ctx,start))) {
765 DEBUG(0, ("talloc_strdup failed\n"));
766 status = NT_STATUS_NO_MEMORY;
767 goto err;
768 }
769 }
770
771 /*
772 * Cache the dirpath thus far. Don't cache a name with mangled
773 * or wildcard components as this can change the size.
774 */
775 if(!component_was_mangled && !name_has_wildcard) {
776 stat_cache_add(orig_path, dirpath,
777 conn->case_sensitive);
778 }
779
780 /*
781 * Restore the / that we wiped out earlier.
782 */
783 if (end) {
784 *end = '/';
785 }
786 }
787
788 /*
789 * Cache the full path. Don't cache a name with mangled or wildcard
790 * components as this can change the size.
791 */
792
793 if(!component_was_mangled && !name_has_wildcard) {
794 stat_cache_add(orig_path, smb_fname->base_name,
795 conn->case_sensitive);
796 }
797
798 /*
799 * The name has been resolved.
800 */
801
802 DEBUG(5,("conversion finished %s -> %s\n", orig_path,
803 smb_fname->base_name));
804
805 done:
806 /* Add back the stream if one was stripped off originally. */
807 if (stream != NULL) {
808 smb_fname->stream_name = stream;
809
810 /* Check path now that the base_name has been converted. */
811 status = build_stream_path(ctx, conn, orig_path, smb_fname);
812 if (!NT_STATUS_IS_OK(status)) {
813 goto fail;
814 }
815 }
816 TALLOC_FREE(dirpath);
817 *smb_fname_out = smb_fname;
818 return NT_STATUS_OK;
819 fail:
820 DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath, start));
821 if (*dirpath != '\0') {
822 smb_fname->base_name = talloc_asprintf(smb_fname, "%s/%s",
823 dirpath, start);
824 } else {
825 smb_fname->base_name = talloc_strdup(smb_fname, start);
826 }
827 if (!smb_fname->base_name) {
828 DEBUG(0, ("talloc_asprintf failed\n"));
829 status = NT_STATUS_NO_MEMORY;
830 goto err;
831 }
832
833 *smb_fname_out = smb_fname;
834 TALLOC_FREE(dirpath);
835 return status;
836 err:
837 TALLOC_FREE(smb_fname);
838 return status;
839}
840
841/****************************************************************************
842 Ensure a path is not vetod.
843****************************************************************************/
844
845NTSTATUS check_veto_path(connection_struct *conn, const char *name)
846{
847 if (IS_VETO_PATH(conn, name)) {
848 /* Is it not dot or dot dot. */
849 if (!(ISDOT(name) || ISDOTDOT(name))) {
850 DEBUG(5,("check_veto_path: file path name %s vetoed\n",
851 name));
852 return map_nt_error_from_unix(ENOENT);
853 }
854 }
855 return NT_STATUS_OK;
856}
857
858/****************************************************************************
859 Check a filename - possibly calling check_reduced_name.
860 This is called by every routine before it allows an operation on a filename.
861 It does any final confirmation necessary to ensure that the filename is
862 a valid one for the user to access.
863****************************************************************************/
864
865NTSTATUS check_name(connection_struct *conn, const char *name)
866{
867 NTSTATUS status = check_veto_path(conn, name);
868
869 if (!NT_STATUS_IS_OK(status)) {
870 return status;
871 }
872
873 if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
874 status = check_reduced_name(conn,name);
875 if (!NT_STATUS_IS_OK(status)) {
876 DEBUG(5,("check_name: name %s failed with %s\n",name,
877 nt_errstr(status)));
878 return status;
879 }
880 }
881
882 return NT_STATUS_OK;
883}
884
885/****************************************************************************
886 Check if two filenames are equal.
887 This needs to be careful about whether we are case sensitive.
888****************************************************************************/
889
890static bool fname_equal(const char *name1, const char *name2,
891 bool case_sensitive)
892{
893 /* Normal filename handling */
894 if (case_sensitive) {
895 return(strcmp(name1,name2) == 0);
896 }
897
898 return(strequal(name1,name2));
899}
900
901/****************************************************************************
902 Scan a directory to find a filename, matching without case sensitivity.
903 If the name looks like a mangled name then try via the mangling functions
904****************************************************************************/
905
906static int get_real_filename_full_scan(connection_struct *conn,
907 const char *path, const char *name,
908 bool mangled,
909 TALLOC_CTX *mem_ctx, char **found_name)
910{
911 struct smb_Dir *cur_dir;
912 const char *dname = NULL;
913 char *talloced = NULL;
914 char *unmangled_name = NULL;
915 long curpos;
916
917 /* handle null paths */
918 if ((path == NULL) || (*path == 0)) {
919 path = ".";
920 }
921
922 /* If we have a case-sensitive filesystem, it doesn't do us any
923 * good to search for a name. If a case variation of the name was
924 * there, then the original stat(2) would have found it.
925 */
926 if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) {
927 errno = ENOENT;
928 return -1;
929 }
930
931 /*
932 * The incoming name can be mangled, and if we de-mangle it
933 * here it will not compare correctly against the filename (name2)
934 * read from the directory and then mangled by the name_to_8_3()
935 * call. We need to mangle both names or neither.
936 * (JRA).
937 *
938 * Fix for bug found by Dina Fine. If in case sensitive mode then
939 * the mangle cache is no good (3 letter extension could be wrong
940 * case - so don't demangle in this case - leave as mangled and
941 * allow the mangling of the directory entry read (which is done
942 * case insensitively) to match instead. This will lead to more
943 * false positive matches but we fail completely without it. JRA.
944 */
945
946 if (mangled && !conn->case_sensitive) {
947 mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name,
948 &unmangled_name,
949 conn->params);
950 if (!mangled) {
951 /* Name is now unmangled. */
952 name = unmangled_name;
953 }
954 }
955
956 /* open the directory */
957 if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) {
958 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
959 TALLOC_FREE(unmangled_name);
960 return -1;
961 }
962
963 /* now scan for matching names */
964 curpos = 0;
965 while ((dname = ReadDirName(cur_dir, &curpos, NULL, &talloced))) {
966
967 /* Is it dot or dot dot. */
968 if (ISDOT(dname) || ISDOTDOT(dname)) {
969 TALLOC_FREE(talloced);
970 continue;
971 }
972
973 /*
974 * At this point dname is the unmangled name.
975 * name is either mangled or not, depending on the state
976 * of the "mangled" variable. JRA.
977 */
978
979 /*
980 * Check mangled name against mangled name, or unmangled name
981 * against unmangled name.
982 */
983
984 if ((mangled && mangled_equal(name,dname,conn->params)) ||
985 fname_equal(name, dname, conn->case_sensitive)) {
986 /* we've found the file, change it's name and return */
987 *found_name = talloc_strdup(mem_ctx, dname);
988 TALLOC_FREE(unmangled_name);
989 TALLOC_FREE(cur_dir);
990 if (!*found_name) {
991 errno = ENOMEM;
992 TALLOC_FREE(talloced);
993 return -1;
994 }
995 TALLOC_FREE(talloced);
996 return 0;
997 }
998 TALLOC_FREE(talloced);
999 }
1000
1001 TALLOC_FREE(unmangled_name);
1002 TALLOC_FREE(cur_dir);
1003 errno = ENOENT;
1004 return -1;
1005}
1006
1007/****************************************************************************
1008 Wrapper around the vfs get_real_filename and the full directory scan
1009 fallback.
1010****************************************************************************/
1011
1012int get_real_filename(connection_struct *conn, const char *path,
1013 const char *name, TALLOC_CTX *mem_ctx,
1014 char **found_name)
1015{
1016 int ret;
1017 bool mangled;
1018
1019 mangled = mangle_is_mangled(name, conn->params);
1020
1021 if (mangled) {
1022 return get_real_filename_full_scan(conn, path, name, mangled,
1023 mem_ctx, found_name);
1024 }
1025
1026 /* Try the vfs first to take advantage of case-insensitive stat. */
1027 ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name);
1028
1029 /*
1030 * If the case-insensitive stat was successful, or returned an error
1031 * other than EOPNOTSUPP then there is no need to fall back on the
1032 * full directory scan.
1033 */
1034 if (ret == 0 || (ret == -1 && errno != EOPNOTSUPP)) {
1035 return ret;
1036 }
1037
1038 return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx,
1039 found_name);
1040}
1041
1042static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
1043 connection_struct *conn,
1044 const char *orig_path,
1045 struct smb_filename *smb_fname)
1046{
1047 NTSTATUS status;
1048 unsigned int i, num_streams;
1049 struct stream_struct *streams = NULL;
1050
1051 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1052 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1053 return NT_STATUS_OK;
1054 }
1055
1056 if (errno != ENOENT) {
1057 DEBUG(10, ("vfs_stat failed: %s\n", strerror(errno)));
1058 status = map_nt_error_from_unix(errno);
1059 goto fail;
1060 }
1061
1062 /* Fall back to a case-insensitive scan of all streams on the file. */
1063 status = SMB_VFS_STREAMINFO(conn, NULL, smb_fname->base_name, mem_ctx,
1064 &num_streams, &streams);
1065
1066 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1067 SET_STAT_INVALID(smb_fname->st);
1068 return NT_STATUS_OK;
1069 }
1070
1071 if (!NT_STATUS_IS_OK(status)) {
1072 DEBUG(10, ("vfs_streaminfo failed: %s\n", nt_errstr(status)));
1073 goto fail;
1074 }
1075
1076 for (i=0; i<num_streams; i++) {
1077 DEBUG(10, ("comparing [%s] and [%s]: ",
1078 smb_fname->stream_name, streams[i].name));
1079 if (fname_equal(smb_fname->stream_name, streams[i].name,
1080 conn->case_sensitive)) {
1081 DEBUGADD(10, ("equal\n"));
1082 break;
1083 }
1084 DEBUGADD(10, ("not equal\n"));
1085 }
1086
1087 /* Couldn't find the stream. */
1088 if (i == num_streams) {
1089 SET_STAT_INVALID(smb_fname->st);
1090 TALLOC_FREE(streams);
1091 return NT_STATUS_OK;
1092 }
1093
1094 DEBUG(10, ("case insensitive stream. requested: %s, actual: %s\n",
1095 smb_fname->stream_name, streams[i].name));
1096
1097
1098 TALLOC_FREE(smb_fname->stream_name);
1099 smb_fname->stream_name = talloc_strdup(smb_fname, streams[i].name);
1100 if (smb_fname->stream_name == NULL) {
1101 status = NT_STATUS_NO_MEMORY;
1102 goto fail;
1103 }
1104
1105 SET_STAT_INVALID(smb_fname->st);
1106
1107 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1108 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1109 }
1110 status = NT_STATUS_OK;
1111 fail:
1112 TALLOC_FREE(streams);
1113 return status;
1114}
1115
1116/**
1117 * Go through all the steps to validate a filename.
1118 *
1119 * @param ctx talloc_ctx to allocate memory with.
1120 * @param conn connection struct for vfs calls.
1121 * @param dfs_path Whether this path requires dfs resolution.
1122 * @param name_in The unconverted name.
1123 * @param ucf_flags flags to pass through to unix_convert().
1124 * UCF_ALWAYS_ALLOW_WCARD_LCOMP will be OR'd in if
1125 * p_cont_wcard != NULL and is true and
1126 * UCF_COND_ALLOW_WCARD_LCOMP.
1127 * @param p_cont_wcard If not NULL, will be set to true if the dfs path
1128 * resolution detects a wildcard.
1129 * @param pp_smb_fname The final converted name will be allocated if the
1130 * return is NT_STATUS_OK.
1131 *
1132 * @return NT_STATUS_OK if all operations completed succesfully, appropriate
1133 * error otherwise.
1134 */
1135NTSTATUS filename_convert(TALLOC_CTX *ctx,
1136 connection_struct *conn,
1137 bool dfs_path,
1138 const char *name_in,
1139 uint32_t ucf_flags,
1140 bool *ppath_contains_wcard,
1141 struct smb_filename **pp_smb_fname)
1142{
1143 NTSTATUS status;
1144 bool allow_wcards = (ucf_flags & (UCF_COND_ALLOW_WCARD_LCOMP|UCF_ALWAYS_ALLOW_WCARD_LCOMP));
1145 char *fname = NULL;
1146
1147 *pp_smb_fname = NULL;
1148
1149 status = resolve_dfspath_wcard(ctx, conn,
1150 dfs_path,
1151 name_in,
1152 allow_wcards,
1153 &fname,
1154 ppath_contains_wcard);
1155 if (!NT_STATUS_IS_OK(status)) {
1156 DEBUG(10,("filename_convert: resolve_dfspath failed "
1157 "for name %s with %s\n",
1158 name_in,
1159 nt_errstr(status) ));
1160 return status;
1161 }
1162
1163 if (is_fake_file_path(name_in)) {
1164 SMB_STRUCT_STAT st;
1165 ZERO_STRUCT(st);
1166 st.st_ex_nlink = 1;
1167 status = create_synthetic_smb_fname_split(ctx,
1168 name_in,
1169 &st,
1170 pp_smb_fname);
1171 return status;
1172 }
1173
1174 /*
1175 * If the caller conditionally allows wildcard lookups, only add the
1176 * always allow if the path actually does contain a wildcard.
1177 */
1178 if (ucf_flags & UCF_COND_ALLOW_WCARD_LCOMP &&
1179 ppath_contains_wcard != NULL && *ppath_contains_wcard) {
1180 ucf_flags |= UCF_ALWAYS_ALLOW_WCARD_LCOMP;
1181 }
1182
1183 status = unix_convert(ctx, conn, fname, pp_smb_fname, ucf_flags);
1184 if (!NT_STATUS_IS_OK(status)) {
1185 DEBUG(10,("filename_convert: unix_convert failed "
1186 "for name %s with %s\n",
1187 fname,
1188 nt_errstr(status) ));
1189 return status;
1190 }
1191
1192 if ((ucf_flags & UCF_UNIX_NAME_LOOKUP) &&
1193 VALID_STAT((*pp_smb_fname)->st) &&
1194 S_ISLNK((*pp_smb_fname)->st.st_ex_mode)) {
1195 return check_veto_path(conn, (*pp_smb_fname)->base_name);
1196 }
1197
1198 status = check_name(conn, (*pp_smb_fname)->base_name);
1199 if (!NT_STATUS_IS_OK(status)) {
1200 DEBUG(3,("filename_convert: check_name failed "
1201 "for name %s with %s\n",
1202 smb_fname_str_dbg(*pp_smb_fname),
1203 nt_errstr(status) ));
1204 TALLOC_FREE(*pp_smb_fname);
1205 return status;
1206 }
1207
1208 return status;
1209}
Note: See TracBrowser for help on using the repository browser.