source: trunk/server/source3/smbd/filename.c@ 988

Last change on this file since 988 was 862, checked in by Silvan Scherrer, 11 years ago

Samba Server: update trunk to 3.6.23
File size: 35.4 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 filename handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1999-2007
6 Copyright (C) Ying Chen 2000
7 Copyright (C) Volker Lendecke 2007
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21*/
22
23/*
24 * New hash table stat cache code added by Ying Chen.
25 */
26
27#include "includes.h"
28#include "system/filesys.h"
29#include "fake_file.h"
30#include "smbd/smbd.h"
31
32static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
33 connection_struct *conn,
34 const char *orig_path,
35 struct smb_filename *smb_fname);
36
37/****************************************************************************
38 Mangle the 2nd name and check if it is then equal to the first name.
39****************************************************************************/
40
41static bool mangled_equal(const char *name1,
42 const char *name2,
43 const struct share_params *p)
44{
45 char mname[13];
46
47 if (!name_to_8_3(name2, mname, False, p)) {
48 return False;
49 }
50 return strequal(name1, mname);
51}
52
53/****************************************************************************
54 Cope with the differing wildcard and non-wildcard error cases.
55****************************************************************************/
56
57static NTSTATUS determine_path_error(const char *name,
58 bool allow_wcard_last_component)
59{
60 const char *p;
61
62 if (!allow_wcard_last_component) {
63 /* Error code within a pathname. */
64 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
65 }
66
67 /* We're terminating here so we
68 * can be a little slower and get
69 * the error code right. Windows
70 * treats the last part of the pathname
71 * separately I think, so if the last
72 * component is a wildcard then we treat
73 * this ./ as "end of component" */
74
75 p = strchr(name, '/');
76
77 if (!p && (ms_has_wild(name) || ISDOT(name))) {
78 /* Error code at the end of a pathname. */
79 return NT_STATUS_OBJECT_NAME_INVALID;
80 } else {
81 /* Error code within a pathname. */
82 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
83 }
84}
85
86static NTSTATUS check_for_dot_component(const struct smb_filename *smb_fname)
87{
88 /* Ensure we catch all names with in "/."
89 this is disallowed under Windows and
90 in POSIX they've already been removed. */
91 const char *p = strstr(smb_fname->base_name, "/."); /*mb safe*/
92 if (p) {
93 if (p[2] == '/') {
94 /* Error code within a pathname. */
95 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
96 } else if (p[2] == '\0') {
97 /* Error code at the end of a pathname. */
98 return NT_STATUS_OBJECT_NAME_INVALID;
99 }
100 }
101 return NT_STATUS_OK;
102}
103
104/****************************************************************************
105 Optimization for common case where the missing part
106 is in the last component and the client already
107 sent the correct case.
108 Returns NT_STATUS_OK to mean continue the tree walk
109 (possibly with modified start pointer).
110 Any other NT_STATUS_XXX error means terminate the path
111 lookup here.
112****************************************************************************/
113
114static NTSTATUS check_parent_exists(TALLOC_CTX *ctx,
115 connection_struct *conn,
116 bool posix_pathnames,
117 const struct smb_filename *smb_fname,
118 char **pp_dirpath,
119 char **pp_start)
120{
121 struct smb_filename parent_fname;
122 const char *last_component = NULL;
123 NTSTATUS status;
124 int ret;
125
126 ZERO_STRUCT(parent_fname);
127 if (!parent_dirname(ctx, smb_fname->base_name,
128 &parent_fname.base_name,
129 &last_component)) {
130 return NT_STATUS_NO_MEMORY;
131 }
132
133 /*
134 * If there was no parent component in
135 * smb_fname->base_name of the parent name
136 * contained a wildcard then don't do this
137 * optimization.
138 */
139 if ((smb_fname->base_name == last_component) ||
140 ms_has_wild(parent_fname.base_name)) {
141 return NT_STATUS_OK;
142 }
143
144 if (posix_pathnames) {
145 ret = SMB_VFS_LSTAT(conn, &parent_fname);
146 } else {
147 ret = SMB_VFS_STAT(conn, &parent_fname);
148 }
149
150 /* If the parent stat failed, just continue
151 with the normal tree walk. */
152
153 if (ret == -1) {
154 return NT_STATUS_OK;
155 }
156
157 status = check_for_dot_component(&parent_fname);
158 if (!NT_STATUS_IS_OK(status)) {
159 return status;
160 }
161
162 /* Parent exists - set "start" to be the
163 * last compnent to shorten the tree walk. */
164
165 /*
166 * Safe to use CONST_DISCARD
167 * here as last_component points
168 * into our smb_fname->base_name.
169 */
170 *pp_start = CONST_DISCARD(char *,last_component);
171
172 /* Update dirpath. */
173 TALLOC_FREE(*pp_dirpath);
174 *pp_dirpath = talloc_strdup(ctx, parent_fname.base_name);
175 if (!*pp_dirpath) {
176 return NT_STATUS_NO_MEMORY;
177 }
178
179 DEBUG(5,("check_parent_exists: name "
180 "= %s, dirpath = %s, "
181 "start = %s\n",
182 smb_fname->base_name,
183 *pp_dirpath,
184 *pp_start));
185
186 return NT_STATUS_OK;
187}
188
189/****************************************************************************
190This routine is called to convert names from the dos namespace to unix
191namespace. It needs to handle any case conversions, mangling, format changes,
192streams etc.
193
194We assume that we have already done a chdir() to the right "root" directory
195for this service.
196
197The function will return an NTSTATUS error if some part of the name except for
198the last part cannot be resolved, else NT_STATUS_OK.
199
200Note NT_STATUS_OK doesn't mean the name exists or is valid, just that we
201didn't get any fatal errors that should immediately terminate the calling SMB
202processing whilst resolving.
203
204If the UCF_SAVE_LCOMP flag is passed in, then the unmodified last component
205of the pathname is set in smb_filename->original_lcomp.
206
207If UCF_ALWAYS_ALLOW_WCARD_LCOMP is passed in, then a MS wildcard was detected
208and should be allowed in the last component of the path only.
209
210If the orig_path was a stream, smb_filename->base_name will point to the base
211filename, and smb_filename->stream_name will point to the stream name. If
212orig_path was not a stream, then smb_filename->stream_name will be NULL.
213
214On exit from unix_convert, the smb_filename->st stat struct will be populated
215if the file exists and was found, if not this stat struct will be filled with
216zeros (and this can be detected by checking for nlinks = 0, which can never be
217true for any file).
218****************************************************************************/
219
220NTSTATUS unix_convert(TALLOC_CTX *ctx,
221 connection_struct *conn,
222 const char *orig_path,
223 struct smb_filename **smb_fname_out,
224 uint32_t ucf_flags)
225{
226 struct smb_filename *smb_fname = NULL;
227 char *start, *end;
228 char *dirpath = NULL;
229 char *stream = NULL;
230 bool component_was_mangled = False;
231 bool name_has_wildcard = False;
232 bool posix_pathnames = false;
233 bool allow_wcard_last_component =
234 (ucf_flags & UCF_ALWAYS_ALLOW_WCARD_LCOMP);
235 bool save_last_component = ucf_flags & UCF_SAVE_LCOMP;
236 NTSTATUS status;
237 int ret = -1;
238
239 *smb_fname_out = NULL;
240
241 smb_fname = talloc_zero(ctx, struct smb_filename);
242 if (smb_fname == NULL) {
243 return NT_STATUS_NO_MEMORY;
244 }
245
246 if (conn->printer) {
247 /* we don't ever use the filenames on a printer share as a
248 filename - so don't convert them */
249 if (!(smb_fname->base_name = talloc_strdup(smb_fname,
250 orig_path))) {
251 status = NT_STATUS_NO_MEMORY;
252 goto err;
253 }
254 goto done;
255 }
256
257 DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path));
258
259 /*
260 * Conversion to basic unix format is already done in
261 * check_path_syntax().
262 */
263
264 /*
265 * Names must be relative to the root of the service - any leading /.
266 * and trailing /'s should have been trimmed by check_path_syntax().
267 */
268
269#ifdef DEVELOPER
270 SMB_ASSERT(*orig_path != '/');
271#endif
272
273 /*
274 * If we trimmed down to a single '\0' character
275 * then we should use the "." directory to avoid
276 * searching the cache, but not if we are in a
277 * printing share.
278 * As we know this is valid we can return true here.
279 */
280
281 if (!*orig_path) {
282 if (!(smb_fname->base_name = talloc_strdup(smb_fname, "."))) {
283 status = NT_STATUS_NO_MEMORY;
284 goto err;
285 }
286 if (SMB_VFS_STAT(conn, smb_fname) != 0) {
287 status = map_nt_error_from_unix(errno);
288 goto err;
289 }
290 DEBUG(5, ("conversion finished \"\" -> %s\n",
291 smb_fname->base_name));
292 goto done;
293 }
294
295 if (orig_path[0] == '.' && (orig_path[1] == '/' ||
296 orig_path[1] == '\0')) {
297 /* Start of pathname can't be "." only. */
298 if (orig_path[1] == '\0' || orig_path[2] == '\0') {
299 status = NT_STATUS_OBJECT_NAME_INVALID;
300 } else {
301 status =determine_path_error(&orig_path[2],
302 allow_wcard_last_component);
303 }
304 goto err;
305 }
306
307 /* Start with the full orig_path as given by the caller. */
308 if (!(smb_fname->base_name = talloc_strdup(smb_fname, orig_path))) {
309 DEBUG(0, ("talloc_strdup failed\n"));
310 status = NT_STATUS_NO_MEMORY;
311 goto err;
312 }
313
314 /*
315 * Large directory fix normalization. If we're case sensitive, and
316 * the case preserving parameters are set to "no", normalize the case of
317 * the incoming filename from the client WHETHER IT EXISTS OR NOT !
318 * This is in conflict with the current (3.0.20) man page, but is
319 * what people expect from the "large directory howto". I'll update
320 * the man page. Thanks to jht@samba.org for finding this. JRA.
321 */
322
323 if (conn->case_sensitive && !conn->case_preserve &&
324 !conn->short_case_preserve) {
325 strnorm(smb_fname->base_name, lp_defaultcase(SNUM(conn)));
326 }
327
328 /*
329 * Ensure saved_last_component is valid even if file exists.
330 */
331
332 if(save_last_component) {
333 end = strrchr_m(smb_fname->base_name, '/');
334 if (end) {
335 smb_fname->original_lcomp = talloc_strdup(smb_fname,
336 end + 1);
337 } else {
338 smb_fname->original_lcomp =
339 talloc_strdup(smb_fname, smb_fname->base_name);
340 }
341 if (smb_fname->original_lcomp == NULL) {
342 status = NT_STATUS_NO_MEMORY;
343 goto err;
344 }
345 }
346
347 posix_pathnames = (lp_posix_pathnames() ||
348 (ucf_flags & UCF_POSIX_PATHNAMES));
349
350 /*
351 * Strip off the stream, and add it back when we're done with the
352 * base_name.
353 */
354 if (!posix_pathnames) {
355 stream = strchr_m(smb_fname->base_name, ':');
356
357 if (stream != NULL) {
358 char *tmp = talloc_strdup(smb_fname, stream);
359 if (tmp == NULL) {
360 status = NT_STATUS_NO_MEMORY;
361 goto err;
362 }
363 /*
364 * Since this is actually pointing into
365 * smb_fname->base_name this truncates base_name.
366 */
367 *stream = '\0';
368 stream = tmp;
369 }
370 }
371
372 start = smb_fname->base_name;
373
374 /*
375 * If we're providing case insensitive semantics or
376 * the underlying filesystem is case insensitive,
377 * then a case-normalized hit in the stat-cache is
378 * authoratitive. JRA.
379 *
380 * Note: We're only checking base_name. The stream_name will be
381 * added and verified in build_stream_path().
382 */
383
384 if((!conn->case_sensitive || !(conn->fs_capabilities &
385 FILE_CASE_SENSITIVE_SEARCH)) &&
386 stat_cache_lookup(conn, posix_pathnames, &smb_fname->base_name, &dirpath, &start,
387 &smb_fname->st)) {
388 goto done;
389 }
390
391 /*
392 * Make sure "dirpath" is an allocated string, we use this for
393 * building the directories with talloc_asprintf and free it.
394 */
395
396 if ((dirpath == NULL) && (!(dirpath = talloc_strdup(ctx,"")))) {
397 DEBUG(0, ("talloc_strdup failed\n"));
398 status = NT_STATUS_NO_MEMORY;
399 goto err;
400 }
401
402 /*
403 * If we have a wildcard we must walk the path to
404 * find where the error is, even if case sensitive
405 * is true.
406 */
407
408 name_has_wildcard = ms_has_wild(smb_fname->base_name);
409 if (name_has_wildcard && !allow_wcard_last_component) {
410 /* Wildcard not valid anywhere. */
411 status = NT_STATUS_OBJECT_NAME_INVALID;
412 goto fail;
413 }
414
415 DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
416 smb_fname->base_name, dirpath, start));
417
418 if (!name_has_wildcard) {
419 /*
420 * stat the name - if it exists then we can add the stream back (if
421 * there was one) and be done!
422 */
423
424 if (posix_pathnames) {
425 ret = SMB_VFS_LSTAT(conn, smb_fname);
426 } else {
427 ret = SMB_VFS_STAT(conn, smb_fname);
428 }
429
430 if (ret == 0) {
431 status = check_for_dot_component(smb_fname);
432 if (!NT_STATUS_IS_OK(status)) {
433 goto fail;
434 }
435 /* Add the path (not including the stream) to the cache. */
436 stat_cache_add(orig_path, smb_fname->base_name,
437 conn->case_sensitive);
438 DEBUG(5,("conversion of base_name finished %s -> %s\n",
439 orig_path, smb_fname->base_name));
440 goto done;
441 }
442
443 /* Stat failed - ensure we don't use it. */
444 SET_STAT_INVALID(smb_fname->st);
445
446 if (errno == ENOENT) {
447 /* Optimization when creating a new file - only
448 the last component doesn't exist.
449 NOTE : check_parent_exists() doesn't preserve errno.
450 */
451 int saved_errno = errno;
452 status = check_parent_exists(ctx,
453 conn,
454 posix_pathnames,
455 smb_fname,
456 &dirpath,
457 &start);
458 errno = saved_errno;
459 if (!NT_STATUS_IS_OK(status)) {
460 goto fail;
461 }
462 }
463
464 /*
465 * A special case - if we don't have any wildcards or mangling chars and are case
466 * sensitive or the underlying filesystem is case insensitive then searching
467 * won't help.
468 */
469
470 if ((conn->case_sensitive || !(conn->fs_capabilities &
471 FILE_CASE_SENSITIVE_SEARCH)) &&
472 !mangle_is_mangled(smb_fname->base_name, conn->params)) {
473
474 status = check_for_dot_component(smb_fname);
475 if (!NT_STATUS_IS_OK(status)) {
476 goto fail;
477 }
478
479 /*
480 * The stat failed. Could be ok as it could be
481 * a new file.
482 */
483
484 if (errno == ENOTDIR || errno == ELOOP) {
485 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
486 goto fail;
487 } else if (errno == ENOENT) {
488 /*
489 * Was it a missing last component ?
490 * or a missing intermediate component ?
491 */
492 struct smb_filename parent_fname;
493 const char *last_component = NULL;
494
495 ZERO_STRUCT(parent_fname);
496 if (!parent_dirname(ctx, smb_fname->base_name,
497 &parent_fname.base_name,
498 &last_component)) {
499 status = NT_STATUS_NO_MEMORY;
500 goto fail;
501 }
502 if (posix_pathnames) {
503 ret = SMB_VFS_LSTAT(conn, &parent_fname);
504 } else {
505 ret = SMB_VFS_STAT(conn, &parent_fname);
506 }
507 if (ret == -1) {
508 if (errno == ENOTDIR ||
509 errno == ENOENT ||
510 errno == ELOOP) {
511 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
512 goto fail;
513 }
514 }
515
516 /*
517 * Missing last component is ok - new file.
518 * Also deal with permission denied elsewhere.
519 * Just drop out to done.
520 */
521 goto done;
522 }
523 }
524 } else {
525 /*
526 * We have a wildcard in the pathname.
527 *
528 * Optimization for common case where the wildcard
529 * is in the last component and the client already
530 * sent the correct case.
531 * NOTE : check_parent_exists() doesn't preserve errno.
532 */
533 int saved_errno = errno;
534 status = check_parent_exists(ctx,
535 conn,
536 posix_pathnames,
537 smb_fname,
538 &dirpath,
539 &start);
540 errno = saved_errno;
541 if (!NT_STATUS_IS_OK(status)) {
542 goto fail;
543 }
544 }
545
546 /*
547 * is_mangled() was changed to look at an entire pathname, not
548 * just a component. JRA.
549 */
550
551 if (mangle_is_mangled(start, conn->params)) {
552 component_was_mangled = True;
553 }
554
555 /*
556 * Now we need to recursively match the name against the real
557 * directory structure.
558 */
559
560 /*
561 * Match each part of the path name separately, trying the names
562 * as is first, then trying to scan the directory for matching names.
563 */
564
565 for (; start ; start = (end?end+1:(char *)NULL)) {
566 /*
567 * Pinpoint the end of this section of the filename.
568 */
569 /* mb safe. '/' can't be in any encoded char. */
570 end = strchr(start, '/');
571
572 /*
573 * Chop the name at this point.
574 */
575 if (end) {
576 *end = 0;
577 }
578
579 if (save_last_component) {
580 TALLOC_FREE(smb_fname->original_lcomp);
581 smb_fname->original_lcomp = talloc_strdup(smb_fname,
582 end ? end + 1 : start);
583 if (!smb_fname->original_lcomp) {
584 DEBUG(0, ("talloc failed\n"));
585 status = NT_STATUS_NO_MEMORY;
586 goto err;
587 }
588 }
589
590 /* The name cannot have a component of "." */
591
592 if (ISDOT(start)) {
593 if (!end) {
594 /* Error code at the end of a pathname. */
595 status = NT_STATUS_OBJECT_NAME_INVALID;
596 } else {
597 status = determine_path_error(end+1,
598 allow_wcard_last_component);
599 }
600 goto fail;
601 }
602
603 /* The name cannot have a wildcard if it's not
604 the last component. */
605
606 name_has_wildcard = ms_has_wild(start);
607
608 /* Wildcards never valid within a pathname. */
609 if (name_has_wildcard && end) {
610 status = NT_STATUS_OBJECT_NAME_INVALID;
611 goto fail;
612 }
613
614 /* Skip the stat call if it's a wildcard end. */
615 if (name_has_wildcard) {
616 DEBUG(5,("Wildcard %s\n",start));
617 goto done;
618 }
619
620 /*
621 * Check if the name exists up to this point.
622 */
623
624 if (posix_pathnames) {
625 ret = SMB_VFS_LSTAT(conn, smb_fname);
626 } else {
627 ret = SMB_VFS_STAT(conn, smb_fname);
628 }
629
630 if (ret == 0) {
631 /*
632 * It exists. it must either be a directory or this must
633 * be the last part of the path for it to be OK.
634 */
635 if (end && !S_ISDIR(smb_fname->st.st_ex_mode)) {
636 /*
637 * An intermediate part of the name isn't
638 * a directory.
639 */
640 DEBUG(5,("Not a dir %s\n",start));
641 *end = '/';
642 /*
643 * We need to return the fact that the
644 * intermediate name resolution failed. This
645 * is used to return an error of ERRbadpath
646 * rather than ERRbadfile. Some Windows
647 * applications depend on the difference between
648 * these two errors.
649 */
650 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
651 goto fail;
652 }
653
654 } else {
655 char *found_name = NULL;
656
657 /* Stat failed - ensure we don't use it. */
658 SET_STAT_INVALID(smb_fname->st);
659
660 /*
661 * Reset errno so we can detect
662 * directory open errors.
663 */
664 errno = 0;
665
666 /*
667 * Try to find this part of the path in the directory.
668 */
669
670 if (name_has_wildcard ||
671 (get_real_filename(conn, dirpath, start,
672 talloc_tos(),
673 &found_name) == -1)) {
674 char *unmangled;
675
676 if (end) {
677 /*
678 * An intermediate part of the name
679 * can't be found.
680 */
681 DEBUG(5,("Intermediate not found %s\n",
682 start));
683 *end = '/';
684
685 /*
686 * We need to return the fact that the
687 * intermediate name resolution failed.
688 * This is used to return an error of
689 * ERRbadpath rather than ERRbadfile.
690 * Some Windows applications depend on
691 * the difference between these two
692 * errors.
693 */
694
695 /*
696 * ENOENT, ENOTDIR and ELOOP all map
697 * to NT_STATUS_OBJECT_PATH_NOT_FOUND
698 * in the filename walk.
699 */
700
701 if (errno == ENOENT ||
702 errno == ENOTDIR ||
703 errno == ELOOP) {
704 status =
705 NT_STATUS_OBJECT_PATH_NOT_FOUND;
706 }
707 else {
708 status =
709 map_nt_error_from_unix(errno);
710 }
711 goto fail;
712 }
713
714 /*
715 * ENOENT/EACCESS are the only valid errors
716 * here.
717 */
718 if (errno == EACCES) {
719 if (ucf_flags & UCF_CREATING_FILE) {
720 /*
721 * This is the dropbox
722 * behaviour. A dropbox is a
723 * directory with only -wx
724 * permissions, so
725 * get_real_filename fails
726 * with EACCESS, it needs to
727 * list the directory. We
728 * nevertheless want to allow
729 * users creating a file.
730 */
731 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
732 } else {
733 status = NT_STATUS_ACCESS_DENIED;
734 }
735 goto fail;
736 }
737
738 if ((errno != 0) && (errno != ENOENT)) {
739 /*
740 * ENOTDIR and ELOOP both map to
741 * NT_STATUS_OBJECT_PATH_NOT_FOUND
742 * in the filename walk.
743 */
744 if (errno == ENOTDIR ||
745 errno == ELOOP) {
746 status =
747 NT_STATUS_OBJECT_PATH_NOT_FOUND;
748 } else {
749 status =
750 map_nt_error_from_unix(errno);
751 }
752 goto fail;
753 }
754
755 /*
756 * Just the last part of the name doesn't exist.
757 * We need to strupper() or strlower() it as
758 * this conversion may be used for file creation
759 * purposes. Fix inspired by
760 * Thomas Neumann <t.neumann@iku-ag.de>.
761 */
762 if (!conn->case_preserve ||
763 (mangle_is_8_3(start, False,
764 conn->params) &&
765 !conn->short_case_preserve)) {
766 strnorm(start,
767 lp_defaultcase(SNUM(conn)));
768 }
769
770 /*
771 * check on the mangled stack to see if we can
772 * recover the base of the filename.
773 */
774
775 if (mangle_is_mangled(start, conn->params)
776 && mangle_lookup_name_from_8_3(ctx,
777 start,
778 &unmangled,
779 conn->params)) {
780 char *tmp;
781 size_t start_ofs =
782 start - smb_fname->base_name;
783
784 if (*dirpath != '\0') {
785 tmp = talloc_asprintf(
786 smb_fname, "%s/%s",
787 dirpath, unmangled);
788 TALLOC_FREE(unmangled);
789 }
790 else {
791 tmp = unmangled;
792 }
793 if (tmp == NULL) {
794 DEBUG(0, ("talloc failed\n"));
795 status = NT_STATUS_NO_MEMORY;
796 goto err;
797 }
798 TALLOC_FREE(smb_fname->base_name);
799 smb_fname->base_name = tmp;
800 start =
801 smb_fname->base_name + start_ofs;
802 end = start + strlen(start);
803 }
804
805 DEBUG(5,("New file %s\n",start));
806 goto done;
807 }
808
809
810 /*
811 * Restore the rest of the string. If the string was
812 * mangled the size may have changed.
813 */
814 if (end) {
815 char *tmp;
816 size_t start_ofs =
817 start - smb_fname->base_name;
818
819 if (*dirpath != '\0') {
820 tmp = talloc_asprintf(smb_fname,
821 "%s/%s/%s", dirpath,
822 found_name, end+1);
823 }
824 else {
825 tmp = talloc_asprintf(smb_fname,
826 "%s/%s", found_name,
827 end+1);
828 }
829 if (tmp == NULL) {
830 DEBUG(0, ("talloc_asprintf failed\n"));
831 status = NT_STATUS_NO_MEMORY;
832 goto err;
833 }
834 TALLOC_FREE(smb_fname->base_name);
835 smb_fname->base_name = tmp;
836 start = smb_fname->base_name + start_ofs;
837 end = start + strlen(found_name);
838 *end = '\0';
839 } else {
840 char *tmp;
841 size_t start_ofs =
842 start - smb_fname->base_name;
843
844 if (*dirpath != '\0') {
845 tmp = talloc_asprintf(smb_fname,
846 "%s/%s", dirpath,
847 found_name);
848 } else {
849 tmp = talloc_strdup(smb_fname,
850 found_name);
851 }
852 if (tmp == NULL) {
853 DEBUG(0, ("talloc failed\n"));
854 status = NT_STATUS_NO_MEMORY;
855 goto err;
856 }
857 TALLOC_FREE(smb_fname->base_name);
858 smb_fname->base_name = tmp;
859 start = smb_fname->base_name + start_ofs;
860
861 /*
862 * We just scanned for, and found the end of
863 * the path. We must return a valid stat struct
864 * if it exists. JRA.
865 */
866
867 if (posix_pathnames) {
868 ret = SMB_VFS_LSTAT(conn, smb_fname);
869 } else {
870 ret = SMB_VFS_STAT(conn, smb_fname);
871 }
872
873 if (ret != 0) {
874 SET_STAT_INVALID(smb_fname->st);
875 }
876 }
877
878 TALLOC_FREE(found_name);
879 } /* end else */
880
881#ifdef DEVELOPER
882 /*
883 * This sucks!
884 * We should never provide different behaviors
885 * depending on DEVELOPER!!!
886 */
887 if (VALID_STAT(smb_fname->st)) {
888 bool delete_pending;
889 uint32_t name_hash;
890
891 status = file_name_hash(conn,
892 smb_fname_str_dbg(smb_fname),
893 &name_hash);
894 if (!NT_STATUS_IS_OK(status)) {
895 goto fail;
896 }
897
898 get_file_infos(vfs_file_id_from_sbuf(conn,
899 &smb_fname->st),
900 name_hash,
901 &delete_pending, NULL);
902 if (delete_pending) {
903 status = NT_STATUS_DELETE_PENDING;
904 goto fail;
905 }
906 }
907#endif
908
909 /*
910 * Add to the dirpath that we have resolved so far.
911 */
912
913 if (*dirpath != '\0') {
914 char *tmp = talloc_asprintf(ctx,
915 "%s/%s", dirpath, start);
916 if (!tmp) {
917 DEBUG(0, ("talloc_asprintf failed\n"));
918 status = NT_STATUS_NO_MEMORY;
919 goto err;
920 }
921 TALLOC_FREE(dirpath);
922 dirpath = tmp;
923 }
924 else {
925 TALLOC_FREE(dirpath);
926 if (!(dirpath = talloc_strdup(ctx,start))) {
927 DEBUG(0, ("talloc_strdup failed\n"));
928 status = NT_STATUS_NO_MEMORY;
929 goto err;
930 }
931 }
932
933 /*
934 * Cache the dirpath thus far. Don't cache a name with mangled
935 * or wildcard components as this can change the size.
936 */
937 if(!component_was_mangled && !name_has_wildcard) {
938 stat_cache_add(orig_path, dirpath,
939 conn->case_sensitive);
940 }
941
942 /*
943 * Restore the / that we wiped out earlier.
944 */
945 if (end) {
946 *end = '/';
947 }
948 }
949
950 /*
951 * Cache the full path. Don't cache a name with mangled or wildcard
952 * components as this can change the size.
953 */
954
955 if(!component_was_mangled && !name_has_wildcard) {
956 stat_cache_add(orig_path, smb_fname->base_name,
957 conn->case_sensitive);
958 }
959
960 /*
961 * The name has been resolved.
962 */
963
964 DEBUG(5,("conversion finished %s -> %s\n", orig_path,
965 smb_fname->base_name));
966
967 done:
968 /* Add back the stream if one was stripped off originally. */
969 if (stream != NULL) {
970 smb_fname->stream_name = stream;
971
972 /* Check path now that the base_name has been converted. */
973 status = build_stream_path(ctx, conn, orig_path, smb_fname);
974 if (!NT_STATUS_IS_OK(status)) {
975 goto fail;
976 }
977 }
978 TALLOC_FREE(dirpath);
979 *smb_fname_out = smb_fname;
980 return NT_STATUS_OK;
981 fail:
982 DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath, start));
983 if (*dirpath != '\0') {
984 smb_fname->base_name = talloc_asprintf(smb_fname, "%s/%s",
985 dirpath, start);
986 } else {
987 smb_fname->base_name = talloc_strdup(smb_fname, start);
988 }
989 if (!smb_fname->base_name) {
990 DEBUG(0, ("talloc_asprintf failed\n"));
991 status = NT_STATUS_NO_MEMORY;
992 goto err;
993 }
994
995 *smb_fname_out = smb_fname;
996 TALLOC_FREE(dirpath);
997 return status;
998 err:
999 TALLOC_FREE(smb_fname);
1000 return status;
1001}
1002
1003/****************************************************************************
1004 Ensure a path is not vetod.
1005****************************************************************************/
1006
1007NTSTATUS check_veto_path(connection_struct *conn, const char *name)
1008{
1009 if (IS_VETO_PATH(conn, name)) {
1010 /* Is it not dot or dot dot. */
1011 if (!(ISDOT(name) || ISDOTDOT(name))) {
1012 DEBUG(5,("check_veto_path: file path name %s vetoed\n",
1013 name));
1014 return map_nt_error_from_unix(ENOENT);
1015 }
1016 }
1017 return NT_STATUS_OK;
1018}
1019
1020/****************************************************************************
1021 Check a filename - possibly calling check_reduced_name.
1022 This is called by every routine before it allows an operation on a filename.
1023 It does any final confirmation necessary to ensure that the filename is
1024 a valid one for the user to access.
1025****************************************************************************/
1026
1027NTSTATUS check_name(connection_struct *conn, const char *name)
1028{
1029 NTSTATUS status = check_veto_path(conn, name);
1030
1031 if (!NT_STATUS_IS_OK(status)) {
1032 return status;
1033 }
1034
1035 if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
1036 status = check_reduced_name(conn,name);
1037 if (!NT_STATUS_IS_OK(status)) {
1038 DEBUG(5,("check_name: name %s failed with %s\n",name,
1039 nt_errstr(status)));
1040 return status;
1041 }
1042 }
1043
1044 return NT_STATUS_OK;
1045}
1046
1047/****************************************************************************
1048 Check if two filenames are equal.
1049 This needs to be careful about whether we are case sensitive.
1050****************************************************************************/
1051
1052static bool fname_equal(const char *name1, const char *name2,
1053 bool case_sensitive)
1054{
1055 /* Normal filename handling */
1056 if (case_sensitive) {
1057 return(strcmp(name1,name2) == 0);
1058 }
1059
1060 return(strequal(name1,name2));
1061}
1062
1063/****************************************************************************
1064 Scan a directory to find a filename, matching without case sensitivity.
1065 If the name looks like a mangled name then try via the mangling functions
1066****************************************************************************/
1067
1068static int get_real_filename_full_scan(connection_struct *conn,
1069 const char *path, const char *name,
1070 bool mangled,
1071 TALLOC_CTX *mem_ctx, char **found_name)
1072{
1073 struct smb_Dir *cur_dir;
1074 const char *dname = NULL;
1075 char *talloced = NULL;
1076 char *unmangled_name = NULL;
1077 long curpos;
1078
1079 /* handle null paths */
1080 if ((path == NULL) || (*path == 0)) {
1081 path = ".";
1082 }
1083
1084 /* If we have a case-sensitive filesystem, it doesn't do us any
1085 * good to search for a name. If a case variation of the name was
1086 * there, then the original stat(2) would have found it.
1087 */
1088 if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) {
1089 errno = ENOENT;
1090 return -1;
1091 }
1092
1093 /*
1094 * The incoming name can be mangled, and if we de-mangle it
1095 * here it will not compare correctly against the filename (name2)
1096 * read from the directory and then mangled by the name_to_8_3()
1097 * call. We need to mangle both names or neither.
1098 * (JRA).
1099 *
1100 * Fix for bug found by Dina Fine. If in case sensitive mode then
1101 * the mangle cache is no good (3 letter extension could be wrong
1102 * case - so don't demangle in this case - leave as mangled and
1103 * allow the mangling of the directory entry read (which is done
1104 * case insensitively) to match instead. This will lead to more
1105 * false positive matches but we fail completely without it. JRA.
1106 */
1107
1108 if (mangled && !conn->case_sensitive) {
1109 mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name,
1110 &unmangled_name,
1111 conn->params);
1112 if (!mangled) {
1113 /* Name is now unmangled. */
1114 name = unmangled_name;
1115 }
1116 }
1117
1118 /* open the directory */
1119 if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) {
1120 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
1121 TALLOC_FREE(unmangled_name);
1122 return -1;
1123 }
1124
1125 /* now scan for matching names */
1126 curpos = 0;
1127 while ((dname = ReadDirName(cur_dir, &curpos, NULL, &talloced))) {
1128
1129 /* Is it dot or dot dot. */
1130 if (ISDOT(dname) || ISDOTDOT(dname)) {
1131 TALLOC_FREE(talloced);
1132 continue;
1133 }
1134
1135 /*
1136 * At this point dname is the unmangled name.
1137 * name is either mangled or not, depending on the state
1138 * of the "mangled" variable. JRA.
1139 */
1140
1141 /*
1142 * Check mangled name against mangled name, or unmangled name
1143 * against unmangled name.
1144 */
1145
1146 if ((mangled && mangled_equal(name,dname,conn->params)) ||
1147 fname_equal(name, dname, conn->case_sensitive)) {
1148 /* we've found the file, change it's name and return */
1149 *found_name = talloc_strdup(mem_ctx, dname);
1150 TALLOC_FREE(unmangled_name);
1151 TALLOC_FREE(cur_dir);
1152 if (!*found_name) {
1153 errno = ENOMEM;
1154 TALLOC_FREE(talloced);
1155 return -1;
1156 }
1157 TALLOC_FREE(talloced);
1158 return 0;
1159 }
1160 TALLOC_FREE(talloced);
1161 }
1162
1163 TALLOC_FREE(unmangled_name);
1164 TALLOC_FREE(cur_dir);
1165 errno = ENOENT;
1166 return -1;
1167}
1168
1169/****************************************************************************
1170 Wrapper around the vfs get_real_filename and the full directory scan
1171 fallback.
1172****************************************************************************/
1173
1174int get_real_filename(connection_struct *conn, const char *path,
1175 const char *name, TALLOC_CTX *mem_ctx,
1176 char **found_name)
1177{
1178 int ret;
1179 bool mangled;
1180
1181 mangled = mangle_is_mangled(name, conn->params);
1182
1183 if (mangled) {
1184 return get_real_filename_full_scan(conn, path, name, mangled,
1185 mem_ctx, found_name);
1186 }
1187
1188 /* Try the vfs first to take advantage of case-insensitive stat. */
1189 ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name);
1190
1191 /*
1192 * If the case-insensitive stat was successful, or returned an error
1193 * other than EOPNOTSUPP then there is no need to fall back on the
1194 * full directory scan.
1195 */
1196 if (ret == 0 || (ret == -1 && errno != EOPNOTSUPP)) {
1197 return ret;
1198 }
1199
1200 return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx,
1201 found_name);
1202}
1203
1204static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
1205 connection_struct *conn,
1206 const char *orig_path,
1207 struct smb_filename *smb_fname)
1208{
1209 NTSTATUS status;
1210 unsigned int i, num_streams = 0;
1211 struct stream_struct *streams = NULL;
1212
1213 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1214 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1215 return NT_STATUS_OK;
1216 }
1217
1218 if (errno != ENOENT) {
1219 DEBUG(10, ("vfs_stat failed: %s\n", strerror(errno)));
1220 status = map_nt_error_from_unix(errno);
1221 goto fail;
1222 }
1223
1224 /* Fall back to a case-insensitive scan of all streams on the file. */
1225 status = vfs_streaminfo(conn, NULL, smb_fname->base_name, mem_ctx,
1226 &num_streams, &streams);
1227
1228 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1229 SET_STAT_INVALID(smb_fname->st);
1230 return NT_STATUS_OK;
1231 }
1232
1233 if (!NT_STATUS_IS_OK(status)) {
1234 DEBUG(10, ("vfs_streaminfo failed: %s\n", nt_errstr(status)));
1235 goto fail;
1236 }
1237
1238 for (i=0; i<num_streams; i++) {
1239 DEBUG(10, ("comparing [%s] and [%s]: ",
1240 smb_fname->stream_name, streams[i].name));
1241 if (fname_equal(smb_fname->stream_name, streams[i].name,
1242 conn->case_sensitive)) {
1243 DEBUGADD(10, ("equal\n"));
1244 break;
1245 }
1246 DEBUGADD(10, ("not equal\n"));
1247 }
1248
1249 /* Couldn't find the stream. */
1250 if (i == num_streams) {
1251 SET_STAT_INVALID(smb_fname->st);
1252 TALLOC_FREE(streams);
1253 return NT_STATUS_OK;
1254 }
1255
1256 DEBUG(10, ("case insensitive stream. requested: %s, actual: %s\n",
1257 smb_fname->stream_name, streams[i].name));
1258
1259
1260 TALLOC_FREE(smb_fname->stream_name);
1261 smb_fname->stream_name = talloc_strdup(smb_fname, streams[i].name);
1262 if (smb_fname->stream_name == NULL) {
1263 status = NT_STATUS_NO_MEMORY;
1264 goto fail;
1265 }
1266
1267 SET_STAT_INVALID(smb_fname->st);
1268
1269 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1270 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1271 }
1272 status = NT_STATUS_OK;
1273 fail:
1274 TALLOC_FREE(streams);
1275 return status;
1276}
1277
1278/**
1279 * Go through all the steps to validate a filename.
1280 *
1281 * @param ctx talloc_ctx to allocate memory with.
1282 * @param conn connection struct for vfs calls.
1283 * @param dfs_path Whether this path requires dfs resolution.
1284 * @param name_in The unconverted name.
1285 * @param ucf_flags flags to pass through to unix_convert().
1286 * UCF_ALWAYS_ALLOW_WCARD_LCOMP will be OR'd in if
1287 * p_cont_wcard != NULL and is true and
1288 * UCF_COND_ALLOW_WCARD_LCOMP.
1289 * @param p_cont_wcard If not NULL, will be set to true if the dfs path
1290 * resolution detects a wildcard.
1291 * @param pp_smb_fname The final converted name will be allocated if the
1292 * return is NT_STATUS_OK.
1293 *
1294 * @return NT_STATUS_OK if all operations completed succesfully, appropriate
1295 * error otherwise.
1296 */
1297NTSTATUS filename_convert(TALLOC_CTX *ctx,
1298 connection_struct *conn,
1299 bool dfs_path,
1300 const char *name_in,
1301 uint32_t ucf_flags,
1302 bool *ppath_contains_wcard,
1303 struct smb_filename **pp_smb_fname)
1304{
1305 NTSTATUS status;
1306 bool allow_wcards = (ucf_flags & (UCF_COND_ALLOW_WCARD_LCOMP|UCF_ALWAYS_ALLOW_WCARD_LCOMP));
1307 char *fname = NULL;
1308
1309 *pp_smb_fname = NULL;
1310
1311 status = resolve_dfspath_wcard(ctx, conn,
1312 dfs_path,
1313 name_in,
1314 allow_wcards,
1315 &fname,
1316 ppath_contains_wcard);
1317 if (!NT_STATUS_IS_OK(status)) {
1318 DEBUG(10,("filename_convert: resolve_dfspath failed "
1319 "for name %s with %s\n",
1320 name_in,
1321 nt_errstr(status) ));
1322 return status;
1323 }
1324
1325 if (is_fake_file_path(name_in)) {
1326 SMB_STRUCT_STAT st;
1327 ZERO_STRUCT(st);
1328 st.st_ex_nlink = 1;
1329 status = create_synthetic_smb_fname_split(ctx,
1330 name_in,
1331 &st,
1332 pp_smb_fname);
1333 return status;
1334 }
1335
1336 /*
1337 * If the caller conditionally allows wildcard lookups, only add the
1338 * always allow if the path actually does contain a wildcard.
1339 */
1340 if (ucf_flags & UCF_COND_ALLOW_WCARD_LCOMP &&
1341 ppath_contains_wcard != NULL && *ppath_contains_wcard) {
1342 ucf_flags |= UCF_ALWAYS_ALLOW_WCARD_LCOMP;
1343 }
1344
1345 status = unix_convert(ctx, conn, fname, pp_smb_fname, ucf_flags);
1346 if (!NT_STATUS_IS_OK(status)) {
1347 DEBUG(10,("filename_convert: unix_convert failed "
1348 "for name %s with %s\n",
1349 fname,
1350 nt_errstr(status) ));
1351 return status;
1352 }
1353
1354 if ((ucf_flags & UCF_UNIX_NAME_LOOKUP) &&
1355 VALID_STAT((*pp_smb_fname)->st) &&
1356 S_ISLNK((*pp_smb_fname)->st.st_ex_mode)) {
1357 return check_veto_path(conn, (*pp_smb_fname)->base_name);
1358 }
1359
1360 status = check_name(conn, (*pp_smb_fname)->base_name);
1361 if (!NT_STATUS_IS_OK(status)) {
1362 DEBUG(3,("filename_convert: check_name failed "
1363 "for name %s with %s\n",
1364 smb_fname_str_dbg(*pp_smb_fname),
1365 nt_errstr(status) ));
1366 TALLOC_FREE(*pp_smb_fname);
1367 return status;
1368 }
1369
1370 return status;
1371}
Note: See TracBrowser for help on using the repository browser.