#include "ntioctl.h"
#include "lib/util/tevent_unix.h"
#include "lib/util/tevent_ntstatus.h"
+#include "lib/util/sys_rw.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
return True;
}
+ if (lp_widelinks(SNUM(conn))) {
+ /*
+ * As the widelinks logic is now moving into a
+ * vfs_widelinks module, we need to custom load
+ * it after the default module is initialized.
+ * That way no changes to smb.conf files are
+ * needed.
+ */
+ bool ok = vfs_init_custom(conn, "widelinks");
+ if (!ok) {
+ DBG_ERR("widelinks enabled and vfs_init_custom "
+ "failed for vfs_widelinks module\n");
+ return false;
+ }
+ }
+
vfs_objects = lp_vfs_objects(SNUM(conn));
/* Override VFS functions if 'vfs object' was not specified*/
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
+bool vfs_valid_pread_range(off_t offset, size_t length)
+{
+ return sys_valid_io_range(offset, length);
+}
+
+bool vfs_valid_pwrite_range(off_t offset, size_t length)
+{
+ /*
+ * See MAXFILESIZE in [MS-FSA] 2.1.5.3 Server Requests a Write
+ */
+ static const uint64_t maxfilesize = 0xfffffff0000;
+ uint64_t last_byte_ofs;
+ bool ok;
+
+ ok = sys_valid_io_range(offset, length);
+ if (!ok) {
+ return false;
+ }
+
+ if (length == 0) {
+ return true;
+ }
+
+ last_byte_ofs = offset + length;
+ if (last_byte_ofs > maxfilesize) {
+ return false;
+ }
+
+ return true;
+}
+
ssize_t vfs_pwrite_data(struct smb_request *req,
files_struct *fsp,
const char *buffer,
{
size_t total=0;
ssize_t ret;
+ bool ok;
+
+ ok = vfs_valid_pwrite_range(offset, N);
+ if (!ok) {
+ errno = EINVAL;
+ return -1;
+ }
if (req && req->unread_bytes) {
int sockfd = req->xconn->transport.sock;
uint64_t space_avail;
uint64_t bsize,dfree,dsize;
NTSTATUS status;
+ bool ok;
/*
* Actually try and commit the space on disk....
DEBUG(10,("vfs_allocate_file_space: file %s, len %.0f\n",
fsp_str_dbg(fsp), (double)len));
- if (((off_t)len) < 0) {
- DEBUG(0,("vfs_allocate_file_space: %s negative len "
+ ok = vfs_valid_pwrite_range((off_t)len, 0);
+ if (!ok) {
+ DEBUG(0,("vfs_allocate_file_space: %s negative/invalid len "
"requested.\n", fsp_str_dbg(fsp)));
errno = EINVAL;
return -1;
contend_level2_oplocks_begin(fsp, LEVEL2_CONTEND_ALLOC_SHRINK);
- flush_write_cache(fsp, SAMBA_SIZECHANGE_FLUSH);
- if ((ret = SMB_VFS_FTRUNCATE(fsp, (off_t)len)) != -1) {
- set_filelen_write_cache(fsp, len);
- }
+ ret = SMB_VFS_FTRUNCATE(fsp, (off_t)len);
contend_level2_oplocks_end(fsp, LEVEL2_CONTEND_ALLOC_SHRINK);
int vfs_set_filelen(files_struct *fsp, off_t len)
{
int ret;
+ bool ok;
+
+ ok = vfs_valid_pwrite_range(len, 0);
+ if (!ok) {
+ errno = EINVAL;
+ return -1;
+ }
contend_level2_oplocks_begin(fsp, LEVEL2_CONTEND_SET_FILE_LEN);
DEBUG(10,("vfs_set_filelen: ftruncate %s to len %.0f\n",
fsp_str_dbg(fsp), (double)len));
- flush_write_cache(fsp, SAMBA_SIZECHANGE_FLUSH);
if ((ret = SMB_VFS_FTRUNCATE(fsp, len)) != -1) {
- set_filelen_write_cache(fsp, len);
notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
FILE_NOTIFY_CHANGE_SIZE
| FILE_NOTIFY_CHANGE_ATTRIBUTES,
{
ssize_t pwrite_ret;
size_t total = 0;
+ bool ok;
+
+ ok = vfs_valid_pwrite_range(offset, len);
+ if (!ok) {
+ errno = EINVAL;
+ return -1;
+ }
if (!sparse_buf) {
sparse_buf = SMB_CALLOC_ARRAY(char, SPARSE_BUF_WRITE_SIZE);
NTSTATUS status;
off_t offset;
size_t num_to_write;
+ bool ok;
+
+ ok = vfs_valid_pwrite_range(len, 0);
+ if (!ok) {
+ errno = EINVAL;
+ return -1;
+ }
status = vfs_stat_fsp(fsp);
if (!NT_STATUS_IS_OK(status)) {
contend_level2_oplocks_begin(fsp, LEVEL2_CONTEND_FILL_SPARSE);
- flush_write_cache(fsp, SAMBA_SIZECHANGE_FLUSH);
-
offset = fsp->fsp_name->st.st_ex_size;
num_to_write = len - fsp->fsp_name->st.st_ex_size;
out:
- if (ret == 0) {
- set_filelen_write_cache(fsp, len);
- }
-
contend_level2_oplocks_end(fsp, LEVEL2_CONTEND_FILL_SPARSE);
return ret;
}
+/*******************************************************************************
+ Set a fd into blocking/nonblocking mode through VFS
+*******************************************************************************/
+
+int vfs_set_blocking(files_struct *fsp, bool set)
+{
+ int val;
+#ifdef O_NONBLOCK
+#define FLAG_TO_SET O_NONBLOCK
+#else
+#ifdef SYSV
+#define FLAG_TO_SET O_NDELAY
+#else /* BSD */
+#define FLAG_TO_SET FNDELAY
+#endif
+#endif
+ val = SMB_VFS_FCNTL(fsp, F_GETFL, 0);
+ if (val == -1) {
+ return -1;
+ }
+
+ if (set) {
+ val &= ~FLAG_TO_SET;
+ } else {
+ val |= FLAG_TO_SET;
+ }
+
+ return SMB_VFS_FCNTL(fsp, F_SETFL, val);
+#undef FLAG_TO_SET
+}
+
/****************************************************************************
Transfer some data (n bytes) between two file_struct's.
****************************************************************************/
goto nocache;
}
- smb_fname_dot = synthetic_smb_fname(ctx, ".", NULL, NULL, 0);
+ smb_fname_dot = synthetic_smb_fname(ctx,
+ ".",
+ NULL,
+ NULL,
+ 0,
+ 0);
if (smb_fname_dot == NULL) {
errno = ENOMEM;
goto out;
TALLOC_CTX *ctx = talloc_tos();
const char *conn_rootdir;
size_t rootdir_len;
- char *dir_name = NULL;
char *resolved_name = NULL;
- const char *last_component = NULL;
struct smb_filename *resolved_fname = NULL;
struct smb_filename *saved_dir_fname = NULL;
struct smb_filename *smb_fname_cwd = NULL;
- struct privilege_paths *priv_paths = NULL;
int ret;
+ struct smb_filename *parent_name = NULL;
+ struct smb_filename *file_name = NULL;
+ bool ok;
DEBUG(3,("check_reduced_name_with_privilege [%s] [%s]\n",
smb_fname->base_name,
conn->connectpath));
- priv_paths = talloc_zero(smbreq, struct privilege_paths);
- if (!priv_paths) {
- status = NT_STATUS_NO_MEMORY;
- goto err;
- }
-
- if (!parent_dirname(ctx, smb_fname->base_name,
- &dir_name, &last_component)) {
- status = NT_STATUS_NO_MEMORY;
- goto err;
- }
-
- priv_paths->parent_name.base_name = talloc_strdup(priv_paths, dir_name);
- priv_paths->file_name.base_name = talloc_strdup(priv_paths, last_component);
-
- if (priv_paths->parent_name.base_name == NULL ||
- priv_paths->file_name.base_name == NULL) {
+ ok = parent_smb_fname(ctx,
+ smb_fname,
+ &parent_name,
+ &file_name);
+ if (!ok) {
status = NT_STATUS_NO_MEMORY;
goto err;
}
- if (SMB_VFS_STAT(conn, &priv_paths->parent_name) != 0) {
+ if (SMB_VFS_STAT(conn, parent_name) != 0) {
status = map_nt_error_from_unix(errno);
goto err;
}
goto err;
}
- if (vfs_ChDir(conn, &priv_paths->parent_name) == -1) {
+ if (vfs_ChDir(conn, parent_name) == -1) {
status = map_nt_error_from_unix(errno);
goto err;
}
- smb_fname_cwd = synthetic_smb_fname(talloc_tos(), ".", NULL, NULL, 0);
+ smb_fname_cwd = synthetic_smb_fname(talloc_tos(),
+ ".",
+ NULL,
+ NULL,
+ parent_name->twrp,
+ 0);
if (smb_fname_cwd == NULL) {
status = NT_STATUS_NO_MEMORY;
goto err;
goto err;
}
- DEBUG(10,("check_reduced_name_with_privilege: realpath [%s] -> [%s]\n",
- priv_paths->parent_name.base_name,
- resolved_name));
+ DBG_DEBUG("realpath [%s] -> [%s]\n",
+ smb_fname_str_dbg(parent_name),
+ resolved_name);
/* Now check the stat value is the same. */
if (SMB_VFS_LSTAT(conn, smb_fname_cwd) != 0) {
}
/* Ensure we're pointing at the same place. */
- if (!check_same_stat(&smb_fname_cwd->st, &priv_paths->parent_name.st)) {
- DEBUG(0,("check_reduced_name_with_privilege: "
- "device/inode/uid/gid on directory %s changed. "
+ if (!check_same_stat(&smb_fname_cwd->st, &parent_name->st)) {
+ DBG_ERR("device/inode/uid/gid on directory %s changed. "
"Denying access !\n",
- priv_paths->parent_name.base_name));
+ smb_fname_str_dbg(parent_name));
status = NT_STATUS_ACCESS_DENIED;
goto err;
}
if (!matched || (resolved_name[rootdir_len] != '/' &&
resolved_name[rootdir_len] != '\0')) {
- DEBUG(2, ("check_reduced_name_with_privilege: Bad "
- "access attempt: %s is a symlink outside the "
- "share path\n",
- dir_name));
- DEBUGADD(2, ("conn_rootdir =%s\n", conn_rootdir));
- DEBUGADD(2, ("resolved_name=%s\n", resolved_name));
+ DBG_WARNING("%s is a symlink outside the "
+ "share path\n",
+ smb_fname_str_dbg(parent_name));
+ DEBUGADD(1, ("conn_rootdir =%s\n", conn_rootdir));
+ DEBUGADD(1, ("resolved_name=%s\n", resolved_name));
status = NT_STATUS_ACCESS_DENIED;
goto err;
}
/* Now ensure that the last component either doesn't
exist, or is *NOT* a symlink. */
- ret = SMB_VFS_LSTAT(conn, &priv_paths->file_name);
+ ret = SMB_VFS_LSTAT(conn, file_name);
if (ret == -1) {
/* Errno must be ENOENT for this be ok. */
if (errno != ENOENT) {
status = map_nt_error_from_unix(errno);
- DEBUG(2, ("check_reduced_name_with_privilege: "
- "LSTAT on %s failed with %s\n",
- priv_paths->file_name.base_name,
- nt_errstr(status)));
+ DBG_WARNING("LSTAT on %s failed with %s\n",
+ smb_fname_str_dbg(file_name),
+ nt_errstr(status));
goto err;
}
}
- if (VALID_STAT(priv_paths->file_name.st) &&
- S_ISLNK(priv_paths->file_name.st.st_ex_mode)) {
- DEBUG(2, ("check_reduced_name_with_privilege: "
- "Last component %s is a symlink. Denying"
- "access.\n",
- priv_paths->file_name.base_name));
+ if (VALID_STAT(file_name->st) &&
+ S_ISLNK(file_name->st.st_ex_mode))
+ {
+ DBG_WARNING("Last component %s is a symlink. Denying"
+ "access.\n",
+ smb_fname_str_dbg(file_name));
status = NT_STATUS_ACCESS_DENIED;
goto err;
}
- smbreq->priv_paths = priv_paths;
status = NT_STATUS_OK;
err:
TALLOC_FREE(saved_dir_fname);
}
TALLOC_FREE(resolved_fname);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(priv_paths);
- }
- TALLOC_FREE(dir_name);
+ TALLOC_FREE(parent_name);
return status;
}
char *resolved_name = NULL;
char *new_fname = NULL;
bool allow_symlinks = true;
- bool allow_widelinks = false;
+ const char *conn_rootdir;
+ size_t rootdir_len;
+ bool ok;
DBG_DEBUG("check_reduced_name [%s] [%s]\n", fname, conn->connectpath);
return NT_STATUS_OBJECT_PATH_NOT_FOUND;
case ENOENT:
{
- char *dir_name = NULL;
- struct smb_filename dir_fname = {0};
- const char *last_component = NULL;
+ struct smb_filename *dir_fname = NULL;
+ struct smb_filename *last_component = NULL;
/* Last component didn't exist.
Remove it and try and canonicalise
the directory name. */
- if (!parent_dirname(ctx, fname,
- &dir_name,
- &last_component)) {
+
+ ok = parent_smb_fname(ctx,
+ smb_fname,
+ &dir_fname,
+ &last_component);
+ if (!ok) {
return NT_STATUS_NO_MEMORY;
}
- dir_fname = (struct smb_filename)
- { .base_name = dir_name };
resolved_fname = SMB_VFS_REALPATH(conn,
ctx,
- &dir_fname);
+ dir_fname);
if (resolved_fname == NULL) {
NTSTATUS status = map_nt_error_from_unix(errno);
DEBUG(3,("check_reduce_name: "
"couldn't get realpath for "
"%s (%s)\n",
- fname,
+ smb_fname_str_dbg(dir_fname),
nt_errstr(status)));
return status;
}
resolved_name = talloc_asprintf(ctx,
"%s/%s",
resolved_fname->base_name,
- last_component);
+ last_component->base_name);
if (resolved_name == NULL) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OBJECT_NAME_INVALID;
}
- allow_widelinks = lp_widelinks(SNUM(conn));
- allow_symlinks = lp_follow_symlinks(SNUM(conn));
-
/* Common widelinks and symlinks checks. */
- if (!allow_widelinks || !allow_symlinks) {
- const char *conn_rootdir;
- size_t rootdir_len;
-
- conn_rootdir = SMB_VFS_CONNECTPATH(conn, smb_fname);
- if (conn_rootdir == NULL) {
- DEBUG(2, ("check_reduced_name: Could not get "
- "conn_rootdir\n"));
+ conn_rootdir = SMB_VFS_CONNECTPATH(conn, smb_fname);
+ if (conn_rootdir == NULL) {
+ DBG_NOTICE("Could not get conn_rootdir\n");
+ TALLOC_FREE(resolved_fname);
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ rootdir_len = strlen(conn_rootdir);
+
+ /*
+ * In the case of rootdir_len == 1, we know that
+ * conn_rootdir is "/", and we also know that
+ * resolved_name starts with a slash. So, in this
+ * corner case, resolved_name is automatically a
+ * sub-directory of the conn_rootdir. Thus we can skip
+ * the string comparison and the next character checks
+ * (which are even wrong in this case).
+ */
+ if (rootdir_len != 1) {
+ bool matched;
+
+ matched = (strncmp(conn_rootdir, resolved_name,
+ rootdir_len) == 0);
+ if (!matched || (resolved_name[rootdir_len] != '/' &&
+ resolved_name[rootdir_len] != '\0')) {
+ DBG_NOTICE("Bad access attempt: %s is a symlink "
+ "outside the "
+ "share path\n"
+ "conn_rootdir =%s\n"
+ "resolved_name=%s\n",
+ fname,
+ conn_rootdir,
+ resolved_name);
TALLOC_FREE(resolved_fname);
return NT_STATUS_ACCESS_DENIED;
}
+ }
- rootdir_len = strlen(conn_rootdir);
+ /* Extra checks if all symlinks are disallowed. */
+ allow_symlinks = lp_follow_symlinks(SNUM(conn));
+ if (!allow_symlinks) {
+ /* fname can't have changed in resolved_path. */
+ const char *p = &resolved_name[rootdir_len];
/*
- * In the case of rootdir_len == 1, we know that
- * conn_rootdir is "/", and we also know that
- * resolved_name starts with a slash. So, in this
- * corner case, resolved_name is automatically a
- * sub-directory of the conn_rootdir. Thus we can skip
- * the string comparison and the next character checks
- * (which are even wrong in this case).
+ * UNIX filesystem semantics, names consisting
+ * only of "." or ".." CANNOT be symlinks.
*/
- if (rootdir_len != 1) {
- bool matched;
-
- matched = (strncmp(conn_rootdir, resolved_name,
- rootdir_len) == 0);
- if (!matched || (resolved_name[rootdir_len] != '/' &&
- resolved_name[rootdir_len] != '\0')) {
- DEBUG(2, ("check_reduced_name: Bad access "
- "attempt: %s is a symlink outside the "
- "share path\n", fname));
- DEBUGADD(2, ("conn_rootdir =%s\n",
- conn_rootdir));
- DEBUGADD(2, ("resolved_name=%s\n",
- resolved_name));
- TALLOC_FREE(resolved_fname);
- return NT_STATUS_ACCESS_DENIED;
- }
+ if (ISDOT(fname) || ISDOTDOT(fname)) {
+ goto out;
}
- /* Extra checks if all symlinks are disallowed. */
- if (!allow_symlinks) {
- /* fname can't have changed in resolved_path. */
- const char *p = &resolved_name[rootdir_len];
+ if (*p != '/') {
+ DBG_NOTICE("logic error (%c) "
+ "in resolved_name: %s\n",
+ *p,
+ fname);
+ TALLOC_FREE(resolved_fname);
+ return NT_STATUS_ACCESS_DENIED;
+ }
- /*
- * UNIX filesystem semantics, names consisting
- * only of "." or ".." CANNOT be symlinks.
- */
- if (ISDOT(fname) || ISDOTDOT(fname)) {
- goto out;
- }
+ p++;
- if (*p != '/') {
- DEBUG(2, ("check_reduced_name: logic error (%c) "
- "in resolved_name: %s\n",
- *p,
- fname));
+ /*
+ * If cwd_name is present and not ".",
+ * then fname is relative to that, not
+ * the root of the share. Make sure the
+ * path we check is the one the client
+ * sent (cwd_name+fname).
+ */
+ if (cwd_name != NULL && !ISDOT(cwd_name)) {
+ new_fname = talloc_asprintf(ctx,
+ "%s/%s",
+ cwd_name,
+ fname);
+ if (new_fname == NULL) {
TALLOC_FREE(resolved_fname);
- return NT_STATUS_ACCESS_DENIED;
- }
-
- p++;
-
- /*
- * If cwd_name is present and not ".",
- * then fname is relative to that, not
- * the root of the share. Make sure the
- * path we check is the one the client
- * sent (cwd_name+fname).
- */
- if (cwd_name != NULL && !ISDOT(cwd_name)) {
- new_fname = talloc_asprintf(ctx,
- "%s/%s",
- cwd_name,
- fname);
- if (new_fname == NULL) {
- TALLOC_FREE(resolved_fname);
- return NT_STATUS_NO_MEMORY;
- }
- fname = new_fname;
+ return NT_STATUS_NO_MEMORY;
}
+ fname = new_fname;
+ }
- if (strcmp(fname, p)!=0) {
- DEBUG(2, ("check_reduced_name: Bad access "
- "attempt: %s is a symlink to %s\n",
- fname, p));
- TALLOC_FREE(resolved_fname);
- TALLOC_FREE(new_fname);
- return NT_STATUS_ACCESS_DENIED;
- }
+ if (strcmp(fname, p)!=0) {
+ DBG_NOTICE("Bad access "
+ "attempt: %s is a symlink to %s\n",
+ fname,
+ p);
+ TALLOC_FREE(resolved_fname);
+ TALLOC_FREE(new_fname);
+ return NT_STATUS_ACCESS_DENIED;
}
}
{
struct smb_filename smb_fname = {
.base_name = discard_const_p(char, smb_fname_in->base_name),
- .flags = smb_fname_in->flags
+ .flags = smb_fname_in->flags,
+ .twrp = smb_fname_in->twrp,
};
int ret;
return NT_STATUS_OK;
}
+void init_smb_file_time(struct smb_file_time *ft)
+{
+ *ft = (struct smb_file_time) {
+ .atime = make_omit_timespec(),
+ .ctime = make_omit_timespec(),
+ .mtime = make_omit_timespec(),
+ .create_time = make_omit_timespec()
+ };
+}
+
/**
* Initialize num_streams and streams, then call VFS op streaminfo
*/
return SMB_VFS_FILE_ID_CREATE(conn, sbuf);
}
+NTSTATUS vfs_at_fspcwd(TALLOC_CTX *mem_ctx,
+ struct connection_struct *conn,
+ struct files_struct **_fsp)
+{
+ struct files_struct *fsp = NULL;
+
+ fsp = talloc_zero(mem_ctx, struct files_struct);
+ if (fsp == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ fsp->fsp_name = synthetic_smb_fname(fsp, ".", NULL, NULL, 0, 0);
+ if (fsp->fsp_name == NULL) {
+ TALLOC_FREE(fsp);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ fsp->fh = talloc_zero(fsp, struct fd_handle);
+ if (fsp->fh == NULL) {
+ TALLOC_FREE(fsp);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ fsp->fh->fd = AT_FDCWD;
+ fsp->fnum = FNUM_FIELD_INVALID;
+ fsp->conn = conn;
+
+ *_fsp = fsp;
+ return NT_STATUS_OK;
+}
+
int smb_vfs_call_connect(struct vfs_handle_struct *handle,
const char *service, const char *user)
{
return handle->fns->get_dfs_referrals_fn(handle, r);
}
-DIR *smb_vfs_call_opendir(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- const char *mask,
- uint32_t attributes)
+NTSTATUS smb_vfs_call_create_dfs_pathat(struct vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ const struct referral *reflist,
+ size_t referral_count)
+{
+ VFS_FIND(create_dfs_pathat);
+ return handle->fns->create_dfs_pathat_fn(handle,
+ dirfsp,
+ smb_fname,
+ reflist,
+ referral_count);
+}
+
+NTSTATUS smb_vfs_call_read_dfs_pathat(struct vfs_handle_struct *handle,
+ TALLOC_CTX *mem_ctx,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ struct referral **ppreflist,
+ size_t *preferral_count)
{
- VFS_FIND(opendir);
- return handle->fns->opendir_fn(handle, smb_fname, mask, attributes);
+ VFS_FIND(read_dfs_pathat);
+ return handle->fns->read_dfs_pathat_fn(handle,
+ mem_ctx,
+ dirfsp,
+ smb_fname,
+ ppreflist,
+ preferral_count);
}
DIR *smb_vfs_call_fdopendir(struct vfs_handle_struct *handle,
mode);
}
-int smb_vfs_call_rmdir(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname)
-{
- VFS_FIND(rmdir);
- return handle->fns->rmdir_fn(handle, smb_fname);
-}
-
int smb_vfs_call_closedir(struct vfs_handle_struct *handle,
DIR *dir)
{
return handle->fns->closedir_fn(handle, dir);
}
-int smb_vfs_call_open(struct vfs_handle_struct *handle,
- struct smb_filename *smb_fname, struct files_struct *fsp,
- int flags, mode_t mode)
+int smb_vfs_call_openat(struct vfs_handle_struct *handle,
+ const struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ struct files_struct *fsp,
+ int flags,
+ mode_t mode)
{
- VFS_FIND(open);
- return handle->fns->open_fn(handle, smb_fname, fsp, flags, mode);
+ VFS_FIND(openat);
+ return handle->fns->openat_fn(handle,
+ dirfsp,
+ smb_fname,
+ fsp,
+ flags,
+ mode);
}
NTSTATUS smb_vfs_call_create_file(struct vfs_handle_struct *handle,
struct smb_request *req,
- uint16_t root_dir_fid,
+ struct files_struct **dirfsp,
struct smb_filename *smb_fname,
uint32_t access_mask,
uint32_t share_access,
{
VFS_FIND(create_file);
return handle->fns->create_file_fn(
- handle, req, root_dir_fid, smb_fname, access_mask,
- share_access, create_disposition, create_options,
+ handle, req, dirfsp, smb_fname,
+ access_mask, share_access, create_disposition, create_options,
file_attributes, oplock_request, lease, allocation_size,
private_flags, sd, ea_list,
result, pinfo, in_context_blobs, out_context_blobs);
return handle->fns->fchmod_fn(handle, fsp, mode);
}
-int smb_vfs_call_chown(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- uid_t uid,
- gid_t gid)
-{
- VFS_FIND(chown);
- return handle->fns->chown_fn(handle, smb_fname, uid, gid);
-}
-
int smb_vfs_call_fchown(struct vfs_handle_struct *handle,
struct files_struct *fsp, uid_t uid, gid_t gid)
{
return handle->fns->lchown_fn(handle, smb_fname, uid, gid);
}
-NTSTATUS vfs_chown_fsp(files_struct *fsp, uid_t uid, gid_t gid)
-{
- int ret;
- bool as_root = false;
- NTSTATUS status;
-
- if (fsp->fh->fd != -1) {
- /* Try fchown. */
- ret = SMB_VFS_FCHOWN(fsp, uid, gid);
- if (ret == 0) {
- return NT_STATUS_OK;
- }
- if (ret == -1 && errno != ENOSYS) {
- return map_nt_error_from_unix(errno);
- }
- }
-
- as_root = (geteuid() == 0);
-
- if (as_root) {
- /*
- * We are being asked to chown as root. Make
- * sure we chdir() into the path to pin it,
- * and always act using lchown to ensure we
- * don't deref any symbolic links.
- */
- char *parent_dir = NULL;
- const char *final_component = NULL;
- struct smb_filename *local_smb_fname = NULL;
- struct smb_filename parent_dir_fname = {0};
- struct smb_filename *saved_dir_fname = NULL;
-
- saved_dir_fname = vfs_GetWd(talloc_tos(),fsp->conn);
- if (!saved_dir_fname) {
- status = map_nt_error_from_unix(errno);
- DEBUG(0,("vfs_chown_fsp: failed to get "
- "current working directory. Error was %s\n",
- strerror(errno)));
- return status;
- }
-
- if (!parent_dirname(talloc_tos(),
- fsp->fsp_name->base_name,
- &parent_dir,
- &final_component)) {
- return NT_STATUS_NO_MEMORY;
- }
-
- parent_dir_fname = (struct smb_filename) {
- .base_name = parent_dir,
- .flags = fsp->fsp_name->flags
- };
-
- /* cd into the parent dir to pin it. */
- ret = vfs_ChDir(fsp->conn, &parent_dir_fname);
- if (ret == -1) {
- return map_nt_error_from_unix(errno);
- }
-
- local_smb_fname = synthetic_smb_fname(talloc_tos(),
- final_component,
- NULL,
- NULL,
- fsp->fsp_name->flags);
- if (local_smb_fname == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto out;
- }
-
- /* Must use lstat here. */
- ret = SMB_VFS_LSTAT(fsp->conn, local_smb_fname);
- if (ret == -1) {
- status = map_nt_error_from_unix(errno);
- goto out;
- }
-
- /* Ensure it matches the fsp stat. */
- if (!check_same_stat(&local_smb_fname->st,
- &fsp->fsp_name->st)) {
- status = NT_STATUS_ACCESS_DENIED;
- goto out;
- }
-
- ret = SMB_VFS_LCHOWN(fsp->conn,
- local_smb_fname,
- uid, gid);
-
- if (ret == 0) {
- status = NT_STATUS_OK;
- } else {
- status = map_nt_error_from_unix(errno);
- }
-
- out:
-
- vfs_ChDir(fsp->conn, saved_dir_fname);
- TALLOC_FREE(local_smb_fname);
- TALLOC_FREE(saved_dir_fname);
- TALLOC_FREE(parent_dir);
-
- return status;
- }
-
- if (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) {
- ret = SMB_VFS_LCHOWN(fsp->conn,
- fsp->fsp_name,
- uid, gid);
- } else {
- ret = SMB_VFS_CHOWN(fsp->conn,
- fsp->fsp_name,
- uid, gid);
- }
-
- if (ret == 0) {
- status = NT_STATUS_OK;
- } else {
- status = map_nt_error_from_unix(errno);
- }
- return status;
-}
-
int smb_vfs_call_chdir(struct vfs_handle_struct *handle,
const struct smb_filename *smb_fname)
{
access_mask);
}
+int smb_vfs_call_fcntl(struct vfs_handle_struct *handle,
+ struct files_struct *fsp, int cmd, ...)
+{
+ int result;
+ va_list cmd_arg;
+
+ VFS_FIND(fcntl);
+
+ va_start(cmd_arg, cmd);
+ result = handle->fns->fcntl_fn(handle, fsp, cmd, cmd_arg);
+ va_end(cmd_arg);
+
+ return result;
+}
+
int smb_vfs_call_linux_setlease(struct vfs_handle_struct *handle,
struct files_struct *fsp, int leasetype)
{
}
int smb_vfs_call_symlinkat(struct vfs_handle_struct *handle,
- const char *link_target,
+ const struct smb_filename *link_target,
struct files_struct *dirfsp,
const struct smb_filename *new_smb_fname)
{
}
int smb_vfs_call_get_real_filename(struct vfs_handle_struct *handle,
- const char *path, const char *name,
- TALLOC_CTX *mem_ctx, char **found_name)
+ const struct smb_filename *path,
+ const char *name,
+ TALLOC_CTX *mem_ctx,
+ char **found_name)
{
VFS_FIND(get_real_filename);
return handle->fns->get_real_filename_fn(handle, path, name, mem_ctx,
mem_ctx, ppdesc);
}
-NTSTATUS smb_vfs_call_get_nt_acl(struct vfs_handle_struct *handle,
- const struct smb_filename *smb_fname,
- uint32_t security_info,
- TALLOC_CTX *mem_ctx,
- struct security_descriptor **ppdesc)
+NTSTATUS smb_vfs_call_get_nt_acl_at(struct vfs_handle_struct *handle,
+ struct files_struct *dirfsp,
+ const struct smb_filename *smb_fname,
+ uint32_t security_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **ppdesc)
{
- VFS_FIND(get_nt_acl);
- return handle->fns->get_nt_acl_fn(handle,
+ VFS_FIND(get_nt_acl_at);
+ return handle->fns->get_nt_acl_at_fn(handle,
+ dirfsp,
smb_fname,
security_info,
mem_ctx,