#include "smbd/smbd.h"
#include "smbd/globals.h"
#include "libcli/security/security.h"
+#include "lib/util/bitmap.h"
/*
This module implements directory related functions for Samba.
struct smb_Dir {
connection_struct *conn;
- SMB_STRUCT_DIR *dir;
+ DIR *dir;
long offset;
char *dir_path;
size_t name_cache_size;
char *path;
bool has_wild; /* Set to true if the wcard entry has MS wildcard characters in it. */
bool did_stat; /* Optimisation for non-wcard searches. */
+ bool priv; /* Directory handle opened with privilege. */
};
static struct smb_Dir *OpenDir_fsp(TALLOC_CTX *mem_ctx, connection_struct *conn,
char *buf,
const char *mask,
const char *fname,
- SMB_OFF_T size,
+ off_t size,
uint32 mode,
time_t date,
bool uc)
dptr->wcard, dptr->attr))) {
DEBUG(4,("dptr_get: Failed to open %s (%s)\n",dptr->path,
strerror(errno)));
- return False;
+ return NULL;
}
}
DLIST_PROMOTE(sconn->searches.dirptrs,dptr);
Get the dir path for a dir index.
****************************************************************************/
-char *dptr_path(struct smbd_server_connection *sconn, int key)
+const char *dptr_path(struct smbd_server_connection *sconn, int key)
{
struct dptr_struct *dptr = dptr_get(sconn, key, false);
if (dptr)
Get the dir wcard for a dir index.
****************************************************************************/
-char *dptr_wcard(struct smbd_server_connection *sconn, int key)
+const char *dptr_wcard(struct smbd_server_connection *sconn, int key)
{
struct dptr_struct *dptr = dptr_get(sconn, key, false);
if (dptr)
done:
TALLOC_FREE(dptr->dir_hnd);
-
- /* Lanman 2 specific code */
- SAFE_FREE(dptr->wcard);
- SAFE_FREE(dptr->path);
- SAFE_FREE(dptr);
+ TALLOC_FREE(dptr);
}
/****************************************************************************
}
}
+/****************************************************************************
+ Safely do an OpenDir as root, ensuring we're in the right place.
+****************************************************************************/
+
+static struct smb_Dir *open_dir_with_privilege(connection_struct *conn,
+ struct smb_request *req,
+ const char *path,
+ const char *wcard,
+ uint32_t attr)
+{
+ NTSTATUS status;
+ struct smb_Dir *dir_hnd = NULL;
+ struct smb_filename *smb_fname_cwd = NULL;
+ char *saved_dir = vfs_GetWd(talloc_tos(), conn);
+ struct privilege_paths *priv_paths = req->priv_paths;
+ int ret;
+
+ if (saved_dir == NULL) {
+ return NULL;
+ }
+
+ if (vfs_ChDir(conn, path) == -1) {
+ return NULL;
+ }
+
+ /* Now check the stat value is the same. */
+ status = create_synthetic_smb_fname(talloc_tos(), ".",
+ NULL, NULL,
+ &smb_fname_cwd);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
+ }
+ ret = SMB_VFS_STAT(conn, smb_fname_cwd);
+ if (ret != 0) {
+ goto out;
+ }
+
+ if (!check_same_stat(&smb_fname_cwd->st, &priv_paths->parent_name.st)) {
+ DEBUG(0,("open_dir_with_privilege: stat mismatch between %s "
+ "and %s\n",
+ path,
+ smb_fname_str_dbg(&priv_paths->parent_name)));
+ goto out;
+ }
+
+ dir_hnd = OpenDir(NULL, conn, ".", wcard, attr);
+
+ out:
+
+ vfs_ChDir(conn, saved_dir);
+ return dir_hnd;
+}
+
/****************************************************************************
Create a new dir ptr. If the flag old_handle is true then we must allocate
from the bitmap range 0 - 255 as old SMBsearch directory handles are only
wcard must not be zero.
****************************************************************************/
-NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp,
+NTSTATUS dptr_create(connection_struct *conn,
+ struct smb_request *req,
+ files_struct *fsp,
const char *path, bool old_handle, bool expect_close,uint16 spid,
const char *wcard, bool wcard_has_wild, uint32 attr, struct dptr_struct **dptr_ret)
{
struct smbd_server_connection *sconn = conn->sconn;
struct dptr_struct *dptr = NULL;
struct smb_Dir *dir_hnd;
- NTSTATUS status;
if (fsp && fsp->is_directory && fsp->fh->fd != -1) {
path = fsp->fsp_name->base_name;
}
if (fsp) {
+ if (!(fsp->access_mask & SEC_DIR_LIST)) {
+ DEBUG(5,("dptr_create: directory %s "
+ "not open for LIST access\n",
+ path));
+ return NT_STATUS_ACCESS_DENIED;
+ }
dir_hnd = OpenDir_fsp(NULL, conn, fsp, wcard, attr);
} else {
- status = check_name(conn,path);
+ int ret;
+ struct smb_filename *smb_dname = NULL;
+ NTSTATUS status = create_synthetic_smb_fname(talloc_tos(),
+ path,
+ NULL,
+ NULL,
+ &smb_dname);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (lp_posix_pathnames()) {
+ ret = SMB_VFS_LSTAT(conn, smb_dname);
+ } else {
+ ret = SMB_VFS_STAT(conn, smb_dname);
+ }
+ if (ret == -1) {
+ return map_nt_error_from_unix(errno);
+ }
+ if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
+ return NT_STATUS_NOT_A_DIRECTORY;
+ }
+ status = smbd_check_access_rights(conn,
+ smb_dname,
+ SEC_DIR_LIST);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- dir_hnd = OpenDir(NULL, conn, path, wcard, attr);
+ if (req && req->priv_paths) {
+ dir_hnd = open_dir_with_privilege(conn,
+ req,
+ path,
+ wcard,
+ attr);
+ } else {
+ dir_hnd = OpenDir(NULL, conn, path, wcard, attr);
+ }
}
if (!dir_hnd) {
dptr_idleoldest(sconn);
}
- dptr = SMB_MALLOC_P(struct dptr_struct);
+ dptr = talloc(NULL, struct dptr_struct);
if(!dptr) {
- DEBUG(0,("malloc fail in dptr_create.\n"));
+ DEBUG(0,("talloc fail in dptr_create.\n"));
TALLOC_FREE(dir_hnd);
return NT_STATUS_NO_MEMORY;
}
ZERO_STRUCTP(dptr);
- dptr->path = SMB_STRDUP(path);
+ dptr->path = talloc_strdup(dptr, path);
if (!dptr->path) {
- SAFE_FREE(dptr);
+ TALLOC_FREE(dptr);
TALLOC_FREE(dir_hnd);
return NT_STATUS_NO_MEMORY;
}
dptr->dir_hnd = dir_hnd;
dptr->spid = spid;
dptr->expect_close = expect_close;
- dptr->wcard = SMB_STRDUP(wcard);
+ dptr->wcard = talloc_strdup(dptr, wcard);
if (!dptr->wcard) {
- SAFE_FREE(dptr->path);
- SAFE_FREE(dptr);
+ TALLOC_FREE(dptr);
TALLOC_FREE(dir_hnd);
return NT_STATUS_NO_MEMORY;
}
dptr->dnum = bitmap_find(sconn->searches.dptr_bmap, 0);
if(dptr->dnum == -1 || dptr->dnum > 254) {
DEBUG(0,("dptr_create: returned %d: Error - all old dirptrs in use ?\n", dptr->dnum));
- SAFE_FREE(dptr->path);
- SAFE_FREE(dptr->wcard);
- SAFE_FREE(dptr);
+ TALLOC_FREE(dptr);
TALLOC_FREE(dir_hnd);
return NT_STATUS_TOO_MANY_OPENED_FILES;
}
if(dptr->dnum == -1 || dptr->dnum < 255) {
DEBUG(0,("dptr_create: returned %d: Error - all new dirptrs in use ?\n", dptr->dnum));
- SAFE_FREE(dptr->path);
- SAFE_FREE(dptr->wcard);
- SAFE_FREE(dptr);
+ TALLOC_FREE(dptr);
TALLOC_FREE(dir_hnd);
return NT_STATUS_TOO_MANY_OPENED_FILES;
}
return dptr->dnum;
}
+bool dptr_get_priv(struct dptr_struct *dptr)
+{
+ return dptr->priv;
+}
+
+void dptr_set_priv(struct dptr_struct *dptr)
+{
+ dptr->priv = true;
+}
+
/****************************************************************************
Return the next visible file name, skipping veto'd and invisible files.
****************************************************************************/
const char *mask,
uint32_t dirtype,
char **_fname,
- SMB_OFF_T *_size,
+ off_t *_size,
uint32_t *_mode,
struct timespec *_date,
bool check_descend,
return True;
}
- return can_access_file_acl(conn, smb_fname, FILE_READ_DATA);
+ return NT_STATUS_IS_OK(smbd_check_access_rights(conn,
+ smb_fname,
+ FILE_READ_DATA));
}
/*******************************************************************
const char *mask,
uint32 attr)
{
- struct smb_Dir *dirp = TALLOC_ZERO_P(mem_ctx, struct smb_Dir);
+ struct smb_Dir *dirp = talloc_zero(mem_ctx, struct smb_Dir);
struct smbd_server_connection *sconn = conn->sconn;
if (!dirp) {
const char *mask,
uint32 attr)
{
- struct smb_Dir *dirp = TALLOC_ZERO_P(mem_ctx, struct smb_Dir);
+ struct smb_Dir *dirp = talloc_zero(mem_ctx, struct smb_Dir);
struct smbd_server_connection *sconn = conn->sconn;
if (!dirp) {
}
if (dirp->name_cache == NULL) {
- dirp->name_cache = TALLOC_ZERO_ARRAY(
+ dirp->name_cache = talloc_zero_array(
dirp, struct name_cache_entry, dirp->name_cache_size);
if (dirp->name_cache == NULL) {
NTSTATUS status = NT_STATUS_OK;
long dirpos = 0;
const char *dname = NULL;
+ const char *dirname = fsp->fsp_name->base_name;
char *talloced = NULL;
SMB_STRUCT_STAT st;
struct connection_struct *conn = fsp->conn;
}
}
- if (!is_visible_file(conn, fsp->fsp_name->base_name, dname, &st, True)) {
+ if (!is_visible_file(conn, dirname, dname, &st, True)) {
TALLOC_FREE(talloced);
continue;
}
- DEBUG(10,("can_delete_directory_fsp: got name %s - can't delete\n",
+ DEBUG(10,("got name %s - can't delete\n",
dname ));
status = NT_STATUS_DIRECTORY_NOT_EMPTY;
break;