2 Unix SMB/CIFS implementation.
4 POSIX NTVFS backend - filename resolution
6 Copyright (C) Andrew Tridgell 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 this is the core code for converting a filename from the format as
24 given by a client to a posix filename, including any case-matching
25 required, and checks for legal characters
30 #include "vfs_posix.h"
31 #include "system/dir.h"
32 #include "param/param.h"
35 compare two filename components. This is where the name mangling hook will go
37 static int component_compare(struct pvfs_state *pvfs, const char *comp, const char *name)
41 ret = strcasecmp_m(comp, name);
44 char *shortname = pvfs_short_name_component(pvfs, name);
46 ret = strcasecmp_m(comp, shortname);
47 talloc_free(shortname);
55 search for a filename in a case insensitive fashion
57 TODO: add a cache for previously resolved case-insensitive names
58 TODO: add mangled name support
60 static NTSTATUS pvfs_case_search(struct pvfs_state *pvfs, struct pvfs_filename *name)
62 /* break into a series of components */
65 char *p, *partial_name;
68 /* break up the full name info pathname components */
70 p = name->full_name + strlen(pvfs->base_directory) + 1;
78 components = talloc_array(name, char *, num_components);
79 p = name->full_name + strlen(pvfs->base_directory);
82 components[0] = name->full_name;
84 for (i=1;i<num_components;i++) {
88 if (pvfs_is_reserved_name(pvfs, components[i])) {
89 return NT_STATUS_ACCESS_DENIED;
93 partial_name = talloc_strdup(name, components[0]);
95 return NT_STATUS_NO_MEMORY;
98 /* for each component, check if it exists as-is, and if not then
99 do a directory scan */
100 for (i=1;i<num_components;i++) {
104 char *long_component;
106 /* possibly remap from the short name cache */
107 long_component = pvfs_mangled_lookup(pvfs, name, components[i]);
108 if (long_component) {
109 components[i] = long_component;
112 test_name = talloc_asprintf(name, "%s/%s", partial_name, components[i]);
114 return NT_STATUS_NO_MEMORY;
117 /* check if this component exists as-is */
118 if (stat(test_name, &name->st) == 0) {
119 if (i<num_components-1 && !S_ISDIR(name->st.st_mode)) {
120 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
122 talloc_free(partial_name);
123 partial_name = test_name;
124 if (i == num_components - 1) {
130 /* the filesystem might be case insensitive, in which
131 case a search is pointless unless the name is
133 if ((pvfs->flags & PVFS_FLAG_CI_FILESYSTEM) &&
134 !pvfs_is_mangled_component(pvfs, components[i])) {
135 if (i < num_components-1) {
136 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
138 partial_name = test_name;
142 dir = opendir(partial_name);
144 return pvfs_map_errno(pvfs, errno);
147 while ((de = readdir(dir))) {
148 if (component_compare(pvfs, components[i], de->d_name) == 0) {
154 if (i < num_components-1) {
156 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
159 components[i] = talloc_strdup(name, de->d_name);
161 test_name = talloc_asprintf(name, "%s/%s", partial_name, components[i]);
162 talloc_free(partial_name);
163 partial_name = test_name;
169 if (stat(partial_name, &name->st) == 0) {
174 talloc_free(name->full_name);
175 name->full_name = partial_name;
178 return pvfs_fill_dos_info(pvfs, name, -1);
185 parse a alternate data stream name
187 static NTSTATUS parse_stream_name(struct pvfs_filename *name, const char *s)
190 name->stream_name = talloc_strdup(name, s+1);
191 if (name->stream_name == NULL) {
192 return NT_STATUS_NO_MEMORY;
194 p = strchr_m(name->stream_name, ':');
196 name->stream_id = pvfs_name_hash(name->stream_name,
197 strlen(name->stream_name));
200 if (strcasecmp_m(p, ":$DATA") != 0) {
201 return NT_STATUS_OBJECT_NAME_INVALID;
204 if (strcmp(name->stream_name, "") == 0) {
205 name->stream_name = NULL;
208 name->stream_id = pvfs_name_hash(name->stream_name,
209 strlen(name->stream_name));
217 convert a CIFS pathname to a unix pathname. Note that this does NOT
218 take into account case insensitivity, and in fact does not access
219 the filesystem at all. It is merely a reformatting and charset
222 errors are returned if the filename is illegal given the flags
224 static NTSTATUS pvfs_unix_path(struct pvfs_state *pvfs, const char *cifs_name,
225 uint_t flags, struct pvfs_filename *name)
227 char *ret, *p, *p_start;
230 name->original_name = talloc_strdup(name, cifs_name);
231 name->stream_name = NULL;
233 name->has_wildcard = false;
235 while (*cifs_name == '\\') {
239 if (*cifs_name == 0) {
240 name->full_name = talloc_asprintf(name, "%s/.", pvfs->base_directory);
241 if (name->full_name == NULL) {
242 return NT_STATUS_NO_MEMORY;
247 ret = talloc_asprintf(name, "%s/%s", pvfs->base_directory, cifs_name);
249 return NT_STATUS_NO_MEMORY;
252 p = ret + strlen(pvfs->base_directory) + 1;
254 /* now do an in-place conversion of '\' to '/', checking
255 for legal characters */
260 codepoint_t c = next_codepoint(lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx), p, &c_size);
263 if (name->has_wildcard) {
264 /* wildcards are only allowed in the last part
266 return NT_STATUS_ILLEGAL_CHARACTER;
268 if (p > p_start && p[1] == 0) {
275 if (!(flags & PVFS_RESOLVE_STREAMS)) {
276 return NT_STATUS_ILLEGAL_CHARACTER;
278 if (name->has_wildcard) {
279 return NT_STATUS_ILLEGAL_CHARACTER;
281 status = parse_stream_name(name, p);
282 if (!NT_STATUS_IS_OK(status)) {
292 if (!(flags & PVFS_RESOLVE_WILDCARD)) {
293 return NT_STATUS_OBJECT_NAME_INVALID;
295 name->has_wildcard = true;
299 return NT_STATUS_ILLEGAL_CHARACTER;
301 /* see if it is definately a .. or
302 . component. If it is then fail here, and
303 let the next layer up try again after
304 pvfs_reduce_name() if it wants to. This is
305 much more efficient on average than always
306 scanning for these separately */
308 (p[2] == 0 || p[2] == '\\') &&
309 (p == p_start || p[-1] == '/')) {
310 return NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
312 if ((p[1] == 0 || p[1] == '\\') &&
313 (p == p_start || p[-1] == '/')) {
314 return NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
322 name->full_name = ret;
329 reduce a name that contains .. components or repeated \ separators
330 return NULL if it can't be reduced
332 static NTSTATUS pvfs_reduce_name(TALLOC_CTX *mem_ctx,
333 struct smb_iconv_convenience *iconv_convenience,
334 const char **fname, uint_t flags)
338 int i, num_components, err_count;
342 s = talloc_strdup(mem_ctx, *fname);
343 if (s == NULL) return NT_STATUS_NO_MEMORY;
345 for (num_components=1, p=s; *p; p += c_size) {
346 c = next_codepoint(iconv_convenience, p, &c_size);
347 if (c == '\\') num_components++;
350 components = talloc_array(s, char *, num_components+1);
351 if (components == NULL) {
353 return NT_STATUS_NO_MEMORY;
357 for (i=0, p=s; *p; p += c_size) {
358 c = next_codepoint(iconv_convenience, p, &c_size);
361 components[++i] = p+1;
364 components[i+1] = NULL;
369 '.' components are not allowed, but the rules for what error
370 code to give don't seem to make sense. This is a close
373 for (err_count=i=0;components[i];i++) {
374 if (strcmp(components[i], "") == 0) {
377 if (ISDOT(components[i]) || err_count) {
382 if (flags & PVFS_RESOLVE_WILDCARD) err_count--;
385 return NT_STATUS_OBJECT_NAME_INVALID;
387 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
391 /* remove any null components */
392 for (i=0;components[i];i++) {
393 if (strcmp(components[i], "") == 0) {
394 memmove(&components[i], &components[i+1],
395 sizeof(char *)*(num_components-i));
399 if (ISDOTDOT(components[i])) {
400 if (i < 1) return NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
401 memmove(&components[i-1], &components[i+1],
402 sizeof(char *)*(num_components-(i+1)));
408 if (components[0] == NULL) {
410 *fname = talloc_strdup(mem_ctx, "\\");
414 for (len=i=0;components[i];i++) {
415 len += strlen(components[i]) + 1;
418 /* rebuild the name */
419 ret = talloc_size(mem_ctx, len+1);
422 return NT_STATUS_NO_MEMORY;
425 for (len=0,i=0;components[i];i++) {
426 size_t len1 = strlen(components[i]);
428 memcpy(ret+len+1, components[i], len1);
442 resolve a name from relative client format to a struct pvfs_filename
443 the memory for the filename is made as a talloc child of 'name'
446 PVFS_RESOLVE_NO_WILDCARD = wildcards are considered illegal characters
447 PVFS_RESOLVE_STREAMS = stream names are allowed
449 TODO: ../ collapsing, and outside share checking
451 NTSTATUS pvfs_resolve_name(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx,
452 const char *cifs_name,
453 uint_t flags, struct pvfs_filename **name)
457 *name = talloc(mem_ctx, struct pvfs_filename);
459 return NT_STATUS_NO_MEMORY;
462 (*name)->exists = false;
463 (*name)->stream_exists = false;
465 if (!(pvfs->fs_attribs & FS_ATTR_NAMED_STREAMS)) {
466 flags &= ~PVFS_RESOLVE_STREAMS;
469 /* do the basic conversion to a unix formatted path,
470 also checking for allowable characters */
471 status = pvfs_unix_path(pvfs, cifs_name, flags, *name);
473 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_SYNTAX_BAD)) {
474 /* it might contain .. components which need to be reduced */
475 status = pvfs_reduce_name(*name, lp_iconv_convenience(pvfs->ntvfs->ctx->lp_ctx), &cifs_name, flags);
476 if (!NT_STATUS_IS_OK(status)) {
479 status = pvfs_unix_path(pvfs, cifs_name, flags, *name);
482 if (!NT_STATUS_IS_OK(status)) {
486 /* if it has a wildcard then no point doing a stat() of the
487 full name. Instead We need check if the directory exists
489 if ((*name)->has_wildcard) {
491 char *dir_name, *saved_name;
492 p = strrchr((*name)->full_name, '/');
494 /* root directory wildcard is OK */
497 dir_name = talloc_strndup(*name, (*name)->full_name, (p-(*name)->full_name));
498 if (stat(dir_name, &(*name)->st) == 0) {
499 talloc_free(dir_name);
502 /* we need to search for a matching name */
503 saved_name = (*name)->full_name;
504 (*name)->full_name = dir_name;
505 status = pvfs_case_search(pvfs, *name);
506 if (!NT_STATUS_IS_OK(status)) {
507 /* the directory doesn't exist */
508 (*name)->full_name = saved_name;
511 /* it does exist, but might need a case change */
512 if (dir_name != (*name)->full_name) {
513 (*name)->full_name = talloc_asprintf(*name, "%s%s",
514 (*name)->full_name, p);
515 NT_STATUS_HAVE_NO_MEMORY((*name)->full_name);
517 (*name)->full_name = saved_name;
518 talloc_free(dir_name);
523 /* if we can stat() the full name now then we are done */
524 if (stat((*name)->full_name, &(*name)->st) == 0) {
525 (*name)->exists = true;
526 return pvfs_fill_dos_info(pvfs, *name, -1);
529 /* search for a matching filename */
530 status = pvfs_case_search(pvfs, *name);
537 do a partial resolve, returning a pvfs_filename structure given a
538 base path and a relative component. It is an error if the file does
539 not exist. No case-insensitive matching is done.
541 this is used in places like directory searching where we need a pvfs_filename
542 to pass to a function, but already know the unix base directory and component
544 NTSTATUS pvfs_resolve_partial(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx,
545 const char *unix_dir, const char *fname,
546 struct pvfs_filename **name)
550 *name = talloc(mem_ctx, struct pvfs_filename);
552 return NT_STATUS_NO_MEMORY;
555 (*name)->full_name = talloc_asprintf(*name, "%s/%s", unix_dir, fname);
556 if ((*name)->full_name == NULL) {
557 return NT_STATUS_NO_MEMORY;
560 if (stat((*name)->full_name, &(*name)->st) == -1) {
561 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
564 (*name)->exists = true;
565 (*name)->stream_exists = true;
566 (*name)->has_wildcard = false;
567 (*name)->original_name = talloc_strdup(*name, fname);
568 (*name)->stream_name = NULL;
569 (*name)->stream_id = 0;
571 status = pvfs_fill_dos_info(pvfs, *name, -1);
578 fill in the pvfs_filename info for an open file, given the current
579 info for a (possibly) non-open file. This is used by places that need
580 to update the pvfs_filename stat information, and by pvfs_open()
582 NTSTATUS pvfs_resolve_name_fd(struct pvfs_state *pvfs, int fd,
583 struct pvfs_filename *name)
585 dev_t device = (dev_t)0;
589 device = name->st.st_dev;
590 inode = name->st.st_ino;
594 if (stat(name->full_name, &name->st) == -1) {
595 return NT_STATUS_INVALID_HANDLE;
598 if (fstat(fd, &name->st) == -1) {
599 return NT_STATUS_INVALID_HANDLE;
604 (device != name->st.st_dev || inode != name->st.st_ino)) {
605 /* the file we are looking at has changed! this could
606 be someone trying to exploit a race
607 condition. Certainly we don't want to continue
608 operating on this file */
609 DEBUG(0,("pvfs: WARNING: file '%s' changed during resolve - failing\n",
611 return NT_STATUS_UNEXPECTED_IO_ERROR;
616 return pvfs_fill_dos_info(pvfs, name, fd);
621 resolve the parent of a given name
623 NTSTATUS pvfs_resolve_parent(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx,
624 const struct pvfs_filename *child,
625 struct pvfs_filename **name)
630 *name = talloc(mem_ctx, struct pvfs_filename);
632 return NT_STATUS_NO_MEMORY;
635 (*name)->full_name = talloc_strdup(*name, child->full_name);
636 if ((*name)->full_name == NULL) {
637 return NT_STATUS_NO_MEMORY;
640 p = strrchr_m((*name)->full_name, '/');
642 return NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
645 /* this handles the root directory */
646 if (p == (*name)->full_name) {
652 if (stat((*name)->full_name, &(*name)->st) == -1) {
653 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
656 (*name)->exists = true;
657 (*name)->stream_exists = true;
658 (*name)->has_wildcard = false;
659 /* we can't get the correct 'original_name', but for the purposes
660 of this call this is close enough */
661 (*name)->original_name = talloc_reference(*name, child->original_name);
662 (*name)->stream_name = NULL;
663 (*name)->stream_id = 0;
665 status = pvfs_fill_dos_info(pvfs, *name, -1);
git.samba.org / samba.git / blob