2 Unix SMB/CIFS implementation.
3 filename handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1999-2007
6 Copyright (C) Ying Chen 2000
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * New hash table stat cache code added by Ying Chen.
28 #include "system/filesys.h"
29 #include "fake_file.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
33 static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
34 connection_struct *conn,
35 const char *orig_path,
36 struct smb_filename *smb_fname);
38 /****************************************************************************
39 Mangle the 2nd name and check if it is then equal to the first name.
40 ****************************************************************************/
42 static bool mangled_equal(const char *name1,
44 const struct share_params *p)
48 if (!name_to_8_3(name2, mname, False, p)) {
51 return strequal(name1, mname);
54 /****************************************************************************
55 Cope with the differing wildcard and non-wildcard error cases.
56 ****************************************************************************/
58 static NTSTATUS determine_path_error(const char *name,
59 bool allow_wcard_last_component)
63 if (!allow_wcard_last_component) {
64 /* Error code within a pathname. */
65 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
68 /* We're terminating here so we
69 * can be a little slower and get
70 * the error code right. Windows
71 * treats the last part of the pathname
72 * separately I think, so if the last
73 * component is a wildcard then we treat
74 * this ./ as "end of component" */
76 p = strchr(name, '/');
78 if (!p && (ms_has_wild(name) || ISDOT(name))) {
79 /* Error code at the end of a pathname. */
80 return NT_STATUS_OBJECT_NAME_INVALID;
82 /* Error code within a pathname. */
83 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
87 static NTSTATUS check_for_dot_component(const struct smb_filename *smb_fname)
89 /* Ensure we catch all names with in "/."
90 this is disallowed under Windows and
91 in POSIX they've already been removed. */
92 const char *p = strstr(smb_fname->base_name, "/."); /*mb safe*/
95 /* Error code within a pathname. */
96 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
97 } else if (p[2] == '\0') {
98 /* Error code at the end of a pathname. */
99 return NT_STATUS_OBJECT_NAME_INVALID;
105 /****************************************************************************
106 Optimization for common case where the missing part
107 is in the last component and the client already
108 sent the correct case.
109 Returns NT_STATUS_OK to mean continue the tree walk
110 (possibly with modified start pointer).
111 Any other NT_STATUS_XXX error means terminate the path
113 ****************************************************************************/
115 static NTSTATUS check_parent_exists(TALLOC_CTX *ctx,
116 connection_struct *conn,
117 bool posix_pathnames,
118 const struct smb_filename *smb_fname,
122 struct smb_filename parent_fname;
123 const char *last_component = NULL;
127 ZERO_STRUCT(parent_fname);
128 if (!parent_dirname(ctx, smb_fname->base_name,
129 &parent_fname.base_name,
131 return NT_STATUS_NO_MEMORY;
135 * If there was no parent component in
136 * smb_fname->base_name of the parent name
137 * contained a wildcard then don't do this
140 if ((smb_fname->base_name == last_component) ||
141 ms_has_wild(parent_fname.base_name)) {
145 if (posix_pathnames) {
146 ret = SMB_VFS_LSTAT(conn, &parent_fname);
148 ret = SMB_VFS_STAT(conn, &parent_fname);
151 /* If the parent stat failed, just continue
152 with the normal tree walk. */
158 status = check_for_dot_component(&parent_fname);
159 if (!NT_STATUS_IS_OK(status)) {
163 /* Parent exists - set "start" to be the
164 * last compnent to shorten the tree walk. */
167 * Safe to use discard_const_p
168 * here as last_component points
169 * into our smb_fname->base_name.
171 *pp_start = discard_const_p(char, last_component);
173 /* Update dirpath. */
174 TALLOC_FREE(*pp_dirpath);
175 *pp_dirpath = talloc_strdup(ctx, parent_fname.base_name);
177 return NT_STATUS_NO_MEMORY;
180 DEBUG(5,("check_parent_exists: name "
181 "= %s, dirpath = %s, "
183 smb_fname->base_name,
190 /****************************************************************************
191 This routine is called to convert names from the dos namespace to unix
192 namespace. It needs to handle any case conversions, mangling, format changes,
195 We assume that we have already done a chdir() to the right "root" directory
198 The function will return an NTSTATUS error if some part of the name except for
199 the last part cannot be resolved, else NT_STATUS_OK.
201 Note NT_STATUS_OK doesn't mean the name exists or is valid, just that we
202 didn't get any fatal errors that should immediately terminate the calling SMB
203 processing whilst resolving.
205 If the UCF_SAVE_LCOMP flag is passed in, then the unmodified last component
206 of the pathname is set in smb_filename->original_lcomp.
208 If UCF_ALWAYS_ALLOW_WCARD_LCOMP is passed in, then a MS wildcard was detected
209 and should be allowed in the last component of the path only.
211 If the orig_path was a stream, smb_filename->base_name will point to the base
212 filename, and smb_filename->stream_name will point to the stream name. If
213 orig_path was not a stream, then smb_filename->stream_name will be NULL.
215 On exit from unix_convert, the smb_filename->st stat struct will be populated
216 if the file exists and was found, if not this stat struct will be filled with
217 zeros (and this can be detected by checking for nlinks = 0, which can never be
219 ****************************************************************************/
221 NTSTATUS unix_convert(TALLOC_CTX *ctx,
222 connection_struct *conn,
223 const char *orig_path,
224 struct smb_filename **smb_fname_out,
227 struct smb_filename *smb_fname = NULL;
229 char *dirpath = NULL;
231 bool component_was_mangled = False;
232 bool name_has_wildcard = False;
233 bool posix_pathnames = false;
234 bool allow_wcard_last_component =
235 (ucf_flags & UCF_ALWAYS_ALLOW_WCARD_LCOMP);
236 bool save_last_component = ucf_flags & UCF_SAVE_LCOMP;
240 *smb_fname_out = NULL;
242 smb_fname = talloc_zero(ctx, struct smb_filename);
243 if (smb_fname == NULL) {
244 return NT_STATUS_NO_MEMORY;
248 /* we don't ever use the filenames on a printer share as a
249 filename - so don't convert them */
250 if (!(smb_fname->base_name = talloc_strdup(smb_fname,
252 status = NT_STATUS_NO_MEMORY;
258 DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path));
261 * Conversion to basic unix format is already done in
262 * check_path_syntax().
266 * Names must be relative to the root of the service - any leading /.
267 * and trailing /'s should have been trimmed by check_path_syntax().
271 SMB_ASSERT(*orig_path != '/');
275 * If we trimmed down to a single '\0' character
276 * then we should use the "." directory to avoid
277 * searching the cache, but not if we are in a
279 * As we know this is valid we can return true here.
283 if (!(smb_fname->base_name = talloc_strdup(smb_fname, "."))) {
284 status = NT_STATUS_NO_MEMORY;
287 if (SMB_VFS_STAT(conn, smb_fname) != 0) {
288 status = map_nt_error_from_unix(errno);
291 DEBUG(5, ("conversion finished \"\" -> %s\n",
292 smb_fname->base_name));
296 if (orig_path[0] == '.' && (orig_path[1] == '/' ||
297 orig_path[1] == '\0')) {
298 /* Start of pathname can't be "." only. */
299 if (orig_path[1] == '\0' || orig_path[2] == '\0') {
300 status = NT_STATUS_OBJECT_NAME_INVALID;
302 status =determine_path_error(&orig_path[2],
303 allow_wcard_last_component);
308 /* Start with the full orig_path as given by the caller. */
309 if (!(smb_fname->base_name = talloc_strdup(smb_fname, orig_path))) {
310 DEBUG(0, ("talloc_strdup failed\n"));
311 status = NT_STATUS_NO_MEMORY;
316 * Large directory fix normalization. If we're case sensitive, and
317 * the case preserving parameters are set to "no", normalize the case of
318 * the incoming filename from the client WHETHER IT EXISTS OR NOT !
319 * This is in conflict with the current (3.0.20) man page, but is
320 * what people expect from the "large directory howto". I'll update
321 * the man page. Thanks to jht@samba.org for finding this. JRA.
324 if (conn->case_sensitive && !conn->case_preserve &&
325 !conn->short_case_preserve) {
326 if (!strnorm(smb_fname->base_name, lp_defaultcase(SNUM(conn)))) {
327 DEBUG(0, ("strnorm %s failed\n", smb_fname->base_name));
328 status = NT_STATUS_INVALID_PARAMETER;
334 * Ensure saved_last_component is valid even if file exists.
337 if(save_last_component) {
338 end = strrchr_m(smb_fname->base_name, '/');
340 smb_fname->original_lcomp = talloc_strdup(smb_fname,
343 smb_fname->original_lcomp =
344 talloc_strdup(smb_fname, smb_fname->base_name);
346 if (smb_fname->original_lcomp == NULL) {
347 status = NT_STATUS_NO_MEMORY;
352 posix_pathnames = (lp_posix_pathnames() ||
353 (ucf_flags & UCF_POSIX_PATHNAMES));
356 * Strip off the stream, and add it back when we're done with the
359 if (!posix_pathnames) {
360 stream = strchr_m(smb_fname->base_name, ':');
362 if (stream != NULL) {
363 char *tmp = talloc_strdup(smb_fname, stream);
365 status = NT_STATUS_NO_MEMORY;
369 * Since this is actually pointing into
370 * smb_fname->base_name this truncates base_name.
377 start = smb_fname->base_name;
380 * If we're providing case insensitive semantics or
381 * the underlying filesystem is case insensitive,
382 * then a case-normalized hit in the stat-cache is
383 * authoratitive. JRA.
385 * Note: We're only checking base_name. The stream_name will be
386 * added and verified in build_stream_path().
389 if((!conn->case_sensitive || !(conn->fs_capabilities &
390 FILE_CASE_SENSITIVE_SEARCH)) &&
391 stat_cache_lookup(conn, posix_pathnames, &smb_fname->base_name, &dirpath, &start,
397 * Make sure "dirpath" is an allocated string, we use this for
398 * building the directories with talloc_asprintf and free it.
401 if ((dirpath == NULL) && (!(dirpath = talloc_strdup(ctx,"")))) {
402 DEBUG(0, ("talloc_strdup failed\n"));
403 status = NT_STATUS_NO_MEMORY;
408 * If we have a wildcard we must walk the path to
409 * find where the error is, even if case sensitive
413 name_has_wildcard = ms_has_wild(smb_fname->base_name);
414 if (name_has_wildcard && !allow_wcard_last_component) {
415 /* Wildcard not valid anywhere. */
416 status = NT_STATUS_OBJECT_NAME_INVALID;
420 DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
421 smb_fname->base_name, dirpath, start));
423 if (!name_has_wildcard) {
425 * stat the name - if it exists then we can add the stream back (if
426 * there was one) and be done!
429 if (posix_pathnames) {
430 ret = SMB_VFS_LSTAT(conn, smb_fname);
432 ret = SMB_VFS_STAT(conn, smb_fname);
436 status = check_for_dot_component(smb_fname);
437 if (!NT_STATUS_IS_OK(status)) {
440 /* Add the path (not including the stream) to the cache. */
441 stat_cache_add(orig_path, smb_fname->base_name,
442 conn->case_sensitive);
443 DEBUG(5,("conversion of base_name finished %s -> %s\n",
444 orig_path, smb_fname->base_name));
448 /* Stat failed - ensure we don't use it. */
449 SET_STAT_INVALID(smb_fname->st);
451 if (errno == ENOENT) {
452 /* Optimization when creating a new file - only
453 the last component doesn't exist.
454 NOTE : check_parent_exists() doesn't preserve errno.
456 int saved_errno = errno;
457 status = check_parent_exists(ctx,
464 if (!NT_STATUS_IS_OK(status)) {
470 * A special case - if we don't have any wildcards or mangling chars and are case
471 * sensitive or the underlying filesystem is case insensitive then searching
475 if ((conn->case_sensitive || !(conn->fs_capabilities &
476 FILE_CASE_SENSITIVE_SEARCH)) &&
477 !mangle_is_mangled(smb_fname->base_name, conn->params)) {
479 status = check_for_dot_component(smb_fname);
480 if (!NT_STATUS_IS_OK(status)) {
485 * The stat failed. Could be ok as it could be
489 if (errno == ENOTDIR || errno == ELOOP) {
490 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
492 } else if (errno == ENOENT) {
494 * Was it a missing last component ?
495 * or a missing intermediate component ?
497 struct smb_filename parent_fname;
498 const char *last_component = NULL;
500 ZERO_STRUCT(parent_fname);
501 if (!parent_dirname(ctx, smb_fname->base_name,
502 &parent_fname.base_name,
504 status = NT_STATUS_NO_MEMORY;
507 if (posix_pathnames) {
508 ret = SMB_VFS_LSTAT(conn, &parent_fname);
510 ret = SMB_VFS_STAT(conn, &parent_fname);
513 if (errno == ENOTDIR ||
516 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
522 * Missing last component is ok - new file.
523 * Also deal with permission denied elsewhere.
524 * Just drop out to done.
531 * We have a wildcard in the pathname.
533 * Optimization for common case where the wildcard
534 * is in the last component and the client already
535 * sent the correct case.
536 * NOTE : check_parent_exists() doesn't preserve errno.
538 int saved_errno = errno;
539 status = check_parent_exists(ctx,
546 if (!NT_STATUS_IS_OK(status)) {
552 * is_mangled() was changed to look at an entire pathname, not
553 * just a component. JRA.
556 if (mangle_is_mangled(start, conn->params)) {
557 component_was_mangled = True;
561 * Now we need to recursively match the name against the real
562 * directory structure.
566 * Match each part of the path name separately, trying the names
567 * as is first, then trying to scan the directory for matching names.
570 for (; start ; start = (end?end+1:(char *)NULL)) {
572 * Pinpoint the end of this section of the filename.
574 /* mb safe. '/' can't be in any encoded char. */
575 end = strchr(start, '/');
578 * Chop the name at this point.
584 if (save_last_component) {
585 TALLOC_FREE(smb_fname->original_lcomp);
586 smb_fname->original_lcomp = talloc_strdup(smb_fname,
587 end ? end + 1 : start);
588 if (!smb_fname->original_lcomp) {
589 DEBUG(0, ("talloc failed\n"));
590 status = NT_STATUS_NO_MEMORY;
595 /* The name cannot have a component of "." */
599 /* Error code at the end of a pathname. */
600 status = NT_STATUS_OBJECT_NAME_INVALID;
602 status = determine_path_error(end+1,
603 allow_wcard_last_component);
608 /* The name cannot have a wildcard if it's not
609 the last component. */
611 name_has_wildcard = ms_has_wild(start);
613 /* Wildcards never valid within a pathname. */
614 if (name_has_wildcard && end) {
615 status = NT_STATUS_OBJECT_NAME_INVALID;
619 /* Skip the stat call if it's a wildcard end. */
620 if (name_has_wildcard) {
621 DEBUG(5,("Wildcard %s\n",start));
626 * Check if the name exists up to this point.
629 if (posix_pathnames) {
630 ret = SMB_VFS_LSTAT(conn, smb_fname);
632 ret = SMB_VFS_STAT(conn, smb_fname);
637 * It exists. it must either be a directory or this must
638 * be the last part of the path for it to be OK.
640 if (end && !S_ISDIR(smb_fname->st.st_ex_mode)) {
642 * An intermediate part of the name isn't
645 DEBUG(5,("Not a dir %s\n",start));
648 * We need to return the fact that the
649 * intermediate name resolution failed. This
650 * is used to return an error of ERRbadpath
651 * rather than ERRbadfile. Some Windows
652 * applications depend on the difference between
655 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
660 char *found_name = NULL;
662 /* Stat failed - ensure we don't use it. */
663 SET_STAT_INVALID(smb_fname->st);
666 * Reset errno so we can detect
667 * directory open errors.
672 * Try to find this part of the path in the directory.
675 if (name_has_wildcard ||
676 (get_real_filename(conn, dirpath, start,
678 &found_name) == -1)) {
683 * An intermediate part of the name
686 DEBUG(5,("Intermediate not found %s\n",
691 * We need to return the fact that the
692 * intermediate name resolution failed.
693 * This is used to return an error of
694 * ERRbadpath rather than ERRbadfile.
695 * Some Windows applications depend on
696 * the difference between these two
701 * ENOENT, ENOTDIR and ELOOP all map
702 * to NT_STATUS_OBJECT_PATH_NOT_FOUND
703 * in the filename walk.
706 if (errno == ENOENT ||
710 NT_STATUS_OBJECT_PATH_NOT_FOUND;
714 map_nt_error_from_unix(errno);
720 * ENOENT/EACCESS are the only valid errors
721 * here. EACCESS needs handling here for
722 * "dropboxes", i.e. directories where users
723 * can only put stuff with permission -wx.
725 if ((errno != 0) && (errno != ENOENT)
726 && ((ucf_flags & UCF_CREATING_FILE) &&
727 (errno != EACCES))) {
729 * ENOTDIR and ELOOP both map to
730 * NT_STATUS_OBJECT_PATH_NOT_FOUND
731 * in the filename walk.
733 if (errno == ENOTDIR ||
736 NT_STATUS_OBJECT_PATH_NOT_FOUND;
739 map_nt_error_from_unix(errno);
745 * Just the last part of the name doesn't exist.
746 * We need to strupper() or strlower() it as
747 * this conversion may be used for file creation
748 * purposes. Fix inspired by
749 * Thomas Neumann <t.neumann@iku-ag.de>.
751 if (!conn->case_preserve ||
752 (mangle_is_8_3(start, False,
754 !conn->short_case_preserve)) {
756 lp_defaultcase(SNUM(conn)))) {
757 DEBUG(0, ("strnorm %s failed\n",
759 status = NT_STATUS_INVALID_PARAMETER;
765 * check on the mangled stack to see if we can
766 * recover the base of the filename.
769 if (mangle_is_mangled(start, conn->params)
770 && mangle_lookup_name_from_8_3(ctx,
776 start - smb_fname->base_name;
778 if (*dirpath != '\0') {
779 tmp = talloc_asprintf(
782 TALLOC_FREE(unmangled);
788 DEBUG(0, ("talloc failed\n"));
789 status = NT_STATUS_NO_MEMORY;
792 TALLOC_FREE(smb_fname->base_name);
793 smb_fname->base_name = tmp;
795 smb_fname->base_name + start_ofs;
796 end = start + strlen(start);
799 DEBUG(5,("New file %s\n",start));
805 * Restore the rest of the string. If the string was
806 * mangled the size may have changed.
811 start - smb_fname->base_name;
813 if (*dirpath != '\0') {
814 tmp = talloc_asprintf(smb_fname,
819 tmp = talloc_asprintf(smb_fname,
824 DEBUG(0, ("talloc_asprintf failed\n"));
825 status = NT_STATUS_NO_MEMORY;
828 TALLOC_FREE(smb_fname->base_name);
829 smb_fname->base_name = tmp;
830 start = smb_fname->base_name + start_ofs;
831 end = start + strlen(found_name);
836 start - smb_fname->base_name;
838 if (*dirpath != '\0') {
839 tmp = talloc_asprintf(smb_fname,
843 tmp = talloc_strdup(smb_fname,
847 DEBUG(0, ("talloc failed\n"));
848 status = NT_STATUS_NO_MEMORY;
851 TALLOC_FREE(smb_fname->base_name);
852 smb_fname->base_name = tmp;
853 start = smb_fname->base_name + start_ofs;
856 * We just scanned for, and found the end of
857 * the path. We must return a valid stat struct
861 if (posix_pathnames) {
862 ret = SMB_VFS_LSTAT(conn, smb_fname);
864 ret = SMB_VFS_STAT(conn, smb_fname);
868 SET_STAT_INVALID(smb_fname->st);
872 TALLOC_FREE(found_name);
878 * We should never provide different behaviors
879 * depending on DEVELOPER!!!
881 if (VALID_STAT(smb_fname->st)) {
885 status = file_name_hash(conn,
886 smb_fname_str_dbg(smb_fname),
888 if (!NT_STATUS_IS_OK(status)) {
892 get_file_infos(vfs_file_id_from_sbuf(conn,
895 &delete_pending, NULL);
896 if (delete_pending) {
897 status = NT_STATUS_DELETE_PENDING;
904 * Add to the dirpath that we have resolved so far.
907 if (*dirpath != '\0') {
908 char *tmp = talloc_asprintf(ctx,
909 "%s/%s", dirpath, start);
911 DEBUG(0, ("talloc_asprintf failed\n"));
912 status = NT_STATUS_NO_MEMORY;
915 TALLOC_FREE(dirpath);
919 TALLOC_FREE(dirpath);
920 if (!(dirpath = talloc_strdup(ctx,start))) {
921 DEBUG(0, ("talloc_strdup failed\n"));
922 status = NT_STATUS_NO_MEMORY;
928 * Cache the dirpath thus far. Don't cache a name with mangled
929 * or wildcard components as this can change the size.
931 if(!component_was_mangled && !name_has_wildcard) {
932 stat_cache_add(orig_path, dirpath,
933 conn->case_sensitive);
937 * Restore the / that we wiped out earlier.
945 * Cache the full path. Don't cache a name with mangled or wildcard
946 * components as this can change the size.
949 if(!component_was_mangled && !name_has_wildcard) {
950 stat_cache_add(orig_path, smb_fname->base_name,
951 conn->case_sensitive);
955 * The name has been resolved.
958 DEBUG(5,("conversion finished %s -> %s\n", orig_path,
959 smb_fname->base_name));
962 /* Add back the stream if one was stripped off originally. */
963 if (stream != NULL) {
964 smb_fname->stream_name = stream;
966 /* Check path now that the base_name has been converted. */
967 status = build_stream_path(ctx, conn, orig_path, smb_fname);
968 if (!NT_STATUS_IS_OK(status)) {
972 TALLOC_FREE(dirpath);
973 *smb_fname_out = smb_fname;
976 DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath, start));
977 if (*dirpath != '\0') {
978 smb_fname->base_name = talloc_asprintf(smb_fname, "%s/%s",
981 smb_fname->base_name = talloc_strdup(smb_fname, start);
983 if (!smb_fname->base_name) {
984 DEBUG(0, ("talloc_asprintf failed\n"));
985 status = NT_STATUS_NO_MEMORY;
989 *smb_fname_out = smb_fname;
990 TALLOC_FREE(dirpath);
993 TALLOC_FREE(smb_fname);
997 /****************************************************************************
998 Ensure a path is not vetod.
999 ****************************************************************************/
1001 NTSTATUS check_veto_path(connection_struct *conn, const char *name)
1003 if (IS_VETO_PATH(conn, name)) {
1004 /* Is it not dot or dot dot. */
1005 if (!(ISDOT(name) || ISDOTDOT(name))) {
1006 DEBUG(5,("check_veto_path: file path name %s vetoed\n",
1008 return map_nt_error_from_unix(ENOENT);
1011 return NT_STATUS_OK;
1014 /****************************************************************************
1015 Check a filename - possibly calling check_reduced_name.
1016 This is called by every routine before it allows an operation on a filename.
1017 It does any final confirmation necessary to ensure that the filename is
1018 a valid one for the user to access.
1019 ****************************************************************************/
1021 NTSTATUS check_name(connection_struct *conn, const char *name)
1023 NTSTATUS status = check_veto_path(conn, name);
1025 if (!NT_STATUS_IS_OK(status)) {
1029 if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
1030 status = check_reduced_name(conn,name);
1031 if (!NT_STATUS_IS_OK(status)) {
1032 DEBUG(5,("check_name: name %s failed with %s\n",name,
1033 nt_errstr(status)));
1038 return NT_STATUS_OK;
1041 /****************************************************************************
1042 Must be called as root. Creates the struct privilege_paths
1043 attached to the struct smb_request if this call is successful.
1044 ****************************************************************************/
1046 static NTSTATUS check_name_with_privilege(connection_struct *conn,
1047 struct smb_request *smbreq,
1050 NTSTATUS status = check_veto_path(conn, name);
1052 if (!NT_STATUS_IS_OK(status)) {
1055 return check_reduced_name_with_privilege(conn,
1060 /****************************************************************************
1061 Check if two filenames are equal.
1062 This needs to be careful about whether we are case sensitive.
1063 ****************************************************************************/
1065 static bool fname_equal(const char *name1, const char *name2,
1066 bool case_sensitive)
1068 /* Normal filename handling */
1069 if (case_sensitive) {
1070 return(strcmp(name1,name2) == 0);
1073 return(strequal(name1,name2));
1076 /****************************************************************************
1077 Scan a directory to find a filename, matching without case sensitivity.
1078 If the name looks like a mangled name then try via the mangling functions
1079 ****************************************************************************/
1081 static int get_real_filename_full_scan(connection_struct *conn,
1082 const char *path, const char *name,
1084 TALLOC_CTX *mem_ctx, char **found_name)
1086 struct smb_Dir *cur_dir;
1087 const char *dname = NULL;
1088 char *talloced = NULL;
1089 char *unmangled_name = NULL;
1092 /* handle null paths */
1093 if ((path == NULL) || (*path == 0)) {
1097 /* If we have a case-sensitive filesystem, it doesn't do us any
1098 * good to search for a name. If a case variation of the name was
1099 * there, then the original stat(2) would have found it.
1101 if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) {
1107 * The incoming name can be mangled, and if we de-mangle it
1108 * here it will not compare correctly against the filename (name2)
1109 * read from the directory and then mangled by the name_to_8_3()
1110 * call. We need to mangle both names or neither.
1113 * Fix for bug found by Dina Fine. If in case sensitive mode then
1114 * the mangle cache is no good (3 letter extension could be wrong
1115 * case - so don't demangle in this case - leave as mangled and
1116 * allow the mangling of the directory entry read (which is done
1117 * case insensitively) to match instead. This will lead to more
1118 * false positive matches but we fail completely without it. JRA.
1121 if (mangled && !conn->case_sensitive) {
1122 mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name,
1126 /* Name is now unmangled. */
1127 name = unmangled_name;
1131 /* open the directory */
1132 if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) {
1133 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
1134 TALLOC_FREE(unmangled_name);
1138 /* now scan for matching names */
1140 while ((dname = ReadDirName(cur_dir, &curpos, NULL, &talloced))) {
1142 /* Is it dot or dot dot. */
1143 if (ISDOT(dname) || ISDOTDOT(dname)) {
1144 TALLOC_FREE(talloced);
1149 * At this point dname is the unmangled name.
1150 * name is either mangled or not, depending on the state
1151 * of the "mangled" variable. JRA.
1155 * Check mangled name against mangled name, or unmangled name
1156 * against unmangled name.
1159 if ((mangled && mangled_equal(name,dname,conn->params)) ||
1160 fname_equal(name, dname, conn->case_sensitive)) {
1161 /* we've found the file, change it's name and return */
1162 *found_name = talloc_strdup(mem_ctx, dname);
1163 TALLOC_FREE(unmangled_name);
1164 TALLOC_FREE(cur_dir);
1167 TALLOC_FREE(talloced);
1170 TALLOC_FREE(talloced);
1173 TALLOC_FREE(talloced);
1176 TALLOC_FREE(unmangled_name);
1177 TALLOC_FREE(cur_dir);
1182 /****************************************************************************
1183 Wrapper around the vfs get_real_filename and the full directory scan
1185 ****************************************************************************/
1187 int get_real_filename(connection_struct *conn, const char *path,
1188 const char *name, TALLOC_CTX *mem_ctx,
1194 mangled = mangle_is_mangled(name, conn->params);
1197 return get_real_filename_full_scan(conn, path, name, mangled,
1198 mem_ctx, found_name);
1201 /* Try the vfs first to take advantage of case-insensitive stat. */
1202 ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name);
1205 * If the case-insensitive stat was successful, or returned an error
1206 * other than EOPNOTSUPP then there is no need to fall back on the
1207 * full directory scan.
1209 if (ret == 0 || (ret == -1 && errno != EOPNOTSUPP)) {
1213 return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx,
1217 static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
1218 connection_struct *conn,
1219 const char *orig_path,
1220 struct smb_filename *smb_fname)
1223 unsigned int i, num_streams = 0;
1224 struct stream_struct *streams = NULL;
1226 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1227 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1228 return NT_STATUS_OK;
1231 if (errno != ENOENT) {
1232 DEBUG(10, ("vfs_stat failed: %s\n", strerror(errno)));
1233 status = map_nt_error_from_unix(errno);
1237 /* Fall back to a case-insensitive scan of all streams on the file. */
1238 status = vfs_streaminfo(conn, NULL, smb_fname->base_name, mem_ctx,
1239 &num_streams, &streams);
1241 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1242 SET_STAT_INVALID(smb_fname->st);
1243 return NT_STATUS_OK;
1246 if (!NT_STATUS_IS_OK(status)) {
1247 DEBUG(10, ("vfs_streaminfo failed: %s\n", nt_errstr(status)));
1251 for (i=0; i<num_streams; i++) {
1252 DEBUG(10, ("comparing [%s] and [%s]: ",
1253 smb_fname->stream_name, streams[i].name));
1254 if (fname_equal(smb_fname->stream_name, streams[i].name,
1255 conn->case_sensitive)) {
1256 DEBUGADD(10, ("equal\n"));
1259 DEBUGADD(10, ("not equal\n"));
1262 /* Couldn't find the stream. */
1263 if (i == num_streams) {
1264 SET_STAT_INVALID(smb_fname->st);
1265 TALLOC_FREE(streams);
1266 return NT_STATUS_OK;
1269 DEBUG(10, ("case insensitive stream. requested: %s, actual: %s\n",
1270 smb_fname->stream_name, streams[i].name));
1273 TALLOC_FREE(smb_fname->stream_name);
1274 smb_fname->stream_name = talloc_strdup(smb_fname, streams[i].name);
1275 if (smb_fname->stream_name == NULL) {
1276 status = NT_STATUS_NO_MEMORY;
1280 SET_STAT_INVALID(smb_fname->st);
1282 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1283 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1285 status = NT_STATUS_OK;
1287 TALLOC_FREE(streams);
1292 * Go through all the steps to validate a filename.
1294 * @param ctx talloc_ctx to allocate memory with.
1295 * @param conn connection struct for vfs calls.
1296 * @param dfs_path Whether this path requires dfs resolution.
1297 * @param smbreq SMB request if we're using privileges.
1298 * @param name_in The unconverted name.
1299 * @param ucf_flags flags to pass through to unix_convert().
1300 * UCF_ALWAYS_ALLOW_WCARD_LCOMP will be OR'd in if
1301 * p_cont_wcard != NULL and is true and
1302 * UCF_COND_ALLOW_WCARD_LCOMP.
1303 * @param p_cont_wcard If not NULL, will be set to true if the dfs path
1304 * resolution detects a wildcard.
1305 * @param pp_smb_fname The final converted name will be allocated if the
1306 * return is NT_STATUS_OK.
1308 * @return NT_STATUS_OK if all operations completed succesfully, appropriate
1311 static NTSTATUS filename_convert_internal(TALLOC_CTX *ctx,
1312 connection_struct *conn,
1314 struct smb_request *smbreq,
1315 const char *name_in,
1317 bool *ppath_contains_wcard,
1318 struct smb_filename **pp_smb_fname)
1321 bool allow_wcards = (ucf_flags & (UCF_COND_ALLOW_WCARD_LCOMP|UCF_ALWAYS_ALLOW_WCARD_LCOMP));
1324 *pp_smb_fname = NULL;
1326 status = resolve_dfspath_wcard(ctx, conn,
1330 !conn->sconn->using_smb2,
1332 ppath_contains_wcard);
1333 if (!NT_STATUS_IS_OK(status)) {
1334 DEBUG(10,("filename_convert_internal: resolve_dfspath failed "
1335 "for name %s with %s\n",
1337 nt_errstr(status) ));
1341 if (is_fake_file_path(name_in)) {
1345 *pp_smb_fname = synthetic_smb_fname_split(ctx,
1348 if (*pp_smb_fname == NULL) {
1349 return NT_STATUS_NO_MEMORY;
1351 return NT_STATUS_OK;
1355 * If the caller conditionally allows wildcard lookups, only add the
1356 * always allow if the path actually does contain a wildcard.
1358 if (ucf_flags & UCF_COND_ALLOW_WCARD_LCOMP &&
1359 ppath_contains_wcard != NULL && *ppath_contains_wcard) {
1360 ucf_flags |= UCF_ALWAYS_ALLOW_WCARD_LCOMP;
1363 status = unix_convert(ctx, conn, fname, pp_smb_fname, ucf_flags);
1364 if (!NT_STATUS_IS_OK(status)) {
1365 DEBUG(10,("filename_convert_internal: unix_convert failed "
1366 "for name %s with %s\n",
1368 nt_errstr(status) ));
1372 if ((ucf_flags & UCF_UNIX_NAME_LOOKUP) &&
1373 VALID_STAT((*pp_smb_fname)->st) &&
1374 S_ISLNK((*pp_smb_fname)->st.st_ex_mode)) {
1375 return check_veto_path(conn, (*pp_smb_fname)->base_name);
1379 status = check_name(conn, (*pp_smb_fname)->base_name);
1381 status = check_name_with_privilege(conn, smbreq, (*pp_smb_fname)->base_name);
1383 if (!NT_STATUS_IS_OK(status)) {
1384 DEBUG(3,("filename_convert_internal: check_name failed "
1385 "for name %s with %s\n",
1386 smb_fname_str_dbg(*pp_smb_fname),
1387 nt_errstr(status) ));
1388 TALLOC_FREE(*pp_smb_fname);
1396 * Go through all the steps to validate a filename.
1400 NTSTATUS filename_convert(TALLOC_CTX *ctx,
1401 connection_struct *conn,
1403 const char *name_in,
1405 bool *ppath_contains_wcard,
1406 struct smb_filename **pp_smb_fname)
1408 return filename_convert_internal(ctx,
1414 ppath_contains_wcard,
1419 * Go through all the steps to validate a filename.
1420 * root (privileged) version.
1423 NTSTATUS filename_convert_with_privilege(TALLOC_CTX *ctx,
1424 connection_struct *conn,
1425 struct smb_request *smbreq,
1426 const char *name_in,
1428 bool *ppath_contains_wcard,
1429 struct smb_filename **pp_smb_fname)
1431 return filename_convert_internal(ctx,
1433 smbreq->flags2 & FLAGS2_DFS_PATHNAMES,
1437 ppath_contains_wcard,
git.samba.org / vlendec / samba-autobuild / .git / blob