search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r4231: commiting changes to 3.0.10
[Samba.git] / source / smbd / mangle_hash2.c
blob4896cfb17be86505531d1b2e3302075846d5c85e
1 /*
2 Unix SMB/CIFS implementation.
3 new hash based name mangling implementation
4 Copyright (C) Andrew Tridgell 2002
5 Copyright (C) Simo Sorce 2002
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 /*
23 this mangling scheme uses the following format
24
25 Annnn~n.AAA
26
27 where nnnnn is a base 36 hash, and A represents characters from the original string
28
29 The hash is taken of the leading part of the long filename, in uppercase
30
31 for simplicity, we only allow ascii characters in 8.3 names
32 */
33
34 /* hash alghorithm changed to FNV1 by idra@samba.org (Simo Sorce).
35 * see http://www.isthe.com/chongo/tech/comp/fnv/index.html for a
36 * discussion on Fowler / Noll / Vo (FNV) Hash by one of it's authors
37 */
38
39 /*
40 ===============================================================================
41 NOTE NOTE NOTE!!!
42
43 This file deliberately uses non-multibyte string functions in many places. This
44 is *not* a mistake. This code is multi-byte safe, but it gets this property
45 through some very subtle knowledge of the way multi-byte strings are encoded
46 and the fact that this mangling algorithm only supports ascii characters in
47 8.3 names.
48
49 please don't convert this file to use the *_m() functions!!
50 ===============================================================================
51 */
52
53
54 #include "includes.h"
55
56 #if 1
57 #define M_DEBUG(level, x) DEBUG(level, x)
58 #else
59 #define M_DEBUG(level, x)
60 #endif
61
62 /* these flags are used to mark characters in as having particular
63 properties */
64 #define FLAG_BASECHAR 1
65 #define FLAG_ASCII 2
66 #define FLAG_ILLEGAL 4
67 #define FLAG_WILDCARD 8
68
69 /* the "possible" flags are used as a fast way to find possible DOS
70 reserved filenames */
71 #define FLAG_POSSIBLE1 16
72 #define FLAG_POSSIBLE2 32
73 #define FLAG_POSSIBLE3 64
74 #define FLAG_POSSIBLE4 128
75
76 /* by default have a max of 4096 entries in the cache. */
77 #ifndef MANGLE_CACHE_SIZE
78 #define MANGLE_CACHE_SIZE 4096
79 #endif
80
81 #define FNV1_PRIME 0x01000193
82 /*the following number is a fnv1 of the string: idra@samba.org 2002 */
83 #define FNV1_INIT 0xa6b93095
84
85 /* these tables are used to provide fast tests for characters */
86 static unsigned char char_flags[256];
87
88 #define FLAG_CHECK(c, flag) (char_flags[(unsigned char)(c)] & (flag))
89
90 /*
91 this determines how many characters are used from the original filename
92 in the 8.3 mangled name. A larger value leads to a weaker hash and more collisions.
93 The largest possible value is 6.
94 */
95 static unsigned mangle_prefix;
96
97 /* we will use a very simple direct mapped prefix cache. The big
98 advantage of this cache structure is speed and low memory usage
99
100 The cache is indexed by the low-order bits of the hash, and confirmed by
101 hashing the resulting cache entry to match the known hash
102 */
103 static char **prefix_cache;
104 static u32 *prefix_cache_hashes;
105
106 /* these are the characters we use in the 8.3 hash. Must be 36 chars long */
107 static const char *basechars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
108 static unsigned char base_reverse[256];
109 #define base_forward(v) basechars[v]
110
111 /* the list of reserved dos names - all of these are illegal */
112 static const char *reserved_names[] =
113 { "AUX", "LOCK$", "CON", "COM1", "COM2", "COM3", "COM4",
114 "LPT1", "LPT2", "LPT3", "NUL", "PRN", NULL };
115
116 /*
117 hash a string of the specified length. The string does not need to be
118 null terminated
119
120 this hash needs to be fast with a low collision rate (what hash doesn't?)
121 */
122 static u32 mangle_hash(const char *key, unsigned int length)
123 {
124 u32 value;
125 u32 i;
126 fstring str;
127
128 /* we have to uppercase here to ensure that the mangled name
129 doesn't depend on the case of the long name. Note that this
130 is the only place where we need to use a multi-byte string
131 function */
132 length = MIN(length,sizeof(fstring)-1);
133 strncpy(str, key, length);
134 str[length] = 0;
135 strupper_m(str);
136
137 /* the length of a multi-byte string can change after a strupper_m */
138 length = strlen(str);
139
140 /* Set the initial value from the key size. */
141 for (value = FNV1_INIT, i=0; i < length; i++) {
142 value *= (u32)FNV1_PRIME;
143 value ^= (u32)(str[i]);
144 }
145
146 /* note that we force it to a 31 bit hash, to keep within the limits
147 of the 36^6 mangle space */
148 return value & ~0x80000000;
149 }
150
151 /*
152 initialise (ie. allocate) the prefix cache
153 */
154 static BOOL cache_init(void)
155 {
156 if (prefix_cache) {
157 return True;
158 }
159
160 prefix_cache = SMB_CALLOC_ARRAY(char *,MANGLE_CACHE_SIZE);
161 if (!prefix_cache) {
162 return False;
163 }
164
165 prefix_cache_hashes = SMB_CALLOC_ARRAY(u32, MANGLE_CACHE_SIZE);
166 if (!prefix_cache_hashes) {
167 return False;
168 }
169
170 return True;
171 }
172
173 /*
174 insert an entry into the prefix cache. The string might not be null
175 terminated */
176 static void cache_insert(const char *prefix, int length, u32 hash)
177 {
178 int i = hash % MANGLE_CACHE_SIZE;
179
180 if (prefix_cache[i]) {
181 free(prefix_cache[i]);
182 }
183
184 prefix_cache[i] = SMB_STRNDUP(prefix, length);
185 prefix_cache_hashes[i] = hash;
186 }
187
188 /*
189 lookup an entry in the prefix cache. Return NULL if not found.
190 */
191 static const char *cache_lookup(u32 hash)
192 {
193 int i = hash % MANGLE_CACHE_SIZE;
194
195 if (!prefix_cache[i] || hash != prefix_cache_hashes[i]) {
196 return NULL;
197 }
198
199 /* yep, it matched */
200 return prefix_cache[i];
201 }
202
203
204 /*
205 determine if a string is possibly in a mangled format, ignoring
206 case
207
208 In this algorithm, mangled names use only pure ascii characters (no
209 multi-byte) so we can avoid doing a UCS2 conversion
210 */
211 static BOOL is_mangled_component(const char *name, size_t len)
212 {
213 unsigned int i;
214
215 M_DEBUG(10,("is_mangled_component %s (len %u) ?\n", name, (unsigned int)len));
216
217 /* check the length */
218 if (len > 12 || len < 8)
219 return False;
220
221 /* the best distinguishing characteristic is the ~ */
222 if (name[6] != '~')
223 return False;
224
225 /* check extension */
226 if (len > 8) {
227 if (name[8] != '.')
228 return False;
229 for (i=9; name[i] && i < len; i++) {
230 if (! FLAG_CHECK(name[i], FLAG_ASCII)) {
231 return False;
232 }
233 }
234 }
235
236 /* check lead characters */
237 for (i=0;i<mangle_prefix;i++) {
238 if (! FLAG_CHECK(name[i], FLAG_ASCII)) {
239 return False;
240 }
241 }
242
243 /* check rest of hash */
244 if (! FLAG_CHECK(name[7], FLAG_BASECHAR)) {
245 return False;
246 }
247 for (i=mangle_prefix;i<6;i++) {
248 if (! FLAG_CHECK(name[i], FLAG_BASECHAR)) {
249 return False;
250 }
251 }
252
253 M_DEBUG(10,("is_mangled_component %s (len %u) -> yes\n", name, (unsigned int)len));
254
255 return True;
256 }
257
258
259
260 /*
261 determine if a string is possibly in a mangled format, ignoring
262 case
263
264 In this algorithm, mangled names use only pure ascii characters (no
265 multi-byte) so we can avoid doing a UCS2 conversion
266
267 NOTE! This interface must be able to handle a path with unix
268 directory separators. It should return true if any component is
269 mangled
270 */
271 static BOOL is_mangled(const char *name)
272 {
273 const char *p;
274 const char *s;
275
276 M_DEBUG(10,("is_mangled %s ?\n", name));
277
278 for (s=name; (p=strchr(s, '/')); s=p+1) {
279 if (is_mangled_component(s, PTR_DIFF(p, s))) {
280 return True;
281 }
282 }
283
284 /* and the last part ... */
285 return is_mangled_component(s,strlen(s));
286 }
287
288
289 /*
290 see if a filename is an allowable 8.3 name.
291
292 we are only going to allow ascii characters in 8.3 names, as this
293 simplifies things greatly (it means that we know the string won't
294 get larger when converted from UNIX to DOS formats)
295 */
296 static BOOL is_8_3(const char *name, BOOL check_case, BOOL allow_wildcards)
297 {
298 int len, i;
299 char *dot_p;
300
301 /* as a special case, the names '.' and '..' are allowable 8.3 names */
302 if (name[0] == '.') {
303 if (!name[1] || (name[1] == '.' && !name[2])) {
304 return True;
305 }
306 }
307
308 /* the simplest test is on the overall length of the
309 filename. Note that we deliberately use the ascii string
310 length (not the multi-byte one) as it is faster, and gives us
311 the result we need in this case. Using strlen_m would not
312 only be slower, it would be incorrect */
313 len = strlen(name);
314 if (len > 12)
315 return False;
316
317 /* find the '.'. Note that once again we use the non-multibyte
318 function */
319 dot_p = strchr(name, '.');
320
321 if (!dot_p) {
322 /* if the name doesn't contain a '.' then its length
323 must be less than 8 */
324 if (len > 8) {
325 return False;
326 }
327 } else {
328 int prefix_len, suffix_len;
329
330 /* if it does contain a dot then the prefix must be <=
331 8 and the suffix <= 3 in length */
332 prefix_len = PTR_DIFF(dot_p, name);
333 suffix_len = len - (prefix_len+1);
334
335 if (prefix_len > 8 || suffix_len > 3 || suffix_len == 0) {
336 return False;
337 }
338
339 /* a 8.3 name cannot contain more than 1 '.' */
340 if (strchr(dot_p+1, '.')) {
341 return False;
342 }
343 }
344
345 /* the length are all OK. Now check to see if the characters themselves are OK */
346 for (i=0; name[i]; i++) {
347 /* note that we may allow wildcard petterns! */
348 if (!FLAG_CHECK(name[i], FLAG_ASCII|(allow_wildcards ? FLAG_WILDCARD : 0)) && name[i] != '.') {
349 return False;
350 }
351 }
352
353 /* it is a good 8.3 name */
354 return True;
355 }
356
357
358 /*
359 reset the mangling cache on a smb.conf reload. This only really makes sense for
360 mangling backends that have parameters in smb.conf, and as this backend doesn't
361 this is a NULL operation
362 */
363 static void mangle_reset(void)
364 {
365 /* noop */
366 }
367
368
369 /*
370 try to find a 8.3 name in the cache, and if found then
371 replace the string with the original long name.
372 */
373 static BOOL check_cache(char *name, size_t maxlen)
374 {
375 u32 hash, multiplier;
376 unsigned int i;
377 const char *prefix;
378 char extension[4];
379
380 /* make sure that this is a mangled name from this cache */
381 if (!is_mangled(name)) {
382 M_DEBUG(10,("check_cache: %s -> not mangled\n", name));
383 return False;
384 }
385
386 /* we need to extract the hash from the 8.3 name */
387 hash = base_reverse[(unsigned char)name[7]];
388 for (multiplier=36, i=5;i>=mangle_prefix;i--) {
389 u32 v = base_reverse[(unsigned char)name[i]];
390 hash += multiplier * v;
391 multiplier *= 36;
392 }
393
394 /* now look in the prefix cache for that hash */
395 prefix = cache_lookup(hash);
396 if (!prefix) {
397 M_DEBUG(10,("check_cache: %s -> %08X -> not found\n", name, hash));
398 return False;
399 }
400
401 /* we found it - construct the full name */
402 if (name[8] == '.') {
403 strncpy(extension, name+9, 3);
404 extension[3] = 0;
405 } else {
406 extension[0] = 0;
407 }
408
409 if (extension[0]) {
410 M_DEBUG(10,("check_cache: %s -> %s.%s\n", name, prefix, extension));
411 slprintf(name, maxlen, "%s.%s", prefix, extension);
412 } else {
413 M_DEBUG(10,("check_cache: %s -> %s\n", name, prefix));
414 safe_strcpy(name, prefix, maxlen);
415 }
416
417 return True;
418 }
419
420
421 /*
422 look for a DOS reserved name
423 */
424 static BOOL is_reserved_name(const char *name)
425 {
426 if (FLAG_CHECK(name[0], FLAG_POSSIBLE1) &&
427 FLAG_CHECK(name[1], FLAG_POSSIBLE2) &&
428 FLAG_CHECK(name[2], FLAG_POSSIBLE3) &&
429 FLAG_CHECK(name[3], FLAG_POSSIBLE4)) {
430 /* a likely match, scan the lot */
431 int i;
432 for (i=0; reserved_names[i]; i++) {
433 int len = strlen(reserved_names[i]);
434 /* note that we match on COM1 as well as COM1.foo */
435 if (strnequal(name, reserved_names[i], len) &&
436 (name[len] == '.' || name[len] == 0)) {
437 return True;
438 }
439 }
440 }
441
442 return False;
443 }
444
445 /*
446 See if a filename is a legal long filename.
447 A filename ending in a '.' is not legal unless it's "." or "..". JRA.
448 */
449
450 static BOOL is_legal_name(const char *name)
451 {
452 const char *dot_pos = NULL;
453 BOOL alldots = True;
454 size_t numdots = 0;
455
456 while (*name) {
457 if (((unsigned int)name[0]) > 128 && (name[1] != 0)) {
458 /* Possible start of mb character. */
459 char mbc[2];
460 /*
461 * Note that if CH_UNIX is utf8 a string may be 3
462 * bytes, but this is ok as mb utf8 characters don't
463 * contain embedded ascii bytes. We are really checking
464 * for mb UNIX asian characters like Japanese (SJIS) here.
465 * JRA.
466 */
467 if (convert_string(CH_UNIX, CH_UCS2, name, 2, mbc, 2, False) == 2) {
468 /* Was a good mb string. */
469 name += 2;
470 continue;
471 }
472 }
473
474 if (FLAG_CHECK(name[0], FLAG_ILLEGAL)) {
475 return False;
476 }
477 if (name[0] == '.') {
478 dot_pos = name;
479 numdots++;
480 } else {
481 alldots = False;
482 }
483 name++;
484 }
485
486 if (dot_pos) {
487 if (alldots && (numdots == 1 || numdots == 2))
488 return True; /* . or .. is a valid name */
489
490 /* A valid long name cannot end in '.' */
491 if (dot_pos[1] == '\0')
492 return False;
493 }
494
495 return True;
496 }
497
498 /*
499 the main forward mapping function, which converts a long filename to
500 a 8.3 name
501
502 if need83 is not set then we only do the mangling if the name is illegal
503 as a long name
504
505 if cache83 is not set then we don't cache the result
506
507 the name parameter must be able to hold 13 bytes
508 */
509 static void name_map(fstring name, BOOL need83, BOOL cache83, int default_case)
510 {
511 char *dot_p;
512 char lead_chars[7];
513 char extension[4];
514 unsigned int extension_length, i;
515 unsigned int prefix_len;
516 u32 hash, v;
517 char new_name[13];
518
519 /* reserved names are handled specially */
520 if (!is_reserved_name(name)) {
521 /* if the name is already a valid 8.3 name then we don't need to
522 do anything */
523 if (is_8_3(name, False, False)) {
524 return;
525 }
526
527 /* if the caller doesn't strictly need 8.3 then just check for illegal
528 filenames */
529 if (!need83 && is_legal_name(name)) {
530 return;
531 }
532 }
533
534 /* find the '.' if any */
535 dot_p = strrchr(name, '.');
536
537 if (dot_p) {
538 /* if the extension contains any illegal characters or
539 is too long or zero length then we treat it as part
540 of the prefix */
541 for (i=0; i<4 && dot_p[i+1]; i++) {
542 if (! FLAG_CHECK(dot_p[i+1], FLAG_ASCII)) {
543 dot_p = NULL;
544 break;
545 }
546 }
547 if (i == 0 || i == 4) dot_p = NULL;
548 }
549
550 /* the leading characters in the mangled name is taken from
551 the first characters of the name, if they are ascii otherwise
552 '_' is used
553 */
554 for (i=0;i<mangle_prefix && name[i];i++) {
555 lead_chars[i] = name[i];
556 if (! FLAG_CHECK(lead_chars[i], FLAG_ASCII)) {
557 lead_chars[i] = '_';
558 }
559 lead_chars[i] = toupper(lead_chars[i]);
560 }
561 for (;i<mangle_prefix;i++) {
562 lead_chars[i] = '_';
563 }
564
565 /* the prefix is anything up to the first dot */
566 if (dot_p) {
567 prefix_len = PTR_DIFF(dot_p, name);
568 } else {
569 prefix_len = strlen(name);
570 }
571
572 /* the extension of the mangled name is taken from the first 3
573 ascii chars after the dot */
574 extension_length = 0;
575 if (dot_p) {
576 for (i=1; extension_length < 3 && dot_p[i]; i++) {
577 char c = dot_p[i];
578 if (FLAG_CHECK(c, FLAG_ASCII)) {
579 extension[extension_length++] = toupper(c);
580 }
581 }
582 }
583
584 /* find the hash for this prefix */
585 v = hash = mangle_hash(name, prefix_len);
586
587 /* now form the mangled name. */
588 for (i=0;i<mangle_prefix;i++) {
589 new_name[i] = lead_chars[i];
590 }
591 new_name[7] = base_forward(v % 36);
592 new_name[6] = '~';
593 for (i=5; i>=mangle_prefix; i--) {
594 v = v / 36;
595 new_name[i] = base_forward(v % 36);
596 }
597
598 /* add the extension */
599 if (extension_length) {
600 new_name[8] = '.';
601 memcpy(&new_name[9], extension, extension_length);
602 new_name[9+extension_length] = 0;
603 } else {
604 new_name[8] = 0;
605 }
606
607 if (cache83) {
608 /* put it in the cache */
609 cache_insert(name, prefix_len, hash);
610 }
611
612 M_DEBUG(10,("name_map: %s -> %08X -> %s (cache=%d)\n",
613 name, hash, new_name, cache83));
614
615 /* and overwrite the old name */
616 fstrcpy(name, new_name);
617
618 /* all done, we've managed to mangle it */
619 }
620
621
622 /* initialise the flags table
623
624 we allow only a very restricted set of characters as 'ascii' in this
625 mangling backend. This isn't a significant problem as modern clients
626 use the 'long' filenames anyway, and those don't have these
627 restrictions.
628 */
629 static void init_tables(void)
630 {
631 int i;
632
633 memset(char_flags, 0, sizeof(char_flags));
634
635 for (i=1;i<128;i++) {
636 if ((i >= '0' && i <= '9') ||
637 (i >= 'a' && i <= 'z') ||
638 (i >= 'A' && i <= 'Z')) {
639 char_flags[i] |= (FLAG_ASCII | FLAG_BASECHAR);
640 }
641 if (strchr("_-$~", i)) {
642 char_flags[i] |= FLAG_ASCII;
643 }
644
645 if (strchr("*\\/?<>|\":", i)) {
646 char_flags[i] |= FLAG_ILLEGAL;
647 }
648
649 if (strchr("*?\"<>", i)) {
650 char_flags[i] |= FLAG_WILDCARD;
651 }
652 }
653
654 memset(base_reverse, 0, sizeof(base_reverse));
655 for (i=0;i<36;i++) {
656 base_reverse[(unsigned char)base_forward(i)] = i;
657 }
658
659 /* fill in the reserved names flags. These are used as a very
660 fast filter for finding possible DOS reserved filenames */
661 for (i=0; reserved_names[i]; i++) {
662 unsigned char c1, c2, c3, c4;
663
664 c1 = (unsigned char)reserved_names[i][0];
665 c2 = (unsigned char)reserved_names[i][1];
666 c3 = (unsigned char)reserved_names[i][2];
667 c4 = (unsigned char)reserved_names[i][3];
668
669 char_flags[c1] |= FLAG_POSSIBLE1;
670 char_flags[c2] |= FLAG_POSSIBLE2;
671 char_flags[c3] |= FLAG_POSSIBLE3;
672 char_flags[c4] |= FLAG_POSSIBLE4;
673 char_flags[tolower(c1)] |= FLAG_POSSIBLE1;
674 char_flags[tolower(c2)] |= FLAG_POSSIBLE2;
675 char_flags[tolower(c3)] |= FLAG_POSSIBLE3;
676 char_flags[tolower(c4)] |= FLAG_POSSIBLE4;
677
678 char_flags[(unsigned char)'.'] |= FLAG_POSSIBLE4;
679 }
680 }
681
682
683 /*
684 the following provides the abstraction layer to make it easier
685 to drop in an alternative mangling implementation */
686 static struct mangle_fns mangle_fns = {
687 is_mangled,
688 is_8_3,
689 mangle_reset,
690 check_cache,
691 name_map
692 };
693
694 /* return the methods for this mangling implementation */
695 struct mangle_fns *mangle_hash2_init(void)
696 {
697 /* the mangle prefix can only be in the mange 1 to 6 */
698 mangle_prefix = lp_mangle_prefix();
699 if (mangle_prefix > 6) {
700 mangle_prefix = 6;
701 }
702 if (mangle_prefix < 1) {
703 mangle_prefix = 1;
704 }
705
706 init_tables();
707 mangle_reset();
708
709 if (!cache_init()) {
710 return NULL;
711 }
712
713 return &mangle_fns;
714 }
Samba GIT mirror