search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
smbd: Fix returning symlink stat info in the NO_OPATH case
[Samba.git] / source3 / smbd / files.c
blob7886f206a810c5b960c3c923643744b0a13278a8
1 /*
2 Unix SMB/CIFS implementation.
3 Files[] structure handling
4 Copyright (C) Andrew Tridgell 1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "smbd/smbXsrv_open.h"
24 #include "libcli/security/security.h"
25 #include "util_tdb.h"
26 #include "lib/util/bitmap.h"
27 #include "lib/util/strv.h"
28 #include "lib/util/memcache.h"
29 #include "libcli/smb/reparse.h"
30
31 #define FILE_HANDLE_OFFSET 0x1000
32
33 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
34 struct smb_filename **_smb_fname);
35
36 /**
37 * create new fsp to be used for file_new or a durable handle reconnect
38 */
39 NTSTATUS fsp_new(struct connection_struct *conn, TALLOC_CTX *mem_ctx,
40 files_struct **result)
41 {
42 NTSTATUS status = NT_STATUS_NO_MEMORY;
43 files_struct *fsp = NULL;
44 struct smbd_server_connection *sconn = conn->sconn;
45
46 fsp = talloc_zero(mem_ctx, struct files_struct);
47 if (fsp == NULL) {
48 goto fail;
49 }
50
51 /*
52 * This can't be a child of fsp because the file_handle can be ref'd
53 * when doing a dos/fcb open, which will then share the file_handle
54 * across multiple fsps.
55 */
56 fsp->fh = fd_handle_create(mem_ctx);
57 if (fsp->fh == NULL) {
58 goto fail;
59 }
60
61 fsp->fsp_flags.use_ofd_locks = !lp_smbd_force_process_locks(SNUM(conn));
62 #ifndef HAVE_OFD_LOCKS
63 fsp->fsp_flags.use_ofd_locks = false;
64 #endif
65
66 fh_set_refcount(fsp->fh, 1);
67 fsp_set_fd(fsp, -1);
68
69 fsp->fnum = FNUM_FIELD_INVALID;
70 fsp->conn = conn;
71 fsp->close_write_time = make_omit_timespec();
72
73 DLIST_ADD(sconn->files, fsp);
74 sconn->num_files += 1;
75
76 conn->num_files_open++;
77
78 DBG_INFO("allocated files structure (%u used)\n",
79 (unsigned int)sconn->num_files);
80
81 *result = fsp;
82 return NT_STATUS_OK;
83
84 fail:
85 if (fsp != NULL) {
86 TALLOC_FREE(fsp->fh);
87 }
88 TALLOC_FREE(fsp);
89
90 return status;
91 }
92
93 void fsp_set_gen_id(files_struct *fsp)
94 {
95 static uint64_t gen_id = 1;
96
97 /*
98 * A billion of 64-bit increments per second gives us
99 * more than 500 years of runtime without wrap.
100 */
101 gen_id++;
102 fh_set_gen_id(fsp->fh, gen_id);
103 }
104
105 /****************************************************************************
106 Find first available file slot.
107 ****************************************************************************/
108
109 NTSTATUS fsp_bind_smb(struct files_struct *fsp, struct smb_request *req)
110 {
111 struct smbXsrv_open *op = NULL;
112 NTTIME now;
113 NTSTATUS status;
114
115 if (req == NULL) {
116 DBG_DEBUG("INTERNAL_OPEN_ONLY, skipping smbXsrv_open\n");
117 return NT_STATUS_OK;
118 }
119
120 now = timeval_to_nttime(&fsp->open_time);
121
122 status = smbXsrv_open_create(req->xconn,
123 fsp->conn->session_info,
124 now,
125 &op);
126 if (!NT_STATUS_IS_OK(status)) {
127 return status;
128 }
129 fsp->op = op;
130 op->compat = fsp;
131 fsp->fnum = op->local_id;
132
133 fsp->mid = req->mid;
134 req->chain_fsp = fsp;
135
136 DBG_DEBUG("fsp [%s] mid [%" PRIu64"]\n",
137 fsp_str_dbg(fsp), fsp->mid);
138
139 return NT_STATUS_OK;
140 }
141
142 NTSTATUS file_new(struct smb_request *req, connection_struct *conn,
143 files_struct **result)
144 {
145 struct smbd_server_connection *sconn = conn->sconn;
146 files_struct *fsp;
147 NTSTATUS status;
148
149 status = fsp_new(conn, conn, &fsp);
150 if (!NT_STATUS_IS_OK(status)) {
151 return status;
152 }
153
154 GetTimeOfDay(&fsp->open_time);
155
156 status = fsp_bind_smb(fsp, req);
157 if (!NT_STATUS_IS_OK(status)) {
158 file_free(NULL, fsp);
159 return status;
160 }
161
162 fsp_set_gen_id(fsp);
163
164 /*
165 * Create an smb_filename with "" for the base_name. There are very
166 * few NULL checks, so make sure it's initialized with something. to
167 * be safe until an audit can be done.
168 */
169 fsp->fsp_name = synthetic_smb_fname(fsp,
170 "",
171 NULL,
172 NULL,
173 0,
174 0);
175 if (fsp->fsp_name == NULL) {
176 file_free(NULL, fsp);
177 return NT_STATUS_NO_MEMORY;
178 }
179
180 DBG_INFO("new file %s\n", fsp_fnum_dbg(fsp));
181
182 /* A new fsp invalidates the positive and
183 negative fsp_fi_cache as the new fsp is pushed
184 at the start of the list and we search from
185 a cache hit to the *end* of the list. */
186
187 ZERO_STRUCT(sconn->fsp_fi_cache);
188
189 *result = fsp;
190 return NT_STATUS_OK;
191 }
192
193 NTSTATUS create_internal_fsp(connection_struct *conn,
194 const struct smb_filename *smb_fname,
195 struct files_struct **_fsp)
196 {
197 struct files_struct *fsp = NULL;
198 NTSTATUS status;
199
200 status = file_new(NULL, conn, &fsp);
201 if (!NT_STATUS_IS_OK(status)) {
202 return status;
203 }
204
205 status = fsp_set_smb_fname(fsp, smb_fname);
206 if (!NT_STATUS_IS_OK(status)) {
207 file_free(NULL, fsp);
208 return status;
209 }
210
211 *_fsp = fsp;
212 return NT_STATUS_OK;
213 }
214
215 /*
216 * Create an internal fsp for an *existing* directory.
217 *
218 * This should only be used by callers in the VFS that need to control the
219 * opening of the directory. Otherwise use open_internal_dirfsp().
220 */
221 NTSTATUS create_internal_dirfsp(connection_struct *conn,
222 const struct smb_filename *smb_dname,
223 struct files_struct **_fsp)
224 {
225 struct files_struct *fsp = NULL;
226 NTSTATUS status;
227
228 status = create_internal_fsp(conn, smb_dname, &fsp);
229 if (!NT_STATUS_IS_OK(status)) {
230 return status;
231 }
232
233 fsp->access_mask = FILE_LIST_DIRECTORY;
234 fsp->fsp_flags.is_directory = true;
235 fsp->fsp_flags.is_dirfsp = true;
236
237 *_fsp = fsp;
238 return NT_STATUS_OK;
239 }
240
241 /*
242 * Open an internal fsp for an *existing* directory.
243 */
244 NTSTATUS open_internal_dirfsp(connection_struct *conn,
245 const struct smb_filename *smb_dname,
246 int _open_flags,
247 struct files_struct **_fsp)
248 {
249 struct vfs_open_how how = { .flags = _open_flags, };
250 struct files_struct *fsp = NULL;
251 NTSTATUS status;
252
253 status = create_internal_dirfsp(conn, smb_dname, &fsp);
254 if (!NT_STATUS_IS_OK(status)) {
255 return status;
256 }
257
258 #ifdef O_DIRECTORY
259 how.flags |= O_DIRECTORY;
260 #endif
261 status = fd_openat(conn->cwd_fsp, fsp->fsp_name, fsp, &how);
262 if (!NT_STATUS_IS_OK(status)) {
263 DBG_INFO("Could not open fd for %s (%s)\n",
264 smb_fname_str_dbg(smb_dname),
265 nt_errstr(status));
266 file_free(NULL, fsp);
267 return status;
268 }
269
270 status = vfs_stat_fsp(fsp);
271 if (!NT_STATUS_IS_OK(status)) {
272 file_free(NULL, fsp);
273 return status;
274 }
275
276 if (!S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
277 DBG_ERR("%s is not a directory!\n",
278 smb_fname_str_dbg(smb_dname));
279 file_free(NULL, fsp);
280 return NT_STATUS_NOT_A_DIRECTORY;
281 }
282
283 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
284
285 *_fsp = fsp;
286 return NT_STATUS_OK;
287 }
288
289 /*
290 * Convert a pathref dirfsp into a real fsp. No need to do any cwd
291 * tricks, we just open ".".
292 */
293 NTSTATUS openat_internal_dir_from_pathref(
294 struct files_struct *dirfsp,
295 int _open_flags,
296 struct files_struct **_fsp)
297 {
298 struct connection_struct *conn = dirfsp->conn;
299 struct smb_filename *smb_dname = dirfsp->fsp_name;
300 struct files_struct *fsp = NULL;
301 char dot[] = ".";
302 struct smb_filename smb_dot = {
303 .base_name = dot,
304 .flags = smb_dname->flags,
305 .twrp = smb_dname->twrp,
306 };
307 struct vfs_open_how how = { .flags = _open_flags, };
308 NTSTATUS status;
309
310 status = create_internal_dirfsp(conn, smb_dname, &fsp);
311 if (!NT_STATUS_IS_OK(status)) {
312 return status;
313 }
314
315 /*
316 * Pointless for opening ".", but you never know...
317 */
318 how.flags |= O_NOFOLLOW;
319
320 status = fd_openat(dirfsp, &smb_dot, fsp, &how);
321 if (!NT_STATUS_IS_OK(status)) {
322 DBG_INFO("fd_openat(\"%s\", \".\") failed: %s\n",
323 fsp_str_dbg(dirfsp),
324 nt_errstr(status));
325 file_free(NULL, fsp);
326 return status;
327 }
328
329 fsp->fsp_name->st = smb_dname->st;
330 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
331 *_fsp = fsp;
332 return NT_STATUS_OK;
333 }
334
335 /*
336 * The "link" in the name doesn't imply link in the filesystem
337 * sense. It's a object that "links" together an fsp and an smb_fname
338 * and the link allocated as talloc child of an fsp.
339 *
340 * The link is created for fsps that openat_pathref_fsp() returns in
341 * smb_fname->fsp. When this fsp is freed by file_free() by some caller
342 * somewhere, the destructor fsp_smb_fname_link_destructor() on the link object
343 * will use the link to reset the reference in smb_fname->fsp that is about to
344 * go away.
345 *
346 * This prevents smb_fname_internal_fsp_destructor() from seeing dangling fsp
347 * pointers.
348 */
349
350 struct fsp_smb_fname_link {
351 struct fsp_smb_fname_link **smb_fname_link;
352 struct files_struct **smb_fname_fsp;
353 };
354
355 static int fsp_smb_fname_link_destructor(struct fsp_smb_fname_link *link)
356 {
357 if (link->smb_fname_link == NULL) {
358 return 0;
359 }
360
361 *link->smb_fname_link = NULL;
362 *link->smb_fname_fsp = NULL;
363 return 0;
364 }
365
366 static NTSTATUS fsp_smb_fname_link(struct files_struct *fsp,
367 struct fsp_smb_fname_link **smb_fname_link,
368 struct files_struct **smb_fname_fsp)
369 {
370 struct fsp_smb_fname_link *link = NULL;
371
372 SMB_ASSERT(*smb_fname_link == NULL);
373 SMB_ASSERT(*smb_fname_fsp == NULL);
374
375 link = talloc_zero(fsp, struct fsp_smb_fname_link);
376 if (link == NULL) {
377 return NT_STATUS_NO_MEMORY;
378 }
379
380 link->smb_fname_link = smb_fname_link;
381 link->smb_fname_fsp = smb_fname_fsp;
382 *smb_fname_link = link;
383 *smb_fname_fsp = fsp;
384
385 talloc_set_destructor(link, fsp_smb_fname_link_destructor);
386 return NT_STATUS_OK;
387 }
388
389 /*
390 * Free a link, carefully avoiding to trigger the link destructor
391 */
392 static void destroy_fsp_smb_fname_link(struct fsp_smb_fname_link **_link)
393 {
394 struct fsp_smb_fname_link *link = *_link;
395
396 if (link == NULL) {
397 return;
398 }
399 talloc_set_destructor(link, NULL);
400 TALLOC_FREE(link);
401 *_link = NULL;
402 }
403
404 /*
405 * Talloc destructor set on an smb_fname set by openat_pathref_fsp() used to
406 * close the embedded smb_fname->fsp.
407 */
408 static int smb_fname_fsp_destructor(struct smb_filename *smb_fname)
409 {
410 struct files_struct *fsp = smb_fname->fsp;
411 struct files_struct *base_fsp = NULL;
412 NTSTATUS status;
413 int saved_errno = errno;
414
415 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
416
417 if (fsp == NULL) {
418 errno = saved_errno;
419 return 0;
420 }
421
422 if (fsp_is_alternate_stream(fsp)) {
423 base_fsp = fsp->base_fsp;
424 }
425
426 status = fd_close(fsp);
427 if (!NT_STATUS_IS_OK(status)) {
428 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
429 "Please check your filesystem!!!\n",
430 fsp_str_dbg(fsp), nt_errstr(status));
431 }
432 file_free(NULL, fsp);
433 smb_fname->fsp = NULL;
434
435 if (base_fsp != NULL) {
436 base_fsp->stream_fsp = NULL;
437 status = fd_close(base_fsp);
438 if (!NT_STATUS_IS_OK(status)) {
439 DBG_ERR("Closing fd for base_fsp [%s] failed: %s. "
440 "Please check your filesystem!!!\n",
441 fsp_str_dbg(base_fsp), nt_errstr(status));
442 }
443 file_free(NULL, base_fsp);
444 }
445
446 errno = saved_errno;
447 return 0;
448 }
449
450 static NTSTATUS openat_pathref_fullname(
451 struct connection_struct *conn,
452 const struct files_struct *dirfsp,
453 struct files_struct *basefsp,
454 struct smb_filename **full_fname,
455 struct smb_filename *smb_fname,
456 const struct vfs_open_how *how)
457 {
458 struct files_struct *fsp = NULL;
459 bool have_dirfsp = (dirfsp != NULL);
460 bool have_basefsp = (basefsp != NULL);
461 NTSTATUS status;
462
463 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
464
465 SMB_ASSERT(smb_fname->fsp == NULL);
466 SMB_ASSERT(have_dirfsp != have_basefsp);
467
468 status = fsp_new(conn, conn, &fsp);
469 if (!NT_STATUS_IS_OK(status)) {
470 return status;
471 }
472
473 GetTimeOfDay(&fsp->open_time);
474 fsp_set_gen_id(fsp);
475 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
476
477 fsp->fsp_flags.is_pathref = true;
478
479 status = fsp_attach_smb_fname(fsp, full_fname);
480 if (!NT_STATUS_IS_OK(status)) {
481 goto fail;
482 }
483 fsp_set_base_fsp(fsp, basefsp);
484
485 status = fd_openat(dirfsp, smb_fname, fsp, how);
486 if (!NT_STATUS_IS_OK(status)) {
487
488 smb_fname->st = fsp->fsp_name->st;
489
490 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND) ||
491 NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_NOT_FOUND) ||
492 NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK))
493 {
494 /*
495 * streams_xattr return NT_STATUS_NOT_FOUND for
496 * opens of not yet existing streams.
497 *
498 * ELOOP maps to NT_STATUS_OBJECT_PATH_NOT_FOUND
499 * and this will result from a open request from
500 * a POSIX client on a symlink.
501 *
502 * NT_STATUS_OBJECT_NAME_NOT_FOUND is the simple
503 * ENOENT case.
504 *
505 * NT_STATUS_STOPPED_ON_SYMLINK is returned when trying
506 * to open a symlink, our callers are not interested in
507 * this.
508 */
509 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
510 }
511 goto fail;
512 }
513
514 /*
515 * fd_openat() has done an FSTAT on the handle
516 * so update the smb_fname stat info with "truth".
517 * from the handle.
518 */
519 smb_fname->st = fsp->fsp_name->st;
520
521 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
522
523 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
524
525 status = fsp_smb_fname_link(fsp,
526 &smb_fname->fsp_link,
527 &smb_fname->fsp);
528 if (!NT_STATUS_IS_OK(status)) {
529 goto fail;
530 }
531
532 DBG_DEBUG("fsp [%s]: OK\n", fsp_str_dbg(fsp));
533
534 talloc_set_destructor(smb_fname, smb_fname_fsp_destructor);
535 return NT_STATUS_OK;
536
537 fail:
538 DBG_DEBUG("Opening pathref for [%s] failed: %s\n",
539 smb_fname_str_dbg(smb_fname),
540 nt_errstr(status));
541
542 fsp_set_base_fsp(fsp, NULL);
543 fd_close(fsp);
544 file_free(NULL, fsp);
545 return status;
546 }
547
548 /*
549 * Open an internal O_PATH based fsp for smb_fname. If O_PATH is not
550 * available, open O_RDONLY as root. Both is done in fd_open() ->
551 * non_widelink_open(), triggered by setting fsp->fsp_flags.is_pathref to
552 * true.
553 */
554 NTSTATUS openat_pathref_fsp(const struct files_struct *dirfsp,
555 struct smb_filename *smb_fname)
556 {
557 connection_struct *conn = dirfsp->conn;
558 struct smb_filename *full_fname = NULL;
559 struct smb_filename *base_fname = NULL;
560 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
561 NTSTATUS status;
562
563 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
564
565 if (smb_fname->fsp != NULL) {
566 /* We already have one for this name. */
567 DBG_DEBUG("smb_fname [%s] already has a pathref fsp.\n",
568 smb_fname_str_dbg(smb_fname));
569 return NT_STATUS_OK;
570 }
571
572 if (is_named_stream(smb_fname) &&
573 ((conn->fs_capabilities & FILE_NAMED_STREAMS) == 0)) {
574 DBG_DEBUG("stream open [%s] on non-stream share\n",
575 smb_fname_str_dbg(smb_fname));
576 return NT_STATUS_OBJECT_NAME_INVALID;
577 }
578
579 if (!is_named_stream(smb_fname)) {
580 /*
581 * openat_pathref_fullname() will make "full_fname" a
582 * talloc child of the smb_fname->fsp. Don't use
583 * talloc_tos() to allocate it to avoid making the
584 * talloc stackframe pool long-lived.
585 */
586 full_fname = full_path_from_dirfsp_atname(
587 conn,
588 dirfsp,
589 smb_fname);
590 if (full_fname == NULL) {
591 status = NT_STATUS_NO_MEMORY;
592 goto fail;
593 }
594 status = openat_pathref_fullname(
595 conn, dirfsp, NULL, &full_fname, smb_fname, &how);
596 TALLOC_FREE(full_fname);
597 return status;
598 }
599
600 /*
601 * stream open
602 */
603 base_fname = cp_smb_filename_nostream(conn, smb_fname);
604 if (base_fname == NULL) {
605 return NT_STATUS_NO_MEMORY;
606 }
607
608 full_fname = full_path_from_dirfsp_atname(
609 conn, /* no talloc_tos(), see comment above */
610 dirfsp,
611 base_fname);
612 if (full_fname == NULL) {
613 status = NT_STATUS_NO_MEMORY;
614 goto fail;
615 }
616
617 status = openat_pathref_fullname(
618 conn, dirfsp, NULL, &full_fname, base_fname, &how);
619 TALLOC_FREE(full_fname);
620 if (!NT_STATUS_IS_OK(status)) {
621 DBG_DEBUG("openat_pathref_fullname() failed: %s\n",
622 nt_errstr(status));
623 goto fail;
624 }
625
626 status = open_stream_pathref_fsp(&base_fname->fsp, smb_fname);
627 if (!NT_STATUS_IS_OK(status)) {
628 DBG_DEBUG("open_stream_pathref_fsp failed: %s\n",
629 nt_errstr(status));
630 goto fail;
631 }
632
633 smb_fname_fsp_unlink(base_fname);
634 fail:
635 TALLOC_FREE(base_fname);
636 return status;
637 }
638
639 /*
640 * Open a stream given an already opened base_fsp. Avoid
641 * non_widelink_open: This is only valid for the case where we have a
642 * valid non-cwd_fsp dirfsp that we can pass to SMB_VFS_OPENAT()
643 */
644 NTSTATUS open_stream_pathref_fsp(
645 struct files_struct **_base_fsp,
646 struct smb_filename *smb_fname)
647 {
648 struct files_struct *base_fsp = *_base_fsp;
649 connection_struct *conn = base_fsp->conn;
650 struct smb_filename *base_fname = base_fsp->fsp_name;
651 struct smb_filename *full_fname = NULL;
652 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
653 NTSTATUS status;
654
655 SMB_ASSERT(smb_fname->fsp == NULL);
656 SMB_ASSERT(is_named_stream(smb_fname));
657
658 full_fname = synthetic_smb_fname(
659 conn, /* no talloc_tos(), this will be long-lived */
660 base_fname->base_name,
661 smb_fname->stream_name,
662 &smb_fname->st,
663 smb_fname->twrp,
664 smb_fname->flags);
665 if (full_fname == NULL) {
666 return NT_STATUS_NO_MEMORY;
667 }
668
669 status = openat_pathref_fullname(
670 conn, NULL, base_fsp, &full_fname, smb_fname, &how);
671 TALLOC_FREE(full_fname);
672 return status;
673 }
674
675 static char *path_to_strv(TALLOC_CTX *mem_ctx, const char *path)
676 {
677 char *result = talloc_strdup(mem_ctx, path);
678
679 if (result == NULL) {
680 return NULL;
681 }
682 string_replace(result, '/', '\0');
683 return result;
684 }
685
686 NTSTATUS readlink_talloc(
687 TALLOC_CTX *mem_ctx,
688 struct files_struct *dirfsp,
689 struct smb_filename *smb_relname,
690 char **_substitute)
691 {
692 struct smb_filename null_fname = {
693 .base_name = discard_const_p(char, ""),
694 };
695 char buf[PATH_MAX];
696 ssize_t ret;
697 char *substitute;
698 NTSTATUS status;
699
700 if (smb_relname == NULL) {
701 /*
702 * We have a Linux O_PATH handle in dirfsp and want to
703 * read its value, essentially a freadlink
704 */
705 smb_relname = &null_fname;
706 }
707
708 ret = SMB_VFS_READLINKAT(
709 dirfsp->conn, dirfsp, smb_relname, buf, sizeof(buf));
710 if (ret < 0) {
711 status = map_nt_error_from_unix(errno);
712 DBG_DEBUG("SMB_VFS_READLINKAT() failed: %s\n",
713 strerror(errno));
714 return status;
715 }
716
717 if ((size_t)ret == sizeof(buf)) {
718 /*
719 * Do we need symlink targets longer than PATH_MAX?
720 */
721 DBG_DEBUG("Got full %zu bytes from readlink, too long\n",
722 sizeof(buf));
723 return NT_STATUS_BUFFER_OVERFLOW;
724 }
725
726 substitute = talloc_strndup(mem_ctx, buf, ret);
727 if (substitute == NULL) {
728 DBG_DEBUG("talloc_strndup() failed\n");
729 return NT_STATUS_NO_MEMORY;
730 }
731
732 *_substitute = substitute;
733 return NT_STATUS_OK;
734 }
735
736 NTSTATUS read_symlink_reparse(TALLOC_CTX *mem_ctx,
737 struct files_struct *dirfsp,
738 struct smb_filename *smb_relname,
739 struct reparse_data_buffer **_reparse)
740 {
741 struct reparse_data_buffer *reparse = NULL;
742 struct symlink_reparse_struct *lnk = NULL;
743 NTSTATUS status;
744
745 reparse = talloc_zero(mem_ctx, struct reparse_data_buffer);
746 if (reparse == NULL) {
747 goto nomem;
748 }
749 *reparse = (struct reparse_data_buffer){
750 .tag = IO_REPARSE_TAG_SYMLINK,
751 };
752 lnk = &reparse->parsed.lnk;
753
754 status = readlink_talloc(reparse,
755 dirfsp,
756 smb_relname,
757 &lnk->substitute_name);
758 if (!NT_STATUS_IS_OK(status)) {
759 DBG_DEBUG("readlink_talloc failed: %s\n", nt_errstr(status));
760 goto fail;
761 }
762
763 if (lnk->substitute_name[0] == '/') {
764 char *subdir_path = NULL;
765 char *abs_target_canon = NULL;
766 const char *relative = NULL;
767 bool in_share;
768
769 subdir_path = talloc_asprintf(talloc_tos(),
770 "%s/%s",
771 dirfsp->conn->connectpath,
772 dirfsp->fsp_name->base_name);
773 if (subdir_path == NULL) {
774 goto nomem;
775 }
776
777 abs_target_canon = canonicalize_absolute_path(
778 talloc_tos(), lnk->substitute_name);
779 if (abs_target_canon == NULL) {
780 goto nomem;
781 }
782
783 in_share = subdir_of(subdir_path,
784 strlen(subdir_path),
785 abs_target_canon,
786 &relative);
787 if (in_share) {
788 TALLOC_FREE(lnk->substitute_name);
789 lnk->substitute_name = talloc_strdup(reparse,
790 relative);
791 if (lnk->substitute_name == NULL) {
792 goto nomem;
793 }
794 }
795 }
796
797 if (!IS_DIRECTORY_SEP(lnk->substitute_name[0])) {
798 lnk->flags |= SYMLINK_FLAG_RELATIVE;
799 }
800
801 *_reparse = reparse;
802 return NT_STATUS_OK;
803 nomem:
804 status = NT_STATUS_NO_MEMORY;
805 fail:
806 TALLOC_FREE(reparse);
807 return status;
808 }
809
810 static bool full_path_extend(char **dir, const char *atname)
811 {
812 talloc_asprintf_addbuf(dir,
813 "%s%s",
814 (*dir)[0] == '\0' ? "" : "/",
815 atname);
816 return (*dir) != NULL;
817 }
818
819 NTSTATUS create_open_symlink_err(TALLOC_CTX *mem_ctx,
820 files_struct *dirfsp,
821 struct smb_filename *smb_relname,
822 struct open_symlink_err **_err)
823 {
824 struct open_symlink_err *err = NULL;
825 NTSTATUS status;
826
827 err = talloc_zero(mem_ctx, struct open_symlink_err);
828 if (err == NULL) {
829 return NT_STATUS_NO_MEMORY;
830 }
831
832 status = read_symlink_reparse(err, dirfsp, smb_relname, &err->reparse);
833 if (!NT_STATUS_IS_OK(status)) {
834 TALLOC_FREE(err);
835 return status;
836 }
837
838 *_err = err;
839 return NT_STATUS_OK;
840 }
841
842 /*
843 * Create the memcache-key for GETREALFILENAME_CACHE: This supplements
844 * the stat cache for the last component to be looked up. Cache
845 * contents is the correctly capitalized translation of the parameter
846 * "name" as it exists on disk. This is indexed by inode of the dirfsp
847 * and name, and contrary to stat_cahce_lookup() it does not
848 * vfs_stat() the last component. This will be taken care of by an
849 * attempt to do a openat_pathref_fsp().
850 */
851 static bool get_real_filename_cache_key(TALLOC_CTX *mem_ctx,
852 struct files_struct *dirfsp,
853 const char *name,
854 DATA_BLOB *_key)
855 {
856 struct file_id fid = vfs_file_id_from_sbuf(dirfsp->conn,
857 &dirfsp->fsp_name->st);
858 char *upper = NULL;
859 uint8_t *key = NULL;
860 size_t namelen, keylen;
861
862 upper = talloc_strdup_upper(mem_ctx, name);
863 if (upper == NULL) {
864 return false;
865 }
866 namelen = talloc_get_size(upper);
867
868 keylen = namelen + sizeof(fid);
869 if (keylen < sizeof(fid)) {
870 TALLOC_FREE(upper);
871 return false;
872 }
873
874 key = talloc_size(mem_ctx, keylen);
875 if (key == NULL) {
876 TALLOC_FREE(upper);
877 return false;
878 }
879
880 memcpy(key, &fid, sizeof(fid));
881 memcpy(key + sizeof(fid), upper, namelen);
882 TALLOC_FREE(upper);
883
884 *_key = (DATA_BLOB){
885 .data = key,
886 .length = keylen,
887 };
888 return true;
889 }
890
891 static int smb_vfs_openat_ci(TALLOC_CTX *mem_ctx,
892 bool case_sensitive,
893 struct connection_struct *conn,
894 struct files_struct *dirfsp,
895 struct smb_filename *smb_fname_rel,
896 files_struct *fsp,
897 const struct vfs_open_how *how)
898 {
899 char *orig_base_name = smb_fname_rel->base_name;
900 DATA_BLOB cache_key = {
901 .data = NULL,
902 };
903 DATA_BLOB cache_value = {
904 .data = NULL,
905 };
906 NTSTATUS status;
907 int fd;
908 bool ok;
909
910 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
911 if ((fd >= 0) || case_sensitive) {
912 return fd;
913 }
914 if (errno != ENOENT) {
915 return -1;
916 }
917
918 if (!lp_stat_cache()) {
919 goto lookup;
920 }
921
922 ok = get_real_filename_cache_key(mem_ctx,
923 dirfsp,
924 orig_base_name,
925 &cache_key);
926 if (!ok) {
927 /*
928 * probably ENOMEM, just bail
929 */
930 errno = ENOMEM;
931 return -1;
932 }
933
934 DO_PROFILE_INC(statcache_lookups);
935
936 ok = memcache_lookup(NULL,
937 GETREALFILENAME_CACHE,
938 cache_key,
939 &cache_value);
940 if (!ok) {
941 DO_PROFILE_INC(statcache_misses);
942 goto lookup;
943 }
944 DO_PROFILE_INC(statcache_hits);
945
946 smb_fname_rel->base_name = talloc_strndup(mem_ctx,
947 (char *)cache_value.data,
948 cache_value.length);
949 if (smb_fname_rel->base_name == NULL) {
950 TALLOC_FREE(cache_key.data);
951 smb_fname_rel->base_name = orig_base_name;
952 errno = ENOMEM;
953 return -1;
954 }
955
956 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
957 DBG_DEBUG("veto files rejecting last component %s\n",
958 smb_fname_str_dbg(smb_fname_rel));
959 TALLOC_FREE(cache_key.data);
960 smb_fname_rel->base_name = orig_base_name;
961 errno = EPERM;
962 return -1;
963 }
964
965 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
966 if (fd >= 0) {
967 TALLOC_FREE(cache_key.data);
968 return fd;
969 }
970
971 memcache_delete(NULL, GETREALFILENAME_CACHE, cache_key);
972
973 /*
974 * For the "new filename" case we need to preserve the
975 * capitalization the client sent us, see
976 * https://bugzilla.samba.org/show_bug.cgi?id=15481
977 */
978 TALLOC_FREE(smb_fname_rel->base_name);
979 smb_fname_rel->base_name = orig_base_name;
980
981 lookup:
982
983 status = get_real_filename_at(dirfsp,
984 orig_base_name,
985 mem_ctx,
986 &smb_fname_rel->base_name);
987 if (!NT_STATUS_IS_OK(status)) {
988 DBG_DEBUG("get_real_filename_at() failed: %s\n",
989 nt_errstr(status));
990 errno = ENOENT;
991 return -1;
992 }
993
994 if (IS_VETO_PATH(conn, smb_fname_rel->base_name)) {
995 DBG_DEBUG("found veto files path component "
996 "%s => %s\n",
997 orig_base_name,
998 smb_fname_rel->base_name);
999 TALLOC_FREE(smb_fname_rel->base_name);
1000 smb_fname_rel->base_name = orig_base_name;
1001 errno = ENOENT;
1002 return -1;
1003 }
1004
1005 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
1006
1007 if ((fd >= 0) && (cache_key.data != NULL)) {
1008 DATA_BLOB value = {
1009 .data = (uint8_t *)smb_fname_rel->base_name,
1010 .length = strlen(smb_fname_rel->base_name) + 1,
1011 };
1012
1013 memcache_add(NULL, GETREALFILENAME_CACHE, cache_key, value);
1014 TALLOC_FREE(cache_key.data);
1015 }
1016
1017 return fd;
1018 }
1019
1020 NTSTATUS openat_pathref_fsp_nosymlink(TALLOC_CTX *mem_ctx,
1021 struct connection_struct *conn,
1022 struct files_struct *in_dirfsp,
1023 const char *path_in,
1024 NTTIME twrp,
1025 bool posix,
1026 struct smb_filename **_smb_fname,
1027 struct open_symlink_err **_symlink_err)
1028 {
1029 struct files_struct *dirfsp = in_dirfsp;
1030 struct smb_filename full_fname = {
1031 .base_name = NULL,
1032 .twrp = twrp,
1033 .flags = posix ? SMB_FILENAME_POSIX_PATH : 0,
1034 };
1035 struct smb_filename rel_fname = {
1036 .base_name = NULL,
1037 .twrp = twrp,
1038 .flags = full_fname.flags,
1039 };
1040 struct smb_filename *result = NULL;
1041 struct open_symlink_err *symlink_err = NULL;
1042 struct files_struct *fsp = NULL;
1043 char *path = NULL, *next = NULL;
1044 bool ok, is_toplevel;
1045 int fd;
1046 NTSTATUS status;
1047 struct vfs_open_how how = {
1048 .flags = O_NOFOLLOW | O_NONBLOCK,
1049 .mode = 0,
1050 };
1051
1052 DBG_DEBUG("path_in=%s\n", path_in);
1053
1054 status = fsp_new(conn, conn, &fsp);
1055 if (!NT_STATUS_IS_OK(status)) {
1056 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1057 goto fail;
1058 }
1059
1060 GetTimeOfDay(&fsp->open_time);
1061 fsp_set_gen_id(fsp);
1062 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1063
1064 fsp->fsp_name = &full_fname;
1065
1066 #ifdef O_PATH
1067 /*
1068 * Add O_PATH manually, doing this by setting
1069 * fsp->fsp_flags.is_pathref will make us become_root() in the
1070 * non-O_PATH case, which would cause a security problem.
1071 */
1072 how.flags |= O_PATH;
1073 #else
1074 #ifdef O_SEARCH
1075 /*
1076 * O_SEARCH just checks for the "x" bit. We are traversing
1077 * directories, so we don't need the implicit O_RDONLY ("r"
1078 * permissions) but only the "x"-permissions requested by
1079 * O_SEARCH. We need either O_PATH or O_SEARCH to correctly
1080 * function, without either we will incorrectly require also
1081 * the "r" bit when traversing the directory hierarchy.
1082 */
1083 how.flags |= O_SEARCH;
1084 #endif
1085 #endif
1086
1087 is_toplevel = (dirfsp == dirfsp->conn->cwd_fsp);
1088 is_toplevel |= ISDOT(dirfsp->fsp_name->base_name);
1089
1090 full_fname.base_name =
1091 talloc_strdup(talloc_tos(),
1092 is_toplevel ? "" : dirfsp->fsp_name->base_name);
1093 if (full_fname.base_name == NULL) {
1094 DBG_DEBUG("talloc_strdup() failed\n");
1095 goto nomem;
1096 }
1097
1098 /*
1099 * First split the path into individual components.
1100 */
1101 path = path_to_strv(talloc_tos(), path_in);
1102 if (path == NULL) {
1103 DBG_DEBUG("path_to_strv() failed\n");
1104 goto nomem;
1105 }
1106
1107 /*
1108 * First we loop over all components
1109 * in order to verify, there's no '.' or '..'
1110 */
1111 rel_fname.base_name = path;
1112 while (rel_fname.base_name != NULL) {
1113
1114 next = strv_next(path, rel_fname.base_name);
1115
1116 /*
1117 * Path sanitizing further up has cleaned or rejected
1118 * empty path components. Assert this here.
1119 */
1120 SMB_ASSERT(rel_fname.base_name[0] != '\0');
1121
1122 if (ISDOT(rel_fname.base_name) ||
1123 ISDOTDOT(rel_fname.base_name)) {
1124 DBG_DEBUG("%s contains a dot\n", path_in);
1125 status = NT_STATUS_OBJECT_NAME_INVALID;
1126 goto fail;
1127 }
1128
1129 /* Check veto files. */
1130 if (IS_VETO_PATH(conn, rel_fname.base_name)) {
1131 DBG_DEBUG("%s contains veto files path component %s\n",
1132 path_in, rel_fname.base_name);
1133 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
1134 goto fail;
1135 }
1136
1137 rel_fname.base_name = next;
1138 }
1139
1140 if (conn->open_how_resolve & VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS) {
1141
1142 /*
1143 * Try a direct openat2 with RESOLVE_NO_SYMLINKS to
1144 * avoid the openat/close loop further down.
1145 */
1146
1147 rel_fname.base_name = discard_const_p(char, path_in);
1148 how.resolve = VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS;
1149
1150 fd = SMB_VFS_OPENAT(conn, dirfsp, &rel_fname, fsp, &how);
1151 if (fd >= 0) {
1152 fsp_set_fd(fsp, fd);
1153 ok = full_path_extend(&full_fname.base_name,
1154 rel_fname.base_name);
1155 if (!ok) {
1156 goto nomem;
1157 }
1158 goto done;
1159 }
1160
1161 status = map_nt_error_from_unix(errno);
1162 DBG_DEBUG("SMB_VFS_OPENAT(%s, %s, RESOLVE_NO_SYMLINKS) "
1163 "returned %d %s => %s\n",
1164 smb_fname_str_dbg(dirfsp->fsp_name), path_in,
1165 errno, strerror(errno), nt_errstr(status));
1166 SMB_ASSERT(fd == -1);
1167 switch (errno) {
1168 case ENOSYS:
1169 /*
1170 * We got ENOSYS, so fallback to the old code
1171 * if the kernel doesn't support openat2() yet.
1172 */
1173 break;
1174
1175 case ELOOP:
1176 case ENOTDIR:
1177 /*
1178 * For ELOOP we also fallback in order to
1179 * return the correct information with
1180 * NT_STATUS_STOPPED_ON_SYMLINK.
1181 *
1182 * O_NOFOLLOW|O_DIRECTORY results in
1183 * ENOTDIR instead of ELOOP for the final
1184 * component.
1185 */
1186 break;
1187
1188 case ENOENT:
1189 /*
1190 * If we got ENOENT, the filesystem could
1191 * be case sensitive. For now we only do
1192 * the get_real_filename_at() dance in
1193 * the fallback loop below.
1194 */
1195 break;
1196
1197 default:
1198 goto fail;
1199 }
1200
1201 /*
1202 * Just fallback to the openat loop
1203 */
1204 how.resolve = 0;
1205 }
1206
1207 /*
1208 * Now we loop over all components
1209 * opening each one and using it
1210 * as dirfd for the next one.
1211 *
1212 * It means we can detect symlinks
1213 * within the path.
1214 */
1215 rel_fname.base_name = path;
1216 next:
1217 next = strv_next(path, rel_fname.base_name);
1218
1219 fd = smb_vfs_openat_ci(talloc_tos(),
1220 posix || conn->case_sensitive,
1221 conn,
1222 dirfsp,
1223 &rel_fname,
1224 fsp,
1225 &how);
1226
1227 #ifndef O_PATH
1228 if ((fd == -1) && (errno == ELOOP)) {
1229 int ret;
1230
1231 /*
1232 * openat() hit a symlink. With O_PATH we open the
1233 * symlink and get ENOTDIR in the next round, see
1234 * below.
1235 */
1236
1237 status = create_open_symlink_err(mem_ctx,
1238 dirfsp,
1239 &rel_fname,
1240 &symlink_err);
1241 if (!NT_STATUS_IS_OK(status)) {
1242 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1243 nt_errstr(status));
1244 goto fail;
1245 }
1246
1247 if (next != NULL) {
1248 size_t parsed = next - path;
1249 size_t len = talloc_get_size(path);
1250 symlink_err->unparsed = len - parsed;
1251 }
1252
1253 /*
1254 * We know rel_fname is a symlink, now fill in the
1255 * rest of the metadata for our callers.
1256 */
1257
1258 ret = SMB_VFS_FSTATAT(conn,
1259 dirfsp,
1260 &rel_fname,
1261 &full_fname.st,
1262 AT_SYMLINK_NOFOLLOW);
1263 if (ret == -1) {
1264 status = map_nt_error_from_unix(errno);
1265 DBG_DEBUG("SMB_VFS_FSTATAT(%s/%s) failed: %s\n",
1266 fsp_str_dbg(dirfsp),
1267 rel_fname.base_name,
1268 strerror(errno));
1269 TALLOC_FREE(symlink_err);
1270 goto fail;
1271 }
1272
1273 if (!S_ISLNK(full_fname.st.st_ex_mode)) {
1274 /*
1275 * Hit a race: readlink_talloc() worked before
1276 * the fstatat(), but rel_fname changed to
1277 * something that's not a symlink.
1278 */
1279 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
1280 TALLOC_FREE(symlink_err);
1281 goto fail;
1282 }
1283
1284 status = NT_STATUS_STOPPED_ON_SYMLINK;
1285 goto fail;
1286 }
1287 #endif
1288
1289 if ((fd == -1) && (errno == ENOTDIR)) {
1290 size_t parsed, len;
1291
1292 /*
1293 * dirfsp does not point at a directory, try a
1294 * freadlink.
1295 */
1296
1297 status = create_open_symlink_err(mem_ctx,
1298 dirfsp,
1299 NULL,
1300 &symlink_err);
1301
1302 if (!NT_STATUS_IS_OK(status)) {
1303 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1304 nt_errstr(status));
1305 status = NT_STATUS_NOT_A_DIRECTORY;
1306 goto fail;
1307 }
1308
1309 parsed = rel_fname.base_name - path;
1310 len = talloc_get_size(path);
1311 symlink_err->unparsed = len - parsed;
1312
1313 symlink_err->st = dirfsp->fsp_name->st;
1314
1315 status = NT_STATUS_STOPPED_ON_SYMLINK;
1316 goto fail;
1317 }
1318
1319 if (fd == -1) {
1320 status = map_nt_error_from_unix(errno);
1321 DBG_DEBUG("SMB_VFS_OPENAT() failed: %s\n",
1322 strerror(errno));
1323 goto fail;
1324 }
1325 fsp_set_fd(fsp, fd);
1326
1327 ok = full_path_extend(&full_fname.base_name, rel_fname.base_name);
1328 if (!ok) {
1329 goto nomem;
1330 }
1331
1332 if (next != NULL) {
1333 struct files_struct *tmp = NULL;
1334
1335 if (dirfsp != in_dirfsp) {
1336 fd_close(dirfsp);
1337 }
1338
1339 tmp = dirfsp;
1340 dirfsp = fsp;
1341
1342 if (tmp == in_dirfsp) {
1343 status = fsp_new(conn, conn, &fsp);
1344 if (!NT_STATUS_IS_OK(status)) {
1345 DBG_DEBUG("fsp_new() failed: %s\n",
1346 nt_errstr(status));
1347 goto fail;
1348 }
1349 fsp->fsp_name = &full_fname;
1350 } else {
1351 fsp = tmp;
1352 }
1353
1354 rel_fname.base_name = next;
1355
1356 goto next;
1357 }
1358
1359 if (dirfsp != in_dirfsp) {
1360 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1361 fd_close(dirfsp);
1362 dirfsp->fsp_name = NULL;
1363 file_free(NULL, dirfsp);
1364 dirfsp = NULL;
1365 }
1366
1367 done:
1368 fsp->fsp_flags.is_pathref = true;
1369 fsp->fsp_name = NULL;
1370
1371 status = fsp_set_smb_fname(fsp, &full_fname);
1372 if (!NT_STATUS_IS_OK(status)) {
1373 DBG_DEBUG("fsp_set_smb_fname() failed: %s\n",
1374 nt_errstr(status));
1375 goto fail;
1376 }
1377
1378 status = vfs_stat_fsp(fsp);
1379 if (!NT_STATUS_IS_OK(status)) {
1380 DBG_DEBUG("vfs_stat_fsp(%s) failed: %s\n",
1381 fsp_str_dbg(fsp),
1382 nt_errstr(status));
1383 goto fail;
1384 }
1385
1386 if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
1387 /*
1388 * Last component was a symlink we opened with O_PATH, fail it
1389 * here.
1390 */
1391 status = create_open_symlink_err(mem_ctx,
1392 fsp,
1393 NULL,
1394 &symlink_err);
1395 if (!NT_STATUS_IS_OK(status)) {
1396 return status;
1397 }
1398 symlink_err->st = fsp->fsp_name->st;
1399
1400 status = NT_STATUS_STOPPED_ON_SYMLINK;
1401 goto fail;
1402 }
1403
1404 /*
1405 * We must correctly set fsp->file_id as code inside
1406 * open.c will use this to check if delete_on_close
1407 * has been set on the dirfsp.
1408 */
1409 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1410
1411 result = cp_smb_filename(mem_ctx, fsp->fsp_name);
1412 if (result == NULL) {
1413 DBG_DEBUG("cp_smb_filename() failed\n");
1414 goto nomem;
1415 }
1416
1417 status = fsp_smb_fname_link(fsp,
1418 &result->fsp_link,
1419 &result->fsp);
1420 if (!NT_STATUS_IS_OK(status)) {
1421 goto fail;
1422 }
1423 talloc_set_destructor(result, smb_fname_fsp_destructor);
1424
1425 *_smb_fname = result;
1426
1427 DBG_DEBUG("returning %s\n", smb_fname_str_dbg(result));
1428
1429 return NT_STATUS_OK;
1430
1431 nomem:
1432 status = NT_STATUS_NO_MEMORY;
1433 fail:
1434 if (fsp != NULL) {
1435 if (fsp_get_pathref_fd(fsp) != -1) {
1436 fd_close(fsp);
1437 }
1438 file_free(NULL, fsp);
1439 fsp = NULL;
1440 }
1441
1442 if ((dirfsp != NULL) && (dirfsp != in_dirfsp)) {
1443 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1444 fd_close(dirfsp);
1445 dirfsp->fsp_name = NULL;
1446 file_free(NULL, dirfsp);
1447 dirfsp = NULL;
1448 }
1449
1450 if (NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK)) {
1451 *_symlink_err = symlink_err;
1452 }
1453
1454 TALLOC_FREE(path);
1455 return status;
1456 }
1457
1458 /*
1459 * Open smb_fname_rel->fsp as a pathref fsp with a case insensitive
1460 * fallback using GETREALFILENAME_CACHE and get_real_filename_at() if
1461 * the first attempt based on the filename sent by the client gives
1462 * ENOENT.
1463 */
1464 NTSTATUS openat_pathref_fsp_lcomp(struct files_struct *dirfsp,
1465 struct smb_filename *smb_fname_rel,
1466 uint32_t ucf_flags)
1467 {
1468 struct connection_struct *conn = dirfsp->conn;
1469 const char *orig_rel_base_name = smb_fname_rel->base_name;
1470 struct files_struct *fsp = NULL;
1471 struct smb_filename *full_fname = NULL;
1472 struct vfs_open_how how = {
1473 .flags = O_RDONLY | O_NONBLOCK | O_NOFOLLOW,
1474 };
1475 NTSTATUS status;
1476 int ret, fd;
1477
1478 /*
1479 * Make sure we don't need of the all the magic in
1480 * openat_pathref_fsp() with regards non_widelink_open etc.
1481 */
1482
1483 SMB_ASSERT((smb_fname_rel->fsp == NULL) &&
1484 (dirfsp != dirfsp->conn->cwd_fsp) &&
1485 (strchr_m(smb_fname_rel->base_name, '/') == NULL) &&
1486 !is_named_stream(smb_fname_rel));
1487
1488 SET_STAT_INVALID(smb_fname_rel->st);
1489
1490 /* Check veto files - only looks at last component. */
1491 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
1492 DBG_DEBUG("veto files rejecting last component %s\n",
1493 smb_fname_str_dbg(smb_fname_rel));
1494 return NT_STATUS_NETWORK_OPEN_RESTRICTION;
1495 }
1496
1497 status = fsp_new(conn, conn, &fsp);
1498 if (!NT_STATUS_IS_OK(status)) {
1499 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1500 return status;
1501 }
1502
1503 GetTimeOfDay(&fsp->open_time);
1504 fsp_set_gen_id(fsp);
1505 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1506
1507 fsp->fsp_flags.is_pathref = true;
1508
1509 full_fname = full_path_from_dirfsp_atname(conn, dirfsp, smb_fname_rel);
1510 if (full_fname == NULL) {
1511 DBG_DEBUG("full_path_from_dirfsp_atname(%s/%s) failed\n",
1512 dirfsp->fsp_name->base_name,
1513 smb_fname_rel->base_name);
1514 file_free(NULL, fsp);
1515 return NT_STATUS_NO_MEMORY;
1516 }
1517
1518 status = fsp_attach_smb_fname(fsp, &full_fname);
1519 if (!NT_STATUS_IS_OK(status)) {
1520 DBG_DEBUG("fsp_attach_smb_fname(fsp, %s) failed: %s\n",
1521 smb_fname_str_dbg(full_fname),
1522 nt_errstr(status));
1523 file_free(NULL, fsp);
1524 return status;
1525 }
1526
1527 fd = smb_vfs_openat_ci(smb_fname_rel,
1528 (ucf_flags & UCF_POSIX_PATHNAMES) ||
1529 conn->case_sensitive,
1530 conn,
1531 dirfsp,
1532 smb_fname_rel,
1533 fsp,
1534 &how);
1535
1536 if ((fd == -1) && (errno == ENOENT)) {
1537 status = map_nt_error_from_unix(errno);
1538 DBG_DEBUG("smb_vfs_openat(%s/%s) failed: %s\n",
1539 dirfsp->fsp_name->base_name,
1540 smb_fname_rel->base_name,
1541 strerror(errno));
1542 file_free(NULL, fsp);
1543 return status;
1544 }
1545
1546 if (smb_fname_rel->base_name != orig_rel_base_name) {
1547 struct smb_filename new_fullname = *smb_fname_rel;
1548
1549 DBG_DEBUG("rel->base_name changed from %s to %s\n",
1550 orig_rel_base_name,
1551 smb_fname_rel->base_name);
1552
1553 new_fullname.base_name = full_path_from_dirfsp_at_basename(
1554 talloc_tos(), dirfsp, new_fullname.base_name);
1555 if (new_fullname.base_name == NULL) {
1556 fd_close(fsp);
1557 file_free(NULL, fsp);
1558 return NT_STATUS_NO_MEMORY;
1559 }
1560
1561 status = fsp_set_smb_fname(fsp, &new_fullname);
1562 if (!NT_STATUS_IS_OK(status)) {
1563 fd_close(fsp);
1564 file_free(NULL, fsp);
1565 return status;
1566 }
1567 }
1568
1569 fsp_set_fd(fsp, fd);
1570
1571 if (fd >= 0) {
1572 ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st);
1573 } else {
1574 ret = SMB_VFS_FSTATAT(fsp->conn,
1575 dirfsp,
1576 smb_fname_rel,
1577 &fsp->fsp_name->st,
1578 AT_SYMLINK_NOFOLLOW);
1579 }
1580 if (ret == -1) {
1581 status = map_nt_error_from_unix(errno);
1582 DBG_DEBUG("SMB_VFS_%sSTAT(%s/%s) failed: %s\n",
1583 (fd >= 0) ? "F" : "",
1584 dirfsp->fsp_name->base_name,
1585 smb_fname_rel->base_name,
1586 strerror(errno));
1587 fd_close(fsp);
1588 file_free(NULL, fsp);
1589 return status;
1590 }
1591
1592 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
1593 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1594
1595 smb_fname_rel->st = fsp->fsp_name->st;
1596
1597 status = fsp_smb_fname_link(fsp,
1598 &smb_fname_rel->fsp_link,
1599 &smb_fname_rel->fsp);
1600 if (!NT_STATUS_IS_OK(status)) {
1601 DBG_DEBUG("fsp_smb_fname_link() failed: %s\n",
1602 nt_errstr(status));
1603 fd_close(fsp);
1604 file_free(NULL, fsp);
1605 return status;
1606 }
1607
1608 DBG_DEBUG("fsp [%s]: OK, fd=%d\n", fsp_str_dbg(fsp), fd);
1609
1610 talloc_set_destructor(smb_fname_rel, smb_fname_fsp_destructor);
1611 return NT_STATUS_OK;
1612 }
1613
1614 void smb_fname_fsp_unlink(struct smb_filename *smb_fname)
1615 {
1616 talloc_set_destructor(smb_fname, NULL);
1617 smb_fname->fsp = NULL;
1618 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1619 }
1620
1621 /*
1622 * Move any existing embedded fsp refs from the src name to the
1623 * destination. It's safe to call this on src smb_fname's that have no embedded
1624 * pathref fsp.
1625 */
1626 NTSTATUS move_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1627 struct smb_filename *smb_fname_src)
1628 {
1629 NTSTATUS status;
1630
1631 /*
1632 * The target should always not be linked yet!
1633 */
1634 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1635 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1636
1637 if (smb_fname_src->fsp == NULL) {
1638 return NT_STATUS_OK;
1639 }
1640
1641 status = fsp_smb_fname_link(smb_fname_src->fsp,
1642 &smb_fname_dst->fsp_link,
1643 &smb_fname_dst->fsp);
1644 if (!NT_STATUS_IS_OK(status)) {
1645 return status;
1646 }
1647
1648 talloc_set_destructor(smb_fname_dst, smb_fname_fsp_destructor);
1649
1650 smb_fname_fsp_unlink(smb_fname_src);
1651
1652 return NT_STATUS_OK;
1653 }
1654
1655 static int fsp_ref_no_close_destructor(struct smb_filename *smb_fname)
1656 {
1657 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1658 return 0;
1659 }
1660
1661 NTSTATUS reference_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1662 const struct smb_filename *smb_fname_src)
1663 {
1664 NTSTATUS status;
1665
1666 /*
1667 * The target should always not be linked yet!
1668 */
1669 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1670 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1671
1672 if (smb_fname_src->fsp == NULL) {
1673 return NT_STATUS_OK;
1674 }
1675
1676 status = fsp_smb_fname_link(smb_fname_src->fsp,
1677 &smb_fname_dst->fsp_link,
1678 &smb_fname_dst->fsp);
1679 if (!NT_STATUS_IS_OK(status)) {
1680 return status;
1681 }
1682
1683 talloc_set_destructor(smb_fname_dst, fsp_ref_no_close_destructor);
1684
1685 return NT_STATUS_OK;
1686 }
1687
1688 /**
1689 * Create an smb_fname and open smb_fname->fsp pathref
1690 **/
1691 NTSTATUS synthetic_pathref(TALLOC_CTX *mem_ctx,
1692 struct files_struct *dirfsp,
1693 const char *base_name,
1694 const char *stream_name,
1695 const SMB_STRUCT_STAT *psbuf,
1696 NTTIME twrp,
1697 uint32_t flags,
1698 struct smb_filename **_smb_fname)
1699 {
1700 struct smb_filename *smb_fname = NULL;
1701 NTSTATUS status;
1702
1703 smb_fname = synthetic_smb_fname(mem_ctx,
1704 base_name,
1705 stream_name,
1706 psbuf,
1707 twrp,
1708 flags);
1709 if (smb_fname == NULL) {
1710 return NT_STATUS_NO_MEMORY;
1711 }
1712
1713 status = openat_pathref_fsp(dirfsp, smb_fname);
1714 if (!NT_STATUS_IS_OK(status)) {
1715 DBG_NOTICE("opening [%s] failed\n",
1716 smb_fname_str_dbg(smb_fname));
1717 TALLOC_FREE(smb_fname);
1718 return status;
1719 }
1720
1721 *_smb_fname = smb_fname;
1722 return NT_STATUS_OK;
1723 }
1724
1725 /**
1726 * Turn a path into a parent pathref and atname
1727 *
1728 * This returns the parent pathref in _parent and the name relative to it. If
1729 * smb_fname was a pathref (ie smb_fname->fsp != NULL), then _atname will be a
1730 * pathref as well, ie _atname->fsp will point at the same fsp as
1731 * smb_fname->fsp.
1732 **/
1733 NTSTATUS parent_pathref(TALLOC_CTX *mem_ctx,
1734 struct files_struct *dirfsp,
1735 const struct smb_filename *smb_fname,
1736 struct smb_filename **_parent,
1737 struct smb_filename **_atname)
1738 {
1739 struct smb_filename *parent = NULL;
1740 struct smb_filename *atname = NULL;
1741 NTSTATUS status;
1742
1743 status = SMB_VFS_PARENT_PATHNAME(dirfsp->conn,
1744 mem_ctx,
1745 smb_fname,
1746 &parent,
1747 &atname);
1748 if (!NT_STATUS_IS_OK(status)) {
1749 return status;
1750 }
1751
1752 /*
1753 * We know that the parent name must
1754 * exist, and the name has been canonicalized
1755 * even if this was a POSIX pathname.
1756 * Ensure that we follow symlinks for
1757 * the parent. See the torture test
1758 * POSIX-SYMLINK-PARENT for details.
1759 */
1760 parent->flags &= ~SMB_FILENAME_POSIX_PATH;
1761
1762 status = openat_pathref_fsp(dirfsp, parent);
1763 if (!NT_STATUS_IS_OK(status)) {
1764 TALLOC_FREE(parent);
1765 return status;
1766 }
1767
1768 status = reference_smb_fname_fsp_link(atname, smb_fname);
1769 if (!NT_STATUS_IS_OK(status)) {
1770 TALLOC_FREE(parent);
1771 return status;
1772 }
1773
1774 *_parent = parent;
1775 *_atname = atname;
1776 return NT_STATUS_OK;
1777 }
1778
1779 static bool close_file_in_loop(struct files_struct *fsp,
1780 enum file_close_type close_type)
1781 {
1782 if (fsp_is_alternate_stream(fsp)) {
1783 /*
1784 * This is a stream, it can't be a base
1785 */
1786 SMB_ASSERT(fsp->stream_fsp == NULL);
1787 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
1788
1789 /*
1790 * Remove the base<->stream link so that
1791 * close_file_free() does not close fsp->base_fsp as
1792 * well. This would destroy walking the linked list of
1793 * fsps.
1794 */
1795 fsp->base_fsp->stream_fsp = NULL;
1796 fsp->base_fsp = NULL;
1797
1798 close_file_free(NULL, &fsp, close_type);
1799 return NULL;
1800 }
1801
1802 if (fsp->stream_fsp != NULL) {
1803 /*
1804 * This is the base of a stream.
1805 */
1806 SMB_ASSERT(fsp->stream_fsp->base_fsp == fsp);
1807
1808 /*
1809 * Remove the base<->stream link. This will make fsp
1810 * look like a normal fsp for the next round.
1811 */
1812 fsp->stream_fsp->base_fsp = NULL;
1813 fsp->stream_fsp = NULL;
1814
1815 /*
1816 * Have us called back a second time. In the second
1817 * round, "fsp" now looks like a normal fsp.
1818 */
1819 return false;
1820 }
1821
1822 close_file_free(NULL, &fsp, close_type);
1823 return true;
1824 }
1825
1826 /****************************************************************************
1827 Close all open files for a connection.
1828 ****************************************************************************/
1829
1830 struct file_close_conn_state {
1831 struct connection_struct *conn;
1832 enum file_close_type close_type;
1833 bool fsp_left_behind;
1834 };
1835
1836 static struct files_struct *file_close_conn_fn(
1837 struct files_struct *fsp,
1838 void *private_data)
1839 {
1840 struct file_close_conn_state *state = private_data;
1841 bool did_close;
1842
1843 if (fsp->conn != state->conn) {
1844 return NULL;
1845 }
1846
1847 if (fsp->op != NULL && fsp->op->global->durable) {
1848 /*
1849 * A tree disconnect closes a durable handle
1850 */
1851 fsp->op->global->durable = false;
1852 }
1853
1854 did_close = close_file_in_loop(fsp, state->close_type);
1855 if (!did_close) {
1856 state->fsp_left_behind = true;
1857 }
1858
1859 return NULL;
1860 }
1861
1862 void file_close_conn(connection_struct *conn, enum file_close_type close_type)
1863 {
1864 struct file_close_conn_state state = { .conn = conn,
1865 .close_type = close_type };
1866
1867 files_forall(conn->sconn, file_close_conn_fn, &state);
1868
1869 if (state.fsp_left_behind) {
1870 state.fsp_left_behind = false;
1871 files_forall(conn->sconn, file_close_conn_fn, &state);
1872 SMB_ASSERT(!state.fsp_left_behind);
1873 }
1874 }
1875
1876 /****************************************************************************
1877 Initialise file structures.
1878 ****************************************************************************/
1879
1880 static int files_max_open_fds;
1881
1882 bool file_init_global(void)
1883 {
1884 int request_max = lp_max_open_files();
1885 int real_lim;
1886 int real_max;
1887
1888 if (files_max_open_fds != 0) {
1889 return true;
1890 }
1891
1892 /*
1893 * Set the max_open files to be the requested
1894 * max plus a fudgefactor to allow for the extra
1895 * fd's we need such as log files etc...
1896 */
1897 real_lim = set_maxfiles(request_max + MAX_OPEN_FUDGEFACTOR);
1898
1899 real_max = real_lim - MAX_OPEN_FUDGEFACTOR;
1900
1901 if (real_max + FILE_HANDLE_OFFSET + MAX_OPEN_PIPES > 65536) {
1902 real_max = 65536 - FILE_HANDLE_OFFSET - MAX_OPEN_PIPES;
1903 }
1904
1905 if (real_max != request_max) {
1906 DEBUG(1, ("file_init_global: Information only: requested %d "
1907 "open files, %d are available.\n",
1908 request_max, real_max));
1909 }
1910
1911 SMB_ASSERT(real_max > 100);
1912
1913 files_max_open_fds = real_max;
1914 return true;
1915 }
1916
1917 bool file_init(struct smbd_server_connection *sconn)
1918 {
1919 bool ok;
1920
1921 ok = file_init_global();
1922 if (!ok) {
1923 return false;
1924 }
1925
1926 sconn->real_max_open_files = files_max_open_fds;
1927
1928 return true;
1929 }
1930
1931 /****************************************************************************
1932 Close files open by a specified vuid.
1933 ****************************************************************************/
1934
1935 struct file_close_user_state {
1936 uint64_t vuid;
1937 bool fsp_left_behind;
1938 };
1939
1940 static struct files_struct *file_close_user_fn(
1941 struct files_struct *fsp,
1942 void *private_data)
1943 {
1944 struct file_close_user_state *state = private_data;
1945 bool did_close;
1946
1947 if (fsp->vuid != state->vuid) {
1948 return NULL;
1949 }
1950
1951 did_close = close_file_in_loop(fsp, SHUTDOWN_CLOSE);
1952 if (!did_close) {
1953 state->fsp_left_behind = true;
1954 }
1955
1956 return NULL;
1957 }
1958
1959 void file_close_user(struct smbd_server_connection *sconn, uint64_t vuid)
1960 {
1961 struct file_close_user_state state = { .vuid = vuid };
1962
1963 files_forall(sconn, file_close_user_fn, &state);
1964
1965 if (state.fsp_left_behind) {
1966 state.fsp_left_behind = false;
1967 files_forall(sconn, file_close_user_fn, &state);
1968 SMB_ASSERT(!state.fsp_left_behind);
1969 }
1970 }
1971
1972 /*
1973 * Walk the files table until "fn" returns non-NULL
1974 */
1975
1976 struct files_struct *files_forall(
1977 struct smbd_server_connection *sconn,
1978 struct files_struct *(*fn)(struct files_struct *fsp,
1979 void *private_data),
1980 void *private_data)
1981 {
1982 struct files_struct *fsp, *next;
1983
1984 for (fsp = sconn->files; fsp; fsp = next) {
1985 struct files_struct *ret;
1986 next = fsp->next;
1987 ret = fn(fsp, private_data);
1988 if (ret != NULL) {
1989 return ret;
1990 }
1991 }
1992 return NULL;
1993 }
1994
1995 /****************************************************************************
1996 Find a fsp given a file descriptor.
1997 ****************************************************************************/
1998
1999 files_struct *file_find_fd(struct smbd_server_connection *sconn, int fd)
2000 {
2001 int count=0;
2002 files_struct *fsp;
2003
2004 for (fsp=sconn->files; fsp; fsp=fsp->next,count++) {
2005 if (fsp_get_pathref_fd(fsp) == fd) {
2006 if (count > 10) {
2007 DLIST_PROMOTE(sconn->files, fsp);
2008 }
2009 return fsp;
2010 }
2011 }
2012
2013 return NULL;
2014 }
2015
2016 /****************************************************************************
2017 Find a fsp given a device, inode and file_id.
2018 ****************************************************************************/
2019
2020 files_struct *file_find_dif(struct smbd_server_connection *sconn,
2021 struct file_id id, unsigned long gen_id)
2022 {
2023 int count=0;
2024 files_struct *fsp;
2025
2026 if (gen_id == 0) {
2027 return NULL;
2028 }
2029
2030 for (fsp = sconn->files; fsp; fsp = fsp->next,count++) {
2031 /*
2032 * We can have a fsp->fh->fd == -1 here as it could be a stat
2033 * open.
2034 */
2035 if (!file_id_equal(&fsp->file_id, &id)) {
2036 continue;
2037 }
2038 if (!fsp->fsp_flags.is_fsa) {
2039 continue;
2040 }
2041 if (fh_get_gen_id(fsp->fh) != gen_id) {
2042 continue;
2043 }
2044 if (count > 10) {
2045 DLIST_PROMOTE(sconn->files, fsp);
2046 }
2047 return fsp;
2048 }
2049
2050 return NULL;
2051 }
2052
2053 /****************************************************************************
2054 Find the first fsp given a device and inode.
2055 We use a singleton cache here to speed up searching from getfilepathinfo
2056 calls.
2057 ****************************************************************************/
2058
2059 files_struct *file_find_di_first(struct smbd_server_connection *sconn,
2060 struct file_id id,
2061 bool need_fsa)
2062 {
2063 files_struct *fsp;
2064
2065 if (file_id_equal(&sconn->fsp_fi_cache.id, &id)) {
2066 /* Positive or negative cache hit. */
2067 return sconn->fsp_fi_cache.fsp;
2068 }
2069
2070 sconn->fsp_fi_cache.id = id;
2071
2072 for (fsp=sconn->files;fsp;fsp=fsp->next) {
2073 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2074 continue;
2075 }
2076 if (file_id_equal(&fsp->file_id, &id)) {
2077 /* Setup positive cache. */
2078 sconn->fsp_fi_cache.fsp = fsp;
2079 return fsp;
2080 }
2081 }
2082
2083 /* Setup negative cache. */
2084 sconn->fsp_fi_cache.fsp = NULL;
2085 return NULL;
2086 }
2087
2088 /****************************************************************************
2089 Find the next fsp having the same device and inode.
2090 ****************************************************************************/
2091
2092 files_struct *file_find_di_next(files_struct *start_fsp,
2093 bool need_fsa)
2094 {
2095 files_struct *fsp;
2096
2097 for (fsp = start_fsp->next;fsp;fsp=fsp->next) {
2098 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2099 continue;
2100 }
2101 if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
2102 return fsp;
2103 }
2104 }
2105
2106 return NULL;
2107 }
2108
2109 struct files_struct *file_find_one_fsp_from_lease_key(
2110 struct smbd_server_connection *sconn,
2111 const struct smb2_lease_key *lease_key)
2112 {
2113 struct files_struct *fsp;
2114
2115 for (fsp = sconn->files; fsp; fsp=fsp->next) {
2116 if ((fsp->lease != NULL) &&
2117 (fsp->lease->lease.lease_key.data[0] ==
2118 lease_key->data[0]) &&
2119 (fsp->lease->lease.lease_key.data[1] ==
2120 lease_key->data[1])) {
2121 return fsp;
2122 }
2123 }
2124 return NULL;
2125 }
2126
2127 /****************************************************************************
2128 Find any fsp open with a pathname below that of an already open path.
2129 ****************************************************************************/
2130
2131 bool file_find_subpath(files_struct *dir_fsp)
2132 {
2133 files_struct *fsp;
2134 size_t dlen;
2135 char *d_fullname = NULL;
2136
2137 d_fullname = talloc_asprintf(talloc_tos(), "%s/%s",
2138 dir_fsp->conn->connectpath,
2139 dir_fsp->fsp_name->base_name);
2140
2141 if (!d_fullname) {
2142 return false;
2143 }
2144
2145 dlen = strlen(d_fullname);
2146
2147 for (fsp=dir_fsp->conn->sconn->files; fsp; fsp=fsp->next) {
2148 char *d1_fullname;
2149
2150 if (fsp == dir_fsp) {
2151 continue;
2152 }
2153
2154 d1_fullname = talloc_asprintf(talloc_tos(),
2155 "%s/%s",
2156 fsp->conn->connectpath,
2157 fsp->fsp_name->base_name);
2158
2159 /*
2160 * If the open file has a path that is a longer
2161 * component, then it's a subpath.
2162 */
2163 if (strnequal(d_fullname, d1_fullname, dlen) &&
2164 (d1_fullname[dlen] == '/')) {
2165 TALLOC_FREE(d1_fullname);
2166 TALLOC_FREE(d_fullname);
2167 return true;
2168 }
2169 TALLOC_FREE(d1_fullname);
2170 }
2171
2172 TALLOC_FREE(d_fullname);
2173 return false;
2174 }
2175
2176 /****************************************************************************
2177 Free up a fsp.
2178 ****************************************************************************/
2179
2180 static void fsp_free(files_struct *fsp)
2181 {
2182 struct smbd_server_connection *sconn = fsp->conn->sconn;
2183
2184 if (fsp == sconn->fsp_fi_cache.fsp) {
2185 ZERO_STRUCT(sconn->fsp_fi_cache);
2186 }
2187
2188 DLIST_REMOVE(sconn->files, fsp);
2189 SMB_ASSERT(sconn->num_files > 0);
2190 sconn->num_files--;
2191
2192 TALLOC_FREE(fsp->fake_file_handle);
2193
2194 if (fh_get_refcount(fsp->fh) == 1) {
2195 TALLOC_FREE(fsp->fh);
2196 } else {
2197 size_t new_refcount = fh_get_refcount(fsp->fh) - 1;
2198 fh_set_refcount(fsp->fh, new_refcount);
2199 }
2200
2201 if (fsp->lease != NULL) {
2202 if (fsp->lease->ref_count == 1) {
2203 TALLOC_FREE(fsp->lease);
2204 } else {
2205 fsp->lease->ref_count--;
2206 }
2207 }
2208
2209 fsp->conn->num_files_open--;
2210
2211 if (fsp->fsp_name != NULL &&
2212 fsp->fsp_name->fsp_link != NULL)
2213 {
2214 /*
2215 * Free fsp_link of fsp->fsp_name. To do this in the correct
2216 * talloc destructor order we have to do it here. The
2217 * talloc_free() of the link should set the fsp pointer to NULL.
2218 */
2219 TALLOC_FREE(fsp->fsp_name->fsp_link);
2220 SMB_ASSERT(fsp->fsp_name->fsp == NULL);
2221 }
2222
2223 /* this is paranoia, just in case someone tries to reuse the
2224 information */
2225 ZERO_STRUCTP(fsp);
2226
2227 /* fsp->fsp_name is a talloc child and is free'd automatically. */
2228 TALLOC_FREE(fsp);
2229 }
2230
2231 /*
2232 * Rundown of all smb-related sub-structures of an fsp
2233 */
2234 void fsp_unbind_smb(struct smb_request *req, files_struct *fsp)
2235 {
2236 if (fsp == fsp->conn->cwd_fsp) {
2237 return;
2238 }
2239
2240 if (fsp->notify) {
2241 size_t len = fsp_fullbasepath(fsp, NULL, 0);
2242 char fullpath[len+1];
2243
2244 fsp_fullbasepath(fsp, fullpath, sizeof(fullpath));
2245
2246 notify_remove(fsp->conn->sconn->notify_ctx, fsp, fullpath);
2247 TALLOC_FREE(fsp->notify);
2248 }
2249
2250 /* Ensure this event will never fire. */
2251 TALLOC_FREE(fsp->update_write_time_event);
2252
2253 if (fsp->op != NULL) {
2254 fsp->op->compat = NULL;
2255 }
2256 TALLOC_FREE(fsp->op);
2257
2258 if ((req != NULL) && (fsp == req->chain_fsp)) {
2259 req->chain_fsp = NULL;
2260 }
2261
2262 /*
2263 * Clear all possible chained fsp
2264 * pointers in the SMB2 request queue.
2265 */
2266 remove_smb2_chained_fsp(fsp);
2267 }
2268
2269 void file_free(struct smb_request *req, files_struct *fsp)
2270 {
2271 struct smbd_server_connection *sconn = fsp->conn->sconn;
2272 uint64_t fnum = fsp->fnum;
2273
2274 fsp_unbind_smb(req, fsp);
2275
2276 /* Drop all remaining extensions. */
2277 vfs_remove_all_fsp_extensions(fsp);
2278
2279 fsp_free(fsp);
2280
2281 DBG_INFO("freed files structure %"PRIu64" (%zu used)\n",
2282 fnum,
2283 sconn->num_files);
2284 }
2285
2286 /****************************************************************************
2287 Get an fsp from a packet given a 16 bit fnum.
2288 ****************************************************************************/
2289
2290 files_struct *file_fsp(struct smb_request *req, uint16_t fid)
2291 {
2292 struct smbXsrv_open *op;
2293 NTSTATUS status;
2294 NTTIME now = 0;
2295 files_struct *fsp;
2296
2297 if (req == NULL) {
2298 /*
2299 * We should never get here. req==NULL could in theory
2300 * only happen from internal opens with a non-zero
2301 * root_dir_fid. Internal opens just don't do that, at
2302 * least they are not supposed to do so. And if they
2303 * start to do so, they better fake up a smb_request
2304 * from which we get the right smbd_server_conn. While
2305 * this should never happen, let's return NULL here.
2306 */
2307 return NULL;
2308 }
2309
2310 if (req->chain_fsp != NULL) {
2311 if (req->chain_fsp->fsp_flags.closing) {
2312 return NULL;
2313 }
2314 return req->chain_fsp;
2315 }
2316
2317 if (req->xconn == NULL) {
2318 return NULL;
2319 }
2320
2321 now = timeval_to_nttime(&req->request_time);
2322
2323 status = smb1srv_open_lookup(req->xconn,
2324 fid, now, &op);
2325 if (!NT_STATUS_IS_OK(status)) {
2326 return NULL;
2327 }
2328
2329 fsp = op->compat;
2330 if (fsp == NULL) {
2331 return NULL;
2332 }
2333
2334 if (fsp->fsp_flags.closing) {
2335 return NULL;
2336 }
2337
2338 req->chain_fsp = fsp;
2339 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2340 return fsp;
2341 }
2342
2343 struct files_struct *file_fsp_get(struct smbd_smb2_request *smb2req,
2344 uint64_t persistent_id,
2345 uint64_t volatile_id)
2346 {
2347 struct smbXsrv_open *op;
2348 NTSTATUS status;
2349 NTTIME now = 0;
2350 struct files_struct *fsp;
2351
2352 now = timeval_to_nttime(&smb2req->request_time);
2353
2354 status = smb2srv_open_lookup(smb2req->xconn,
2355 persistent_id, volatile_id,
2356 now, &op);
2357 if (!NT_STATUS_IS_OK(status)) {
2358 return NULL;
2359 }
2360
2361 fsp = op->compat;
2362 if (fsp == NULL) {
2363 return NULL;
2364 }
2365
2366 if (smb2req->tcon == NULL) {
2367 return NULL;
2368 }
2369
2370 if (smb2req->tcon->compat != fsp->conn) {
2371 return NULL;
2372 }
2373
2374 if (smb2req->session == NULL) {
2375 return NULL;
2376 }
2377
2378 if (smb2req->session->global->session_wire_id != fsp->vuid) {
2379 return NULL;
2380 }
2381
2382 if (fsp->fsp_flags.closing) {
2383 return NULL;
2384 }
2385
2386 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2387
2388 return fsp;
2389 }
2390
2391 struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req,
2392 uint64_t persistent_id,
2393 uint64_t volatile_id)
2394 {
2395 struct files_struct *fsp;
2396
2397 if (smb2req->compat_chain_fsp != NULL) {
2398 if (smb2req->compat_chain_fsp->fsp_flags.closing) {
2399 return NULL;
2400 }
2401 smb2req->compat_chain_fsp->fsp_name->st.cached_dos_attributes =
2402 FILE_ATTRIBUTE_INVALID;
2403 return smb2req->compat_chain_fsp;
2404 }
2405
2406 fsp = file_fsp_get(smb2req, persistent_id, volatile_id);
2407 if (fsp == NULL) {
2408 return NULL;
2409 }
2410
2411 smb2req->compat_chain_fsp = fsp;
2412 return fsp;
2413 }
2414
2415 /****************************************************************************
2416 Duplicate the file handle part for a DOS or FCB open.
2417 ****************************************************************************/
2418
2419 NTSTATUS dup_file_fsp(
2420 files_struct *from,
2421 uint32_t access_mask,
2422 files_struct *to)
2423 {
2424 size_t new_refcount;
2425
2426 /* this can never happen for print files */
2427 SMB_ASSERT(from->print_file == NULL);
2428
2429 TALLOC_FREE(to->fh);
2430
2431 to->fh = from->fh;
2432 new_refcount = fh_get_refcount(to->fh) + 1;
2433 fh_set_refcount(to->fh, new_refcount);
2434
2435 to->file_id = from->file_id;
2436 to->initial_allocation_size = from->initial_allocation_size;
2437 to->file_pid = from->file_pid;
2438 to->vuid = from->vuid;
2439 to->open_time = from->open_time;
2440 to->access_mask = access_mask;
2441 to->oplock_type = from->oplock_type;
2442 to->fsp_flags.can_lock = from->fsp_flags.can_lock;
2443 to->fsp_flags.can_read = ((access_mask & FILE_READ_DATA) != 0);
2444 to->fsp_flags.can_write =
2445 CAN_WRITE(from->conn) &&
2446 ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) != 0);
2447 if (from->fsp_name->twrp != 0) {
2448 to->fsp_flags.can_write = false;
2449 }
2450 to->fsp_flags.modified = from->fsp_flags.modified;
2451 to->fsp_flags.is_directory = from->fsp_flags.is_directory;
2452 to->fsp_flags.aio_write_behind = from->fsp_flags.aio_write_behind;
2453 to->fsp_flags.is_fsa = from->fsp_flags.is_fsa;
2454 to->fsp_flags.is_pathref = from->fsp_flags.is_pathref;
2455 to->fsp_flags.have_proc_fds = from->fsp_flags.have_proc_fds;
2456 to->fsp_flags.is_dirfsp = from->fsp_flags.is_dirfsp;
2457
2458 return fsp_set_smb_fname(to, from->fsp_name);
2459 }
2460
2461 /**
2462 * Return a jenkins hash of a pathname on a connection.
2463 */
2464
2465 NTSTATUS file_name_hash(connection_struct *conn,
2466 const char *name, uint32_t *p_name_hash)
2467 {
2468 char tmpbuf[PATH_MAX];
2469 char *fullpath, *to_free;
2470 ssize_t len;
2471 TDB_DATA key;
2472
2473 /* Set the hash of the full pathname. */
2474
2475 if (name[0] == '/') {
2476 strlcpy(tmpbuf, name, sizeof(tmpbuf));
2477 fullpath = tmpbuf;
2478 len = strlen(fullpath);
2479 to_free = NULL;
2480 } else {
2481 len = full_path_tos(conn->connectpath,
2482 name,
2483 tmpbuf,
2484 sizeof(tmpbuf),
2485 &fullpath,
2486 &to_free);
2487 }
2488 if (len == -1) {
2489 return NT_STATUS_NO_MEMORY;
2490 }
2491 key = (TDB_DATA) { .dptr = (uint8_t *)fullpath, .dsize = len+1 };
2492 *p_name_hash = tdb_jenkins_hash(&key);
2493
2494 DEBUG(10,("file_name_hash: %s hash 0x%x\n",
2495 fullpath,
2496 (unsigned int)*p_name_hash ));
2497
2498 TALLOC_FREE(to_free);
2499 return NT_STATUS_OK;
2500 }
2501
2502 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
2503 struct smb_filename **_smb_fname)
2504 {
2505 TALLOC_CTX *frame = talloc_stackframe();
2506 struct smb_filename *smb_fname_new = talloc_move(fsp, _smb_fname);
2507 const char *name_str = NULL;
2508 uint32_t name_hash = 0;
2509 NTSTATUS status;
2510
2511 name_str = smb_fname_str_dbg(smb_fname_new);
2512 if (name_str == NULL) {
2513 TALLOC_FREE(frame);
2514 return NT_STATUS_NO_MEMORY;
2515 }
2516
2517 status = file_name_hash(fsp->conn,
2518 name_str,
2519 &name_hash);
2520 TALLOC_FREE(frame);
2521 name_str = NULL;
2522 if (!NT_STATUS_IS_OK(status)) {
2523 return status;
2524 }
2525
2526 status = fsp_smb_fname_link(fsp,
2527 &smb_fname_new->fsp_link,
2528 &smb_fname_new->fsp);
2529 if (!NT_STATUS_IS_OK(status)) {
2530 return status;
2531 }
2532
2533 fsp->name_hash = name_hash;
2534 fsp->fsp_name = smb_fname_new;
2535 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2536 *_smb_fname = NULL;
2537 return NT_STATUS_OK;
2538 }
2539
2540 /**
2541 * The only way that the fsp->fsp_name field should ever be set.
2542 */
2543 NTSTATUS fsp_set_smb_fname(struct files_struct *fsp,
2544 const struct smb_filename *smb_fname_in)
2545 {
2546 struct smb_filename *smb_fname_old = fsp->fsp_name;
2547 struct smb_filename *smb_fname_new = NULL;
2548 NTSTATUS status;
2549
2550 smb_fname_new = cp_smb_filename(fsp, smb_fname_in);
2551 if (smb_fname_new == NULL) {
2552 return NT_STATUS_NO_MEMORY;
2553 }
2554
2555 status = fsp_attach_smb_fname(fsp, &smb_fname_new);
2556 if (!NT_STATUS_IS_OK(status)) {
2557 TALLOC_FREE(smb_fname_new);
2558 return status;
2559 }
2560
2561 if (smb_fname_old != NULL) {
2562 smb_fname_fsp_unlink(smb_fname_old);
2563 TALLOC_FREE(smb_fname_old);
2564 }
2565
2566 return NT_STATUS_OK;
2567 }
2568
2569 size_t fsp_fullbasepath(struct files_struct *fsp, char *buf, size_t buflen)
2570 {
2571 int len = 0;
2572
2573 if (buf == NULL) {
2574 /*
2575 * susv4 allows buf==NULL if buflen==0 for snprintf.
2576 */
2577 SMB_ASSERT(buflen == 0);
2578 }
2579
2580 if (ISDOT(fsp->fsp_name->base_name)) {
2581 len = snprintf(buf, buflen, "%s", fsp->conn->connectpath);
2582 } else {
2583 len = snprintf(buf,
2584 buflen,
2585 "%s/%s",
2586 fsp->conn->connectpath,
2587 fsp->fsp_name->base_name);
2588 }
2589 SMB_ASSERT(len > 0);
2590
2591 return len;
2592 }
2593
2594 void fsp_set_base_fsp(struct files_struct *fsp, struct files_struct *base_fsp)
2595 {
2596 SMB_ASSERT(fsp->stream_fsp == NULL);
2597 if (base_fsp != NULL) {
2598 SMB_ASSERT(base_fsp->base_fsp == NULL);
2599 SMB_ASSERT(base_fsp->stream_fsp == NULL);
2600 }
2601
2602 if (fsp->base_fsp != NULL) {
2603 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
2604 fsp->base_fsp->stream_fsp = NULL;
2605 }
2606
2607 fsp->base_fsp = base_fsp;
2608 if (fsp->base_fsp != NULL) {
2609 fsp->base_fsp->stream_fsp = fsp;
2610 }
2611 }
2612
2613 bool fsp_is_alternate_stream(const struct files_struct *fsp)
2614 {
2615 return (fsp->base_fsp != NULL);
2616 }
2617
2618 struct files_struct *metadata_fsp(struct files_struct *fsp)
2619 {
2620 if (fsp_is_alternate_stream(fsp)) {
2621 return fsp->base_fsp;
2622 }
2623 return fsp;
2624 }
2625
2626 static bool fsp_generic_ask_sharemode(struct files_struct *fsp)
2627 {
2628 if (fsp == NULL) {
2629 return false;
2630 }
2631
2632 if (fsp->posix_flags & FSP_POSIX_FLAGS_PATHNAMES) {
2633 /* Always use filesystem for UNIX mtime query. */
2634 return false;
2635 }
2636
2637 return true;
2638 }
2639
2640 bool fsp_search_ask_sharemode(struct files_struct *fsp)
2641 {
2642 if (!fsp_generic_ask_sharemode(fsp)) {
2643 return false;
2644 }
2645
2646 return lp_smbd_search_ask_sharemode(SNUM(fsp->conn));
2647 }
2648
2649 bool fsp_getinfo_ask_sharemode(struct files_struct *fsp)
2650 {
2651 if (!fsp_generic_ask_sharemode(fsp)) {
2652 return false;
2653 }
2654
2655 return lp_smbd_getinfo_ask_sharemode(SNUM(fsp->conn));
2656 }
Samba GIT mirror