search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
smbd: Simplify openat_pathref_fsp_case_insensitive()
[Samba.git] / source3 / smbd / files.c
blobb94468ad6afd7da1700115256cb771c2dedbe8ea
1 /*
2 Unix SMB/CIFS implementation.
3 Files[] structure handling
4 Copyright (C) Andrew Tridgell 1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "smbd/smbXsrv_open.h"
24 #include "libcli/security/security.h"
25 #include "util_tdb.h"
26 #include "lib/util/bitmap.h"
27 #include "lib/util/strv.h"
28 #include "lib/util/memcache.h"
29 #include "libcli/smb/reparse.h"
30
31 #define FILE_HANDLE_OFFSET 0x1000
32
33 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
34 struct smb_filename **_smb_fname);
35
36 /**
37 * create new fsp to be used for file_new or a durable handle reconnect
38 */
39 NTSTATUS fsp_new(struct connection_struct *conn, TALLOC_CTX *mem_ctx,
40 files_struct **result)
41 {
42 NTSTATUS status = NT_STATUS_NO_MEMORY;
43 files_struct *fsp = NULL;
44 struct smbd_server_connection *sconn = conn->sconn;
45
46 fsp = talloc_zero(mem_ctx, struct files_struct);
47 if (fsp == NULL) {
48 goto fail;
49 }
50
51 /*
52 * This can't be a child of fsp because the file_handle can be ref'd
53 * when doing a dos/fcb open, which will then share the file_handle
54 * across multiple fsps.
55 */
56 fsp->fh = fd_handle_create(mem_ctx);
57 if (fsp->fh == NULL) {
58 goto fail;
59 }
60
61 fsp->fsp_flags.use_ofd_locks = !lp_smbd_force_process_locks(SNUM(conn));
62 #ifndef HAVE_OFD_LOCKS
63 fsp->fsp_flags.use_ofd_locks = false;
64 #endif
65
66 fh_set_refcount(fsp->fh, 1);
67 fsp_set_fd(fsp, -1);
68
69 fsp->fnum = FNUM_FIELD_INVALID;
70 fsp->conn = conn;
71 fsp->close_write_time = make_omit_timespec();
72
73 DLIST_ADD(sconn->files, fsp);
74 sconn->num_files += 1;
75
76 conn->num_files_open++;
77
78 DBG_INFO("allocated files structure (%u used)\n",
79 (unsigned int)sconn->num_files);
80
81 *result = fsp;
82 return NT_STATUS_OK;
83
84 fail:
85 if (fsp != NULL) {
86 TALLOC_FREE(fsp->fh);
87 }
88 TALLOC_FREE(fsp);
89
90 return status;
91 }
92
93 void fsp_set_gen_id(files_struct *fsp)
94 {
95 static uint64_t gen_id = 1;
96
97 /*
98 * A billion of 64-bit increments per second gives us
99 * more than 500 years of runtime without wrap.
100 */
101 gen_id++;
102 fh_set_gen_id(fsp->fh, gen_id);
103 }
104
105 /****************************************************************************
106 Find first available file slot.
107 ****************************************************************************/
108
109 NTSTATUS fsp_bind_smb(struct files_struct *fsp, struct smb_request *req)
110 {
111 struct smbXsrv_open *op = NULL;
112 NTTIME now;
113 NTSTATUS status;
114
115 if (req == NULL) {
116 DBG_DEBUG("INTERNAL_OPEN_ONLY, skipping smbXsrv_open\n");
117 return NT_STATUS_OK;
118 }
119
120 now = timeval_to_nttime(&fsp->open_time);
121
122 status = smbXsrv_open_create(req->xconn,
123 fsp->conn->session_info,
124 now,
125 &op);
126 if (!NT_STATUS_IS_OK(status)) {
127 return status;
128 }
129 fsp->op = op;
130 op->compat = fsp;
131 fsp->fnum = op->local_id;
132
133 fsp->mid = req->mid;
134 req->chain_fsp = fsp;
135
136 DBG_DEBUG("fsp [%s] mid [%" PRIu64"]\n",
137 fsp_str_dbg(fsp), fsp->mid);
138
139 return NT_STATUS_OK;
140 }
141
142 NTSTATUS file_new(struct smb_request *req, connection_struct *conn,
143 files_struct **result)
144 {
145 struct smbd_server_connection *sconn = conn->sconn;
146 files_struct *fsp;
147 NTSTATUS status;
148
149 status = fsp_new(conn, conn, &fsp);
150 if (!NT_STATUS_IS_OK(status)) {
151 return status;
152 }
153
154 GetTimeOfDay(&fsp->open_time);
155
156 status = fsp_bind_smb(fsp, req);
157 if (!NT_STATUS_IS_OK(status)) {
158 file_free(NULL, fsp);
159 return status;
160 }
161
162 fsp_set_gen_id(fsp);
163
164 /*
165 * Create an smb_filename with "" for the base_name. There are very
166 * few NULL checks, so make sure it's initialized with something. to
167 * be safe until an audit can be done.
168 */
169 fsp->fsp_name = synthetic_smb_fname(fsp,
170 "",
171 NULL,
172 NULL,
173 0,
174 0);
175 if (fsp->fsp_name == NULL) {
176 file_free(NULL, fsp);
177 return NT_STATUS_NO_MEMORY;
178 }
179
180 DBG_INFO("new file %s\n", fsp_fnum_dbg(fsp));
181
182 /* A new fsp invalidates the positive and
183 negative fsp_fi_cache as the new fsp is pushed
184 at the start of the list and we search from
185 a cache hit to the *end* of the list. */
186
187 ZERO_STRUCT(sconn->fsp_fi_cache);
188
189 *result = fsp;
190 return NT_STATUS_OK;
191 }
192
193 NTSTATUS create_internal_fsp(connection_struct *conn,
194 const struct smb_filename *smb_fname,
195 struct files_struct **_fsp)
196 {
197 struct files_struct *fsp = NULL;
198 NTSTATUS status;
199
200 status = file_new(NULL, conn, &fsp);
201 if (!NT_STATUS_IS_OK(status)) {
202 return status;
203 }
204
205 status = fsp_set_smb_fname(fsp, smb_fname);
206 if (!NT_STATUS_IS_OK(status)) {
207 file_free(NULL, fsp);
208 return status;
209 }
210
211 *_fsp = fsp;
212 return NT_STATUS_OK;
213 }
214
215 /*
216 * Create an internal fsp for an *existing* directory.
217 *
218 * This should only be used by callers in the VFS that need to control the
219 * opening of the directory. Otherwise use open_internal_dirfsp_at().
220 */
221 NTSTATUS create_internal_dirfsp(connection_struct *conn,
222 const struct smb_filename *smb_dname,
223 struct files_struct **_fsp)
224 {
225 struct files_struct *fsp = NULL;
226 NTSTATUS status;
227
228 status = create_internal_fsp(conn, smb_dname, &fsp);
229 if (!NT_STATUS_IS_OK(status)) {
230 return status;
231 }
232
233 fsp->access_mask = FILE_LIST_DIRECTORY;
234 fsp->fsp_flags.is_directory = true;
235 fsp->fsp_flags.is_dirfsp = true;
236
237 *_fsp = fsp;
238 return NT_STATUS_OK;
239 }
240
241 /*
242 * Open an internal fsp for an *existing* directory.
243 */
244 NTSTATUS open_internal_dirfsp(connection_struct *conn,
245 const struct smb_filename *smb_dname,
246 int _open_flags,
247 struct files_struct **_fsp)
248 {
249 struct vfs_open_how how = { .flags = _open_flags, };
250 struct files_struct *fsp = NULL;
251 NTSTATUS status;
252
253 status = create_internal_dirfsp(conn, smb_dname, &fsp);
254 if (!NT_STATUS_IS_OK(status)) {
255 return status;
256 }
257
258 #ifdef O_DIRECTORY
259 how.flags |= O_DIRECTORY;
260 #endif
261 status = fd_openat(conn->cwd_fsp, fsp->fsp_name, fsp, &how);
262 if (!NT_STATUS_IS_OK(status)) {
263 DBG_INFO("Could not open fd for %s (%s)\n",
264 smb_fname_str_dbg(smb_dname),
265 nt_errstr(status));
266 file_free(NULL, fsp);
267 return status;
268 }
269
270 status = vfs_stat_fsp(fsp);
271 if (!NT_STATUS_IS_OK(status)) {
272 file_free(NULL, fsp);
273 return status;
274 }
275
276 if (!S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
277 DBG_ERR("%s is not a directory!\n",
278 smb_fname_str_dbg(smb_dname));
279 file_free(NULL, fsp);
280 return NT_STATUS_NOT_A_DIRECTORY;
281 }
282
283 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
284
285 *_fsp = fsp;
286 return NT_STATUS_OK;
287 }
288
289 /*
290 * Convert a pathref dirfsp into a real fsp. No need to do any cwd
291 * tricks, we just open ".".
292 */
293 NTSTATUS openat_internal_dir_from_pathref(
294 struct files_struct *dirfsp,
295 int _open_flags,
296 struct files_struct **_fsp)
297 {
298 struct connection_struct *conn = dirfsp->conn;
299 struct smb_filename *smb_dname = dirfsp->fsp_name;
300 struct files_struct *fsp = NULL;
301 char dot[] = ".";
302 struct smb_filename smb_dot = {
303 .base_name = dot,
304 .flags = smb_dname->flags,
305 .twrp = smb_dname->twrp,
306 };
307 struct vfs_open_how how = { .flags = _open_flags, };
308 NTSTATUS status;
309
310 status = create_internal_dirfsp(conn, smb_dname, &fsp);
311 if (!NT_STATUS_IS_OK(status)) {
312 return status;
313 }
314
315 /*
316 * Pointless for opening ".", but you never know...
317 */
318 how.flags |= O_NOFOLLOW;
319
320 status = fd_openat(dirfsp, &smb_dot, fsp, &how);
321 if (!NT_STATUS_IS_OK(status)) {
322 DBG_INFO("fd_openat(\"%s\", \".\") failed: %s\n",
323 fsp_str_dbg(dirfsp),
324 nt_errstr(status));
325 file_free(NULL, fsp);
326 return status;
327 }
328
329 fsp->fsp_name->st = smb_dname->st;
330 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
331 *_fsp = fsp;
332 return NT_STATUS_OK;
333 }
334
335 /*
336 * The "link" in the name doesn't imply link in the filesystem
337 * sense. It's a object that "links" together an fsp and an smb_fname
338 * and the link allocated as talloc child of an fsp.
339 *
340 * The link is created for fsps that openat_pathref_fsp() returns in
341 * smb_fname->fsp. When this fsp is freed by file_free() by some caller
342 * somewhere, the destructor fsp_smb_fname_link_destructor() on the link object
343 * will use the link to reset the reference in smb_fname->fsp that is about to
344 * go away.
345 *
346 * This prevents smb_fname_internal_fsp_destructor() from seeing dangling fsp
347 * pointers.
348 */
349
350 struct fsp_smb_fname_link {
351 struct fsp_smb_fname_link **smb_fname_link;
352 struct files_struct **smb_fname_fsp;
353 };
354
355 static int fsp_smb_fname_link_destructor(struct fsp_smb_fname_link *link)
356 {
357 if (link->smb_fname_link == NULL) {
358 return 0;
359 }
360
361 *link->smb_fname_link = NULL;
362 *link->smb_fname_fsp = NULL;
363 return 0;
364 }
365
366 static NTSTATUS fsp_smb_fname_link(struct files_struct *fsp,
367 struct fsp_smb_fname_link **smb_fname_link,
368 struct files_struct **smb_fname_fsp)
369 {
370 struct fsp_smb_fname_link *link = NULL;
371
372 SMB_ASSERT(*smb_fname_link == NULL);
373 SMB_ASSERT(*smb_fname_fsp == NULL);
374
375 link = talloc_zero(fsp, struct fsp_smb_fname_link);
376 if (link == NULL) {
377 return NT_STATUS_NO_MEMORY;
378 }
379
380 link->smb_fname_link = smb_fname_link;
381 link->smb_fname_fsp = smb_fname_fsp;
382 *smb_fname_link = link;
383 *smb_fname_fsp = fsp;
384
385 talloc_set_destructor(link, fsp_smb_fname_link_destructor);
386 return NT_STATUS_OK;
387 }
388
389 /*
390 * Free a link, carefully avoiding to trigger the link destructor
391 */
392 static void destroy_fsp_smb_fname_link(struct fsp_smb_fname_link **_link)
393 {
394 struct fsp_smb_fname_link *link = *_link;
395
396 if (link == NULL) {
397 return;
398 }
399 talloc_set_destructor(link, NULL);
400 TALLOC_FREE(link);
401 *_link = NULL;
402 }
403
404 /*
405 * Talloc destructor set on an smb_fname set by openat_pathref_fsp() used to
406 * close the embedded smb_fname->fsp.
407 */
408 static int smb_fname_fsp_destructor(struct smb_filename *smb_fname)
409 {
410 struct files_struct *fsp = smb_fname->fsp;
411 NTSTATUS status;
412 int saved_errno = errno;
413
414 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
415
416 if (fsp == NULL) {
417 errno = saved_errno;
418 return 0;
419 }
420
421 if (fsp_is_alternate_stream(fsp)) {
422 struct files_struct *tmp_base_fsp = fsp->base_fsp;
423
424 fsp_set_base_fsp(fsp, NULL);
425
426 status = fd_close(tmp_base_fsp);
427 if (!NT_STATUS_IS_OK(status)) {
428 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
429 "Please check your filesystem!!!\n",
430 fsp_str_dbg(fsp), nt_errstr(status));
431 }
432 file_free(NULL, tmp_base_fsp);
433 }
434
435 status = fd_close(fsp);
436 if (!NT_STATUS_IS_OK(status)) {
437 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
438 "Please check your filesystem!!!\n",
439 fsp_str_dbg(fsp), nt_errstr(status));
440 }
441 file_free(NULL, fsp);
442 smb_fname->fsp = NULL;
443
444 errno = saved_errno;
445 return 0;
446 }
447
448 static NTSTATUS openat_pathref_fullname(
449 struct connection_struct *conn,
450 const struct files_struct *dirfsp,
451 struct files_struct *basefsp,
452 struct smb_filename **full_fname,
453 struct smb_filename *smb_fname,
454 const struct vfs_open_how *how)
455 {
456 struct files_struct *fsp = NULL;
457 bool have_dirfsp = (dirfsp != NULL);
458 bool have_basefsp = (basefsp != NULL);
459 NTSTATUS status;
460
461 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
462
463 SMB_ASSERT(smb_fname->fsp == NULL);
464 SMB_ASSERT(have_dirfsp != have_basefsp);
465
466 status = fsp_new(conn, conn, &fsp);
467 if (!NT_STATUS_IS_OK(status)) {
468 return status;
469 }
470
471 GetTimeOfDay(&fsp->open_time);
472 fsp_set_gen_id(fsp);
473 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
474
475 fsp->fsp_flags.is_pathref = true;
476
477 status = fsp_attach_smb_fname(fsp, full_fname);
478 if (!NT_STATUS_IS_OK(status)) {
479 goto fail;
480 }
481 fsp_set_base_fsp(fsp, basefsp);
482
483 status = fd_openat(dirfsp, smb_fname, fsp, how);
484 if (!NT_STATUS_IS_OK(status)) {
485
486 smb_fname->st = fsp->fsp_name->st;
487
488 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND) ||
489 NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_NOT_FOUND) ||
490 NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK))
491 {
492 /*
493 * streams_xattr return NT_STATUS_NOT_FOUND for
494 * opens of not yet existing streams.
495 *
496 * ELOOP maps to NT_STATUS_OBJECT_PATH_NOT_FOUND
497 * and this will result from a open request from
498 * a POSIX client on a symlink.
499 *
500 * NT_STATUS_OBJECT_NAME_NOT_FOUND is the simple
501 * ENOENT case.
502 *
503 * NT_STATUS_STOPPED_ON_SYMLINK is returned when trying
504 * to open a symlink, our callers are not interested in
505 * this.
506 */
507 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
508 }
509 goto fail;
510 }
511
512 /*
513 * fd_openat() has done an FSTAT on the handle
514 * so update the smb_fname stat info with "truth".
515 * from the handle.
516 */
517 smb_fname->st = fsp->fsp_name->st;
518
519 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
520
521 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
522
523 status = fsp_smb_fname_link(fsp,
524 &smb_fname->fsp_link,
525 &smb_fname->fsp);
526 if (!NT_STATUS_IS_OK(status)) {
527 goto fail;
528 }
529
530 DBG_DEBUG("fsp [%s]: OK\n", fsp_str_dbg(fsp));
531
532 talloc_set_destructor(smb_fname, smb_fname_fsp_destructor);
533 return NT_STATUS_OK;
534
535 fail:
536 DBG_DEBUG("Opening pathref for [%s] failed: %s\n",
537 smb_fname_str_dbg(smb_fname),
538 nt_errstr(status));
539
540 fsp_set_base_fsp(fsp, NULL);
541 fd_close(fsp);
542 file_free(NULL, fsp);
543 return status;
544 }
545
546 /*
547 * Open an internal O_PATH based fsp for smb_fname. If O_PATH is not
548 * available, open O_RDONLY as root. Both is done in fd_open() ->
549 * non_widelink_open(), triggered by setting fsp->fsp_flags.is_pathref to
550 * true.
551 */
552 NTSTATUS openat_pathref_fsp(const struct files_struct *dirfsp,
553 struct smb_filename *smb_fname)
554 {
555 connection_struct *conn = dirfsp->conn;
556 struct smb_filename *full_fname = NULL;
557 struct smb_filename *base_fname = NULL;
558 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
559 NTSTATUS status;
560
561 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
562
563 if (smb_fname->fsp != NULL) {
564 /* We already have one for this name. */
565 DBG_DEBUG("smb_fname [%s] already has a pathref fsp.\n",
566 smb_fname_str_dbg(smb_fname));
567 return NT_STATUS_OK;
568 }
569
570 if (is_named_stream(smb_fname) &&
571 ((conn->fs_capabilities & FILE_NAMED_STREAMS) == 0)) {
572 DBG_DEBUG("stream open [%s] on non-stream share\n",
573 smb_fname_str_dbg(smb_fname));
574 return NT_STATUS_OBJECT_NAME_INVALID;
575 }
576
577 if (!is_named_stream(smb_fname)) {
578 /*
579 * openat_pathref_fullname() will make "full_fname" a
580 * talloc child of the smb_fname->fsp. Don't use
581 * talloc_tos() to allocate it to avoid making the
582 * talloc stackframe pool long-lived.
583 */
584 full_fname = full_path_from_dirfsp_atname(
585 conn,
586 dirfsp,
587 smb_fname);
588 if (full_fname == NULL) {
589 status = NT_STATUS_NO_MEMORY;
590 goto fail;
591 }
592 status = openat_pathref_fullname(
593 conn, dirfsp, NULL, &full_fname, smb_fname, &how);
594 TALLOC_FREE(full_fname);
595 return status;
596 }
597
598 /*
599 * stream open
600 */
601 base_fname = cp_smb_filename_nostream(conn, smb_fname);
602 if (base_fname == NULL) {
603 return NT_STATUS_NO_MEMORY;
604 }
605
606 full_fname = full_path_from_dirfsp_atname(
607 conn, /* no talloc_tos(), see comment above */
608 dirfsp,
609 base_fname);
610 if (full_fname == NULL) {
611 status = NT_STATUS_NO_MEMORY;
612 goto fail;
613 }
614
615 status = openat_pathref_fullname(
616 conn, dirfsp, NULL, &full_fname, base_fname, &how);
617 TALLOC_FREE(full_fname);
618 if (!NT_STATUS_IS_OK(status)) {
619 DBG_DEBUG("openat_pathref_fullname() failed: %s\n",
620 nt_errstr(status));
621 goto fail;
622 }
623
624 status = open_stream_pathref_fsp(&base_fname->fsp, smb_fname);
625 if (!NT_STATUS_IS_OK(status)) {
626 DBG_DEBUG("open_stream_pathref_fsp failed: %s\n",
627 nt_errstr(status));
628 goto fail;
629 }
630
631 smb_fname_fsp_unlink(base_fname);
632 fail:
633 TALLOC_FREE(base_fname);
634 return status;
635 }
636
637 /*
638 * Open a stream given an already opened base_fsp. Avoid
639 * non_widelink_open: This is only valid for the case where we have a
640 * valid non-cwd_fsp dirfsp that we can pass to SMB_VFS_OPENAT()
641 */
642 NTSTATUS open_stream_pathref_fsp(
643 struct files_struct **_base_fsp,
644 struct smb_filename *smb_fname)
645 {
646 struct files_struct *base_fsp = *_base_fsp;
647 connection_struct *conn = base_fsp->conn;
648 struct smb_filename *base_fname = base_fsp->fsp_name;
649 struct smb_filename *full_fname = NULL;
650 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
651 NTSTATUS status;
652
653 SMB_ASSERT(smb_fname->fsp == NULL);
654 SMB_ASSERT(is_named_stream(smb_fname));
655
656 full_fname = synthetic_smb_fname(
657 conn, /* no talloc_tos(), this will be long-lived */
658 base_fname->base_name,
659 smb_fname->stream_name,
660 &smb_fname->st,
661 smb_fname->twrp,
662 smb_fname->flags);
663 if (full_fname == NULL) {
664 return NT_STATUS_NO_MEMORY;
665 }
666
667 status = openat_pathref_fullname(
668 conn, NULL, base_fsp, &full_fname, smb_fname, &how);
669 TALLOC_FREE(full_fname);
670 return status;
671 }
672
673 static char *path_to_strv(TALLOC_CTX *mem_ctx, const char *path)
674 {
675 char *result = talloc_strdup(mem_ctx, path);
676
677 if (result == NULL) {
678 return NULL;
679 }
680 string_replace(result, '/', '\0');
681 return result;
682 }
683
684 NTSTATUS readlink_talloc(
685 TALLOC_CTX *mem_ctx,
686 struct files_struct *dirfsp,
687 struct smb_filename *smb_relname,
688 char **_substitute)
689 {
690 struct smb_filename null_fname = {
691 .base_name = discard_const_p(char, ""),
692 };
693 char buf[PATH_MAX];
694 ssize_t ret;
695 char *substitute;
696 NTSTATUS status;
697
698 if (smb_relname == NULL) {
699 /*
700 * We have a Linux O_PATH handle in dirfsp and want to
701 * read its value, essentially a freadlink
702 */
703 smb_relname = &null_fname;
704 }
705
706 ret = SMB_VFS_READLINKAT(
707 dirfsp->conn, dirfsp, smb_relname, buf, sizeof(buf));
708 if (ret < 0) {
709 status = map_nt_error_from_unix(errno);
710 DBG_DEBUG("SMB_VFS_READLINKAT() failed: %s\n",
711 strerror(errno));
712 return status;
713 }
714
715 if ((size_t)ret == sizeof(buf)) {
716 /*
717 * Do we need symlink targets longer than PATH_MAX?
718 */
719 DBG_DEBUG("Got full %zu bytes from readlink, too long\n",
720 sizeof(buf));
721 return NT_STATUS_BUFFER_OVERFLOW;
722 }
723
724 substitute = talloc_strndup(mem_ctx, buf, ret);
725 if (substitute == NULL) {
726 DBG_DEBUG("talloc_strndup() failed\n");
727 return NT_STATUS_NO_MEMORY;
728 }
729
730 *_substitute = substitute;
731 return NT_STATUS_OK;
732 }
733
734 NTSTATUS read_symlink_reparse(
735 TALLOC_CTX *mem_ctx,
736 struct files_struct *dirfsp,
737 struct smb_filename *smb_relname,
738 struct symlink_reparse_struct **_symlink)
739 {
740 struct symlink_reparse_struct *symlink = NULL;
741 NTSTATUS status;
742
743 symlink = talloc_zero(mem_ctx, struct symlink_reparse_struct);
744 if (symlink == NULL) {
745 goto nomem;
746 }
747
748 status = readlink_talloc(
749 symlink, dirfsp, smb_relname, &symlink->substitute_name);
750 if (!NT_STATUS_IS_OK(status)) {
751 DBG_DEBUG("readlink_talloc failed: %s\n", nt_errstr(status));
752 goto fail;
753 }
754
755 if (symlink->substitute_name[0] == '/') {
756 char *subdir_path = NULL;
757 char *abs_target_canon = NULL;
758 const char *relative = NULL;
759 bool in_share;
760
761 subdir_path = talloc_asprintf(talloc_tos(),
762 "%s/%s",
763 dirfsp->conn->connectpath,
764 dirfsp->fsp_name->base_name);
765 if (subdir_path == NULL) {
766 goto nomem;
767 }
768
769 abs_target_canon =
770 canonicalize_absolute_path(talloc_tos(),
771 symlink->substitute_name);
772 if (abs_target_canon == NULL) {
773 goto nomem;
774 }
775
776 in_share = subdir_of(subdir_path,
777 strlen(subdir_path),
778 abs_target_canon,
779 &relative);
780 if (in_share) {
781 TALLOC_FREE(symlink->substitute_name);
782 symlink->substitute_name =
783 talloc_strdup(symlink, relative);
784 if (symlink->substitute_name == NULL) {
785 goto nomem;
786 }
787 }
788 }
789
790 if (!IS_DIRECTORY_SEP(symlink->substitute_name[0])) {
791 symlink->flags |= SYMLINK_FLAG_RELATIVE;
792 }
793
794 *_symlink = symlink;
795 return NT_STATUS_OK;
796 nomem:
797 status = NT_STATUS_NO_MEMORY;
798 fail:
799 TALLOC_FREE(symlink);
800 return status;
801 }
802
803 static bool full_path_extend(char **dir, const char *atname)
804 {
805 talloc_asprintf_addbuf(dir,
806 "%s%s",
807 (*dir)[0] == '\0' ? "" : "/",
808 atname);
809 return (*dir) != NULL;
810 }
811
812 NTSTATUS create_open_symlink_err(TALLOC_CTX *mem_ctx,
813 files_struct *dirfsp,
814 struct smb_filename *smb_relname,
815 struct open_symlink_err **_err)
816 {
817 struct open_symlink_err *err = NULL;
818 NTSTATUS status;
819
820 err = talloc_zero(mem_ctx, struct open_symlink_err);
821 if (err == NULL) {
822 return NT_STATUS_NO_MEMORY;
823 }
824
825 status = read_symlink_reparse(err, dirfsp, smb_relname, &err->reparse);
826 if (!NT_STATUS_IS_OK(status)) {
827 TALLOC_FREE(err);
828 return status;
829 }
830
831 *_err = err;
832 return NT_STATUS_OK;
833 }
834
835 static int smb_vfs_openat_ci(TALLOC_CTX *mem_ctx,
836 bool case_sensitive,
837 struct connection_struct *conn,
838 struct files_struct *dirfsp,
839 struct smb_filename *smb_fname_rel,
840 files_struct *fsp,
841 const struct vfs_open_how *how)
842 {
843 char *orig_base_name = smb_fname_rel->base_name;
844 DATA_BLOB cache_key = {
845 .data = NULL,
846 };
847 DATA_BLOB cache_value = {
848 .data = NULL,
849 };
850 NTSTATUS status;
851 int fd;
852 bool ok;
853
854 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
855 if ((fd >= 0) || case_sensitive) {
856 return fd;
857 }
858 if (errno != ENOENT) {
859 return -1;
860 }
861
862 if (!lp_stat_cache()) {
863 goto lookup;
864 }
865
866 ok = get_real_filename_cache_key(mem_ctx,
867 dirfsp,
868 orig_base_name,
869 &cache_key);
870 if (!ok) {
871 /*
872 * probably ENOMEM, just bail
873 */
874 errno = ENOMEM;
875 return -1;
876 }
877
878 DO_PROFILE_INC(statcache_lookups);
879
880 ok = memcache_lookup(NULL,
881 GETREALFILENAME_CACHE,
882 cache_key,
883 &cache_value);
884 if (!ok) {
885 DO_PROFILE_INC(statcache_misses);
886 goto lookup;
887 }
888 DO_PROFILE_INC(statcache_hits);
889
890 smb_fname_rel->base_name = talloc_strndup(mem_ctx,
891 (char *)cache_value.data,
892 cache_value.length);
893 if (smb_fname_rel->base_name == NULL) {
894 TALLOC_FREE(cache_key.data);
895 smb_fname_rel->base_name = orig_base_name;
896 errno = ENOMEM;
897 return -1;
898 }
899
900 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
901 DBG_DEBUG("veto files rejecting last component %s\n",
902 smb_fname_str_dbg(smb_fname_rel));
903 TALLOC_FREE(cache_key.data);
904 smb_fname_rel->base_name = orig_base_name;
905 errno = EPERM;
906 return -1;
907 }
908
909 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
910 if (fd >= 0) {
911 TALLOC_FREE(cache_key.data);
912 return fd;
913 }
914
915 memcache_delete(NULL, GETREALFILENAME_CACHE, cache_key);
916
917 /*
918 * For the "new filename" case we need to preserve the
919 * capitalization the client sent us, see
920 * https://bugzilla.samba.org/show_bug.cgi?id=15481
921 */
922 TALLOC_FREE(smb_fname_rel->base_name);
923 smb_fname_rel->base_name = orig_base_name;
924
925 lookup:
926
927 status = get_real_filename_at(dirfsp,
928 orig_base_name,
929 mem_ctx,
930 &smb_fname_rel->base_name);
931 if (!NT_STATUS_IS_OK(status)) {
932 DBG_DEBUG("get_real_filename_at() failed: %s\n",
933 nt_errstr(status));
934 errno = ENOENT;
935 return -1;
936 }
937
938 if (IS_VETO_PATH(conn, smb_fname_rel->base_name)) {
939 DBG_DEBUG("found veto files path component "
940 "%s => %s\n",
941 orig_base_name,
942 smb_fname_rel->base_name);
943 TALLOC_FREE(smb_fname_rel->base_name);
944 smb_fname_rel->base_name = orig_base_name;
945 errno = ENOENT;
946 return -1;
947 }
948
949 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
950
951 if ((fd >= 0) && (cache_key.data != NULL)) {
952 DATA_BLOB value = {
953 .data = (uint8_t *)smb_fname_rel->base_name,
954 .length = strlen(smb_fname_rel->base_name) + 1,
955 };
956
957 memcache_add(NULL, GETREALFILENAME_CACHE, cache_key, value);
958 TALLOC_FREE(cache_key.data);
959 }
960
961 return fd;
962 }
963
964 NTSTATUS openat_pathref_fsp_nosymlink(TALLOC_CTX *mem_ctx,
965 struct connection_struct *conn,
966 struct files_struct *in_dirfsp,
967 const char *path_in,
968 NTTIME twrp,
969 bool posix,
970 struct smb_filename **_smb_fname,
971 struct open_symlink_err **_symlink_err)
972 {
973 struct files_struct *dirfsp = in_dirfsp;
974 struct smb_filename full_fname = {
975 .base_name = NULL,
976 .twrp = twrp,
977 .flags = posix ? SMB_FILENAME_POSIX_PATH : 0,
978 };
979 struct smb_filename rel_fname = {
980 .base_name = NULL,
981 .twrp = twrp,
982 .flags = full_fname.flags,
983 };
984 struct smb_filename *result = NULL;
985 struct open_symlink_err *symlink_err = NULL;
986 struct files_struct *fsp = NULL;
987 char *path = NULL, *next = NULL;
988 bool ok, is_toplevel;
989 int fd;
990 NTSTATUS status;
991 struct vfs_open_how how = {
992 .flags = O_NOFOLLOW | O_NONBLOCK,
993 .mode = 0,
994 };
995
996 DBG_DEBUG("path_in=%s\n", path_in);
997
998 status = fsp_new(conn, conn, &fsp);
999 if (!NT_STATUS_IS_OK(status)) {
1000 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1001 goto fail;
1002 }
1003
1004 GetTimeOfDay(&fsp->open_time);
1005 fsp_set_gen_id(fsp);
1006 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1007
1008 fsp->fsp_name = &full_fname;
1009
1010 #ifdef O_PATH
1011 /*
1012 * Add O_PATH manually, doing this by setting
1013 * fsp->fsp_flags.is_pathref will make us become_root() in the
1014 * non-O_PATH case, which would cause a security problem.
1015 */
1016 how.flags |= O_PATH;
1017 #else
1018 #ifdef O_SEARCH
1019 /*
1020 * O_SEARCH just checks for the "x" bit. We are traversing
1021 * directories, so we don't need the implicit O_RDONLY ("r"
1022 * permissions) but only the "x"-permissions requested by
1023 * O_SEARCH. We need either O_PATH or O_SEARCH to correctly
1024 * function, without either we will incorrectly require also
1025 * the "r" bit when traversing the directory hierarchy.
1026 */
1027 how.flags |= O_SEARCH;
1028 #endif
1029 #endif
1030
1031 is_toplevel = (dirfsp == dirfsp->conn->cwd_fsp);
1032 is_toplevel |= ISDOT(dirfsp->fsp_name->base_name);
1033
1034 full_fname.base_name =
1035 talloc_strdup(talloc_tos(),
1036 is_toplevel ? "" : dirfsp->fsp_name->base_name);
1037 if (full_fname.base_name == NULL) {
1038 DBG_DEBUG("talloc_strdup() failed\n");
1039 goto nomem;
1040 }
1041
1042 /*
1043 * First split the path into individual components.
1044 */
1045 path = path_to_strv(talloc_tos(), path_in);
1046 if (path == NULL) {
1047 DBG_DEBUG("path_to_strv() failed\n");
1048 goto nomem;
1049 }
1050
1051 /*
1052 * First we loop over all components
1053 * in order to verify, there's no '.' or '..'
1054 */
1055 rel_fname.base_name = path;
1056 while (rel_fname.base_name != NULL) {
1057
1058 next = strv_next(path, rel_fname.base_name);
1059
1060 /*
1061 * Path sanitizing further up has cleaned or rejected
1062 * empty path components. Assert this here.
1063 */
1064 SMB_ASSERT(rel_fname.base_name[0] != '\0');
1065
1066 if (ISDOT(rel_fname.base_name) ||
1067 ISDOTDOT(rel_fname.base_name)) {
1068 DBG_DEBUG("%s contains a dot\n", path_in);
1069 status = NT_STATUS_OBJECT_NAME_INVALID;
1070 goto fail;
1071 }
1072
1073 /* Check veto files. */
1074 if (IS_VETO_PATH(conn, rel_fname.base_name)) {
1075 DBG_DEBUG("%s contains veto files path component %s\n",
1076 path_in, rel_fname.base_name);
1077 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
1078 goto fail;
1079 }
1080
1081 rel_fname.base_name = next;
1082 }
1083
1084 if (conn->open_how_resolve & VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS) {
1085
1086 /*
1087 * Try a direct openat2 with RESOLVE_NO_SYMLINKS to
1088 * avoid the openat/close loop further down.
1089 */
1090
1091 rel_fname.base_name = discard_const_p(char, path_in);
1092 how.resolve = VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS;
1093
1094 fd = SMB_VFS_OPENAT(conn, dirfsp, &rel_fname, fsp, &how);
1095 if (fd >= 0) {
1096 fsp_set_fd(fsp, fd);
1097 ok = full_path_extend(&full_fname.base_name,
1098 rel_fname.base_name);
1099 if (!ok) {
1100 goto nomem;
1101 }
1102 goto done;
1103 }
1104
1105 status = map_nt_error_from_unix(errno);
1106 DBG_DEBUG("SMB_VFS_OPENAT(%s, %s, RESOLVE_NO_SYMLINKS) "
1107 "returned %d %s => %s\n",
1108 smb_fname_str_dbg(dirfsp->fsp_name), path_in,
1109 errno, strerror(errno), nt_errstr(status));
1110 SMB_ASSERT(fd == -1);
1111 switch (errno) {
1112 case ENOSYS:
1113 /*
1114 * We got ENOSYS, so fallback to the old code
1115 * if the kernel doesn't support openat2() yet.
1116 */
1117 break;
1118
1119 case ELOOP:
1120 case ENOTDIR:
1121 /*
1122 * For ELOOP we also fallback in order to
1123 * return the correct information with
1124 * NT_STATUS_STOPPED_ON_SYMLINK.
1125 *
1126 * O_NOFOLLOW|O_DIRECTORY results in
1127 * ENOTDIR instead of ELOOP for the final
1128 * component.
1129 */
1130 break;
1131
1132 case ENOENT:
1133 /*
1134 * If we got ENOENT, the filesystem could
1135 * be case sensitive. For now we only do
1136 * the get_real_filename_at() dance in
1137 * the fallback loop below.
1138 */
1139 break;
1140
1141 default:
1142 goto fail;
1143 }
1144
1145 /*
1146 * Just fallback to the openat loop
1147 */
1148 how.resolve = 0;
1149 }
1150
1151 /*
1152 * Now we loop over all components
1153 * opening each one and using it
1154 * as dirfd for the next one.
1155 *
1156 * It means we can detect symlinks
1157 * within the path.
1158 */
1159 rel_fname.base_name = path;
1160 next:
1161 next = strv_next(path, rel_fname.base_name);
1162
1163 fd = smb_vfs_openat_ci(talloc_tos(),
1164 posix || conn->case_sensitive,
1165 conn,
1166 dirfsp,
1167 &rel_fname,
1168 fsp,
1169 &how);
1170
1171 #ifndef O_PATH
1172 if ((fd == -1) && (errno == ELOOP)) {
1173 int ret;
1174
1175 /*
1176 * openat() hit a symlink. With O_PATH we open the
1177 * symlink and get ENOTDIR in the next round, see
1178 * below.
1179 */
1180
1181 status = create_open_symlink_err(mem_ctx,
1182 dirfsp,
1183 &rel_fname,
1184 &symlink_err);
1185 if (!NT_STATUS_IS_OK(status)) {
1186 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1187 nt_errstr(status));
1188 goto fail;
1189 }
1190
1191 if (next != NULL) {
1192 size_t parsed = next - path;
1193 size_t len = talloc_get_size(path);
1194 symlink_err->unparsed = len - parsed;
1195 }
1196
1197 /*
1198 * We know rel_fname is a symlink, now fill in the
1199 * rest of the metadata for our callers.
1200 */
1201
1202 ret = SMB_VFS_FSTATAT(conn,
1203 dirfsp,
1204 &rel_fname,
1205 &symlink_err->st,
1206 AT_SYMLINK_NOFOLLOW);
1207 if (ret == -1) {
1208 status = map_nt_error_from_unix(errno);
1209 DBG_DEBUG("SMB_VFS_FSTATAT(%s/%s) failed: %s\n",
1210 fsp_str_dbg(dirfsp),
1211 rel_fname.base_name,
1212 strerror(errno));
1213 TALLOC_FREE(symlink_err);
1214 goto fail;
1215 }
1216
1217 if (!S_ISLNK(symlink_err->st.st_ex_mode)) {
1218 /*
1219 * Hit a race: readlink_talloc() worked before
1220 * the fstatat(), but rel_fname changed to
1221 * something that's not a symlink.
1222 */
1223 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
1224 TALLOC_FREE(symlink_err);
1225 goto fail;
1226 }
1227
1228 status = NT_STATUS_STOPPED_ON_SYMLINK;
1229 goto fail;
1230 }
1231 #endif
1232
1233 if ((fd == -1) && (errno == ENOTDIR)) {
1234 size_t parsed, len;
1235
1236 /*
1237 * dirfsp does not point at a directory, try a
1238 * freadlink.
1239 */
1240
1241 status = create_open_symlink_err(mem_ctx,
1242 dirfsp,
1243 NULL,
1244 &symlink_err);
1245
1246 if (!NT_STATUS_IS_OK(status)) {
1247 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1248 nt_errstr(status));
1249 status = NT_STATUS_NOT_A_DIRECTORY;
1250 goto fail;
1251 }
1252
1253 parsed = rel_fname.base_name - path;
1254 len = talloc_get_size(path);
1255 symlink_err->unparsed = len - parsed;
1256
1257 symlink_err->st = dirfsp->fsp_name->st;
1258
1259 status = NT_STATUS_STOPPED_ON_SYMLINK;
1260 goto fail;
1261 }
1262
1263 if (fd == -1) {
1264 status = map_nt_error_from_unix(errno);
1265 DBG_DEBUG("SMB_VFS_OPENAT() failed: %s\n",
1266 strerror(errno));
1267 goto fail;
1268 }
1269 fsp_set_fd(fsp, fd);
1270
1271 ok = full_path_extend(&full_fname.base_name, rel_fname.base_name);
1272 if (!ok) {
1273 goto nomem;
1274 }
1275
1276 if (next != NULL) {
1277 struct files_struct *tmp = NULL;
1278
1279 if (dirfsp != in_dirfsp) {
1280 fd_close(dirfsp);
1281 }
1282
1283 tmp = dirfsp;
1284 dirfsp = fsp;
1285
1286 if (tmp == in_dirfsp) {
1287 status = fsp_new(conn, conn, &fsp);
1288 if (!NT_STATUS_IS_OK(status)) {
1289 DBG_DEBUG("fsp_new() failed: %s\n",
1290 nt_errstr(status));
1291 goto fail;
1292 }
1293 fsp->fsp_name = &full_fname;
1294 } else {
1295 fsp = tmp;
1296 }
1297
1298 rel_fname.base_name = next;
1299
1300 goto next;
1301 }
1302
1303 if (dirfsp != in_dirfsp) {
1304 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1305 fd_close(dirfsp);
1306 dirfsp->fsp_name = NULL;
1307 file_free(NULL, dirfsp);
1308 dirfsp = NULL;
1309 }
1310
1311 done:
1312 fsp->fsp_flags.is_pathref = true;
1313 fsp->fsp_name = NULL;
1314
1315 status = fsp_set_smb_fname(fsp, &full_fname);
1316 if (!NT_STATUS_IS_OK(status)) {
1317 DBG_DEBUG("fsp_set_smb_fname() failed: %s\n",
1318 nt_errstr(status));
1319 goto fail;
1320 }
1321
1322 status = vfs_stat_fsp(fsp);
1323 if (!NT_STATUS_IS_OK(status)) {
1324 DBG_DEBUG("vfs_stat_fsp(%s) failed: %s\n",
1325 fsp_str_dbg(fsp),
1326 nt_errstr(status));
1327 goto fail;
1328 }
1329
1330 if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
1331 /*
1332 * Last component was a symlink we opened with O_PATH, fail it
1333 * here.
1334 */
1335 status = create_open_symlink_err(mem_ctx,
1336 fsp,
1337 NULL,
1338 &symlink_err);
1339 if (!NT_STATUS_IS_OK(status)) {
1340 return status;
1341 }
1342 symlink_err->st = fsp->fsp_name->st;
1343
1344 status = NT_STATUS_STOPPED_ON_SYMLINK;
1345 goto fail;
1346 }
1347
1348 /*
1349 * We must correctly set fsp->file_id as code inside
1350 * open.c will use this to check if delete_on_close
1351 * has been set on the dirfsp.
1352 */
1353 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1354
1355 result = cp_smb_filename(mem_ctx, fsp->fsp_name);
1356 if (result == NULL) {
1357 DBG_DEBUG("cp_smb_filename() failed\n");
1358 goto nomem;
1359 }
1360
1361 status = fsp_smb_fname_link(fsp,
1362 &result->fsp_link,
1363 &result->fsp);
1364 if (!NT_STATUS_IS_OK(status)) {
1365 goto fail;
1366 }
1367 talloc_set_destructor(result, smb_fname_fsp_destructor);
1368
1369 *_smb_fname = result;
1370
1371 DBG_DEBUG("returning %s\n", smb_fname_str_dbg(result));
1372
1373 return NT_STATUS_OK;
1374
1375 nomem:
1376 status = NT_STATUS_NO_MEMORY;
1377 fail:
1378 if (fsp != NULL) {
1379 if (fsp_get_pathref_fd(fsp) != -1) {
1380 fd_close(fsp);
1381 }
1382 file_free(NULL, fsp);
1383 fsp = NULL;
1384 }
1385
1386 if ((dirfsp != NULL) && (dirfsp != in_dirfsp)) {
1387 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1388 fd_close(dirfsp);
1389 dirfsp->fsp_name = NULL;
1390 file_free(NULL, dirfsp);
1391 dirfsp = NULL;
1392 }
1393
1394 if (NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK)) {
1395 *_symlink_err = symlink_err;
1396 }
1397
1398 TALLOC_FREE(path);
1399 return status;
1400 }
1401
1402 /*
1403 * Open smb_fname_rel->fsp as a pathref fsp with a case insensitive
1404 * fallback using GETREALFILENAME_CACHE and get_real_filename_at() if
1405 * the first attempt based on the filename sent by the client gives
1406 * ENOENT.
1407 */
1408 NTSTATUS openat_pathref_fsp_lcomp(struct files_struct *dirfsp,
1409 struct smb_filename *smb_fname_rel,
1410 uint32_t ucf_flags)
1411 {
1412 struct connection_struct *conn = dirfsp->conn;
1413 const char *orig_rel_base_name = smb_fname_rel->base_name;
1414 struct files_struct *fsp = NULL;
1415 struct smb_filename *full_fname = NULL;
1416 struct vfs_open_how how = {
1417 .flags = O_RDONLY | O_NONBLOCK | O_NOFOLLOW,
1418 };
1419 NTSTATUS status;
1420 int ret, fd;
1421
1422 /*
1423 * Make sure we don't need of the all the magic in
1424 * openat_pathref_fsp() with regards non_widelink_open etc.
1425 */
1426
1427 SMB_ASSERT((smb_fname_rel->fsp == NULL) &&
1428 (dirfsp != dirfsp->conn->cwd_fsp) &&
1429 (strchr_m(smb_fname_rel->base_name, '/') == NULL) &&
1430 !is_named_stream(smb_fname_rel));
1431
1432 SET_STAT_INVALID(smb_fname_rel->st);
1433
1434 /* Check veto files - only looks at last component. */
1435 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
1436 DBG_DEBUG("veto files rejecting last component %s\n",
1437 smb_fname_str_dbg(smb_fname_rel));
1438 return NT_STATUS_NETWORK_OPEN_RESTRICTION;
1439 }
1440
1441 status = fsp_new(conn, conn, &fsp);
1442 if (!NT_STATUS_IS_OK(status)) {
1443 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1444 return status;
1445 }
1446
1447 GetTimeOfDay(&fsp->open_time);
1448 fsp_set_gen_id(fsp);
1449 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1450
1451 fsp->fsp_flags.is_pathref = true;
1452
1453 full_fname = full_path_from_dirfsp_atname(conn, dirfsp, smb_fname_rel);
1454 if (full_fname == NULL) {
1455 DBG_DEBUG("full_path_from_dirfsp_atname(%s/%s) failed\n",
1456 dirfsp->fsp_name->base_name,
1457 smb_fname_rel->base_name);
1458 file_free(NULL, fsp);
1459 return NT_STATUS_NO_MEMORY;
1460 }
1461
1462 status = fsp_attach_smb_fname(fsp, &full_fname);
1463 if (!NT_STATUS_IS_OK(status)) {
1464 DBG_DEBUG("fsp_attach_smb_fname(fsp, %s) failed: %s\n",
1465 smb_fname_str_dbg(full_fname),
1466 nt_errstr(status));
1467 file_free(NULL, fsp);
1468 return status;
1469 }
1470
1471 fd = smb_vfs_openat_ci(smb_fname_rel,
1472 (ucf_flags & UCF_POSIX_PATHNAMES) ||
1473 conn->case_sensitive,
1474 conn,
1475 dirfsp,
1476 smb_fname_rel,
1477 fsp,
1478 &how);
1479
1480 if ((fd == -1) && (errno == ENOENT)) {
1481 status = map_nt_error_from_unix(errno);
1482 DBG_DEBUG("smb_vfs_openat(%s/%s) failed: %s\n",
1483 dirfsp->fsp_name->base_name,
1484 smb_fname_rel->base_name,
1485 strerror(errno));
1486 file_free(NULL, fsp);
1487 return status;
1488 }
1489
1490 if (smb_fname_rel->base_name != orig_rel_base_name) {
1491 struct smb_filename new_fullname = *smb_fname_rel;
1492
1493 DBG_DEBUG("rel->base_name changed from %s to %s\n",
1494 orig_rel_base_name,
1495 smb_fname_rel->base_name);
1496
1497 new_fullname.base_name = full_path_from_dirfsp_at_basename(
1498 talloc_tos(), dirfsp, new_fullname.base_name);
1499 if (new_fullname.base_name == NULL) {
1500 fd_close(fsp);
1501 file_free(NULL, fsp);
1502 return NT_STATUS_NO_MEMORY;
1503 }
1504
1505 status = fsp_set_smb_fname(fsp, &new_fullname);
1506 if (!NT_STATUS_IS_OK(status)) {
1507 fd_close(fsp);
1508 file_free(NULL, fsp);
1509 return status;
1510 }
1511 }
1512
1513 fsp_set_fd(fsp, fd);
1514
1515 if (fd >= 0) {
1516 ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st);
1517 } else {
1518 ret = SMB_VFS_FSTATAT(fsp->conn,
1519 dirfsp,
1520 smb_fname_rel,
1521 &fsp->fsp_name->st,
1522 AT_SYMLINK_NOFOLLOW);
1523 }
1524 if (ret == -1) {
1525 status = map_nt_error_from_unix(errno);
1526 DBG_DEBUG("SMB_VFS_%sSTAT(%s/%s) failed: %s\n",
1527 (fd >= 0) ? "F" : "",
1528 dirfsp->fsp_name->base_name,
1529 smb_fname_rel->base_name,
1530 nt_errstr(status));
1531 fd_close(fsp);
1532 file_free(NULL, fsp);
1533 return status;
1534 }
1535
1536 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
1537 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1538
1539 smb_fname_rel->st = fsp->fsp_name->st;
1540
1541 status = fsp_smb_fname_link(fsp,
1542 &smb_fname_rel->fsp_link,
1543 &smb_fname_rel->fsp);
1544 if (!NT_STATUS_IS_OK(status)) {
1545 DBG_DEBUG("fsp_smb_fname_link() failed: %s\n",
1546 nt_errstr(status));
1547 fd_close(fsp);
1548 file_free(NULL, fsp);
1549 return status;
1550 }
1551
1552 DBG_DEBUG("fsp [%s]: OK, fd=%d\n", fsp_str_dbg(fsp), fd);
1553
1554 talloc_set_destructor(smb_fname_rel, smb_fname_fsp_destructor);
1555 return NT_STATUS_OK;
1556 }
1557
1558 void smb_fname_fsp_unlink(struct smb_filename *smb_fname)
1559 {
1560 talloc_set_destructor(smb_fname, NULL);
1561 smb_fname->fsp = NULL;
1562 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1563 }
1564
1565 /*
1566 * Move any existing embedded fsp refs from the src name to the
1567 * destination. It's safe to call this on src smb_fname's that have no embedded
1568 * pathref fsp.
1569 */
1570 NTSTATUS move_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1571 struct smb_filename *smb_fname_src)
1572 {
1573 NTSTATUS status;
1574
1575 /*
1576 * The target should always not be linked yet!
1577 */
1578 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1579 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1580
1581 if (smb_fname_src->fsp == NULL) {
1582 return NT_STATUS_OK;
1583 }
1584
1585 status = fsp_smb_fname_link(smb_fname_src->fsp,
1586 &smb_fname_dst->fsp_link,
1587 &smb_fname_dst->fsp);
1588 if (!NT_STATUS_IS_OK(status)) {
1589 return status;
1590 }
1591
1592 talloc_set_destructor(smb_fname_dst, smb_fname_fsp_destructor);
1593
1594 smb_fname_fsp_unlink(smb_fname_src);
1595
1596 return NT_STATUS_OK;
1597 }
1598
1599 static int fsp_ref_no_close_destructor(struct smb_filename *smb_fname)
1600 {
1601 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1602 return 0;
1603 }
1604
1605 NTSTATUS reference_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1606 const struct smb_filename *smb_fname_src)
1607 {
1608 NTSTATUS status;
1609
1610 /*
1611 * The target should always not be linked yet!
1612 */
1613 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1614 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1615
1616 if (smb_fname_src->fsp == NULL) {
1617 return NT_STATUS_OK;
1618 }
1619
1620 status = fsp_smb_fname_link(smb_fname_src->fsp,
1621 &smb_fname_dst->fsp_link,
1622 &smb_fname_dst->fsp);
1623 if (!NT_STATUS_IS_OK(status)) {
1624 return status;
1625 }
1626
1627 talloc_set_destructor(smb_fname_dst, fsp_ref_no_close_destructor);
1628
1629 return NT_STATUS_OK;
1630 }
1631
1632 /**
1633 * Create an smb_fname and open smb_fname->fsp pathref
1634 **/
1635 NTSTATUS synthetic_pathref(TALLOC_CTX *mem_ctx,
1636 struct files_struct *dirfsp,
1637 const char *base_name,
1638 const char *stream_name,
1639 const SMB_STRUCT_STAT *psbuf,
1640 NTTIME twrp,
1641 uint32_t flags,
1642 struct smb_filename **_smb_fname)
1643 {
1644 struct smb_filename *smb_fname = NULL;
1645 NTSTATUS status;
1646
1647 smb_fname = synthetic_smb_fname(mem_ctx,
1648 base_name,
1649 stream_name,
1650 psbuf,
1651 twrp,
1652 flags);
1653 if (smb_fname == NULL) {
1654 return NT_STATUS_NO_MEMORY;
1655 }
1656
1657 status = openat_pathref_fsp(dirfsp, smb_fname);
1658 if (!NT_STATUS_IS_OK(status)) {
1659 DBG_NOTICE("opening [%s] failed\n",
1660 smb_fname_str_dbg(smb_fname));
1661 TALLOC_FREE(smb_fname);
1662 return status;
1663 }
1664
1665 *_smb_fname = smb_fname;
1666 return NT_STATUS_OK;
1667 }
1668
1669 /**
1670 * Turn a path into a parent pathref and atname
1671 *
1672 * This returns the parent pathref in _parent and the name relative to it. If
1673 * smb_fname was a pathref (ie smb_fname->fsp != NULL), then _atname will be a
1674 * pathref as well, ie _atname->fsp will point at the same fsp as
1675 * smb_fname->fsp.
1676 **/
1677 NTSTATUS parent_pathref(TALLOC_CTX *mem_ctx,
1678 struct files_struct *dirfsp,
1679 const struct smb_filename *smb_fname,
1680 struct smb_filename **_parent,
1681 struct smb_filename **_atname)
1682 {
1683 struct smb_filename *parent = NULL;
1684 struct smb_filename *atname = NULL;
1685 NTSTATUS status;
1686
1687 status = SMB_VFS_PARENT_PATHNAME(dirfsp->conn,
1688 mem_ctx,
1689 smb_fname,
1690 &parent,
1691 &atname);
1692 if (!NT_STATUS_IS_OK(status)) {
1693 return status;
1694 }
1695
1696 /*
1697 * We know that the parent name must
1698 * exist, and the name has been canonicalized
1699 * even if this was a POSIX pathname.
1700 * Ensure that we follow symlinks for
1701 * the parent. See the torture test
1702 * POSIX-SYMLINK-PARENT for details.
1703 */
1704 parent->flags &= ~SMB_FILENAME_POSIX_PATH;
1705
1706 status = openat_pathref_fsp(dirfsp, parent);
1707 if (!NT_STATUS_IS_OK(status)) {
1708 TALLOC_FREE(parent);
1709 return status;
1710 }
1711
1712 status = reference_smb_fname_fsp_link(atname, smb_fname);
1713 if (!NT_STATUS_IS_OK(status)) {
1714 TALLOC_FREE(parent);
1715 return status;
1716 }
1717
1718 *_parent = parent;
1719 *_atname = atname;
1720 return NT_STATUS_OK;
1721 }
1722
1723 static bool close_file_in_loop(struct files_struct *fsp,
1724 enum file_close_type close_type)
1725 {
1726 if (fsp_is_alternate_stream(fsp)) {
1727 /*
1728 * This is a stream, it can't be a base
1729 */
1730 SMB_ASSERT(fsp->stream_fsp == NULL);
1731 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
1732
1733 /*
1734 * Remove the base<->stream link so that
1735 * close_file_free() does not close fsp->base_fsp as
1736 * well. This would destroy walking the linked list of
1737 * fsps.
1738 */
1739 fsp->base_fsp->stream_fsp = NULL;
1740 fsp->base_fsp = NULL;
1741
1742 close_file_free(NULL, &fsp, close_type);
1743 return NULL;
1744 }
1745
1746 if (fsp->stream_fsp != NULL) {
1747 /*
1748 * This is the base of a stream.
1749 */
1750 SMB_ASSERT(fsp->stream_fsp->base_fsp == fsp);
1751
1752 /*
1753 * Remove the base<->stream link. This will make fsp
1754 * look like a normal fsp for the next round.
1755 */
1756 fsp->stream_fsp->base_fsp = NULL;
1757 fsp->stream_fsp = NULL;
1758
1759 /*
1760 * Have us called back a second time. In the second
1761 * round, "fsp" now looks like a normal fsp.
1762 */
1763 return false;
1764 }
1765
1766 close_file_free(NULL, &fsp, close_type);
1767 return true;
1768 }
1769
1770 /****************************************************************************
1771 Close all open files for a connection.
1772 ****************************************************************************/
1773
1774 struct file_close_conn_state {
1775 struct connection_struct *conn;
1776 enum file_close_type close_type;
1777 bool fsp_left_behind;
1778 };
1779
1780 static struct files_struct *file_close_conn_fn(
1781 struct files_struct *fsp,
1782 void *private_data)
1783 {
1784 struct file_close_conn_state *state = private_data;
1785 bool did_close;
1786
1787 if (fsp->conn != state->conn) {
1788 return NULL;
1789 }
1790
1791 if (fsp->op != NULL && fsp->op->global->durable) {
1792 /*
1793 * A tree disconnect closes a durable handle
1794 */
1795 fsp->op->global->durable = false;
1796 }
1797
1798 did_close = close_file_in_loop(fsp, state->close_type);
1799 if (!did_close) {
1800 state->fsp_left_behind = true;
1801 }
1802
1803 return NULL;
1804 }
1805
1806 void file_close_conn(connection_struct *conn, enum file_close_type close_type)
1807 {
1808 struct file_close_conn_state state = { .conn = conn,
1809 .close_type = close_type };
1810
1811 files_forall(conn->sconn, file_close_conn_fn, &state);
1812
1813 if (state.fsp_left_behind) {
1814 state.fsp_left_behind = false;
1815 files_forall(conn->sconn, file_close_conn_fn, &state);
1816 SMB_ASSERT(!state.fsp_left_behind);
1817 }
1818 }
1819
1820 /****************************************************************************
1821 Initialise file structures.
1822 ****************************************************************************/
1823
1824 static int files_max_open_fds;
1825
1826 bool file_init_global(void)
1827 {
1828 int request_max = lp_max_open_files();
1829 int real_lim;
1830 int real_max;
1831
1832 if (files_max_open_fds != 0) {
1833 return true;
1834 }
1835
1836 /*
1837 * Set the max_open files to be the requested
1838 * max plus a fudgefactor to allow for the extra
1839 * fd's we need such as log files etc...
1840 */
1841 real_lim = set_maxfiles(request_max + MAX_OPEN_FUDGEFACTOR);
1842
1843 real_max = real_lim - MAX_OPEN_FUDGEFACTOR;
1844
1845 if (real_max + FILE_HANDLE_OFFSET + MAX_OPEN_PIPES > 65536) {
1846 real_max = 65536 - FILE_HANDLE_OFFSET - MAX_OPEN_PIPES;
1847 }
1848
1849 if (real_max != request_max) {
1850 DEBUG(1, ("file_init_global: Information only: requested %d "
1851 "open files, %d are available.\n",
1852 request_max, real_max));
1853 }
1854
1855 SMB_ASSERT(real_max > 100);
1856
1857 files_max_open_fds = real_max;
1858 return true;
1859 }
1860
1861 bool file_init(struct smbd_server_connection *sconn)
1862 {
1863 bool ok;
1864
1865 ok = file_init_global();
1866 if (!ok) {
1867 return false;
1868 }
1869
1870 sconn->real_max_open_files = files_max_open_fds;
1871
1872 return true;
1873 }
1874
1875 /****************************************************************************
1876 Close files open by a specified vuid.
1877 ****************************************************************************/
1878
1879 struct file_close_user_state {
1880 uint64_t vuid;
1881 bool fsp_left_behind;
1882 };
1883
1884 static struct files_struct *file_close_user_fn(
1885 struct files_struct *fsp,
1886 void *private_data)
1887 {
1888 struct file_close_user_state *state = private_data;
1889 bool did_close;
1890
1891 if (fsp->vuid != state->vuid) {
1892 return NULL;
1893 }
1894
1895 did_close = close_file_in_loop(fsp, SHUTDOWN_CLOSE);
1896 if (!did_close) {
1897 state->fsp_left_behind = true;
1898 }
1899
1900 return NULL;
1901 }
1902
1903 void file_close_user(struct smbd_server_connection *sconn, uint64_t vuid)
1904 {
1905 struct file_close_user_state state = { .vuid = vuid };
1906
1907 files_forall(sconn, file_close_user_fn, &state);
1908
1909 if (state.fsp_left_behind) {
1910 state.fsp_left_behind = false;
1911 files_forall(sconn, file_close_user_fn, &state);
1912 SMB_ASSERT(!state.fsp_left_behind);
1913 }
1914 }
1915
1916 /*
1917 * Walk the files table until "fn" returns non-NULL
1918 */
1919
1920 struct files_struct *files_forall(
1921 struct smbd_server_connection *sconn,
1922 struct files_struct *(*fn)(struct files_struct *fsp,
1923 void *private_data),
1924 void *private_data)
1925 {
1926 struct files_struct *fsp, *next;
1927
1928 for (fsp = sconn->files; fsp; fsp = next) {
1929 struct files_struct *ret;
1930 next = fsp->next;
1931 ret = fn(fsp, private_data);
1932 if (ret != NULL) {
1933 return ret;
1934 }
1935 }
1936 return NULL;
1937 }
1938
1939 /****************************************************************************
1940 Find a fsp given a file descriptor.
1941 ****************************************************************************/
1942
1943 files_struct *file_find_fd(struct smbd_server_connection *sconn, int fd)
1944 {
1945 int count=0;
1946 files_struct *fsp;
1947
1948 for (fsp=sconn->files; fsp; fsp=fsp->next,count++) {
1949 if (fsp_get_pathref_fd(fsp) == fd) {
1950 if (count > 10) {
1951 DLIST_PROMOTE(sconn->files, fsp);
1952 }
1953 return fsp;
1954 }
1955 }
1956
1957 return NULL;
1958 }
1959
1960 /****************************************************************************
1961 Find a fsp given a device, inode and file_id.
1962 ****************************************************************************/
1963
1964 files_struct *file_find_dif(struct smbd_server_connection *sconn,
1965 struct file_id id, unsigned long gen_id)
1966 {
1967 int count=0;
1968 files_struct *fsp;
1969
1970 if (gen_id == 0) {
1971 return NULL;
1972 }
1973
1974 for (fsp = sconn->files; fsp; fsp = fsp->next,count++) {
1975 /*
1976 * We can have a fsp->fh->fd == -1 here as it could be a stat
1977 * open.
1978 */
1979 if (!file_id_equal(&fsp->file_id, &id)) {
1980 continue;
1981 }
1982 if (!fsp->fsp_flags.is_fsa) {
1983 continue;
1984 }
1985 if (fh_get_gen_id(fsp->fh) != gen_id) {
1986 continue;
1987 }
1988 if (count > 10) {
1989 DLIST_PROMOTE(sconn->files, fsp);
1990 }
1991 return fsp;
1992 }
1993
1994 return NULL;
1995 }
1996
1997 /****************************************************************************
1998 Find the first fsp given a device and inode.
1999 We use a singleton cache here to speed up searching from getfilepathinfo
2000 calls.
2001 ****************************************************************************/
2002
2003 files_struct *file_find_di_first(struct smbd_server_connection *sconn,
2004 struct file_id id,
2005 bool need_fsa)
2006 {
2007 files_struct *fsp;
2008
2009 if (file_id_equal(&sconn->fsp_fi_cache.id, &id)) {
2010 /* Positive or negative cache hit. */
2011 return sconn->fsp_fi_cache.fsp;
2012 }
2013
2014 sconn->fsp_fi_cache.id = id;
2015
2016 for (fsp=sconn->files;fsp;fsp=fsp->next) {
2017 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2018 continue;
2019 }
2020 if (file_id_equal(&fsp->file_id, &id)) {
2021 /* Setup positive cache. */
2022 sconn->fsp_fi_cache.fsp = fsp;
2023 return fsp;
2024 }
2025 }
2026
2027 /* Setup negative cache. */
2028 sconn->fsp_fi_cache.fsp = NULL;
2029 return NULL;
2030 }
2031
2032 /****************************************************************************
2033 Find the next fsp having the same device and inode.
2034 ****************************************************************************/
2035
2036 files_struct *file_find_di_next(files_struct *start_fsp,
2037 bool need_fsa)
2038 {
2039 files_struct *fsp;
2040
2041 for (fsp = start_fsp->next;fsp;fsp=fsp->next) {
2042 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2043 continue;
2044 }
2045 if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
2046 return fsp;
2047 }
2048 }
2049
2050 return NULL;
2051 }
2052
2053 struct files_struct *file_find_one_fsp_from_lease_key(
2054 struct smbd_server_connection *sconn,
2055 const struct smb2_lease_key *lease_key)
2056 {
2057 struct files_struct *fsp;
2058
2059 for (fsp = sconn->files; fsp; fsp=fsp->next) {
2060 if ((fsp->lease != NULL) &&
2061 (fsp->lease->lease.lease_key.data[0] ==
2062 lease_key->data[0]) &&
2063 (fsp->lease->lease.lease_key.data[1] ==
2064 lease_key->data[1])) {
2065 return fsp;
2066 }
2067 }
2068 return NULL;
2069 }
2070
2071 /****************************************************************************
2072 Find any fsp open with a pathname below that of an already open path.
2073 ****************************************************************************/
2074
2075 bool file_find_subpath(files_struct *dir_fsp)
2076 {
2077 files_struct *fsp;
2078 size_t dlen;
2079 char *d_fullname = NULL;
2080
2081 d_fullname = talloc_asprintf(talloc_tos(), "%s/%s",
2082 dir_fsp->conn->connectpath,
2083 dir_fsp->fsp_name->base_name);
2084
2085 if (!d_fullname) {
2086 return false;
2087 }
2088
2089 dlen = strlen(d_fullname);
2090
2091 for (fsp=dir_fsp->conn->sconn->files; fsp; fsp=fsp->next) {
2092 char *d1_fullname;
2093
2094 if (fsp == dir_fsp) {
2095 continue;
2096 }
2097
2098 d1_fullname = talloc_asprintf(talloc_tos(),
2099 "%s/%s",
2100 fsp->conn->connectpath,
2101 fsp->fsp_name->base_name);
2102
2103 /*
2104 * If the open file has a path that is a longer
2105 * component, then it's a subpath.
2106 */
2107 if (strnequal(d_fullname, d1_fullname, dlen) &&
2108 (d1_fullname[dlen] == '/')) {
2109 TALLOC_FREE(d1_fullname);
2110 TALLOC_FREE(d_fullname);
2111 return true;
2112 }
2113 TALLOC_FREE(d1_fullname);
2114 }
2115
2116 TALLOC_FREE(d_fullname);
2117 return false;
2118 }
2119
2120 /****************************************************************************
2121 Free up a fsp.
2122 ****************************************************************************/
2123
2124 static void fsp_free(files_struct *fsp)
2125 {
2126 struct smbd_server_connection *sconn = fsp->conn->sconn;
2127
2128 if (fsp == sconn->fsp_fi_cache.fsp) {
2129 ZERO_STRUCT(sconn->fsp_fi_cache);
2130 }
2131
2132 DLIST_REMOVE(sconn->files, fsp);
2133 SMB_ASSERT(sconn->num_files > 0);
2134 sconn->num_files--;
2135
2136 TALLOC_FREE(fsp->fake_file_handle);
2137
2138 if (fh_get_refcount(fsp->fh) == 1) {
2139 TALLOC_FREE(fsp->fh);
2140 } else {
2141 size_t new_refcount = fh_get_refcount(fsp->fh) - 1;
2142 fh_set_refcount(fsp->fh, new_refcount);
2143 }
2144
2145 if (fsp->lease != NULL) {
2146 if (fsp->lease->ref_count == 1) {
2147 TALLOC_FREE(fsp->lease);
2148 } else {
2149 fsp->lease->ref_count--;
2150 }
2151 }
2152
2153 fsp->conn->num_files_open--;
2154
2155 if (fsp->fsp_name != NULL &&
2156 fsp->fsp_name->fsp_link != NULL)
2157 {
2158 /*
2159 * Free fsp_link of fsp->fsp_name. To do this in the correct
2160 * talloc destructor order we have to do it here. The
2161 * talloc_free() of the link should set the fsp pointer to NULL.
2162 */
2163 TALLOC_FREE(fsp->fsp_name->fsp_link);
2164 SMB_ASSERT(fsp->fsp_name->fsp == NULL);
2165 }
2166
2167 /* this is paranoia, just in case someone tries to reuse the
2168 information */
2169 ZERO_STRUCTP(fsp);
2170
2171 /* fsp->fsp_name is a talloc child and is free'd automatically. */
2172 TALLOC_FREE(fsp);
2173 }
2174
2175 /*
2176 * Rundown of all smb-related sub-structures of an fsp
2177 */
2178 void fsp_unbind_smb(struct smb_request *req, files_struct *fsp)
2179 {
2180 if (fsp == fsp->conn->cwd_fsp) {
2181 return;
2182 }
2183
2184 if (fsp->notify) {
2185 size_t len = fsp_fullbasepath(fsp, NULL, 0);
2186 char fullpath[len+1];
2187
2188 fsp_fullbasepath(fsp, fullpath, sizeof(fullpath));
2189
2190 /*
2191 * Avoid /. at the end of the path name. notify can't
2192 * deal with it.
2193 */
2194 if (len > 1 && fullpath[len-1] == '.' &&
2195 fullpath[len-2] == '/') {
2196 fullpath[len-2] = '\0';
2197 }
2198
2199 notify_remove(fsp->conn->sconn->notify_ctx, fsp, fullpath);
2200 TALLOC_FREE(fsp->notify);
2201 }
2202
2203 /* Ensure this event will never fire. */
2204 TALLOC_FREE(fsp->update_write_time_event);
2205
2206 if (fsp->op != NULL) {
2207 fsp->op->compat = NULL;
2208 }
2209 TALLOC_FREE(fsp->op);
2210
2211 if ((req != NULL) && (fsp == req->chain_fsp)) {
2212 req->chain_fsp = NULL;
2213 }
2214
2215 /*
2216 * Clear all possible chained fsp
2217 * pointers in the SMB2 request queue.
2218 */
2219 remove_smb2_chained_fsp(fsp);
2220 }
2221
2222 void file_free(struct smb_request *req, files_struct *fsp)
2223 {
2224 struct smbd_server_connection *sconn = fsp->conn->sconn;
2225 uint64_t fnum = fsp->fnum;
2226
2227 fsp_unbind_smb(req, fsp);
2228
2229 /* Drop all remaining extensions. */
2230 vfs_remove_all_fsp_extensions(fsp);
2231
2232 fsp_free(fsp);
2233
2234 DBG_INFO("freed files structure %"PRIu64" (%zu used)\n",
2235 fnum,
2236 sconn->num_files);
2237 }
2238
2239 /****************************************************************************
2240 Get an fsp from a packet given a 16 bit fnum.
2241 ****************************************************************************/
2242
2243 files_struct *file_fsp(struct smb_request *req, uint16_t fid)
2244 {
2245 struct smbXsrv_open *op;
2246 NTSTATUS status;
2247 NTTIME now = 0;
2248 files_struct *fsp;
2249
2250 if (req == NULL) {
2251 /*
2252 * We should never get here. req==NULL could in theory
2253 * only happen from internal opens with a non-zero
2254 * root_dir_fid. Internal opens just don't do that, at
2255 * least they are not supposed to do so. And if they
2256 * start to do so, they better fake up a smb_request
2257 * from which we get the right smbd_server_conn. While
2258 * this should never happen, let's return NULL here.
2259 */
2260 return NULL;
2261 }
2262
2263 if (req->chain_fsp != NULL) {
2264 if (req->chain_fsp->fsp_flags.closing) {
2265 return NULL;
2266 }
2267 return req->chain_fsp;
2268 }
2269
2270 if (req->xconn == NULL) {
2271 return NULL;
2272 }
2273
2274 now = timeval_to_nttime(&req->request_time);
2275
2276 status = smb1srv_open_lookup(req->xconn,
2277 fid, now, &op);
2278 if (!NT_STATUS_IS_OK(status)) {
2279 return NULL;
2280 }
2281
2282 fsp = op->compat;
2283 if (fsp == NULL) {
2284 return NULL;
2285 }
2286
2287 if (fsp->fsp_flags.closing) {
2288 return NULL;
2289 }
2290
2291 req->chain_fsp = fsp;
2292 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2293 return fsp;
2294 }
2295
2296 struct files_struct *file_fsp_get(struct smbd_smb2_request *smb2req,
2297 uint64_t persistent_id,
2298 uint64_t volatile_id)
2299 {
2300 struct smbXsrv_open *op;
2301 NTSTATUS status;
2302 NTTIME now = 0;
2303 struct files_struct *fsp;
2304
2305 now = timeval_to_nttime(&smb2req->request_time);
2306
2307 status = smb2srv_open_lookup(smb2req->xconn,
2308 persistent_id, volatile_id,
2309 now, &op);
2310 if (!NT_STATUS_IS_OK(status)) {
2311 return NULL;
2312 }
2313
2314 fsp = op->compat;
2315 if (fsp == NULL) {
2316 return NULL;
2317 }
2318
2319 if (smb2req->tcon == NULL) {
2320 return NULL;
2321 }
2322
2323 if (smb2req->tcon->compat != fsp->conn) {
2324 return NULL;
2325 }
2326
2327 if (smb2req->session == NULL) {
2328 return NULL;
2329 }
2330
2331 if (smb2req->session->global->session_wire_id != fsp->vuid) {
2332 return NULL;
2333 }
2334
2335 if (fsp->fsp_flags.closing) {
2336 return NULL;
2337 }
2338
2339 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2340
2341 return fsp;
2342 }
2343
2344 struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req,
2345 uint64_t persistent_id,
2346 uint64_t volatile_id)
2347 {
2348 struct files_struct *fsp;
2349
2350 if (smb2req->compat_chain_fsp != NULL) {
2351 if (smb2req->compat_chain_fsp->fsp_flags.closing) {
2352 return NULL;
2353 }
2354 smb2req->compat_chain_fsp->fsp_name->st.cached_dos_attributes =
2355 FILE_ATTRIBUTE_INVALID;
2356 return smb2req->compat_chain_fsp;
2357 }
2358
2359 fsp = file_fsp_get(smb2req, persistent_id, volatile_id);
2360 if (fsp == NULL) {
2361 return NULL;
2362 }
2363
2364 smb2req->compat_chain_fsp = fsp;
2365 return fsp;
2366 }
2367
2368 /****************************************************************************
2369 Duplicate the file handle part for a DOS or FCB open.
2370 ****************************************************************************/
2371
2372 NTSTATUS dup_file_fsp(
2373 files_struct *from,
2374 uint32_t access_mask,
2375 files_struct *to)
2376 {
2377 size_t new_refcount;
2378
2379 /* this can never happen for print files */
2380 SMB_ASSERT(from->print_file == NULL);
2381
2382 TALLOC_FREE(to->fh);
2383
2384 to->fh = from->fh;
2385 new_refcount = fh_get_refcount(to->fh) + 1;
2386 fh_set_refcount(to->fh, new_refcount);
2387
2388 to->file_id = from->file_id;
2389 to->initial_allocation_size = from->initial_allocation_size;
2390 to->file_pid = from->file_pid;
2391 to->vuid = from->vuid;
2392 to->open_time = from->open_time;
2393 to->access_mask = access_mask;
2394 to->oplock_type = from->oplock_type;
2395 to->fsp_flags.can_lock = from->fsp_flags.can_lock;
2396 to->fsp_flags.can_read = ((access_mask & FILE_READ_DATA) != 0);
2397 to->fsp_flags.can_write =
2398 CAN_WRITE(from->conn) &&
2399 ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) != 0);
2400 to->fsp_flags.modified = from->fsp_flags.modified;
2401 to->fsp_flags.is_directory = from->fsp_flags.is_directory;
2402 to->fsp_flags.aio_write_behind = from->fsp_flags.aio_write_behind;
2403 to->fsp_flags.is_fsa = from->fsp_flags.is_fsa;
2404 to->fsp_flags.is_pathref = from->fsp_flags.is_pathref;
2405 to->fsp_flags.have_proc_fds = from->fsp_flags.have_proc_fds;
2406 to->fsp_flags.is_dirfsp = from->fsp_flags.is_dirfsp;
2407
2408 return fsp_set_smb_fname(to, from->fsp_name);
2409 }
2410
2411 /**
2412 * Return a jenkins hash of a pathname on a connection.
2413 */
2414
2415 NTSTATUS file_name_hash(connection_struct *conn,
2416 const char *name, uint32_t *p_name_hash)
2417 {
2418 char tmpbuf[PATH_MAX];
2419 char *fullpath, *to_free;
2420 ssize_t len;
2421 TDB_DATA key;
2422
2423 /* Set the hash of the full pathname. */
2424
2425 if (name[0] == '/') {
2426 strlcpy(tmpbuf, name, sizeof(tmpbuf));
2427 fullpath = tmpbuf;
2428 len = strlen(fullpath);
2429 to_free = NULL;
2430 } else {
2431 len = full_path_tos(conn->connectpath,
2432 name,
2433 tmpbuf,
2434 sizeof(tmpbuf),
2435 &fullpath,
2436 &to_free);
2437 }
2438 if (len == -1) {
2439 return NT_STATUS_NO_MEMORY;
2440 }
2441 key = (TDB_DATA) { .dptr = (uint8_t *)fullpath, .dsize = len+1 };
2442 *p_name_hash = tdb_jenkins_hash(&key);
2443
2444 DEBUG(10,("file_name_hash: %s hash 0x%x\n",
2445 fullpath,
2446 (unsigned int)*p_name_hash ));
2447
2448 TALLOC_FREE(to_free);
2449 return NT_STATUS_OK;
2450 }
2451
2452 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
2453 struct smb_filename **_smb_fname)
2454 {
2455 TALLOC_CTX *frame = talloc_stackframe();
2456 struct smb_filename *smb_fname_new = talloc_move(fsp, _smb_fname);
2457 const char *name_str = NULL;
2458 uint32_t name_hash = 0;
2459 NTSTATUS status;
2460
2461 name_str = smb_fname_str_dbg(smb_fname_new);
2462 if (name_str == NULL) {
2463 TALLOC_FREE(frame);
2464 return NT_STATUS_NO_MEMORY;
2465 }
2466
2467 status = file_name_hash(fsp->conn,
2468 name_str,
2469 &name_hash);
2470 TALLOC_FREE(frame);
2471 name_str = NULL;
2472 if (!NT_STATUS_IS_OK(status)) {
2473 return status;
2474 }
2475
2476 status = fsp_smb_fname_link(fsp,
2477 &smb_fname_new->fsp_link,
2478 &smb_fname_new->fsp);
2479 if (!NT_STATUS_IS_OK(status)) {
2480 return status;
2481 }
2482
2483 fsp->name_hash = name_hash;
2484 fsp->fsp_name = smb_fname_new;
2485 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2486 *_smb_fname = NULL;
2487 return NT_STATUS_OK;
2488 }
2489
2490 /**
2491 * The only way that the fsp->fsp_name field should ever be set.
2492 */
2493 NTSTATUS fsp_set_smb_fname(struct files_struct *fsp,
2494 const struct smb_filename *smb_fname_in)
2495 {
2496 struct smb_filename *smb_fname_old = fsp->fsp_name;
2497 struct smb_filename *smb_fname_new = NULL;
2498 NTSTATUS status;
2499
2500 smb_fname_new = cp_smb_filename(fsp, smb_fname_in);
2501 if (smb_fname_new == NULL) {
2502 return NT_STATUS_NO_MEMORY;
2503 }
2504
2505 status = fsp_attach_smb_fname(fsp, &smb_fname_new);
2506 if (!NT_STATUS_IS_OK(status)) {
2507 TALLOC_FREE(smb_fname_new);
2508 return status;
2509 }
2510
2511 if (smb_fname_old != NULL) {
2512 smb_fname_fsp_unlink(smb_fname_old);
2513 TALLOC_FREE(smb_fname_old);
2514 }
2515
2516 return NT_STATUS_OK;
2517 }
2518
2519 size_t fsp_fullbasepath(struct files_struct *fsp, char *buf, size_t buflen)
2520 {
2521 int len = 0;
2522
2523 if ((buf == NULL) || (buflen == 0)) {
2524 return strlen(fsp->conn->connectpath) + 1 +
2525 strlen(fsp->fsp_name->base_name);
2526 }
2527
2528 len = snprintf(buf, buflen, "%s/%s", fsp->conn->connectpath,
2529 fsp->fsp_name->base_name);
2530 SMB_ASSERT(len>0);
2531
2532 return len;
2533 }
2534
2535 void fsp_set_base_fsp(struct files_struct *fsp, struct files_struct *base_fsp)
2536 {
2537 SMB_ASSERT(fsp->stream_fsp == NULL);
2538 if (base_fsp != NULL) {
2539 SMB_ASSERT(base_fsp->base_fsp == NULL);
2540 SMB_ASSERT(base_fsp->stream_fsp == NULL);
2541 }
2542
2543 if (fsp->base_fsp != NULL) {
2544 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
2545 fsp->base_fsp->stream_fsp = NULL;
2546 }
2547
2548 fsp->base_fsp = base_fsp;
2549 if (fsp->base_fsp != NULL) {
2550 fsp->base_fsp->stream_fsp = fsp;
2551 }
2552 }
2553
2554 bool fsp_is_alternate_stream(const struct files_struct *fsp)
2555 {
2556 return (fsp->base_fsp != NULL);
2557 }
2558
2559 struct files_struct *metadata_fsp(struct files_struct *fsp)
2560 {
2561 if (fsp_is_alternate_stream(fsp)) {
2562 return fsp->base_fsp;
2563 }
2564 return fsp;
2565 }
2566
2567 static bool fsp_generic_ask_sharemode(struct files_struct *fsp)
2568 {
2569 if (fsp == NULL) {
2570 return false;
2571 }
2572
2573 if (fsp->posix_flags & FSP_POSIX_FLAGS_PATHNAMES) {
2574 /* Always use filesystem for UNIX mtime query. */
2575 return false;
2576 }
2577
2578 return true;
2579 }
2580
2581 bool fsp_search_ask_sharemode(struct files_struct *fsp)
2582 {
2583 if (!fsp_generic_ask_sharemode(fsp)) {
2584 return false;
2585 }
2586
2587 return lp_smbd_search_ask_sharemode(SNUM(fsp->conn));
2588 }
2589
2590 bool fsp_getinfo_ask_sharemode(struct files_struct *fsp)
2591 {
2592 if (!fsp_generic_ask_sharemode(fsp)) {
2593 return false;
2594 }
2595
2596 return lp_smbd_getinfo_ask_sharemode(SNUM(fsp->conn));
2597 }
Samba GIT mirror