2 Unix SMB/CIFS implementation.
3 filename handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1999-2007
6 Copyright (C) Ying Chen 2000
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * New hash table stat cache code added by Ying Chen.
28 #include "system/filesys.h"
29 #include "fake_file.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
33 static NTSTATUS
build_stream_path(TALLOC_CTX
*mem_ctx
,
34 connection_struct
*conn
,
35 struct smb_filename
*smb_fname
);
37 /****************************************************************************
38 Mangle the 2nd name and check if it is then equal to the first name.
39 ****************************************************************************/
41 static bool mangled_equal(const char *name1
,
43 const struct share_params
*p
)
47 if (!name_to_8_3(name2
, mname
, False
, p
)) {
50 return strequal(name1
, mname
);
53 /****************************************************************************
54 Cope with the differing wildcard and non-wildcard error cases.
55 ****************************************************************************/
57 static NTSTATUS
determine_path_error(const char *name
,
58 bool allow_wcard_last_component
)
62 if (!allow_wcard_last_component
) {
63 /* Error code within a pathname. */
64 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
67 /* We're terminating here so we
68 * can be a little slower and get
69 * the error code right. Windows
70 * treats the last part of the pathname
71 * separately I think, so if the last
72 * component is a wildcard then we treat
73 * this ./ as "end of component" */
75 p
= strchr(name
, '/');
77 if (!p
&& (ms_has_wild(name
) || ISDOT(name
))) {
78 /* Error code at the end of a pathname. */
79 return NT_STATUS_OBJECT_NAME_INVALID
;
81 /* Error code within a pathname. */
82 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
86 static NTSTATUS
check_for_dot_component(const struct smb_filename
*smb_fname
)
88 /* Ensure we catch all names with in "/."
89 this is disallowed under Windows and
90 in POSIX they've already been removed. */
91 const char *p
= strstr(smb_fname
->base_name
, "/."); /*mb safe*/
94 /* Error code within a pathname. */
95 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
96 } else if (p
[2] == '\0') {
97 /* Error code at the end of a pathname. */
98 return NT_STATUS_OBJECT_NAME_INVALID
;
104 /****************************************************************************
105 Optimization for common case where the missing part
106 is in the last component and the client already
107 sent the correct case.
108 Returns NT_STATUS_OK to mean continue the tree walk
109 (possibly with modified start pointer).
110 Any other NT_STATUS_XXX error means terminate the path
112 ****************************************************************************/
114 static NTSTATUS
check_parent_exists(TALLOC_CTX
*ctx
,
115 connection_struct
*conn
,
116 bool posix_pathnames
,
117 const struct smb_filename
*smb_fname
,
121 struct smb_filename parent_fname
;
122 const char *last_component
= NULL
;
126 ZERO_STRUCT(parent_fname
);
127 if (!parent_dirname(ctx
, smb_fname
->base_name
,
128 &parent_fname
.base_name
,
130 return NT_STATUS_NO_MEMORY
;
134 * If there was no parent component in
135 * smb_fname->base_name of the parent name
136 * contained a wildcard then don't do this
139 if ((smb_fname
->base_name
== last_component
) ||
140 ms_has_wild(parent_fname
.base_name
)) {
144 if (posix_pathnames
) {
145 ret
= SMB_VFS_LSTAT(conn
, &parent_fname
);
147 ret
= SMB_VFS_STAT(conn
, &parent_fname
);
150 /* If the parent stat failed, just continue
151 with the normal tree walk. */
157 status
= check_for_dot_component(&parent_fname
);
158 if (!NT_STATUS_IS_OK(status
)) {
162 /* Parent exists - set "start" to be the
163 * last compnent to shorten the tree walk. */
166 * Safe to use discard_const_p
167 * here as last_component points
168 * into our smb_fname->base_name.
170 *pp_start
= discard_const_p(char, last_component
);
172 /* Update dirpath. */
173 TALLOC_FREE(*pp_dirpath
);
174 *pp_dirpath
= talloc_strdup(ctx
, parent_fname
.base_name
);
176 return NT_STATUS_NO_MEMORY
;
179 DEBUG(5,("check_parent_exists: name "
180 "= %s, dirpath = %s, "
182 smb_fname
->base_name
,
189 /****************************************************************************
190 This routine is called to convert names from the dos namespace to unix
191 namespace. It needs to handle any case conversions, mangling, format changes,
194 We assume that we have already done a chdir() to the right "root" directory
197 The function will return an NTSTATUS error if some part of the name except for
198 the last part cannot be resolved, else NT_STATUS_OK.
200 Note NT_STATUS_OK doesn't mean the name exists or is valid, just that we
201 didn't get any fatal errors that should immediately terminate the calling SMB
202 processing whilst resolving.
204 If the UCF_SAVE_LCOMP flag is passed in, then the unmodified last component
205 of the pathname is set in smb_filename->original_lcomp.
207 If UCF_ALWAYS_ALLOW_WCARD_LCOMP is passed in, then a MS wildcard was detected
208 and should be allowed in the last component of the path only.
210 If the orig_path was a stream, smb_filename->base_name will point to the base
211 filename, and smb_filename->stream_name will point to the stream name. If
212 orig_path was not a stream, then smb_filename->stream_name will be NULL.
214 On exit from unix_convert, the smb_filename->st stat struct will be populated
215 if the file exists and was found, if not this stat struct will be filled with
216 zeros (and this can be detected by checking for nlinks = 0, which can never be
218 ****************************************************************************/
220 NTSTATUS
unix_convert(TALLOC_CTX
*ctx
,
221 connection_struct
*conn
,
222 const char *orig_path
,
223 struct smb_filename
**smb_fname_out
,
226 struct smb_filename
*smb_fname
= NULL
;
228 char *dirpath
= NULL
;
230 bool component_was_mangled
= False
;
231 bool name_has_wildcard
= False
;
232 bool posix_pathnames
= false;
233 bool allow_wcard_last_component
=
234 (ucf_flags
& UCF_ALWAYS_ALLOW_WCARD_LCOMP
);
235 bool save_last_component
= ucf_flags
& UCF_SAVE_LCOMP
;
239 *smb_fname_out
= NULL
;
241 smb_fname
= talloc_zero(ctx
, struct smb_filename
);
242 if (smb_fname
== NULL
) {
243 return NT_STATUS_NO_MEMORY
;
247 /* we don't ever use the filenames on a printer share as a
248 filename - so don't convert them */
249 if (!(smb_fname
->base_name
= talloc_strdup(smb_fname
,
251 status
= NT_STATUS_NO_MEMORY
;
257 DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path
));
260 * Conversion to basic unix format is already done in
261 * check_path_syntax().
265 * Names must be relative to the root of the service - any leading /.
266 * and trailing /'s should have been trimmed by check_path_syntax().
270 SMB_ASSERT(*orig_path
!= '/');
274 * If we trimmed down to a single '\0' character
275 * then we should use the "." directory to avoid
276 * searching the cache, but not if we are in a
278 * As we know this is valid we can return true here.
282 if (!(smb_fname
->base_name
= talloc_strdup(smb_fname
, "."))) {
283 status
= NT_STATUS_NO_MEMORY
;
286 if (SMB_VFS_STAT(conn
, smb_fname
) != 0) {
287 status
= map_nt_error_from_unix(errno
);
290 DEBUG(5, ("conversion finished \"\" -> %s\n",
291 smb_fname
->base_name
));
295 if (orig_path
[0] == '.' && (orig_path
[1] == '/' ||
296 orig_path
[1] == '\0')) {
297 /* Start of pathname can't be "." only. */
298 if (orig_path
[1] == '\0' || orig_path
[2] == '\0') {
299 status
= NT_STATUS_OBJECT_NAME_INVALID
;
301 status
=determine_path_error(&orig_path
[2],
302 allow_wcard_last_component
);
307 /* Start with the full orig_path as given by the caller. */
308 if (!(smb_fname
->base_name
= talloc_strdup(smb_fname
, orig_path
))) {
309 DEBUG(0, ("talloc_strdup failed\n"));
310 status
= NT_STATUS_NO_MEMORY
;
315 * Large directory fix normalization. If we're case sensitive, and
316 * the case preserving parameters are set to "no", normalize the case of
317 * the incoming filename from the client WHETHER IT EXISTS OR NOT !
318 * This is in conflict with the current (3.0.20) man page, but is
319 * what people expect from the "large directory howto". I'll update
320 * the man page. Thanks to jht@samba.org for finding this. JRA.
323 if (conn
->case_sensitive
&& !conn
->case_preserve
&&
324 !conn
->short_case_preserve
) {
325 if (!strnorm(smb_fname
->base_name
, lp_default_case(SNUM(conn
)))) {
326 DEBUG(0, ("strnorm %s failed\n", smb_fname
->base_name
));
327 status
= NT_STATUS_INVALID_PARAMETER
;
333 * Ensure saved_last_component is valid even if file exists.
336 if(save_last_component
) {
337 end
= strrchr_m(smb_fname
->base_name
, '/');
339 smb_fname
->original_lcomp
= talloc_strdup(smb_fname
,
342 smb_fname
->original_lcomp
=
343 talloc_strdup(smb_fname
, smb_fname
->base_name
);
345 if (smb_fname
->original_lcomp
== NULL
) {
346 status
= NT_STATUS_NO_MEMORY
;
351 posix_pathnames
= (lp_posix_pathnames() ||
352 (ucf_flags
& UCF_POSIX_PATHNAMES
));
355 * Strip off the stream, and add it back when we're done with the
358 if (!posix_pathnames
) {
359 stream
= strchr_m(smb_fname
->base_name
, ':');
361 if (stream
!= NULL
) {
362 char *tmp
= talloc_strdup(smb_fname
, stream
);
364 status
= NT_STATUS_NO_MEMORY
;
368 * Since this is actually pointing into
369 * smb_fname->base_name this truncates base_name.
374 if (smb_fname
->base_name
[0] == '\0') {
376 * orig_name was just a stream name.
377 * This is a stream on the root of
378 * the share. Replace base_name with
381 smb_fname
->base_name
=
382 talloc_strdup(smb_fname
, ".");
383 if (smb_fname
->base_name
== NULL
) {
384 status
= NT_STATUS_NO_MEMORY
;
387 if (SMB_VFS_STAT(conn
, smb_fname
) != 0) {
388 status
= map_nt_error_from_unix(errno
);
391 /* dirpath must exist. */
392 dirpath
= talloc_strdup(ctx
,"");
393 if (dirpath
== NULL
) {
394 status
= NT_STATUS_NO_MEMORY
;
397 DEBUG(5, ("conversion finished %s -> %s\n",
399 smb_fname
->base_name
));
405 start
= smb_fname
->base_name
;
408 * If we're providing case insensitive semantics or
409 * the underlying filesystem is case insensitive,
410 * then a case-normalized hit in the stat-cache is
411 * authoratitive. JRA.
413 * Note: We're only checking base_name. The stream_name will be
414 * added and verified in build_stream_path().
417 if((!conn
->case_sensitive
|| !(conn
->fs_capabilities
&
418 FILE_CASE_SENSITIVE_SEARCH
)) &&
419 stat_cache_lookup(conn
, posix_pathnames
, &smb_fname
->base_name
, &dirpath
, &start
,
425 * Make sure "dirpath" is an allocated string, we use this for
426 * building the directories with talloc_asprintf and free it.
429 if ((dirpath
== NULL
) && (!(dirpath
= talloc_strdup(ctx
,"")))) {
430 DEBUG(0, ("talloc_strdup failed\n"));
431 status
= NT_STATUS_NO_MEMORY
;
436 * If we have a wildcard we must walk the path to
437 * find where the error is, even if case sensitive
441 name_has_wildcard
= ms_has_wild(smb_fname
->base_name
);
442 if (name_has_wildcard
&& !allow_wcard_last_component
) {
443 /* Wildcard not valid anywhere. */
444 status
= NT_STATUS_OBJECT_NAME_INVALID
;
448 DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
449 smb_fname
->base_name
, dirpath
, start
));
451 if (!name_has_wildcard
) {
453 * stat the name - if it exists then we can add the stream back (if
454 * there was one) and be done!
457 if (posix_pathnames
) {
458 ret
= SMB_VFS_LSTAT(conn
, smb_fname
);
460 ret
= SMB_VFS_STAT(conn
, smb_fname
);
464 status
= check_for_dot_component(smb_fname
);
465 if (!NT_STATUS_IS_OK(status
)) {
468 /* Add the path (not including the stream) to the cache. */
469 stat_cache_add(orig_path
, smb_fname
->base_name
,
470 conn
->case_sensitive
);
471 DEBUG(5,("conversion of base_name finished %s -> %s\n",
472 orig_path
, smb_fname
->base_name
));
476 /* Stat failed - ensure we don't use it. */
477 SET_STAT_INVALID(smb_fname
->st
);
479 if (errno
== ENOENT
) {
480 /* Optimization when creating a new file - only
481 the last component doesn't exist.
482 NOTE : check_parent_exists() doesn't preserve errno.
484 int saved_errno
= errno
;
485 status
= check_parent_exists(ctx
,
492 if (!NT_STATUS_IS_OK(status
)) {
498 * A special case - if we don't have any wildcards or mangling chars and are case
499 * sensitive or the underlying filesystem is case insensitive then searching
503 if ((conn
->case_sensitive
|| !(conn
->fs_capabilities
&
504 FILE_CASE_SENSITIVE_SEARCH
)) &&
505 !mangle_is_mangled(smb_fname
->base_name
, conn
->params
)) {
507 status
= check_for_dot_component(smb_fname
);
508 if (!NT_STATUS_IS_OK(status
)) {
513 * The stat failed. Could be ok as it could be
517 if (errno
== ENOTDIR
|| errno
== ELOOP
) {
518 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
520 } else if (errno
== ENOENT
) {
522 * Was it a missing last component ?
523 * or a missing intermediate component ?
525 struct smb_filename parent_fname
;
526 const char *last_component
= NULL
;
528 ZERO_STRUCT(parent_fname
);
529 if (!parent_dirname(ctx
, smb_fname
->base_name
,
530 &parent_fname
.base_name
,
532 status
= NT_STATUS_NO_MEMORY
;
535 if (posix_pathnames
) {
536 ret
= SMB_VFS_LSTAT(conn
, &parent_fname
);
538 ret
= SMB_VFS_STAT(conn
, &parent_fname
);
541 if (errno
== ENOTDIR
||
544 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
550 * Missing last component is ok - new file.
551 * Also deal with permission denied elsewhere.
552 * Just drop out to done.
559 * We have a wildcard in the pathname.
561 * Optimization for common case where the wildcard
562 * is in the last component and the client already
563 * sent the correct case.
564 * NOTE : check_parent_exists() doesn't preserve errno.
566 int saved_errno
= errno
;
567 status
= check_parent_exists(ctx
,
574 if (!NT_STATUS_IS_OK(status
)) {
580 * is_mangled() was changed to look at an entire pathname, not
581 * just a component. JRA.
584 if (mangle_is_mangled(start
, conn
->params
)) {
585 component_was_mangled
= True
;
589 * Now we need to recursively match the name against the real
590 * directory structure.
594 * Match each part of the path name separately, trying the names
595 * as is first, then trying to scan the directory for matching names.
598 for (; start
; start
= (end
?end
+1:(char *)NULL
)) {
600 * Pinpoint the end of this section of the filename.
602 /* mb safe. '/' can't be in any encoded char. */
603 end
= strchr(start
, '/');
606 * Chop the name at this point.
612 if (save_last_component
) {
613 TALLOC_FREE(smb_fname
->original_lcomp
);
614 smb_fname
->original_lcomp
= talloc_strdup(smb_fname
,
615 end
? end
+ 1 : start
);
616 if (!smb_fname
->original_lcomp
) {
617 DEBUG(0, ("talloc failed\n"));
618 status
= NT_STATUS_NO_MEMORY
;
623 /* The name cannot have a component of "." */
627 /* Error code at the end of a pathname. */
628 status
= NT_STATUS_OBJECT_NAME_INVALID
;
630 status
= determine_path_error(end
+1,
631 allow_wcard_last_component
);
636 /* The name cannot have a wildcard if it's not
637 the last component. */
639 name_has_wildcard
= ms_has_wild(start
);
641 /* Wildcards never valid within a pathname. */
642 if (name_has_wildcard
&& end
) {
643 status
= NT_STATUS_OBJECT_NAME_INVALID
;
647 /* Skip the stat call if it's a wildcard end. */
648 if (name_has_wildcard
) {
649 DEBUG(5,("Wildcard %s\n",start
));
654 * Check if the name exists up to this point.
657 if (posix_pathnames
) {
658 ret
= SMB_VFS_LSTAT(conn
, smb_fname
);
660 ret
= SMB_VFS_STAT(conn
, smb_fname
);
665 * It exists. it must either be a directory or this must
666 * be the last part of the path for it to be OK.
668 if (end
&& !S_ISDIR(smb_fname
->st
.st_ex_mode
)) {
670 * An intermediate part of the name isn't
673 DEBUG(5,("Not a dir %s\n",start
));
676 * We need to return the fact that the
677 * intermediate name resolution failed. This
678 * is used to return an error of ERRbadpath
679 * rather than ERRbadfile. Some Windows
680 * applications depend on the difference between
683 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
688 char *found_name
= NULL
;
690 /* Stat failed - ensure we don't use it. */
691 SET_STAT_INVALID(smb_fname
->st
);
694 * Reset errno so we can detect
695 * directory open errors.
700 * Try to find this part of the path in the directory.
703 if (name_has_wildcard
||
704 (get_real_filename(conn
, dirpath
, start
,
706 &found_name
) == -1)) {
711 * An intermediate part of the name
714 DEBUG(5,("Intermediate not found %s\n",
719 * We need to return the fact that the
720 * intermediate name resolution failed.
721 * This is used to return an error of
722 * ERRbadpath rather than ERRbadfile.
723 * Some Windows applications depend on
724 * the difference between these two
729 * ENOENT, ENOTDIR and ELOOP all map
730 * to NT_STATUS_OBJECT_PATH_NOT_FOUND
731 * in the filename walk.
734 if (errno
== ENOENT
||
738 NT_STATUS_OBJECT_PATH_NOT_FOUND
;
742 map_nt_error_from_unix(errno
);
748 * ENOENT/EACCESS are the only valid errors
752 if (errno
== EACCES
) {
753 if ((ucf_flags
& UCF_PREP_CREATEFILE
) == 0) {
754 status
= NT_STATUS_ACCESS_DENIED
;
758 * This is the dropbox
759 * behaviour. A dropbox is a
760 * directory with only -wx
762 * get_real_filename fails
763 * with EACCESS, it needs to
764 * list the directory. We
765 * nevertheless want to allow
766 * users creating a file.
772 if ((errno
!= 0) && (errno
!= ENOENT
)) {
774 * ENOTDIR and ELOOP both map to
775 * NT_STATUS_OBJECT_PATH_NOT_FOUND
776 * in the filename walk.
778 if (errno
== ENOTDIR
||
781 NT_STATUS_OBJECT_PATH_NOT_FOUND
;
784 map_nt_error_from_unix(errno
);
790 * Just the last part of the name doesn't exist.
791 * We need to strupper() or strlower() it as
792 * this conversion may be used for file creation
793 * purposes. Fix inspired by
794 * Thomas Neumann <t.neumann@iku-ag.de>.
796 if (!conn
->case_preserve
||
797 (mangle_is_8_3(start
, False
,
799 !conn
->short_case_preserve
)) {
801 lp_default_case(SNUM(conn
)))) {
802 DEBUG(0, ("strnorm %s failed\n",
804 status
= NT_STATUS_INVALID_PARAMETER
;
810 * check on the mangled stack to see if we can
811 * recover the base of the filename.
814 if (mangle_is_mangled(start
, conn
->params
)
815 && mangle_lookup_name_from_8_3(ctx
,
821 start
- smb_fname
->base_name
;
823 if (*dirpath
!= '\0') {
824 tmp
= talloc_asprintf(
827 TALLOC_FREE(unmangled
);
833 DEBUG(0, ("talloc failed\n"));
834 status
= NT_STATUS_NO_MEMORY
;
837 TALLOC_FREE(smb_fname
->base_name
);
838 smb_fname
->base_name
= tmp
;
840 smb_fname
->base_name
+ start_ofs
;
841 end
= start
+ strlen(start
);
844 DEBUG(5,("New file %s\n",start
));
850 * Restore the rest of the string. If the string was
851 * mangled the size may have changed.
856 start
- smb_fname
->base_name
;
858 if (*dirpath
!= '\0') {
859 tmp
= talloc_asprintf(smb_fname
,
864 tmp
= talloc_asprintf(smb_fname
,
869 DEBUG(0, ("talloc_asprintf failed\n"));
870 status
= NT_STATUS_NO_MEMORY
;
873 TALLOC_FREE(smb_fname
->base_name
);
874 smb_fname
->base_name
= tmp
;
875 start
= smb_fname
->base_name
+ start_ofs
;
876 end
= start
+ strlen(found_name
);
881 start
- smb_fname
->base_name
;
883 if (*dirpath
!= '\0') {
884 tmp
= talloc_asprintf(smb_fname
,
888 tmp
= talloc_strdup(smb_fname
,
892 DEBUG(0, ("talloc failed\n"));
893 status
= NT_STATUS_NO_MEMORY
;
896 TALLOC_FREE(smb_fname
->base_name
);
897 smb_fname
->base_name
= tmp
;
898 start
= smb_fname
->base_name
+ start_ofs
;
901 * We just scanned for, and found the end of
902 * the path. We must return a valid stat struct
906 if (posix_pathnames
) {
907 ret
= SMB_VFS_LSTAT(conn
, smb_fname
);
909 ret
= SMB_VFS_STAT(conn
, smb_fname
);
913 SET_STAT_INVALID(smb_fname
->st
);
917 TALLOC_FREE(found_name
);
923 * We should never provide different behaviors
924 * depending on DEVELOPER!!!
926 if (VALID_STAT(smb_fname
->st
)) {
930 status
= file_name_hash(conn
,
931 smb_fname_str_dbg(smb_fname
),
933 if (!NT_STATUS_IS_OK(status
)) {
937 get_file_infos(vfs_file_id_from_sbuf(conn
,
940 &delete_pending
, NULL
);
941 if (delete_pending
) {
942 status
= NT_STATUS_DELETE_PENDING
;
949 * Add to the dirpath that we have resolved so far.
952 if (*dirpath
!= '\0') {
953 char *tmp
= talloc_asprintf(ctx
,
954 "%s/%s", dirpath
, start
);
956 DEBUG(0, ("talloc_asprintf failed\n"));
957 status
= NT_STATUS_NO_MEMORY
;
960 TALLOC_FREE(dirpath
);
964 TALLOC_FREE(dirpath
);
965 if (!(dirpath
= talloc_strdup(ctx
,start
))) {
966 DEBUG(0, ("talloc_strdup failed\n"));
967 status
= NT_STATUS_NO_MEMORY
;
973 * Cache the dirpath thus far. Don't cache a name with mangled
974 * or wildcard components as this can change the size.
976 if(!component_was_mangled
&& !name_has_wildcard
) {
977 stat_cache_add(orig_path
, dirpath
,
978 conn
->case_sensitive
);
982 * Restore the / that we wiped out earlier.
990 * Cache the full path. Don't cache a name with mangled or wildcard
991 * components as this can change the size.
994 if(!component_was_mangled
&& !name_has_wildcard
) {
995 stat_cache_add(orig_path
, smb_fname
->base_name
,
996 conn
->case_sensitive
);
1000 * The name has been resolved.
1003 DEBUG(5,("conversion finished %s -> %s\n", orig_path
,
1004 smb_fname
->base_name
));
1007 /* Add back the stream if one was stripped off originally. */
1008 if (stream
!= NULL
) {
1009 smb_fname
->stream_name
= stream
;
1011 /* Check path now that the base_name has been converted. */
1012 status
= build_stream_path(ctx
, conn
, smb_fname
);
1013 if (!NT_STATUS_IS_OK(status
)) {
1017 TALLOC_FREE(dirpath
);
1018 *smb_fname_out
= smb_fname
;
1019 return NT_STATUS_OK
;
1021 DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath
, start
));
1022 if (dirpath
&& *dirpath
!= '\0') {
1023 smb_fname
->base_name
= talloc_asprintf(smb_fname
, "%s/%s",
1026 smb_fname
->base_name
= talloc_strdup(smb_fname
, start
);
1028 if (!smb_fname
->base_name
) {
1029 DEBUG(0, ("talloc_asprintf failed\n"));
1030 status
= NT_STATUS_NO_MEMORY
;
1034 *smb_fname_out
= smb_fname
;
1035 TALLOC_FREE(dirpath
);
1038 TALLOC_FREE(smb_fname
);
1042 /****************************************************************************
1043 Ensure a path is not vetod.
1044 ****************************************************************************/
1046 NTSTATUS
check_veto_path(connection_struct
*conn
, const char *name
)
1048 if (IS_VETO_PATH(conn
, name
)) {
1049 /* Is it not dot or dot dot. */
1050 if (!(ISDOT(name
) || ISDOTDOT(name
))) {
1051 DEBUG(5,("check_veto_path: file path name %s vetoed\n",
1053 return map_nt_error_from_unix(ENOENT
);
1056 return NT_STATUS_OK
;
1059 /****************************************************************************
1060 Check a filename - possibly calling check_reduced_name.
1061 This is called by every routine before it allows an operation on a filename.
1062 It does any final confirmation necessary to ensure that the filename is
1063 a valid one for the user to access.
1064 ****************************************************************************/
1066 NTSTATUS
check_name(connection_struct
*conn
, const char *name
)
1068 NTSTATUS status
= check_veto_path(conn
, name
);
1070 if (!NT_STATUS_IS_OK(status
)) {
1074 if (!lp_widelinks(SNUM(conn
)) || !lp_follow_symlinks(SNUM(conn
))) {
1075 status
= check_reduced_name(conn
,name
);
1076 if (!NT_STATUS_IS_OK(status
)) {
1077 DEBUG(5,("check_name: name %s failed with %s\n",name
,
1078 nt_errstr(status
)));
1083 return NT_STATUS_OK
;
1086 /****************************************************************************
1087 Must be called as root. Creates the struct privilege_paths
1088 attached to the struct smb_request if this call is successful.
1089 ****************************************************************************/
1091 static NTSTATUS
check_name_with_privilege(connection_struct
*conn
,
1092 struct smb_request
*smbreq
,
1095 NTSTATUS status
= check_veto_path(conn
, name
);
1097 if (!NT_STATUS_IS_OK(status
)) {
1100 return check_reduced_name_with_privilege(conn
,
1105 /****************************************************************************
1106 Check if two filenames are equal.
1107 This needs to be careful about whether we are case sensitive.
1108 ****************************************************************************/
1110 static bool fname_equal(const char *name1
, const char *name2
,
1111 bool case_sensitive
)
1113 /* Normal filename handling */
1114 if (case_sensitive
) {
1115 return(strcmp(name1
,name2
) == 0);
1118 return(strequal(name1
,name2
));
1121 /****************************************************************************
1122 Scan a directory to find a filename, matching without case sensitivity.
1123 If the name looks like a mangled name then try via the mangling functions
1124 ****************************************************************************/
1126 static int get_real_filename_full_scan(connection_struct
*conn
,
1127 const char *path
, const char *name
,
1129 TALLOC_CTX
*mem_ctx
, char **found_name
)
1131 struct smb_Dir
*cur_dir
;
1132 const char *dname
= NULL
;
1133 char *talloced
= NULL
;
1134 char *unmangled_name
= NULL
;
1137 /* handle null paths */
1138 if ((path
== NULL
) || (*path
== 0)) {
1142 /* If we have a case-sensitive filesystem, it doesn't do us any
1143 * good to search for a name. If a case variation of the name was
1144 * there, then the original stat(2) would have found it.
1146 if (!mangled
&& !(conn
->fs_capabilities
& FILE_CASE_SENSITIVE_SEARCH
)) {
1152 * The incoming name can be mangled, and if we de-mangle it
1153 * here it will not compare correctly against the filename (name2)
1154 * read from the directory and then mangled by the name_to_8_3()
1155 * call. We need to mangle both names or neither.
1158 * Fix for bug found by Dina Fine. If in case sensitive mode then
1159 * the mangle cache is no good (3 letter extension could be wrong
1160 * case - so don't demangle in this case - leave as mangled and
1161 * allow the mangling of the directory entry read (which is done
1162 * case insensitively) to match instead. This will lead to more
1163 * false positive matches but we fail completely without it. JRA.
1166 if (mangled
&& !conn
->case_sensitive
) {
1167 mangled
= !mangle_lookup_name_from_8_3(talloc_tos(), name
,
1171 /* Name is now unmangled. */
1172 name
= unmangled_name
;
1176 /* open the directory */
1177 if (!(cur_dir
= OpenDir(talloc_tos(), conn
, path
, NULL
, 0))) {
1178 DEBUG(3,("scan dir didn't open dir [%s]\n",path
));
1179 TALLOC_FREE(unmangled_name
);
1183 /* now scan for matching names */
1185 while ((dname
= ReadDirName(cur_dir
, &curpos
, NULL
, &talloced
))) {
1187 /* Is it dot or dot dot. */
1188 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
1189 TALLOC_FREE(talloced
);
1194 * At this point dname is the unmangled name.
1195 * name is either mangled or not, depending on the state
1196 * of the "mangled" variable. JRA.
1200 * Check mangled name against mangled name, or unmangled name
1201 * against unmangled name.
1204 if ((mangled
&& mangled_equal(name
,dname
,conn
->params
)) ||
1205 fname_equal(name
, dname
, conn
->case_sensitive
)) {
1206 /* we've found the file, change it's name and return */
1207 *found_name
= talloc_strdup(mem_ctx
, dname
);
1208 TALLOC_FREE(unmangled_name
);
1209 TALLOC_FREE(cur_dir
);
1212 TALLOC_FREE(talloced
);
1215 TALLOC_FREE(talloced
);
1218 TALLOC_FREE(talloced
);
1221 TALLOC_FREE(unmangled_name
);
1222 TALLOC_FREE(cur_dir
);
1227 /****************************************************************************
1228 Wrapper around the vfs get_real_filename and the full directory scan
1230 ****************************************************************************/
1232 int get_real_filename(connection_struct
*conn
, const char *path
,
1233 const char *name
, TALLOC_CTX
*mem_ctx
,
1239 mangled
= mangle_is_mangled(name
, conn
->params
);
1242 return get_real_filename_full_scan(conn
, path
, name
, mangled
,
1243 mem_ctx
, found_name
);
1246 /* Try the vfs first to take advantage of case-insensitive stat. */
1247 ret
= SMB_VFS_GET_REAL_FILENAME(conn
, path
, name
, mem_ctx
, found_name
);
1250 * If the case-insensitive stat was successful, or returned an error
1251 * other than EOPNOTSUPP then there is no need to fall back on the
1252 * full directory scan.
1254 if (ret
== 0 || (ret
== -1 && errno
!= EOPNOTSUPP
)) {
1258 return get_real_filename_full_scan(conn
, path
, name
, mangled
, mem_ctx
,
1262 static NTSTATUS
build_stream_path(TALLOC_CTX
*mem_ctx
,
1263 connection_struct
*conn
,
1264 struct smb_filename
*smb_fname
)
1267 unsigned int i
, num_streams
= 0;
1268 struct stream_struct
*streams
= NULL
;
1270 if (SMB_VFS_STAT(conn
, smb_fname
) == 0) {
1271 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname
)));
1272 return NT_STATUS_OK
;
1275 if (errno
!= ENOENT
) {
1276 DEBUG(10, ("vfs_stat failed: %s\n", strerror(errno
)));
1277 status
= map_nt_error_from_unix(errno
);
1281 /* Fall back to a case-insensitive scan of all streams on the file. */
1282 status
= vfs_streaminfo(conn
, NULL
, smb_fname
->base_name
, mem_ctx
,
1283 &num_streams
, &streams
);
1285 if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
1286 SET_STAT_INVALID(smb_fname
->st
);
1287 return NT_STATUS_OK
;
1290 if (!NT_STATUS_IS_OK(status
)) {
1291 DEBUG(10, ("vfs_streaminfo failed: %s\n", nt_errstr(status
)));
1295 for (i
=0; i
<num_streams
; i
++) {
1296 DEBUG(10, ("comparing [%s] and [%s]: ",
1297 smb_fname
->stream_name
, streams
[i
].name
));
1298 if (fname_equal(smb_fname
->stream_name
, streams
[i
].name
,
1299 conn
->case_sensitive
)) {
1300 DEBUGADD(10, ("equal\n"));
1303 DEBUGADD(10, ("not equal\n"));
1306 /* Couldn't find the stream. */
1307 if (i
== num_streams
) {
1308 SET_STAT_INVALID(smb_fname
->st
);
1309 TALLOC_FREE(streams
);
1310 return NT_STATUS_OK
;
1313 DEBUG(10, ("case insensitive stream. requested: %s, actual: %s\n",
1314 smb_fname
->stream_name
, streams
[i
].name
));
1317 TALLOC_FREE(smb_fname
->stream_name
);
1318 smb_fname
->stream_name
= talloc_strdup(smb_fname
, streams
[i
].name
);
1319 if (smb_fname
->stream_name
== NULL
) {
1320 status
= NT_STATUS_NO_MEMORY
;
1324 SET_STAT_INVALID(smb_fname
->st
);
1326 if (SMB_VFS_STAT(conn
, smb_fname
) == 0) {
1327 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname
)));
1329 status
= NT_STATUS_OK
;
1331 TALLOC_FREE(streams
);
1336 * Go through all the steps to validate a filename.
1338 * @param ctx talloc_ctx to allocate memory with.
1339 * @param conn connection struct for vfs calls.
1340 * @param dfs_path Whether this path requires dfs resolution.
1341 * @param smbreq SMB request if we're using privileges.
1342 * @param name_in The unconverted name.
1343 * @param ucf_flags flags to pass through to unix_convert().
1344 * UCF_ALWAYS_ALLOW_WCARD_LCOMP will be OR'd in if
1345 * p_cont_wcard != NULL and is true and
1346 * UCF_COND_ALLOW_WCARD_LCOMP.
1347 * @param p_cont_wcard If not NULL, will be set to true if the dfs path
1348 * resolution detects a wildcard.
1349 * @param pp_smb_fname The final converted name will be allocated if the
1350 * return is NT_STATUS_OK.
1352 * @return NT_STATUS_OK if all operations completed succesfully, appropriate
1355 static NTSTATUS
filename_convert_internal(TALLOC_CTX
*ctx
,
1356 connection_struct
*conn
,
1358 struct smb_request
*smbreq
,
1359 const char *name_in
,
1361 bool *ppath_contains_wcard
,
1362 struct smb_filename
**pp_smb_fname
)
1365 bool allow_wcards
= (ucf_flags
& (UCF_COND_ALLOW_WCARD_LCOMP
|UCF_ALWAYS_ALLOW_WCARD_LCOMP
));
1368 *pp_smb_fname
= NULL
;
1370 status
= resolve_dfspath_wcard(ctx
, conn
,
1374 !conn
->sconn
->using_smb2
,
1376 ppath_contains_wcard
);
1377 if (!NT_STATUS_IS_OK(status
)) {
1378 DEBUG(10,("filename_convert_internal: resolve_dfspath failed "
1379 "for name %s with %s\n",
1381 nt_errstr(status
) ));
1385 if (is_fake_file_path(name_in
)) {
1389 *pp_smb_fname
= synthetic_smb_fname_split(ctx
,
1392 if (*pp_smb_fname
== NULL
) {
1393 return NT_STATUS_NO_MEMORY
;
1395 return NT_STATUS_OK
;
1399 * If the caller conditionally allows wildcard lookups, only add the
1400 * always allow if the path actually does contain a wildcard.
1402 if (ucf_flags
& UCF_COND_ALLOW_WCARD_LCOMP
&&
1403 ppath_contains_wcard
!= NULL
&& *ppath_contains_wcard
) {
1404 ucf_flags
|= UCF_ALWAYS_ALLOW_WCARD_LCOMP
;
1407 status
= unix_convert(ctx
, conn
, fname
, pp_smb_fname
, ucf_flags
);
1408 if (!NT_STATUS_IS_OK(status
)) {
1409 DEBUG(10,("filename_convert_internal: unix_convert failed "
1410 "for name %s with %s\n",
1412 nt_errstr(status
) ));
1416 if ((ucf_flags
& UCF_UNIX_NAME_LOOKUP
) &&
1417 VALID_STAT((*pp_smb_fname
)->st
) &&
1418 S_ISLNK((*pp_smb_fname
)->st
.st_ex_mode
)) {
1419 return check_veto_path(conn
, (*pp_smb_fname
)->base_name
);
1423 status
= check_name(conn
, (*pp_smb_fname
)->base_name
);
1425 status
= check_name_with_privilege(conn
, smbreq
, (*pp_smb_fname
)->base_name
);
1427 if (!NT_STATUS_IS_OK(status
)) {
1428 DEBUG(3,("filename_convert_internal: check_name failed "
1429 "for name %s with %s\n",
1430 smb_fname_str_dbg(*pp_smb_fname
),
1431 nt_errstr(status
) ));
1432 TALLOC_FREE(*pp_smb_fname
);
1440 * Go through all the steps to validate a filename.
1444 NTSTATUS
filename_convert(TALLOC_CTX
*ctx
,
1445 connection_struct
*conn
,
1447 const char *name_in
,
1449 bool *ppath_contains_wcard
,
1450 struct smb_filename
**pp_smb_fname
)
1452 return filename_convert_internal(ctx
,
1458 ppath_contains_wcard
,
1463 * Go through all the steps to validate a filename.
1464 * root (privileged) version.
1467 NTSTATUS
filename_convert_with_privilege(TALLOC_CTX
*ctx
,
1468 connection_struct
*conn
,
1469 struct smb_request
*smbreq
,
1470 const char *name_in
,
1472 bool *ppath_contains_wcard
,
1473 struct smb_filename
**pp_smb_fname
)
1475 return filename_convert_internal(ctx
,
1477 smbreq
->flags2
& FLAGS2_DFS_PATHNAMES
,
1481 ppath_contains_wcard
,