s3:smbd: s/struct timed_event/struct tevent_timer
[Samba/gebeck_regimport.git] / source3 / smbd / filename.c
blob0be566f8975406fb6299d1f8ae55cec030062d79
1 /*
2 Unix SMB/CIFS implementation.
3 filename handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 1999-2007
6 Copyright (C) Ying Chen 2000
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * New hash table stat cache code added by Ying Chen.
27 #include "includes.h"
28 #include "system/filesys.h"
29 #include "fake_file.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
33 static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
34 connection_struct *conn,
35 const char *orig_path,
36 struct smb_filename *smb_fname);
38 /****************************************************************************
39 Mangle the 2nd name and check if it is then equal to the first name.
40 ****************************************************************************/
42 static bool mangled_equal(const char *name1,
43 const char *name2,
44 const struct share_params *p)
46 char mname[13];
48 if (!name_to_8_3(name2, mname, False, p)) {
49 return False;
51 return strequal(name1, mname);
54 /****************************************************************************
55 Cope with the differing wildcard and non-wildcard error cases.
56 ****************************************************************************/
58 static NTSTATUS determine_path_error(const char *name,
59 bool allow_wcard_last_component)
61 const char *p;
63 if (!allow_wcard_last_component) {
64 /* Error code within a pathname. */
65 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
68 /* We're terminating here so we
69 * can be a little slower and get
70 * the error code right. Windows
71 * treats the last part of the pathname
72 * separately I think, so if the last
73 * component is a wildcard then we treat
74 * this ./ as "end of component" */
76 p = strchr(name, '/');
78 if (!p && (ms_has_wild(name) || ISDOT(name))) {
79 /* Error code at the end of a pathname. */
80 return NT_STATUS_OBJECT_NAME_INVALID;
81 } else {
82 /* Error code within a pathname. */
83 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
87 static NTSTATUS check_for_dot_component(const struct smb_filename *smb_fname)
89 /* Ensure we catch all names with in "/."
90 this is disallowed under Windows and
91 in POSIX they've already been removed. */
92 const char *p = strstr(smb_fname->base_name, "/."); /*mb safe*/
93 if (p) {
94 if (p[2] == '/') {
95 /* Error code within a pathname. */
96 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
97 } else if (p[2] == '\0') {
98 /* Error code at the end of a pathname. */
99 return NT_STATUS_OBJECT_NAME_INVALID;
102 return NT_STATUS_OK;
105 /****************************************************************************
106 Optimization for common case where the missing part
107 is in the last component and the client already
108 sent the correct case.
109 Returns NT_STATUS_OK to mean continue the tree walk
110 (possibly with modified start pointer).
111 Any other NT_STATUS_XXX error means terminate the path
112 lookup here.
113 ****************************************************************************/
115 static NTSTATUS check_parent_exists(TALLOC_CTX *ctx,
116 connection_struct *conn,
117 bool posix_pathnames,
118 const struct smb_filename *smb_fname,
119 char **pp_dirpath,
120 char **pp_start)
122 struct smb_filename parent_fname;
123 const char *last_component = NULL;
124 NTSTATUS status;
125 int ret;
127 ZERO_STRUCT(parent_fname);
128 if (!parent_dirname(ctx, smb_fname->base_name,
129 &parent_fname.base_name,
130 &last_component)) {
131 return NT_STATUS_NO_MEMORY;
135 * If there was no parent component in
136 * smb_fname->base_name of the parent name
137 * contained a wildcard then don't do this
138 * optimization.
140 if ((smb_fname->base_name == last_component) ||
141 ms_has_wild(parent_fname.base_name)) {
142 return NT_STATUS_OK;
145 if (posix_pathnames) {
146 ret = SMB_VFS_LSTAT(conn, &parent_fname);
147 } else {
148 ret = SMB_VFS_STAT(conn, &parent_fname);
151 /* If the parent stat failed, just continue
152 with the normal tree walk. */
154 if (ret == -1) {
155 return NT_STATUS_OK;
158 status = check_for_dot_component(&parent_fname);
159 if (!NT_STATUS_IS_OK(status)) {
160 return status;
163 /* Parent exists - set "start" to be the
164 * last compnent to shorten the tree walk. */
167 * Safe to use discard_const_p
168 * here as last_component points
169 * into our smb_fname->base_name.
171 *pp_start = discard_const_p(char, last_component);
173 /* Update dirpath. */
174 TALLOC_FREE(*pp_dirpath);
175 *pp_dirpath = talloc_strdup(ctx, parent_fname.base_name);
176 if (!*pp_dirpath) {
177 return NT_STATUS_NO_MEMORY;
180 DEBUG(5,("check_parent_exists: name "
181 "= %s, dirpath = %s, "
182 "start = %s\n",
183 smb_fname->base_name,
184 *pp_dirpath,
185 *pp_start));
187 return NT_STATUS_OK;
190 /****************************************************************************
191 This routine is called to convert names from the dos namespace to unix
192 namespace. It needs to handle any case conversions, mangling, format changes,
193 streams etc.
195 We assume that we have already done a chdir() to the right "root" directory
196 for this service.
198 The function will return an NTSTATUS error if some part of the name except for
199 the last part cannot be resolved, else NT_STATUS_OK.
201 Note NT_STATUS_OK doesn't mean the name exists or is valid, just that we
202 didn't get any fatal errors that should immediately terminate the calling SMB
203 processing whilst resolving.
205 If the UCF_SAVE_LCOMP flag is passed in, then the unmodified last component
206 of the pathname is set in smb_filename->original_lcomp.
208 If UCF_ALWAYS_ALLOW_WCARD_LCOMP is passed in, then a MS wildcard was detected
209 and should be allowed in the last component of the path only.
211 If the orig_path was a stream, smb_filename->base_name will point to the base
212 filename, and smb_filename->stream_name will point to the stream name. If
213 orig_path was not a stream, then smb_filename->stream_name will be NULL.
215 On exit from unix_convert, the smb_filename->st stat struct will be populated
216 if the file exists and was found, if not this stat struct will be filled with
217 zeros (and this can be detected by checking for nlinks = 0, which can never be
218 true for any file).
219 ****************************************************************************/
221 NTSTATUS unix_convert(TALLOC_CTX *ctx,
222 connection_struct *conn,
223 const char *orig_path,
224 struct smb_filename **smb_fname_out,
225 uint32_t ucf_flags)
227 struct smb_filename *smb_fname = NULL;
228 char *start, *end;
229 char *dirpath = NULL;
230 char *stream = NULL;
231 bool component_was_mangled = False;
232 bool name_has_wildcard = False;
233 bool posix_pathnames = false;
234 bool allow_wcard_last_component =
235 (ucf_flags & UCF_ALWAYS_ALLOW_WCARD_LCOMP);
236 bool save_last_component = ucf_flags & UCF_SAVE_LCOMP;
237 NTSTATUS status;
238 int ret = -1;
240 *smb_fname_out = NULL;
242 smb_fname = talloc_zero(ctx, struct smb_filename);
243 if (smb_fname == NULL) {
244 return NT_STATUS_NO_MEMORY;
247 if (conn->printer) {
248 /* we don't ever use the filenames on a printer share as a
249 filename - so don't convert them */
250 if (!(smb_fname->base_name = talloc_strdup(smb_fname,
251 orig_path))) {
252 status = NT_STATUS_NO_MEMORY;
253 goto err;
255 goto done;
258 DEBUG(5, ("unix_convert called on file \"%s\"\n", orig_path));
261 * Conversion to basic unix format is already done in
262 * check_path_syntax().
266 * Names must be relative to the root of the service - any leading /.
267 * and trailing /'s should have been trimmed by check_path_syntax().
270 #ifdef DEVELOPER
271 SMB_ASSERT(*orig_path != '/');
272 #endif
275 * If we trimmed down to a single '\0' character
276 * then we should use the "." directory to avoid
277 * searching the cache, but not if we are in a
278 * printing share.
279 * As we know this is valid we can return true here.
282 if (!*orig_path) {
283 if (!(smb_fname->base_name = talloc_strdup(smb_fname, "."))) {
284 status = NT_STATUS_NO_MEMORY;
285 goto err;
287 if (SMB_VFS_STAT(conn, smb_fname) != 0) {
288 status = map_nt_error_from_unix(errno);
289 goto err;
291 DEBUG(5, ("conversion finished \"\" -> %s\n",
292 smb_fname->base_name));
293 goto done;
296 if (orig_path[0] == '.' && (orig_path[1] == '/' ||
297 orig_path[1] == '\0')) {
298 /* Start of pathname can't be "." only. */
299 if (orig_path[1] == '\0' || orig_path[2] == '\0') {
300 status = NT_STATUS_OBJECT_NAME_INVALID;
301 } else {
302 status =determine_path_error(&orig_path[2],
303 allow_wcard_last_component);
305 goto err;
308 /* Start with the full orig_path as given by the caller. */
309 if (!(smb_fname->base_name = talloc_strdup(smb_fname, orig_path))) {
310 DEBUG(0, ("talloc_strdup failed\n"));
311 status = NT_STATUS_NO_MEMORY;
312 goto err;
316 * Large directory fix normalization. If we're case sensitive, and
317 * the case preserving parameters are set to "no", normalize the case of
318 * the incoming filename from the client WHETHER IT EXISTS OR NOT !
319 * This is in conflict with the current (3.0.20) man page, but is
320 * what people expect from the "large directory howto". I'll update
321 * the man page. Thanks to jht@samba.org for finding this. JRA.
324 if (conn->case_sensitive && !conn->case_preserve &&
325 !conn->short_case_preserve) {
326 if (!strnorm(smb_fname->base_name, lp_defaultcase(SNUM(conn)))) {
327 DEBUG(0, ("strnorm %s failed\n", smb_fname->base_name));
328 status = NT_STATUS_INVALID_PARAMETER;
329 goto err;
334 * Ensure saved_last_component is valid even if file exists.
337 if(save_last_component) {
338 end = strrchr_m(smb_fname->base_name, '/');
339 if (end) {
340 smb_fname->original_lcomp = talloc_strdup(smb_fname,
341 end + 1);
342 } else {
343 smb_fname->original_lcomp =
344 talloc_strdup(smb_fname, smb_fname->base_name);
346 if (smb_fname->original_lcomp == NULL) {
347 status = NT_STATUS_NO_MEMORY;
348 goto err;
352 posix_pathnames = (lp_posix_pathnames() ||
353 (ucf_flags & UCF_POSIX_PATHNAMES));
356 * Strip off the stream, and add it back when we're done with the
357 * base_name.
359 if (!posix_pathnames) {
360 stream = strchr_m(smb_fname->base_name, ':');
362 if (stream != NULL) {
363 char *tmp = talloc_strdup(smb_fname, stream);
364 if (tmp == NULL) {
365 status = NT_STATUS_NO_MEMORY;
366 goto err;
369 * Since this is actually pointing into
370 * smb_fname->base_name this truncates base_name.
372 *stream = '\0';
373 stream = tmp;
377 start = smb_fname->base_name;
380 * If we're providing case insensitive semantics or
381 * the underlying filesystem is case insensitive,
382 * then a case-normalized hit in the stat-cache is
383 * authoratitive. JRA.
385 * Note: We're only checking base_name. The stream_name will be
386 * added and verified in build_stream_path().
389 if((!conn->case_sensitive || !(conn->fs_capabilities &
390 FILE_CASE_SENSITIVE_SEARCH)) &&
391 stat_cache_lookup(conn, posix_pathnames, &smb_fname->base_name, &dirpath, &start,
392 &smb_fname->st)) {
393 goto done;
397 * Make sure "dirpath" is an allocated string, we use this for
398 * building the directories with talloc_asprintf and free it.
401 if ((dirpath == NULL) && (!(dirpath = talloc_strdup(ctx,"")))) {
402 DEBUG(0, ("talloc_strdup failed\n"));
403 status = NT_STATUS_NO_MEMORY;
404 goto err;
408 * If we have a wildcard we must walk the path to
409 * find where the error is, even if case sensitive
410 * is true.
413 name_has_wildcard = ms_has_wild(smb_fname->base_name);
414 if (name_has_wildcard && !allow_wcard_last_component) {
415 /* Wildcard not valid anywhere. */
416 status = NT_STATUS_OBJECT_NAME_INVALID;
417 goto fail;
420 DEBUG(5,("unix_convert begin: name = %s, dirpath = %s, start = %s\n",
421 smb_fname->base_name, dirpath, start));
423 if (!name_has_wildcard) {
425 * stat the name - if it exists then we can add the stream back (if
426 * there was one) and be done!
429 if (posix_pathnames) {
430 ret = SMB_VFS_LSTAT(conn, smb_fname);
431 } else {
432 ret = SMB_VFS_STAT(conn, smb_fname);
435 if (ret == 0) {
436 status = check_for_dot_component(smb_fname);
437 if (!NT_STATUS_IS_OK(status)) {
438 goto fail;
440 /* Add the path (not including the stream) to the cache. */
441 stat_cache_add(orig_path, smb_fname->base_name,
442 conn->case_sensitive);
443 DEBUG(5,("conversion of base_name finished %s -> %s\n",
444 orig_path, smb_fname->base_name));
445 goto done;
448 /* Stat failed - ensure we don't use it. */
449 SET_STAT_INVALID(smb_fname->st);
451 if (errno == ENOENT) {
452 /* Optimization when creating a new file - only
453 the last component doesn't exist. */
454 status = check_parent_exists(ctx,
455 conn,
456 posix_pathnames,
457 smb_fname,
458 &dirpath,
459 &start);
460 if (!NT_STATUS_IS_OK(status)) {
461 goto fail;
466 * A special case - if we don't have any wildcards or mangling chars and are case
467 * sensitive or the underlying filesystem is case insensitive then searching
468 * won't help.
471 if ((conn->case_sensitive || !(conn->fs_capabilities &
472 FILE_CASE_SENSITIVE_SEARCH)) &&
473 !mangle_is_mangled(smb_fname->base_name, conn->params)) {
475 status = check_for_dot_component(smb_fname);
476 if (!NT_STATUS_IS_OK(status)) {
477 goto fail;
481 * The stat failed. Could be ok as it could be
482 * a new file.
485 if (errno == ENOTDIR || errno == ELOOP) {
486 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
487 goto fail;
488 } else if (errno == ENOENT) {
490 * Was it a missing last component ?
491 * or a missing intermediate component ?
493 struct smb_filename parent_fname;
494 const char *last_component = NULL;
496 ZERO_STRUCT(parent_fname);
497 if (!parent_dirname(ctx, smb_fname->base_name,
498 &parent_fname.base_name,
499 &last_component)) {
500 status = NT_STATUS_NO_MEMORY;
501 goto fail;
503 if (posix_pathnames) {
504 ret = SMB_VFS_LSTAT(conn, &parent_fname);
505 } else {
506 ret = SMB_VFS_STAT(conn, &parent_fname);
508 if (ret == -1) {
509 if (errno == ENOTDIR ||
510 errno == ENOENT ||
511 errno == ELOOP) {
512 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
513 goto fail;
518 * Missing last component is ok - new file.
519 * Also deal with permission denied elsewhere.
520 * Just drop out to done.
522 goto done;
525 } else {
527 * We have a wildcard in the pathname.
529 * Optimization for common case where the wildcard
530 * is in the last component and the client already
531 * sent the correct case.
533 status = check_parent_exists(ctx,
534 conn,
535 posix_pathnames,
536 smb_fname,
537 &dirpath,
538 &start);
539 if (!NT_STATUS_IS_OK(status)) {
540 goto fail;
545 * is_mangled() was changed to look at an entire pathname, not
546 * just a component. JRA.
549 if (mangle_is_mangled(start, conn->params)) {
550 component_was_mangled = True;
554 * Now we need to recursively match the name against the real
555 * directory structure.
559 * Match each part of the path name separately, trying the names
560 * as is first, then trying to scan the directory for matching names.
563 for (; start ; start = (end?end+1:(char *)NULL)) {
565 * Pinpoint the end of this section of the filename.
567 /* mb safe. '/' can't be in any encoded char. */
568 end = strchr(start, '/');
571 * Chop the name at this point.
573 if (end) {
574 *end = 0;
577 if (save_last_component) {
578 TALLOC_FREE(smb_fname->original_lcomp);
579 smb_fname->original_lcomp = talloc_strdup(smb_fname,
580 end ? end + 1 : start);
581 if (!smb_fname->original_lcomp) {
582 DEBUG(0, ("talloc failed\n"));
583 status = NT_STATUS_NO_MEMORY;
584 goto err;
588 /* The name cannot have a component of "." */
590 if (ISDOT(start)) {
591 if (!end) {
592 /* Error code at the end of a pathname. */
593 status = NT_STATUS_OBJECT_NAME_INVALID;
594 } else {
595 status = determine_path_error(end+1,
596 allow_wcard_last_component);
598 goto fail;
601 /* The name cannot have a wildcard if it's not
602 the last component. */
604 name_has_wildcard = ms_has_wild(start);
606 /* Wildcards never valid within a pathname. */
607 if (name_has_wildcard && end) {
608 status = NT_STATUS_OBJECT_NAME_INVALID;
609 goto fail;
612 /* Skip the stat call if it's a wildcard end. */
613 if (name_has_wildcard) {
614 DEBUG(5,("Wildcard %s\n",start));
615 goto done;
619 * Check if the name exists up to this point.
622 if (posix_pathnames) {
623 ret = SMB_VFS_LSTAT(conn, smb_fname);
624 } else {
625 ret = SMB_VFS_STAT(conn, smb_fname);
628 if (ret == 0) {
630 * It exists. it must either be a directory or this must
631 * be the last part of the path for it to be OK.
633 if (end && !S_ISDIR(smb_fname->st.st_ex_mode)) {
635 * An intermediate part of the name isn't
636 * a directory.
638 DEBUG(5,("Not a dir %s\n",start));
639 *end = '/';
641 * We need to return the fact that the
642 * intermediate name resolution failed. This
643 * is used to return an error of ERRbadpath
644 * rather than ERRbadfile. Some Windows
645 * applications depend on the difference between
646 * these two errors.
648 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
649 goto fail;
652 } else {
653 char *found_name = NULL;
655 /* Stat failed - ensure we don't use it. */
656 SET_STAT_INVALID(smb_fname->st);
659 * Reset errno so we can detect
660 * directory open errors.
662 errno = 0;
665 * Try to find this part of the path in the directory.
668 if (name_has_wildcard ||
669 (get_real_filename(conn, dirpath, start,
670 talloc_tos(),
671 &found_name) == -1)) {
672 char *unmangled;
674 if (end) {
676 * An intermediate part of the name
677 * can't be found.
679 DEBUG(5,("Intermediate not found %s\n",
680 start));
681 *end = '/';
684 * We need to return the fact that the
685 * intermediate name resolution failed.
686 * This is used to return an error of
687 * ERRbadpath rather than ERRbadfile.
688 * Some Windows applications depend on
689 * the difference between these two
690 * errors.
694 * ENOENT, ENOTDIR and ELOOP all map
695 * to NT_STATUS_OBJECT_PATH_NOT_FOUND
696 * in the filename walk.
699 if (errno == ENOENT ||
700 errno == ENOTDIR ||
701 errno == ELOOP) {
702 status =
703 NT_STATUS_OBJECT_PATH_NOT_FOUND;
705 else {
706 status =
707 map_nt_error_from_unix(errno);
709 goto fail;
713 * ENOENT/EACCESS are the only valid errors
714 * here. EACCESS needs handling here for
715 * "dropboxes", i.e. directories where users
716 * can only put stuff with permission -wx.
718 if ((errno != 0) && (errno != ENOENT)
719 && (errno != EACCES)) {
721 * ENOTDIR and ELOOP both map to
722 * NT_STATUS_OBJECT_PATH_NOT_FOUND
723 * in the filename walk.
725 if (errno == ENOTDIR ||
726 errno == ELOOP) {
727 status =
728 NT_STATUS_OBJECT_PATH_NOT_FOUND;
729 } else {
730 status =
731 map_nt_error_from_unix(errno);
733 goto fail;
737 * Just the last part of the name doesn't exist.
738 * We need to strupper() or strlower() it as
739 * this conversion may be used for file creation
740 * purposes. Fix inspired by
741 * Thomas Neumann <t.neumann@iku-ag.de>.
743 if (!conn->case_preserve ||
744 (mangle_is_8_3(start, False,
745 conn->params) &&
746 !conn->short_case_preserve)) {
747 if (!strnorm(start,
748 lp_defaultcase(SNUM(conn)))) {
749 DEBUG(0, ("strnorm %s failed\n",
750 start));
751 status = NT_STATUS_INVALID_PARAMETER;
752 goto err;
757 * check on the mangled stack to see if we can
758 * recover the base of the filename.
761 if (mangle_is_mangled(start, conn->params)
762 && mangle_lookup_name_from_8_3(ctx,
763 start,
764 &unmangled,
765 conn->params)) {
766 char *tmp;
767 size_t start_ofs =
768 start - smb_fname->base_name;
770 if (*dirpath != '\0') {
771 tmp = talloc_asprintf(
772 smb_fname, "%s/%s",
773 dirpath, unmangled);
774 TALLOC_FREE(unmangled);
776 else {
777 tmp = unmangled;
779 if (tmp == NULL) {
780 DEBUG(0, ("talloc failed\n"));
781 status = NT_STATUS_NO_MEMORY;
782 goto err;
784 TALLOC_FREE(smb_fname->base_name);
785 smb_fname->base_name = tmp;
786 start =
787 smb_fname->base_name + start_ofs;
788 end = start + strlen(start);
791 DEBUG(5,("New file %s\n",start));
792 goto done;
797 * Restore the rest of the string. If the string was
798 * mangled the size may have changed.
800 if (end) {
801 char *tmp;
802 size_t start_ofs =
803 start - smb_fname->base_name;
805 if (*dirpath != '\0') {
806 tmp = talloc_asprintf(smb_fname,
807 "%s/%s/%s", dirpath,
808 found_name, end+1);
810 else {
811 tmp = talloc_asprintf(smb_fname,
812 "%s/%s", found_name,
813 end+1);
815 if (tmp == NULL) {
816 DEBUG(0, ("talloc_asprintf failed\n"));
817 status = NT_STATUS_NO_MEMORY;
818 goto err;
820 TALLOC_FREE(smb_fname->base_name);
821 smb_fname->base_name = tmp;
822 start = smb_fname->base_name + start_ofs;
823 end = start + strlen(found_name);
824 *end = '\0';
825 } else {
826 char *tmp;
827 size_t start_ofs =
828 start - smb_fname->base_name;
830 if (*dirpath != '\0') {
831 tmp = talloc_asprintf(smb_fname,
832 "%s/%s", dirpath,
833 found_name);
834 } else {
835 tmp = talloc_strdup(smb_fname,
836 found_name);
838 if (tmp == NULL) {
839 DEBUG(0, ("talloc failed\n"));
840 status = NT_STATUS_NO_MEMORY;
841 goto err;
843 TALLOC_FREE(smb_fname->base_name);
844 smb_fname->base_name = tmp;
845 start = smb_fname->base_name + start_ofs;
848 * We just scanned for, and found the end of
849 * the path. We must return a valid stat struct
850 * if it exists. JRA.
853 if (posix_pathnames) {
854 ret = SMB_VFS_LSTAT(conn, smb_fname);
855 } else {
856 ret = SMB_VFS_STAT(conn, smb_fname);
859 if (ret != 0) {
860 SET_STAT_INVALID(smb_fname->st);
864 TALLOC_FREE(found_name);
865 } /* end else */
867 #ifdef DEVELOPER
869 * This sucks!
870 * We should never provide different behaviors
871 * depending on DEVELOPER!!!
873 if (VALID_STAT(smb_fname->st)) {
874 bool delete_pending;
875 uint32_t name_hash;
877 status = file_name_hash(conn,
878 smb_fname_str_dbg(smb_fname),
879 &name_hash);
880 if (!NT_STATUS_IS_OK(status)) {
881 goto fail;
884 get_file_infos(vfs_file_id_from_sbuf(conn,
885 &smb_fname->st),
886 name_hash,
887 &delete_pending, NULL);
888 if (delete_pending) {
889 status = NT_STATUS_DELETE_PENDING;
890 goto fail;
893 #endif
896 * Add to the dirpath that we have resolved so far.
899 if (*dirpath != '\0') {
900 char *tmp = talloc_asprintf(ctx,
901 "%s/%s", dirpath, start);
902 if (!tmp) {
903 DEBUG(0, ("talloc_asprintf failed\n"));
904 status = NT_STATUS_NO_MEMORY;
905 goto err;
907 TALLOC_FREE(dirpath);
908 dirpath = tmp;
910 else {
911 TALLOC_FREE(dirpath);
912 if (!(dirpath = talloc_strdup(ctx,start))) {
913 DEBUG(0, ("talloc_strdup failed\n"));
914 status = NT_STATUS_NO_MEMORY;
915 goto err;
920 * Cache the dirpath thus far. Don't cache a name with mangled
921 * or wildcard components as this can change the size.
923 if(!component_was_mangled && !name_has_wildcard) {
924 stat_cache_add(orig_path, dirpath,
925 conn->case_sensitive);
929 * Restore the / that we wiped out earlier.
931 if (end) {
932 *end = '/';
937 * Cache the full path. Don't cache a name with mangled or wildcard
938 * components as this can change the size.
941 if(!component_was_mangled && !name_has_wildcard) {
942 stat_cache_add(orig_path, smb_fname->base_name,
943 conn->case_sensitive);
947 * The name has been resolved.
950 DEBUG(5,("conversion finished %s -> %s\n", orig_path,
951 smb_fname->base_name));
953 done:
954 /* Add back the stream if one was stripped off originally. */
955 if (stream != NULL) {
956 smb_fname->stream_name = stream;
958 /* Check path now that the base_name has been converted. */
959 status = build_stream_path(ctx, conn, orig_path, smb_fname);
960 if (!NT_STATUS_IS_OK(status)) {
961 goto fail;
964 TALLOC_FREE(dirpath);
965 *smb_fname_out = smb_fname;
966 return NT_STATUS_OK;
967 fail:
968 DEBUG(10, ("dirpath = [%s] start = [%s]\n", dirpath, start));
969 if (*dirpath != '\0') {
970 smb_fname->base_name = talloc_asprintf(smb_fname, "%s/%s",
971 dirpath, start);
972 } else {
973 smb_fname->base_name = talloc_strdup(smb_fname, start);
975 if (!smb_fname->base_name) {
976 DEBUG(0, ("talloc_asprintf failed\n"));
977 status = NT_STATUS_NO_MEMORY;
978 goto err;
981 *smb_fname_out = smb_fname;
982 TALLOC_FREE(dirpath);
983 return status;
984 err:
985 TALLOC_FREE(smb_fname);
986 return status;
989 /****************************************************************************
990 Ensure a path is not vetod.
991 ****************************************************************************/
993 NTSTATUS check_veto_path(connection_struct *conn, const char *name)
995 if (IS_VETO_PATH(conn, name)) {
996 /* Is it not dot or dot dot. */
997 if (!(ISDOT(name) || ISDOTDOT(name))) {
998 DEBUG(5,("check_veto_path: file path name %s vetoed\n",
999 name));
1000 return map_nt_error_from_unix(ENOENT);
1003 return NT_STATUS_OK;
1006 /****************************************************************************
1007 Check a filename - possibly calling check_reduced_name.
1008 This is called by every routine before it allows an operation on a filename.
1009 It does any final confirmation necessary to ensure that the filename is
1010 a valid one for the user to access.
1011 ****************************************************************************/
1013 NTSTATUS check_name(connection_struct *conn, const char *name)
1015 NTSTATUS status = check_veto_path(conn, name);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 return status;
1021 if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
1022 status = check_reduced_name(conn,name);
1023 if (!NT_STATUS_IS_OK(status)) {
1024 DEBUG(5,("check_name: name %s failed with %s\n",name,
1025 nt_errstr(status)));
1026 return status;
1030 return NT_STATUS_OK;
1033 /****************************************************************************
1034 Must be called as root. Creates the struct privilege_paths
1035 attached to the struct smb_request if this call is successful.
1036 ****************************************************************************/
1038 static NTSTATUS check_name_with_privilege(connection_struct *conn,
1039 struct smb_request *smbreq,
1040 const char *name)
1042 NTSTATUS status = check_veto_path(conn, name);
1044 if (!NT_STATUS_IS_OK(status)) {
1045 return status;
1047 return check_reduced_name_with_privilege(conn,
1048 name,
1049 smbreq);
1052 /****************************************************************************
1053 Check if two filenames are equal.
1054 This needs to be careful about whether we are case sensitive.
1055 ****************************************************************************/
1057 static bool fname_equal(const char *name1, const char *name2,
1058 bool case_sensitive)
1060 /* Normal filename handling */
1061 if (case_sensitive) {
1062 return(strcmp(name1,name2) == 0);
1065 return(strequal(name1,name2));
1068 /****************************************************************************
1069 Scan a directory to find a filename, matching without case sensitivity.
1070 If the name looks like a mangled name then try via the mangling functions
1071 ****************************************************************************/
1073 static int get_real_filename_full_scan(connection_struct *conn,
1074 const char *path, const char *name,
1075 bool mangled,
1076 TALLOC_CTX *mem_ctx, char **found_name)
1078 struct smb_Dir *cur_dir;
1079 const char *dname = NULL;
1080 char *talloced = NULL;
1081 char *unmangled_name = NULL;
1082 long curpos;
1084 /* handle null paths */
1085 if ((path == NULL) || (*path == 0)) {
1086 path = ".";
1089 /* If we have a case-sensitive filesystem, it doesn't do us any
1090 * good to search for a name. If a case variation of the name was
1091 * there, then the original stat(2) would have found it.
1093 if (!mangled && !(conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) {
1094 errno = ENOENT;
1095 return -1;
1099 * The incoming name can be mangled, and if we de-mangle it
1100 * here it will not compare correctly against the filename (name2)
1101 * read from the directory and then mangled by the name_to_8_3()
1102 * call. We need to mangle both names or neither.
1103 * (JRA).
1105 * Fix for bug found by Dina Fine. If in case sensitive mode then
1106 * the mangle cache is no good (3 letter extension could be wrong
1107 * case - so don't demangle in this case - leave as mangled and
1108 * allow the mangling of the directory entry read (which is done
1109 * case insensitively) to match instead. This will lead to more
1110 * false positive matches but we fail completely without it. JRA.
1113 if (mangled && !conn->case_sensitive) {
1114 mangled = !mangle_lookup_name_from_8_3(talloc_tos(), name,
1115 &unmangled_name,
1116 conn->params);
1117 if (!mangled) {
1118 /* Name is now unmangled. */
1119 name = unmangled_name;
1123 /* open the directory */
1124 if (!(cur_dir = OpenDir(talloc_tos(), conn, path, NULL, 0))) {
1125 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
1126 TALLOC_FREE(unmangled_name);
1127 return -1;
1130 /* now scan for matching names */
1131 curpos = 0;
1132 while ((dname = ReadDirName(cur_dir, &curpos, NULL, &talloced))) {
1134 /* Is it dot or dot dot. */
1135 if (ISDOT(dname) || ISDOTDOT(dname)) {
1136 TALLOC_FREE(talloced);
1137 continue;
1141 * At this point dname is the unmangled name.
1142 * name is either mangled or not, depending on the state
1143 * of the "mangled" variable. JRA.
1147 * Check mangled name against mangled name, or unmangled name
1148 * against unmangled name.
1151 if ((mangled && mangled_equal(name,dname,conn->params)) ||
1152 fname_equal(name, dname, conn->case_sensitive)) {
1153 /* we've found the file, change it's name and return */
1154 *found_name = talloc_strdup(mem_ctx, dname);
1155 TALLOC_FREE(unmangled_name);
1156 TALLOC_FREE(cur_dir);
1157 if (!*found_name) {
1158 errno = ENOMEM;
1159 TALLOC_FREE(talloced);
1160 return -1;
1162 TALLOC_FREE(talloced);
1163 return 0;
1165 TALLOC_FREE(talloced);
1168 TALLOC_FREE(unmangled_name);
1169 TALLOC_FREE(cur_dir);
1170 errno = ENOENT;
1171 return -1;
1174 /****************************************************************************
1175 Wrapper around the vfs get_real_filename and the full directory scan
1176 fallback.
1177 ****************************************************************************/
1179 int get_real_filename(connection_struct *conn, const char *path,
1180 const char *name, TALLOC_CTX *mem_ctx,
1181 char **found_name)
1183 int ret;
1184 bool mangled;
1186 mangled = mangle_is_mangled(name, conn->params);
1188 if (mangled) {
1189 return get_real_filename_full_scan(conn, path, name, mangled,
1190 mem_ctx, found_name);
1193 /* Try the vfs first to take advantage of case-insensitive stat. */
1194 ret = SMB_VFS_GET_REAL_FILENAME(conn, path, name, mem_ctx, found_name);
1197 * If the case-insensitive stat was successful, or returned an error
1198 * other than EOPNOTSUPP then there is no need to fall back on the
1199 * full directory scan.
1201 if (ret == 0 || (ret == -1 && errno != EOPNOTSUPP)) {
1202 return ret;
1205 return get_real_filename_full_scan(conn, path, name, mangled, mem_ctx,
1206 found_name);
1209 static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
1210 connection_struct *conn,
1211 const char *orig_path,
1212 struct smb_filename *smb_fname)
1214 NTSTATUS status;
1215 unsigned int i, num_streams = 0;
1216 struct stream_struct *streams = NULL;
1218 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1219 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1220 return NT_STATUS_OK;
1223 if (errno != ENOENT) {
1224 DEBUG(10, ("vfs_stat failed: %s\n", strerror(errno)));
1225 status = map_nt_error_from_unix(errno);
1226 goto fail;
1229 /* Fall back to a case-insensitive scan of all streams on the file. */
1230 status = vfs_streaminfo(conn, NULL, smb_fname->base_name, mem_ctx,
1231 &num_streams, &streams);
1233 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1234 SET_STAT_INVALID(smb_fname->st);
1235 return NT_STATUS_OK;
1238 if (!NT_STATUS_IS_OK(status)) {
1239 DEBUG(10, ("vfs_streaminfo failed: %s\n", nt_errstr(status)));
1240 goto fail;
1243 for (i=0; i<num_streams; i++) {
1244 DEBUG(10, ("comparing [%s] and [%s]: ",
1245 smb_fname->stream_name, streams[i].name));
1246 if (fname_equal(smb_fname->stream_name, streams[i].name,
1247 conn->case_sensitive)) {
1248 DEBUGADD(10, ("equal\n"));
1249 break;
1251 DEBUGADD(10, ("not equal\n"));
1254 /* Couldn't find the stream. */
1255 if (i == num_streams) {
1256 SET_STAT_INVALID(smb_fname->st);
1257 TALLOC_FREE(streams);
1258 return NT_STATUS_OK;
1261 DEBUG(10, ("case insensitive stream. requested: %s, actual: %s\n",
1262 smb_fname->stream_name, streams[i].name));
1265 TALLOC_FREE(smb_fname->stream_name);
1266 smb_fname->stream_name = talloc_strdup(smb_fname, streams[i].name);
1267 if (smb_fname->stream_name == NULL) {
1268 status = NT_STATUS_NO_MEMORY;
1269 goto fail;
1272 SET_STAT_INVALID(smb_fname->st);
1274 if (SMB_VFS_STAT(conn, smb_fname) == 0) {
1275 DEBUG(10, ("'%s' exists\n", smb_fname_str_dbg(smb_fname)));
1277 status = NT_STATUS_OK;
1278 fail:
1279 TALLOC_FREE(streams);
1280 return status;
1284 * Go through all the steps to validate a filename.
1286 * @param ctx talloc_ctx to allocate memory with.
1287 * @param conn connection struct for vfs calls.
1288 * @param dfs_path Whether this path requires dfs resolution.
1289 * @param smbreq SMB request if we're using privileges.
1290 * @param name_in The unconverted name.
1291 * @param ucf_flags flags to pass through to unix_convert().
1292 * UCF_ALWAYS_ALLOW_WCARD_LCOMP will be OR'd in if
1293 * p_cont_wcard != NULL and is true and
1294 * UCF_COND_ALLOW_WCARD_LCOMP.
1295 * @param p_cont_wcard If not NULL, will be set to true if the dfs path
1296 * resolution detects a wildcard.
1297 * @param pp_smb_fname The final converted name will be allocated if the
1298 * return is NT_STATUS_OK.
1300 * @return NT_STATUS_OK if all operations completed succesfully, appropriate
1301 * error otherwise.
1303 static NTSTATUS filename_convert_internal(TALLOC_CTX *ctx,
1304 connection_struct *conn,
1305 bool dfs_path,
1306 struct smb_request *smbreq,
1307 const char *name_in,
1308 uint32_t ucf_flags,
1309 bool *ppath_contains_wcard,
1310 struct smb_filename **pp_smb_fname)
1312 NTSTATUS status;
1313 bool allow_wcards = (ucf_flags & (UCF_COND_ALLOW_WCARD_LCOMP|UCF_ALWAYS_ALLOW_WCARD_LCOMP));
1314 char *fname = NULL;
1316 *pp_smb_fname = NULL;
1318 status = resolve_dfspath_wcard(ctx, conn,
1319 dfs_path,
1320 name_in,
1321 allow_wcards,
1322 !conn->sconn->using_smb2,
1323 &fname,
1324 ppath_contains_wcard);
1325 if (!NT_STATUS_IS_OK(status)) {
1326 DEBUG(10,("filename_convert_internal: resolve_dfspath failed "
1327 "for name %s with %s\n",
1328 name_in,
1329 nt_errstr(status) ));
1330 return status;
1333 if (is_fake_file_path(name_in)) {
1334 SMB_STRUCT_STAT st;
1335 ZERO_STRUCT(st);
1336 st.st_ex_nlink = 1;
1337 status = create_synthetic_smb_fname_split(ctx,
1338 name_in,
1339 &st,
1340 pp_smb_fname);
1341 return status;
1345 * If the caller conditionally allows wildcard lookups, only add the
1346 * always allow if the path actually does contain a wildcard.
1348 if (ucf_flags & UCF_COND_ALLOW_WCARD_LCOMP &&
1349 ppath_contains_wcard != NULL && *ppath_contains_wcard) {
1350 ucf_flags |= UCF_ALWAYS_ALLOW_WCARD_LCOMP;
1353 status = unix_convert(ctx, conn, fname, pp_smb_fname, ucf_flags);
1354 if (!NT_STATUS_IS_OK(status)) {
1355 DEBUG(10,("filename_convert_internal: unix_convert failed "
1356 "for name %s with %s\n",
1357 fname,
1358 nt_errstr(status) ));
1359 return status;
1362 if ((ucf_flags & UCF_UNIX_NAME_LOOKUP) &&
1363 VALID_STAT((*pp_smb_fname)->st) &&
1364 S_ISLNK((*pp_smb_fname)->st.st_ex_mode)) {
1365 return check_veto_path(conn, (*pp_smb_fname)->base_name);
1368 if (!smbreq) {
1369 status = check_name(conn, (*pp_smb_fname)->base_name);
1370 } else {
1371 status = check_name_with_privilege(conn, smbreq, (*pp_smb_fname)->base_name);
1373 if (!NT_STATUS_IS_OK(status)) {
1374 DEBUG(3,("filename_convert_internal: check_name failed "
1375 "for name %s with %s\n",
1376 smb_fname_str_dbg(*pp_smb_fname),
1377 nt_errstr(status) ));
1378 TALLOC_FREE(*pp_smb_fname);
1379 return status;
1382 return status;
1386 * Go through all the steps to validate a filename.
1387 * Non-root version.
1390 NTSTATUS filename_convert(TALLOC_CTX *ctx,
1391 connection_struct *conn,
1392 bool dfs_path,
1393 const char *name_in,
1394 uint32_t ucf_flags,
1395 bool *ppath_contains_wcard,
1396 struct smb_filename **pp_smb_fname)
1398 return filename_convert_internal(ctx,
1399 conn,
1400 dfs_path,
1401 NULL,
1402 name_in,
1403 ucf_flags,
1404 ppath_contains_wcard,
1405 pp_smb_fname);
1409 * Go through all the steps to validate a filename.
1410 * root (privileged) version.
1413 NTSTATUS filename_convert_with_privilege(TALLOC_CTX *ctx,
1414 connection_struct *conn,
1415 struct smb_request *smbreq,
1416 const char *name_in,
1417 uint32_t ucf_flags,
1418 bool *ppath_contains_wcard,
1419 struct smb_filename **pp_smb_fname)
1421 return filename_convert_internal(ctx,
1422 conn,
1423 smbreq->flags2 & FLAGS2_DFS_PATHNAMES,
1424 smbreq,
1425 name_in,
1426 ucf_flags,
1427 ppath_contains_wcard,
1428 pp_smb_fname);