Reserve IOCTL 0xACE for proxy<->proxy communication channel
[Samba/vfs_proxy.git] / source3 / smbd / vfs.c
blob011f31dd24c531d698ede308bea6ee90c1a040d7
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 VFS initialisation and support functions
5 Copyright (C) Tim Potter 1999
6 Copyright (C) Alexander Bokovoy 2002
7 Copyright (C) James Peach 2006
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 This work was sponsored by Optifacio Software Services, Inc.
25 #include "includes.h"
27 #undef DBGC_CLASS
28 #define DBGC_CLASS DBGC_VFS
30 static_decl_vfs;
32 struct vfs_init_function_entry {
33 char *name;
34 const vfs_op_tuple *vfs_op_tuples;
35 struct vfs_init_function_entry *prev, *next;
38 static struct vfs_init_function_entry *backends = NULL;
40 /****************************************************************************
41 maintain the list of available backends
42 ****************************************************************************/
44 static struct vfs_init_function_entry *vfs_find_backend_entry(const char *name)
46 struct vfs_init_function_entry *entry = backends;
48 DEBUG(10, ("vfs_find_backend_entry called for %s\n", name));
50 while(entry) {
51 if (strcmp(entry->name, name)==0) return entry;
52 entry = entry->next;
55 return NULL;
58 NTSTATUS smb_register_vfs(int version, const char *name, const vfs_op_tuple *vfs_op_tuples)
60 struct vfs_init_function_entry *entry = backends;
62 if ((version != SMB_VFS_INTERFACE_VERSION)) {
63 DEBUG(0, ("Failed to register vfs module.\n"
64 "The module was compiled against SMB_VFS_INTERFACE_VERSION %d,\n"
65 "current SMB_VFS_INTERFACE_VERSION is %d.\n"
66 "Please recompile against the current Samba Version!\n",
67 version, SMB_VFS_INTERFACE_VERSION));
68 return NT_STATUS_OBJECT_TYPE_MISMATCH;
71 if (!name || !name[0] || !vfs_op_tuples) {
72 DEBUG(0,("smb_register_vfs() called with NULL pointer or empty name!\n"));
73 return NT_STATUS_INVALID_PARAMETER;
76 if (vfs_find_backend_entry(name)) {
77 DEBUG(0,("VFS module %s already loaded!\n", name));
78 return NT_STATUS_OBJECT_NAME_COLLISION;
81 entry = SMB_XMALLOC_P(struct vfs_init_function_entry);
82 entry->name = smb_xstrdup(name);
83 entry->vfs_op_tuples = vfs_op_tuples;
85 DLIST_ADD(backends, entry);
86 DEBUG(5, ("Successfully added vfs backend '%s'\n", name));
87 return NT_STATUS_OK;
90 /****************************************************************************
91 initialise default vfs hooks
92 ****************************************************************************/
94 static void vfs_init_default(connection_struct *conn)
96 DEBUG(3, ("Initialising default vfs hooks\n"));
97 vfs_init_custom(conn, DEFAULT_VFS_MODULE_NAME);
100 /****************************************************************************
101 initialise custom vfs hooks
102 ****************************************************************************/
104 static inline void vfs_set_operation(struct vfs_ops * vfs, vfs_op_type which,
105 struct vfs_handle_struct * handle, void * op)
107 ((struct vfs_handle_struct **)&vfs->handles)[which] = handle;
108 ((void **)(void *)&vfs->ops)[which] = op;
111 bool vfs_init_custom(connection_struct *conn, const char *vfs_object)
113 const vfs_op_tuple *ops;
114 char *module_path = NULL;
115 char *module_name = NULL;
116 char *module_param = NULL, *p;
117 int i;
118 vfs_handle_struct *handle;
119 const struct vfs_init_function_entry *entry;
121 if (!conn||!vfs_object||!vfs_object[0]) {
122 DEBUG(0,("vfs_init_custon() called with NULL pointer or emtpy vfs_object!\n"));
123 return False;
126 if(!backends) {
127 static_init_vfs;
130 DEBUG(3, ("Initialising custom vfs hooks from [%s]\n", vfs_object));
132 module_path = smb_xstrdup(vfs_object);
134 p = strchr_m(module_path, ':');
136 if (p) {
137 *p = 0;
138 module_param = p+1;
139 trim_char(module_param, ' ', ' ');
142 trim_char(module_path, ' ', ' ');
144 module_name = smb_xstrdup(module_path);
146 if ((module_name[0] == '/') &&
147 (strcmp(module_path, DEFAULT_VFS_MODULE_NAME) != 0)) {
150 * Extract the module name from the path. Just use the base
151 * name of the last path component.
154 SAFE_FREE(module_name);
155 module_name = smb_xstrdup(strrchr_m(module_path, '/')+1);
157 p = strchr_m(module_name, '.');
159 if (p != NULL) {
160 *p = '\0';
164 /* First, try to load the module with the new module system */
165 if((entry = vfs_find_backend_entry(module_name)) ||
166 (NT_STATUS_IS_OK(smb_probe_module("vfs", module_path)) &&
167 (entry = vfs_find_backend_entry(module_name)))) {
169 DEBUGADD(5,("Successfully loaded vfs module [%s] with the new modules system\n", vfs_object));
171 if ((ops = entry->vfs_op_tuples) == NULL) {
172 DEBUG(0, ("entry->vfs_op_tuples==NULL for [%s] failed\n", vfs_object));
173 goto fail;
175 } else {
176 DEBUG(0,("Can't find a vfs module [%s]\n",vfs_object));
177 goto fail;
180 handle = TALLOC_ZERO_P(conn, vfs_handle_struct);
181 if (!handle) {
182 DEBUG(0,("TALLOC_ZERO() failed!\n"));
183 goto fail;
185 memcpy(&handle->vfs_next, &conn->vfs, sizeof(struct vfs_ops));
186 handle->conn = conn;
187 if (module_param) {
188 handle->param = talloc_strdup(conn, module_param);
190 DLIST_ADD(conn->vfs_handles, handle);
192 for(i=0; ops[i].op != NULL; i++) {
193 DEBUG(5, ("Checking operation #%d (type %d, layer %d)\n", i, ops[i].type, ops[i].layer));
194 if(ops[i].layer == SMB_VFS_LAYER_OPAQUE) {
195 /* If this operation was already made opaque by different module, it
196 * will be overridden here.
198 DEBUGADD(5, ("Making operation type %d opaque [module %s]\n", ops[i].type, vfs_object));
199 vfs_set_operation(&conn->vfs_opaque, ops[i].type, handle, ops[i].op);
201 /* Change current VFS disposition*/
202 DEBUGADD(5, ("Accepting operation type %d from module %s\n", ops[i].type, vfs_object));
203 vfs_set_operation(&conn->vfs, ops[i].type, handle, ops[i].op);
206 SAFE_FREE(module_path);
207 SAFE_FREE(module_name);
208 return True;
210 fail:
211 SAFE_FREE(module_path);
212 SAFE_FREE(module_name);
213 return False;
216 /*****************************************************************
217 Allow VFS modules to extend files_struct with VFS-specific state.
218 This will be ok for small numbers of extensions, but might need to
219 be refactored if it becomes more widely used.
220 ******************************************************************/
222 #define EXT_DATA_AREA(e) ((uint8 *)(e) + sizeof(struct vfs_fsp_data))
224 void *vfs_add_fsp_extension_notype(vfs_handle_struct *handle, files_struct *fsp, size_t ext_size)
226 struct vfs_fsp_data *ext;
227 void * ext_data;
229 /* Prevent VFS modules adding multiple extensions. */
230 if ((ext_data = vfs_fetch_fsp_extension(handle, fsp))) {
231 return ext_data;
234 ext = (struct vfs_fsp_data *)TALLOC_ZERO(
235 handle->conn, sizeof(struct vfs_fsp_data) + ext_size);
236 if (ext == NULL) {
237 return NULL;
240 ext->owner = handle;
241 ext->next = fsp->vfs_extension;
242 fsp->vfs_extension = ext;
243 return EXT_DATA_AREA(ext);
246 void vfs_remove_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
248 struct vfs_fsp_data *curr;
249 struct vfs_fsp_data *prev;
251 for (curr = fsp->vfs_extension, prev = NULL;
252 curr;
253 prev = curr, curr = curr->next) {
254 if (curr->owner == handle) {
255 if (prev) {
256 prev->next = curr->next;
257 } else {
258 fsp->vfs_extension = curr->next;
260 TALLOC_FREE(curr);
261 return;
266 void *vfs_memctx_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
268 struct vfs_fsp_data *head;
270 for (head = fsp->vfs_extension; head; head = head->next) {
271 if (head->owner == handle) {
272 return head;
276 return NULL;
279 void *vfs_fetch_fsp_extension(vfs_handle_struct *handle, files_struct *fsp)
281 struct vfs_fsp_data *head;
283 head = (struct vfs_fsp_data *)vfs_memctx_fsp_extension(handle, fsp);
284 if (head != NULL) {
285 return EXT_DATA_AREA(head);
288 return NULL;
291 #undef EXT_DATA_AREA
293 /*****************************************************************
294 Generic VFS init.
295 ******************************************************************/
297 bool smbd_vfs_init(connection_struct *conn)
299 const char **vfs_objects;
300 unsigned int i = 0;
301 int j = 0;
303 /* Normal share - initialise with disk access functions */
304 vfs_init_default(conn);
305 vfs_objects = lp_vfs_objects(SNUM(conn));
307 /* Override VFS functions if 'vfs object' was not specified*/
308 if (!vfs_objects || !vfs_objects[0])
309 return True;
311 for (i=0; vfs_objects[i] ;) {
312 i++;
315 for (j=i-1; j >= 0; j--) {
316 if (!vfs_init_custom(conn, vfs_objects[j])) {
317 DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_objects[j]));
318 return False;
321 return True;
324 /*******************************************************************
325 Check if directory exists.
326 ********************************************************************/
328 bool vfs_directory_exist(connection_struct *conn, const char *dname, SMB_STRUCT_STAT *st)
330 SMB_STRUCT_STAT st2;
331 bool ret;
333 if (!st)
334 st = &st2;
336 if (SMB_VFS_STAT(conn,dname,st) != 0)
337 return(False);
339 ret = S_ISDIR(st->st_mode);
340 if(!ret)
341 errno = ENOTDIR;
343 return ret;
346 /*******************************************************************
347 Check if an object exists in the vfs.
348 ********************************************************************/
350 bool vfs_object_exist(connection_struct *conn,const char *fname,SMB_STRUCT_STAT *sbuf)
352 SMB_STRUCT_STAT st;
354 if (!sbuf)
355 sbuf = &st;
357 ZERO_STRUCTP(sbuf);
359 if (SMB_VFS_STAT(conn,fname,sbuf) == -1)
360 return(False);
361 return True;
364 /*******************************************************************
365 Check if a file exists in the vfs.
366 ********************************************************************/
368 bool vfs_file_exist(connection_struct *conn, const char *fname,SMB_STRUCT_STAT *sbuf)
370 SMB_STRUCT_STAT st;
372 if (!sbuf)
373 sbuf = &st;
375 ZERO_STRUCTP(sbuf);
377 if (SMB_VFS_STAT(conn,fname,sbuf) == -1)
378 return False;
379 return(S_ISREG(sbuf->st_mode));
382 /****************************************************************************
383 Read data from fsp on the vfs. (note: EINTR re-read differs from vfs_write_data)
384 ****************************************************************************/
386 ssize_t vfs_read_data(files_struct *fsp, char *buf, size_t byte_count)
388 size_t total=0;
390 while (total < byte_count)
392 ssize_t ret = SMB_VFS_READ(fsp, buf + total,
393 byte_count - total);
395 if (ret == 0) return total;
396 if (ret == -1) {
397 if (errno == EINTR)
398 continue;
399 else
400 return -1;
402 total += ret;
404 return (ssize_t)total;
407 ssize_t vfs_pread_data(files_struct *fsp, char *buf,
408 size_t byte_count, SMB_OFF_T offset)
410 size_t total=0;
412 while (total < byte_count)
414 ssize_t ret = SMB_VFS_PREAD(fsp, buf + total,
415 byte_count - total, offset + total);
417 if (ret == 0) return total;
418 if (ret == -1) {
419 if (errno == EINTR)
420 continue;
421 else
422 return -1;
424 total += ret;
426 return (ssize_t)total;
429 /****************************************************************************
430 Write data to a fd on the vfs.
431 ****************************************************************************/
433 ssize_t vfs_write_data(struct smb_request *req,
434 files_struct *fsp,
435 const char *buffer,
436 size_t N)
438 size_t total=0;
439 ssize_t ret;
441 if (req && req->unread_bytes) {
442 SMB_ASSERT(req->unread_bytes == N);
443 /* VFS_RECVFILE must drain the socket
444 * before returning. */
445 req->unread_bytes = 0;
446 return SMB_VFS_RECVFILE(smbd_server_fd(),
447 fsp,
448 (SMB_OFF_T)-1,
452 while (total < N) {
453 ret = SMB_VFS_WRITE(fsp, buffer + total, N - total);
455 if (ret == -1)
456 return -1;
457 if (ret == 0)
458 return total;
460 total += ret;
462 return (ssize_t)total;
465 ssize_t vfs_pwrite_data(struct smb_request *req,
466 files_struct *fsp,
467 const char *buffer,
468 size_t N,
469 SMB_OFF_T offset)
471 size_t total=0;
472 ssize_t ret;
474 if (req && req->unread_bytes) {
475 SMB_ASSERT(req->unread_bytes == N);
476 /* VFS_RECVFILE must drain the socket
477 * before returning. */
478 req->unread_bytes = 0;
479 return SMB_VFS_RECVFILE(smbd_server_fd(),
480 fsp,
481 offset,
485 while (total < N) {
486 ret = SMB_VFS_PWRITE(fsp, buffer + total, N - total,
487 offset + total);
489 if (ret == -1)
490 return -1;
491 if (ret == 0)
492 return total;
494 total += ret;
496 return (ssize_t)total;
498 /****************************************************************************
499 An allocate file space call using the vfs interface.
500 Allocates space for a file from a filedescriptor.
501 Returns 0 on success, -1 on failure.
502 ****************************************************************************/
504 int vfs_allocate_file_space(files_struct *fsp, uint64_t len)
506 int ret;
507 SMB_STRUCT_STAT st;
508 connection_struct *conn = fsp->conn;
509 uint64_t space_avail;
510 uint64_t bsize,dfree,dsize;
512 release_level_2_oplocks_on_change(fsp);
515 * Actually try and commit the space on disk....
518 DEBUG(10,("vfs_allocate_file_space: file %s, len %.0f\n", fsp->fsp_name, (double)len ));
520 if (((SMB_OFF_T)len) < 0) {
521 DEBUG(0,("vfs_allocate_file_space: %s negative len requested.\n", fsp->fsp_name ));
522 errno = EINVAL;
523 return -1;
526 ret = SMB_VFS_FSTAT(fsp, &st);
527 if (ret == -1)
528 return ret;
530 if (len == (uint64_t)st.st_size)
531 return 0;
533 if (len < (uint64_t)st.st_size) {
534 /* Shrink - use ftruncate. */
536 DEBUG(10,("vfs_allocate_file_space: file %s, shrink. Current size %.0f\n",
537 fsp->fsp_name, (double)st.st_size ));
539 flush_write_cache(fsp, SIZECHANGE_FLUSH);
540 if ((ret = SMB_VFS_FTRUNCATE(fsp, (SMB_OFF_T)len)) != -1) {
541 set_filelen_write_cache(fsp, len);
543 return ret;
546 /* Grow - we need to test if we have enough space. */
548 if (!lp_strict_allocate(SNUM(fsp->conn)))
549 return 0;
551 len -= st.st_size;
552 len /= 1024; /* Len is now number of 1k blocks needed. */
553 space_avail = get_dfree_info(conn,fsp->fsp_name,False,&bsize,&dfree,&dsize);
554 if (space_avail == (uint64_t)-1) {
555 return -1;
558 DEBUG(10,("vfs_allocate_file_space: file %s, grow. Current size %.0f, needed blocks = %.0f, space avail = %.0f\n",
559 fsp->fsp_name, (double)st.st_size, (double)len, (double)space_avail ));
561 if (len > space_avail) {
562 errno = ENOSPC;
563 return -1;
566 return 0;
569 /****************************************************************************
570 A vfs set_filelen call.
571 set the length of a file from a filedescriptor.
572 Returns 0 on success, -1 on failure.
573 ****************************************************************************/
575 int vfs_set_filelen(files_struct *fsp, SMB_OFF_T len)
577 int ret;
579 release_level_2_oplocks_on_change(fsp);
580 DEBUG(10,("vfs_set_filelen: ftruncate %s to len %.0f\n", fsp->fsp_name, (double)len));
581 flush_write_cache(fsp, SIZECHANGE_FLUSH);
582 if ((ret = SMB_VFS_FTRUNCATE(fsp, len)) != -1) {
583 set_filelen_write_cache(fsp, len);
584 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
585 FILE_NOTIFY_CHANGE_SIZE
586 | FILE_NOTIFY_CHANGE_ATTRIBUTES,
587 fsp->fsp_name);
590 return ret;
593 /****************************************************************************
594 A vfs fill sparse call.
595 Writes zeros from the end of file to len, if len is greater than EOF.
596 Used only by strict_sync.
597 Returns 0 on success, -1 on failure.
598 ****************************************************************************/
600 static char *sparse_buf;
601 #define SPARSE_BUF_WRITE_SIZE (32*1024)
603 int vfs_fill_sparse(files_struct *fsp, SMB_OFF_T len)
605 int ret;
606 SMB_STRUCT_STAT st;
607 SMB_OFF_T offset;
608 size_t total;
609 size_t num_to_write;
610 ssize_t pwrite_ret;
612 release_level_2_oplocks_on_change(fsp);
613 ret = SMB_VFS_FSTAT(fsp, &st);
614 if (ret == -1) {
615 return ret;
618 if (len <= st.st_size) {
619 return 0;
622 DEBUG(10,("vfs_fill_sparse: write zeros in file %s from len %.0f to len %.0f (%.0f bytes)\n",
623 fsp->fsp_name, (double)st.st_size, (double)len, (double)(len - st.st_size)));
625 flush_write_cache(fsp, SIZECHANGE_FLUSH);
627 if (!sparse_buf) {
628 sparse_buf = SMB_CALLOC_ARRAY(char, SPARSE_BUF_WRITE_SIZE);
629 if (!sparse_buf) {
630 errno = ENOMEM;
631 return -1;
635 offset = st.st_size;
636 num_to_write = len - st.st_size;
637 total = 0;
639 while (total < num_to_write) {
640 size_t curr_write_size = MIN(SPARSE_BUF_WRITE_SIZE, (num_to_write - total));
642 pwrite_ret = SMB_VFS_PWRITE(fsp, sparse_buf, curr_write_size, offset + total);
643 if (pwrite_ret == -1) {
644 DEBUG(10,("vfs_fill_sparse: SMB_VFS_PWRITE for file %s failed with error %s\n",
645 fsp->fsp_name, strerror(errno) ));
646 return -1;
648 if (pwrite_ret == 0) {
649 return 0;
652 total += pwrite_ret;
655 set_filelen_write_cache(fsp, len);
656 return 0;
659 /****************************************************************************
660 Transfer some data (n bytes) between two file_struct's.
661 ****************************************************************************/
663 static ssize_t vfs_read_fn(void *file, void *buf, size_t len)
665 struct files_struct *fsp = (struct files_struct *)file;
667 return SMB_VFS_READ(fsp, buf, len);
670 static ssize_t vfs_write_fn(void *file, const void *buf, size_t len)
672 struct files_struct *fsp = (struct files_struct *)file;
674 return SMB_VFS_WRITE(fsp, buf, len);
677 SMB_OFF_T vfs_transfer_file(files_struct *in, files_struct *out, SMB_OFF_T n)
679 return transfer_file_internal((void *)in, (void *)out, n,
680 vfs_read_fn, vfs_write_fn);
683 /*******************************************************************
684 A vfs_readdir wrapper which just returns the file name.
685 ********************************************************************/
687 char *vfs_readdirname(connection_struct *conn, void *p)
689 SMB_STRUCT_DIRENT *ptr= NULL;
690 char *dname;
692 if (!p)
693 return(NULL);
695 ptr = SMB_VFS_READDIR(conn, (DIR *)p);
696 if (!ptr)
697 return(NULL);
699 dname = ptr->d_name;
701 #ifdef NEXT2
702 if (telldir(p) < 0)
703 return(NULL);
704 #endif
706 #ifdef HAVE_BROKEN_READDIR_NAME
707 /* using /usr/ucb/cc is BAD */
708 dname = dname - 2;
709 #endif
711 return(dname);
714 /*******************************************************************
715 A wrapper for vfs_chdir().
716 ********************************************************************/
718 int vfs_ChDir(connection_struct *conn, const char *path)
720 int res;
721 static char *LastDir = NULL;
723 if (!LastDir) {
724 LastDir = SMB_STRDUP("");
727 if (strcsequal(path,"."))
728 return(0);
730 if (*path == '/' && strcsequal(LastDir,path))
731 return(0);
733 DEBUG(4,("vfs_ChDir to %s\n",path));
735 res = SMB_VFS_CHDIR(conn,path);
736 if (!res) {
737 SAFE_FREE(LastDir);
738 LastDir = SMB_STRDUP(path);
740 return(res);
743 /*******************************************************************
744 Return the absolute current directory path - given a UNIX pathname.
745 Note that this path is returned in DOS format, not UNIX
746 format. Note this can be called with conn == NULL.
747 ********************************************************************/
749 struct getwd_cache_key {
750 SMB_DEV_T dev;
751 SMB_INO_T ino;
754 char *vfs_GetWd(TALLOC_CTX *ctx, connection_struct *conn)
756 char s[PATH_MAX+1];
757 SMB_STRUCT_STAT st, st2;
758 char *result;
759 DATA_BLOB cache_value;
760 struct getwd_cache_key key;
762 *s = 0;
764 if (!lp_getwd_cache()) {
765 goto nocache;
768 SET_STAT_INVALID(st);
770 if (SMB_VFS_STAT(conn, ".",&st) == -1) {
772 * Known to fail for root: the directory may be NFS-mounted
773 * and exported with root_squash (so has no root access).
775 DEBUG(1,("vfs_GetWd: couldn't stat \".\" error %s "
776 "(NFS problem ?)\n", strerror(errno) ));
777 goto nocache;
780 ZERO_STRUCT(key); /* unlikely, but possible padding */
781 key.dev = st.st_dev;
782 key.ino = st.st_ino;
784 if (!memcache_lookup(smbd_memcache(), GETWD_CACHE,
785 data_blob_const(&key, sizeof(key)),
786 &cache_value)) {
787 goto nocache;
790 SMB_ASSERT((cache_value.length > 0)
791 && (cache_value.data[cache_value.length-1] == '\0'));
793 if ((SMB_VFS_STAT(conn, (char *)cache_value.data, &st2) == 0)
794 && (st.st_dev == st2.st_dev) && (st.st_ino == st2.st_ino)
795 && (S_ISDIR(st.st_mode))) {
797 * Ok, we're done
799 result = talloc_strdup(ctx, (char *)cache_value.data);
800 if (result == NULL) {
801 errno = ENOMEM;
803 return result;
806 nocache:
809 * We don't have the information to hand so rely on traditional
810 * methods. The very slow getcwd, which spawns a process on some
811 * systems, or the not quite so bad getwd.
814 if (!SMB_VFS_GETWD(conn,s)) {
815 DEBUG(0, ("vfs_GetWd: SMB_VFS_GETWD call failed: %s\n",
816 strerror(errno)));
817 return NULL;
820 if (lp_getwd_cache() && VALID_STAT(st)) {
821 ZERO_STRUCT(key); /* unlikely, but possible padding */
822 key.dev = st.st_dev;
823 key.ino = st.st_ino;
825 memcache_add(smbd_memcache(), GETWD_CACHE,
826 data_blob_const(&key, sizeof(key)),
827 data_blob_const(s, strlen(s)+1));
830 result = talloc_strdup(ctx, s);
831 if (result == NULL) {
832 errno = ENOMEM;
834 return result;
837 /*******************************************************************
838 Reduce a file name, removing .. elements and checking that
839 it is below dir in the heirachy. This uses realpath.
840 ********************************************************************/
842 NTSTATUS check_reduced_name(connection_struct *conn, const char *fname)
844 #ifdef REALPATH_TAKES_NULL
845 bool free_resolved_name = True;
846 #else
847 char resolved_name_buf[PATH_MAX+1];
848 bool free_resolved_name = False;
849 #endif
850 char *resolved_name = NULL;
851 size_t con_path_len = strlen(conn->connectpath);
852 char *p = NULL;
854 DEBUG(3,("reduce_name [%s] [%s]\n", fname, conn->connectpath));
856 #ifdef REALPATH_TAKES_NULL
857 resolved_name = SMB_VFS_REALPATH(conn,fname,NULL);
858 #else
859 resolved_name = SMB_VFS_REALPATH(conn,fname,resolved_name_buf);
860 #endif
862 if (!resolved_name) {
863 switch (errno) {
864 case ENOTDIR:
865 DEBUG(3,("reduce_name: Component not a directory in getting realpath for %s\n", fname));
866 return map_nt_error_from_unix(errno);
867 case ENOENT:
869 TALLOC_CTX *ctx = talloc_tos();
870 char *tmp_fname = NULL;
871 char *last_component = NULL;
872 /* Last component didn't exist. Remove it and try and canonicalise the directory. */
874 tmp_fname = talloc_strdup(ctx, fname);
875 if (!tmp_fname) {
876 return NT_STATUS_NO_MEMORY;
878 p = strrchr_m(tmp_fname, '/');
879 if (p) {
880 *p++ = '\0';
881 last_component = p;
882 } else {
883 last_component = tmp_fname;
884 tmp_fname = talloc_strdup(ctx,
885 ".");
886 if (!tmp_fname) {
887 return NT_STATUS_NO_MEMORY;
891 #ifdef REALPATH_TAKES_NULL
892 resolved_name = SMB_VFS_REALPATH(conn,tmp_fname,NULL);
893 #else
894 resolved_name = SMB_VFS_REALPATH(conn,tmp_fname,resolved_name_buf);
895 #endif
896 if (!resolved_name) {
897 DEBUG(3,("reduce_name: couldn't get realpath for %s\n", fname));
898 return map_nt_error_from_unix(errno);
900 tmp_fname = talloc_asprintf(ctx,
901 "%s/%s",
902 resolved_name,
903 last_component);
904 if (!tmp_fname) {
905 return NT_STATUS_NO_MEMORY;
907 #ifdef REALPATH_TAKES_NULL
908 SAFE_FREE(resolved_name);
909 resolved_name = SMB_STRDUP(tmp_fname);
910 if (!resolved_name) {
911 DEBUG(0,("reduce_name: malloc fail for %s\n", tmp_fname));
912 return NT_STATUS_NO_MEMORY;
914 #else
915 safe_strcpy(resolved_name_buf, tmp_fname, PATH_MAX);
916 resolved_name = resolved_name_buf;
917 #endif
918 break;
920 default:
921 DEBUG(1,("reduce_name: couldn't get realpath for %s\n", fname));
922 return map_nt_error_from_unix(errno);
926 DEBUG(10,("reduce_name realpath [%s] -> [%s]\n", fname, resolved_name));
928 if (*resolved_name != '/') {
929 DEBUG(0,("reduce_name: realpath doesn't return absolute paths !\n"));
930 if (free_resolved_name) {
931 SAFE_FREE(resolved_name);
933 return NT_STATUS_OBJECT_NAME_INVALID;
936 /* Check for widelinks allowed. */
937 if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) {
938 DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname));
939 if (free_resolved_name) {
940 SAFE_FREE(resolved_name);
942 return NT_STATUS_ACCESS_DENIED;
945 /* Check if we are allowing users to follow symlinks */
946 /* Patch from David Clerc <David.Clerc@cui.unige.ch>
947 University of Geneva */
949 #ifdef S_ISLNK
950 if (!lp_symlinks(SNUM(conn))) {
951 SMB_STRUCT_STAT statbuf;
952 if ( (SMB_VFS_LSTAT(conn,fname,&statbuf) != -1) &&
953 (S_ISLNK(statbuf.st_mode)) ) {
954 if (free_resolved_name) {
955 SAFE_FREE(resolved_name);
957 DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",resolved_name));
958 return NT_STATUS_ACCESS_DENIED;
961 #endif
963 DEBUG(3,("reduce_name: %s reduced to %s\n", fname, resolved_name));
964 if (free_resolved_name) {
965 SAFE_FREE(resolved_name);
967 return NT_STATUS_OK;