summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c4
-rw-r--r--source3/smbd/filename.c41
-rw-r--r--source3/smbd/msdfs.c45
-rw-r--r--source3/smbd/nttrans.c8
-rw-r--r--source3/smbd/reply.c18
-rw-r--r--source3/smbd/smb2_create.c2
-rw-r--r--source3/smbd/trans2.c10
8 files changed, 88 insertions, 42 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 63a82a8c22..5d0fa18192 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6320,6 +6320,8 @@ NTSTATUS filename_convert(TALLOC_CTX *mem_ctx,
connection_struct *conn,
bool dfs_path,
const char *name_in,
+ uint32_t ucf_flags,
+ bool *ppath_contains_wcard,
struct smb_filename **pp_smb_fname);
/* The following definitions come from smbd/filename_utils.c */
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index b9d1ed6d73..15b2290805 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2072,6 +2072,8 @@ WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
conn,
false,
r->in.file,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
werr = ntstatus_to_werror(nt_status);
@@ -2200,6 +2202,8 @@ WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
conn,
false,
r->in.file,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
werr = ntstatus_to_werror(nt_status);
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 09f9a418bd..a13c66c4e0 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -1027,14 +1027,30 @@ static NTSTATUS build_stream_path(TALLOC_CTX *mem_ctx,
return status;
}
-/****************************************************************************
- Go through all the steps to validate a filename.
-****************************************************************************/
-
+/**
+ * Go through all the steps to validate a filename.
+ *
+ * @param ctx talloc_ctx to allocate memory with.
+ * @param conn connection struct for vfs calls.
+ * @param dfs_path Whether this path requires dfs resolution.
+ * @param name_in The unconverted name.
+ * @param ucf_flags flags to pass through to unix_convert().
+ * UCF_ALLOW_WCARD_LCOMP will be stripped out if
+ * p_cont_wcard == NULL or is false.
+ * @param p_cont_wcard If not NULL, will be set to true if the dfs path
+ * resolution detects a wildcard.
+ * @param pp_smb_fname The final converted name will be allocated if the
+ * return is NT_STATUS_OK.
+ *
+ * @return NT_STATUS_OK if all operations completed succesfully, appropriate
+ * error otherwise.
+ */
NTSTATUS filename_convert(TALLOC_CTX *ctx,
connection_struct *conn,
bool dfs_path,
const char *name_in,
+ uint32_t ucf_flags,
+ bool *ppath_contains_wcard,
struct smb_filename **pp_smb_fname)
{
NTSTATUS status;
@@ -1042,10 +1058,11 @@ NTSTATUS filename_convert(TALLOC_CTX *ctx,
*pp_smb_fname = NULL;
- status = resolve_dfspath(ctx, conn,
+ status = resolve_dfspath_wcard(ctx, conn,
dfs_path,
name_in,
- &fname);
+ &fname,
+ ppath_contains_wcard);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("filename_convert: resolve_dfspath failed "
"for name %s with %s\n",
@@ -1053,7 +1070,17 @@ NTSTATUS filename_convert(TALLOC_CTX *ctx,
nt_errstr(status) ));
return status;
}
- status = unix_convert(ctx, conn, fname, pp_smb_fname, 0);
+
+ /*
+ * Strip out the UCF_ALLOW_WCARD_LCOMP if the path doesn't contain a
+ * wildcard.
+ */
+ if (ppath_contains_wcard != NULL && !*ppath_contains_wcard &&
+ ucf_flags & UCF_ALLOW_WCARD_LCOMP) {
+ ucf_flags &= ~UCF_ALLOW_WCARD_LCOMP;
+ }
+
+ status = unix_convert(ctx, conn, fname, pp_smb_fname, ucf_flags);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("filename_convert: unix_convert failed "
"for name %s with %s\n",
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index 2b63eb1743..3641e8d4cc 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -1718,40 +1718,9 @@ struct junction_map *enum_msdfs_links(TALLOC_CTX *ctx, size_t *p_num_jn)
}
/******************************************************************************
- Core function to resolve a dfs pathname.
-******************************************************************************/
-
-NTSTATUS resolve_dfspath(TALLOC_CTX *ctx,
- connection_struct *conn,
- bool dfs_pathnames,
- const char *name_in,
- char **pp_name_out)
-{
- NTSTATUS status = NT_STATUS_OK;
- bool dummy;
- if (dfs_pathnames) {
- status = dfs_redirect(ctx,
- conn,
- name_in,
- False,
- pp_name_out,
- &dummy);
- } else {
- /*
- * Cheat and just return a copy of the in ptr.
- * Once srvstr_get_path() uses talloc it'll
- * be a talloced ptr anyway.
- */
- *pp_name_out = CONST_DISCARD(char *,name_in);
- }
- return status;
-}
-
-/******************************************************************************
- Core function to resolve a dfs pathname possibly containing a wildcard.
- This function is identical to the above except for the bool param to
- dfs_redirect but I need this to be separate so it's really clear when
- we're allowing wildcards and when we're not. JRA.
+ Core function to resolve a dfs pathname possibly containing a wildcard. If
+ ppath_contains_wcard != NULL, it will be set to true if a wildcard is
+ detected during dfs resolution.
******************************************************************************/
NTSTATUS resolve_dfspath_wcard(TALLOC_CTX *ctx,
@@ -1761,14 +1730,20 @@ NTSTATUS resolve_dfspath_wcard(TALLOC_CTX *ctx,
char **pp_name_out,
bool *ppath_contains_wcard)
{
+ bool path_contains_wcard;
NTSTATUS status = NT_STATUS_OK;
+
if (dfs_pathnames) {
status = dfs_redirect(ctx,
conn,
name_in,
True,
pp_name_out,
- ppath_contains_wcard);
+ &path_contains_wcard);
+
+ if (NT_STATUS_IS_OK(status) && ppath_contains_wcard != NULL) {
+ *ppath_contains_wcard = path_contains_wcard;
+ }
} else {
/*
* Cheat and just return a copy of the in ptr.
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 43212dc800..89fc9dc4a8 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -478,6 +478,8 @@ void reply_ntcreate_and_X(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
@@ -967,6 +969,8 @@ static void call_nt_transact_create(connection_struct *conn,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
@@ -1353,6 +1357,8 @@ void reply_ntrename(struct smb_request *req)
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
oldname,
+ 0,
+ NULL,
&smb_fname_old);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,
@@ -1369,6 +1375,8 @@ void reply_ntrename(struct smb_request *req)
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
newname,
+ 0,
+ NULL,
&smb_fname_new);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 76d32a2f98..b43d3d304c 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -994,6 +994,8 @@ void reply_checkpath(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
name,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
@@ -1090,6 +1092,8 @@ void reply_getatr(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -1191,6 +1195,8 @@ void reply_setatr(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -1724,6 +1730,8 @@ void reply_open(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -1894,6 +1902,8 @@ void reply_open_and_X(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -2103,6 +2113,8 @@ void reply_mknew(struct smb_request *req)
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -2235,6 +2247,8 @@ void reply_ctemp(struct smb_request *req)
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -5240,6 +5254,8 @@ void reply_mkdir(struct smb_request *req)
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
directory,
+ 0,
+ NULL,
&smb_dname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -5547,6 +5563,8 @@ void reply_rmdir(struct smb_request *req)
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
directory,
+ 0,
+ NULL,
&smb_dname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 511e448ac6..5e744f98f4 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -325,6 +325,8 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
smbreq->conn,
smbreq->flags2 & FLAGS2_DFS_PATHNAMES,
in_name,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 856fd9432d..6a7b1f8b32 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -1024,6 +1024,8 @@ static void call_trans2open(connection_struct *conn,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -4891,6 +4893,8 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -5660,6 +5664,8 @@ static NTSTATUS smb_set_file_unix_hlink(connection_struct *conn,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
oldname,
+ 0,
+ NULL,
&smb_fname_old);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -7437,6 +7443,8 @@ static void call_trans2setfilepathinfo(connection_struct *conn,
status = filename_convert(req, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
+ 0,
+ NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
@@ -7558,6 +7566,8 @@ static void call_trans2mkdir(connection_struct *conn, struct smb_request *req,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
directory,
+ 0,
+ NULL,
&smb_dname);
if (!NT_STATUS_IS_OK(status)) {