From 3f9bc7fe07364af205741efcbfd3295fc4b81b46 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 31 Aug 2004 22:52:05 +0000
Subject: r2152: Fix for bug #1674, move the symlinks checks into
 reduce_name(). Jeremy. (This used to be commit
 341771857fecf9ef72a436c42e0571d486fa0dde)

---
 source3/smbd/filename.c | 18 +-----------------
 source3/smbd/vfs.c      | 42 +++++++++++++++++++-----------------------
 2 files changed, 20 insertions(+), 40 deletions(-)

(limited to 'source3')

diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e12cfb1388..279c9dd3c4 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -414,26 +414,10 @@ BOOL check_name(pstring name,connection_struct *conn)
 		}
 	}
 
-	if (!lp_widelinks(SNUM(conn))) {
+	if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
 		ret = reduce_name(conn,name);
 	}
 
-	/* Check if we are allowing users to follow symlinks */
-	/* Patch from David Clerc <David.Clerc@cui.unige.ch>
-		University of Geneva */
-
-#ifdef S_ISLNK
-	if (!lp_symlinks(SNUM(conn))) {
-		SMB_STRUCT_STAT statbuf;
-		if ( (SMB_VFS_LSTAT(conn,name,&statbuf) != -1) &&
-				(S_ISLNK(statbuf.st_mode)) ) {
-			DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
-			errno = EACCES;
-			ret = False; 
-		}
-	}
-#endif
-
 	if (!ret) {
 		DEBUG(5,("check_name on %s failed\n",name));
 	}
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index a47f040f6a..0328558fe8 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -909,7 +909,8 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
 		return False;
 	}
 
-	if (strncmp(conn->connectpath, resolved_name, con_path_len) != 0) {
+	/* Check for widelinks allowed. */
+	if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) {
 		DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname));
 		if (free_resolved_name)
 			SAFE_FREE(resolved_name);
@@ -917,28 +918,23 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
 		return False;
 	}
 
-	/* Move path the connect path to the last part of the filename. */
-	p = resolved_name + con_path_len;
-	if (*p == '/') {
-		p++;
-	}
-
-	if (!*p) {
-		if (fname[0] == '.' && fname[1] == '/' && fname[2] == '\0') {
-			pstrcpy(resolved_name, "./");
-		} else {
-			pstrcpy(resolved_name, ".");
-		}
-		p = resolved_name;
-	}
-
-	if (!lp_symlinks(SNUM(conn)) && (strcmp(fname, p)!=0)) {
-		DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",fname));
-		if (free_resolved_name)
-			SAFE_FREE(resolved_name);
-		errno = EACCES;
-		return False;
-	}
+        /* Check if we are allowing users to follow symlinks */
+        /* Patch from David Clerc <David.Clerc@cui.unige.ch>
+                University of Geneva */
+                                                                                                                                                    
+#ifdef S_ISLNK
+        if (!lp_symlinks(SNUM(conn))) {
+                SMB_STRUCT_STAT statbuf;
+                if ( (SMB_VFS_LSTAT(conn,fname,&statbuf) != -1) &&
+                                (S_ISLNK(statbuf.st_mode)) ) {
+			if (free_resolved_name)
+				SAFE_FREE(resolved_name);
+                        DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",resolved_name));
+                        errno = EACCES;
+			return False;
+                }
+        }
+#endif
 
 	DEBUG(3,("reduce_name: %s reduced to %s\n", fname, p));
 	if (free_resolved_name)
-- 
cgit