IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
process_symlink_open goes with it
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
The Linux prototype for openat2 looks like this:
long openat2(int dirfd, const char *pathname,
struct open_how *how, size_t size);
where "struct open_how" is defined in "linux/openat2.h". It is
designed to be extensible with further flags.
The "size" parameter is required because there is no type checking
between userland and kernelspace, so the way for Linux to find which
version of open_how is being passed in is looking at the size:
"open_how" is expected to only every grow with additional fields,
should a change be necessary in the future.
Samba does not have this problem, we can typecheck the struct and
pointers, we expect all VFS modules to be compiled against the current
vfs.h.
For now this adds no functionality, but it will make further patches
much smaller.
Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This was added due to the error code check in test_symlink_traversal_smb1_posix.sh.
After careful consideration I've realized the error code expected here
is incorrect, and not providing any security benefit.
We already check that trying to fetch a file/traverse through a
symlink that points outside of a share returns NT_STATUS_OBJECT_PATH_NOT_FOUND,
and this is enforced in the symlink checks already inside filename_convert_dirfsp().
If a symlink points to a directory within the share for which
the user has no permissions (as is tested here), then there's no
benefit in mapping the error code from NT_STATUS_ACCESS_DENIED
to NT_STATUS_OBJECT_PATH_NOT_FOUND, as we are not providing any
extra information about the filesystem state the user cannot already
obtain by normal SMB1+POSIX calls.
Change the error code expected in this single test from NT_STATUS_OBJECT_PATH_NOT_FOUND
to NT_STATUS_ACCESS_DENIED.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 5 10:24:23 UTC 2022 on sn-devel-184
Now we always call check_path_syntaxXXX(), even on DFS names
we no longer need this. It was a BAD change, and I should feel BAD :-).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
The original design decision to just copy a DFS path and let
parse_dfs_path() take care of it was a horrible mistake.
Fix srvstr_get_path_internal() to always return a
/server/share/path (i.e. a path separated with '/', not '\').
This is a more complex change than I like to allow
DFS path procesing in srvstr_get_path_internal() but
needed as clients (including Samba smbclient) have a
rather "fuzzy" idea of what constitutes a valid DFS path.
If we detect the DFS path isn't valid here we have to
fall back to treating it as a local path.
I also need to modify the DFS parsing in
filename_convert_smb1_search_path() to cope with only '/'
separators.
This also means parse_dfs_path() needs changing to
cope.
The changes here are best reviewed by just applying
the fix and looking at the modified functions:
srvstr_get_path_internal()
parse_dfs_path()
For parse_dfs_path() it's mostly removing bad code
and makes parse_dfs_path() much easier to read.
These changes will enable me to remove some ugly mistakes made
adding ucf_flags to extract_snapshot_token(), as
we can now always assume canonicalized paths.
This is a little messy, but has to be done in
one chunk as the change to srvstr_get_path_internal()
depends on the change to parse_dfs_path().
Thanks to Volker for the insight that made this
cleanup possible.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This is copy&paste from reply_negprot() where this variable was used
to set the remote architecture. This isn't used anymore in the
stripped down smb2 version of this.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Aug 4 21:46:23 UTC 2022 on sn-devel-184
Further up we add O_PATH manually. Initial development versions of
this code did set the is_pathref, but then I found this potential
problem. I forgot to remove this incarnation of is_pathref=true, doing
it now.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Preparation for convertion of the last filename_convert() -> filename_convert_dirfsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This will allow us to remove the call to dfs_redirect() from get_original_lcomp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Now we know all @GMT paths are removed before get_original_lcomp()
is called, we can eliminate this code.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This was the last case where the snapshot TWRP token could be
passed into get_original_lcomp(). get_original_lcomp() can now
be changed to ignore TWRP tokens.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We're going to need to convert in place if it's an MSDFS path
with an SMB1 @GMT token.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We're soon going to change this to return dirfsp and use convert_filename_dirfsp()
so we need to return values on the passed in talloc ctx.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
"raw" MSDFS paths are passed here as \server\share\path.
find_snapshot_token() only looks for a '/' as a separator
in SMB1 shapshot paths.
Allow extract_snapshot_token() to cope with SMB1 MSDFS paths by
converting in place, looking for the @GMT token with a '/'
separator via find_snapshot_token(), and then converting back.
Note, this a temporary measure until we handle DFS paths better
and will be removed in the next patchset.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Reviewed-by: Volker Lendecke <vl@samba.org>
Will be needed to cope with MSDFS paths which can be passed in
to this function.
Note, this a temporary measure until we handle DFS paths better
and will be removed in the next patchset.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Reviewed-by: Volker Lendecke <vl@samba.org>
There is only one last user of filename_convert(), in filename_convert_smb1_search_path().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 2 20:46:38 UTC 2022 on sn-devel-184
One less use of filename_convert().
Later we should optimize this by passing in
the src_dirfsp from the caller.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
One less use of filename_convert().
Later we should optimize this by passing in
the src_dirfsp from the caller.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Not yet used, but when this is fully plumbed though we can
look at optimizing and removing the code inside rename_internals_fsp()
that currently gets it's own dst_dirfsp.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There is no point in calling filename_convert() on a raw stream name.
It can never find the file anyway (and never returns a valid smb_fname->fsp).
Use the same logic as SMB2_FILE_RENAME_INFORMATION_INTERNAL now does
and generate smb_fname_new directly.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
There's no point in calling filename_convert() and then
just ignoring the returned smb_fname if it's a raw stream name.
Only call filename_convert() if we know it isn't a raw stream
name.
Ignore stream/non-stream mismatches in src and dst in
smb2_file_rename_information, let rename_internals_fsp()
take care of that as the error returns inside rename_internals_fsp()
are tested by raw.streams.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
We don't require it for a new file. Without this change, we have
to add UCF_PREP_CREATEFILE to the destination flags when we are
doing renames to a destination stream name, but not when doing
renames to a destination file name, which makes for inconsistent API use.
filename_convert_dirfsp() is now a drop in replacement
for filename_convert(), even for the ugly SMB1 POSIX
cases.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This isn't 100% correct, but it gets us close enough
to the old behavior for SMB1+POSIX libsmbclient. If we went through a
symlink, and we got NT_STATUS_ACCESS_DENIED on the directory
containing the target, just don't allow the client to see the
intermediate path.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Doesn't contain a valid smb_fname->fsp pointer of course,
and is only used by the SMB1 code to take a reference to
a smylink name for manipulation (unlinkat, readlinkat etc.).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
