1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-15 23:24:37 +03:00

412 Commits

Author SHA1 Message Date
Matthew DeVore
c2ac923c6a s3: safe_string: do not include string_wrappers.h
Rather than have safe_string.h #include string_wrappers.h, make users of
string_wrappers.h include it explicitly.

includes.h now no longer includes string_wrappers.h transitively. Still
allow includes.h to #include safe_string.h for now so that as many
modules as possible get the safety checks in it.

Signed-off-by: Matthew DeVore <matvore@google.com>
Reviewed-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-08-28 00:56:34 +00:00
Ralph Boehme
84cf205ff4 smbd: rename open_internal_dirfsp_at() to open_internal_dirfsp()
Having removed the unused dirfsp parameter this is not an AT function. Security
is provided by symlink safe fd_open().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:30 +00:00
Ralph Boehme
a6344334c0 smbd: remove dirfsp arg from [create|open]_internal_dirfsp_at()
These are the functions that *create* dirfsps, they can't *take* dirfsps as that
would be recursive...

Both functions just take a pathname and the internal opening of the underlying
fd is secured from symlink races by our chdir("p/a/t/h") ; open(".", O_RDONLY);
logic in non_widelink_open().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:30 +00:00
Ralph Boehme
acffa8f406 smbd: add open_flags arg to in open_internal_dirfsp_at()
The only caller passes in what was used internally, so no change in
behaviour. Prepares for calling open_internal_dirfsp_at() from
filename_convert() with additional flags.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:29 +00:00
Jeremy Allison
300780bb80 s3: smbd: Change SMB_VFS_GET_NT_ACL() -> SMB_VFS_GET_NT_ACL_AT() in user_can_read_file().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-07 19:27:36 +00:00
Ralph Boehme
386574f2c9 smbd: initialize twrp in smb_fname in smbd_dirptr_get_entry()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:41 +00:00
Ralph Boehme
d66de7d568 smbd: realign smb_fname member initialisation in smbd_dirptr_get_entry()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:41 +00:00
Ralph Boehme
3073586fd8 smbd: set twrp in dptr_ReadDirName()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:41 +00:00
Ralph Boehme
e9a6552da3 smbd: realign smb_fname_base initialisation in dptr_ReadDirName()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:41 +00:00
Ralph Boehme
f9c6706080 smbd: convert SMB_VFS_GET_REAL_FILENAME() arg path to be a struct smb_filename
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:41 +00:00
Ralph Boehme
b74653f2cd smbd: add twrp arg to synthetic_smb_fname()
Most places take twrp from a local struct smb_filename variable that the
function is working on. Some don't for various reasons:

o synthetic_smb_fname_split() is only called in very few places where we don't
  expect twrp paths

o implementations of SMB_VFS_GETWD(), SMB_VFS_FS_CAPABILITIES() and
  SMB_VFS_REALPATH() return the systems view of cwd and realpath without twrp info

o VFS modules implementing previous-versions support (vfs_ceph_snapshots,
  vfs_shadow_copy2, vfs_snapper) synthesize raw paths that are passed to VFS NEXT
  functions and therefor do not use twrp

o vfs_fruit: macOS doesn't support VSS

o vfs_recycle: in recycle_create_dir() we need a raw OS path to create a directory

o vfs_virusfilter: a few places where we need raw OS paths

o vfs_xattr_tdb: needs a raw OS path for SMB_VFS_NEXT_STAT()

o printing and rpc server: don't support VSS

o vfs_default_durable_reconnect: no Durable Handles on VSS handles, this might
  be enhances in the future. No idea if Windows supports this.

o get_real_filename_full_scan: hm.... FIXME??

o get_original_lcomp: working on a raw path

o msdfs: doesn't support VSS

o vfs_get_ntquota: synthesizes an smb_filename from ".", so doesn't support VSS
  even though VFS modules implement it

o fd_open: conn_rootdir_fname is a raw path

o msg_file_was_renamed: obvious

o open_np_file: pipes don't support VSS

o Python bindings: get's a raw path from the caller

o set_conn_connectpath: raw path

o set_conn_connectpath: raw path

o torture: gets raw paths from the caller

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-05 19:18:40 +00:00
Jeremy Allison
c9c8c83ca2 s3: smbd: Add a dirfsp parameter to user_can_read_file().
Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-04 13:55:33 +00:00
Jeremy Allison
f24e1abeee s3: smbd: Reformat users of user_can_read_file().
Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-04 13:55:33 +00:00
Jeremy Allison
7c1f1e5243 s3: smbd: Add dirfsp parameter to can_write_to_file().
Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-04 13:55:33 +00:00
Jeremy Allison
18f67e354f s3: smbd: Add dirfsp parameter to user_can_write_file().
Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-04 13:55:32 +00:00
Jeremy Allison
6d83b785cf s3: smbd: Reformat caller of user_can_write_file().
Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-05-04 13:55:32 +00:00
Jeremy Allison
2243ba78d9 s3: smbd: Change is_visible_file() to take a directory handle not a name.
No change in functionality as the name is
easily retrieved from the directory handle
(it's always the name we opened the directory with)
and this will allow us to use the directory handle
fsp later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-30 07:33:41 +00:00
Jeremy Allison
668ef24701 s3: smbd: Reformat calls to is_visible_file() to one arg per line.
Will make it easier to see parameter change in a later commit.

No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-30 07:33:40 +00:00
Ralph Boehme
4cc86556a8 smbd: pass dirname as struct smb_filename to is_visible_file()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-29 16:39:41 +00:00
Ralph Boehme
84743b727f smbd: realign is_visible_file() args one per line
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-29 16:39:41 +00:00
Ralph Boehme
cb996cd5a3 smbd: move files_struct.is_directory to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
54e0f25071 smbd: use open_internal_dirfsp_at() and OpenDir_fsp() in OpenDir()
This allows consolidating symlink safe processing of pathnames to the low-level
function non_widelink_open() used in the file open codepath via fd_open() and
the new utility function open_internal_dirfsp_at().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-24 19:48:41 +00:00
Ralph Boehme
af62268311 smbd: reformat OpenDir() function definition
Gives a nicer diff in the next commit. No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-24 19:48:41 +00:00
Ralph Boehme
b6bcc4bddc smbd: update smb_Dir_destructor() to cope with fsp->dptr not being set
Currently the only caller of OpenDir_fsp() is dptr_create() which means
fsp->dptr will always be set by dptr_create().

A subsequent commit will add another caller so that fsp->dptr will end up being
NULL.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-24 19:48:41 +00:00
Ralph Boehme
6dccfd63a8 smbd: remove fdopendir() fallback
In order to get rid of SMB_VFS_OPENDIR, we have to require
fdopendir(). Everybody but macOS seems to have it, so RIP opendir() fallback.

This also prepares for a subsequent commit where we're going to start calling
OpenDir_fsp() from inside OpenDir(). Without removing the fallback this would
result in a recursion.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-24 19:48:41 +00:00
Ralph Boehme
69691dd0cd smbd: fix handling of sentinel timestamp values
This implements two core changes:

* use NTTIME instead of struct timespec at the database layer

* use struct timespec { .tv_nsec = SAMBA_UTIME_OMIT } as special sentinel
  value in smbd when processing timestamps

Using NTTIME at the database layer is only done to avoid storing the special
struct timespec sentinel values on disk. Instead, with NTTIME the sentinel value
for an "unset" timestamp is just 0 on-disk.

The NTTIME value of 0 gets translated by nt_time_to_full_timespec() to the
struct timespec sentinel value { .tv_nsec = SAMBA_UTIME_OMIT }.

The function is_omit_timespec() can be used to check this.

Beside nt_time_to_full_timespec(), there are various other new time conversion
functions with *full* in their name that can be used to safely convert between
different types with the changed sentinel value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-06 00:17:36 +00:00
Ralph Boehme
bdda10875e s3:smbd: skip write-time fetching for directories.
The whole logic only applies to files.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 11 00:33:26 UTC 2019 on sn-devel-184
2019-09-11 00:33:25 +00:00
Volker Lendecke
f1b749eebd smbd: Fix CID 1452290 Null pointer dereferences (REVERSE_INULL)
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-14 07:39:38 +00:00
Ralph Boehme
3e0cafc2b5 s3: smbd: inline dptr_close_internal()
There's now only one caller left.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-06 14:23:36 +00:00
Ralph Boehme
7d72cf02e7 s3: smbd: simplify dptr_CloseDir()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-06 14:23:36 +00:00
Ralph Boehme
6d0924d8ea s3: smbd: remove redundant smb_dname arg from dptr_create()
Now that dptr_create() is handle based, we can simply used the fsp name.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-06 14:23:36 +00:00
Jeremy Allison
043c232144 s3: smbd: Remove dptr_close().
No longer used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:35 +00:00
Jeremy Allison
196fe53ede s3: smbd: Remove dptr_close() from dptr_closecnum().
Now we're handle-based close_file() already does
what is needed to shut down directory enumeration.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:35 +00:00
Jeremy Allison
f5eebfc725 s3: smbd: Remove dptr_fsp(). No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:35 +00:00
Jeremy Allison
b4431ad305 s3: smbd: Remove dptr_fetch_lanman2() - unused.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:35 +00:00
Jeremy Allison
b922f6e704 s3: smbd: Add dptr_fetch_lanman2_fsp() - to replace dptr_fetch_lanman2().
Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:35 +00:00
Jeremy Allison
e63400841e s3: smbd: Remove dptr_fetch() - replace internals with dptr_fetch_fsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
96e8175dc8 s3: smbd: Add dptr_fetch_fsp() for SMB1 code. We will use this to replace dptr_fetch().
Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
5a7aaa8060 s3: smbd: Remove now unused dptr_activecnum().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
de2167668e s3: smbd: Remove now unused dptr_closepath().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
247515982f s3: smbd: Now we are always using fsp handle-based client searches, simplify smb_Dir_destructor().
We know we always have a dir_hnd->dir and dir_hnd->fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
84312fc5c2 s3: smbd: Now we're using OpenDir_fsp() all the time, make sure we don't leak file handles.
We must always set dir_hnd->fsp, even in the fallback to
SMB_VFS_OPENDIR() case. Remember if we had to fall back
and fix the destructor to close the additional file
descriptor if we did.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
d485c43cc7 s3: smbd: Now we always use handle for directory enumeration, we can delete the fallback code.
The code inside open_dir_safely() is root safe
and can replace the deleted open_dir_with_privilege()
fallback code.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:34 +00:00
Jeremy Allison
aa3a087193 s3: smbd: Prepare for SMB1 directory handle opens in dptr_closecnum().
Call close_file() on any SMB1 directory handle once the dptr is closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:33 +00:00
Jeremy Allison
a5f8769c25 s3: smbd: Change dptr_closecnum() to use dptr_close() instead of dptr_close_internal().
This will allow us to close any outstanding handles on
an SMB1 connection as later commits move us to using directory
handles instead of pathname directory opens.

This is inefficient, as it means walking the list twice,
but this will only be called with active dptrs in the
OS/2 -1 case, in the connection shutdown case the
directory handles will already have been closed.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:33 +00:00
Jeremy Allison
5a038f5114 s3: smbd: Make dptr_close() safe to call with an fsp handle stored in dptr->dir_hnd.
SMB1 doesn't currently do this, but subsequent changes will add handle based
calls to SMB1 so dptr_close() has to be able to cleanly remove any back pointers.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:33 +00:00
Jeremy Allison
2ba48f76ec s3: smbd: Add dptr_fsp() to return any stored files_struct pointer.
Will allow [find/search]_next() calls to find and close any associated
fsp. This function is temporary and will eventually go away once I
modify dptr_fetch() to return an fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:33 +00:00
Jeremy Allison
f61dae7635 s3: smbd: Move the strange OS/2 directory key == -1 close semantics to the caller.
This will allow us to change dptr_closecnum() to close outstanding fsp
handles for SMB1 later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:33 +00:00
Jeremy Allison
23d0555c0d s3: smbd: dptr_close() can only be called from SMB1 code.
SMB_ASSERT this is the case.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-08-06 14:23:32 +00:00
Jeremy Allison
4db886db06 s3: smbd: Naming consistency. Change all uses of struct smb_Dir * variables to be dir_hnd.
Fixes SearchDir(). No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jul 24 08:57:05 UTC 2019 on sn-devel-184
2019-07-24 08:57:05 +00:00