diff options
| author | Jeremy Allison <jra@samba.org> | 2023-03-28 13:55:49 -0700 |
|---|---|---|
| committer | Ralph Boehme <slow@samba.org> | 2023-03-31 20:22:38 +0000 |
| commit | 1d220e3170b1eb2afbff48d0148e30f8cec9fba0 (patch) | |
| tree | a7b324ac67b8bf2ccbee22cb5010684ab2b3b185 | |
| parent | 09221cea5a19034fd19394134cd2d9c3181966ca (diff) | |
| download | samba-1d220e3170b1eb2afbff48d0148e30f8cec9fba0.tar.gz | |
s3: smbd: Correctly process SMB3 POSIX paths in create.
Remove knownfail for posix path handling of case/reserved char
Signed-off-by: David Mulder <dmulder@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
| -rw-r--r-- | selftest/knownfail.d/smb3unix | 2 | ||||
| -rw-r--r-- | source3/smbd/smb2_create.c | 48 | ||||
| -rw-r--r-- | source3/smbd/smb2_trans2.c | 12 |
3 files changed, 44 insertions, 18 deletions
diff --git a/selftest/knownfail.d/smb3unix b/selftest/knownfail.d/smb3unix deleted file mode 100644 index 2ab886ae75e..00000000000 --- a/selftest/knownfail.d/smb3unix +++ /dev/null @@ -1,2 +0,0 @@ -^samba.tests.smb3unix.samba.tests.smb3unix.Smb3UnixTests.test_posix_reserved_char\(fileserver\) -^samba.tests.smb3unix.samba.tests.smb3unix.Smb3UnixTests.test_posix_case_sensitive\(fileserver\) diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index aba08570870..c9f2f7e0313 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -452,6 +452,7 @@ static NTSTATUS smbd_smb2_create_durable_lease_check(struct smb_request *smb1req NTTIME twrp = fsp->fsp_name->twrp; NTSTATUS status; bool is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); + bool is_posix = (fsp->fsp_name->flags & SMB_FILENAME_POSIX_PATH); if (lease_ptr == NULL) { if (fsp->oplock_type != LEASE_OPLOCK) { @@ -511,7 +512,11 @@ static NTSTATUS smbd_smb2_create_durable_lease_check(struct smb_request *smb1req } /* This also converts '\' to '/' */ - status = check_path_syntax_smb2(filename); + if (is_posix) { + status = check_path_syntax_smb2_posix(filename); + } else { + status = check_path_syntax_smb2(filename); + } if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(filename); return status; @@ -741,6 +746,12 @@ static NTSTATUS smbd_smb2_create_fetch_create_ctx( state->posx = smb2_create_blob_find( in_context_blobs, SMB2_CREATE_TAG_POSIX); + /* + * Setting the bool below will cause + * ucf_flags_from_smb_request() to + * return UCF_POSIX_PATHNAMES in ucf_flags. + */ + state->smb1req->posix_pathnames = true; } return NT_STATUS_OK; @@ -771,6 +782,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, struct smb_filename *smb_fname = NULL; uint32_t ucf_flags; bool is_dfs = false; + bool is_posix = false; req = tevent_req_create(mem_ctx, &state, struct smbd_smb2_create_state); @@ -1040,8 +1052,14 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, state->lease_ptr = NULL; } - /* convert '\\' into '/' */ - status = check_path_syntax_smb2(state->fname); + is_posix = (state->posx != NULL); + + if (is_posix) { + status = check_path_syntax_smb2_posix(state->fname); + } else { + /* convert '\\' into '/' */ + status = check_path_syntax_smb2(state->fname); + } if (tevent_req_nterror(req, status)) { return tevent_req_post(req, state->ev); } @@ -1089,10 +1107,17 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, * server MUST fail the request with * STATUS_INVALID_PARAMETER. */ - if (in_name[0] == '\\' || in_name[0] == '/') { - tevent_req_nterror(req, - NT_STATUS_INVALID_PARAMETER); - return tevent_req_post(req, state->ev); + if (in_name[0] == '/') { + /* Names starting with '/' are never allowed. */ + tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); + return tevent_req_post(req, ev); + } + if (!is_posix && (in_name[0] == '\\')) { + /* + * Windows names starting with '\' are not allowed. + */ + tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); + return tevent_req_post(req, ev); } status = SMB_VFS_CREATE_FILE(smb1req->conn, @@ -1182,13 +1207,8 @@ static void smbd_smb2_create_before_exec(struct tevent_req *req) return; } - /* - * NB. When SMB2+ unix extensions are added, - * we need to relax this check in invalid - * names - we used to not do this if - * lp_posix_pathnames() was false. - */ - if (ea_list_has_invalid_name(state->ea_list)) { + if ((state->posx == NULL) && + ea_list_has_invalid_name(state->ea_list)) { tevent_req_nterror(req, STATUS_INVALID_EA_NAME); return; } diff --git a/source3/smbd/smb2_trans2.c b/source3/smbd/smb2_trans2.c index 789b4d5a276..5c8cef1bf72 100644 --- a/source3/smbd/smb2_trans2.c +++ b/source3/smbd/smb2_trans2.c @@ -4445,7 +4445,11 @@ static NTSTATUS smb2_file_rename_information(connection_struct *conn, req->flags2 &= ~FLAGS2_DFS_PATHNAMES; ucf_flags &= ~UCF_DFS_PATHNAME; - status = check_path_syntax_smb2(newname); + if (fsp->fsp_name->flags & SMB_FILENAME_POSIX_PATH) { + status = check_path_syntax_smb2_posix(newname); + } else { + status = check_path_syntax_smb2(newname); + } if (!NT_STATUS_IS_OK(status)) { return status; } @@ -4556,7 +4560,11 @@ static NTSTATUS smb2_file_link_information(connection_struct *conn, req->flags2 &= ~FLAGS2_DFS_PATHNAMES; ucf_flags &= ~UCF_DFS_PATHNAME; - status = check_path_syntax_smb2(newname); + if (fsp->fsp_name->flags & SMB_FILENAME_POSIX_PATH) { + status = check_path_syntax_smb2_posix(newname); + } else { + status = check_path_syntax_smb2(newname); + } if (!NT_STATUS_IS_OK(status)) { return status; } |