diff options
author | Jeremy Allison <jra@samba.org> | 2023-03-27 12:01:56 -0700 |
---|---|---|
committer | Ralph Boehme <slow@samba.org> | 2023-03-31 05:12:32 +0000 |
commit | 2c40e28908e9fab8dce7e50d3357b513d9af78c4 (patch) | |
tree | ab57bb39df67bde6be4f94574ec94d84eeb9cfce /source3/smbd/smb2_create.c | |
parent | 39ad689eeacd6a3dcaf24a9bd64d59295f00ddba (diff) | |
download | samba-2c40e28908e9fab8dce7e50d3357b513d9af78c4.tar.gz |
s3: smbd: Remove all DFS path prefixes before passing to check_path_syntax_smb2().
In smb2, smb1req->flags2 now never uses FLAGS2_DFS_PATHNAMES,
ucf_flags never has UCF_DFS_PATHNAME, and all calls to check_path_syntax_smb2()
pass "false" in this is_dfs parameter.
Remove all knownfails for smb2.SMB2-DFS* tests.
Now I can clean up check_path_syntax_smb2() and add
an assertion into filename_convert_dirfsp_nosymlink() that
UCF_DFS_PATHNAME is *NEVER* set in the ucf_flags for an
SMB2 connection.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Diffstat (limited to 'source3/smbd/smb2_create.c')
-rw-r--r-- | source3/smbd/smb2_create.c | 57 |
1 files changed, 53 insertions, 4 deletions
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 68abb3f5e82..8e5667f2ebc 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -475,6 +475,36 @@ static NTSTATUS smbd_smb2_create_durable_lease_check(struct smb_request *smb1req return NT_STATUS_OBJECT_NAME_NOT_FOUND; } + if (is_dfs) { + const char *non_dfs_requested_filename = NULL; + /* + * With a DFS flag set, remove any DFS prefix + * before further processing. + */ + status = smb2_strip_dfs_path(requested_filename, + &non_dfs_requested_filename); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + /* + * TODO: Note for dealing with reparse point errors. + * We will need to remember and store the number of characters + * we have removed here, which is + * (requested_filename - non_dfs_requested_filename) + * in order to correctly report how many characters we + * have removed before hitting the reparse point. + * This will be a patch needed once we properly + * deal with reparse points later. + */ + requested_filename = non_dfs_requested_filename; + /* + * Now we're no longer dealing with a DFS path, so + * remove the flag. + */ + smb1req->flags2 &= ~FLAGS2_DFS_PATHNAMES; + is_dfs = false; + } + filename = talloc_strdup(talloc_tos(), requested_filename); if (filename == NULL) { return NT_STATUS_NO_MEMORY; @@ -798,13 +828,32 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, is_dfs = (smb1req->flags2 & FLAGS2_DFS_PATHNAMES); if (is_dfs) { + const char *non_dfs_in_name = NULL; /* - * With a DFS flag set, remove any leading '\\' - * characters from in_name before further processing. + * With a DFS flag set, remove any DFS prefix + * before further processing. */ - while (in_name[0] == '\\') { - in_name++; + status = smb2_strip_dfs_path(in_name, &non_dfs_in_name); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return tevent_req_post(req, state->ev); } + /* + * TODO: Note for dealing with reparse point errors. + * We will need to remember and store the number of characters + * we have removed here, which is (non_dfs_in_name - in_name) + * in order to correctly report how many characters we + * have removed before hitting the reparse point. + * This will be a patch needed once we properly + * deal with reparse points later. + */ + in_name = non_dfs_in_name; + /* + * Now we're no longer dealing with a DFS path, so + * remove the flag. + */ + smb1req->flags2 &= ~FLAGS2_DFS_PATHNAMES; + is_dfs = false; } state->fname = talloc_strdup(state, in_name); |