void close_cnum(connection_struct *conn, uint16 vuid)
{
if (IS_IPC(conn)) {
pipe_close_conn(conn);
} else {
file_close_conn(conn);
dptr_closecnum(conn);
}
change_to_root_user();
DEBUG(IS_IPC(conn)?3:1, ("%s (%s) closed connection to service %s\n",
get_remote_machine_name(),
conn->client_address,
lp_servicename(SNUM(conn))));
/* Call VFS disconnect hook */
SMB_VFS_DISCONNECT(conn);
yield_connection(conn, lp_servicename(SNUM(conn)));
/* make sure we leave the directory available for unmount */
vfs_ChDir(conn, "/");
/* execute any "postexec = " line */
if (*lp_postexec(SNUM(conn)) &&
change_to_user(conn, vuid)) {
pstring cmd;
pstrcpy(cmd,lp_postexec(SNUM(conn)));
standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
cmd, sizeof(cmd));
smbrun(cmd,NULL);
change_to_root_user();
}
change_to_root_user();
/* execute any "root postexec = " line */
if (*lp_rootpostexec(SNUM(conn))) {
pstring cmd;
pstrcpy(cmd,lp_rootpostexec(SNUM(conn)));
standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
cmd, sizeof(cmd));
smbrun(cmd,NULL);
}
conn_free(conn);
}
/*
* Any Postgres server process begins execution here.
*/
int
main(int argc, char *argv[])
{
progname = get_progname(argv[0]);
/*
* Platform-specific startup hacks
*/
startup_hacks(progname);
/*
* Remember the physical location of the initially given argv[] array for
* possible use by ps display. On some platforms, the argv[] storage must
* be overwritten in order to set the process title for ps. In such cases
* save_ps_display_args makes and returns a new copy of the argv[] array.
*
* save_ps_display_args may also move the environment strings to make
* extra room. Therefore this should be done as early as possible during
* startup, to avoid entanglements with code that might save a getenv()
* result pointer.
*/
argv = save_ps_display_args(argc, argv);
/*
* If supported on the current platform, set up a handler to be called if
* the backend/postmaster crashes with a fatal signal or exception.
*/
#if defined(WIN32) && defined(HAVE_MINIDUMP_TYPE)
pgwin32_install_crashdump_handler();
#endif
/*
* Set up locale information from environment. Note that LC_CTYPE and
* LC_COLLATE will be overridden later from pg_control if we are in an
* already-initialized database. We set them here so that they will be
* available to fill pg_control during initdb. LC_MESSAGES will get set
* later during GUC option processing, but we set it here to allow startup
* error messages to be localized.
*/
set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("postgres"));
#ifdef WIN32
/*
* Windows uses codepages rather than the environment, so we work around
* that by querying the environment explicitly first for LC_COLLATE and
* LC_CTYPE. We have to do this because initdb passes those values in the
* environment. If there is nothing there we fall back on the codepage.
*/
{
char *env_locale;
if ((env_locale = getenv("LC_COLLATE")) != NULL)
pg_perm_setlocale(LC_COLLATE, env_locale);
else
pg_perm_setlocale(LC_COLLATE, "");
if ((env_locale = getenv("LC_CTYPE")) != NULL)
pg_perm_setlocale(LC_CTYPE, env_locale);
else
pg_perm_setlocale(LC_CTYPE, "");
}
#else
pg_perm_setlocale(LC_COLLATE, "");
pg_perm_setlocale(LC_CTYPE, "");
#endif
#ifdef LC_MESSAGES
pg_perm_setlocale(LC_MESSAGES, "");
#endif
/*
* We keep these set to "C" always, except transiently in pg_locale.c; see
* that file for explanations.
*/
pg_perm_setlocale(LC_MONETARY, "C");
pg_perm_setlocale(LC_NUMERIC, "C");
pg_perm_setlocale(LC_TIME, "C");
/*
* Now that we have absorbed as much as we wish to from the locale
* environment, remove any LC_ALL setting, so that the environment
* variables installed by pg_perm_setlocale have force.
*/
unsetenv("LC_ALL");
/*
* Catch standard options before doing much else
*/
if (argc > 1)
{
if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0)
{
help(progname);
exit(0);
}
if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0)
{
puts("postgres (PostgreSQL) " PG_VERSION);
exit(0);
}
}
/*
* Make sure we are not running as root.
*/
check_root(progname);
/*
* Dispatch to one of various subprograms depending on first argument.
*/
#ifdef EXEC_BACKEND
if (argc > 1 && strncmp(argv[1], "--fork", 6) == 0)
exit(SubPostmasterMain(argc, argv));
#endif
#ifdef WIN32
/*
* Start our win32 signal implementation
*
* SubPostmasterMain() will do this for itself, but the remaining modes
* need it here
*/
pgwin32_signal_initialize();
#endif
if (argc > 1 && strcmp(argv[1], "--boot") == 0)
AuxiliaryProcessMain(argc, argv); /* does not return */
if (argc > 1 && strcmp(argv[1], "--describe-config") == 0)
exit(GucInfoMain());
if (argc > 1 && strcmp(argv[1], "--single") == 0)
exit(PostgresMain(argc, argv, get_current_username(progname)));
exit(PostmasterMain(argc, argv));
}
/****************************************************************************
Run a given print command
a null terminated list of value/substitute pairs is provided
for local substitution strings
****************************************************************************/
static int print_run_command(int snum, const char* printername, bool do_sub,
const char *command, int *outfd, ...)
{
char *syscmd;
char *arg;
int ret;
TALLOC_CTX *ctx = talloc_tos();
va_list ap;
va_start(ap, outfd);
/* check for a valid system printername and valid command to run */
if ( !printername || !*printername ) {
va_end(ap);
return -1;
}
if (!command || !*command) {
va_end(ap);
return -1;
}
syscmd = talloc_strdup(ctx, command);
if (!syscmd) {
va_end(ap);
return -1;
}
while ((arg = va_arg(ap, char *))) {
char *value = va_arg(ap,char *);
syscmd = talloc_string_sub(ctx, syscmd, arg, value);
if (!syscmd) {
va_end(ap);
return -1;
}
}
va_end(ap);
syscmd = talloc_string_sub(ctx, syscmd, "%p", printername);
if (!syscmd) {
return -1;
}
if (do_sub && snum != -1) {
syscmd = talloc_sub_advanced(ctx,
lp_servicename(talloc_tos(), snum),
current_user_info.unix_name,
"",
current_user.ut.gid,
get_current_username(),
current_user_info.domain,
syscmd);
if (!syscmd) {
return -1;
}
}
ret = smbrun_no_sanitize(syscmd,outfd);
DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret));
return ret;
}
static connection_struct *make_connection_snum(int snum, user_struct *vuser,
DATA_BLOB password,
const char *pdev,
NTSTATUS *status)
{
struct passwd *pass = NULL;
BOOL guest = False;
connection_struct *conn;
SMB_STRUCT_STAT st;
fstring user;
fstring dev;
int ret;
struct timespec atime_ts, mtime_ts, ctime_ts;
*user = 0;
fstrcpy(dev, pdev);
SET_STAT_INVALID(st);
if (NT_STATUS_IS_ERR(*status = share_sanity_checks(snum, dev))) {
return NULL;
}
conn = conn_new();
if (!conn) {
DEBUG(0,("Couldn't find free connection.\n"));
*status = NT_STATUS_INSUFFICIENT_RESOURCES;
return NULL;
}
conn->params->service = snum;
conn->nt_user_token = NULL;
if (lp_guest_only(snum)) {
const char *guestname = lp_guestaccount();
NTSTATUS status2;
char *found_username = NULL;
guest = True;
pass = getpwnam_alloc(NULL, guestname);
if (!pass) {
DEBUG(0,("make_connection_snum: Invalid guest "
"account %s??\n",guestname));
conn_free(conn);
*status = NT_STATUS_NO_SUCH_USER;
return NULL;
}
status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
&conn->uid, &conn->gid,
&found_username,
&conn->nt_user_token);
if (!NT_STATUS_IS_OK(status2)) {
TALLOC_FREE(pass);
conn_free(conn);
*status = status2;
return NULL;
}
fstrcpy(user, found_username);
string_set(&conn->user,user);
conn->force_user = True;
TALLOC_FREE(found_username);
TALLOC_FREE(pass);
DEBUG(3,("Guest only user %s\n",user));
} else if (vuser) {
if (vuser->guest) {
if (!lp_guest_ok(snum)) {
DEBUG(2, ("guest user (from session setup) "
"not permitted to access this share "
"(%s)\n", lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
} else {
if (!user_ok_token(vuser->user.unix_name,
vuser->nt_user_token, snum)) {
DEBUG(2, ("user '%s' (from session setup) not "
"permitted to access this share "
"(%s)\n", vuser->user.unix_name,
lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
}
conn->vuid = vuser->vuid;
conn->uid = vuser->uid;
conn->gid = vuser->gid;
string_set(&conn->user,vuser->user.unix_name);
fstrcpy(user,vuser->user.unix_name);
guest = vuser->guest;
} else if (lp_security() == SEC_SHARE) {
NTSTATUS status2;
char *found_username = NULL;
/* add it as a possible user name if we
are in share mode security */
add_session_user(lp_servicename(snum));
/* shall we let them in? */
if (!authorise_login(snum,user,password,&guest)) {
DEBUG( 2, ( "Invalid username/password for [%s]\n",
lp_servicename(snum)) );
conn_free(conn);
*status = NT_STATUS_WRONG_PASSWORD;
return NULL;
}
pass = Get_Pwnam(user);
status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
&conn->uid, &conn->gid,
&found_username,
&conn->nt_user_token);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
return NULL;
}
fstrcpy(user, found_username);
string_set(&conn->user,user);
TALLOC_FREE(found_username);
conn->force_user = True;
} else {
DEBUG(0, ("invalid VUID (vuser) but not in security=share\n"));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
add_session_user(user);
safe_strcpy(conn->client_address, client_addr(),
sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
conn->used = True;
conn->printer = (strncmp(dev,"LPT",3) == 0);
conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
( lp_enable_asu_support() && strequal(dev,"ADMIN$")) );
conn->dirptr = NULL;
/* Case options for the share. */
if (lp_casesensitive(snum) == Auto) {
/* We will be setting this per packet. Set to be case
* insensitive for now. */
conn->case_sensitive = False;
} else {
conn->case_sensitive = (BOOL)lp_casesensitive(snum);
}
conn->case_preserve = lp_preservecase(snum);
conn->short_case_preserve = lp_shortpreservecase(snum);
conn->veto_list = NULL;
conn->hide_list = NULL;
conn->veto_oplock_list = NULL;
conn->aio_write_behind_list = NULL;
string_set(&conn->dirpath,"");
string_set(&conn->user,user);
conn->read_only = lp_readonly(SNUM(conn));
conn->admin_user = False;
/*
* If force user is true, then store the given userid and the gid of
* the user we're forcing.
* For auxiliary groups see below.
*/
if (*lp_force_user(snum)) {
NTSTATUS status2;
status2 = find_forced_user(conn,
(vuser != NULL) && vuser->guest,
user);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
return NULL;
}
string_set(&conn->user,user);
conn->force_user = True;
DEBUG(3,("Forced user %s\n",user));
}
/*
* If force group is true, then override
* any groupid stored for the connecting user.
*/
if (*lp_force_group(snum)) {
NTSTATUS status2;
DOM_SID group_sid;
status2 = find_forced_group(conn->force_user,
snum, user,
&group_sid, &conn->gid);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
return NULL;
}
if ((conn->nt_user_token == NULL) && (vuser != NULL)) {
/* Not force user and not security=share, but force
* group. vuser has a token to copy */
conn->nt_user_token = dup_nt_token(
NULL, vuser->nt_user_token);
if (conn->nt_user_token == NULL) {
DEBUG(0, ("dup_nt_token failed\n"));
conn_free(conn);
*status = NT_STATUS_NO_MEMORY;
return NULL;
}
}
/* If conn->nt_user_token is still NULL, we have
* security=share. This means ignore the SID, as we had no
* vuser to copy from */
if (conn->nt_user_token != NULL) {
/* Overwrite the primary group sid */
sid_copy(&conn->nt_user_token->user_sids[1],
&group_sid);
}
conn->force_group = True;
}
if (conn->nt_user_token != NULL) {
size_t i;
/* We have a share-specific token from force [user|group].
* This means we have to create the list of unix groups from
* the list of sids. */
conn->ngroups = 0;
conn->groups = NULL;
for (i=0; i<conn->nt_user_token->num_sids; i++) {
gid_t gid;
DOM_SID *sid = &conn->nt_user_token->user_sids[i];
if (!sid_to_gid(sid, &gid)) {
DEBUG(10, ("Could not convert SID %s to gid, "
"ignoring it\n",
sid_string_static(sid)));
continue;
}
if (!add_gid_to_array_unique(conn->mem_ctx, gid, &conn->groups,
&conn->ngroups)) {
DEBUG(0, ("add_gid_to_array_unique failed\n"));
conn_free(conn);
*status = NT_STATUS_NO_MEMORY;
return NULL;
}
}
}
{
pstring s;
pstrcpy(s,lp_pathname(snum));
standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
s, sizeof(s));
if (s[0] == '\0') {
DEBUG(6, ("service [%s] did not resolve to a path\n",
lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
set_conn_connectpath(conn,s);
DEBUG(3,("Connect path is '%s' for service [%s]\n",s,
lp_servicename(snum)));
}
/*
* New code to check if there's a share security descripter
* added from NT server manager. This is done after the
* smb.conf checks are done as we need a uid and token. JRA.
*
*/
{
BOOL can_write = False;
NT_USER_TOKEN *token = conn->nt_user_token ?
conn->nt_user_token :
(vuser ? vuser->nt_user_token : NULL);
/*
* I don't believe this can happen. But the
* logic above is convoluted enough to confuse
* automated checkers, so be sure. JRA.
*/
if (token == NULL) {
DEBUG(0,("make_connection: connection to %s "
"denied due to missing "
"NT token.\n",
lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
can_write = share_access_check(token,
lp_servicename(snum),
FILE_WRITE_DATA);
if (!can_write) {
if (!share_access_check(token,
lp_servicename(snum),
FILE_READ_DATA)) {
/* No access, read or write. */
DEBUG(0,("make_connection: connection to %s "
"denied due to security "
"descriptor.\n",
lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
} else {
conn->read_only = True;
}
}
}
/* Initialise VFS function pointers */
if (!smbd_vfs_init(conn)) {
DEBUG(0, ("vfs_init failed for service %s\n",
lp_servicename(snum)));
conn_free(conn);
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
/*
* If widelinks are disallowed we need to canonicalise the connect
* path here to ensure we don't have any symlinks in the
* connectpath. We will be checking all paths on this connection are
* below this directory. We must do this after the VFS init as we
* depend on the realpath() pointer in the vfs table. JRA.
*/
if (!lp_widelinks(snum)) {
pstring s;
pstrcpy(s,conn->connectpath);
canonicalize_path(conn, s);
set_conn_connectpath(conn,s);
}
if ((!conn->printer) && (!conn->ipc)) {
conn->notify_ctx = notify_init(conn->mem_ctx, server_id_self(),
smbd_messaging_context(),
smbd_event_context(),
conn);
}
/* ROOT Activities: */
/* check number of connections */
if (!claim_connection(conn,
lp_servicename(snum),
lp_max_connections(snum),
False,0)) {
DEBUG(1,("too many connections - rejected\n"));
conn_free(conn);
*status = NT_STATUS_INSUFFICIENT_RESOURCES;
return NULL;
}
/* Preexecs are done here as they might make the dir we are to ChDir
* to below */
/* execute any "root preexec = " line */
if (*lp_rootpreexec(snum)) {
pstring cmd;
pstrcpy(cmd,lp_rootpreexec(snum));
standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
cmd, sizeof(cmd));
DEBUG(5,("cmd=%s\n",cmd));
ret = smbrun(cmd,NULL);
if (ret != 0 && lp_rootpreexec_close(snum)) {
DEBUG(1,("root preexec gave %d - failing "
"connection\n", ret));
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
}
/* USER Activites: */
if (!change_to_user(conn, conn->vuid)) {
/* No point continuing if they fail the basic checks */
DEBUG(0,("Can't become connected user!\n"));
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_LOGON_FAILURE;
return NULL;
}
/* Remember that a different vuid can connect later without these
* checks... */
/* Preexecs are done here as they might make the dir we are to ChDir
* to below */
/* execute any "preexec = " line */
if (*lp_preexec(snum)) {
pstring cmd;
pstrcpy(cmd,lp_preexec(snum));
standard_sub_advanced(lp_servicename(SNUM(conn)), conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
cmd, sizeof(cmd));
ret = smbrun(cmd,NULL);
if (ret != 0 && lp_preexec_close(snum)) {
DEBUG(1,("preexec gave %d - failing connection\n",
ret));
change_to_root_user();
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_ACCESS_DENIED;
return NULL;
}
}
#ifdef WITH_FAKE_KASERVER
if (lp_afs_share(snum)) {
afs_login(conn);
}
#endif
/* Add veto/hide lists */
if (!IS_IPC(conn) && !IS_PRINT(conn)) {
set_namearray( &conn->veto_list, lp_veto_files(snum));
set_namearray( &conn->hide_list, lp_hide_files(snum));
set_namearray( &conn->veto_oplock_list, lp_veto_oplocks(snum));
}
/* Invoke VFS make connection hook - do this before the VFS_STAT call
to allow any filesystems needing user credentials to initialize
themselves. */
if (SMB_VFS_CONNECT(conn, lp_servicename(snum), user) < 0) {
DEBUG(0,("make_connection: VFS make connection failed!\n"));
change_to_root_user();
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_UNSUCCESSFUL;
return NULL;
}
/* win2000 does not check the permissions on the directory
during the tree connect, instead relying on permission
check during individual operations. To match this behaviour
I have disabled this chdir check (tridge) */
/* the alternative is just to check the directory exists */
if ((ret = SMB_VFS_STAT(conn, conn->connectpath, &st)) != 0 ||
!S_ISDIR(st.st_mode)) {
if (ret == 0 && !S_ISDIR(st.st_mode)) {
DEBUG(0,("'%s' is not a directory, when connecting to "
"[%s]\n", conn->connectpath,
lp_servicename(snum)));
} else {
DEBUG(0,("'%s' does not exist or permission denied "
"when connecting to [%s] Error was %s\n",
conn->connectpath, lp_servicename(snum),
strerror(errno) ));
}
change_to_root_user();
/* Call VFS disconnect hook */
SMB_VFS_DISCONNECT(conn);
yield_connection(conn, lp_servicename(snum));
conn_free(conn);
*status = NT_STATUS_BAD_NETWORK_NAME;
return NULL;
}
string_set(&conn->origpath,conn->connectpath);
mtime_ts = get_mtimespec(&st);
ctime_ts = get_ctimespec(&st);
atime_ts = get_atimespec(&st);
conn->ts_res = TIMESTAMP_SET_SECONDS;
if (mtime_ts.tv_nsec ||
atime_ts.tv_nsec ||
ctime_ts.tv_nsec) {
/* If any of the normal UNIX directory timestamps
* have a non-zero tv_nsec component assume
* we might be able to set sub-second timestamps.
* See what filetime set primitives we have.
*/
#if defined(HAVE_UTIMES)
/* utimes allows msec timestamps to be set. */
conn->ts_res = TIMESTAMP_SET_MSEC;
#elif defined(HAVE_UTIME)
/* utime only allows sec timestamps to be set. */
conn->ts_res = TIMESTAMP_SET_SECONDS;
#endif
/* TODO. Add a configure test for the Linux
* nsec timestamp set system call, and use it
* if available....
*/
DEBUG(10,("make_connection_snum: timestamp "
"resolution of %s "
"available on share %s, directory %s\n",
conn->ts_res == TIMESTAMP_SET_MSEC ? "msec" : "sec",
lp_servicename(conn->cnum),
conn->connectpath ));
}
#if SOFTLINK_OPTIMISATION
/* resolve any soft links early if possible */
if (vfs_ChDir(conn,conn->connectpath) == 0) {
pstring s;
pstrcpy(s,conn->connectpath);
vfs_GetWd(conn,s);
set_conn_connectpath(conn,s);
vfs_ChDir(conn,conn->connectpath);
}
#endif
if (lp_unix_extensions() && lp_widelinks(snum)) {
DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
"These parameters are incompatible. "
"Disabling wide links for this share.\n",
lp_servicename(snum) ));
lp_do_parameter(snum, "wide links", "False");
}
/*
* Print out the 'connected as' stuff here as we need
* to know the effective uid and gid we will be using
* (at least initially).
*/
if( DEBUGLVL( IS_IPC(conn) ? 3 : 1 ) ) {
dbgtext( "%s (%s) ", get_remote_machine_name(),
conn->client_address );
dbgtext( "%s", srv_is_signing_active() ? "signed " : "");
dbgtext( "connect to service %s ", lp_servicename(snum) );
dbgtext( "initially as user %s ", user );
dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
dbgtext( "(pid %d)\n", (int)sys_getpid() );
}
/* we've finished with the user stuff - go back to root */
change_to_root_user();
return(conn);
}
static NTSTATUS parse_dfs_path(connection_struct *conn,
const char *pathname,
bool allow_wcards,
bool allow_broken_path,
struct dfs_path *pdp, /* MUST BE TALLOCED */
bool *ppath_contains_wcard)
{
char *pathname_local;
char *p,*temp;
char *servicename;
char *eos_ptr;
NTSTATUS status = NT_STATUS_OK;
char sepchar;
ZERO_STRUCTP(pdp);
/*
* This is the only talloc we should need to do
* on the struct dfs_path. All the pointers inside
* it should point to offsets within this string.
*/
pathname_local = talloc_strdup(pdp, pathname);
if (!pathname_local) {
return NT_STATUS_NO_MEMORY;
}
/* Get a pointer to the terminating '\0' */
eos_ptr = &pathname_local[strlen(pathname_local)];
p = temp = pathname_local;
pdp->posix_path = (lp_posix_pathnames() && *pathname == '/');
sepchar = pdp->posix_path ? '/' : '\\';
if (allow_broken_path && (*pathname != sepchar)) {
DEBUG(10,("parse_dfs_path: path %s doesn't start with %c\n",
pathname, sepchar ));
/*
* Possibly client sent a local path by mistake.
* Try and convert to a local path.
*/
pdp->hostname = eos_ptr; /* "" */
pdp->servicename = eos_ptr; /* "" */
/* We've got no info about separators. */
pdp->posix_path = lp_posix_pathnames();
p = temp;
DEBUG(10,("parse_dfs_path: trying to convert %s to a "
"local path\n",
temp));
goto local_path;
}
/*
* Safe to use on talloc'ed string as it only shrinks.
* It also doesn't affect the eos_ptr.
*/
trim_char(temp,sepchar,sepchar);
DEBUG(10,("parse_dfs_path: temp = |%s| after trimming %c's\n",
temp, sepchar));
/* Now tokenize. */
/* Parse out hostname. */
p = strchr_m(temp,sepchar);
if(p == NULL) {
DEBUG(10,("parse_dfs_path: can't parse hostname from path %s\n",
temp));
/*
* Possibly client sent a local path by mistake.
* Try and convert to a local path.
*/
pdp->hostname = eos_ptr; /* "" */
pdp->servicename = eos_ptr; /* "" */
p = temp;
DEBUG(10,("parse_dfs_path: trying to convert %s "
"to a local path\n",
temp));
goto local_path;
}
*p = '\0';
pdp->hostname = temp;
DEBUG(10,("parse_dfs_path: hostname: %s\n",pdp->hostname));
/* Parse out servicename. */
servicename = p+1;
p = strchr_m(servicename,sepchar);
if (p) {
*p = '\0';
}
/* Is this really our servicename ? */
if (conn && !( strequal(servicename, lp_servicename(talloc_tos(), SNUM(conn)))
|| (strequal(servicename, HOMES_NAME)
&& strequal(lp_servicename(talloc_tos(), SNUM(conn)),
get_current_username()) )) ) {
DEBUG(10,("parse_dfs_path: %s is not our servicename\n",
servicename));
/*
* Possibly client sent a local path by mistake.
* Try and convert to a local path.
*/
pdp->hostname = eos_ptr; /* "" */
pdp->servicename = eos_ptr; /* "" */
/* Repair the path - replace the sepchar's
we nulled out */
servicename--;
*servicename = sepchar;
if (p) {
*p = sepchar;
}
p = temp;
DEBUG(10,("parse_dfs_path: trying to convert %s "
"to a local path\n",
temp));
goto local_path;
}
pdp->servicename = servicename;
DEBUG(10,("parse_dfs_path: servicename: %s\n",pdp->servicename));
if(p == NULL) {
/* Client sent self referral \server\share. */
pdp->reqpath = eos_ptr; /* "" */
return NT_STATUS_OK;
}
p++;
local_path:
*ppath_contains_wcard = False;
pdp->reqpath = p;
/* Rest is reqpath. */
if (pdp->posix_path) {
status = check_path_syntax_posix(pdp->reqpath);
} else {
if (allow_wcards) {
status = check_path_syntax_wcard(pdp->reqpath,
ppath_contains_wcard);
} else {
status = check_path_syntax(pdp->reqpath);
}
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("parse_dfs_path: '%s' failed with %s\n",
p, nt_errstr(status) ));
return status;
}
DEBUG(10,("parse_dfs_path: rest of the path: %s\n",pdp->reqpath));
return NT_STATUS_OK;
}
static NTSTATUS create_conn_struct_as_root(TALLOC_CTX *ctx,
struct tevent_context *ev,
struct messaging_context *msg,
connection_struct **pconn,
int snum,
const char *path,
const struct auth_session_info *session_info)
{
connection_struct *conn;
char *connpath;
const char *vfs_user;
struct smbd_server_connection *sconn;
const char *servicename = lp_const_servicename(snum);
sconn = talloc_zero(ctx, struct smbd_server_connection);
if (sconn == NULL) {
return NT_STATUS_NO_MEMORY;
}
sconn->ev_ctx = ev;
sconn->msg_ctx = msg;
sconn->sock = -1;
sconn->smb1.echo_handler.trusted_fd = -1;
sconn->smb1.echo_handler.socket_lock_fd = -1;
conn = conn_new(sconn);
if (conn == NULL) {
TALLOC_FREE(sconn);
return NT_STATUS_NO_MEMORY;
}
/* Now we have conn, we need to make sconn a child of conn,
* for a proper talloc tree */
talloc_steal(conn, sconn);
if (snum == -1 && servicename == NULL) {
servicename = "Unknown Service (snum == -1)";
}
connpath = talloc_strdup(conn, path);
if (!connpath) {
TALLOC_FREE(conn);
return NT_STATUS_NO_MEMORY;
}
connpath = talloc_string_sub(conn,
connpath,
"%S",
servicename);
if (!connpath) {
TALLOC_FREE(conn);
return NT_STATUS_NO_MEMORY;
}
/* needed for smbd_vfs_init() */
conn->params->service = snum;
conn->cnum = TID_FIELD_INVALID;
if (session_info != NULL) {
conn->session_info = copy_session_info(conn, session_info);
if (conn->session_info == NULL) {
DEBUG(0, ("copy_serverinfo failed\n"));
TALLOC_FREE(conn);
return NT_STATUS_NO_MEMORY;
}
vfs_user = conn->session_info->unix_info->unix_name;
} else {
/* use current authenticated user in absence of session_info */
vfs_user = get_current_username();
}
set_conn_connectpath(conn, connpath);
/*
* New code to check if there's a share security descripter
* added from NT server manager. This is done after the
* smb.conf checks are done as we need a uid and token. JRA.
*
*/
if (conn->session_info) {
share_access_check(conn->session_info->security_token,
servicename,
MAXIMUM_ALLOWED_ACCESS,
&conn->share_access);
if ((conn->share_access & FILE_WRITE_DATA) == 0) {
if ((conn->share_access & FILE_READ_DATA) == 0) {
/* No access, read or write. */
DEBUG(0,("create_conn_struct: connection to %s "
"denied due to security "
"descriptor.\n",
servicename));
conn_free(conn);
return NT_STATUS_ACCESS_DENIED;
} else {
conn->read_only = true;
}
}
} else {
conn->share_access = 0;
conn->read_only = true;
}
if (!smbd_vfs_init(conn)) {
NTSTATUS status = map_nt_error_from_unix(errno);
DEBUG(0,("create_conn_struct: smbd_vfs_init failed.\n"));
conn_free(conn);
return status;
}
/* this must be the first filesystem operation that we do */
if (SMB_VFS_CONNECT(conn, servicename, vfs_user) < 0) {
DEBUG(0,("VFS connect failed!\n"));
conn_free(conn);
return NT_STATUS_UNSUCCESSFUL;
}
conn->fs_capabilities = SMB_VFS_FS_CAPABILITIES(conn, &conn->ts_res);
*pconn = conn;
return NT_STATUS_OK;
}
/**
* Check if file should be recycled
**/
static int recycle_unlink(vfs_handle_struct *handle, const char *file_name)
{
connection_struct *conn = handle->conn;
char *path_name = NULL;
char *temp_name = NULL;
char *final_name = NULL;
const char *base;
char *repository = NULL;
int i = 1;
SMB_OFF_T maxsize, minsize;
SMB_OFF_T file_size; /* space_avail; */
BOOL exist;
int rc = -1;
repository = talloc_sub_advanced(NULL, lp_servicename(SNUM(conn)),
conn->user,
conn->connectpath, conn->gid,
get_current_username(),
current_user_info.domain,
recycle_repository(handle));
ALLOC_CHECK(repository, done);
/* shouldn't we allow absolute path names here? --metze */
/* Yes :-). JRA. */
trim_char(repository, '\0', '/');
if(!repository || *(repository) == '\0') {
DEBUG(3, ("recycle: repository path not set, purging %s...\n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
/* we don't recycle the recycle bin... */
if (strncmp(file_name, repository, strlen(repository)) == 0) {
DEBUG(3, ("recycle: File is within recycling bin, unlinking ...\n"));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
file_size = recycle_get_file_size(handle, file_name);
/* it is wrong to purge filenames only because they are empty imho
* --- simo
*
if(fsize == 0) {
DEBUG(3, ("recycle: File %s is empty, purging...\n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle,file_name);
goto done;
}
*/
/* FIXME: this is wrong, we should check the whole size of the recycle bin is
* not greater then maxsize, not the size of the single file, also it is better
* to remove older files
*/
maxsize = recycle_maxsize(handle);
if(maxsize > 0 && file_size > maxsize) {
DEBUG(3, ("recycle: File %s exceeds maximum recycle size, purging... \n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
minsize = recycle_minsize(handle);
if(minsize > 0 && file_size < minsize) {
DEBUG(3, ("recycle: File %s lowers minimum recycle size, purging... \n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
/* FIXME: this is wrong: moving files with rename does not change the disk space
* allocation
*
space_avail = SMB_VFS_NEXT_DISK_FREE(handle, ".", True, &bsize, &dfree, &dsize) * 1024L;
DEBUG(5, ("space_avail = %Lu, file_size = %Lu\n", space_avail, file_size));
if(space_avail < file_size) {
DEBUG(3, ("recycle: Not enough diskspace, purging file %s\n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
*/
/* extract filename and path */
base = strrchr(file_name, '/');
if (base == NULL) {
base = file_name;
path_name = SMB_STRDUP("/");
ALLOC_CHECK(path_name, done);
}
else {
path_name = SMB_STRDUP(file_name);
ALLOC_CHECK(path_name, done);
path_name[base - file_name] = '\0';
base++;
}
DEBUG(10, ("recycle: fname = %s\n", file_name)); /* original filename with path */
DEBUG(10, ("recycle: fpath = %s\n", path_name)); /* original path */
DEBUG(10, ("recycle: base = %s\n", base)); /* filename without path */
if (matchparam(recycle_exclude(handle), base)) {
DEBUG(3, ("recycle: file %s is excluded \n", base));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
if (matchdirparam(recycle_exclude_dir(handle), path_name)) {
DEBUG(3, ("recycle: directory %s is excluded \n", path_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
if (recycle_keep_dir_tree(handle) == True) {
asprintf(&temp_name, "%s/%s", repository, path_name);
} else {
temp_name = SMB_STRDUP(repository);
}
ALLOC_CHECK(temp_name, done);
exist = recycle_directory_exist(handle, temp_name);
if (exist) {
DEBUG(10, ("recycle: Directory already exists\n"));
} else {
DEBUG(10, ("recycle: Creating directory %s\n", temp_name));
if (recycle_create_dir(handle, temp_name) == False) {
DEBUG(3, ("recycle: Could not create directory, purging %s...\n", file_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
}
asprintf(&final_name, "%s/%s", temp_name, base);
ALLOC_CHECK(final_name, done);
DEBUG(10, ("recycle: recycled file name: %s\n", final_name)); /* new filename with path */
/* check if we should delete file from recycle bin */
if (recycle_file_exist(handle, final_name)) {
if (recycle_versions(handle) == False || matchparam(recycle_noversions(handle), base) == True) {
DEBUG(3, ("recycle: Removing old file %s from recycle bin\n", final_name));
if (SMB_VFS_NEXT_UNLINK(handle, final_name) != 0) {
DEBUG(1, ("recycle: Error deleting old file: %s\n", strerror(errno)));
}
}
}
/* rename file we move to recycle bin */
i = 1;
while (recycle_file_exist(handle, final_name)) {
SAFE_FREE(final_name);
asprintf(&final_name, "%s/Copy #%d of %s", temp_name, i++, base);
}
DEBUG(10, ("recycle: Moving %s to %s\n", file_name, final_name));
rc = SMB_VFS_NEXT_RENAME(handle, file_name, final_name);
if (rc != 0) {
DEBUG(3, ("recycle: Move error %d (%s), purging file %s (%s)\n", errno, strerror(errno), file_name, final_name));
rc = SMB_VFS_NEXT_UNLINK(handle, file_name);
goto done;
}
/* touch access date of moved file */
if (recycle_touch(handle) == True || recycle_touch_mtime(handle))
recycle_do_touch(handle, final_name, recycle_touch_mtime(handle));
done:
SAFE_FREE(path_name);
SAFE_FREE(temp_name);
SAFE_FREE(final_name);
TALLOC_FREE(repository);
return rc;
}
