vfs_streams_xattr: fix check with samba_private_attr_name()

We want to check with samba_private_attr_name() whether the xattr name
is a private one, unfortunately it flags xattrs that begin with the
default streams prefix as private.  By only calling
samba_private_attr_name() in case the xattr does NOT begin with the
default prefix, we know that if it returns 'true' it definitely one of
our internal xattr like "user.DOSATTRIB".

This fixes a bug introduced in 634bcb09a08b927fd79ae0e16aeee2a123605f94
that denied all access to valid stream xattrs.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c
index 735db2b9204e784d0df176920d23ac4543d22fa1..631444251525fab363970a6baa92ce42a287d302 100644 (file)
--- a/source3/modules/vfs_streams_xattr.c
+++ b/source3/modules/vfs_streams_xattr.c
@@ -687,13 +687,28 @@ static NTSTATUS walk_xattr_streams(vfs_handle_struct *handle, files_struct *fsp,
        for (i=0; i<num_names; i++) {
                struct ea_struct ea;
 
+               /*
+                * We want to check with samba_private_attr_name()
+                * whether the xattr name is a private one,
+                * unfortunately it flags xattrs that begin with the
+                * default streams prefix as private.
+                *
+                * By only calling samba_private_attr_name() in case
+                * the xattr does NOT begin with the default prefix,
+                * we know that if it returns 'true' it definitely one
+                * of our internal xattr like "user.DOSATTRIB".
+                */
+               if (strncasecmp_m(names[i], SAMBA_XATTR_DOSSTREAM_PREFIX,
+                                 strlen(SAMBA_XATTR_DOSSTREAM_PREFIX)) != 0) {
+                       if (samba_private_attr_name(names[i])) {
+                               continue;
+                       }
+               }
+
                if (strncmp(names[i], config->prefix,
                            config->prefix_len) != 0) {
                        continue;
                }
-               if (samba_private_attr_name(names[i])) {
-                       continue;
-               }
 
                status = get_ea_value(names, handle->conn, fsp, fname,
                                      names[i], &ea);