r2152: Fix for bug #1674, move the symlinks checks into reduce_name().

Jeremy.

diff --git a/source/smbd/filename.c b/source/smbd/filename.c
index e12cfb1388bb17a284189b7b20093a14818829fe..279c9dd3c45bddd3b3c251cd6d9c9a5700768a15 100644 (file)
--- a/source/smbd/filename.c
+++ b/source/smbd/filename.c
@@ -414,26 +414,10 @@ BOOL check_name(pstring name,connection_struct *conn)
                }
        }
 
-       if (!lp_widelinks(SNUM(conn))) {
+       if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
                ret = reduce_name(conn,name);
        }
 
-       /* Check if we are allowing users to follow symlinks */
-       /* Patch from David Clerc <David.Clerc@cui.unige.ch>
-               University of Geneva */
-
-#ifdef S_ISLNK
-       if (!lp_symlinks(SNUM(conn))) {
-               SMB_STRUCT_STAT statbuf;
-               if ( (SMB_VFS_LSTAT(conn,name,&statbuf) != -1) &&
-                               (S_ISLNK(statbuf.st_mode)) ) {
-                       DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
-                       errno = EACCES;
-                       ret = False; 
-               }
-       }
-#endif
-
        if (!ret) {
                DEBUG(5,("check_name on %s failed\n",name));
        }

diff --git a/source/smbd/vfs.c b/source/smbd/vfs.c
index a47f040f6a87f41acf38b99071a72eaa407a2f69..0328558fe88740a2bfc97088d3160400ef8f7ccc 100644 (file)
--- a/source/smbd/vfs.c
+++ b/source/smbd/vfs.c
@@ -909,7 +909,8 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
                return False;
        }
 
-       if (strncmp(conn->connectpath, resolved_name, con_path_len) != 0) {
+       /* Check for widelinks allowed. */
+       if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) {
                DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname));
                if (free_resolved_name)
                        SAFE_FREE(resolved_name);
@@ -917,28 +918,23 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
                return False;
        }
 
-       /* Move path the connect path to the last part of the filename. */
-       p = resolved_name + con_path_len;
-       if (*p == '/') {
-               p++;
-       }
-
-       if (!*p) {
-               if (fname[0] == '.' && fname[1] == '/' && fname[2] == '\0') {
-                       pstrcpy(resolved_name, "./");
-               } else {
-                       pstrcpy(resolved_name, ".");
-               }
-               p = resolved_name;
-       }
-
-       if (!lp_symlinks(SNUM(conn)) && (strcmp(fname, p)!=0)) {
-               DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",fname));
-               if (free_resolved_name)
-                       SAFE_FREE(resolved_name);
-               errno = EACCES;
-               return False;
-       }
+        /* Check if we are allowing users to follow symlinks */
+        /* Patch from David Clerc <David.Clerc@cui.unige.ch>
+                University of Geneva */
+                                                                                                                                                    
+#ifdef S_ISLNK
+        if (!lp_symlinks(SNUM(conn))) {
+                SMB_STRUCT_STAT statbuf;
+                if ( (SMB_VFS_LSTAT(conn,fname,&statbuf) != -1) &&
+                                (S_ISLNK(statbuf.st_mode)) ) {
+                       if (free_resolved_name)
+                               SAFE_FREE(resolved_name);
+                        DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",resolved_name));
+                        errno = EACCES;
+                       return False;
+                }
+        }
+#endif
 
        DEBUG(3,("reduce_name: %s reduced to %s\n", fname, p));
        if (free_resolved_name)