git.samba.org - samba.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Thu, 13 Oct 2016 10:42:59 +0000 (12:42 +0200)
committer	Karolin Seeger <kseeger@samba.org>
	Mon, 2 Jan 2017 10:56:50 +0000 (11:56 +0100)
commit	c6177cd24ec3d557f0ce1230566d9a08ae58de09
tree	1d36ff26746e24b258971d590392f212fa9ab937	tree
parent	14cee44d6976cbe05079dc00eb2f883ded040114	commit \| diff

s3:smbd: only pass UCF_PREP_CREATEFILE to filename_convert() if we may create a new file

This fixes a regression introduced by commit
f98d10af2a05f0261611f4cabdfe274cd9fe91c0
(smbd: Always use UCF_PREP_CREATEFILE for filename_convert calls to resolve a path for open)

The main problem was that Windows client seem to verify
the access to user.V2\ntuser.ini is rejected with NT_STATUS_ACCESS_DENIED,
using the machine credentials.

Passing UCF_PREP_CREATEFILE to filename_convert() triggers a code path
that implements a dropbox behaviour. A dropbox is a directory with only -wx permissions,
so get_real_filename fails with EACCESS, it needs to list the directory.
EACCESS is ignored with UCF_PREP_CREATEFILE.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10297

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 25 05:33:36 CEST 2016 on sn-devel-144

(cherry picked from commit 759416582c54a16aacbef0e0dfe4649bddff8c5e)

source3/smbd/filename.c		diff \| blob \| history
source3/smbd/nttrans.c		diff \| blob \| history
source3/smbd/proto.h		diff \| blob \| history
source3/smbd/reply.c		diff \| blob \| history
source3/smbd/smb2_create.c		diff \| blob \| history