s3: smbd: In filename_convert_dirfsp(), allow SMB1+POSIX to traverse non-terminal...

This is the behavior of filename_convert() and
we need to allow it for the legacy SMB1+POSIX libsmbclient
libraries already deployed out there.

When we add SMB2 POSIX we must disallow symlink
traversal over any symlinks, the client must
resolve symlinks locally.

Add a note to show this is where we need to add
an error for SMB2+POSIX names with UCF_POSIX_PATHNAMES
set.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index 3f0c395fd8ffa360f13d80f790a194e4d092cab2..27650326ade9883b54e5c64cc0f725d0622468c5 100644 (file)
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -3081,12 +3081,17 @@ next:
                return NT_STATUS_OBJECT_PATH_NOT_FOUND;
        }
 
-       if (ucf_flags & UCF_POSIX_PATHNAMES) {
-               /*
-                * SMB1 posix never traverses symlinks
-                */
-               return NT_STATUS_OBJECT_PATH_NOT_FOUND;
-       }
+       /*
+        * Right now, SMB2 and SMB1 always traverse symlinks
+        * within the share. SMB1+POSIX traverses non-terminal
+        * symlinks within the share.
+        *
+        * When we add SMB2+POSIX we need to return
+        * a NT_STATUS_STOPPED_ON_SYMLINK error here, using the
+        * symlink target data read below if SMB2+POSIX has
+        * UCF_POSIX_PATHNAMES set to cause the client to
+        * resolve all symlinks locally.
+        */
 
        target = symlink_target_path(mem_ctx, name_in, substitute, unparsed);
        if (target == NULL) {