Problem in working with domain DFS links

Jeremy Allison jra at samba.org
Tue May 13 20:09:39 GMT 2008 

I'm working at Connectathon to fix an issue
with the change we made to remove the hostname
checks in the DFS code.

The problem is RHEL5.0 shipped a CIFS client
that sets the DFS bit on pathnames but doesn't
send DFS paths. This causes lookups to fail as
the smbd/msdfs.c code now just eats the first
two parts of the pathname and uses the rest as
the local path. The previous hostname check
used to protect us from that as we knew that
when the hostname was invalid it was a local
path (and a broken client).

I don't want to put that check back in, but
came up with another idea - even though the
hostname can be a different one, the sharename
must be valid on this machine - right ? So
we can check for a valid sharename instead.

Here is a patch for 3.2-stable that implements
this - please check if it's ok in your environment.

Thanks,

Jeremy.
-------------- next part --------------
diff --git a/source/smbd/conn.c b/source/smbd/conn.c
index 5aedadc..1a55522 100644
--- a/source/smbd/conn.c
+++ b/source/smbd/conn.c
@@ -63,10 +63,10 @@ bool conn_snum_used(int snum)
 	return(False);
 }
 
-
 /****************************************************************************
-find a conn given a cnum
+ Find a conn given a cnum.
 ****************************************************************************/
+
 connection_struct *conn_find(unsigned cnum)
 {
 	int count=0;
@@ -84,6 +84,27 @@ connection_struct *conn_find(unsigned cnum)
 	return NULL;
 }
 
+/****************************************************************************
+ Find a conn given a service name.
+****************************************************************************/
+
+connection_struct *conn_find_byname(const char *service)
+{
+	int count=0;
+	connection_struct *conn;
+
+	for (conn=Connections;conn;conn=conn->next,count++) {
+		if (strequal(lp_servicename(SNUM(conn)),service)) {
+			if (count > 10) {
+				DLIST_PROMOTE(Connections, conn);
+			}
+			return conn;
+		}
+	}
+
+	return NULL;
+}
+
 
 /****************************************************************************
   find first available connection slot, starting from a random position.
diff --git a/source/smbd/msdfs.c b/source/smbd/msdfs.c
index 4f9e739..7400f79 100644
--- a/source/smbd/msdfs.c
+++ b/source/smbd/msdfs.c
@@ -133,6 +133,16 @@ static NTSTATUS parse_dfs_path(const char *pathname,
 	if(p == NULL) {
 		pdp->servicename = temp;
 		pdp->reqpath = eos_ptr; /* "" */
+		/* Is this really our servicename ? */
+		if (NULL == conn_find_byname(pdp->servicename)) {
+			DEBUG(10,("parse_dfs_path: %s is not our servicename\n",
+				pdp->servicename));
+			p = temp;
+			DEBUG(10,("parse_dfs_path: trying to convert %s "
+				"to a local path\n",
+				temp));
+			goto local_path;
+		}
 		return NT_STATUS_OK;
 	}
 	*p = '\0';

More information about the samba-technical mailing list