From: Jeremy Allison <jra@samba.org>
To: Steve French <smfrench@gmail.com>
Cc: Xiaoli Feng <xifeng@redhat.com>,
CIFS <linux-cifs@vger.kernel.org>,
samba-technical <samba-technical@lists.samba.org>
Subject: Re: [PATCH][SMB3] allow files to be created with backslash in file name
Date: Fri, 1 Jan 2021 21:25:24 -0800 [thread overview]
Message-ID: <20210102052524.GA67422@jeremy-acer> (raw)
In-Reply-To: <CAH2r5ms1V2KKb6T3ELQ-JsQ3fniOScTE2654_xLwnPruiekzEw@mail.gmail.com>
On Fri, Jan 01, 2021 at 09:49:06PM -0600, Steve French wrote:
>I exported the /scratch directory with smb.conf configured as
>
>[scratch]
> comment = scratch share for testing
> browseable = yes
> path = /scratch
> guest ok = yes
> read only = no
> ea support = yes
> create mask = 0777
> directory mask = 0777
> vfs objects = acl_xattr
> map acl inherit = yes
> strict allocate = yes
> map acl inherit = yes
> mangled names = no
>
>Connecting with smbclient and doing a simple ls causes the disconnect:
>$ smbclient --version
>Version 4.12.5-Ubuntu
>$ smbclient //localhost/scratch -U testuser
>Enter SAMBA\testuser's password:
>Try "help" to get a list of possible commands.
>smb: \> ls
> . D 0 Fri Jan 1 21:19:52 2021
> .. D 0 Thu Dec 31 21:42:28 2020
> rsvd-chars D 0 Fri Jan 1 09:14:04 2021
> file-?-question N 0 Fri Jan 1 21:19:42 2021
>is_bad_finfo_name: bad finfo->name
>NT_STATUS_INVALID_NETWORK_RESPONSE listing \*
>smb: \> SMBecho failed (NT_STATUS_CONNECTION_DISCONNECTED). The
>connection is disconnected now
Well of course it disconnects. You set
"mangled names = no"
So the server returns the bad name. The smbclient
library notices the server is trying to screw with
it by sending invalid Windows names and disconnects
to protect itself.
This is by design. There is a *REASON* mangled names = yes
is the default. Otherwise you can't see valid server
filenames that contain : \ etc. etc. from a Windows client.
Even a file names AUX: has to be mangled. "mangled names = no"
is only useful for a pre-cleaned exported file system which
you can guarantee contains only Windows-compatible names.
This is not a bug, it's working as designed to protect
the client code.
There was a CVE where libsmbclient might pass up
names containing a '/' to the calling code (not
that they can exist on disk, but a malicious server
could send them) which might then treat it as a
path separator.
next prev parent reply other threads:[~2021-01-02 5:26 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-01 3:35 [PATCH][SMB3] allow files to be created with backslash in file name Steve French
2021-01-01 6:00 ` Jeremy Allison
[not found] ` <CAH2r5mt+5LQB59w0SPEp2Q-9ZZ2PV=XDMtGpy2pedhF8eKif0A@mail.gmail.com>
2021-01-01 19:58 ` Jeremy Allison
[not found] ` <CAH2r5mvt_cHDbT0xaeLNQn=5cQ0T2-wPgpMkYEGQNdtDZ3kP=A@mail.gmail.com>
2021-01-02 2:58 ` Jeremy Allison
2021-01-02 3:49 ` Steve French
2021-01-02 5:25 ` Jeremy Allison [this message]
2021-01-03 0:19 ` Steve French
2021-01-03 1:21 ` Jeremy Allison
2021-01-03 1:25 ` Jeremy Allison
2021-01-03 3:45 ` Steve French
2021-01-03 4:13 ` Jeremy Allison
2021-01-01 20:06 ` Jeremy Allison
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210102052524.GA67422@jeremy-acer \
--to=jra@samba.org \
--cc=linux-cifs@vger.kernel.org \
--cc=samba-technical@lists.samba.org \
--cc=smfrench@gmail.com \
--cc=xifeng@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).