From 2c4719a0cda0061bf331227e25cb4534a4c0eb9c Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 1 Aug 2022 17:55:23 -0700
Subject: [PATCH] s3: smbd: In filename_convert_dirfsp(), don't let an
 SMB1+POSIX client see a symlink to a directory with no permissions.

This isn't 100% correct, but it gets us close enough
to the old behavior for SMB1+POSIX libsmbclient. If we went through a
symlink, and we got NT_STATUS_ACCESS_DENIED on the directory
containing the target, just don't allow the client to see the
intermediate path.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
---
 source3/smbd/filename.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index a9a998db7c5..8ccd350410b 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -3095,6 +3095,22 @@ next:
 		&substitute,
 		&unparsed);
 
+#if defined(WITH_SMB1SERVER)
+	/*
+	 * This isn't 100% correct, but it gets us close enough
+	 * to the old behavior for SMB1+POSIX libsmbclient. If we went through a
+	 * symlink, and we got NT_STATUS_ACCESS_DENIED on the directory
+	 * containing the target, just don't allow the client to see the
+	 * intermediate path.
+	 */
+	if (!conn->sconn->using_smb2 &&
+			(ucf_flags & UCF_POSIX_PATHNAMES) &&
+			symlink_redirects > 0 &&
+			NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+		return NT_STATUS_OBJECT_PATH_NOT_FOUND;
+	}
+#endif
+
 	if (!NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK)) {
 		return status;
 	}
-- 
2.47.3