X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=libatalk%2Futil%2Fnetatalk_conf.c;h=e00bb18f579ee0d5f31003afae76a479f3d6e182;hb=86842c08a4faa8fcd7b4f6639f39a3245f0b7d81;hp=d06be264051bdd9de82934deddfa753bd4ec32ea;hpb=62d347c783553c2888fd16ae6002d8fbde1b929f;p=netatalk.git

diff --git a/libatalk/util/netatalk_conf.c b/libatalk/util/netatalk_conf.c
index d06be264..e00bb18f 100644
--- a/libatalk/util/netatalk_conf.c
+++ b/libatalk/util/netatalk_conf.c
@@ -942,13 +942,16 @@ static int vol_section(const char *sec)
 static int readvolfile(AFPObj *obj, const struct passwd *pwent)
 {
     EC_INIT;
+    static int regexerr = -1;
+    static regex_t reg;
     char        path[MAXPATHLEN + 1];
     char        volname[AFPVOL_U8MNAMELEN + 1];
     char        tmp[MAXPATHLEN + 1];
-    const char  *preset, *default_preset, *p;
+    const char  *preset, *default_preset, *p, *basedir;
     char        *q, *u;
     int         i;
     struct passwd   *pw;
+    regmatch_t match[1];
 
     LOG(log_debug, logtype_afpd, "readvolfile: BEGIN");
 
@@ -971,6 +974,27 @@ static int readvolfile(AFPObj *obj, const struct passwd *pwent)
                 || strcmp(obj->username, obj->options.guest) == 0)
                 /* not an AFP session, but cnid daemon, dbd or ad util, or guest login */
                 continue;
+            if (pwent->pw_dir == NULL || STRCMP("", ==, pwent->pw_dir))
+                /* no user home */
+                continue;
+
+            /* check if user home matches our "basedir regex" */
+            if ((basedir = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "basedir regex", NULL)) == NULL)
+                continue;
+            LOG(log_debug, logtype_afpd, "readvolfile: basedir regex: '%s'", basedir);
+
+            if (regexerr != 0 && (regexerr = regcomp(&reg, basedir, REG_EXTENDED)) != 0) {
+                char errbuf[1024];
+                regerror(regexerr, &reg, errbuf, sizeof(errbuf));
+                LOG(log_debug, logtype_default, "readvolfile: bad basedir regex: %s", errbuf);
+            }
+
+            if (regexec(&reg, pwent->pw_dir, 1, match, 0) == REG_NOMATCH) {
+                LOG(log_debug, logtype_default, "readvolfile: user home \"%s\" doesn't match basedir regex \"%s\"",
+                    pwent->pw_dir, basedir);
+                continue;
+            }
+
             strlcpy(tmp, pwent->pw_dir, MAXPATHLEN);
             strlcat(tmp, "/", MAXPATHLEN);
             if (p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "path", NULL))
@@ -1103,8 +1127,6 @@ int load_volumes(AFPObj *obj, void (*delvol_fn)(struct vol *))
             goto EC_CLEANUP;
         have_uservol = 0;
         for (vol = Volumes; vol; vol = vol->v_next) {
-            if (vol->v_flags & AFPVOL_UNIX_CTXT)
-                continue;
             vol->v_deleted = 1;
         }
     } else {
@@ -1217,6 +1239,8 @@ struct vol *getvolbyvid(const uint16_t vid )
 struct vol *getvolbypath(AFPObj *obj, const char *path)
 {
     EC_INIT;
+    static int regexerr = -1;
+    static regex_t reg;
     struct vol *vol;
     struct vol *tmp;
     const struct passwd *pw;
@@ -1226,8 +1250,6 @@ struct vol *getvolbypath(AFPObj *obj, const char *path)
     char        tmpbuf[MAXPATHLEN + 1];
     const char *secname, *basedir, *p = NULL, *subpath = NULL, *subpathconfig;
     char *user = NULL, *prw;
-    int regexerr = -1;
-    static regex_t reg;
     regmatch_t match[1];
 
     LOG(log_debug, logtype_afpd, "getvolbypath(\"%s\")", path);