From 86842c08a4faa8fcd7b4f6639f39a3245f0b7d81 Mon Sep 17 00:00:00 2001
From: Frank Lahm <franklahm@googlemail.com>
Date: Sat, 31 Mar 2012 15:40:30 +0200
Subject: [PATCH] Correct handling of users without homes

---
 NEWS                          |  1 +
 libatalk/util/netatalk_conf.c | 30 +++++++++++++++++++++++++++---
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 3aed94ff..eb1d743e 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,7 @@ Changes in 3.0 alpha2
        CAP hexencode as "2e" and "2f" respectively
 * UPD: afdp: Automatic name conversion, renaming files and directories
        containing CAP sequences to their not enscaped forms
+* UPD: afpd: Correct handling of user homes and users without homes
 * UPD: dbd: -C option removes CAP encoding
 * UPD: Add graceful option to RedHat init script
 * UPD: Add --disable-bundled-libevent configure options When set to yes,
diff --git a/libatalk/util/netatalk_conf.c b/libatalk/util/netatalk_conf.c
index 6b98673c..e00bb18f 100644
--- a/libatalk/util/netatalk_conf.c
+++ b/libatalk/util/netatalk_conf.c
@@ -942,13 +942,16 @@ static int vol_section(const char *sec)
 static int readvolfile(AFPObj *obj, const struct passwd *pwent)
 {
     EC_INIT;
+    static int regexerr = -1;
+    static regex_t reg;
     char        path[MAXPATHLEN + 1];
     char        volname[AFPVOL_U8MNAMELEN + 1];
     char        tmp[MAXPATHLEN + 1];
-    const char  *preset, *default_preset, *p;
+    const char  *preset, *default_preset, *p, *basedir;
     char        *q, *u;
     int         i;
     struct passwd   *pw;
+    regmatch_t match[1];
 
     LOG(log_debug, logtype_afpd, "readvolfile: BEGIN");
 
@@ -971,6 +974,27 @@ static int readvolfile(AFPObj *obj, const struct passwd *pwent)
                 || strcmp(obj->username, obj->options.guest) == 0)
                 /* not an AFP session, but cnid daemon, dbd or ad util, or guest login */
                 continue;
+            if (pwent->pw_dir == NULL || STRCMP("", ==, pwent->pw_dir))
+                /* no user home */
+                continue;
+
+            /* check if user home matches our "basedir regex" */
+            if ((basedir = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "basedir regex", NULL)) == NULL)
+                continue;
+            LOG(log_debug, logtype_afpd, "readvolfile: basedir regex: '%s'", basedir);
+
+            if (regexerr != 0 && (regexerr = regcomp(&reg, basedir, REG_EXTENDED)) != 0) {
+                char errbuf[1024];
+                regerror(regexerr, &reg, errbuf, sizeof(errbuf));
+                LOG(log_debug, logtype_default, "readvolfile: bad basedir regex: %s", errbuf);
+            }
+
+            if (regexec(&reg, pwent->pw_dir, 1, match, 0) == REG_NOMATCH) {
+                LOG(log_debug, logtype_default, "readvolfile: user home \"%s\" doesn't match basedir regex \"%s\"",
+                    pwent->pw_dir, basedir);
+                continue;
+            }
+
             strlcpy(tmp, pwent->pw_dir, MAXPATHLEN);
             strlcat(tmp, "/", MAXPATHLEN);
             if (p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "path", NULL))
@@ -1215,6 +1239,8 @@ struct vol *getvolbyvid(const uint16_t vid )
 struct vol *getvolbypath(AFPObj *obj, const char *path)
 {
     EC_INIT;
+    static int regexerr = -1;
+    static regex_t reg;
     struct vol *vol;
     struct vol *tmp;
     const struct passwd *pw;
@@ -1224,8 +1250,6 @@ struct vol *getvolbypath(AFPObj *obj, const char *path)
     char        tmpbuf[MAXPATHLEN + 1];
     const char *secname, *basedir, *p = NULL, *subpath = NULL, *subpathconfig;
     char *user = NULL, *prw;
-    int regexerr = -1;
-    static regex_t reg;
     regmatch_t match[1];
 
     LOG(log_debug, logtype_afpd, "getvolbypath(\"%s\")", path);
-- 
2.39.2