From: Volker Lendecke Date: Tue, 19 Sep 2023 18:55:32 +0000 (-0700) Subject: smbclient: Always ask for SMB311 posix in negprot X-Git-Tag: tevent-0.16.0~160 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8de01c31f317485c8466db95d8487c253a70fd31;p=thirdparty%2Fsamba.git smbclient: Always ask for SMB311 posix in negprot This does not mean that we're actually using it (yet). We just probe whether the server is willing to do it. Enable the posix cli command for smb311 posix extensions. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison --- diff --git a/source3/client/client.c b/source3/client/client.c index f14e3f4130e..d8b939ab3bd 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -3164,11 +3164,16 @@ static int cmd_posix(void) char *caps; NTSTATUS status; - if (!SERVER_HAS_UNIX_CIFS(cli)) { + if (!(SERVER_HAS_UNIX_CIFS(cli) || cli->smb2.server_smb311_posix)) { d_printf("Server doesn't support UNIX CIFS extensions.\n"); return 1; } + if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB3_11) { + cli->smb2.client_smb311_posix = true; + return 0; + } + status = cli_unix_extensions_version(cli, &major, &minor, &caplow, &caphigh); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/include/client.h b/source3/include/client.h index 5ac9d649142..3644e40ca50 100644 --- a/source3/include/client.h +++ b/source3/include/client.h @@ -91,6 +91,8 @@ struct cli_state { struct smbXcli_session *session; struct smbXcli_tcon *tcon; struct idr_context *open_handles; + bool server_smb311_posix; + bool client_smb311_posix; } smb2; }; diff --git a/source3/libsmb/clidfs.c b/source3/libsmb/clidfs.c index 1437844b427..7bc733492ce 100644 --- a/source3/libsmb/clidfs.c +++ b/source3/libsmb/clidfs.c @@ -28,6 +28,7 @@ #include "../libcli/smb/smbXcli_base.h" #include "auth/credentials/credentials.h" #include "lib/param/param.h" +#include "libcli/smb/smb2_negotiate_context.h" /******************************************************************** Important point. @@ -148,6 +149,8 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, cli_credentials_get_smb_signing(creds); enum smb_encryption_setting encryption_state = cli_credentials_get_smb_encryption(creds); + struct smb2_negotiate_contexts *in_contexts = NULL; + struct smb2_negotiate_contexts *out_contexts = NULL; if (encryption_state >= SMB_ENCRYPTION_DESIRED) { signing_state = SMB_SIGNING_REQUIRED; @@ -193,13 +196,29 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, DEBUG(4,(" session request ok\n")); + in_contexts = talloc_zero(ctx, struct smb2_negotiate_contexts); + if (in_contexts == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = smb2_negotiate_context_add( + in_contexts, + in_contexts, + SMB2_POSIX_EXTENSIONS_AVAILABLE, + (const uint8_t *)SMB2_CREATE_TAG_POSIX, + strlen(SMB2_CREATE_TAG_POSIX)); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = smbXcli_negprot(c->conn, c->timeout, lp_client_min_protocol(), lp_client_max_protocol(), - NULL, - NULL, - NULL); + in_contexts, + ctx, + &out_contexts); + TALLOC_FREE(in_contexts); if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { d_printf("Protocol negotiation (with timeout %d ms) timed out against server %s\n", @@ -226,6 +245,12 @@ static NTSTATUS do_connect(TALLOC_CTX *ctx, smb2cli_conn_set_max_credits(c->conn, DEFAULT_SMB2_MAX_CREDITS); } + if ((protocol >= PROTOCOL_SMB3_11) && (out_contexts != NULL)) { + c->smb2.server_smb311_posix = smb2_negotiate_context_find( + out_contexts, + SMB2_POSIX_EXTENSIONS_AVAILABLE); + } + status = cli_session_setup_creds(c, creds); if (!NT_STATUS_IS_OK(status)) { /* If a password was not supplied then