Update POSIX negotiate context during negprot to include GUID

As requested - updated the POSIX negotiate context to include the GUID
of the only supported POSIX open/create context.

Let me know if any objections..

Tested with JRAs tree and worked fine, other than unrelated problem
(appears to be in server code) where the world writeable bit is always
masked off on mkdir (could be user error but smb.conf looked ok to me
and worked with his older tree for all modes).  Other modes (other
than setuid/setgid/sticky) work fine on directory create.

Am 25.02.19 um 01:01 schrieb Steve French via samba-technical:
> As requested - updated the POSIX negotiate context to include the GUID
> of the only supported POSIX open/create context.
> 
> Let me know if any objections..

Don't you need to change POSIX_CTXT_DATA_LEN?

metze

On Mon, Feb 25, 2019 at 1:22 AM Stefan Metzmacher <metze@samba.org> wrote:
>
> Am 25.02.19 um 01:01 schrieb Steve French via samba-technical:
> > As requested - updated the POSIX negotiate context to include the GUID
> > of the only supported POSIX open/create context.
> >
> > Let me know if any objections..
>
> Don't you need to change POSIX_CTXT_DATA_LEN?

Isn't 16 bytes correct (at least one GUID - in this case matching the
POSIX open context GUID)?  The patch included this change:

-#define POSIX_CTXT_DATA_LEN    8
+#define POSIX_CTXT_DATA_LEN    16

Am 25.02.19 um 08:26 schrieb Steve French via samba-technical:
> On Mon, Feb 25, 2019 at 1:22 AM Stefan Metzmacher <metze@samba.org> wrote:
>>
>> Am 25.02.19 um 01:01 schrieb Steve French via samba-technical:
>>> As requested - updated the POSIX negotiate context to include the GUID
>>> of the only supported POSIX open/create context.
>>>
>>> Let me know if any objections..
>>
>> Don't you need to change POSIX_CTXT_DATA_LEN?
> 
> Isn't 16 bytes correct (at least one GUID - in this case matching the
> POSIX open context GUID)?  The patch included this change:
> 
> -#define POSIX_CTXT_DATA_LEN    8
> +#define POSIX_CTXT_DATA_LEN    16
> 

Yes, that correct, I missed that sorry.

Does your client still work without that chance, just sending 8 zero
bytes? Or does that fail?

I guess it will fail at

+               if ((inbuflen % 16) != 0) {
+                       return smbd_smb2_request_error(
+                               req, NT_STATUS_INVALID_PARAMETER);
+               }

I think we need to have something like this before:

     static const uint64_t reserved64;
     DATA_BLOB reserved = data_blob_const(&reserved64,
sizeof(reserved6464));
     int cmp;

     cmp = data_blob_cmp(&in_posix->data, &reserved_value);
     if (cmp == 0) {
           inbuf = (const uint8_t *)SMB2_CREATE_TAG_POSIX;
           inbuflen = 16;
           outbuf = reserved.blob;
           outbuflen = reserved.length;
     }

metze

On Mon, Feb 25, 2019 at 08:43:33AM +0100, Stefan Metzmacher wrote:
> Yes, that correct, I missed that sorry.
> 
> Does your client still work without that chance, just sending 8 zero
> bytes? Or does that fail?
> 
> I guess it will fail at
> 
> +               if ((inbuflen % 16) != 0) {
> +                       return smbd_smb2_request_error(
> +                               req, NT_STATUS_INVALID_PARAMETER);
> +               }

Yes, it's supposed to fail there :-).

> I think we need to have something like this before:
> 
>      static const uint64_t reserved64;
>      DATA_BLOB reserved = data_blob_const(&reserved64,
> sizeof(reserved6464));
>      int cmp;
> 
>      cmp = data_blob_cmp(&in_posix->data, &reserved_value);
>      if (cmp == 0) {
>            inbuf = (const uint8_t *)SMB2_CREATE_TAG_POSIX;
>            inbuflen = 16;
>            outbuf = reserved.blob;
>            outbuflen = reserved.length;
>      }

I don't want to do that. None of this code is in any
mainline/master/released code bases so I don't want
to support what is "test" code in the Linux client.

We are close to the point of making something
that we can commit to support going forward,
but we're not there yet.

So I really don't want to support any Negprot
variants other than the latest "list of create
contexts" version.

Hi Jeremy,

> So I really don't want to support any Negprot
> variants other than the latest "list of create
> contexts" version.

Ok, that's also fine for me.

metze

Yes - it fails (Samba returns error invalid parameter) without this change.

On Mon, Feb 25, 2019 at 8:21 AM Jeremy Allison <jra@samba.org> wrote:
>
> On Mon, Feb 25, 2019 at 08:43:33AM +0100, Stefan Metzmacher wrote:
> > Yes, that correct, I missed that sorry.
> >
> > Does your client still work without that chance, just sending 8 zero
> > bytes? Or does that fail?
> >
> > I guess it will fail at
> >
> > +               if ((inbuflen % 16) != 0) {
> > +                       return smbd_smb2_request_error(
> > +                               req, NT_STATUS_INVALID_PARAMETER);
> > +               }
>
> Yes, it's supposed to fail there :-).
>
> > I think we need to have something like this before:
> >
> >      static const uint64_t reserved64;
> >      DATA_BLOB reserved = data_blob_const(&reserved64,
> > sizeof(reserved6464));
> >      int cmp;
> >
> >      cmp = data_blob_cmp(&in_posix->data, &reserved_value);
> >      if (cmp == 0) {
> >            inbuf = (const uint8_t *)SMB2_CREATE_TAG_POSIX;
> >            inbuflen = 16;
> >            outbuf = reserved.blob;
> >            outbuflen = reserved.length;
> >      }
>
> I don't want to do that. None of this code is in any
> mainline/master/released code bases so I don't want
> to support what is "test" code in the Linux client.
>
> We are close to the point of making something
> that we can commit to support going forward,
> but we're not there yet.
>
> So I really don't want to support any Negprot
> variants other than the latest "list of create
> contexts" version.