From 09221cea5a19034fd19394134cd2d9c3181966ca Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 28 Mar 2023 13:53:20 -0700
Subject: [PATCH] s3: smbd: Correctly set smb2req->smb1req->posix_pathnames
 from the calling fsp on SMB2 calls.

We must always do SMB3+POSIX operations on fsp's opened with a posix create context.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---
 source3/smbd/globals.h              | 3 ++-
 source3/smbd/smb2_break.c           | 2 +-
 source3/smbd/smb2_close.c           | 2 +-
 source3/smbd/smb2_create.c          | 2 +-
 source3/smbd/smb2_flush.c           | 2 +-
 source3/smbd/smb2_getinfo.c         | 2 +-
 source3/smbd/smb2_glue.c            | 7 ++++++-
 source3/smbd/smb2_ioctl.c           | 2 +-
 source3/smbd/smb2_lock.c            | 2 +-
 source3/smbd/smb2_notify.c          | 2 +-
 source3/smbd/smb2_query_directory.c | 2 +-
 source3/smbd/smb2_read.c            | 2 +-
 source3/smbd/smb2_setinfo.c         | 2 +-
 source3/smbd/smb2_write.c           | 2 +-
 14 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 5fb9f2e647c..ff69d95ddfb 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -277,7 +277,8 @@ NTSTATUS smbd_smb2_request_pending_queue(struct smbd_smb2_request *req,
 					 struct tevent_req *subreq,
 					 uint32_t defer_time);
 
-struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req);
+struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req,
+					       struct files_struct *fsp);
 size_t smbd_smb2_unread_bytes(struct smbd_smb2_request *req);
 void remove_smb2_chained_fsp(files_struct *fsp);
 
diff --git a/source3/smbd/smb2_break.c b/source3/smbd/smb2_break.c
index e8f6b996101..f837b8eccc1 100644
--- a/source3/smbd/smb2_break.c
+++ b/source3/smbd/smb2_break.c
@@ -185,7 +185,7 @@ static struct tevent_req *smbd_smb2_oplock_break_send(TALLOC_CTX *mem_ctx,
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp),
 		  oplocklevel));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c
index ed2b21dc5bc..236d5b79f91 100644
--- a/source3/smbd/smb2_close.c
+++ b/source3/smbd/smb2_close.c
@@ -211,7 +211,7 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req,
 	DEBUG(10,("smbd_smb2_close: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(req);
+	smbreq = smbd_smb2_fake_smb_request(req, fsp);
 	if (smbreq == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index c17562e93e1..aba08570870 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -784,7 +784,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		.in_create_disposition = in_create_disposition,
 	};
 
-	smb1req = smbd_smb2_fake_smb_request(smb2req);
+	smb1req = smbd_smb2_fake_smb_request(smb2req, NULL);
 	if (tevent_req_nomem(smb1req, req)) {
 		return tevent_req_post(req, state->ev);
 	}
diff --git a/source3/smbd/smb2_flush.c b/source3/smbd/smb2_flush.c
index 5c8c171e418..2d3e6319697 100644
--- a/source3/smbd/smb2_flush.c
+++ b/source3/smbd/smb2_flush.c
@@ -140,7 +140,7 @@ static struct tevent_req *smbd_smb2_flush_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_flush: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_getinfo.c b/source3/smbd/smb2_getinfo.c
index 468010696fe..51283eb174e 100644
--- a/source3/smbd/smb2_getinfo.c
+++ b/source3/smbd/smb2_getinfo.c
@@ -277,7 +277,7 @@ static struct tevent_req *smbd_smb2_getinfo_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_getinfo_send: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_glue.c b/source3/smbd/smb2_glue.c
index 543c0a0b9e6..563aaf88873 100644
--- a/source3/smbd/smb2_glue.c
+++ b/source3/smbd/smb2_glue.c
@@ -26,7 +26,8 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_SMB2
 
-struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req)
+struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req,
+					       struct files_struct *fsp)
 {
 	struct smb_request *smbreq;
 	const uint8_t *inhdr = SMBD_SMB2_IN_HDR_PTR(req);
@@ -67,6 +68,10 @@ struct smb_request *smbd_smb2_fake_smb_request(struct smbd_smb2_request *req)
 	}
 	smbreq->mid = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
 	smbreq->chain_fsp = req->compat_chain_fsp;
+	if (fsp != NULL) {
+		smbreq->posix_pathnames =
+			(fsp->fsp_name->flags & SMB_FILENAME_POSIX_PATH);
+	}
 	smbreq->smb2req = req;
 	req->smb1req = smbreq;
 
diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c
index e4f8c10e3af..2ca53e33788 100644
--- a/source3/smbd/smb2_ioctl.c
+++ b/source3/smbd/smb2_ioctl.c
@@ -445,7 +445,7 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
 		   fsp ? fsp_str_dbg(fsp) : "<no handle>",
 		   fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_lock.c b/source3/smbd/smb2_lock.c
index 48593af4790..642e9c74151 100644
--- a/source3/smbd/smb2_lock.c
+++ b/source3/smbd/smb2_lock.c
@@ -237,7 +237,7 @@ static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
 
 	tevent_req_set_cleanup_fn(req, smbd_smb2_lock_cleanup);
 
-	state->smb1req = smbd_smb2_fake_smb_request(smb2req);
+	state->smb1req = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(state->smb1req, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_notify.c b/source3/smbd/smb2_notify.c
index 133c990f0df..8cccd90b3fb 100644
--- a/source3/smbd/smb2_notify.c
+++ b/source3/smbd/smb2_notify.c
@@ -232,7 +232,7 @@ static struct tevent_req *smbd_smb2_notify_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_notify_send: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_query_directory.c b/source3/smbd/smb2_query_directory.c
index 250b56633bb..0cecd720602 100644
--- a/source3/smbd/smb2_query_directory.c
+++ b/source3/smbd/smb2_query_directory.c
@@ -290,7 +290,7 @@ static struct tevent_req *smbd_smb2_query_directory_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_query_directory_send: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	state->smbreq = smbd_smb2_fake_smb_request(smb2req);
+	state->smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(state->smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_read.c b/source3/smbd/smb2_read.c
index 4c6822f2c74..eb12dbd7269 100644
--- a/source3/smbd/smb2_read.c
+++ b/source3/smbd/smb2_read.c
@@ -480,7 +480,7 @@ static struct tevent_req *smbd_smb2_read_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_read: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_setinfo.c b/source3/smbd/smb2_setinfo.c
index 04fd9490fe9..f26fce77a23 100644
--- a/source3/smbd/smb2_setinfo.c
+++ b/source3/smbd/smb2_setinfo.c
@@ -392,7 +392,7 @@ static struct tevent_req *smbd_smb2_setinfo_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_setinfo_send: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
diff --git a/source3/smbd/smb2_write.c b/source3/smbd/smb2_write.c
index ff99127b067..269c489642e 100644
--- a/source3/smbd/smb2_write.c
+++ b/source3/smbd/smb2_write.c
@@ -297,7 +297,7 @@ static struct tevent_req *smbd_smb2_write_send(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("smbd_smb2_write: %s - %s\n",
 		  fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
 
-	smbreq = smbd_smb2_fake_smb_request(smb2req);
+	smbreq = smbd_smb2_fake_smb_request(smb2req, fsp);
 	if (tevent_req_nomem(smbreq, req)) {
 		return tevent_req_post(req, ev);
 	}
-- 
2.11.4.GIT