The branch, master has been updated
via becc43b krb5_wrap: Fix build error when not using heimdal.
via 2db5c10 s4/torture: add a test for dosmode and hidden files
via 36b7cff s3/smbd: only use stored dos attributes for
open_match_attributes() check
via f2a53ef s3/smbd: move check for "hide files" to dos_mode_from_name()
via 1be8770 s3/smbd: call dos_mode_from_name after
SMB_VFS_GET_DOS_ATTRIBUTES()
via c8c67c9 s3/smbd: add helper func dos_mode_from_name()
from 030fd72 s3-ctdb: Return an error when unexpected reply is received
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit becc43b87d892503cf621ab9259c61fc72ff0813
Author: Jose A. Rivera <jar...@samba.org>
Date: Sat Jun 25 10:47:52 2016 -0500
krb5_wrap: Fix build error when not using heimdal.
Just a small typo fix where type and variable were flipped.
Signed-off-by: Jose A. Rivera <jar...@samba.org>
Reviewed-by: Ralph Boehme <s...@samba.org>
Autobuild-User(master): Ralph Böhme <s...@samba.org>
Autobuild-Date(master): Sat Jun 25 22:43:27 CEST 2016 on sn-devel-144
commit 2db5c10ac59d5362e81c50d9a854071477de9c12
Author: Ralph Boehme <s...@samba.org>
Date: Thu Jun 23 19:13:05 2016 +0200
s4/torture: add a test for dosmode and hidden files
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11992
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 36b7cff3188bbc21048c12ec971d9c2ac3666226
Author: Ralph Boehme <s...@samba.org>
Date: Thu Jun 23 12:24:33 2016 +0200
s3/smbd: only use stored dos attributes for open_match_attributes() check
This changes the way we check for old vs new DOS attributes on open with
overwrite: only check against the DOS attributes actually set by a
client and stored in the DOS attributes xattr.
With this change "hide dot files" and "hide files" continue to work with
"store dos attributes = yes".
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11992
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit f2a53efb1aab0986d6a7d9621b1efff2127df4e6
Author: Ralph Boehme <s...@samba.org>
Date: Thu Jun 23 17:14:55 2016 +0200
s3/smbd: move check for "hide files" to dos_mode_from_name()
Consolidate the "hide dot files" and "hide files" handling stuff in one
function. No change in overall behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11992
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit 1be877038c53c88802bc19c00a49c1974f17c4eb
Author: Ralph Boehme <s...@samba.org>
Date: Thu Jun 23 16:40:15 2016 +0200
s3/smbd: call dos_mode_from_name after SMB_VFS_GET_DOS_ATTRIBUTES()
This doesn't change overall behaviour in any way, it just prepares for
the next step where the IS_HIDDEN_PATH() stuff will be moved to the
function dos_mode_from_name().
It allows an optimisation by not checking "hide to files" patch if
FILE_ATTRIBUTE_HIDDEN was already set in the DOS xattr.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11992
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
commit c8c67c9a2a6347e36f4628e2d0260bd6c58d8c65
Author: Ralph Boehme <s...@samba.org>
Date: Thu Jun 23 12:23:33 2016 +0200
s3/smbd: add helper func dos_mode_from_name()
This just moves the computation of "hide dot files" files to a helper
functions without changing overall behaviour.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11992
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Jeremy Allison <j...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/krb5_wrap/krb5_samba.c | 2 +-
selftest/target/Samba3.pm | 7 ++
source3/selftest/tests.py | 2 +
source3/smbd/dosmode.c | 58 +++++++-----
source3/smbd/open.c | 13 ++-
source4/selftest/tests.py | 5 +-
source4/torture/smb2/dosmode.c | 183 +++++++++++++++++++++++++++++++++++++
source4/torture/smb2/smb2.c | 1 +
source4/torture/smb2/wscript_build | 2 +-
9 files changed, 245 insertions(+), 28 deletions(-)
create mode 100644 source4/torture/smb2/dosmode.c
Changeset truncated at 500 lines:
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 79e9450..8064f17 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -162,7 +162,7 @@ krb5_error_code smb_krb5_mk_error(krb5_context context,
if (e_text != NULL) {
dec_err.text.length = strlen(e_text);
- dec_err.text.data = discard_const_p(e_text, char);
+ dec_err.text.data = discard_const_p(char, e_text);
}
if (e_data != NULL) {
dec_err.e_data = *e_data;
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 3f6fd1e..2ac953d 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -555,6 +555,13 @@ sub setup_simpleserver($$)
vfs objects = aio_fork
read only = no
vfs_aio_fork:erratic_testing_mode=yes
+
+[dosmode]
+ path = $prefix_abs/share
+ vfs objects =
+ store dos attributes = yes
+ hide files = /hidefile/
+ hide dot files = yes
";
my $vars = $self->provision($path,
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index cc635cd..371ec2a 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -408,6 +408,8 @@ for t in tests:
elif t == "smb2.notify":
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD --signing=required')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp
-U$USERNAME%$PASSWORD --signing=required')
+ elif t == "smb2.dosmode":
+ plansmbtorture4testsuite(t, "simpleserver", '//$SERVER/dosmode
-U$USERNAME%$PASSWORD')
else:
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp
-U$USERNAME%$PASSWORD')
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index f490e9a..ef880e5 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -562,6 +562,40 @@ err_out:
return status;
}
+static uint32_t dos_mode_from_name(connection_struct *conn,
+ const struct smb_filename *smb_fname,
+ uint32_t dosmode)
+{
+ const char *p = NULL;
+ uint32_t result = dosmode;
+
+ if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
+ lp_hide_dot_files(SNUM(conn)))
+ {
+ p = strrchr_m(smb_fname->base_name, '/');
+ if (p) {
+ p++;
+ } else {
+ p = smb_fname->base_name;
+ }
+
+ /* Only . and .. are not hidden. */
+ if ((p[0] == '.') &&
+ !((p[1] == '\0') || (p[1] == '.' && p[2] == '\0')))
+ {
+ result |= FILE_ATTRIBUTE_HIDDEN;
+ }
+ }
+
+ if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
+ IS_HIDDEN_PATH(conn, smb_fname->base_name))
+ {
+ result |= FILE_ATTRIBUTE_HIDDEN;
+ }
+
+ return result;
+}
+
/****************************************************************************
Change a unix mode to a dos mode.
May also read the create timespec into the stat struct in smb_fname
@@ -580,23 +614,6 @@ uint32_t dos_mode(connection_struct *conn, struct
smb_filename *smb_fname)
return 0;
}
- /* First do any modifications that depend on the path name. */
- /* hide files with a name starting with a . */
- if (lp_hide_dot_files(SNUM(conn))) {
- const char *p = strrchr_m(smb_fname->base_name,'/');
- if (p) {
- p++;
- } else {
- p = smb_fname->base_name;
- }
-
- /* Only . and .. are not hidden. */
- if (p[0] == '.' && !((p[1] == '\0') ||
- (p[1] == '.' && p[2] == '\0'))) {
- result |= FILE_ATTRIBUTE_HIDDEN;
- }
- }
-
/* Get the DOS attributes via the VFS if we can */
status = SMB_VFS_GET_DOS_ATTRIBUTES(conn, smb_fname, &result);
if (!NT_STATUS_IS_OK(status)) {
@@ -617,12 +634,7 @@ uint32_t dos_mode(connection_struct *conn, struct
smb_filename *smb_fname)
}
}
- /* Optimization : Only call is_hidden_path if it's not already
- hidden. */
- if (!(result & FILE_ATTRIBUTE_HIDDEN) &&
- IS_HIDDEN_PATH(conn, smb_fname->base_name)) {
- result |= FILE_ATTRIBUTE_HIDDEN;
- }
+ result |= dos_mode_from_name(conn, smb_fname, result);
if (result == 0) {
result = FILE_ATTRIBUTE_NORMAL;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0c46eb1..883c6ae 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2535,7 +2535,18 @@ static NTSTATUS open_file_ntcreate(connection_struct
*conn,
if (!posix_open) {
new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
if (file_existed) {
- existing_dos_attributes = dos_mode(conn, smb_fname);
+ /*
+ * Only use strored DOS attributes for checks
+ * against requested attributes (below via
+ * open_match_attributes()), cf bug #11992
+ * for details. -slow
+ */
+ uint32_t attr = 0;
+
+ status = SMB_VFS_GET_DOS_ATTRIBUTES(conn, smb_fname,
&attr);
+ if (NT_STATUS_IS_OK(status)) {
+ existing_dos_attributes = attr;
+ }
}
}
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 844b93c..7372072 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -300,8 +300,9 @@ for t in nbt_tests:
# Tests against the NTVFS POSIX backend
ntvfsargs = ["--option=torture:sharedelay=100000",
"--option=torture:oplocktimeout=3",
"--option=torture:writetimeupdatedelay=500000"]
-# smb2.change_notify_disabled must only run against env
fileserver-notify-disabled
-smb2 = filter(lambda x: "smb2.change_notify_disabled" not in x,
smbtorture4_testsuites("smb2."))
+# Filter smb2 tests that should not run against ad_dc_ntvfs
+smb2_s3only = ["smb2.change_notify_disabled", "smb2.dosmode"]
+smb2 = [x for x in smbtorture4_testsuites("smb2.") if x not in smb2_s3only]
#The QFILEINFO-IPC test needs to be on ipc$
raw = filter(lambda x: "raw.qfileinfo.ipc" not in x,
smbtorture4_testsuites("raw."))
diff --git a/source4/torture/smb2/dosmode.c b/source4/torture/smb2/dosmode.c
new file mode 100644
index 0000000..7808ca6
--- /dev/null
+++ b/source4/torture/smb2/dosmode.c
@@ -0,0 +1,183 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ SMB2 setinfo individual test suite
+
+ Copyright (C) Ralph Boehme 2016
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/time.h"
+#include "libcli/smb2/smb2.h"
+#include "libcli/smb2/smb2_calls.h"
+
+#include "torture/torture.h"
+#include "torture/smb2/proto.h"
+
+/*
+ test dosmode and hidden files
+*/
+bool torture_smb2_dosmode(struct torture_context *tctx)
+{
+ bool ret = true;
+ NTSTATUS status;
+ struct smb2_tree *tree = NULL;
+ const char *dname = "torture_dosmode";
+ const char *fname = "torture_dosmode\\file";
+ const char *hidefile = "torture_dosmode\\hidefile";
+ const char *dotfile = "torture_dosmode\\.dotfile";
+ struct smb2_handle h1 = {{0}};
+ struct smb2_create io;
+ union smb_setfileinfo sfinfo;
+ union smb_fileinfo finfo2;
+
+ torture_comment(tctx, "Checking dosmode with \"hide files\" "
+ "and \"hide dot files\"\n");
+
+ if (!torture_smb2_connection(tctx, &tree)) {
+ return false;
+ }
+
+ smb2_deltree(tree, dname);
+
+ status = torture_smb2_testdir(tree, dname, &h1);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "torture_smb2_testdir failed");
+
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_CREATE;
+ io.in.create_options = 0;
+ io.in.fname = fname;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed");
+
+ ZERO_STRUCT(sfinfo);
+ sfinfo.basic_info.in.attrib = FILE_ATTRIBUTE_HIDDEN;
+ sfinfo.generic.level = RAW_SFILEINFO_BASIC_INFORMATION;
+ sfinfo.generic.in.file.handle = io.out.file.handle;
+ status = smb2_setinfo_file(tree, &sfinfo);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_setinfo_filefailed");
+
+ ZERO_STRUCT(finfo2);
+ finfo2.generic.level = RAW_FILEINFO_BASIC_INFORMATION;
+ finfo2.generic.in.file.handle = io.out.file.handle;
+ status = smb2_getinfo_file(tree, tctx, &finfo2);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_getinfo_file failed");
+ torture_assert_int_equal_goto(tctx, finfo2.all_info2.out.attrib &
FILE_ATTRIBUTE_HIDDEN,
+ FILE_ATTRIBUTE_HIDDEN, ret, done,
+ "FILE_ATTRIBUTE_HIDDEN is not set");
+
+ smb2_util_close(tree, io.out.file.handle);
+
+ /* This must fail with attribute mismatch */
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_OVERWRITE_IF;
+ io.in.create_options = 0;
+ io.in.fname = fname;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_equal_goto(tctx, status,
NT_STATUS_ACCESS_DENIED,
+ ret, done,"smb2_create failed");
+
+ /* Create a file in "hide files" */
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_CREATE;
+ io.in.create_options = 0;
+ io.in.fname = hidefile;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed");
+
+ ZERO_STRUCT(finfo2);
+ finfo2.generic.level = RAW_FILEINFO_BASIC_INFORMATION;
+ finfo2.generic.in.file.handle = io.out.file.handle;
+ status = smb2_getinfo_file(tree, tctx, &finfo2);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_getinfo_file failed");
+ torture_assert_int_equal_goto(tctx, finfo2.all_info2.out.attrib &
FILE_ATTRIBUTE_HIDDEN,
+ FILE_ATTRIBUTE_HIDDEN, ret, done,
+ "FILE_ATTRIBUTE_HIDDEN is not set");
+
+ smb2_util_close(tree, io.out.file.handle);
+
+ /* Overwrite a file in "hide files", should pass */
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_OVERWRITE_IF;
+ io.in.create_options = 0;
+ io.in.fname = hidefile;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed");
+ smb2_util_close(tree, io.out.file.handle);
+
+ /* Create a "hide dot files" */
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_CREATE;
+ io.in.create_options = 0;
+ io.in.fname = dotfile;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed");
+
+ ZERO_STRUCT(finfo2);
+ finfo2.generic.level = RAW_FILEINFO_BASIC_INFORMATION;
+ finfo2.generic.in.file.handle = io.out.file.handle;
+ status = smb2_getinfo_file(tree, tctx, &finfo2);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_getinfo_file failed");
+ torture_assert_int_equal_goto(tctx, finfo2.all_info2.out.attrib &
FILE_ATTRIBUTE_HIDDEN,
+ FILE_ATTRIBUTE_HIDDEN, ret, done,
+ "FILE_ATTRIBUTE_HIDDEN is not set");
+
+ smb2_util_close(tree, io.out.file.handle);
+
+ /* Overwrite a "hide dot files", should pass */
+ ZERO_STRUCT(io);
+ io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
+ io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
+ io.in.create_disposition = NTCREATEX_DISP_OVERWRITE_IF;
+ io.in.create_options = 0;
+ io.in.fname = dotfile;
+
+ status = smb2_create(tree, tctx, &io);
+ torture_assert_ntstatus_ok_goto(tctx, status, ret, done,
+ "smb2_create failed");
+ smb2_util_close(tree, io.out.file.handle);
+
+done:
+ if (!smb2_util_handle_empty(h1)) {
+ smb2_util_close(tree, h1);
+ }
+ smb2_deltree(tree, dname);
+ return ret;
+}
diff --git a/source4/torture/smb2/smb2.c b/source4/torture/smb2/smb2.c
index 90029c7..be632cc 100644
--- a/source4/torture/smb2/smb2.c
+++ b/source4/torture/smb2/smb2.c
@@ -170,6 +170,7 @@ NTSTATUS torture_smb2_init(void)
torture_suite_add_1smb2_test(suite, "hold-oplock",
test_smb2_hold_oplock);
torture_suite_add_suite(suite, torture_smb2_session_init());
torture_suite_add_suite(suite, torture_smb2_replay_init());
+ torture_suite_add_simple_test(suite, "dosmode", torture_smb2_dosmode);
torture_suite_add_suite(suite, torture_smb2_doc_init());
diff --git a/source4/torture/smb2/wscript_build
b/source4/torture/smb2/wscript_build
index 1c593ef..f404356 100644
--- a/source4/torture/smb2/wscript_build
+++ b/source4/torture/smb2/wscript_build
@@ -4,7 +4,7 @@ bld.SAMBA_MODULE('TORTURE_SMB2',
source='''connect.c scan.c util.c getinfo.c setinfo.c lock.c notify.c
smb2.c durable_open.c durable_v2_open.c oplock.c dir.c lease.c create.c
acls.c read.c compound.c streams.c ioctl.c rename.c
- session.c delete-on-close.c replay.c notify_disabled.c''',
+ session.c delete-on-close.c replay.c notify_disabled.c dosmode.c''',
subsystem='smbtorture',
deps='LIBCLI_SMB2 POPT_CREDENTIALS torture NDR_IOCTL',
internal_module=True,
--
Samba Shared Repository
