[SCM] Samba Shared Repository - branch master updated

Douglas Bagnall Tue, 12 Aug 2025 20:59:19 -0700

The branch, master has been updated
       via  f265195d387 third_party:ngtcp2 Fix compilation with clang-20
       via  7ac54e27267 python:key_credential_link: old python compatibility
       via  6a1dc25421b python:models: add key credential link DN to domain 
fields
      from  bf4bf9f144e s3-utils: Fix CID #1517309 Resource leak in net 
offlinejoin code.


https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit f265195d387f0447163d5b8abf6298b0f9292d73
Author: Gary Lockyer <g...@catalyst.net.nz>
Date:   Wed Aug 13 11:52:36 2025 +1200

    third_party:ngtcp2 Fix compilation with clang-20
    
    Add -Wno-error=implicit-fallthrough and -Wno-error=format-nonliteral so that
    ngtcp2 builds with clang 20
    
    [1972/4994] Compiling third_party/ngtcp2/lib/ngtcp2_objalloc.c
    ../../third_party/ngtcp2/lib/ngtcp2_rtb.c:1120:7: error:
       unannotated fall-through between switch labels
       [-Werror,-Wimplicit-fallthrough]
       1120 |       case NGTCP2_ECN_STATE_UNKNOWN:
            |       ^
    ../../third_party/ngtcp2/lib/ngtcp2_rtb.c:1120:7: note:
       insert '__attribute__((fallthrough));' to silence this warning
       1120 |       case NGTCP2_ECN_STATE_UNKNOWN:
            |       ^
            |       __attribute__((fallthrough));
    ../../third_party/ngtcp2/lib/ngtcp2_rtb.c:1120:7: note:
       insert 'break;' to avoid fall-through
       1120 |       case NGTCP2_ECN_STATE_UNKNOWN:
            |       ^
            |       break;
    1 error generated.
    
    ../../third_party/ngtcp2/lib/ngtcp2_log.c:818:35: error:
       format string is not a string literal [-Werror,-Wformat-nonliteral]
       818 |   n = vsnprintf(buf, sizeof(buf), fmt, ap);
           |                                   ^~~
    1 error generated.
    
    Signed-off-by: Gary Lockyer <g...@catalyst.net.nz>
    Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
    
    Autobuild-User(master): Douglas Bagnall <dbagn...@samba.org>
    Autobuild-Date(master): Wed Aug 13 03:58:43 UTC 2025 on atb-devel-224

commit 7ac54e272676f92a6ba331d1a26623ed82ac2bbc
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date:   Wed Aug 13 10:58:36 2025 +1200

    python:key_credential_link: old python compatibility
    
    int.to_bytes assumed these defaults in recent versions
    
    Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
    Reviewed-by: Gary Lockyer <g...@catalyst.net.nz>

commit 6a1dc25421ba1e927bf758c0ea80e2c08e350113
Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
Date:   Wed Aug 6 14:00:55 2025 +1200

    python:models: add key credential link DN to domain fields
    
    This will soon be needed by samba-tool, and is also going to be used
    in some tests.
    
    Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz>
    Reviewed-by: Gary Lockyer <g...@catalyst.net.nz>

-----------------------------------------------------------------------

Summary of changes:
 python/samba/domain/models/fields.py | 42 ++++++++++++++++++++++++++++++++++++
 python/samba/domain/models/user.py   |  3 +++
 python/samba/key_credential_link.py  |  2 +-
 third_party/ngtcp2/wscript           |  6 ++++++
 4 files changed, 52 insertions(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/domain/models/fields.py 
b/python/samba/domain/models/fields.py
index e902b727aec..cff11661e73 100644
--- a/python/samba/domain/models/fields.py
+++ b/python/samba/domain/models/fields.py
@@ -27,6 +27,7 @@ from enum import IntEnum, IntFlag
 from xml.etree import ElementTree
 
 from ldb import Dn, MessageElement, binary_encode, string_to_time, timestring
+from samba.key_credential_link import KeyCredentialLinkDn
 from samba.dcerpc import security
 from samba.dcerpc.misc import GUID
 from samba.ndr import ndr_pack, ndr_unpack
@@ -550,3 +551,44 @@ class PossibleClaimValuesField(Field):
 
         # Back to str as that is what MessageElement needs.
         return MessageElement(out.getvalue().decode("utf-16"), flags, 
self.name)
+
+
+class BaseDsdbDnField(Field):
+    """Generic DN + Binary field or DN + String field.
+
+    These have this form:
+
+    B:<hex length>:<binary hex>:<ordinary DN>
+    S:<utf8 length>:<utf8 string>:<ordinary DN>
+
+    <hex length> is the length of <binary hex> (in decimal), i.e.
+    twice the length of the encoded value.
+
+    Subclasses should set dsdb_dn to a BaseDsdbDn subtype.
+    """
+    dsdb_dn = NotImplemented
+
+    def from_db_value(self, samdb, value):
+        """Convert MessageElement to a Dn object or list of Dn objects."""
+        if value is None:
+            return
+        elif isinstance(value, self.dsdb_dn):
+            return value
+        elif len(value) > 1 or self.many:
+            return [self.dsdb_dn(samdb, str(item)) for item in value]
+        else:
+            return self.dsdb_dn(samdb, str(value))
+
+    def to_db_value(self, samdb, value, flags):
+        """Convert Dn object or list of Dn objects into a MessageElement."""
+        if value is None:
+            return
+        elif isinstance(value, list):
+            return MessageElement(
+                [str(item) for item in value], flags, self.name)
+        else:
+            return MessageElement(str(value), flags, self.name)
+
+
+class KeyCredentialLinkDnField(BaseDsdbDnField):
+    dsdb_dn = KeyCredentialLinkDn
diff --git a/python/samba/domain/models/user.py 
b/python/samba/domain/models/user.py
index 0ce6cf96d06..14581809454 100644
--- a/python/samba/domain/models/user.py
+++ b/python/samba/domain/models/user.py
@@ -27,6 +27,7 @@ from samba.dsdb import DS_GUID_USERS_CONTAINER
 
 from .exceptions import NotFound
 from .fields import DnField, EnumField, IntegerField, NtTimeField, StringField
+from .fields import KeyCredentialLinkDnField
 from .group import Group
 from .org import OrganizationalPerson
 from .types import AccountType, UserAccountControl
@@ -41,6 +42,8 @@ class User(OrganizationalPerson):
     bad_pwd_count = IntegerField("badPwdCount", readonly=True)
     code_page = IntegerField("codePage")
     display_name = StringField("displayName")
+    key_credential_link = KeyCredentialLinkDnField("msDS-KeyCredentialLink",
+                                                   many=True)
     last_logoff = NtTimeField("lastLogoff", readonly=True)
     last_logon = NtTimeField("lastLogon", readonly=True)
     logon_count = IntegerField("logonCount", readonly=True)
diff --git a/python/samba/key_credential_link.py 
b/python/samba/key_credential_link.py
index 2ef5e00cbff..2ff17da44da 100644
--- a/python/samba/key_credential_link.py
+++ b/python/samba/key_credential_link.py
@@ -187,7 +187,7 @@ def create_key_credential_link(samdb: SamDB,
 
     # always KEY_USAGE_NGC
     kcl_key_usage = kcl_entry_bytes(keycredlink.KeyUsage,
-                                    keycredlink.KEY_USAGE_NGC.to_bytes())
+                                    keycredlink.KEY_USAGE_NGC.to_bytes(1, 
byteorder='big'))
 
     # nttime for now
     kcl_creation = kcl_entry_bytes(keycredlink.KeyCreationTime,
diff --git a/third_party/ngtcp2/wscript b/third_party/ngtcp2/wscript
index f4cfd1c7064..57eb530e7eb 100644
--- a/third_party/ngtcp2/wscript
+++ b/third_party/ngtcp2/wscript
@@ -38,6 +38,12 @@ def configure(conf):
     conf.ADD_NAMED_CFLAGS('LIBNGTCP2_UNPICKY_CFLAGS',
                           '-Wno-error=strict-overflow',
                           testflags=True)
+    conf.ADD_NAMED_CFLAGS('LIBNGTCP2_UNPICKY_CFLAGS',
+                          '-Wno-error=format-nonliteral',
+                          testflags=True)
+    conf.ADD_NAMED_CFLAGS('LIBNGTCP2_UNPICKY_CFLAGS',
+                          '-Wno-error=implicit-fallthrough',
+                          testflags=True)
 
     conf.DEFINE('HAVE_LIBNGTCP2', '1')
     return


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch master updated

Reply via email to