[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1cba9de1444 Fix a few "might be uninitialized" errors via 316579b5029 smbd: Slightly simplify notifyd_send_delete() via 190ae0796eb smbd: Simplify smb_set_file_unix_link() via 88921ac1774 smbd: Simplify smb_q_posix_symlink() via e35b3af2e8b smbd: Simplify call_trans2qpathinfo() from daf6d371f36 s3:rpc_client: implement bind time feature negotiation https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1cba9de1933a51972b725e0f4852704d2a8c Author: Volker Lendecke Date: Mon Jan 22 21:33:05 2024 +0100 Fix a few "might be uninitialized" errors I've seen them with clang Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Apr 23 19:02:10 UTC 2024 on atb-devel-224 commit 316579b5029823ba19eda2a131a3a2a5df7419a1 Author: Volker Lendecke Date: Tue Feb 27 15:32:59 2024 +0100 smbd: Slightly simplify notifyd_send_delete() Call messaging_send_iov() instead of messaging_send_iov_from(). Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 190ae0796ebaaf4f2fc2479f81637207d1fa8934 Author: Volker Lendecke Date: Mon Feb 12 10:26:28 2024 +0100 smbd: Simplify smb_set_file_unix_link() Avoid a call to parent_pathref, use the dirfsp that already exists Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 88921ac177421c25827092df3f063baa80f9f4bf Author: Volker Lendecke Date: Sun Feb 11 13:10:01 2024 +0100 smbd: Simplify smb_q_posix_symlink() Use the dirfsp from call_trans2qpathinfo(), avoid a call to parent_pathref() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e35b3af2e8b82678b2d77ea39a132f6ecaca9991 Author: Volker Lendecke Date: Sat Feb 10 14:26:55 2024 +0100 smbd: Simplify call_trans2qpathinfo() These days filename_convert_dirfsp() always returns a full fsp. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/libsmb/libsmb_file.c | 2 +- source3/smbd/notifyd/notifyd.c| 18 +++-- source3/smbd/smb1_trans2.c| 147 +- source4/auth/sam.c| 2 +- source4/dsdb/common/rodc_helper.c | 2 +- 5 files changed, 63 insertions(+), 108 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/libsmb_file.c b/source3/libsmb/libsmb_file.c index ff18d569757..5861718d672 100644 --- a/source3/libsmb/libsmb_file.c +++ b/source3/libsmb/libsmb_file.c @@ -470,7 +470,7 @@ SMBC_getatr(SMBCCTX * context, mode_t mode = S_IFREG; struct cli_credentials *creds = NULL; TALLOC_CTX *frame = talloc_stackframe(); - NTSTATUS status; + NTSTATUS status = NT_STATUS_ACCESS_DENIED; if (!context || !context->internal->initialized) { TALLOC_FREE(frame); diff --git a/source3/smbd/notifyd/notifyd.c b/source3/smbd/notifyd/notifyd.c index 4af62a9a1f9..64dd26a7e11 100644 --- a/source3/smbd/notifyd/notifyd.c +++ b/source3/smbd/notifyd/notifyd.c @@ -790,7 +790,7 @@ static void notifyd_send_delete(struct messaging_context *msg_ctx, }; uint8_t nul = 0; struct iovec iov[3]; - int ret; + NTSTATUS status; /* * Send a rec_change to ourselves to delete a dead entry @@ -802,13 +802,17 @@ static void notifyd_send_delete(struct messaging_context *msg_ctx, iov[1] = (struct iovec) { .iov_base = key.dptr, .iov_len = key.dsize }; iov[2] = (struct iovec) { .iov_base = , .iov_len = sizeof(nul) }; - ret = messaging_send_iov_from( - msg_ctx, instance->client, messaging_server_id(msg_ctx), - MSG_SMB_NOTIFY_REC_CHANGE, iov, ARRAY_SIZE(iov), NULL, 0); + status = messaging_send_iov(msg_ctx, + instance->client, + MSG_SMB_NOTIFY_REC_CHANGE, + iov, + ARRAY_SIZE(iov), + NULL, + 0); - if (ret != 0) { - DBG_WARNING("messaging_send_iov_from returned %s\n", - strerror(ret)); + if (!NT_STATUS_IS_OK(status)) { + DBG_WARNING("messaging_send_iov failed: %s\n", + nt_errstr(status)); } } diff --git a/source3/smbd/smb1_trans2.c b/source3/smbd/smb1_trans2.c index ae5fee7e2ff..e31bdf02fe8 100644 --- a/source3/smbd/smb1_trans2.c +++ b/source3/smbd/smb1_trans2.c @@ -2529,16 +2529,14 @@ static NTSTATUS smb_q_posix_acl(
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 39e3300b8d8 smbd: Some README.Coding in smbd_do_qfilepathinfo() via ebb8084c67b samr_server: Modernize a DBG statement via 73a27939676 samr_server: Avoid a DEBUGADD() via 995d1958e9a lib: Simplify grant_privilege_bitmap() via 8e741b596e9 lib: Modernize (and fix) a DBG statement via 36303bbdec4 libsmb: Fix whitespace and a typo via 6877e4849e8 lib: Avoid 70k of r/w memory via 24ad425e284 lib: Simplify hresult.c from 13d98c8fa6d s3:passdb: Fix memory leak caused by recursion of get_global_sam_sid() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 39e3300b8d8f01a39a5ec80b22724b21e91d34d6 Author: Volker Lendecke Date: Wed Jan 3 10:34:42 2024 +0100 smbd: Some README.Coding in smbd_do_qfilepathinfo() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jan 24 00:35:33 UTC 2024 on atb-devel-224 commit ebb8084c67b35b11a24f56e6f6c8217b4e3f752c Author: Volker Lendecke Date: Mon Dec 18 22:03:07 2023 +0100 samr_server: Modernize a DBG statement Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 73a279396769b54d045b7cdf0fff9a045dd50d69 Author: Volker Lendecke Date: Mon Dec 18 22:00:26 2023 +0100 samr_server: Avoid a DEBUGADD() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 995d1958e9a83c3a19181a343d5c66894b1efee7 Author: Volker Lendecke Date: Mon Dec 18 21:40:46 2023 +0100 lib: Simplify grant_privilege_bitmap() ZERO_STRUCT on a uint64_t doesn't really make sense... Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 8e741b596e908035a59fc635eed9cd5f62f2434a Author: Volker Lendecke Date: Mon Dec 18 21:39:47 2023 +0100 lib: Modernize (and fix) a DBG statement Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 36303bbdec482b797234155c8e6929a550fb0527 Author: Volker Lendecke Date: Mon Dec 18 21:13:56 2023 +0100 libsmb: Fix whitespace and a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6877e4849e81ed8f7f355fa4069f13a134e999ce Author: Volker Lendecke Date: Mon Jan 22 21:21:54 2024 +0100 lib: Avoid 70k of r/w memory This adds more .text than it strips .data, but .text is shared between all processes, .data is copied. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 24ad425e2843ca321304bf8d503f52e0f6f8fd42 Author: Volker Lendecke Date: Mon Jan 22 20:57:31 2024 +0100 lib: Simplify hresult.c Functions don't need a ; at the end. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/lib/privileges.c | 21 ++--- source3/libsmb/cliconnect.c | 12 source3/libsmb/clidgram.c| 2 +- source3/libsmb/clierror.c| 2 +- source3/libsmb/clifile.c | 2 +- source3/libsmb/clifsinfo.c | 2 +- source3/libsmb/cliquota.c| 4 +-- source3/libsmb/clisecdesc.c | 2 +- source3/libsmb/conncache.c | 2 +- source3/libsmb/errormap.c| 9 +++--- source3/libsmb/errormap_wbc.c| 9 +++--- source3/libsmb/libsmb_thread_impl.c | 10 +++ source3/libsmb/libsmb_thread_posix.c | 9 +++--- source3/libsmb/libsmb_xattr.c| 22 +++--- source3/libsmb/namequery_dc.c| 2 +- source3/libsmb/smberr.c | 4 +-- source3/rpc_server/samr/srv_samr_chgpasswd.c | 8 +++-- source3/rpc_server/samr/srv_samr_nt.c| 11 +++ source3/smbd/smb2_trans2.c | 5 ++-- source4/scripting/bin/gen_hresult.py | 45 +--- 20 files changed, 82 insertions(+), 101 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 789e05a9c44..05a4c9a1e76 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -339,24 +339,21 @@ NTSTATUS privilege_enum_sids(enum sec_privilege privilege, TALLOC_CTX *mem_ctx, static bool grant_privilege_bitmap(const struct dom_sid *sid, const uint64_t priv_mask) { - uint64_t old_mask, new_mask; + uint64_t old_mask = 0, new_mask = 0; struct dom_sid_buf buf; - ZERO_STRUCT( old_mask ); - ZERO_STRUCT( new_mask ); - - if ( get_privileges( sid, _mask ) ) + if ( get_privileges( sid, _mask ) ) { new_mask = old_mask; - else - new_mask = 0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0caaa2d1723 vfs: Remove shadow_copy2_get_real_filename_at() via 6afcb7f0dbf testing: case insensitive lookups fail in shadow_copy2 snapshots from c09d1a3ac1c tests: add a test for "fake directory create times" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0caaa2d1723084ba5a707432830c5916e85e21bc Author: Volker Lendecke Date: Thu Jan 11 16:49:29 2024 + vfs: Remove shadow_copy2_get_real_filename_at() The synthetic_pathref() call in shadow_copy2_get_real_filename_at() fails if shadow:snapdir is set outside of the share root, it creates an absolute path and non_widelink_open() blocks that. We don't need shadow_copy2_get_real_filename_at() anymore because the dirfsp already points at the correct directory in the snapshot directory. So get_real_filename_full_scan_at() just works fine. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15556 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jan 16 19:44:53 UTC 2024 on atb-devel-224 commit 6afcb7f0dbfe741e43b2070f8a78d87cdb73e042 Author: Volker Lendecke Date: Tue Jan 16 11:42:43 2024 +0100 testing: case insensitive lookups fail in shadow_copy2 snapshots Bug: https://bugzilla.samba.org/show_bug.cgi?id=15556 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/modules/vfs_shadow_copy2.c | 95 source3/script/tests/test_shadow_copy.sh | 4 ++ 2 files changed, 4 insertions(+), 95 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index 47b0edc72c3..c6e6ecd26c4 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -2524,100 +2524,6 @@ static NTSTATUS shadow_copy2_read_dfs_pathat(struct vfs_handle_struct *handle, return status; } -static NTSTATUS shadow_copy2_get_real_filename_at( - struct vfs_handle_struct *handle, - struct files_struct *dirfsp, - const char *name, - TALLOC_CTX *mem_ctx, - char **found_name) -{ - struct shadow_copy2_private *priv = NULL; - time_t timestamp = 0; - char *stripped = NULL; - char *conv; - struct smb_filename *conv_fname = NULL; - NTSTATUS status; - bool ok; - - SMB_VFS_HANDLE_GET_DATA(handle, priv, struct shadow_copy2_private, - return NT_STATUS_INTERNAL_ERROR); - - DBG_DEBUG("Path=[%s] name=[%s]\n", fsp_str_dbg(dirfsp), name); - - ok = shadow_copy2_strip_snapshot( - talloc_tos(), handle, dirfsp->fsp_name, , ); - if (!ok) { - status = map_nt_error_from_unix(errno); - DEBUG(10, ("shadow_copy2_strip_snapshot failed\n")); - return status; - } - if (timestamp == 0) { - DEBUG(10, ("timestamp == 0\n")); - return SMB_VFS_NEXT_GET_REAL_FILENAME_AT( - handle, dirfsp, name, mem_ctx, found_name); - } - - /* -* Note that stripped may be an empty string "" if path was ".". As -* shadow_copy2_convert() combines "" with the shadow-copy tree connect -* root fullpath and get_real_filename_full_scan() has an explicit check -* for "" this works. -*/ - DBG_DEBUG("stripped [%s]\n", stripped); - - conv = shadow_copy2_convert(talloc_tos(), handle, stripped, timestamp); - if (conv == NULL) { - status = map_nt_error_from_unix(errno); - DBG_DEBUG("shadow_copy2_convert [%s] failed: %s\n", - stripped, - strerror(errno)); - return status; - } - - status = synthetic_pathref( - talloc_tos(), - dirfsp->conn->cwd_fsp, - conv, - NULL, - NULL, - 0, - 0, - _fname); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - DEBUG(10, ("Calling NEXT_GET_REAL_FILE_NAME for conv=[%s], " - "name=[%s]\n", conv, name)); - status = SMB_VFS_NEXT_GET_REAL_FILENAME_AT( - handle, conv_fname->fsp, name, mem_ctx, found_name); - DEBUG(10, ("NEXT_REAL_FILE_NAME returned %s\n", nt_errstr(status))); - if (NT_STATUS_IS_OK(status)) { - TALLOC_FREE(conv_fname); - return NT_STATUS_OK; - } - if (!NT_STATU
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2cfbf43f706 smbd: Fix traversing snapshot dirs that vanished in current fileset via a0bfadb32b8 shadow_copy: Add test for missing directory in "current" fileset from 314eb730833 Happy New Year 2024! https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2cfbf43f706d5d29a5b1a5b13aac0661e42da0b1 Author: Volker Lendecke Date: Thu Dec 28 14:38:37 2023 +0100 smbd: Fix traversing snapshot dirs that vanished in current fileset Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jan 2 20:37:01 UTC 2024 on atb-devel-224 commit a0bfadb32b83ab1e58290f84c298d345e21866d9 Author: Volker Lendecke Date: Thu Dec 28 14:20:11 2023 +0100 shadow_copy: Add test for missing directory in "current" fileset Right now we can't traverse a subdirectory in a snapshot which was deleted in the current set of files. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/script/tests/test_shadow_copy.sh | 27 +++ source3/smbd/filename.c | 2 +- 2 files changed, 28 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_shadow_copy.sh b/source3/script/tests/test_shadow_copy.sh index b5726e4b833..3141df3568d 100755 --- a/source3/script/tests/test_shadow_copy.sh +++ b/source3/script/tests/test_shadow_copy.sh @@ -389,6 +389,32 @@ test_shadow_copy_format() failed=`expr $failed + 1` } +# Test fetching a file where there's no current version of it +test_missing_basedir() +{ +local share +local where +local prefix +local snapidx + +share=$1 +where=$2 +prefix=$3 +snapidx=$4 + +#delete snapshots from previous tests +find $WORKDIR -name ".snapshots" -exec rm -rf {} \; 1>/dev/null 2>&1 +build_snapshots $WORKDIR/$where "$prefix" "$snapidx" "$snapidx" + +(cd "$WORKDIR/$where"/share; mv bar _bar) + +testit "fetch a file without a latest version" \ + test_fetch_snap_file "$share" "bar/baz" "$snapidx" || \ + failed=`expr $failed + 1` + +(cd "$WORKDIR/$where"/share; mv _bar bar) +} + #build "latest" files build_files $WORKDIR/mount base/share "latest" "latest" @@ -423,5 +449,6 @@ test_shadow_copy_format shadow_fmt2 mount/base share 2 "shadow:format with some test_shadow_copy_format shadow_fmt3 mount/base share 2 "shadow:format with modified format" test_shadow_copy_format shadow_fmt4 mount/base share 3 "shadow:format with snapprefix" test_shadow_copy_format shadow_fmt5 mount/base share 6 "shadow:format with delimiter" +test_missing_basedir shadow3 "mount/base" "share" 6 exit $failed diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index 2ec073b2154..e7f5fe29b02 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -839,7 +839,7 @@ static NTSTATUS filename_convert_dirfsp_nosymlink( conn, conn->cwd_fsp, dirname, - 0, + twrp, posix, _dirname, _err); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f42b8431ef s3: smbd: Allow fchmod from the NFS-style mode ACL in set_nt_acl() for a SMB2 POSIX handle. via 631e6aa0d02 smbd: bring back "smb3 unix extensions" option via b124c2e1823 smbd: factor out smb2_negotiate_context_process_posix() via 6e300ef7314 smbd: tweak POSIX check in smbd_do_qfilepathinfo() via 55d98b29eb2 smbd: check is POSIX is enabled on the fsp in fsinfo_unix_valid_level() via 01022d036f5 smbd: pass fsp to fsinfo_unix_valid_level() via bca6f0298fe smbd: pass fsp to smbd_do_qfsinfo() via 3f73bb591cf smbd: leave comment on broken SMB1 POSIX open handling of SMB_O_DIRECT from 0b74adb3f01 samba-tool: Improve help messages for "samba-tool domain auth policy" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f42b8431efcdeee9e270423bab9e111775430c9 Author: Jeremy Allison Date: Thu Mar 1 14:37:52 2018 -0800 s3: smbd: Allow fchmod from the NFS-style mode ACL in set_nt_acl() for a SMB2 POSIX handle. To set a mode, send a one-element ACL. Pair-Programmed-With: Ralph Boehme Signed-off-by: Jeremy Allison Signed-off-by: Ralph Boehme Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 27 19:31:01 UTC 2023 on atb-devel-224 commit 631e6aa0d02756d6ebbc9dff5c9d81fdbca58d7f Author: Ralph Boehme Date: Wed Nov 8 17:49:19 2023 +0100 smbd: bring back "smb3 unix extensions" option This basically reverts commit b3cae8dcf192f65031f143e5bb9135c895611d98 with a few important differences: * SMB3 UNIX extensions are always built, but disabled by default at runtime. * They are globally enabled in the fileserver test environment. * It's now a per-share option, so admins can selectively disable them on a per-share basis. This allows clients to detect early that a share doesn't support user mount requested POSIX and fail appropiately, passing the failure to the requesting application (mount command). Signed-off-by: Ralph Boehme commit b124c2e1823d96e51d9d19cb2ccb0286b923ac8d Author: Ralph Boehme Date: Wed Nov 22 12:53:36 2023 +0100 smbd: factor out smb2_negotiate_context_process_posix() No change in behaviour. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 6e300ef73147e6549748593ce168e9763cd567be Author: Ralph Boehme Date: Mon Nov 13 10:36:14 2023 +0100 smbd: tweak POSIX check in smbd_do_qfilepathinfo() This check is only needed for SMB2, so check for that, and in the SMB2 codepath we'll always have a valid fsp, so we can drop that check. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 55d98b29eb294542cc4947573f233e0d5e6966cb Author: Ralph Boehme Date: Mon Nov 13 10:35:30 2023 +0100 smbd: check is POSIX is enabled on the fsp in fsinfo_unix_valid_level() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 01022d036f5c9c8296d9174240a58e437c84f848 Author: Ralph Boehme Date: Mon Nov 13 08:04:33 2023 +0100 smbd: pass fsp to fsinfo_unix_valid_level() We need the fsp down in fsinfo_unix_valid_level(), pass it down. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit bca6f0298fe7230bbf54950dab4329dee6cc9a51 Author: Ralph Boehme Date: Mon Nov 13 07:43:11 2023 +0100 smbd: pass fsp to smbd_do_qfsinfo() We need the fsp down in fsinfo_unix_valid_level(), start passing it down. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 3f73bb591cf0ab4e7e305c9b58727790e54b32ed Author: Ralph Boehme Date: Fri Nov 24 16:29:57 2023 +0100 smbd: leave comment on broken SMB1 POSIX open handling of SMB_O_DIRECT Since e0814dc5082dd4ecca8a155e0ce24b073158fd92 the passed in attributes get replaced by the mode in create_file_default(). As FILE_FLAG_NO_BUFFERING is never checked when doing the final IO, it doesn't really matter. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: WHATSNEW.txt | 2 +- .../smbdotconf/protocol/smb3unixextensions.xml | 9 ++ selftest/target/Samba3.pm | 1 + source3/param/loadparm.c | 8 +- source3/smbd/globals.h | 1 + source3/smbd/smb1_trans2.c | 7 ++ source3/smbd/smb2_create.c | 4 +- source3/smbd/smb2_getinfo.c| 1 + source3/smbd/smb2_negprot.c| 97 +- source3/smbd/smb2_nttrans.c| 69 +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f955d9aa49d smbd: Fix Coverity ID 1499372 Uninitialized scalar variable via bc0df4fd97a winbind: Fix Coverity ID 1398910 via 0bc329a3430 lsa4: Fix Coverity ID 1499410 via a5c2134cc23 samr4: Fix Coverity ID 1499378 via 66a8a4f02ea utils: Fix Coverity ID 240113 via 2651a7b03d6 smbd: Fix/remove a comment that became irrelevant via 7c5380c9589 smbd: Fix a comment via af69ea73a42 smbd: Convert a void* into the real DIR* from 8863d84d537 s3:rpc_client: Remove unused rpccli_lsa_open_policy2() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f955d9aa49dd880c004347b23e8c7a068bbd8952 Author: Volker Lendecke Date: Wed Nov 15 14:53:06 2023 +0100 smbd: Fix Coverity ID 1499372 Uninitialized scalar variable This is real. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 21 18:33:51 UTC 2023 on atb-devel-224 commit bc0df4fd97a44dd69671b7faf8814307a552d400 Author: Volker Lendecke Date: Wed Nov 15 14:48:20 2023 +0100 winbind: Fix Coverity ID 1398910 Coverity isn't smart enough for talloc Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0bc329a3430a91357e7062df4c0f8ac5cbde95da Author: Volker Lendecke Date: Wed Nov 15 14:39:33 2023 +0100 lsa4: Fix Coverity ID 1499410 It complains about uninitialized access, and I'm not sure it isn't right. Just initialize the structure. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a5c2134cc2349e849b89c33dd91b25cc6bf2dd11 Author: Volker Lendecke Date: Wed Nov 15 14:36:20 2023 +0100 samr4: Fix Coverity ID 1499378 Coverity isn't smart enough to see this is initialized. As it's good practice to initialize vars, just do it. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 66a8a4f02eadf9c391be95712319bbca85cca8bc Author: Volker Lendecke Date: Wed Nov 15 14:26:09 2023 +0100 utils: Fix Coverity ID 240113 Not a leak, but Coverity does not understand talloc well enough. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 2651a7b03d6051a7ba054e1dd907a7de148f5159 Author: Volker Lendecke Date: Wed Nov 15 06:24:15 2023 +0100 smbd: Fix/remove a comment that became irrelevant Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7c5380c95898969c73edc87d2715e1ef0199122b Author: Volker Lendecke Date: Sat Nov 18 17:38:09 2023 +0100 smbd: Fix a comment See 84cf205ff435 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit af69ea73a42a4f3903637ee300a27a4f8db32c73 Author: Volker Lendecke Date: Thu Nov 16 20:39:50 2023 +0100 smbd: Convert a void* into the real DIR* Not sure why this was a void* Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/smbd/dir.c| 6 +- source3/smbd/files.c | 2 +- source3/smbd/proto.h | 2 +- source3/smbd/smb2_oplock.c| 8 +--- source3/smbd/vfs.c| 7 --- source3/utils/net_ads.c | 2 ++ source3/winbindd/winbindd_ads.c | 2 ++ source4/rpc_server/lsa/lsa_init.c | 9 + source4/rpc_server/samr/dcesrv_samr.c | 4 ++-- 9 files changed, 23 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index d9e10b919d3..8fb4476d4ab 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -647,11 +647,7 @@ bool smbd_dirptr_get_entry(TALLOC_CTX *ctx, if (posix) { /* -* Posix always wants to see symlinks, -* dangling or not. We've done the -* openat_pathref_fsp() to fill in -* smb_fname->fsp just in case it's not -* dangling. +* Posix always wants to see symlinks. */ ask_sharemode = false; goto done; diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 11fee8caf24..48b78dc32c0 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -216,7 +216,7 @@ NTSTATUS create_internal_fsp(connection_struct *conn, * Create an internal fsp for an *existing* directory. * * This should only be used by callers in the VFS that need to control the - * opening of the directory. Otherwise use open_internal_dirfsp_at(). + * opening of the directory. Otherwise use open_internal_dirfsp(). */ NTSTA
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4481a67c1b2 smbd: fix close order of base_fsp and stream_fsp in smb_fname_fsp_destructor() from fe1d45cf1e9 s4:librpc: Add functions converting between bytes and UTF‐16 strings https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4481a67c1b20549a71d6c5132b637798a09f966d Author: Ralph Boehme Date: Thu Nov 16 10:50:32 2023 +0100 smbd: fix close order of base_fsp and stream_fsp in smb_fname_fsp_destructor() VFS modules like streams_xattr use the function fsp_is_alternate_stream() on the fsp to determine in an fsp is a stream, eg in streams_xattr_close(). If fspo->base_fsp is arlready set to NULL, this won't work anymore. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15521 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Nov 16 18:31:17 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/files.c | 24 +--- 1 file changed, 13 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 5da90480a67..11fee8caf24 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -408,6 +408,7 @@ static void destroy_fsp_smb_fname_link(struct fsp_smb_fname_link **_link) static int smb_fname_fsp_destructor(struct smb_filename *smb_fname) { struct files_struct *fsp = smb_fname->fsp; + struct files_struct *base_fsp = NULL; NTSTATUS status; int saved_errno = errno; @@ -419,17 +420,7 @@ static int smb_fname_fsp_destructor(struct smb_filename *smb_fname) } if (fsp_is_alternate_stream(fsp)) { - struct files_struct *tmp_base_fsp = fsp->base_fsp; - - fsp_set_base_fsp(fsp, NULL); - - status = fd_close(tmp_base_fsp); - if (!NT_STATUS_IS_OK(status)) { - DBG_ERR("Closing fd for fsp [%s] failed: %s. " - "Please check your filesystem!!!\n", - fsp_str_dbg(fsp), nt_errstr(status)); - } - file_free(NULL, tmp_base_fsp); + base_fsp = fsp->base_fsp; } status = fd_close(fsp); @@ -441,6 +432,17 @@ static int smb_fname_fsp_destructor(struct smb_filename *smb_fname) file_free(NULL, fsp); smb_fname->fsp = NULL; + if (base_fsp != NULL) { + base_fsp->stream_fsp = NULL; + status = fd_close(base_fsp); + if (!NT_STATUS_IS_OK(status)) { + DBG_ERR("Closing fd for base_fsp [%s] failed: %s. " + "Please check your filesystem!!!\n", + fsp_str_dbg(base_fsp), nt_errstr(status)); + } + file_free(NULL, base_fsp); + } + errno = saved_errno; return 0; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9898ca65e93 docs-xml: Fix a usage for case sensitive parameter via 2b1a687a6f8 vfs_ceph: Replace libceph with libcephfs in comments via e091febb0cc vfs_ceph: Fix the comment quoting module usage via 149734409a8 vfs_ceph: Fix a comment in cephwrap_fchmod() via 5572400a975 vfs_ceph: Add path based fallback mechanism for SMB_VFS_CHOWN from 4e585186f2b smbd: Get the symlink mode for posix through fdos_mode() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9898ca65e936c3f91578b1a24b91ea9243da4b1c Author: Anoop C S Date: Mon Nov 13 12:28:19 2023 +0530 docs-xml: Fix a usage for case sensitive parameter Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 15 18:52:16 UTC 2023 on atb-devel-224 commit 2b1a687a6f8c500bd66397f2ac7937c70855b268 Author: Anoop C S Date: Mon Nov 13 12:47:17 2023 +0530 vfs_ceph: Replace libceph with libcephfs in comments Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e091febb0cccd9146d2e2b8ebf8841b3634809ed Author: Anoop C S Date: Mon Nov 13 12:43:59 2023 +0530 vfs_ceph: Fix the comment quoting module usage Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 149734409a882b060a9c344ec2eb843c298343ce Author: Anoop C S Date: Sat Nov 11 11:13:15 2023 +0530 vfs_ceph: Fix a comment in cephwrap_fchmod() Signed-off-by: Anoop C S Reviewed-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5572400a975a07905f7cb0f3611590dfaf787311 Author: Anoop C S Date: Sat Nov 11 11:07:28 2023 +0530 vfs_ceph: Add path based fallback mechanism for SMB_VFS_CHOWN Fallback mechanism was missing in cephwrap_fchown() for path based call. Signed-off-by: Anoop C S Reviewed-by: Jeremy Allison --- Summary of changes: docs-xml/manpages/smb.conf.5.xml | 2 +- source3/modules/vfs_ceph.c | 41 2 files changed, 30 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml index 4b33c0f59e8..e760ff6b431 100644 --- a/docs-xml/manpages/smb.conf.5.xml +++ b/docs-xml/manpages/smb.conf.5.xml @@ -664,7 +664,7 @@ chmod 1770 /usr/local/samba/lib/usershares passed names. The default setting of auto allows clients that support case sensitive filenames (Linux CIFSVFS and smbclient 3.0.5 and above currently) to tell the Samba server on a per-packet basis that they wish to access the file system in a case-sensitive manner (to support UNIX case sensitive semantics). No Windows or - DOS system supports case-sensitive filename so setting this option to auto is that same as setting it to no + DOS system supports case-sensitive filename so setting this option to auto is the same as setting it to no for them. Default auto. diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index 4bcefcf91e8..aa68b5573c8 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -21,13 +21,13 @@ */ /* - * This VFS only works with the libceph.so user-space client. It is not needed + * This VFS only works with the libcephfs.so user-space client. It is not needed * if you are using the kernel client or the FUSE client. * * Add the following smb.conf parameter to each share that will be hosted on * Ceph: * - * vfs objects = ceph [any others you need go here] + * vfs objects = [any others you need go here] ceph */ #include "includes.h" @@ -54,8 +54,8 @@ #define llu(_var) ((long long unsigned)_var) /* - * Note, libceph's return code model is to return -errno! So we have to convert - * to what Samba expects, with is set errno to -return and return -1 + * Note, libcephfs's return code model is to return -errno! So we have to + * convert to what Samba expects, with is set errno to -return and return -1 */ #define WRAP_RETURN(_res) \ errno = 0; \ @@ -353,7 +353,7 @@ static int cephwrap_get_quota(struct vfs_handle_struct *handle, unid_t id, SMB_DISK_QUOTA *qt) { - /* libceph: Ceph does not implement this */ + /* libcephfs: Ceph does not implement this */ #if 0 /* was ifdef HAVE_SYS_QUOTAS */ int ret; @@ -374,7 +374,7 @@ static int cephwrap_get_quota(struct vfs_handle_struct *handle, static int cephwrap_set_quota(struct vfs_handle_struct *handle, enum SMB_QUOTA_TYPE qtype, unid_t id, SMB_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b649007a532 smbd: remove now unneccessary wrapper vfs_fget_dos_attributes() via 7dca8a96867 smbd: Alternative fix for smb2.stream.attributes2 test from 95443320847 smbd: fix has_other_nonposix_opens_fn() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b649007a532812ffb14a8fd7cbf204acb388e6d0 Author: Ralph Boehme Date: Fri Nov 10 10:01:46 2023 +0100 smbd: remove now unneccessary wrapper vfs_fget_dos_attributes() Signed-off-by: Ralph Boehme Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 14 00:10:19 UTC 2023 on atb-devel-224 commit 7dca8a96867f67441eebdf4824b406177ebb8806 Author: Volker Lendecke Date: Fri Nov 10 08:39:15 2023 +0100 smbd: Alternative fix for smb2.stream.attributes2 test It confused me that a function that supposedly just retrieves dos attributes also updates something. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: source3/include/proto.h | 3 --- source3/smbd/dosmode.c | 8 +++- source3/smbd/open.c | 5 - source3/smbd/vfs.c | 39 --- 4 files changed, 11 insertions(+), 44 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index bbb089a5908..06ad7fb508a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -82,9 +82,6 @@ NTSTATUS vfs_at_fspcwd(TALLOC_CTX *mem_ctx, struct connection_struct *conn, struct files_struct **_fsp); -NTSTATUS vfs_fget_dos_attributes(struct files_struct *fsp, -uint32_t *dosmode); - #include "source3/lib/interface.h" /* The following definitions come from lib/ldap_debug_handler.c */ diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index c0fc468cdfb..229a85a9171 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -715,7 +715,9 @@ uint32_t fdos_mode(struct files_struct *fsp) } /* Get the DOS attributes via the VFS if we can */ - status = vfs_fget_dos_attributes(fsp, ); + status = SMB_VFS_FGET_DOS_ATTRIBUTES(fsp->conn, +metadata_fsp(fsp), +); if (!NT_STATUS_IS_OK(status)) { /* * Only fall back to using UNIX modes if we get NOT_IMPLEMENTED. @@ -1292,6 +1294,10 @@ struct timespec get_create_timespec(connection_struct *conn, struct files_struct *fsp, const struct smb_filename *smb_fname) { + if (fsp != NULL) { + struct files_struct *meta_fsp = metadata_fsp(fsp); + return meta_fsp->fsp_name->st.st_ex_btime; + } return smb_fname->st.st_ex_btime; } diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 87a252a3d1b..cb1e2adbf1e 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -3906,7 +3906,10 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, */ uint32_t attr = 0; - status = vfs_fget_dos_attributes(smb_fname->fsp, ); + status = SMB_VFS_FGET_DOS_ATTRIBUTES( + conn, + metadata_fsp(smb_fname->fsp), + ); if (NT_STATUS_IS_OK(status)) { existing_dos_attributes = attr; } diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index a34b9083352..3a1d18d6676 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -1297,45 +1297,6 @@ NTSTATUS vfs_at_fspcwd(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -NTSTATUS vfs_fget_dos_attributes(struct files_struct *fsp, -uint32_t *dosmode) -{ - NTSTATUS status; - - /* -* First make sure to pass the base_fsp to the VFS -*/ - status = SMB_VFS_FGET_DOS_ATTRIBUTES( - fsp->conn, metadata_fsp(fsp), dosmode); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - /* -* If this isn't a stream fsp we're done, ... -*/ - if (!fsp_is_alternate_stream(fsp)) { - return NT_STATUS_OK; - } - - /* -* ...otherwise the VFS might have updated the btime, propagate the -* btime from the base_fsp to the stream fsp. -*/ - - if (fsp->base_fsp->fsp_name->st.st_ex_iflags & ST_EX_IFLAG_CALCULATED_BTIME) { - /* -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 95443320847 smbd: fix has_other_nonposix_opens_fn() via 8ccc809f931 CI/smb3unix: add test_delete_on_close via f09c5a3dcbb python: move clean_file() to samba/tests/libsmb.py from 29bb93d03a4 libcli/security: conditional aces: don't allow U+ in unicode https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 95443320847967ea6412e59b5b7d3853fffe588a Author: Ralph Boehme Date: Fri Oct 13 10:54:44 2023 +0200 smbd: fix has_other_nonposix_opens_fn() Given two opens on a file: 1. Windows open with delete-on-close 2. POSIX open with delete-on-close set When handle 1 is closed processing in has_other_nonposix_opens_fn() will not delete the file as (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) is false, so has_other_nonposix_opens() will return true which is wrong. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15517 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 13 19:34:29 UTC 2023 on atb-devel-224 commit 8ccc809f931f5ea8c8893042c1552f7352f0805b Author: Ralph Boehme Date: Thu Nov 9 19:53:46 2023 +0100 CI/smb3unix: add test_delete_on_close BUG:https://bugzilla.samba.org/show_bug.cgi?id=15517 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit f09c5a3dcbb15bb138b6a11eadc04f1bd1d9e3fa Author: Ralph Boehme Date: Thu Nov 9 19:52:55 2023 +0100 python: move clean_file() to samba/tests/libsmb.py BUG:https://bugzilla.samba.org/show_bug.cgi?id=15517 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/tests/libsmb.py | 11 +++ python/samba/tests/smb2symlink.py | 10 -- python/samba/tests/smb3unix.py| 65 +++ source3/smbd/close.c | 3 +- 4 files changed, 77 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb.py b/python/samba/tests/libsmb.py index 85068b1caec..cb632d0e3a7 100644 --- a/python/samba/tests/libsmb.py +++ b/python/samba/tests/libsmb.py @@ -21,6 +21,7 @@ from samba.samba3 import libsmb_samba_internal as libsmb from samba.dcerpc import security from samba.samba3 import param as s3param from samba import credentials +from samba import (ntstatus,NTSTATUSError) import samba.tests import os @@ -42,3 +43,13 @@ class LibsmbTests(samba.tests.TestCase): self.global_inject = os.path.join(server_conf_dir, "global_inject.conf") self.server_ip = samba.tests.env_get_var_value("SERVER_IP") + +def clean_file(self, conn, filename): +try: +conn.unlink(filename) +except NTSTATUSError as e: +if e.args[0] == ntstatus.NT_STATUS_FILE_IS_A_DIRECTORY: +conn.rmdir(filename) +elif not (e.args[0] == ntstatus.NT_STATUS_OBJECT_NAME_NOT_FOUND or + e.args[0] == ntstatus.NT_STATUS_OBJECT_PATH_NOT_FOUND): +raise diff --git a/python/samba/tests/smb2symlink.py b/python/samba/tests/smb2symlink.py index 5fca138e82a..83df78e8bb6 100644 --- a/python/samba/tests/smb2symlink.py +++ b/python/samba/tests/smb2symlink.py @@ -55,16 +55,6 @@ class Smb2SymlinkTests(samba.tests.libsmb.LibsmbTests): self.creds) return (smb1, smb2) -def clean_file(self, conn, filename): -try: -conn.unlink(filename) -except NTSTATUSError as e: -if e.args[0] == ntstatus.NT_STATUS_FILE_IS_A_DIRECTORY: -conn.rmdir(filename) -elif not (e.args[0] == ntstatus.NT_STATUS_OBJECT_NAME_NOT_FOUND or - e.args[0] == ntstatus.NT_STATUS_OBJECT_PATH_NOT_FOUND): -raise - def create_symlink(self, conn, target, symlink): self.clean_file(conn, symlink) if (conn.protocol() < libsmb.PROTOCOL_SMB2_02 and conn.have_posix()): diff --git a/python/samba/tests/smb3unix.py b/python/samba/tests/smb3unix.py index 33a3d546f75..5a88640e1cd 100644 --- a/python/samba/tests/smb3unix.py +++ b/python/samba/tests/smb3unix.py @@ -35,6 +35,35 @@ class Smb3UnixTests(samba.tests.libsmb.LibsmbTests): self.samsid = os.environ["SAMSID"] +def connections(self, share1=None, posix1=False, share2=None, posix2=True): +if not share1: +share1 = samba.tests.env_get_var_value( +"SHARE1", allow_missing=True) +if not share1: +share1 = "tmp" + +if not share2: +share2 = samba.tests.env_get_var_value( +"SHARE2", allow_missing=True) +if not
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 29558014911 torture3: Correct use of enum client_flavour defines via f38ed3554db librpc: Fix the build on FreeBSD via 89897359776 librpc: Fix #define header guard from b8ffb245964 third_party/heimdal: krb5: Try to decode e-data as KERB-ERROR-DATA (falling back to METHOD-DATA) (Import lorikeet-heimdal-202311092338 (commit 50996e5f0b0f22a4eb755a6f22cb7b4ecab2aeea)) https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2955801491113200d7c5892839b9f0b47aabb300 Author: Volker Lendecke Date: Thu Nov 9 16:23:49 2023 +0100 torture3: Correct use of enum client_flavour defines enum client_flavour does not define LINUX, it defines WINDOWS and POSIX. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Nov 10 02:33:33 UTC 2023 on atb-devel-224 commit f38ed3554db031d7e831baa485b1b07230f21121 Author: Volker Lendecke Date: Thu Nov 9 16:18:13 2023 +0100 librpc: Fix the build on FreeBSD ndr_wsp.h included standalone does not find struct timespec on FreeBSD Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 89897359776a5b7cb19d262a359516584a7d1764 Author: Volker Lendecke Date: Thu Nov 9 16:17:50 2023 +0100 librpc: Fix #define header guard Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: librpc/wsp/wsp_util.h | 2 +- source3/torture/test_posix.c | 8 source4/scripting/bin/gen_wsp_props.py | 3 ++- 3 files changed, 7 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/wsp/wsp_util.h b/librpc/wsp/wsp_util.h index 0f64da2e550..ccda53b88cc 100644 --- a/librpc/wsp/wsp_util.h +++ b/librpc/wsp/wsp_util.h @@ -19,7 +19,7 @@ * along with this program; if not, see <http://www.gnu.org/licenses/>. */ #ifndef __LIBRPC_WSP_UTIL_H__ -#define __LIBRPC_WSP_UTIL__H__ +#define __LIBRPC_WSP_UTIL_H__ #include "librpc/gen_ndr/misc.h" diff --git a/source3/torture/test_posix.c b/source3/torture/test_posix.c index ac4c1a1cb34..ca403360153 100644 --- a/source3/torture/test_posix.c +++ b/source3/torture/test_posix.c @@ -254,7 +254,7 @@ bool run_posix_ls_wildcard_test(int dummy) posix_test_entries_reset(state); printf("Doing POSIX ls *\n"); - state->flavour = LINUX; + state->flavour = POSIX; status = cli_list(cli_unix, "*", 0, posix_ls_fn, state); if (!NT_STATUS_IS_OK(status)) { @@ -470,7 +470,7 @@ bool run_posix_ls_single_test(int dummy) posix_test_entries_reset(state); printf("Doing POSIX ls single\n"); - state->flavour = LINUX; + state->flavour = POSIX; cli_list(cli_unix, file, 0, posix_ls_fn, state); cli_list(cli_unix, symlnk_dangling, 0, posix_ls_fn, state); @@ -564,7 +564,7 @@ bool run_posix_readlink_test(int dummy) frame = talloc_stackframe(); printf("Starting POSIX-READLINK test\n"); - state->flavour = LINUX; + state->flavour = POSIX; if (!torture_open_connection(_unix, 0)) { TALLOC_FREE(frame); @@ -716,7 +716,7 @@ bool run_posix_stat_test(int dummy) frame = talloc_stackframe(); printf("Starting POSIX-STAT test\n"); - state->flavour = LINUX; + state->flavour = POSIX; if (!torture_open_connection(_unix, 0)) { TALLOC_FREE(frame); diff --git a/source4/scripting/bin/gen_wsp_props.py b/source4/scripting/bin/gen_wsp_props.py index 46913846856..e33169ee50d 100755 --- a/source4/scripting/bin/gen_wsp_props.py +++ b/source4/scripting/bin/gen_wsp_props.py @@ -136,7 +136,8 @@ def getVtype(prop): return result def generateSourceCode(propMap, outputFile): - source = "#include \"bin/default/librpc/gen_ndr/ndr_wsp.h\"\n" + source = "#include \"replace.h\"\n" + source = source + "#include \"bin/default/librpc/gen_ndr/ndr_wsp.h\"\n" source = source + "#include \"librpc/wsp/wsp_util.h\"\n" count = 0 for guid in propMap.keys(): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 273d48504e1 CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files() via ab2d619f205 smbtorture3: also check test file and it's attributes in two POSIX tests via 95abd2f59fa smbd: allow setting ARCHIVE bit in POSIX context with "store dos attributes" via cd858a2a239 smbtorture3: prepare POSIX tests for differentianting between client flavour in the list callback via cad82600ef6 smbtorture3: remove unused initializers via ddc9cb779f5 smbd: s/FILE_ATTRIBUTES_INVALID/FILE_ATTRIBUTE_INVALID/g via 4c91f8ac2a9 smbtorture3: reduce indentation in posix_ls_fn() via ec143274c79 smbd: allow POSIX opens for file_set_dosmode() in rename_internals_fsp() via 17bb46abfe6 smbd: allow POSIX opens for file_set_dosmode() in mkdir_internal() via f5604640e90 smbd: allow POSIX opens for file_set_dosmode() in mark_file_modified() via 4d1b4d893d2 smbd: move POSIX check from possibly_set_archive() to file_set_dosmode() via b3c6c677a70 smbd: in file_set_dosmode() do an early exit if smb_fname->fsp is NULL via 7c7786a121c smbd: ignore symlinks in file_set_dosmode() via 9b3c085409a smbd: add and use helper function possibly_set_archive() via 19434fe06d1 smbd: remove call to fdos_mode() when setting DOS attrs from cfec96d5e9f third_party/heimdal: Import lorikeet-heimdal-202311030123 (commit 2346a67fe25cbf16128501665db41f6840546e15) https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 273d48504e1da726af21cc5b0517c1761e51e6f9 Author: Ralph Boehme Date: Sun Oct 29 18:08:22 2023 +0100 CI: smb3unix.py: check more attributes of test files (and dirs) in test_posix_perm_files() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Sun Nov 5 19:35:51 UTC 2023 on atb-devel-224 commit ab2d619f205f854eddaecb47b6858a49953b291d Author: Ralph Boehme Date: Fri Nov 3 11:09:47 2023 +0100 smbtorture3: also check test file and it's attributes in two POSIX tests Verifies that the correct DOS attribute, FILE_ATTRIBUTE_ARCHIVE in this case, are returned over SMB1 with UNIX extensions. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 95abd2f59fa98159a7dee2ca18da849631781275 Author: Ralph Boehme Date: Tue Oct 31 12:25:38 2023 +0100 smbd: allow setting ARCHIVE bit in POSIX context with "store dos attributes" Cf https://lists.samba.org/archive/samba-technical/2023-October/138504.html Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit cd858a2a239a687b96c3b0e7633ccd7b8b8edb0e Author: Ralph Boehme Date: Tue Oct 31 10:11:50 2023 +0100 smbtorture3: prepare POSIX tests for differentianting between client flavour in the list callback No change in behaviour. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit cad82600ef6ab4caa3ad8a7255b9f3db616decc3 Author: Ralph Boehme Date: Tue Oct 31 12:28:28 2023 +0100 smbtorture3: remove unused initializers Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit ddc9cb779f56476aaa1a85c4008c0b848dff4cf7 Author: Ralph Boehme Date: Tue Oct 31 10:05:30 2023 +0100 smbd: s/FILE_ATTRIBUTES_INVALID/FILE_ATTRIBUTE_INVALID/g No idea what got me into having an "S" in the define when I added it. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 4c91f8ac2a9943f4b58090faf8cb3dcdb2a19e5a Author: Ralph Boehme Date: Tue Oct 31 06:05:25 2023 +0100 smbtorture3: reduce indentation in posix_ls_fn() Prepares for adding more logic in a later commit. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit ec143274c7992f92337d0e4b2c6cc9163fa69f49 Author: Ralph Boehme Date: Tue Oct 31 12:24:35 2023 +0100 smbd: allow POSIX opens for file_set_dosmode() in rename_internals_fsp() As this check was previously added to file_set_dosmode() this is not yet a change in behaviour. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 17bb46abfe6c996676ff8dd33711f617e18ffa35 Author: Ralph Boehme Date: Tue Oct 31 12:24:12 2023 +0100 smbd: allow POSIX opens for file_set_dosmode() in mkdir_internal() As this check was previously added to file_set_dosmode() this is not yet a change in behaviour. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit f5604640e90b522533abee16905361aa0ef9e48d Author: Ralph Boehme Date: Tue Oct 31 12:23:44 2023 +0100 smbd: allow POSIX opens for file_set_dosmode() in mark_file_modified() As this check was previously added to file_set_dosmode() this is
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1862561d1a1 smbd: Open file as REPARSE_POINT in unlink_internals() via 0fc160c6675 smbd: Open file as REPARSE_POINT in reply_rmdir() via 93f0a367125 smbd: Open file as REPARSE_POINT in rename_internals() via 879db14ff69 smbd: Open file as REPARSE_POINT in smb_posix_unlink() via bdc6d3be4ce smbd: Remove unused FAKE_FILE_TYPE_NAMED_PIPE enum via 92606a46b33 smbd: Move filename_convert_smb1_search_path() to smb1-only code via ea168705457 smbd: Fix previous_slash() via 170b67b3b06 manpages: Add a missing space via 45ec0f61fdc libcli: SMBntcreateX can return STOPPED_ON_SYMLINK via 9e5d752591b smbd: "have_proc_fds" can only work for a real fd via a181283f5ce smbd: Remove code #ifdef'ed out >23years ago via ba2bc30785a smbd: Fix some whitespace via 846adcb259b smbd: Save errno around unbecome_root() via 252d2cc76ab smbd: Fix a typo via d2afaf21c55 smbd: Fix whitespace via 28873a84d28 smbd: Fix whitespace via 32d15770da6 smbd: Simplify reopen_from_fsp() via 3c20ea9df2c smbd: Simplify reopen_from_fsp() via 9f63fad392f smbd: Simplify sys_proc_fd_path() from de20ee1adad WHATSNEW: Mention logged on users list removal https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1862561d1a1dc56f76e02e2116e52239e48a8274 Author: Volker Lendecke Date: Wed Oct 25 09:50:23 2023 +0200 smbd: Open file as REPARSE_POINT in unlink_internals() In the future we'll block opening symlinks as such in SMB_VFS_CREATE_FILE() unless we open as reparse points. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 1 19:56:33 UTC 2023 on atb-devel-224 commit 0fc160c6675d786d2666878e3a5f6d7a71e3aba7 Author: Volker Lendecke Date: Wed Oct 25 09:49:32 2023 +0200 smbd: Open file as REPARSE_POINT in reply_rmdir() In the future we'll block opening symlinks as such in SMB_VFS_CREATE_FILE() unless we open as reparse points. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 93f0a3671256d7bb66c64e31607660611e83af59 Author: Volker Lendecke Date: Wed Oct 25 09:36:58 2023 +0200 smbd: Open file as REPARSE_POINT in rename_internals() In the future we'll block opening symlinks as such in SMB_VFS_CREATE_FILE() unless we open as reparse points. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 879db14ff69126af7b1c7336a36f33e003e8863c Author: Volker Lendecke Date: Wed Oct 25 09:29:13 2023 +0200 smbd: Open file as REPARSE_POINT in smb_posix_unlink() In the future we'll block opening symlinks as such in SMB_VFS_CREATE_FILE() unless we open as reparse points. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit bdc6d3be4cee4319b8c3951eb29c37d89518553e Author: Volker Lendecke Date: Mon Oct 16 17:17:46 2023 +0200 smbd: Remove unused FAKE_FILE_TYPE_NAMED_PIPE enum Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 92606a46b330c2a0f182a8f68c7c99d13acd7d81 Author: Volker Lendecke Date: Tue Oct 10 15:36:56 2023 +0200 smbd: Move filename_convert_smb1_search_path() to smb1-only code Just general cleanup. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ea1687054570d653b2f19197436ff00dc08089c2 Author: Volker Lendecke Date: Tue Oct 24 13:18:32 2023 +0200 smbd: Fix previous_slash() Untested code is broken code... previous_slash() did not return a pointer to the slash but after it. This went undetected because so far we never call symlink_target_path() with "unparsed==0". Once we started doing that, we would find that the "unparsed==0" case actually puts parent on the "previous slash", not the character behind it. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 170b67b3b06f0582de2d2463983ad5d1e08cbe37 Author: Volker Lendecke Date: Fri Oct 27 09:55:54 2023 +0200 manpages: Add a missing space Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 45ec0f61fdcab7c0c4764f5e1c26faa06b02594e Author: Volker Lendecke Date: Tue Oct 24 18:46:55 2023 +0200 libcli: SMBntcreateX can return STOPPED_ON_SYMLINK This does not count as NT_STATUS_IS_ERR, as it starts with 0x8 instead of 0xC. So we return NT_STATUS_INVALID_NETWORK_RESPONSE, which is wrong. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 9e5d752591b8d3c3c9a9ab7992d68070ab275400 Author: Volker Lendecke Date: Sun Oct 22 16:25:53 2023 +0200 smbd: "have_proc_fds" can only work
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 952d6c2cf48 smbd: Fix read_symlink_reparse() via cc1657c5857 tests: Get a file through an absolute symlink within a subdirectory from 03af1176938 gp_pol: Test multiple values multi_sz roundtrip https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 952d6c2cf48b19807e96a49b95c19c224bd6e732 Author: Volker Lendecke Date: Thu Oct 26 16:12:29 2023 +0200 smbd: Fix read_symlink_reparse() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15505 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Oct 27 21:19:35 UTC 2023 on atb-devel-224 commit cc1657c5857f22d41830898ef2eb384d5fc52a42 Author: Volker Lendecke Date: Thu Oct 26 16:16:29 2023 +0200 tests: Get a file through an absolute symlink within a subdirectory This shows that read_symlink_reparse() is broken when trying to replace an absolute with a relative filename within a share. read_symlink_reparse() is used only in openat_pathref_fsp_nosymlink() so far to chase symlinks for non-lcomp path components. Chasing lcomp symlinks is done through non_widelink_open(), which gets it right. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15505 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/script/tests/test_smbclient_s3.sh | 39 +++ source3/smbd/files.c | 14 --- 2 files changed, 50 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbclient_s3.sh b/source3/script/tests/test_smbclient_s3.sh index cbff5026ee7..e4b05b12dfa 100755 --- a/source3/script/tests/test_smbclient_s3.sh +++ b/source3/script/tests/test_smbclient_s3.sh @@ -1492,6 +1492,17 @@ EOF return fi + # Create a file to be accessed behind the symlink + touch $local_slink_target_dir/x + ret=$? + if [ $ret -ne 0 ]; then + echo "$out" + echo "failed - unable to create file" + ls -la $local_test_dir + false + return + fi + # Can we cd into the symlink name and ls ? tmpfile=$PREFIX/smbclient_interactive_prompt_commands cat >$tmpfile <$tmpfile <substitute_name[0] == '/') { - const char *connectpath = dirfsp->conn->connectpath; + char *subdir_path = NULL; char *abs_target_canon = NULL; const char *relative = NULL; bool in_share; + subdir_path = talloc_asprintf(talloc_tos(), + "%s/%s", + dirfsp->conn->connectpath, + dirfsp->fsp_name->base_name); + if (subdir_path == NULL) { + goto nomem; + } + abs_target_canon = canonicalize_absolute_path(talloc_tos(), symlink->substitute_name); @@ -764,8 +772,8 @@ NTSTATUS read_symlink_reparse( goto nomem; } - in_share = subdir_of(connectpath, -strlen(connectpath), + in_share = subdir_of(subdir_path, +strlen(subdir_path), abs_target_canon, ); if (in_share) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3c4714bc834 s3:rpc_server: Correctly reset DEVMODE bit from 50b8a2de2aa python: getopt: HostOptions and other option groups inherit from samba OptionGroup class https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3c4714bc834df69325448eed445d20fd38ba2fd8 Author: Joseph Sutton Date: Wed Oct 4 16:57:50 2023 +1300 s3:rpc_server: Correctly reset DEVMODE bit Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Oct 25 21:40:33 UTC 2023 on atb-devel-224 --- Summary of changes: source3/rpc_server/spoolss/srv_spoolss_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 9e0c9566e8d..a220964070a 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -8576,7 +8576,7 @@ static WERROR spoolss_addprinterex_level_2(struct pipes_struct *p, } if (devmode == NULL) { - info2_mask = ~SPOOLSS_PRINTER_INFO_DEVMODE; + info2_mask &= ~SPOOLSS_PRINTER_INFO_DEVMODE; } err = update_dsspooler(p->mem_ctx, -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7c8dea14da6 smbtorture: add test for fruit:validate_afpinfo option via 825a992a629 vfs_fruit: add option fruit:validate_afpinfo = yes|no (default: yes) from 9f54b94b52d s4:torture: Produce more output to help debug smb2.multichannel.bugs.bug_15346 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7c8dea14da645d5e98eacd82b82b2a7c8c6b242f Author: Ralph Boehme Date: Fri Oct 20 15:45:31 2023 +0200 smbtorture: add test for fruit:validate_afpinfo option Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Oct 24 22:30:06 UTC 2023 on atb-devel-224 commit 825a992a62920a807ac96c222e87c43ab0daa228 Author: Ralph Boehme Date: Tue Jul 4 17:46:40 2023 +0200 vfs_fruit: add option fruit:validate_afpinfo = yes|no (default: yes) Allows disabling validation of AfpInfo stream data. It seems in data migration scenarios from other SMB servers to Samba with fruit, somehow such invalid streams are present on the source SMB server and can't be copied to Samba. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: docs-xml/manpages/vfs_fruit.8.xml | 18 ++ selftest/target/Samba3.pm | 1 + source3/lib/adouble.c | 16 ++--- source3/lib/adouble.h | 2 +- source3/modules/vfs_fruit.c | 42 source3/selftest/tests.py | 7 source4/torture/vfs/fruit.c | 69 +++ source4/torture/vfs/vfs.c | 1 + 8 files changed, 143 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_fruit.8.xml b/docs-xml/manpages/vfs_fruit.8.xml index 7ae17c65976..61051f90873 100644 --- a/docs-xml/manpages/vfs_fruit.8.xml +++ b/docs-xml/manpages/vfs_fruit.8.xml @@ -419,6 +419,24 @@ + + fruit:validate_afpinfo = yes | no + + Apple clients use the AFP_AfpInfo stream to store structured + file metadata. As part of the marshaled data stored in the stream + the first eight bytes contain some header information. Apple's SMB + server as well as Samba will validate this header bytes processing + a client write request on this stream, and, if the validation + fails, fail the write. While this validation is generally correct, + in some data migration scenarios clients may try to migrate data + from 3rd-party SMB servers to Samba servers where the header + information is broken for whatever reason. To allow migration and + header fix-up in these scenarios, the validation can be temporarily + disabled by setting this option to no. + The default is yes. + + + diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index a28e2be0581..ef68f63e348 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -3246,6 +3246,7 @@ sub provision($$) fruit:resource = file fruit:metadata = stream fruit:zero_file_id=yes + fruit:validate_afpinfo = no [fruit_resource_stream] path = $fruit_resource_stream_shrdir diff --git a/source3/lib/adouble.c b/source3/lib/adouble.c index f0fb3c3be27..ad1e5059cf6 100644 --- a/source3/lib/adouble.c +++ b/source3/lib/adouble.c @@ -2827,7 +2827,7 @@ ssize_t afpinfo_pack(const AfpInfo *ai, char *buf) * Buffer size must be at least AFP_INFO_SIZE * Returns allocated AfpInfo struct **/ -AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data) +AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data, bool validate) { AfpInfo *ai = talloc_zero(ctx, AfpInfo); if (ai == NULL) { @@ -2840,10 +2840,16 @@ AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data) memcpy(ai->afpi_FinderInfo, (const char *)data + 16, sizeof(ai->afpi_FinderInfo)); - if (ai->afpi_Signature != AFP_Signature - || ai->afpi_Version != AFP_Version) { - DEBUG(1, ("Bad AfpInfo signature or version\n")); - TALLOC_FREE(ai); + if (validate) { + if (ai->afpi_Signature != AFP_Signature + || ai->afpi_Version != AFP_Version) + { + DEBUG(1, ("Bad AfpInfo signature or version\n")); + TALLOC_FREE(ai); + } + } else { + ai->afpi_Signature = AFP_Signature; + ai->afpi_Version = AFP_Version; } return ai; diff --git a/source3/lib/adouble.h b/source3/
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4b9b7f70f25 libsmb: Use cli_smb2_qpathinfo_send() for SMB_QUERY_FILE_ALT_NAME_INFO via 051492c178e examples: Enable posix for teststat via 6a4413c65c9 libsmbclient: Read the file type from the server with posix enabled via feb78035558 libsmbclient: Add smbc_[gs]etOptionPosixExtensions() via 9e3856ecf8c libsmb: Parse reparse tag in query_directory response via 4c44b6e199f libsmb: Query reparse tag in cli_qpathinfo2 via 30f4129e860 libsmb: Add placeholder "mode" parameter to cli_qpathinfo2() via 214eef0ff31 examples: Print file type as part of teststat via 77001b258f0 libsmb: Ask for posix semantics if requested via 8de01c31f31 smbclient: Always ask for SMB311 posix in negprot from 027332cee56 s3:winbindd: Call winbind_add_failed_connection_entry() for the correct dc name https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4b9b7f70f25b2260334664393e788e8a74da9252 Author: Volker Lendecke Date: Fri Jun 30 23:21:13 2023 +0200 libsmb: Use cli_smb2_qpathinfo_send() for SMB_QUERY_FILE_ALT_NAME_INFO Remove one sync-only wrapper Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Oct 12 17:51:44 UTC 2023 on atb-devel-224 commit 051492c178e36b8866a58f7d83cd26ca0c1e1d61 Author: Volker Lendecke Date: Thu Sep 14 13:45:04 2023 +0200 examples: Enable posix for teststat Show that we can properly detect non-regular files created by the Windows NFS server. Tested manually against Windows 2022. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 6a4413c65c980e54c2010f0adb0722d1b8972f85 Author: Volker Lendecke Date: Wed Aug 23 16:04:00 2023 +0200 libsmbclient: Read the file type from the server with posix enabled This does not really request posix extensions, but it depends on them being activated because it changes behaviour. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit feb78035558cba9f4e1f0733b68a805c80e1bec4 Author: Volker Lendecke Date: Wed Aug 16 09:13:50 2023 +0200 libsmbclient: Add smbc_[gs]etOptionPosixExtensions() This is an obvious part of MR2888, not used anywhere yet. It will eventually result in us requesting SMB311 posix semantics, but for now it will just allow to change behaviour of libsmbclient that could break unsuspecting applications. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 9e3856ecf8c34bcaa68fa0278872eb76dc063797 Author: Volker Lendecke Date: Mon Jan 2 14:28:44 2023 +0100 libsmb: Parse reparse tag in query_directory response Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 4c44b6e199f62d02ae2f163b95b284eb5a849138 Author: Volker Lendecke Date: Wed Aug 23 15:07:29 2023 +0200 libsmb: Query reparse tag in cli_qpathinfo2 Convert what we find to a file type Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 30f4129e860b36c42d8d00048e1b98b23dc0cb2c Author: Volker Lendecke Date: Wed Aug 23 13:47:20 2023 +0200 libsmb: Add placeholder "mode" parameter to cli_qpathinfo2() Unused so far: Patch stripped out to not clutter the real patches that follow. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 214eef0ff31b21c3d32ee46fed8874cff56801b8 Author: Volker Lendecke Date: Mon Aug 14 17:30:24 2023 +0200 examples: Print file type as part of teststat Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 77001b258f0be2a94a31a40c34ea0da51868ac47 Author: Volker Lendecke Date: Tue Sep 19 12:29:11 2023 -0700 libsmb: Ask for posix semantics if requested This is so far only for the getattr-style smb311 calls to request case-sensitive semantics when "posix" was requested over smb311. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme Reviewed-by: Jeremy Allison commit 8de01c31f317485c8466db95d8487c253a70fd31 Author: Volker Lendecke Date: Tue Sep 19 11:55:32 2023 -0700 smbclient: Always ask for SMB311 posix in negprot This does not mean that we're actually using it (yet). We just probe whether the server is willing to do it. Enable the posix cli command for smb311 posix extensions. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Böhme
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6071220fcb1 libcli: Make debug_unix_user_token() use just one DEBUG statement via 09c787c34a9 libcli: Make security_token_debug() use just one DEBUG statement via 1ad84c70fe2 libcli: Convert security_token_debug_privileges() to talloc_asprintf via a77c6b59395 smbd: is_in_path() deals with a NULL namelist via a8dd943c11d smbd: Remove a pointless NULL check via 5130ade6882 smbd: Use SMB_VFS_FSTATAT() instead of SMB_LSTAT() via d4a05fc1450 smbd: Fix a typo via 99789537868 vfs: Fix a typo via 94dcbed38db smbd: Modernize two DBG statements via e8570f73acd smbd: Reduce indentation, remove a nested if-statement via d7f5267c2bd libsmb: Remove unused smb2_create_blob_remove() via 0b38cd8ea77 smbd: Avoid casts in a DBG statement via 446ae3f8e7c rpc_server3: Avoid a pointless DEBUGADD via be1cf356ad9 rpc_server3: Remove a duplicate comment via 768990ec4d3 rpc_netlogon4: Simplify dcesrv_netr_ServerAuthenticate3_helper() via e2e5ae1eb24 dsdb: Slightly simplify dsdb_trust_get_incoming_passwords() via 7bc1fa707dc lsa_srv4: Fix a typo via 770f279ab75 pdb: Slightly simplify pdb_samba_dsdb_set_trusteddom_pw() via 8cd296e42d6 Remove IS_DOS_*() macros via b48d7a8e344 libsmb: Expand IS_DOS_DIR() macro via c23d336ca45 examples: Expand IS_DOS_DIR() macros via 29895176d29 smbd: Expand IS_DOS_READONLY() macros via 28295775945 smbd: Expand IS_DOS_ARCHIVE() macros via 226a7c7bc39 libsmb: Expand IS_DOS_* macros via 817f68e4a13 smbd: Expand IS_DOS_* macros from 1fbf08e8120 CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6071220fcb109f93833c45bcc8d8cd24235d6f30 Author: Volker Lendecke Date: Wed Aug 30 13:02:02 2023 +0200 libcli: Make debug_unix_user_token() use just one DEBUG statement This avoids messing up the debug logs when multiple processes are writing into the same file. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Oct 11 00:24:58 UTC 2023 on atb-devel-224 commit 09c787c34a9bf3423f5653474eb0ba093e448352 Author: Volker Lendecke Date: Wed Aug 30 12:46:18 2023 +0200 libcli: Make security_token_debug() use just one DEBUG statement This avoids messing up the debug logs when multiple processes are writing into the same file. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 1ad84c70fe2f45dd8354d60b29ceabccd11c34c8 Author: Volker Lendecke Date: Wed Aug 30 12:39:00 2023 +0200 libcli: Convert security_token_debug_privileges() to talloc_asprintf Reduces the number of DEBUGADD calls which leads to messed debug logs between processes. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a77c6b5939585f73746c8eb6db7b7c103a65f5be Author: Volker Lendecke Date: Fri Sep 1 13:21:09 2023 +0200 smbd: is_in_path() deals with a NULL namelist Don't need to check in the callers Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a8dd943c11deb7aed8b59e49f2a540d6eeb6b1a6 Author: Volker Lendecke Date: Fri Sep 1 13:18:14 2023 +0200 smbd: Remove a pointless NULL check boolean short-circuiting already gives us this condition. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5130ade6882bb528de44b1b559bfbd85aea4a27c Author: Volker Lendecke Date: Thu Aug 31 16:35:47 2023 +0200 smbd: Use SMB_VFS_FSTATAT() instead of SMB_LSTAT() Use the dirfsp when we have it available Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d4a05fc145062dcf3efdda99645a40473596a2fb Author: Volker Lendecke Date: Thu Aug 31 12:50:09 2023 +0200 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 997895378688ad24337ae5084b05e81dfa435cac Author: Volker Lendecke Date: Thu Aug 31 12:01:13 2023 +0200 vfs: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 94dcbed38dbc094a6b9a961b9dbeedd38aa3d5a6 Author: Volker Lendecke Date: Thu Aug 31 11:37:00 2023 +0200 smbd: Modernize two DBG statements Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e8570f73acddeb348676db0eea6c1bfd4081c647 Author: Volker Lendecke Date: Thu Aug 31 11:33:02 2023 +0200 smbd: Reduce indentation, remove a nested if-statement Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d7f5267c2bdd33f6365799a60619dfe5273e3a09 Author: Volker Lendecke Date: Thu Au
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cb89ea70b1f libsmb: Use pidl generated parsing for posix file info via cb166028c49 libsmb: Pass NTTIME to interpret_long_date() via 82a12f7a9a6 libndr: Factor out ndr_pull_struct_blob_noalloc() via 7b865702164 smbd: Remove unused marshalling of smb3posix file information via 2d6c643ebdd smbd: Use Use smb3posix marshalling in in smbd_do_qfilepathinfo() via b573e1da921 smbd: Use Use smb3posix marshalling in in smbd_marshall_dir_entry() via a8593ad376f smbd: Modernize a DEBUG statement via 36fd98a5ef5 smbd: Add smb3_file_posix_information_init() via 6874ed6a9de smbd: Use smb3posix marshalling in smbd_smb2_create_after_exec() via 8107aafb40c idl: Add smb3posix.idl via 6f91cce14e4 libsmb: Allow NULL print_name in reparse_data_buffer_marshall() via 7f1ee32a1b9 pylibsmb: Py_BuildValue can build tuples directly via 078db302a65 tests: Run smb3unix tests with SMB1 via 52c3edb2820 tests: We always do smb3 unix extensions from 3ee348a9663 ctdb-scripts: Convert 40.vsftpd to use threshold-based fail counting https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cb89ea70b1f91d3dd286f49fcbac0b6b70add5f0 Author: Volker Lendecke Date: Wed Oct 4 16:33:01 2023 +0200 libsmb: Use pidl generated parsing for posix file info Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Oct 4 21:26:20 UTC 2023 on atb-devel-224 commit cb166028c49d407429adf256ef9f5d53e3bb1fdd Author: Volker Lendecke Date: Wed Oct 4 13:25:21 2023 +0200 libsmb: Pass NTTIME to interpret_long_date() Separate concerns of conversion and pulling off the wire. Needed soon for smb311 pidl generated parsing. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 82a12f7a9a62f2c879a49291294fc6145e54ebea Author: Volker Lendecke Date: Tue Oct 3 11:39:36 2023 +0200 libndr: Factor out ndr_pull_struct_blob_noalloc() smb3_file_posix_information is variable length with something behind. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7b8657021646e940e3e2b7be3adaf939fd3c3ba5 Author: Volker Lendecke Date: Wed Sep 27 10:54:26 2023 +0200 smbd: Remove unused marshalling of smb3posix file information Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 2d6c643ebddda0f5472fa83127a6a7a28ad37728 Author: Volker Lendecke Date: Wed Sep 27 10:51:37 2023 +0200 smbd: Use Use smb3posix marshalling in in smbd_do_qfilepathinfo() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b573e1da921f072f27a95912cbd99050f9709078 Author: Volker Lendecke Date: Wed Sep 27 10:48:35 2023 +0200 smbd: Use Use smb3posix marshalling in in smbd_marshall_dir_entry() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a8593ad376f8809ff8c358130249af935ed590fc Author: Volker Lendecke Date: Wed Sep 27 17:43:33 2023 +0200 smbd: Modernize a DEBUG statement Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 36fd98a5ef527347ed2c7b766383418920fe498e Author: Volker Lendecke Date: Wed Sep 27 10:44:30 2023 +0200 smbd: Add smb3_file_posix_information_init() Copy the logic from store_smb2_posix_info() to allow use of ndr_push_smb3_file_posix_information(). Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6874ed6a9defdf6f842e1e25f1ffd95708534ca6 Author: Volker Lendecke Date: Wed Sep 27 09:22:53 2023 +0200 smbd: Use smb3posix marshalling in smbd_smb2_create_after_exec() Signed-off-by: Volker Lendecke commit 8107aafb40c22cacf56b69129e7c8611fd35184a Author: Volker Lendecke Date: Wed Sep 27 06:44:41 2023 +0200 idl: Add smb3posix.idl Let PIDL take care of encoding SMB2_FILE_POSIX_INFORMATION. This way we also get parsing. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6f91cce14e490963ed699629beae136b9fe25656 Author: Volker Lendecke Date: Tue Sep 26 14:54:37 2023 +0200 libsmb: Allow NULL print_name in reparse_data_buffer_marshall() read_symlink_reparse() does this. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7f1ee32a1b91addd84784954e3150afc2b3ae2bc Author: Volker Lendecke Date: Tue Sep 26 14:16:08 2023 +0200 pylibsmb: Py_BuildValue can build tuples directly Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 078db302a65fffd76722728969e5fcbd393eef02 Author: Volker Lendecke Date: Tue Sep 26 12:01:17 2023 +0200 tests: Run smb3unix tests with SMB1 We want to create native FIFOs with smb1 extensions
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fab08854af3 libsmb: Pass neg contexts through sync smbXcli_negprot_recv() via b693b6accc5 libsmb: Make libsmb/clispnego.c static to libads/ via a0181938c1a libcli: Correct guard #define via cd2e6c45628 clifuse: Start implementing forget() via 27ae6bdbb15 clifuse: Use an empty array for holding the inode path via 94dcda1ee2c examples: Slightly modernize printfs in teststat via aef98c6356b libsmb: Remove two #defines just used once via 446a3b3e8ae smbd: Modernize a few DBG statements via 94433d1d019 examples: Use explicit SMBCCTX via 3b8cfda1c96 lib: Avoid a tdb handle leak via 46f710c95f4 lib: Modernize tdb_fetch_lifetime() via e6136139be9 libsmb: Remove unused cli_is_dos_error() via b0b1fc1974b libsmb: Remove unused cli_dos_error() via 05828c3e382 libsmb: Eliminate a reader of cli->raw_status via 3cfe1683ddd libsmb: Remove SMBC_errno() via 15ff9c18198 libsmb: Remove a call to SMBC_errno() via bb8ec333400 libsmb: Remove a call to SMBC_errno() via 9ec7245b1b4 libsmb: Remove a call to SMBC_errno() via 2399b105fe1 libsmb: Remove unused cli_is_nt_error() via aaf5821dac4 smbclient: Save lines with talloc_asprintf_addbuf() from 9c316623e5f libsmb: Extend cli_mknod to create NFS reparse points https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fab08854af3843a5de42fefe209090a7563e7f11 Author: Volker Lendecke Date: Tue Sep 19 11:10:12 2023 -0700 libsmb: Pass neg contexts through sync smbXcli_negprot_recv() Looks much larger than it is, there's a lot of callers too feed NULL to. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Sep 25 19:59:17 UTC 2023 on atb-devel-224 commit b693b6accc5c889dd2ccb137b510282aff6ef619 Author: Volker Lendecke Date: Thu Sep 14 19:00:06 2023 +0200 libsmb: Make libsmb/clispnego.c static to libads/ It's only called there. The "+" part of this patch might not conform to README.Coding because it's a literal cut Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a0181938c1a6073b4afaf7d395d6225afcbe9b4b Author: Volker Lendecke Date: Sun Sep 10 07:05:04 2023 +0200 libcli: Correct guard #define Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit cd2e6c4562828b40edff3be49703cef5f09485f1 Author: Volker Lendecke Date: Tue Aug 22 12:58:29 2023 +0200 clifuse: Start implementing forget() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 27ae6bdbb157c81f0e8a16dc03788dc930fa8b0f Author: Volker Lendecke Date: Tue Aug 22 09:22:13 2023 +0200 clifuse: Use an empty array for holding the inode path Cleaner these days. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 94dcda1ee2c2d11bee0ad9cdfc0341d2a209c10a Author: Volker Lendecke Date: Mon Aug 14 17:28:28 2023 +0200 examples: Slightly modernize printfs in teststat long long works, but it's a bit too specific now that we have intmax_t Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit aef98c6356b351f0fa8b7f1612384df865b4547f Author: Volker Lendecke Date: Wed Aug 23 13:25:37 2023 +0200 libsmb: Remove two #defines just used once To me these two did not create clarity. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 446a3b3e8ae2c0603ac3c4d504b9d1b19e89f414 Author: Volker Lendecke Date: Wed Aug 23 16:36:06 2023 +0200 smbd: Modernize a few DBG statements Changes on level from 4 to 3 in store_file_unix_basic(). Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 94433d1d0194ae78bb48cd24d09953a08c444390 Author: Volker Lendecke Date: Wed Aug 23 16:46:56 2023 +0200 examples: Use explicit SMBCCTX Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 3b8cfda1c963d75ce95f6a7921691aa52a07df07 Author: Volker Lendecke Date: Sat Sep 23 00:50:41 2023 -0700 lib: Avoid a tdb handle leak Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 46f710c95f4461c7ad2b6b757549ffb5e5c31d8c Author: Volker Lendecke Date: Sat Sep 23 00:41:22 2023 -0700 lib: Modernize tdb_fetch_lifetime() Just came across this, avoid mallocs. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e6136139be95203782db095ef4163be853461320 Author: Volker Lendecke Date: Fri Sep 22 19:05:38 2023 -0700 libsmb: Remove unused cli_is_dos_error() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b0b1fc1974bd8d2d7ecf94e6ad0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9c316623e5f libsmb: Extend cli_mknod to create NFS reparse points via af5756df6c5 libsmb: Remove reparse_symlink.c via e5d724ca883 libsmb: Use reparse_data_buffer_marshall() in py_reparse_put() via 1f21be8286b libsmb: Use reparse_data_buffer_marshall() in cli_symlink_send() via d19a28fdb4d libsmb: Factor out cli_create_reparse_point() from cli_symlink() via 41274da949e libsmb: Use reparse_data_buffer_marshall() in py_reparse_symlink_put() via ddc1f56cf1a libsmb: Add reparse_data_buffer_marshall() via 815ff26db28 smbclient: Add mkfifo command via 88258e17738 libsmb: Add sync cli_mknod() for smbclient3's use from e58805fe7f7 s3:tests: Check if test_smbclient_kerberos.sh was successful https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9c316623e5f3cde9dc88cef5992843d233e139c0 Author: Volker Lendecke Date: Thu Sep 21 16:56:55 2023 -0700 libsmb: Extend cli_mknod to create NFS reparse points Tested smbclient mkfifo manually against W2k22, the Windows NFS server reports this as FIFO. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Sep 25 18:08:01 UTC 2023 on atb-devel-224 commit af5756df6c51537e4adf36ca524d4ca671a191ee Author: Volker Lendecke Date: Thu Sep 21 07:40:43 2023 -0700 libsmb: Remove reparse_symlink.c Makes reparse_buffer_marshall static to reparse.c Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e5d724ca88338798dcc22062585473a20506f1fc Author: Volker Lendecke Date: Thu Sep 21 07:33:15 2023 -0700 libsmb: Use reparse_data_buffer_marshall() in py_reparse_put() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 1f21be8286ba8459604a603490b2d9d60188765c Author: Volker Lendecke Date: Thu Sep 21 07:23:41 2023 -0700 libsmb: Use reparse_data_buffer_marshall() in cli_symlink_send() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d19a28fdb4d05f8ac001d1a00415feb72df56c10 Author: Volker Lendecke Date: Wed Sep 20 16:54:40 2023 -0700 libsmb: Factor out cli_create_reparse_point() from cli_symlink() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 41274da949ee07464d7a95a386d2f084ec8e796a Author: Volker Lendecke Date: Thu Sep 21 06:45:49 2023 -0700 libsmb: Use reparse_data_buffer_marshall() in py_reparse_symlink_put() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ddc1f56cf1a6e7b9f2e07b72fbe842c3de3122a4 Author: Volker Lendecke Date: Thu Sep 21 04:27:34 2023 -0700 libsmb: Add reparse_data_buffer_marshall() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 815ff26db28d755683af4c61005ad2de44e1b409 Author: Volker Lendecke Date: Wed Jul 5 09:25:14 2023 +0200 smbclient: Add mkfifo command Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 88258e17738d742634d12150e1c951cceb458ff5 Author: Volker Lendecke Date: Wed Jul 5 09:06:58 2023 +0200 libsmb: Add sync cli_mknod() for smbclient3's use Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: libcli/smb/py_reparse_symlink.c | 62 +++- libcli/smb/reparse.c| 218 libcli/smb/reparse.h| 4 + libcli/smb/reparse_symlink.c| 167 -- libcli/smb/reparse_symlink.h| 47 - libcli/smb/wscript | 1 - source3/client/client.c | 59 +++ source3/libsmb/clifile.c| 91 - source3/libsmb/clisymlink.c | 203 + source3/libsmb/proto.h | 9 ++ source3/libsmb/pylibsmb.c | 1 - 11 files changed, 554 insertions(+), 308 deletions(-) delete mode 100644 libcli/smb/reparse_symlink.c delete mode 100644 libcli/smb/reparse_symlink.h Changeset truncated at 500 lines: diff --git a/libcli/smb/py_reparse_symlink.c b/libcli/smb/py_reparse_symlink.c index 7aecc4fd38a..93e5cf8f049 100644 --- a/libcli/smb/py_reparse_symlink.c +++ b/libcli/smb/py_reparse_symlink.c @@ -22,7 +22,7 @@ #include "python/py3compat.h" #include "libcli/util/pyerrors.h" #include "reparse.h" -#include "reparse_symlink.h" +#include "lib/util/iov_buf.h" #include "smb_constants.h" static PyObject *py_reparse_put(PyObject *module, PyObject *args) @@ -31,10 +31,10 @@ static PyObject *py_reparse_put(PyObject *module, PyObject *args) Py_ssize_t reparse_len; unsigned long long tag
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b3cae8dcf19 conf: Remove "smb3 unix extensions" parameter from 8b9f464420b ctdb-daemon: Call setproctitle_init() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b3cae8dcf192f65031f143e5bb9135c895611d98 Author: Volker Lendecke Date: Mon Sep 18 16:54:05 2023 -0700 conf: Remove "smb3 unix extensions" parameter Always offer it, it's a client thing to ask for it or not. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Sep 21 17:43:23 UTC 2023 on atb-devel-224 --- Summary of changes: WHATSNEW.txt | 1 + .../smbdotconf/protocol/smb3unixextensions.xml | 11 - python/samba/tests/smb3unix.py | 253 +++-- source3/param/loadparm.c | 21 +- source3/param/loadparm.h | 1 - source3/smbd/smb2_negprot.c| 66 +++--- source3/smbd/smb2_trans2.c | 12 +- 7 files changed, 118 insertions(+), 247 deletions(-) delete mode 100644 docs-xml/smbdotconf/protocol/smb3unixextensions.xml Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index a4ddbb2f361..0f20c4779df 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -48,6 +48,7 @@ smb.conf changes Parameter Name Description Default -- --- --- + smb3 unix extensionsremoved always offered KNOWN ISSUES diff --git a/docs-xml/smbdotconf/protocol/smb3unixextensions.xml b/docs-xml/smbdotconf/protocol/smb3unixextensions.xml deleted file mode 100644 index 2dc3d614c4f..000 --- a/docs-xml/smbdotconf/protocol/smb3unixextensions.xml +++ /dev/null @@ -1,11 +0,0 @@ -http://www.samba.org/samba/DTD/samba-doc;> - -Incomplete SMB 3.11 Unix Extensions. This is only available -if Samba is compiled in DEVELOPER mode. - - no - diff --git a/python/samba/tests/smb3unix.py b/python/samba/tests/smb3unix.py index d8f9b7d5c33..7b25c4bcd68 100644 --- a/python/samba/tests/smb3unix.py +++ b/python/samba/tests/smb3unix.py @@ -26,129 +26,67 @@ def posix_context(mode): class Smb3UnixTests(samba.tests.libsmb.LibsmbTests): -def enable_smb3unix(self): -with open(self.global_inject, 'w') as f: -f.write("smb3 unix extensions = yes\n") - -def disable_smb3unix(self): -with open(self.global_inject, 'w') as f: -f.truncate() - def test_negotiate_context_posix(self): -try: -self.enable_smb3unix() +c = libsmb.Conn( +self.server_ip, +"tmp", +self.lp, +self.creds, +posix=True) +self.assertTrue(c.have_posix()) +def test_negotiate_context_posix_invalid_length(self): +with self.assertRaises(NTSTATUSError) as cm: c = libsmb.Conn( self.server_ip, "tmp", self.lp, self.creds, -posix=True) -self.assertTrue(c.have_posix()) +negotiate_contexts=[(0x100, b'01234')]) -finally: -self.disable_smb3unix() +e = cm.exception +self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER) -def test_negotiate_context_noposix(self): +def test_negotiate_context_posix_invalid_blob(self): c = libsmb.Conn( -self.server_ip, -"tmp", -self.lp, -self.creds, -posix=True) +self.server_ip, +"tmp", +self.lp, +self.creds, +negotiate_contexts=[(0x100, b'0123456789012345')]) self.assertFalse(c.have_posix()) -def test_negotiate_context_posix_invalid_length(self): -try: -self.enable_smb3unix() - -with self.assertRaises(NTSTATUSError) as cm: -c = libsmb.Conn( -self.server_ip, -"tmp", -self.lp, -self.creds, -negotiate_contexts=[(0x100, b'01234')]) - -e = cm.exception -self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER) - -finally: -self.disable_smb3unix() - -def test_negotiate_context_posix_invalid_blob(self): -try: -self.enable_smb3unix() - -c = libsmb.Conn( -self.server_ip, -"tmp", -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3481bbfede5 smbd: Fix BZ15481 via 56df75d4479 tests: Add reproducer for BZ15481 from 11280f1705c s3: smbd: Ensure we remove any pending aio values for named pipes on forced shutdown. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3481bbfede5127e3664bcf464a0ae3dec9247ab7 Author: Volker Lendecke Date: Tue Sep 19 17:44:56 2023 -0700 smbd: Fix BZ15481 Bug: https://bugzilla.samba.org/show_bug.cgi?id=15481 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Sep 20 22:42:48 UTC 2023 on atb-devel-224 commit 56df75d44795582dcecb8676a0d80d6f4a46c7e9 Author: Volker Lendecke Date: Wed Sep 20 10:53:52 2023 -0700 tests: Add reproducer for BZ15481 Bug: https://bugzilla.samba.org/show_bug.cgi?id=15481 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/tests/libsmb-basic.py | 27 +++ source3/smbd/filename.c| 12 +++- 2 files changed, 38 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb-basic.py b/python/samba/tests/libsmb-basic.py index cbe7cce5bae..163c5b09ea9 100644 --- a/python/samba/tests/libsmb-basic.py +++ b/python/samba/tests/libsmb-basic.py @@ -215,6 +215,33 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests): c1.unlink("x") c1 = None +def test_gencache_pollution_bz15481(self): +c = libsmb.Conn(self.server_ip, "tmp", self.lp, self.creds) +fh = c.create("file", + DesiredAccess=security.SEC_STD_DELETE, + CreateDisposition=libsmb.FILE_CREATE) + +# prime the gencache File->file +fh_upper = c.create("File", +DesiredAccess=security.SEC_FILE_READ_ATTRIBUTE, +CreateDisposition=libsmb.FILE_OPEN) +c.close(fh_upper) + +c.delete_on_close(fh, 1) +c.close(fh) + +fh = c.create("File", + DesiredAccess=security.SEC_STD_DELETE, + CreateDisposition=libsmb.FILE_CREATE) + +directory = c.list("\\", "File") + +c.delete_on_close(fh, 1) +c.close(fh) + +# Without the bugfix for 15481 we get 'file' not 'File' +self.assertEqual(directory[0]['name'], 'File') + if __name__ == "__main__": import unittest unittest.main() diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index dcd08a06947..3c54ab17762 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -784,6 +784,7 @@ static NTSTATUS openat_pathref_fsp_case_insensitive( if (lp_stat_cache()) { char *base_name = smb_fname_rel->base_name; + char *original_relname = NULL; DATA_BLOB value = { .data = NULL }; ok = get_real_filename_cache_key( @@ -805,7 +806,13 @@ static NTSTATUS openat_pathref_fsp_case_insensitive( } DO_PROFILE_INC(statcache_hits); - TALLOC_FREE(smb_fname_rel->base_name); + /* +* For the "new filename" case we need to preserve the +* capitalization the client sent us, see +* https://bugzilla.samba.org/show_bug.cgi?id=15481 +*/ + original_relname = smb_fname_rel->base_name; + smb_fname_rel->base_name = talloc_memdup( smb_fname_rel, value.data, value.length); if (smb_fname_rel->base_name == NULL) { @@ -823,10 +830,13 @@ static NTSTATUS openat_pathref_fsp_case_insensitive( status = openat_pathref_fsp(dirfsp, smb_fname_rel); if (NT_STATUS_IS_OK(status)) { TALLOC_FREE(cache_key.data); + TALLOC_FREE(original_relname); return NT_STATUS_OK; } memcache_delete(NULL, GETREALFILENAME_CACHE, cache_key); + TALLOC_FREE(smb_fname_rel->base_name); + smb_fname_rel->base_name = original_relname; } lookup: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 11280f1705c s3: smbd: Ensure we remove any pending aio values for named pipes on forced shutdown. via 66398dd03c4 s3: torture: Add a new SMB2 test: SMB2-PIPE-READ-ASYNC-DISCONNECT via ea062c3b0d4 s3: smbd: named pipe writes are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown. via 3f32bf887d4 s3: smbd: named pipe reads are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown. via 82e88f70f18 s3: smbd: Add some DEVELOPER-only code to panic if the destructor for an aio_lnk is called and the associated fsp doesn't exist. from 05291d2bd40 s3: smbd: Now we have proved hardlink_internals() doesn't use src_dirfsp and dst_dirfsp, remove the parameters. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 11280f1705c0faa1729f5aeaa1b6a1f79ab5a199 Author: Jeremy Allison Date: Tue Sep 19 14:36:45 2023 -0700 s3: smbd: Ensure we remove any pending aio values for named pipes on forced shutdown. Matches file and directory closes. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Sep 20 02:43:18 UTC 2023 on atb-devel-224 commit 66398dd03c46633b474438dddb771caa2d245e64 Author: Jeremy Allison Date: Tue Sep 19 14:30:26 2023 -0700 s3: torture: Add a new SMB2 test: SMB2-PIPE-READ-ASYNC-DISCONNECT Shows the server crashes if we open a named pipe, do an async read and then disconnect. Adds knownfail: BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme commit ea062c3b0d4dbb1f0682f808ac893bf36a6fb194 Author: Jeremy Allison Date: Mon Sep 18 17:37:44 2023 -0700 s3: smbd: named pipe writes are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown. Noticed by Metze. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme commit 3f32bf887d4425655e81da0b2234cbca3b1d56e6 Author: Jeremy Allison Date: Mon Sep 18 17:09:00 2023 -0700 s3: smbd: named pipe reads are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown. Noticed by Metze. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme commit 82e88f70f181300f6f98691f6680839a94470e13 Author: Jeremy Allison Date: Mon Sep 18 14:43:23 2023 -0700 s3: smbd: Add some DEVELOPER-only code to panic if the destructor for an aio_lnk is called and the associated fsp doesn't exist. Make this DEVELOPER-only as it walks the entire open file list on every file close (with associated aio). This helps catch really subtle problems with orphaned aio lnk structs. Reproducer test case to follow. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme --- Summary of changes: ...torture_s3.sh => test_smbtorture_nocrash_s3.sh} | 12 +++ source3/selftest/tests.py | 16 +++ source3/smbd/close.c | 8 ++ source3/smbd/smb2_aio.c| 24 + source3/smbd/smb2_read.c | 13 +++ source3/smbd/smb2_write.c | 13 +++ source3/torture/proto.h| 1 + source3/torture/test_smb2.c| 117 + source3/torture/torture.c | 4 + 9 files changed, 208 insertions(+) copy source3/script/tests/{test_smbtorture_s3.sh => test_smbtorture_nocrash_s3.sh} (62%) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_smbtorture_s3.sh b/source3/script/tests/test_smbtorture_nocrash_s3.sh similarity index 62% copy from source3/script/tests/test_smbtorture_s3.sh copy to source3/script/tests/test_smbtorture_nocrash_s3.sh index 4376f4a7199..b6ef1391262 100755 --- a/source3/script/tests/test_smbtorture_s3.sh +++ b/source3/script/tests/test_smbtorture_nocrash_s3.sh @@ -1,5 +1,7 @@ #!/bin/sh +. $(dirname $0)/../../../testprogs/blackbox/subunit.sh + # this runs the file serving tests that are expected to pass with samba3 if [ $# -lt 5 ]; then @@ -20,7 +22,17 @@ ADDARGS="$*" incdir=$(dirname $0)/../../../testprogs/blackbox . $incdir/subunit.sh +panic_count_0=$(grep -c PANIC $SMBD_TEST_LOG) + +echo "$panic_count_0" >/tmp/look + failed=0 testit "smbtorture"
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0f1443d968c smbd: make vfs_stat_fsp() a no-op on fake file-handles from 65b2110937c auth:credentials: Check if password_obtained > obtained https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0f1443d968c85ccf4e39d602301df51d73a6d2ed Author: Ralph Boehme Date: Fri Aug 4 17:19:00 2023 +0200 smbd: make vfs_stat_fsp() a no-op on fake file-handles Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Sep 12 17:08:17 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/vfs.c | 4 1 file changed, 4 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index 89150b37f90..a34b9083352 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -1166,6 +1166,10 @@ NTSTATUS vfs_stat_fsp(files_struct *fsp) int ret; struct stat_ex saved_stat = fsp->fsp_name->st; + if (fsp->fake_file_handle != NULL) { + return NT_STATUS_OK; + } + if (fsp_get_pathref_fd(fsp) == -1) { if (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) { ret = SMB_VFS_LSTAT(fsp->conn, fsp->fsp_name); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ebb6eb9c2fc libsmb: Fix parsing symlink reparse points via c9a000be417 tests: Add test_symlink_reparse_data_buffer_parse via 03ce770e8de tests: Create symlinks using posix extensions from f893cf85cc3 security.idl: extend security token for claims https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ebb6eb9c2fcab06eadea21cecb7258c326042fac Author: Volker Lendecke Date: Wed Aug 30 09:22:13 2023 +0200 libsmb: Fix parsing symlink reparse points Untested code is broken code. For symlinks we need to hand over the full reparse buffer into symlink_reparse_buffer_parse(), as this is also used for the smb2 error response handling. For that, the "reserved" field in [MS-FSCC] 2.1.2.4 Symbolic Link Reparse Data Buffer is used for the "unparsed" field. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Sep 8 17:24:19 UTC 2023 on atb-devel-224 commit c9a000be41737d2946a4977dde3d5276a4577adf Author: Volker Lendecke Date: Thu Sep 7 15:25:57 2023 +0200 tests: Add test_symlink_reparse_data_buffer_parse The blob was taken from a smbclient allinfo command for a Windows symlink. Show that reparse_data_buffer_parse() is broken. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 03ce770e8de7d9992abea577bcb8d6b471953e91 Author: Volker Lendecke Date: Thu Sep 7 17:00:17 2023 +0200 tests: Create symlinks using posix extensions This way we can run the tests and more easily put them into knownfail individually. Before this, everything went into the error category, which was not so easy to catch in something like knownfail. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: libcli/smb/reparse.c | 4 ++-- python/samba/tests/smb2symlink.py | 19 ++- selftest/knownfail.d/symlink | 4 selftest/skip | 1 - 4 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 selftest/knownfail.d/symlink Changeset truncated at 500 lines: diff --git a/libcli/smb/reparse.c b/libcli/smb/reparse.c index 61b893123a4..1c4ad444bfc 100644 --- a/libcli/smb/reparse.c +++ b/libcli/smb/reparse.c @@ -230,8 +230,8 @@ NTSTATUS reparse_data_buffer_parse(TALLOC_CTX *mem_ctx, case IO_REPARSE_TAG_SYMLINK: ret = symlink_reparse_buffer_parse(mem_ctx, >parsed.lnk, - reparse_data, - reparse_data_length); + buf, + buflen); if (ret != 0) { return map_nt_error_from_unix_common(ret); } diff --git a/python/samba/tests/smb2symlink.py b/python/samba/tests/smb2symlink.py index 14f6056ac15..a2084c6a5de 100644 --- a/python/samba/tests/smb2symlink.py +++ b/python/samba/tests/smb2symlink.py @@ -34,10 +34,12 @@ class Smb2SymlinkTests(samba.tests.libsmb.LibsmbTests): self.server_ip, share, self.lp, -self.creds) +self.creds, +force_smb1=True) except NTSTATUSError as e: if e.args[0] != ntstatus.NT_STATUS_CONNECTION_RESET: raise +smb1.smb1_posix() share = samba.tests.env_get_var_value( "SMB2_SHARE", allow_missing=True) @@ -175,6 +177,21 @@ class Smb2SymlinkTests(samba.tests.libsmb.LibsmbTests): self.clean_file(smb1, symlink) +def test_symlink_reparse_data_buffer_parse(self): +"""Test parsing a symlink reparse buffer coming from Windows""" + +buf = (b'\x0c\x00\x00\xa0\x18\x00\x00\x00' + b'\x06\x00\x06\x00\x00\x00\x06\x00' + b'\x01\x00\x00\x00\x62\x00\x61\x00' + b'\x72\x00\x62\x00\x61\x00\x72\x00') + +try: +syml = reparse_symlink.symlink_get(buf); +except: +self.fail("Could not parse symlink buffer") + +self.assertEqual(syml, ('bar', 'bar', 0, 1)); + if __name__ == '__main__': import unittest unittest.main() diff --git a/selftest/knownfail.d/symlink b/selftest/knownfail.d/symlink new file mode 100644 index 000..64135666aec --- /dev/null +++ b/selftest/knownfail.d/symlink @@ -0,0 +1,4 @@ +^samba.tests.smb2symlink.samba.tests.smb2symlink.Smb2SymlinkTests.test_symlinkerror_directory +^samba.tests.sm
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3fc35827569 smb2_server: move struct msghdr to smbd_smb2_send_queue via 02df6bda490 smb2_server: split out smbd_smb2_flush_with_sendmsg() out of smbd_smb2_flush_send_queue() via 0ca825c4bc2 smb2_server: split out smbd_smb2_advance_send_queue() out of smbd_smb2_flush_send_queue() via 153323efc55 smb2_server: simplify smbd_smb2_advance_incoming() recvfile logic via 72d86d49894 smb2_server: change smbd_smb2_advance_incoming() to use iov_advance() via a9c53b9eff6 lib/util: inline iov_{buflen,buf,advance}() via 76f9a41fa67 smb2_server: split smbd_smb2_advance_incoming() out of smbd_smb2_io_handler() via 02e0ba710db smb2_server: remove state->hdr.done and always set state->vector first via 948d19b09a7 smb2_server: move struct msghdr to smbd_smb2_request_read_state via 16f46601b84 smb2_server: avoid ZERO_STRUCT*() in the core code from f3c632e74ba testprogs: Add net offlinejoin composeodj tests https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3fc358275693a1dc44f2d03b43b68d1ee7f1ec14 Author: Stefan Metzmacher Date: Wed Sep 30 23:42:48 2020 +0200 smb2_server: move struct msghdr to smbd_smb2_send_queue The main reason is the preparation of io_uring support, as it can't be on the stack for async operations. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Sep 6 20:31:04 UTC 2023 on atb-devel-224 commit 02df6bda4902524d9fbcc961287779b3e770be2f Author: Stefan Metzmacher Date: Wed Sep 30 23:21:04 2020 +0200 smb2_server: split out smbd_smb2_flush_with_sendmsg() out of smbd_smb2_flush_send_queue() We'll have an smbd_smb2_flush_with_io_uring() later... Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 0ca825c4bc25a7843b8200ea0126fc3320f8724a Author: Stefan Metzmacher Date: Wed Sep 30 14:01:25 2020 +0200 smb2_server: split out smbd_smb2_advance_send_queue() out of smbd_smb2_flush_send_queue() The logic in smbd_smb2_advance_send_queue() will be reused for io_uring. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 153323efc55bef47a4694645bb2dbfb3334776a3 Author: Stefan Metzmacher Date: Tue Sep 14 02:22:09 2021 +0200 smb2_server: simplify smbd_smb2_advance_incoming() recvfile logic This will make further changes easier... Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 72d86d498945f5c7bff2d1e5d75ed2fd2ba646a8 Author: Stefan Metzmacher Date: Thu Apr 15 19:56:59 2021 + smb2_server: change smbd_smb2_advance_incoming() to use iov_advance() In future we may use vectors with more elements, so we convert to a single element array now... Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit a9c53b9eff605d67880ae1a333b95d2f6f921d1a Author: Stefan Metzmacher Date: Tue Apr 25 17:55:16 2023 + lib/util: inline iov_{buflen,buf,advance}() The main reason for this change was the use of iov_advance() in the next commits in source3/smbd/smb2_server.c And the function calls to iov_advance() showed up in profiling with callgrind. While there iov_buf() and iov_buflen() are moved as well, as they are also used there. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 76f9a41fa67da9a9c761855e6a745700a1115506 Author: Stefan Metzmacher Date: Thu Apr 15 10:23:37 2021 +0200 smb2_server: split smbd_smb2_advance_incoming() out of smbd_smb2_io_handler() The logic in smbd_smb2_advance_incoming() will be reused for io_uring. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 02e0ba710db5f1819fb53161d1ddcdac8e01bb6c Author: Stefan Metzmacher Date: Thu Apr 15 10:23:37 2021 +0200 smb2_server: remove state->hdr.done and always set state->vector first Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 948d19b09a75101ac6c050ad83cce401de324f2a Author: Stefan Metzmacher Date: Thu Apr 15 09:53:03 2021 +0200 smb2_server: move struct msghdr to smbd_smb2_request_read_state This makes the code a little bit faster, but the main reason is the preparation of io_uring support, as it can't be on the stack for async operations. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 16f46601b84428d86dde894d1c1179f96c74ace8 Author: Stefan Metzmacher Date: Tue Apr 25 17:44:49 2023 + smb2_server: avoid ZERO_STRUCT*() in the core code We should avoid calling memset_s() in the core smbd processing, we can use struct initializers instead. This reduces
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 81226b5179e vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in aio_pthread_openat_fn() via 2c6a01c8925 libcli: Add required #includes to smbXcli_base.h via 939aa0e69ef clifuse: Use direct FSCC info level via dd801b69c60 libsmb: Use tevent_req_nterror() properly via edc6e69e254 libsmb: Remove a duplicate TALLOC_FREE() via 107beacfc02 libsmb: Use tevent_req_oom() where appropriate via a6a5ce7b426 libsmb: Move cli_raw_ioctl() to torture3 via 087cddc90c1 libsmb: Move cli_qpathinfo1() to torture3 via c0db32b457d torture3: Avoid unused variables via 914e0cf6f81 smbclient: Don't give up in allinfo if getting advanced info fails via 47509eb7f03 libsmb: Use cli_smb2_qpathinfo_basic() in cli_getatr() via f2d535dbe31 libsmb: Use cli_smb2_qpathinfo() in cli_qpathinfo2() via 50edb0266f9 libsmb: Use cli_smb2_qpathinfo() for streams via 55539629b20 libsmb: Add cli_smb2_qpathinfo_send/recv() from aba7eb094b9 selftest: Report time at which testsuite starts https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 81226b5179e6ba806a0a690806ca2f9004f7c9f9 Author: MikeLiu Date: Tue Aug 22 10:01:14 2023 +0800 vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in aio_pthread_openat_fn() 1. Set 'aio_allow_open' to false if fsp->fsp_flags.is_pathref 2. Move !(how->flags & O_CREAT) and !(how->flags & O_EXCL) up and set 'aio_allow_open' to false 3. Use SMB_VFS_NEXT_OPENAT() instead of openat() for disable async opens case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15453 Signed-off-by: MikeLiu Reviewed-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Aug 22 17:44:00 UTC 2023 on atb-devel-224 commit 2c6a01c8925d0cf8ee9d700e4e95379285e52f45 Author: Volker Lendecke Date: Mon Aug 21 21:41:06 2023 +0200 libcli: Add required #includes to smbXcli_base.h Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 939aa0e69ef8f9d6c583703ef74da73a3e125a9b Author: Volker Lendecke Date: Mon Aug 21 21:34:31 2023 +0200 clifuse: Use direct FSCC info level Avoid the magic -1000 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit dd801b69c60dc5d5793b46fbc5181f868a6db02a Author: Volker Lendecke Date: Wed Aug 16 11:59:03 2023 +0200 libsmb: Use tevent_req_nterror() properly Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit edc6e69e25449a7162938cf7ddfd4b6b7d787023 Author: Volker Lendecke Date: Wed Aug 16 15:45:32 2023 +0200 libsmb: Remove a duplicate TALLOC_FREE() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 107beacfc0212a7117c7b9ae2fbcb7d6224d434c Author: Volker Lendecke Date: Wed Aug 16 15:39:55 2023 +0200 libsmb: Use tevent_req_oom() where appropriate Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a6a5ce7b4261480ef79da965b43fcb5caa604e3d Author: Volker Lendecke Date: Wed Aug 16 11:04:14 2023 +0200 libsmb: Move cli_raw_ioctl() to torture3 Only used there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 087cddc90c1b126baabc8088588c07113d919b16 Author: Volker Lendecke Date: Mon Aug 21 12:59:10 2023 +0200 libsmb: Move cli_qpathinfo1() to torture3 It's only used there, and it clutters general code. Re-adding the async flavor is trivial should it ever be required. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c0db32b457d10aa894e0b6aeb6e682ccaff7737a Author: Volker Lendecke Date: Mon Aug 21 12:45:52 2023 +0200 torture3: Avoid unused variables Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 914e0cf6f81ffef95354b4f8f8429909eb6c32c5 Author: Volker Lendecke Date: Mon Aug 21 10:01:24 2023 +0200 smbclient: Don't give up in allinfo if getting advanced info fails Getting streams might fail, but further down getting reparse info might succeed. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 47509eb7f033c07f2f0aa13cba0e37b3dc1757bd Author: Volker Lendecke Date: Fri Aug 18 16:15:19 2023 +0200 libsmb: Use cli_smb2_qpathinfo_basic() in cli_getatr() cli_smb2_qpathinfo_basic() uses the smb_create_returns and avoids a round-trip. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f2d535dbe3107c5781e3f0b468780aacd17d9785 Author: Volker Lendecke Date: Fri Aug 18 16:07:56 2023 +0200 libsmb: Use cli_smb2_qpathinfo() in cli_qpathinfo2() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 42e4691cf55 audit_logging: Simplify json_add_stringn() with json_stringn() via a9f358f7d71 tevent: Fix a typo via 544c7285a22 libsmb: A bit README.Coding for cli_qpathinfo2() via fab10b58daf smbd: Pass down "dirfsp" to smb_unix_mknod() via 3ee9fe28d43 smbd: Use "dirfsp" in smb_posix_unlink() via 4da367c31b1 smbd: Use "dirfsp" in smb_posix_open() via 6527211aefc smbstatus: Fix CID 1507865 Uninitialized pointer read via 688891f4752 smbstatus: Fix CID 1507870 Uninitialized pointer read via 0382e07 dbwrap: Simplify dbwrap_change_int32_atomic_action() via ad0986652dc dbwrap: Simplify dbwrap_change_uint32_atomic_action() via d40d130b974 smbd: Fix DBG macro via 0c645107cdb smbd: Use struct initialization via ac738e303e1 lib: Move few bytes of R/W data to R/O text via 0bcba393f76 idmap:fix whitespace via b7e0f3423ca idmap_tdb: Remove a variable never used via 0c6ac3218d7 idmap: Fix whitespace via 2bea8a80e57 passdb: Fix a DBG statement via 753e271ec32 passdb: Fix whitespace via b69380251d6 passdb: Fix a DBG message from d79d0508a4b s3: smbd: Add missing 'return;'s in exit paths in reply_exit_done(). https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 42e4691cf555b9670c5af8d8452c59220f0aa45d Author: Volker Lendecke Date: Thu Aug 10 15:05:22 2023 +0200 audit_logging: Simplify json_add_stringn() with json_stringn() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Aug 14 20:51:11 UTC 2023 on atb-devel-224 commit a9f358f7d71659d4faed27b486d787c05f384196 Author: Volker Lendecke Date: Wed Aug 9 16:22:03 2023 +0200 tevent: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 544c7285a22168e93f081eed5166bc8b5a313a79 Author: Volker Lendecke Date: Wed Jul 5 11:58:39 2023 +0200 libsmb: A bit README.Coding for cli_qpathinfo2() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit fab10b58daf91f3810e12c7d3f188a5130f66d1d Author: Volker Lendecke Date: Wed Jul 5 08:27:03 2023 +0200 smbd: Pass down "dirfsp" to smb_unix_mknod() Avoids a call to parent_pathref() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 3ee9fe28d43ac61aabb781c9a0b50e88cc3aa167 Author: Volker Lendecke Date: Tue Jul 4 17:21:32 2023 +0200 smbd: Use "dirfsp" in smb_posix_unlink() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4da367c31b195007c7226a83174a27170f1d9278 Author: Volker Lendecke Date: Tue Jul 4 17:19:40 2023 +0200 smbd: Use "dirfsp" in smb_posix_open() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6527211aefc5ca20a7a1162c529885ed4b994e63 Author: Volker Lendecke Date: Wed Aug 2 18:39:20 2023 +0200 smbstatus: Fix CID 1507865 Uninitialized pointer read Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 688891f4752c5d30dd6fe9e339342340716aa277 Author: Volker Lendecke Date: Wed Aug 2 18:38:22 2023 +0200 smbstatus: Fix CID 1507870 Uninitialized pointer read Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0382e071051f786b83cd8204a7484efc7a34 Author: Volker Lendecke Date: Thu Jul 13 01:19:43 2023 +0200 dbwrap: Simplify dbwrap_change_int32_atomic_action() Use dbwrap_do_locked() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ad0986652dc59d28422bb580ded6de27ad8aebe4 Author: Volker Lendecke Date: Thu Jul 13 01:03:14 2023 +0200 dbwrap: Simplify dbwrap_change_uint32_atomic_action() Use dbwrap_do_locked() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d40d130b97485e867a0fc1c172884636815e6697 Author: Volker Lendecke Date: Thu Jul 27 00:47:23 2023 +0200 smbd: Fix DBG macro This augments 5c37615efa2, the DBG macros already prepend the the function name Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0c645107cdbd5a7015b1aa12f3abaa7dd3490aee Author: Volker Lendecke Date: Wed Jul 26 16:49:24 2023 +0200 smbd: Use struct initialization Avoid an explicit ZERO_STRUCT Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ac738e303e184b06f2a2ab8726de879e245645f0 Author: Volker Lendecke Date: Mon Jul 10 18:17:36 2023 +0200 lib: Move few bytes of R/W data to R/O text Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0bcba393f76b63909cc7d666794e6e9c3acfeb0e Author: Volker Lendecke Date
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0bf8b25aacd s3/modules: Fix DFS links when widelinks = yes via 2668dcd0968 s3/modules: Add flag indicating if connected share is a dfs share via 3d2e9db8b95 sefltest: Add new regression test dfs with widelinks = yes via b57cdfd7efb selftest: Add new dfs share (with widelinks enabled) from 7319c7596ea ldb: change the version to 2.9.0 for Samba 4.20 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0bf8b25aacdf2f5c746922320b32e3f0886c81f5 Author: Noel Power Date: Thu Jul 27 13:26:21 2023 +0100 s3/modules: Fix DFS links when widelinks = yes In openat(), even if we fail to open the file, propagate stat if and only if the object is a link in a DFS share. This allows calling code to further process the link. Also remove knownfail Pair-Programmed-With: Jeremy Alison BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Sat Jul 29 00:43:52 UTC 2023 on atb-devel-224 commit 2668dcd0968133cca4f8410bf8c41ed0483f5d87 Author: Noel Power Date: Thu Jul 27 17:36:29 2023 +0100 s3/modules: Add flag indicating if connected share is a dfs share Not used yet, will be used in the next commit to avoid testing if the connected share is a dfs one. Pair-Programmed-With: Jeremy Alison BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison commit 3d2e9db8b95f9f45d486f8272e53584975f177fa Author: Noel Power Date: Fri Jul 28 09:41:59 2023 +0100 sefltest: Add new regression test dfs with widelinks = yes Adds a new test trying to cd into dfs path on share with widelinks enabled, should generate an error (see BUG:) Add a knownfail so CI continues BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison commit b57cdfd7efb161cf96b3a39dc7a1652db817e602 Author: Noel Power Date: Fri Jul 28 09:40:57 2023 +0100 selftest: Add new dfs share (with widelinks enabled) Adds share (to be used in later test) that has dfs node but additionally has widelinks set to yes BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison --- Summary of changes: selftest/target/Samba3.pm | 5 source3/modules/vfs_widelinks.c| 30 +++--- source3/script/tests/test_bug15435_widelink_dfs.sh | 28 source3/selftest/tests.py | 11 4 files changed, 71 insertions(+), 3 deletions(-) create mode 100755 source3/script/tests/test_bug15435_widelink_dfs.sh Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index b4c3c130e9a..39831afc599 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -3034,6 +3034,11 @@ sub provision($$) msdfs root = yes msdfs shuffle referrals = yes guest ok = yes +[msdfs-share-wl] + path = $msdfs_shrdir + msdfs root = yes + wide links = yes + guest ok = yes [msdfs-share2] path = $msdfs_shrdir2 msdfs root = yes diff --git a/source3/modules/vfs_widelinks.c b/source3/modules/vfs_widelinks.c index 0045242ba81..29f2d4834f6 100644 --- a/source3/modules/vfs_widelinks.c +++ b/source3/modules/vfs_widelinks.c @@ -106,6 +106,7 @@ struct widelinks_config { bool active; + bool is_dfs_share; char *cwd; }; @@ -134,7 +135,8 @@ static int widelinks_connect(struct vfs_handle_struct *handle, DBG_ERR("vfs_widelinks module loaded with " "widelinks = no\n"); } - + config->is_dfs_share = + (lp_host_msdfs() && lp_msdfs_root(SNUM(handle->conn))); SMB_VFS_HANDLE_SET_DATA(handle, config, NULL, /* free_fn */ @@ -346,7 +348,7 @@ static int widelinks_openat(vfs_handle_struct *handle, { struct vfs_open_how how = *_how; struct widelinks_config *config = NULL; - + int ret; SMB_VFS_HANDLE_GET_DATA(handle, config, struct widelinks_config, @@ -363,11 +365,33 @@ static int widelinks_openat(vfs_handle_struct *handle, how.flags = (how.flags & ~O_NOFOLLOW); } - return SMB_VFS_NEXT_OPENAT(handle, + ret = SMB_VFS_NEXT_OPENAT(handle,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c2e83ebe726 mdssvc: fix returning file modification date for older Mac releases via 620ca1e68d0 mdssvc: fix date marshalling via 9dc66fecf7c mdssvc: prepare for returning timestamps with sub-seconds granularity via 724a0518c90 mdssvc: reduce pagesize to 50 via 7f5e4edf64f tests/mdssvc: match hits:total:value to be the actual amount of entries in hits via d8fa5c8e2a1 mdssvc: fix enforcement of "elasticsearch:max results" via 086c2602d07 mdssvc: add and use SL_PAGESIZE via 925fefae20e mdssvc: fix long running backend queries via 4149ef97e59 mdssvc: set query state for continued queries to SLQ_STATE_RUNNING from e86e0da9de6 WHATSNEW: Add TLS cert reload feature https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c2e83ebe726b7bc42b329198214c784936f19888 Author: Ralph Boehme Date: Thu May 18 18:12:19 2023 +0200 mdssvc: fix returning file modification date for older Mac releases Mac 10.10 uses kMDItemContentModificationDate instead of kMDItemFSContentChangeDate. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jul 26 23:42:44 UTC 2023 on atb-devel-224 commit 620ca1e68d02be45a94aa41217a141d211fceb1f Author: Ralph Boehme Date: Wed May 17 16:38:39 2023 +0200 mdssvc: fix date marshalling Did this ever work? Possible just copied over from Netatalk and was always broken... The Mac client expects the timevalue as seconds relative to 2001-01-01 00:00:00 UTC, packed as IEEE float. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 9dc66fecf7c1743d264c5c4f8978b77bab75ed86 Author: Ralph Boehme Date: Wed May 17 16:37:36 2023 +0200 mdssvc: prepare for returning timestamps with sub-seconds granularity BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 724a0518c901589fe1171d94648391832e056f4d Author: Ralph Boehme Date: Thu Apr 20 17:27:20 2023 +0200 mdssvc: reduce pagesize to 50 Lastest macOS queries additional file metadata per search result, which causes the mashalled paged result set including metadata to exceed the 64 KB result fragment buffer. Lacking fragementation support in mdssvc (it's supported by the protocol), for now just reduce the maximum number of results per search page. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 7f5e4edf64f7e4175f652bf8762d4edc110ad6b1 Author: Ralph Boehme Date: Fri Apr 21 07:07:13 2023 +0200 tests/mdssvc: match hits:total:value to be the actual amount of entries in hits BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit d8fa5c8e2a1794ea8dc663485315ebd9401b2628 Author: Ralph Boehme Date: Thu Apr 20 17:58:38 2023 +0200 mdssvc: fix enforcement of "elasticsearch:max results" This wasn't enforced at all thus a query would return all available matches without limit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 086c2602d074d4dc0d44f5534857e5f59a8690b2 Author: Ralph Boehme Date: Thu Apr 20 17:24:30 2023 +0200 mdssvc: add and use SL_PAGESIZE SL_PAGESIZE is the number of entries we want to process per paged search result set. This is different from MAX_SL_RESULTS which ought to be a default maximum value for total number of results returned for a search query. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 925fefae20e52a3c89a56bdd0cd5b98cc951db5f Author: Ralph Boehme Date: Thu Mar 23 16:39:11 2023 +0100 mdssvc: fix long running backend queries If a query is still running in the backend and we have no results yet, returning 0 triggers a search termination by the client in latest macOS releases. macOS returns 0x23 in this case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 4149ef97e5906604be1587622f390f121db183e2 Author: Ralph Boehme Date: Wed Apr 19 14:38:45 2023 +0200 mdssvc: set query state for continued queries to SLQ_STATE_RUNNING SLQ_STATE_RESULTS implies that there are already results attached to the slq which is not the case. Instead the backend will start p
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 05e2ec1d8be configure: ensure sizeof(int) >= 4 from 230f8db40f1 docs-xml: Fix script idmap backend documentation https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 05e2ec1d8bec3285a0f6c075bddcab161ac5e9db Author: Douglas Bagnall Date: Fri Jul 7 12:50:13 2023 +1200 configure: ensure sizeof(int) >= 4 There are multiple places we make this assumption. For example, in source3/lib/tldap.c, we have this line if (ld->msgid == 2147483647) { where ld->msgid is an int. And in librpc/idl/security.idl we have several lines like: const int SEC_MASK_GENERIC= 0xF000; In lib/replace/inet_pton.c and inet_ntop.c we have /* * WARNING: Don't even consider trying to compile this on a system where * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX. */ but no attempt to enforce that as far as I can see, until now. Signed-off-by: Douglas Bagnall Reviewed-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jul 11 22:44:15 UTC 2023 on atb-devel-224 --- Summary of changes: lib/replace/wscript | 4 1 file changed, 4 insertions(+) Changeset truncated at 500 lines: diff --git a/lib/replace/wscript b/lib/replace/wscript index f5c597c04c2..199e636aa02 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -184,6 +184,10 @@ def configure(conf): conf.CHECK_TYPE('blkcnt_t', 'long', headers='sys/types.h sys/stat.h unistd.h') conf.CHECK_SIZEOF('bool char int "long long" long short size_t ssize_t') +sizeof_int = conf.env["SIZEOF_INT"] +if sizeof_int < 4: +conf.fatal(f"Samba won't work with int of size {sizeof_int} (requires >= 4)") + conf.CHECK_SIZEOF('int8_t uint8_t int16_t uint16_t int32_t uint32_t int64_t uint64_t') conf.CHECK_SIZEOF('void*', define='SIZEOF_VOID_P') conf.CHECK_SIZEOF('off_t dev_t ino_t time_t') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4da50463e1b smbd: don't leak the fsp if close_file_smb() fails from 61dfc8bc069 ctdb-server: Avoid logging a count of 0 resent calls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4da50463e1b75c06d5f8c066e8b4eff48186afb0 Author: Ralph Boehme Date: Mon Jul 10 16:34:23 2023 +0200 smbd: don't leak the fsp if close_file_smb() fails This can happen if DELETE-ON-CLOSE is set, but the deletion fails for some reason. The bug was introduced by 1808e5c133474eabc9d3cf91c2a92ec4d92d9fdd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15417 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Jul 10 21:32:32 UTC 2023 on atb-devel-224 --- Summary of changes: source3/smbd/smb2_close.c | 2 ++ 1 file changed, 2 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c index 236d5b79f91..996ca8b283c 100644 --- a/source3/smbd/smb2_close.c +++ b/source3/smbd/smb2_close.c @@ -225,6 +225,8 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req, if (!NT_STATUS_IS_OK(status)) { DEBUG(5,("smbd_smb2_close: close_file[%s]: %s\n", smb_fname_str_dbg(smb_fname), nt_errstr(status))); + file_free(smbreq, fsp); + *_fsp = fsp = NULL; return status; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6f073f258f1 s3:rpc_server: Fix double blackslash issue in dfs path via 8c10f539286 s3:rpc_server: Initialize consumedcnt to 0 in _dfs_GetInfo() via 2af9c65f2a1 s3:tests: Add rpcclient 'dfsgetinfo' test from 083fe1c28c6 smbd: call exit_server_cleanly() to avoid panicking https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6f073f258f1f4f03a8eb568ea05be78fdbec49eb Author: Pavel Filipenský Date: Tue Jun 20 16:24:55 2023 +0200 s3:rpc_server: Fix double blackslash issue in dfs path BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jul 5 20:24:35 UTC 2023 on atb-devel-224 commit 8c10f53928653d02bbb75d6ab05510e87ee97420 Author: Pavel Filipenský Date: Fri Jun 23 10:08:39 2023 +0200 s3:rpc_server: Initialize consumedcnt to 0 in _dfs_GetInfo() Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison commit 2af9c65f2a17ace4e1021b5c8fd6df636c904cfe Author: Pavel Filipenský Date: Fri Jun 23 12:03:30 2023 +0200 s3:tests: Add rpcclient 'dfsgetinfo' test BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400 Signed-off-by: Pavel Filipenský Reviewed-by: Jeremy Allison --- Summary of changes: source3/rpc_server/dfs/srv_dfs_nt.c| 32 ++ source3/script/tests/test_rpcclient_dfs.sh | 7 +++ 2 files changed, 31 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/dfs/srv_dfs_nt.c b/source3/rpc_server/dfs/srv_dfs_nt.c index 7b5119bbaf7..8eaa59a8b0e 100644 --- a/source3/rpc_server/dfs/srv_dfs_nt.c +++ b/source3/rpc_server/dfs/srv_dfs_nt.c @@ -63,6 +63,7 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) char *altpath = NULL; NTSTATUS status; TALLOC_CTX *ctx = talloc_tos(); + const char *pathnamep = r->in.path; if (session_info->unix_token->uid != sec_initial_uid()) { DEBUG(10,("_dfs_add: uid != 0. Access denied.\n")); @@ -84,10 +85,15 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) return WERR_NOT_ENOUGH_MEMORY; } + while (IS_DIRECTORY_SEP(pathnamep[0]) && + IS_DIRECTORY_SEP(pathnamep[1])) { + pathnamep++; + } + /* The following call can change the cwd. */ status = get_referred_path(ctx, session_info, - r->in.path, + pathnamep, remote_address, local_address, jn, , _ref); @@ -141,6 +147,7 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) TALLOC_CTX *ctx = talloc_tos(); char *altpath = NULL; NTSTATUS status; + const char *pathnamep = r->in.dfs_entry_path; if (session_info->unix_token->uid != sec_initial_uid()) { DEBUG(10,("_dfs_remove: uid != 0. Access denied.\n")); @@ -166,9 +173,14 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) r->in.dfs_entry_path, r->in.servername, r->in.sharename)); } + while (IS_DIRECTORY_SEP(pathnamep[0]) && + IS_DIRECTORY_SEP(pathnamep[1])) { + pathnamep++; + } + status = get_referred_path(ctx, session_info, - r->in.dfs_entry_path, + pathnamep, remote_address, local_address, jn, , _ref); @@ -390,20 +402,25 @@ WERROR _dfs_GetInfo(struct pipes_struct *p, struct dfs_GetInfo *r) dcesrv_connection_get_remote_address(dcesrv_conn); struct auth_session_info *session_info = dcesrv_call_session_info(dce_call); - size_t consumedcnt = strlen(r->in.dfs_entry_path); + size_t consumedcnt = 0; struct junction_map *jn = NULL; bool self_ref = False; TALLOC_CTX *ctx = talloc_tos(); bool ret; NTSTATUS status; + const char *pathnamep = r->in.dfs_entry_path; jn = talloc_zero(ctx, struct junction_map); if (!jn) { return WERR_NOT_ENOUGH_MEMORY; } - ret = create_junction(ctx, r->in.dfs_entry_path, - jn); + while (IS_DIRECTORY_SEP(pathnamep[0]) && + IS_DIRECTORY_SEP(pathn
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 7c8fbf15b99 build: We don't need SEEKDIR_RETURNS_VOID via 3d6befda583 lib: Move IO_REPARSE_TAG_NFS subtypes to toplevel via 1548c1e7a6f lib: Translate ENXIO to NT_STATUS_ILLEGAL_FUNCTION via 79b07271ee9 smbd: Fix a typo via f6a24e7d29e error_inject: Reduce indentation with an early return via c7df6cea8af torture4: Fix an error message via 53c6f2fe917 tests: Enable a few tests for FreeBSD via b3ce869d4f4 smbd: Save 76 bytes of .text via 9907fd3e293 smbd: Avoid a direct reference to smb_messages[] via 34fbfb04d88 smbclient3: Use talloc_asprintf(), no explicit SAFE_FREE required via dbe95be8bb8 utils3: Remove the "split_tokens" utility from 3119f6c283a wb_dsgetdcname: don't use stack variables for async code https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 7c8fbf15b999b30a2c9594e65e8826d4bb9a3fc5 Author: Volker Lendecke Date: Wed Jun 14 08:02:07 2023 +0200 build: We don't need SEEKDIR_RETURNS_VOID We don't call seekdir() in source3 anymore Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Jul 3 20:40:05 UTC 2023 on atb-devel-224 commit 3d6befda5838141d2de344ca58dcd268bab7c1a0 Author: Volker Lendecke Date: Mon Jun 26 08:55:59 2023 +0200 lib: Move IO_REPARSE_TAG_NFS subtypes to toplevel They should be generally available Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 1548c1e7a6fd3582e8011eeb27c67f44fcee614c Author: Volker Lendecke Date: Mon May 15 17:23:43 2023 +0200 lib: Translate ENXIO to NT_STATUS_ILLEGAL_FUNCTION ENXIO is returned when trying to openat() a unix domain socket or a FIFO without anything at the other end. [MS-ERREF] has ILLEGAL_FUNCTION as "The specified handle is not open to the server end of the named pipe.", which comes pretty close to me. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 79b07271ee94b13c68dd4e4c4cde1474614a1699 Author: Volker Lendecke Date: Mon Jun 19 21:10:14 2023 +0200 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f6a24e7d29e4e71575331c9e4d2862c1d2a274da Author: Volker Lendecke Date: Mon Jun 26 12:48:16 2023 +0200 error_inject: Reduce indentation with an early return Review with "git show -b" Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c7df6cea8aff596735a0cc9be7f1e8aa6d0cd5a1 Author: Volker Lendecke Date: Mon Jun 26 16:15:25 2023 +0200 torture4: Fix an error message The fsctl is called FSCTL_SET_ZERO_DATA Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 53c6f2fe917e581bce8c1bcfcb4ef6f2dfe7c98a Author: Volker Lendecke Date: Mon Jun 26 15:45:39 2023 +0200 tests: Enable a few tests for FreeBSD Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b3ce869d4f46d9ee44150e156ff24532261344ce Author: Volker Lendecke Date: Wed Jun 28 11:48:34 2023 +0200 smbd: Save 76 bytes of .text Probably not really measurable, but as this is a pretty frequently accessed table, maybe this saves us some cache misses. And it's very cheap to get :-) Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 9907fd3e293d3b6ac9b621c8159cbcd94b75fdae Author: Volker Lendecke Date: Thu Mar 9 17:49:50 2023 +0100 smbd: Avoid a direct reference to smb_messages[] That's what we have smb_fn_name() for Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 34fbfb04d88f6a3021dca99f50472b3a4976f164 Author: Volker Lendecke Date: Thu Jun 29 11:46:35 2023 +0200 smbclient3: Use talloc_asprintf(), no explicit SAFE_FREE required Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit dbe95be8bb8a8dede68847b745f628a6f5463fbd Author: Volker Lendecke Date: Mon Jul 3 11:08:38 2023 +0200 utils3: Remove the "split_tokens" utility This is not tested as far as I can see, and as this is explicity meant as a testing utility I think we can live without it. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: libcli/smb/smb_constants.h | 10 +++ source3/client/client.c| 6 +- source3/include/ntioctl.h | 7 -- source3/lib/errmap_unix.c | 3 + source3/modules/vfs_error_inject.c | 32 source3/param/loadparm.c | 2 +- .../te
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4a8cfe1650a vfs: Remove "sbuf" from readdir_fn() via 95fd166effe smbd: Remove unused "sbuf" argument from vfs_readdirname() via daf6f2f7a1a smbd: Remove unused "sbuf" argument from ReadDirName() via f36bdcc0ca6 smbd: Remove unused "pst" argument from dptr_ReadDirName() via ea670b66c46 smbd: Don't use "sbuf" in smbd_dirptr_get_entry() via 3f97b6a4f7e smbd: Make sure smb_fname->st is valid in smbd_dirptr_get_entry from c837ecf442c python:samba: Fix code spelling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4a8cfe1650a1a22ab53c04f5f872bc8f59bc2c1b Author: Volker Lendecke Date: Tue Jun 20 12:42:52 2023 +0200 vfs: Remove "sbuf" from readdir_fn() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jun 23 18:29:40 UTC 2023 on atb-devel-224 commit 95fd166effe20089e54553cdde3241bf9233b5a3 Author: Volker Lendecke Date: Tue Jun 20 12:29:29 2023 +0200 smbd: Remove unused "sbuf" argument from vfs_readdirname() The only caller did not use the result. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit daf6f2f7a1ac6e85b62ed0b8e41d0a300d69ee5e Author: Volker Lendecke Date: Tue Jun 20 12:25:45 2023 +0200 smbd: Remove unused "sbuf" argument from ReadDirName() Nobody used that anymore, most callers had passed in NULL anyway. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f36bdcc0ca6b25ef27f0cc1e1f3450936f7bb42c Author: Volker Lendecke Date: Tue Jun 20 12:19:15 2023 +0200 smbd: Remove unused "pst" argument from dptr_ReadDirName() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ea670b66c4662230d8cc866530d01606ca4656cc Author: Volker Lendecke Date: Tue Jun 20 12:03:35 2023 +0200 smbd: Don't use "sbuf" in smbd_dirptr_get_entry() openat_pathref_fsp() does not need this anymore. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 3f97b6a4f7ed3240068fbfc1441f5fd7c93a02f3 Author: Volker Lendecke Date: Thu Jun 22 09:52:09 2023 +0200 smbd: Make sure smb_fname->st is valid in smbd_dirptr_get_entry This simplifies the two mode_fn()s we have. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: examples/VFS/skel_opaque.c| 3 +- examples/VFS/skel_transparent.c | 8 ++- source3/include/vfs.h | 10 ++-- source3/include/vfs_macros.h | 8 +-- source3/modules/vfs_cap.c | 8 ++- source3/modules/vfs_ceph.c| 7 +-- source3/modules/vfs_ceph_snapshots.c | 8 +-- source3/modules/vfs_default.c | 43 +--- source3/modules/vfs_dirsort.c | 11 ++--- source3/modules/vfs_fruit.c | 8 +-- source3/modules/vfs_full_audit.c | 5 +- source3/modules/vfs_glusterfs.c | 19 ++- source3/modules/vfs_media_harmony.c | 10 ++-- source3/modules/vfs_not_implemented.c | 3 +- source3/modules/vfs_shadow_copy.c | 7 ++- source3/modules/vfs_shadow_copy2.c| 93 +-- source3/modules/vfs_streams_depot.c | 4 +- source3/modules/vfs_time_audit.c | 5 +- source3/modules/vfs_unityed_media.c | 10 ++-- source3/modules/vfs_widelinks.c | 36 -- source3/smbd/close.c | 10 ++-- source3/smbd/dir.c| 54 +--- source3/smbd/filename.c | 2 +- source3/smbd/msdfs.c | 8 +-- source3/smbd/proto.h | 8 +-- source3/smbd/smb1_reply.c | 14 -- source3/smbd/smb1_trans2.c| 4 +- source3/smbd/smb2_trans2.c| 8 +-- source3/smbd/vfs.c| 8 ++- source3/torture/cmd_vfs.c | 8 +-- 30 files changed, 84 insertions(+), 346 deletions(-) Changeset truncated at 500 lines: diff --git a/examples/VFS/skel_opaque.c b/examples/VFS/skel_opaque.c index cbaf9a272a8..255fa830402 100644 --- a/examples/VFS/skel_opaque.c +++ b/examples/VFS/skel_opaque.c @@ -157,8 +157,7 @@ static DIR *skel_fdopendir(vfs_handle_struct *handle, files_struct *fsp, static struct dirent *skel_readdir(vfs_handle_struct *handle, struct files_struct *dirfsp, - DIR *dirp, - SMB_STRUCT_STAT *sbuf) + DIR *dirp) { return NULL; } diff --git a/examples/VFS/skel_transparent.c b/examples/VFS/skel_transparent.c index 9
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 96a64fb smbd: smbd_dirptr_lanman2_match_fn(): Remove "exact_match" handling via 079aad50ef4 smbd: Remove a smb1-only optimization findfirst/findnext via cf4e55421bb smbd: Remove "a heuristic to avoid seeking the dirptr" via 880eb2bd56d libsmb: Test smb1 mknod via 41b094dd2ff pylibsmb: Add smb1_stat() via efeb540602c pylibsmb: Add mknod() via ca99d6a6ff4 libsmb: Add SMB1 posix cli_mknod via c64699aeb0b rpc_server: Fix talloc hierarchy in _srvsvc_NetSrvGetInfo() via 1cd2f38b54b profiling: Factor out functions to read smbprofile.tdb via 18070a2d657 WHATSNEW: Mention removed "directory name cache size" parameter via a4972336f12 lib: Add a few required #includes via 2c610804fe3 winbind: Fix a typo via 1b7fb13654f lib: Simplify two if-expressions via 1d6f6f9529b smbd: Remove references to get_Protocol() via c86fef84ef1 smbd: Modernize a DEBUG statement in smbd_dirptr_get_entry() via 8a864e3f522 docs: Remove seekdir/telldir reference via 007b5825de9 smbd: Fix a typo via 12cbb043d10 libcli: Simplify security_token_is_sid() via 9e2723988ef libcli: Simplify dom_sid_dup() from 32fdc764efb s4:auth: Remove unneeded ‘sam_ctx’ parameter https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 96a64fbeb62f87e4b55e2c51fd501a13fd7f Author: Volker Lendecke Date: Fri Jun 16 13:53:25 2023 +0200 smbd: smbd_dirptr_lanman2_match_fn(): Remove "exact_match" handling No caller uses this anymore. The only downside here now is that we always go directly to mask_match instead of a trying strcasecmp_m first. I very much doubt this makes a measurable difference because this would have been called for non-wildcard readdirs (a.k.a. qpathinfo), and there we do this only once per complete directory read. Also I don't believe mask_match() is measurably more expensive than strcasecmp_m() for the usually short filenames we're looking at here. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jun 16 17:07:46 UTC 2023 on atb-devel-224 commit 079aad50ef47f34453eee9911655872397635c88 Author: Volker Lendecke Date: Fri Jun 16 13:45:57 2023 +0200 smbd: Remove a smb1-only optimization findfirst/findnext I don't think this is an effective optimization at all anymore. It was intended to speed up non-wildcard readdirs after we found the correct entry. Nowadays we do the non-wildcard readdirs by a direct fstatat, and after we successfully found the entry dptr_ReadDirName() immediately returns without any further action. So my very strong guess is that this never really kicked in anymore. Not using this flag can't be *that* bad, smb2 never used it. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit cf4e55421bbe809bd869781432f4c2385dbf41bc Author: Volker Lendecke Date: Fri Jun 16 13:32:24 2023 +0200 smbd: Remove "a heuristic to avoid seeking the dirptr" -- we don't seek the dirptr anymore Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 880eb2bd56d6044e7407f98cc0af45df616267ae Author: Volker Lendecke Date: Thu Mar 9 16:16:50 2023 +0100 libsmb: Test smb1 mknod Requires O_PATH to work correctly Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 41b094dd2ff313c37981755c606d4f1d6500def6 Author: Volker Lendecke Date: Thu Feb 16 17:20:55 2023 +0100 pylibsmb: Add smb1_stat() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit efeb540602c76566ee646d204f4eedbd775d573b Author: Volker Lendecke Date: Thu Feb 16 16:43:46 2023 +0100 pylibsmb: Add mknod() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ca99d6a6ff4b39bfa73e2b2efd1e8140424bb4e8 Author: Volker Lendecke Date: Thu Feb 16 13:41:44 2023 +0100 libsmb: Add SMB1 posix cli_mknod This is a dead horse, but in the future it will make it easier to test the smb311 unix extension code. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c64699aeb0bb67caddb830004f4db237b3dcfda8 Author: Volker Lendecke Date: Mon Apr 24 16:46:17 2023 +0200 rpc_server: Fix talloc hierarchy in _srvsvc_NetSrvGetInfo() Make ->comment a proper talloc child of the right structure. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 1cd2f38b54b7a79ae21a328075fae07cfdc5e9aa Author: Volker Lendecke Date: Wed May 31 09:48:58 2023 +0200 profiling: Factor out functions to read smbprofile.tdb We don't need
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via cac38aa3870 vfs: Remove vfs telldir/seekdir functions via e2fbe361bab smbd: Remove the offset argument from ReadDirName() via c37d6be2db8 smbd: Remove unused dptr_SearchDir() and the dir cache via be3232d12e1 smbd: Do the "skip to resume name" in call_trans2findnext() via c5dca6d5b7e smbd: Make dptr_ReadDirName() public via baaa0c66193 smbd: Add dptr_struct->last_name_sent via 99799bcdc85 smbd: Remove unused _prev_offset arg from smbd_dirptr_get_entry() via 94648811f5f smbd: Remove unused dptr_SeekDir() via 91fa49c11cc smbd: Avoid dptr_SeekDir() when overflowing the dir buffer via 0b27175764c smbd: Add smbd_dirptr_push_overflow() via 91c76f6514b smbd: Simplify dptr_ReadDirName() via d4c669c1cc4 smbd: Avoid a few else branches in smb2_query_directory_next_entry() via adc7fb32d34 smbd: Make get_dir_entry() static in SMB1-only code via abcc7e69ce0 smbd: Slightly simplify smbd_dirptr_lanman2_entry()'s overflow logic via ae4d8ddbeef smbd: Eliminiate some dead code via 2b725480dd4 smbd: Use dptr_RewindDir() instead of dptr_SeekDir(.., 0) via 2498a48abc7 smbd: Apply some README.Coding to call_trans2findfirst/next() via 4935c0b54c9 smbd: Introduce "dir_hnd" helper variable in smbd_dirptr_get_entry() via aa77aa3e883 smbd: Remove unused "poffset" parameter from SearchDir() via c80b34533f2 smbd: Remove unused "poffset" parameter from dptr_SearchDir() via 4fce29debac smbd: Remove unused "pst" parameter from dptr_SearchDir() via d9755c7c44d smbd: Modernize a few overlog DEBUG statements via 61c923063c3 conf: Fix wrong language in "dos charset" smb.conf.5 entry via 3f3df7dd036 testparm: Fix a typo via 7e465b8e220 smbd: Use ISDOT() in exact_match() via 4ee821ae2b2 vfs: Remove two "== true" via 4115a2e478f vfs: Modernize a few DEBUG statements via f5afcddbe45 vfs: Fix a typo via 162787cddbf lib: Fix whitespace from e0b1aaea1a3 third_party: Update nss_wrapper to version 1.1.15 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit cac38aa38704c31d20d54e6cd7f53e99685aae72 Author: Volker Lendecke Date: Fri Jun 9 17:33:02 2023 +0200 vfs: Remove vfs telldir/seekdir functions Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Jun 14 00:26:55 UTC 2023 on atb-devel-224 commit e2fbe361bab52e906886e70cbaf689393d129285 Author: Volker Lendecke Date: Sat Jun 10 15:29:35 2023 +0200 smbd: Remove the offset argument from ReadDirName() Nobody does anything with this anymore, we just call ReadDirName() in sequence or do a RewindDir(). So we don't have to look at offsets as given by the file system anymore. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c37d6be2db8ee30d632275e7b1c156a8b5d791a7 Author: Volker Lendecke Date: Fri Jun 9 16:52:48 2023 +0200 smbd: Remove unused dptr_SearchDir() and the dir cache Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit be3232d12e1cd7585608d319946fd1bce7af9aba Author: Volker Lendecke Date: Fri Jun 9 16:47:19 2023 +0200 smbd: Do the "skip to resume name" in call_trans2findnext() This is SMB1-only logic that can be removed from dir.c Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c5dca6d5b7e3482aa52117e66fc8e31c0a8896e4 Author: Volker Lendecke Date: Fri Jun 9 16:38:32 2023 +0200 smbd: Make dptr_ReadDirName() public Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit baaa0c66193dd17ec08ba19689f935ff393062dd Author: Volker Lendecke Date: Fri Jun 9 15:22:31 2023 +0200 smbd: Add dptr_struct->last_name_sent Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 99799bcdc8544e884bdf29347df540cbb313237c Author: Volker Lendecke Date: Fri Jun 9 15:05:07 2023 +0200 smbd: Remove unused _prev_offset arg from smbd_dirptr_get_entry() Neither of the two callers looked at the result. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 94648811f5fe08a7019597eb0445b3c09cdf606f Author: Volker Lendecke Date: Fri Jun 9 14:53:52 2023 +0200 smbd: Remove unused dptr_SeekDir() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 91fa49c11cc7098c6b9a6dc008d67e1781721894 Author: Volker Lendecke Date: Fri Jun 9 14:52:11 2023 +0200 smbd: Avoid dptr_SeekDir() when overflowing the dir buffer Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 23ca540abfd smbd: Remove unused dptr_fill() and dptr_fetch_fsp() via 6578dc9a512 smbd: Make reply_search() easier to understand via 73ebbb7244d smbd: Do an early talloc_free() in reply_search() via 5aef4bb6be5 smbd: Do an early talloc_free() in fsp_attach_smb_fname() via e4631270b73 smbd: Add dptr_RewindDir() via d14b1e2d660 smbd: Add dptr_FileNumber() via 4e2de3a0cd2 smbd: Simplify make_dir_struct() via 288e591bfd4 smbd: Make SeekDir()/TellDir() static to dir.c via 4945b134d97 smbd: Fix a typo from 5c52f71c0d0 smbclient: Fix fd leak with "showacls;ls" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 23ca540abfd499007aa86d0be83adfc2f89c6a56 Author: Volker Lendecke Date: Thu Jun 8 12:49:08 2023 +0200 smbd: Remove unused dptr_fill() and dptr_fetch_fsp() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jun 8 18:34:44 UTC 2023 on atb-devel-224 commit 6578dc9a51293ee545196b497910097a8adf62ad Author: Volker Lendecke Date: Thu Jun 8 12:37:43 2023 +0200 smbd: Make reply_search() easier to understand reply_search() is the only place in the code where we have to deal with [MS-CIFS] 2.2.4.59.1 ResumeKey structures. This concentrates the formatting of this to pure SMB1 code in reply_search(), moving away knowledge about the format from smbd/dir.c's dptr_fill() and dptr_fetch_fsp(). With this code we just count up the FileIndex from behaviour note 110. If the client is sane and sends us the last FileIndex we returned to it in a subsequent search, we can completely avoid any telldir/seekdir. If it skips back, with the new code we rewind and re-readdir the directory. This will be slower for a very special corner case, but it's a lot simpler to understand (at least to me). Also, it avoids calling telldir/seekdir for every entry. Tested both cases (sane and insane clients) manually with a modified cli_list_old_done(). Not doing automated tests. If this breaks real users, we'll fix it and write tests then. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 73ebbb7244d0ae77da3d73331125d5d585b95232 Author: Volker Lendecke Date: Thu Jun 8 12:20:31 2023 +0200 smbd: Do an early talloc_free() in reply_search() Don't wait for the main loop to free file names no longer used. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5aef4bb6be581020b5d22fcc5a0e50a65ab5e008 Author: Volker Lendecke Date: Thu Jun 8 12:19:00 2023 +0200 smbd: Do an early talloc_free() in fsp_attach_smb_fname() name_str can pile up when reading directories, we don't talloc_free() our stackframe before we have filled the whole readdir response packet. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e4631270b73607d40359cf28375b7196f7de7a35 Author: Volker Lendecke Date: Thu Jun 8 11:59:35 2023 +0200 smbd: Add dptr_RewindDir() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d14b1e2d6603521938589cb8f9683e52bcb6a082 Author: Volker Lendecke Date: Wed Jun 7 17:10:51 2023 +0200 smbd: Add dptr_FileNumber() Return how many name entries have been returned from this dptr. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4e2de3a0cd2661af2321ec3a34348fcda9283c20 Author: Volker Lendecke Date: Wed Jun 7 15:16:44 2023 +0200 smbd: Simplify make_dir_struct() We don't need the talloc_strdup and thus we can return void. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 288e591bfd4efd6a1b1c2239e5cf43c79ea3446b Author: Volker Lendecke Date: Mon May 29 12:47:34 2023 +0200 smbd: Make SeekDir()/TellDir() static to dir.c Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4945b134d9714603b39bc69b71b433afb4743011 Author: Volker Lendecke Date: Wed Jun 7 17:18:28 2023 +0200 smbd: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/smbd/dir.c| 187 -- source3/smbd/files.c | 4 + source3/smbd/proto.h | 8 +- source3/smbd/smb1_reply.c | 123 +++--- 4 files changed, 102 insertions(+), 220 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 09029ee0c23..5979e1cf72b 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -38,11 +38,6 @@ #define START_OF_DIRECTORY_OFFSET ((long)0
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5c52f71c0d0 smbclient: Fix fd leak with "showacls;ls" from dc6edc48818 WHATSNEW.txt: Improved winbind logging and samba-log-parser https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5c52f71c0d0e162dcbf42378357313035efa860f Author: Volker Lendecke Date: Thu Jun 8 10:14:18 2023 +0200 smbclient: Fix fd leak with "showacls;ls" Bug: https://bugzilla.samba.org/show_bug.cgi?id=15391 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jun 8 16:55:14 UTC 2023 on atb-devel-224 --- Summary of changes: source3/client/client.c | 1 + 1 file changed, 1 insertion(+) Changeset truncated at 500 lines: diff --git a/source3/client/client.c b/source3/client/client.c index 8e29224918d..c4d309958cd 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -626,6 +626,7 @@ static NTSTATUS display_finfo(struct cli_state *cli_state, struct file_info *fin display_sec_desc(sd); } TALLOC_FREE(sd); + cli_close(targetcli, fnum); } TALLOC_FREE(afname); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1e793357906 smbd: Remove smb1-only perfcount subsystem via 1a5ac20a232 smbd: Remove unused "pcd" from struct pending_message_list via d2dcc0fdf56 smbd: Remove unused "deferred_pcd" from process_smb() via 5adbc366deb smbd: Remove unused "deferred_pcd" from process_smb1() via 15503566796 smbd: Remove unused "deferred_pcd" from construct_reply() via 43f64955dc3 smbd: Remove unused "pcd" from struct smb_request via 625056af0b4 smbd: Remove unused "deferred_pcd" from construct_reply_chain() via f13b8b10361 smbd: Remove unused "deferred_pcd" from process_smb2() via 12f1d94a4ee smbd: Remove unused "pcd" arg from smb1_srv_send() via d342be5b091 modules: Remove perfcount_test module via 5fa8a1e166c smbd: Remove SMB_PERFCOUNT_ macros via c7704d2dac5 smbd: Remove unused smb2_srv_send() from 22ab42c1007 s3/utils: avoid erronous NO MEMORY detection https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1e793357906a636b89883ff39d42902a608805cc Author: Volker Lendecke Date: Mon Jun 5 16:06:50 2023 +0200 smbd: Remove smb1-only perfcount subsystem This never took off outside of a special OEM setup. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Jun 5 18:13:05 UTC 2023 on atb-devel-224 commit 1a5ac20a2324a46482cf4a8387ce767fb6e170fd Author: Volker Lendecke Date: Mon Jun 5 16:03:42 2023 +0200 smbd: Remove unused "pcd" from struct pending_message_list Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d2dcc0fdf56a473e2a23332d93b8ac64d209efe5 Author: Volker Lendecke Date: Mon Jun 5 16:02:29 2023 +0200 smbd: Remove unused "deferred_pcd" from process_smb() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5adbc366deb164493f82be6e98388b790bc5a88b Author: Volker Lendecke Date: Mon Jun 5 16:00:06 2023 +0200 smbd: Remove unused "deferred_pcd" from process_smb1() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 155035667966c0d3c8dbec263b53c415dfa50d5e Author: Volker Lendecke Date: Mon Jun 5 15:58:08 2023 +0200 smbd: Remove unused "deferred_pcd" from construct_reply() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 43f64955dc3a9910567061213fc282ed77560602 Author: Volker Lendecke Date: Mon Jun 5 15:55:10 2023 +0200 smbd: Remove unused "pcd" from struct smb_request After the macros went away, nobody read this anymore Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 625056af0b4bebd401196cf1f32f69be32707194 Author: Volker Lendecke Date: Mon Jun 5 15:52:57 2023 +0200 smbd: Remove unused "deferred_pcd" from construct_reply_chain() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f13b8b103613edad04adaf1b6d3164cea9415883 Author: Volker Lendecke Date: Mon Jun 5 15:47:50 2023 +0200 smbd: Remove unused "deferred_pcd" from process_smb2() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 12f1d94a4ee89e43c5eb092dc701c20331b63399 Author: Volker Lendecke Date: Mon Jun 5 15:45:35 2023 +0200 smbd: Remove unused "pcd" arg from smb1_srv_send() Looks larger than it is, "git clang-format" added a few lines Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d342be5b0911af542976d3522e964321f61b8f30 Author: Volker Lendecke Date: Mon Jun 5 15:36:55 2023 +0200 modules: Remove perfcount_test module Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5fa8a1e166ce986a53601359469591babb1f75b4 Author: Volker Lendecke Date: Mon Jun 5 15:35:07 2023 +0200 smbd: Remove SMB_PERFCOUNT_ macros Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c7704d2dac513cbe9b6160a7e389c8b60291ba0c Author: Volker Lendecke Date: Mon Jun 5 15:31:57 2023 +0200 smbd: Remove unused smb2_srv_send() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/include/includes.h | 1 - source3/include/smb_perfcount.h | 105 --- source3/include/vfs.h| 2 - source3/modules/perfcount_test.c | 395 --- source3/modules/wscript_build| 7 - source3/smbd/perfcount.c | 195 --- source3/smbd/proto.h | 21 +-- source3/smbd/smb1_aio.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f30f5793ad5 libsmb: Fix directory listing against old servers via e86234f3d61 tests: Show that we 100% loop in cli_list_old_recv() via 4804d6b89a9 tests: Make timelimit available to test scripts from 52cb127f16a docs: fix a typo in history file https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f30f5793ad592e193546586b765837c0ac9f5647 Author: Volker Lendecke Date: Thu Jun 1 15:57:26 2023 +0200 libsmb: Fix directory listing against old servers cli_list_trans_recv() can be called multiple times. When it's done, it return NT_STATUS_OK and set *finfo to NULL. cli_list_old_recv() did not do the NULL part, so smbclient would endlessly loop. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jun 1 21:54:42 UTC 2023 on atb-devel-224 commit e86234f3d61c62e4365e1ea105bdd29feaf7ccbe Author: Volker Lendecke Date: Thu Jun 1 16:41:37 2023 +0200 tests: Show that we 100% loop in cli_list_old_recv() Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4804d6b89a9146f1fc5270de158cd25254505f61 Author: Volker Lendecke Date: Thu Jun 1 16:39:21 2023 +0200 tests: Make timelimit available to test scripts Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: selftest/selftesthelpers.py | 1 + source3/libsmb/clilist.c| 6 ++ source3/script/tests/test_old_dirlisting.sh | 28 source3/selftest/tests.py | 6 ++ 4 files changed, 41 insertions(+) create mode 100755 source3/script/tests/test_old_dirlisting.sh Changeset truncated at 500 lines: diff --git a/selftest/selftesthelpers.py b/selftest/selftesthelpers.py index 951eeb4d1b5..908fe79cb19 100644 --- a/selftest/selftesthelpers.py +++ b/selftest/selftesthelpers.py @@ -236,3 +236,4 @@ rpcclient = binpath('rpcclient') smbcacls = binpath('smbcacls') smbcontrol = binpath('smbcontrol') smbstatus = binpath('smbstatus') +timelimit = binpath('timelimit') diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 903c5d22777..58a8fe1a0c6 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -544,6 +544,11 @@ static NTSTATUS cli_list_old_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, return status; } + if (state->dirlist == NULL) { + *pfinfo = NULL; + return NT_STATUS_OK; + } + num_received = talloc_array_length(state->dirlist) / DIR_STRUCT_SIZE; finfo = talloc_array(mem_ctx, struct file_info, num_received); @@ -570,6 +575,7 @@ static NTSTATUS cli_list_old_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, return status; } } + TALLOC_FREE(state->dirlist); *pfinfo = finfo; return NT_STATUS_OK; } diff --git a/source3/script/tests/test_old_dirlisting.sh b/source3/script/tests/test_old_dirlisting.sh new file mode 100755 index 000..f50a4742b1a --- /dev/null +++ b/source3/script/tests/test_old_dirlisting.sh @@ -0,0 +1,28 @@ +#!/bin/sh +# This tests listing directories using the SMBSearch call family + +if [ $# -lt 2 ]; then +cat <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 035f6d914d1 vfs_fruit: add fruit:convert_adouble parameter via 3bf97f19c36 vfs_fruit: just log failing AppleDouble conversion via 55bd1045648 libadouble: allow FILE_SHARE_DELETE in ad_convert_xattr() via 06f0c070a0b vfs_fruit: never return AFP_Resource stream for directories via 9b91a8bad2f vfs_fruit: return ENOENT instead of EISDIR when trying to open AFP_Resource for a directory via 59eadfe21ac CI: add a test for fruit AppleDouble conversion when deletion triggers conversion from 412373984db smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 035f6d914d133cf3248f15b1be06a9e1837238da Author: Ralph Boehme Date: Mon May 22 12:32:00 2023 +0200 vfs_fruit: add fruit:convert_adouble parameter https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri May 26 00:52:29 UTC 2023 on atb-devel-224 commit 3bf97f19c36d26b4178f7cb6202bbdd44de0c1aa Author: Ralph Boehme Date: Mon May 22 12:25:04 2023 +0200 vfs_fruit: just log failing AppleDouble conversion BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 55bd10456486628cad2bd085618e873598401c3b Author: Ralph Boehme Date: Tue May 23 17:28:33 2023 +0200 libadouble: allow FILE_SHARE_DELETE in ad_convert_xattr() Not specifying FILE_SHARE_DELETE wasn't done intentionally. Not setting the flag triggers the following problem: * client sends a CREATE with delete access * this triggers a call to open_streams_for_delete() where we check for conflicting opens on any of the streams of the file or directory * if the file (or directory) has a stream like ":com.apple.quarantine" the stream is opened with DELETE_ACCESS and kept open when the next step might: * if the file (or directory) has a Mac specific :AFP_AfpInfo stream, the ad_convert() routine in fruit_create_file() is triggered * ad_convert() checks if the file (or ...) has a sidecar ._ AppleDouble file, if it has: * in ad_convert_xattr() we unpack any set of xattrs encoded in the AppleDouble file and recreate them as streams with the VFS. Now, if any of these xattrs happens to be converted to a stream that we still have open in open_streams_for_delete() (see above) we get a NT_STATUS_SHARING_VIOLATION This error gets passed up the stack back to open_streams_for_delete() so the client CREATE request fails and the client is unhappy. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 06f0c070a0b18313f48362aa326e3e7e6a096492 Author: Ralph Boehme Date: Mon May 22 19:37:17 2023 +0200 vfs_fruit: never return AFP_Resource stream for directories The macOS client creates ._ AppleDouble files for directories that do contain an (empty) resource fork AppleDouble entry. So when going from a Samba server config without streams module (or when migrating data from another server without streams support), to a Samba config with a streams module and vfs_fruit, fruit_streaminfo() will wrongly return the AFP_Resource from the AppleDouble file as stream to the client. To address this, just never return an AFP_Resource stream for directories when listing streams in fruit_streaminfo(). ad_convert(), when configured with fruit:delete_empty_adfiles = true fruit:wipe_intentionally_left_blank_rfork = true will happily discard the AFP_Resource from the AppleDouble file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 9b91a8bad2ff8da9eb56f1f9d640bcea294a5a0a Author: Ralph Boehme Date: Mon May 22 19:35:33 2023 +0200 vfs_fruit: return ENOENT instead of EISDIR when trying to open AFP_Resource for a directory Translates to NT_STATUS_OBJECT_NAME_NOT_FOUND which is the same error macOS returns in this case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 59eadfe21aca6d563f86ea656517216036421bca Author: Ralph Boehme Date: Wed May 24 21:28:48 2023 +0200 CI: add a test for fruit AppleDouble conversion when deletion triggers conversion BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 412373984db smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID() via 0391120079b smbd: zero intialize SMB_STRUCT_STAT in vfswrap_readdir() via b4af281b2d7 CI: add a test that checks the dosmode of symlinks from a5235a9d05b librpc/idl: Alias the DS_ constants in netlogon.idl to the NBT_SERVER equivilants https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 412373984db6d0c20ba38076d06d0a87631890d0 Author: Ralph Boehme Date: Tue May 23 17:26:03 2023 +0200 smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed May 24 21:42:50 UTC 2023 on atb-devel-224 commit 0391120079b032077c3914c10189b85e61dc8498 Author: Ralph Boehme Date: Tue May 23 17:23:28 2023 +0200 smbd: zero intialize SMB_STRUCT_STAT in vfswrap_readdir() Avoid returning an uninitialized st.cached_dos_attributes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit b4af281b2d7bfddbdb7289dadbed9db623bf0e84 Author: Ralph Boehme Date: Wed May 24 13:13:19 2023 +0200 CI: add a test that checks the dosmode of symlinks BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: source3/include/smb_macros.h | 5 +- source3/modules/vfs_default.c| 2 +- source3/script/tests/test_symlink_dosmode.sh | 74 source3/selftest/tests.py| 4 ++ 4 files changed, 83 insertions(+), 2 deletions(-) create mode 100755 source3/script/tests/test_symlink_dosmode.sh Changeset truncated at 500 lines: diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 0f44d1402a8..42ff9ffb0d4 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -108,7 +108,10 @@ #define VALID_STAT(st) ((st).st_ex_nlink != 0) #define VALID_STAT_OF_DIR(st) (VALID_STAT(st) && S_ISDIR((st).st_ex_mode)) -#define SET_STAT_INVALID(st) ((st).st_ex_nlink = 0) +#define SET_STAT_INVALID(st) { \ + (st).st_ex_nlink = 0; \ + (st).cached_dos_attributes = FILE_ATTRIBUTES_INVALID; \ +}; /* Macros to get at offsets within smb_lkrng and smb_unlkrng structures. We cannot define these as actual structures diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 000c23208f5..89eec1146d7 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -603,7 +603,7 @@ static struct dirent *vfswrap_readdir(vfs_handle_struct *handle, struct dirent *result; bool fake_ctime = lp_fake_directory_create_times(SNUM(handle->conn)); int flags = AT_SYMLINK_NOFOLLOW; - SMB_STRUCT_STAT st; + SMB_STRUCT_STAT st = {0}; int ret; START_PROFILE(syscall_readdir); diff --git a/source3/script/tests/test_symlink_dosmode.sh b/source3/script/tests/test_symlink_dosmode.sh new file mode 100755 index 000..dd6cb6be472 --- /dev/null +++ b/source3/script/tests/test_symlink_dosmode.sh @@ -0,0 +1,74 @@ +#!/bin/sh + +if [ $# -lt 7 ]; then + cat <"$tmpfile" <
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6752bcaf4de s3:utils: Move error-handling code into more suitable spot (CID 1524680) via 11f36804629 s3:utils: Use ‘int’ for popt parameters via d2720a9e788 s3:utils: Use floating-point arithmetic when result is assigned to a double from 4dccf5afa44 ctdb-recovery: Use correct struct ban_node_state type for state https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6752bcaf4de774dbe0a617d9c8106a38529e59bd Author: Joseph Sutton Date: Thu Apr 6 10:00:00 2023 +1200 s3:utils: Move error-handling code into more suitable spot (CID 1524680) The loop above would only exit once ‘c’ was equal to −1, and thus this code could never be reached. Also set ‘ok’ to false to indicate failure. Signed-off-by: Joseph Sutton Reviewed-by: Volker Lendecke Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu May 4 01:29:10 UTC 2023 on atb-devel-224 commit 11f36804629f54bc812331eabb862bd0fd637dae Author: Joseph Sutton Date: Mon May 1 15:36:53 2023 +1200 s3:utils: Use ‘int’ for popt parameters Previously we were handing the addresses of bool parameters to popt for POPT_ARG_NONE parameters. This is not supported, and popt was returning POPT_ERROR_BADOPERATION for these parameters (not bundled popt, though, nor on Debian or Ubuntu). Using integers instead ensures that these addresses are aligned and sized as popt expects. Signed-off-by: Joseph Sutton Reviewed-by: Volker Lendecke commit d2720a9e788f6870b7c68a1126820b15a8db811d Author: Joseph Sutton Date: Mon May 1 14:15:26 2023 +1200 s3:utils: Use floating-point arithmetic when result is assigned to a double This avoids any loss of precision from performing an integer division. Signed-off-by: Joseph Sutton Reviewed-by: Volker Lendecke --- Summary of changes: source3/utils/smbget.c | 28 ++-- 1 file changed, 14 insertions(+), 14 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 0272cba6adb..00bf20e8192 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -46,11 +46,11 @@ struct opt { char *outputfile; size_t blocksize; - bool quiet; - bool dots; - bool verbose; - bool send_stdout; - bool update; + int quiet; + int dots; + int verbose; + int send_stdout; + int update; unsigned limit_rate; }; static struct opt opt = { .blocksize = SMB_DEFAULT_BLOCKSIZE }; @@ -627,7 +627,7 @@ static bool smb_download_file(const char *base, const char *name, /* Pause until `ticks_to_fill_bucket` */ double sleep_us = (ticks_to_fill_bucket - diff_ticks) - * 100 / CLOCKS_PER_SEC; + * 100.0 / CLOCKS_PER_SEC; usleep(sleep_us); } /* Reset the byte counter and the ticks. */ @@ -720,7 +720,7 @@ int main(int argc, char **argv) { int c = 0; const char *file = NULL; - bool smb_encrypt = false; + int smb_encrypt = false; int resume = 0, recursive = 0; TALLOC_CTX *frame = talloc_stackframe(); bool ok = false; @@ -889,14 +889,14 @@ int main(int argc, char **argv) ok = false; goto done; } - } - if (c < -1) { - fprintf(stderr, "%s: %s\n", - poptBadOption(pc, POPT_BADOPTION_NOALIAS), - poptStrerror(c)); - ok = true; - goto done; + if (c < -1) { + fprintf(stderr, "%s: %s\n", + poptBadOption(pc, POPT_BADOPTION_NOALIAS), + poptStrerror(c)); + ok = false; + goto done; + } } if ((opt.send_stdout || resume || opt.outputfile) && opt.update) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 9eb44306623 s3:lib: Do not try to match '.' and '..' directories in is_in_path() via a2acbd3f3cf s3:tests: Add test that veto files works for hidden files via b5a66840e30 s3:tests: Create a temporary directory for test_veto_files.sh from 6e525d55d98 gp: Fix NameError: free variable 'cron_dir' in Crontab CSE https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 9eb44306623fc4897b373b04763e475f696ab92d Author: Andreas Schneider Date: Wed Apr 19 16:23:10 2023 +0200 s3:lib: Do not try to match '.' and '..' directories in is_in_path() This fixes setting veto files to '.*' to not list hidden files and directories starting with a dot. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Apr 19 22:30:19 UTC 2023 on atb-devel-224 commit a2acbd3f3cff8d1cac63acdead4b7be14a7092b2 Author: Andreas Schneider Date: Wed Apr 19 15:35:47 2023 +0200 s3:tests: Add test that veto files works for hidden files BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit b5a66840e3057cbff85fe6cd231310c4a9cfb34b Author: Andreas Schneider Date: Wed Apr 19 20:45:52 2023 +0200 s3:tests: Create a temporary directory for test_veto_files.sh BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison --- Summary of changes: selftest/target/Samba3.pm | 4 source3/lib/util.c | 5 + source3/script/tests/test_veto_files.sh | 35 +++-- 3 files changed, 42 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 6f9b7466e4a..6b371ee2714 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -1968,6 +1968,10 @@ sub setup_fileserver path = $veto_sharedir delete veto files = yes +[veto_files_nohidden] + path = $veto_sharedir + veto files = /.*/ + [veto_files] path = $veto_sharedir veto files = /veto_name*/ diff --git a/source3/lib/util.c b/source3/lib/util.c index b010d035cdd..9fd913ba729 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -743,6 +743,11 @@ bool is_in_path(const char *name, name_compare_entry *namelist, bool case_sensit return False; } + /* Do not reject path components if namelist is set to '.*' */ + if (ISDOT(name) || ISDOTDOT(name)) { + return false; + } + DEBUG(8, ("is_in_path: %s\n", name)); /* Get the last component of the unix name. */ diff --git a/source3/script/tests/test_veto_files.sh b/source3/script/tests/test_veto_files.sh index 5ecfb53b8a4..201883ee330 100755 --- a/source3/script/tests/test_veto_files.sh +++ b/source3/script/tests/test_veto_files.sh @@ -22,13 +22,21 @@ SHAREPATH=${5} SMBCLIENT=${6} shift 6 SMBCLIENT="$VALGRIND ${SMBCLIENT}" +# Used by test_smbclient() +# shellcheck disable=2034 +smbclient="$VALGRIND ${SMBCLIENT}" ADDARGS="$@" incdir=$(dirname "$0")/../../../testprogs/blackbox . "$incdir"/subunit.sh +. "${incdir}/common_test_fns.inc" failed=0 +TMPDIR=${PREFIX_ABS}/$(basename "${0}") +mkdir -p "${TMPDIR}" || exit 1 +cd "${TMPDIR}" || exit 1 + # # Cleanup function. # @@ -41,6 +49,8 @@ do_cleanup() rm -rf "$SHAREPATH/veto_name_dir\"mangle" rm -f "$SHAREPATH/veto_name_file" rm -f "$SHAREPATH/veto_name_file\"mangle" + rm -f "${SHAREPATH}/regular_file" + rm -f "${SHAREPATH}/.hidden_file" ) } @@ -51,7 +61,7 @@ smbclient_get_expect_error() { filename1="$1" expected_error="$2" - tmpfile=$PREFIX/smbclient_interactive_prompt_commands + tmpfile=${TMPDIR}/smbclient_interactive_prompt_commands cat >"$tmpfile" <"$tmpfile" < "${SHAREPATH}/regular_file" +echo "hidden_file" > "${SHAREPATH}/.hidden_file" + +test_smbclient "download regular file" \ + "get regular_file" "//${SERVER}/veto_files_nohidden" \ + -U"${USERNAME}%${PASSWORD}" || + failed=$((failed + 1)) +rm -f regular_file +test_smbclient_expect_failure "hidden file can't be downloaded" \ + "get .hidden_file"
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 526f381f413 shadow_copy2: Fix stream open for streams_depot paths via 0327334c89c tests: Show that streams_depot and shadow_copy2 don't play together via 081e808ab4a streams_depot: Create files when requested from 45f026c45c9 debug: Only initialize gpfs wrapper when gpfs logging is enabled https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 526f381f413d1cb5cde93b9542034f5ebfcfcc10 Author: Volker Lendecke Date: Fri Apr 14 17:22:18 2023 +0200 shadow_copy2: Fix stream open for streams_depot paths streams_depot hands us absolute paths with : filename components instead of having set smb_fname_in->stream_name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15358 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Apr 17 18:11:07 UTC 2023 on atb-devel-224 commit 0327334c89cfda9020c6044a7b2b182138e46d03 Author: Volker Lendecke Date: Fri Apr 14 15:34:17 2023 + tests: Show that streams_depot and shadow_copy2 don't play together See the next patch, we assert in shadow_copy2_openat() over paths passed in from shadow_copy2 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15358 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 081e808ab4ac6e187b9791da322eb7173e1e133c Author: Volker Lendecke Date: Fri Apr 14 16:32:42 2023 +0200 streams_depot: Create files when requested If you set "create mask = 0600" no streams will be created Tested manually. Not creating an automated test for this, there are so many places where this can go wrong that testing this individual glitch does not gain us much confidence. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15357 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/tests/libsmb-basic.py | 15 ++- selftest/target/Samba3.pm | 5 + source3/modules/vfs_shadow_copy2.c | 25 - source3/modules/vfs_streams_depot.c | 2 +- 4 files changed, 36 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb-basic.py b/python/samba/tests/libsmb-basic.py index 37b82b26dac..cbe7cce5bae 100644 --- a/python/samba/tests/libsmb-basic.py +++ b/python/samba/tests/libsmb-basic.py @@ -19,7 +19,7 @@ from samba.samba3 import libsmb_samba_internal as libsmb from samba.dcerpc import security -from samba import NTSTATUSError +from samba import NTSTATUSError,ntstatus from samba.ntstatus import NT_STATUS_DELETE_PENDING from samba.credentials import SMB_ENCRYPTION_REQUIRED import samba.tests.libsmb @@ -202,6 +202,19 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests): c.rmdir("subdir") self.assertTrue(ret) +def test_libsmb_shadow_depot(self): +c = libsmb.Conn(self.server_ip, "shadow_depot", self.lp, self.creds) +try: +fnum=c.create("x:y",CreateDisposition=libsmb.FILE_CREATE) +c.close(fnum) +except: +self.fail() +finally: +# "c" might have crashed, get a new connection +c1 = libsmb.Conn(self.server_ip, "shadow_depot", self.lp, self.creds) +c1.unlink("x") +c1 = None + if __name__ == "__main__": import unittest unittest.main() diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 717091cc8cf..6f9b7466e4a 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -3408,6 +3408,11 @@ sub provision($$) shadow:fixinodes = yes smbd async dosmode = yes +[shadow_depot] + path = $shadow_shrdir + comment = previous versions with streams_depot + vfs objects = streams_depot shadow_copy2 + [dfq] path = $shrdir/dfree vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq diff --git a/source3/modules/vfs_shadow_copy2.c b/source3/modules/vfs_shadow_copy2.c index 16e39c2f070..a2c9d3ce4c9 100644 --- a/source3/modules/vfs_shadow_copy2.c +++ b/source3/modules/vfs_shadow_copy2.c @@ -1522,15 +1522,22 @@ static struct smb_filename *shadow_copy2_openat_name( if (fsp->base_fsp != NULL) { struct smb_filename *base_fname = fsp->base_fsp->fsp_name; - SMB_ASSERT(is_named_stream(smb_fname_in)); - - result = synthetic_smb_fname( - mem_ctx, - base_fname->base_name, - smb_fname_in->stream_name, - _fname_in->st, -
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3633027e49a rpcd_mdssvc: initialize POSIX locking from 8b23a4a7eca smbd: Prevent creation of vetoed files https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3633027e49aec064e7d890a1f7ec4d81711a5de7 Author: Ralph Boehme Date: Thu Apr 6 10:16:46 2023 +0200 rpcd_mdssvc: initialize POSIX locking Otherwise the posix_pending_close_db is NULL and we crash when trying to close a file descriptor: #4 /usr/lib64/samba/libdbwrap-samba4.so(dbwrap_parse_record+0xe) [0x7fbc5d05c8ae] #5 /usr/lib64/samba/libdbwrap-samba4.so(dbwrap_fetch_int32+0x38) [0x7fbc5d05d438] #6 /usr/lib64/samba/libsmbd-base-samba4.so(fd_close_posix+0x7b) [0x7fbc5e276f8b] #7 /usr/lib64/samba/libsmbd-base-samba4.so(+0x57900) [0x7fbc5e28a900] #8 /usr/lib64/samba/libsmbd-base-samba4.so(fd_close+0x68) [0x7fbc5e2b7ea8] #9 /usr/lib64/samba/libsmbd-base-samba4.so(+0x62608) [0x7fbc5e295608] #10 /usr/lib64/samba/libtalloc-samba4.so(_talloc_free+0x51b) [0x7fbc5d9f439b] #11 /usr/lib64/samba/vfs/fruit.so(+0xcac2) [0x7fbc45fcdac2] #12 /usr/lib64/samba/vfs/fruit.so(+0xcbdd) [0x7fbc45fcdbdd] #13 /usr/lib64/samba/vfs/fruit.so(+0xf603) [0x7fbc45fd0603] #14 /usr/lib64/samba/libsmbd-base-samba4.so(+0x56375) [0x7fbc5e289375] #15 /usr/lib64/samba/vfs/nothingtoseeherereally.so(+0x196c) [0x7fbc467f996c] #16 /usr/lib64/samba/vfs/streams_xattr.so(+0x51fc) [0x7fbc461e71fc] #17 /usr/lib64/samba/libsmbd-base-samba4.so(+0xade3a) [0x7fbc5e2e0e3a] #18 /usr/lib64/samba/libsmbd-base-samba4.so(create_conn_struct_cwd+0x44) [0x7fbc5e2e1cf4] #19 /usr/libexec/samba/rpcd_mdssvc(mds_init_ctx+0x2c3) [0x563fdac08f03] #20 /usr/libexec/samba/rpcd_mdssvc(_mdssvc_open+0x141) [0x563fdac0b4d1] The corresponding open is done as part of initializing a connection_struct object, where we chdir() and stat() the root path of the share. The stat() in vfs_fruit causes an expensive metadata request on the path which triggers an internal open of a pathref handle. Note that this only affects servers that have fruit:metadata = netatalk set, which is the default unfortunately. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15354 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Apr 7 21:12:21 UTC 2023 on atb-devel-224 --- Summary of changes: source3/rpc_server/rpcd_mdssvc.c | 8 1 file changed, 8 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/rpcd_mdssvc.c b/source3/rpc_server/rpcd_mdssvc.c index c5b632099fa..4040ae9e0d8 100644 --- a/source3/rpc_server/rpcd_mdssvc.c +++ b/source3/rpc_server/rpcd_mdssvc.c @@ -16,6 +16,7 @@ */ #include "includes.h" +#include "source3/locking/proto.h" #include "rpc_worker.h" #include "librpc/gen_ndr/ndr_mdssvc.h" #include "librpc/gen_ndr/ndr_mdssvc_scompat.h" @@ -38,9 +39,16 @@ static size_t mdssvc_servers( void *private_data) { static const struct dcesrv_endpoint_server *ep_servers[1] = { NULL }; + bool ok; lp_load_with_shares(get_dyn_CONFIGFILE()); + ok = posix_locking_init(false); + if (!ok) { + DBG_ERR("posix_locking_init() failed\n"); + exit(1); + } + ep_servers[0] = mdssvc_get_ep_server(); *_ep_servers = ep_servers; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8b23a4a7eca smbd: Prevent creation of vetoed files via 2e8954d5be3 CI: add a test creating a vetoed file from e3b9e252338 lib:registry: drop unused argument of reg_open_remote() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8b23a4a7eca9b8f80cc4113bb8cf9bb7bd5b4807 Author: Ralph Boehme Date: Wed Apr 5 11:03:52 2023 +0200 smbd: Prevent creation of vetoed files The problem is when checking for vetoed names on the last path component in openat_pathref_fsp_case_insensitive() we return NT_STATUS_OBJECT_NAME_NOT_FOUND. The in the caller filename_convert_dirfsp_nosymlink() this is treated as the "file creation case" causing filename_convert_dirfsp_nosymlink() to return NT_STATUS_OK. In order to correctly distinguish between the cases 1) file doesn't exist, we may be creating it, return 2) a vetoed a file we need 2) to return a more specific error to filename_convert_dirfsp_nosymlink(). I've chosen NT_STATUS_OBJECT_NAME_INVALID which gets mapped to the appropriate errror NT_STATUS_OBJECT_PATH_NOT_FOUND or NT_STATUS_OBJECT_NAME_NOT_FOUND depending on which path component was vetoed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Apr 6 23:03:50 UTC 2023 on atb-devel-224 commit 2e8954d5be3336f1c4c2cf033209f632ad84e712 Author: Ralph Boehme Date: Wed Apr 5 11:32:09 2023 +0200 CI: add a test creating a vetoed file BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: source3/script/tests/test_veto_files.sh | 47 + source3/smbd/filename.c | 10 --- 2 files changed, 54 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/script/tests/test_veto_files.sh b/source3/script/tests/test_veto_files.sh index 9f0526bd54c..5ecfb53b8a4 100755 --- a/source3/script/tests/test_veto_files.sh +++ b/source3/script/tests/test_veto_files.sh @@ -84,6 +84,42 @@ EOF fi } +smbclient_create_expect_error() +{ + filename="$1.$$" + expected_error="$2" + tmpfile=$PREFIX/smbclient_interactive_prompt_commands + cat >"$tmpfile" <conn, smb_fname_rel->base_name)) { DBG_DEBUG("veto files rejecting last component %s\n", smb_fname_str_dbg(smb_fname_rel)); - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_NETWORK_OPEN_RESTRICTION; } status = openat_pathref_fsp(dirfsp, smb_fname_rel); @@ -818,7 +818,7 @@ static NTSTATUS openat_pathref_fsp_case_insensitive( DBG_DEBUG("veto files rejecting last component %s\n", smb_fname_str_dbg(smb_fname_rel)); TALLOC_FREE(cache_key.data); - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_NETWORK_OPEN_RESTRICTION; } status = openat_pathref_fsp(dirfsp, smb_fname_rel); @@ -848,7 +848,7 @@ lookup: if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) { DBG_DEBUG("veto files rejecting last component %s\n", smb_fname_str_dbg(smb_fname_rel)); - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_NETWORK_OPEN_RESTRICTION; } status = openat_pathref_fsp(dirfsp, smb_fname_rel); @@ -1292,6 +1292,10 @@ static NTSTATUS filename_convert_dirfsp_nosymlink( goto done; } + if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_OPEN_RESTRICTION)) { + /* A vetoed file, pretend it's not there */ + status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + } if (!NT_STATUS_IS_OK(status)) { goto fail; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 35380fa6a5b gpupdate: Use winbind separator in PAM Access Policies via 893cfefa9ed gpupdate: Test that PAM Access uses winbind separator from f3fad5a189f libcli/security: prepare sddl machine/forest_sid handling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 35380fa6a5bcf84827a007332f83ac7f84ffacbb Author: David Mulder Date: Thu Mar 16 15:31:33 2023 -0600 gpupdate: Use winbind separator in PAM Access Policies Signed-off-by: David Mulder Reviewed-by: Andrew Bartlett Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Mar 20 20:20:41 UTC 2023 on atb-devel-224 commit 893cfefa9ed6048fc45d0a5d2b48a4821e8ff3d1 Author: David Mulder Date: Thu Mar 16 15:39:47 2023 -0600 gpupdate: Test that PAM Access uses winbind separator Signed-off-by: David Mulder Reviewed-by: Andrew Bartlett Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/gp/vgp_access_ext.py | 18 ++ python/samba/tests/gpo.py | 11 +++ 2 files changed, 21 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/gp/vgp_access_ext.py b/python/samba/gp/vgp_access_ext.py index c41bc678176..4748352d14a 100644 --- a/python/samba/gp/vgp_access_ext.py +++ b/python/samba/gp/vgp_access_ext.py @@ -82,6 +82,7 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): deny_conf = self.parse(path) entries = [] policy_files = [] +winbind_sep = self.lp.get('winbind separator') if allow_conf: policy = allow_conf.find('policysetting') data = policy.find('data') @@ -90,7 +91,9 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): adobject = listelement.find('adobject') name = adobject.find('name').text domain = adobject.find('domain').text -entries.append('+:%s\\%s:ALL' % (domain, name)) +entries.append('+:%s%s%s:ALL' % (domain, + winbind_sep, + name)) if len(allow_listelements) > 0: log.info('Adding an implicit deny ALL because an allow' ' entry is present') @@ -102,7 +105,9 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): adobject = listelement.find('adobject') name = adobject.find('name').text domain = adobject.find('domain').text -entries.append('-:%s\\%s:ALL' % (domain, name)) +entries.append('-:%s%s%s:ALL' % (domain, + winbind_sep, + name)) if len(allow_listelements) > 0: log.warn("Deny entry '%s' is meaningless with " "allow present" % entries[-1]) @@ -143,6 +148,7 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): path = os.path.join(gpo.file_sys_path, deny) deny_conf = self.parse(path) entries = [] +winbind_sep = self.lp.get('winbind separator') if allow_conf: policy = allow_conf.find('policysetting') data = policy.find('data') @@ -153,7 +159,9 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): domain = adobject.find('domain').text if str(self) not in output.keys(): output[str(self)] = [] -output[str(self)].append('+:%s\\%s:ALL' % (name, domain)) +output[str(self)].append('+:%s%s%s:ALL' % (name, + winbind_sep, + domain)) if len(allow_listelements) > 0: output[str(self)].append('-:ALL:ALL') if deny_conf: @@ -165,5 +173,7 @@ class vgp_access_ext(gp_xml_ext, gp_file_applier): domain = adobject.find('domain').text if str(self) not in output.keys(): output[str(self)] = [] -output[str(self)].append('-:%s\\%s:ALL' % (name, domain)) +output[str(self)].append('-:%s%s%s:ALL' % (name, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f55a357c6b9 dsgetdcname: do not assume local system uses IPv4 via 9bb8795aebd libsmb: Convert cli_posix_stat_send/recv() to modern conventions via cc4a2d4edc7 librpc: Simplify dcerpc_default_transport_endpoint() via 43b34b01597 libcli: Shrink .data segment by 43264 bytes via e6a03c04a76 libcli: Shrink .data segment by 43264 bytes via 9e00acd0d0f build: Fix a long line via dec4d5aa9d7 rpcd: Use size_t for walking an array via 4814b95dbcf smbd: Directly initialize a "fsp1" via 62651ace1cb smbd: DBG_DEBUG raw create contexts received from the client via bbcc9b326eb lib: Add dump_data_addbuf() via e5d1527f74a lib: Move the dump_data_pw() prototype to the other dump_data_* ones via 0195f8bc9a9 lib: Fix a typo via 8faccb6e195 lib: Remove a talloc_stackframe() via 35976fc2ffd libcli/util: Avoid an includes.h via d76ec8519e0 libcli/security: Avoid includes.h via 04379c0bcfd lib: librpc/gen_ndr/security.h needs DATA_BLOB via 2ac2c055614 lib: Fix whitespace via 4d8a396c4c1 smbd: Remove a variable only ever set to NULL via 8926770ae94 smbd: Fix a typo via 1a52b30d921 vfs: Replace a "== false" with a "!" via efbfa9fc44b libsmb: Avoid a duplicate memset(.., 0, ..); via da93b648abc Fix a typo via bf6599fecea samba-tool: Ensure modifying GPO increments GPT.INI vers via ce29f55129f samba-tool: Test that modifying GPO increments GPT.INI vers via 42517d576ac samba-tool: Subclass GPOCommand for calling samdb_connect from 403598b3076 s4-dsdb:tests: Correctly handle LdbError https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f55a357c6b9387883a7628a1b1083263a10121a6 Author: Nathaniel W. Turner Date: Fri Sep 23 16:37:46 2022 -0400 dsgetdcname: do not assume local system uses IPv4 Return the first IPv4 and the first IPv6 address found for each DC. This is slightly inelegant, but resolves an issue where IPv6-only systems were unable to run "net ads join" against domain controllers that have both A and records in DNS. While this impacts performance due to the additional LDAP ping attempts, in practice an attempt to connect to an IPv6 address on an IPv4-only system (or vice versa) will fail immediately with NT_STATUS_NETWORK_UNREACHABLE, and thus the performance impact should be negligible. The alternative approach, using an smb.conf setting to control whether the logic prefers a single address of one family or the other ends up being a bit awkward, as it pushes the problem onto admins and tools such as "realm join" that want to dynamically synthesize an smb.conf on the fly. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15325 Signed-off-by: Nathaniel W. Turner Reviewed-by: Jeremy Allison Reviewed-by: David Mulder Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Mar 9 19:12:15 UTC 2023 on atb-devel-224 commit 9bb8795aebdaad10713c791e45f11e3a4b94d5ff Author: Volker Lendecke Date: Thu Feb 16 17:35:24 2023 +0100 libsmb: Convert cli_posix_stat_send/recv() to modern conventions It's unusual these days to pass output arguments in the _send function, instead save the result in the _state struct Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit cc4a2d4edc756e79ad91b10086df910e512f9c7a Author: Volker Lendecke Date: Mon Feb 20 18:48:20 2023 +0100 librpc: Simplify dcerpc_default_transport_endpoint() We don't need strcmp for just 1 byte Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 43b34b015979fd250171b7610db7d55f6b2ac7cf Author: Volker Lendecke Date: Tue Feb 28 20:53:59 2023 +0100 libcli: Shrink .data segment by 43264 bytes A case statement only references const strings, pointers in an array need to be relocated at exec() time. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e6a03c04a765e4d6c41b137d365a1e64f6285a8e Author: Volker Lendecke Date: Tue Feb 28 20:53:59 2023 +0100 libcli: Shrink .data segment by 43264 bytes A case statement only references const strings, pointers in an array need to be relocated at exec() time. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 9e00acd0d0fc5419d920e743426dd2b310d45083 Author: Volker Lendecke Date: Tue Feb 28 20:27:30 2023 +0100 build: Fix a long line Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit dec4d5aa9d72adf5b955086e5622259f085ba811 Author: Volker Lendecke Date: Thu Feb 23 10:00:10 2023 +0100 rpcd: U
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a1780ed8d1b rpcd: With npa->need_idle_server we can have more than 256 servers via 0ab7b84ccbd rpcd: Do blocking connects to local pipes via f23eb1b3b72 rpcd: Increase listening queue via 86e95b57d68 torture3: test rpc scalability via f3ce9970002 librpc: Remove unused sync rpc_transport_np_init() via 07ebf97a74f librpc: Make rpc_pipe_open_np() public and async from 3f84a6df454 s3: smbd: Fix fsp/fd leak when looking up a non-existent stream name on a file. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a1780ed8d1b46e4760319b27a4978e7ce7a1df80 Author: Volker Lendecke Date: Mon Feb 20 18:46:50 2023 +0100 rpcd: With npa->need_idle_server we can have more than 256 servers Before this patch the worker-status cut the worker index such that samba-dcerpcd could not properly update status of the surplus rpc daemons. This could lead to those daemons to stay around forever, samba-dcerpcd will never notice they are idle and can exit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Mar 6 22:35:00 UTC 2023 on atb-devel-224 commit 0ab7b84ccbd383bb2f696ce258438d4af57fe6f0 Author: Volker Lendecke Date: Wed Mar 1 14:42:00 2023 +0100 rpcd: Do blocking connects to local pipes We don't have real async callers yet, and this is the simplest way to fix our missing light-weight deterministic async fallback mechanism. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f23eb1b3b728d7a13add8c6614d9992aad2c3653 Author: Volker Lendecke Date: Wed Mar 1 14:40:37 2023 +0100 rpcd: Increase listening queue Allow more waiters under load. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 86e95b57d6848482dc73c624c2e8d2bdb79c1d21 Author: Volker Lendecke Date: Mon Mar 6 10:05:41 2023 +0100 torture3: test rpc scalability With smbtorture3 //127.0.0.1/ipc\$ rpc-scale -N 50 -o 1000 I am able to immediately trigger bug 15130. Not running by default, this is a pure load test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f3ce9970002459a069344ca5519fb91feacb4a6e Author: Volker Lendecke Date: Mon Mar 6 13:57:20 2023 +0100 librpc: Remove unused sync rpc_transport_np_init() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 07ebf97a74fb5c0d0504e76c50f3aca8257dab1f Author: Volker Lendecke Date: Mon Mar 6 13:55:43 2023 +0100 librpc: Make rpc_pipe_open_np() public and async Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/librpc/idl/rpc_host.idl | 2 +- source3/rpc_client/cli_pipe.c | 132 +++ source3/rpc_client/cli_pipe.h | 13 ++ source3/rpc_client/local_np.c | 14 +- source3/rpc_client/rpc_transport.h| 3 - source3/rpc_client/rpc_transport_np.c | 31 source3/rpc_server/rpc_host.c | 2 +- source3/rpc_server/rpc_worker.c | 2 +- source3/torture/proto.h | 1 + source3/torture/test_rpc_scale.c | 301 ++ source3/torture/torture.c | 4 + source3/torture/wscript_build | 1 + 12 files changed, 436 insertions(+), 70 deletions(-) create mode 100644 source3/torture/test_rpc_scale.c Changeset truncated at 500 lines: diff --git a/source3/librpc/idl/rpc_host.idl b/source3/librpc/idl/rpc_host.idl index 899eabf3c26..ddbd2781fe1 100644 --- a/source3/librpc/idl/rpc_host.idl +++ b/source3/librpc/idl/rpc_host.idl @@ -66,7 +66,7 @@ interface rpc_host_msg /** * @brief Which of the processes of a helper prog is this from */ - uint8 worker_index; + uint32 worker_index; /** * @brief How many clients this process serves right now diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 5e26dc1806d..2af68b169af 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3172,74 +3172,142 @@ static int rpc_pipe_client_np_ref_destructor(struct rpc_pipe_client_np_ref *np_r * / -static NTSTATUS rpc_pipe_open_np(struct cli_state *cli, -const
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 682c77be74b s4:torture:basic: use milliseconds granularity in delayed_write_update7 via cb9df8181e3 lib: add NTTIME_[U|m]SEC macros via 122d645868a s4:torture:basic: fix SET_INFO_* macros in delayed_write_update* from 460fd441d7f s3:winbind: Improve warning message if we are out of autorid ranges https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 682c77be74b3f996f1278648a54b33cdbb9df4de Author: Amir Goldstein Date: Thu Feb 9 11:39:21 2023 +0200 s4:torture:basic: use milliseconds granularity in delayed_write_update7 The test sets an mtime with non zero nsec and verifies that the timestamp of pre-close matches the timestamp after close-open. This is a regression test for https://bugzilla.samba.org/show_bug.cgi?id=6529 The bug speaks of loosing the milliseconds part of the timestamp, but the test uses a value of 103*100ns for the sub-second part. Meaning that if the backing filesystem has only milliseconds granularity, the test practically checks that a value of 0 milliseconds is preserved, which will not have actually caught the bug. Also, with the default 'smbd getinfo ask sharemode = yes' the test will fail if the filesystem truncates the sub-second part to milliseconds granularity. Use a non-zero milliseconds value with zero microseconds in the test to support backing filesystems with milliseconds granularity. Signed-off-by: Amir Goldstein Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Mar 1 20:55:47 UTC 2023 on atb-devel-224 commit cb9df8181e32f13f4004183d21b2b00a0149dfad Author: Amir Goldstein Date: Tue Feb 28 12:53:03 2023 +0100 lib: add NTTIME_[U|m]SEC macros Signed-off-by: Amir Goldstein Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 122d645868ac5a046fb1cbd84e8fc3847318fa2c Author: Amir Goldstein Date: Thu Feb 9 11:39:21 2023 +0200 s4:torture:basic: fix SET_INFO_* macros in delayed_write_update* The macros were ignoring the finfo argument. Signed-off-by: Amir Goldstein Reviewed-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: lib/util/time.h| 3 +++ source4/torture/basic/delaywrite.c | 11 ++- 2 files changed, 9 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/time.h b/lib/util/time.h index 8b61e41ae94..4870c84de62 100644 --- a/lib/util/time.h +++ b/lib/util/time.h @@ -72,6 +72,9 @@ /* 64 bit time (100 nanosec) 1601 - cifs6.txt, section 3.5, page 30, 4 byte aligned */ typedef uint64_t NTTIME; +#define NTTIME_USEC (10UL) +#define NTTIME_MSEC (1000UL * NTTIME_USEC) + /** External access to time_t_min and time_t_max. **/ diff --git a/source4/torture/basic/delaywrite.c b/source4/torture/basic/delaywrite.c index 620870120bd..e36481d4a49 100644 --- a/source4/torture/basic/delaywrite.c +++ b/source4/torture/basic/delaywrite.c @@ -1361,7 +1361,7 @@ static bool test_finfo_after_write(struct torture_context *tctx, struct smbcli_s sfinfo.basic_info.in.access_time = 0; \ unix_to_nt_time(_info.in.write_time, (wrtime)); \ sfinfo.basic_info.in.change_time = 0; \ - sfinfo.basic_info.in.attrib = finfo1.basic_info.out.attrib; \ + sfinfo.basic_info.in.attrib = finfo.basic_info.out.attrib; \ _status = smb_raw_setfileinfo(tree, ); \ if (!NT_STATUS_IS_OK(_status)) { \ torture_result(tctx, TORTURE_FAIL, __location__": setfileinfo failed: %s", \ @@ -1383,7 +1383,7 @@ static bool test_finfo_after_write(struct torture_context *tctx, struct smbcli_s unix_to_nt_time(_info.in.write_time, (wrtime)); \ sfinfo.basic_info.in.write_time += (ns); \ sfinfo.basic_info.in.change_time = 0; \ - sfinfo.basic_info.in.attrib = finfo1.basic_info.out.attrib; \ + sfinfo.basic_info.in.attrib = finfo.basic_info.out.attrib; \ _status = smb_raw_setfileinfo(tree, ); \ if (!NT_STATUS_IS_OK(_status)) { \ torture_result(tctx, TORTURE_FAIL, __location__": setfileinfo failed: %s", \ @@ -2902,9 +2902,10 @@ static bool test_delayed_write_update7(struct torture_context *tctx, struct smbc status = smb_raw_fileinfo(cli->tree, tctx, ); torture_assert_ntstatus_ok(tctx, status, "fileinfo failed"); - - /* Set the pending write time to a value with ns. */ - SET_INFO_FILE_NS(finfo, time(NULL) + 86400, 103, cli->tree, fnum1); + + /* Set the pending write time to a value with non zero msec. */ + SET_INFO_FILE_NS(finfo1, t
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d8647376fb vfs: Fix whitespace in vfs_aixacl_util.c via 1a040c7f7ee smbd: Remove dptr_struct->expect_close via a49edcd0d26 smbd: Remove dptr_struct->spid via 5c19e6ca756 smbd: Simplify SeekDir() with an early return via a1d348fd5e1 smbd: Simplify struct dptr_struct via 8846b090079 lib: Fix a typo via 4bbf2b1127b lib: Simplify ms_has_wild() with strpbrk() via 6e856074b14 smbd: Use ISDOT() in dptr_create() from 54a8da86407 vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and close vfs calls https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d8647376fbfe0ad3b479be3a4479f1c9d5ecd7b Author: Volker Lendecke Date: Tue Feb 7 09:49:54 2023 +0100 vfs: Fix whitespace in vfs_aixacl_util.c Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Feb 13 21:23:43 UTC 2023 on atb-devel-224 commit 1a040c7f7eebb4ed549cc59f0b7bab461bf6d06d Author: Volker Lendecke Date: Mon Feb 6 21:40:38 2023 +0100 smbd: Remove dptr_struct->expect_close This was only set but never read Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a49edcd0d26058e41712e3d069bfe36a463b76dc Author: Volker Lendecke Date: Mon Feb 6 21:36:51 2023 +0100 smbd: Remove dptr_struct->spid This was only set but never read Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5c19e6ca756fda9dd66fa2cd484e54d0e3e221f0 Author: Volker Lendecke Date: Thu Feb 2 17:01:16 2023 +0100 smbd: Simplify SeekDir() with an early return Review with git show -w Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a1d348fd5e1b16ffc47e320d370a002dc9c9b8eb Author: Volker Lendecke Date: Thu Feb 2 12:52:32 2023 +0100 smbd: Simplify struct dptr_struct We can access the file name via "dir_hnd" Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 8846b0900794c717c6a9f72a743f600ae81f8406 Author: Volker Lendecke Date: Thu Feb 2 12:28:56 2023 +0100 lib: Fix a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4bbf2b1127b93efe655360a185567de080faa943 Author: Volker Lendecke Date: Thu Feb 2 12:25:05 2023 +0100 lib: Simplify ms_has_wild() with strpbrk() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6e856074b143ea595f3ab9e5184d21bec11b17ae Author: Volker Lendecke Date: Thu Feb 2 12:19:46 2023 +0100 smbd: Use ISDOT() in dptr_create() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/lib/util.c | 17 + source3/modules/vfs_aixacl_util.c | 42 ++--- source3/smbd/dir.c | 120 +--- source3/smbd/proto.h| 2 - source3/smbd/smb1_reply.c | 2 - source3/smbd/smb1_trans2.c | 2 - source3/smbd/smb2_query_directory.c | 2 - 7 files changed, 79 insertions(+), 108 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/util.c b/source3/lib/util.c index 83707b31e38..b010d035cdd 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -1443,19 +1443,8 @@ bool parent_dirname(TALLOC_CTX *mem_ctx, const char *dir, char **parent, bool ms_has_wild(const char *s) { - char c; - - while ((c = *s++)) { - switch (c) { - case '*': - case '?': - case '<': - case '>': - case '"': - return True; - } - } - return False; + const char *found = strpbrk(s, "*?<>\""); + return (found != NULL); } bool ms_has_wild_w(const smb_ucs2_t *s) @@ -1492,7 +1481,7 @@ bool mask_match(const char *string, const char *pattern, bool is_case_sensitive) /*** A wrapper that handles case sensitivity and the special handling - of the ".." name. Varient that is only called by old search code which requires + of the ".." name. Variant that is only called by old search code which requires pattern translation. ***/ diff --git a/source3/modules/vfs_aixacl_util.c b/source3/modules/vfs_aixacl_util.c index 1194d27df22..38b53eb3f53 100644 --- a/source3/modules/vfs_aixacl_util.c +++ b/source3/modules/vfs_aixacl_util.c @@ -26,20 +26,18 @@ SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl, TALLOC_CTX *mem_ctx) { struct acl_entry *acl_entr
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 54a8da86407 vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and close vfs calls from 58cdcce582d Add gitleaks configuration file to avoid false positives https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 54a8da864071e28eb6297b872dcb57fb9b171f33 Author: John Mulligan Date: Fri Feb 3 13:09:18 2023 -0500 vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and close vfs calls Replace fsp_get_io_fd with fsp_get_pathref_fd as these calls do use pathref fsps. fsp_get_io_fd asserts that the fsp is not pathref and asserts (on a debug build) or returns -1 (non debug build). Prior to these changes running ls on the root of the share failed. Logging from the failure case: ``` openat_pathref_fsp: smb_fname [.] openat_pathref_fullname: smb_fname [.] fsp_new: allocated files structure (1 used) file_name_hash: //. hash 0x3dfcc1c2 check_reduced_name: check_reduced_name [.] [/] cephwrap_realpath: [CEPH] realpath(0x55604da9a030, .) = //. check_reduced_name realpath [.] -> [//.] check_reduced_name: . reduced to //. cephwrap_openat: [CEPH] openat(0x55604da9a030, ., 0x55604da81f00, 133120, 0) cephwrap_openat: [CEPH] open(...) = 10 cephwrap_fstat: fsp_get_io_fd: fsp [.] is a path referencing fsp [CEPH] fstat(0x55604da9a030, -1) fsp_get_io_fd: fsp [.] is a path referencing fsp cephwrap_fstat: [CEPH] fstat(...) = -9 fd_openat: name ., flags = 04000 mode = 00, fd = 10. NT_STATUS_INVALID_HANDLE openat_pathref_fullname: Opening pathref for [.] failed: NT_STATUS_INVALID_HANDLE ``` This change also seems to match the recommendations in the `When to use fsp_get_io_fd() or fsp_get_pathref_fd()` section of The_New_VFS.txt document. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15307 Signed-off-by: John Mulligan Reviewed-by: Jeremy Allison Reviewed-by: Gunther Deschner Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Feb 13 20:04:38 UTC 2023 on atb-devel-224 --- Summary of changes: source3/modules/vfs_ceph.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c index b8190fa25e4..c5ee9d5967c 100644 --- a/source3/modules/vfs_ceph.c +++ b/source3/modules/vfs_ceph.c @@ -464,7 +464,7 @@ static int cephwrap_close(struct vfs_handle_struct *handle, files_struct *fsp) int result; DBG_DEBUG("[CEPH] close(%p, %p)\n", handle, fsp); - result = ceph_close(handle->data, fsp_get_io_fd(fsp)); + result = ceph_close(handle->data, fsp_get_pathref_fd(fsp)); DBG_DEBUG("[CEPH] close(...) = %d\n", result); WRAP_RETURN(result); @@ -788,9 +788,10 @@ static int cephwrap_fstat(struct vfs_handle_struct *handle, files_struct *fsp, S { int result = -1; struct ceph_statx stx; + int fd = fsp_get_pathref_fd(fsp); - DBG_DEBUG("[CEPH] fstat(%p, %d)\n", handle, fsp_get_io_fd(fsp)); - result = ceph_fstatx(handle->data, fsp_get_io_fd(fsp), , + DBG_DEBUG("[CEPH] fstat(%p, %d)\n", handle, fd); + result = ceph_fstatx(handle->data, fd, , SAMBA_STATX_ATTR_MASK, 0); DBG_DEBUG("[CEPH] fstat(...) = %d\n", result); if (result < 0) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 024571a7a85 waf: Add support for MemorySanitizer via b3d7df58a03 s3:torture: Remove unused variable via e57fa881199 s3:utils: Remove unused variable via a94adedd0ef s3:netapi: Remove unused variables via 5447d7fb75f s3:modules: Initialize pointer with NULL via c462a0b78da s4:modules: Move structs with dynamic arrays to end of struct via ea723fb7099 s3:modules: Ignore -Wunused-but-set-variable for autogenerated code via 54413a49f5a s3:printing: Remove unused variable via a77c56e4ed6 s3:printing: Remove trailing whitespaces in vlp.c via 1379b0e13c0 lib:ldb-samba: Correctly handle search scope via 981dcccfd9d nsswitch: Fix getting data out of pam_get_data() via d7bc74afcc1 s4:samdb: Remove unused variable via e0b46f3ca64 s4:samdb: Remove trailing whitespaces via 8b7fcfa5771 s3:winbind: Remove unused variable via f266e9e2dca s3:rpcsrv:eventlog: Remove unused variable via 91e7351db39 s3:smbd: Don't assign variable to itself via bd5b093cc02 s3:libsmb: Remove unused variable 'i' via 2cc5b0745a9 auth/credentials: Fix unitialized data via 7f123bbd4ed auth/credentials: Fix trailing whitespaces from e26a01a48c4 pidl: avoid py compile issues with --pidl-developer https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 024571a7a85a7c4a81e0ee6bf9f228477275365e Author: Andreas Schneider Date: Fri Feb 3 13:43:16 2023 +0100 waf: Add support for MemorySanitizer This currently only works with binaries. As there is no shared library for MSAN it only is statically linked against binaries. This means if we have e.g. a python script trying to load ldb, it will fail with undefined symbols. Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Feb 6 23:49:04 UTC 2023 on atb-devel-224 commit b3d7df58a03e2b5419431cde510ae85c25d909c2 Author: Andreas Schneider Date: Fri Feb 3 20:37:58 2023 +0100 s3:torture: Remove unused variable source3/torture/test_smb1_dfs.c:3264:11: error: variable 'accessmode' set but not used [-Werror,-Wunused-but-set-variable] uint16_t accessmode = 0; ^ Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit e57fa88119920c5608a5096e5beaa910d117c644 Author: Andreas Schneider Date: Fri Feb 3 20:35:20 2023 +0100 s3:utils: Remove unused variable source3/utils/log2pcaphex.c:138:13: error: variable 'i' set but not used [-Werror,-Wunused-but-set-variable] static int i = 0; ^ Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit a94adedd0ef335b1ee037cc2e666a5b39d57d3bc Author: Andreas Schneider Date: Fri Feb 3 20:32:54 2023 +0100 s3:netapi: Remove unused variables source3/lib/netapi/tests/netfile.c:40:22: error: variable 'i2' set but not used [-Werror,-Wunused-but-set-variable] struct FILE_INFO_2 *i2 = NULL; ^ source3/lib/netapi/tests/netfile.c:41:22: error: variable 'i3' set but not used [-Werror,-Wunused-but-set-variable] struct FILE_INFO_3 *i3 = NULL; ^ Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 5447d7fb75fc00b17cde4dd0ecccd89e8b6f8545 Author: Andreas Schneider Date: Fri Feb 3 20:29:33 2023 +0100 s3:modules: Initialize pointer with NULL source3/modules/vfs_glusterfs.c:827:6: error: variable 'glfd' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized] if (pglfd == NULL) { ^ source3/modules/vfs_glusterfs.c:853:6: note: uninitialized use occurs here if (glfd == NULL) { ^~~~ source3/modules/vfs_glusterfs.c:827:2: note: remove the 'if' if its condition is always true if (pglfd == NULL) { ^~~ source3/modules/vfs_glusterfs.c:763:17: note: initialize the variable 'glfd' to silence this warning glfs_fd_t *glfd; ^ = NULL Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit c462a0b78da674514a70896fbb6f08295808015b Author: Andreas Schneider Date: Fri Feb 3 15:27:22 2023 +0100 s4:modules: Move structs with dynamic arrays to end of struct source3/modules/vfs_io_uring.c:70:22: error: field 'cqe' with variable sized type 'struct io_uring_cqe' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end] struct io_uring_cqe cqe; ^ Signed-off-by: Andreas Schneider
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 851127f5c9a Python: remove pydoctor via 1dd0cd2f4e6 mdssvc: fix kMDScopeArray parsing from d80f28b081e tevent: version 0.14.1 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 851127f5c9a56cb484008f3595099cbd9728b8c7 Author: Rob van der Linde Date: Mon Jan 30 16:32:47 2023 +1300 Python: remove pydoctor Removes: * waf pydoctor * waf wafdocs * make pydoctor There is no "make wafdocs" it only appears to be in wscript. The reasoning being is these are broken and appear to not have been run for some time. Signed-off-by: Rob van der Linde Reviewed-by: Andrew Bartlett Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Feb 2 21:15:54 UTC 2023 on atb-devel-224 commit 1dd0cd2f4e644ad43b0e7ee2aaae19799e859585 Author: Ralph Boehme Date: Wed Jan 18 16:21:16 2023 +0100 mdssvc: fix kMDScopeArray parsing In macOS Ventura marshalling of kMDScopeArray in the "openQueryWithParams" request has changed from string: kMDScopeArray sl_array_t(#1): { string: /foo/bar } to: string: kMDScopeArray sl_array_t(#1): { sl_array_t(#1): { string: /foo/bar } } With this patch we check both encodings. Bug fixed according to user feedback. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15299 RN: Spotlight doesn't work with latest macOS Ventura Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: Makefile | 3 --- ctdb/Makefile | 3 --- lib/talloc/Makefile| 3 --- lib/talloc/wscript | 7 --- lib/tdb/Makefile | 3 --- source3/rpc_server/mdssvc/mdssvc.c | 6 ++ wscript| 37 - 7 files changed, 6 insertions(+), 56 deletions(-) Changeset truncated at 500 lines: diff --git a/Makefile b/Makefile index 7f5960d5191..ec571050a09 100644 --- a/Makefile +++ b/Makefile @@ -97,9 +97,6 @@ etags: ctags: $(WAF) ctags -pydoctor: - $(WAF) pydoctor - pep8: $(WAF) pep8 diff --git a/ctdb/Makefile b/ctdb/Makefile index 5dbc7acdc54..94113fe3adf 100644 --- a/ctdb/Makefile +++ b/ctdb/Makefile @@ -75,9 +75,6 @@ ctags: touch .tmplock WAFLOCK=.tmplock $(WAF) ctags -pydoctor: - $(WAF) pydoctor - bin/%:: FORCE $(WAF) --targets=`basename $@` FORCE: diff --git a/lib/talloc/Makefile b/lib/talloc/Makefile index db2275c7397..ff8e585f2a9 100644 --- a/lib/talloc/Makefile +++ b/lib/talloc/Makefile @@ -60,9 +60,6 @@ etags: ctags: $(WAF) ctags -pydoctor: - $(WAF) pydoctor - bin/%:: FORCE $(WAF) --targets=`basename $@` FORCE: diff --git a/lib/talloc/wscript b/lib/talloc/wscript index 1c54a7c653a..503295eeceb 100644 --- a/lib/talloc/wscript +++ b/lib/talloc/wscript @@ -190,10 +190,3 @@ def dist(): def reconfigure(ctx): '''reconfigure if config scripts have changed''' samba_utils.reconfigure(ctx) - - -def pydoctor(ctx): -'''build python apidocs''' -cmd='PYTHONPATH=bin/python pydoctor --project-name=talloc --project-url=http://talloc.samba.org/ --make-html --docformat=restructuredtext --introspect-c-modules --add-module bin/python/talloc.*' -print("Running: %s" % cmd) -os.system(cmd) diff --git a/lib/tdb/Makefile b/lib/tdb/Makefile index 8fd56c814ec..55e229bcbf1 100644 --- a/lib/tdb/Makefile +++ b/lib/tdb/Makefile @@ -60,9 +60,6 @@ etags: ctags: $(WAF) ctags -pydoctor: - $(WAF) pydoctor - bin/%:: FORCE $(WAF) --targets=`basename $@` FORCE: diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c index 01713722126..9b32c99b8b3 100644 --- a/source3/rpc_server/mdssvc/mdssvc.c +++ b/source3/rpc_server/mdssvc/mdssvc.c @@ -919,6 +919,12 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, scope = dalloc_get(path_scope, "char *", 0); if (scope == NULL) { + scope = dalloc_get(path_scope, + "DALLOC_CTX", 0, + "char *", 0); + } + if (scope == NULL) { + DBG_ERR("Failed to parse kMDScopeArray\n"); goto error; } diff --git a/wscript b/wscript index 08995fbe4ec..7396e09c294 100644 --- a/wscript +++ b/wscript @@ -465,28 +465,6 @@ def build(bld): samba_version.load_version(env=bld.env, is_install=bld.is_install) -def pydoctor(ctx): -'''build python apidocs''' -bp = os.path.abspath('bin/python
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d80f28b081e tevent: version 0.14.1 via ae77854a440 tevent: remove the already removed tevent_port.c also from the build via 488aa227584 replace: remove unused configure checks for port_create() via 15b1afc9175 replace: provide PIPE_BUF on GNU/Hurd from 65e9b409a6c s3:utils: Fix UNUSED_VALUE https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d80f28b081e515e32a480daf80b42cf782447a9c Author: Stefan Metzmacher Date: Wed Feb 1 15:31:32 2023 + tevent: version 0.14.1 - Build fix for GNU/Hurd - Build fix for Solaris, after removal of ports backend (bug #15298) Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Feb 2 18:27:08 UTC 2023 on atb-devel-224 commit ae77854a44094df6c9291271504c9733e717674f Author: Stefan Metzmacher Date: Wed Feb 1 13:31:38 2023 + tevent: remove the already removed tevent_port.c also from the build This fixes a regression introduced by 147a317b7b92e60c5940d875dbd7aef19824834e. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15298 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 488aa2275847162755dcbfc75cb2549299aa2aeb Author: Stefan Metzmacher Date: Wed Feb 1 13:33:42 2023 + replace: remove unused configure checks for port_create() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15298 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 15b1afc9175e045b3b28523309fb3b28a3fab484 Author: Samuel Thibault Date: Sun Aug 2 18:01:05 2020 + replace: provide PIPE_BUF on GNU/Hurd There is no hardcoded PIPE_BUF pipe limitation on GNU/Hurd, but POSIX provides a minimum value that we can use. Signed-off-by: Samuel Thibault Reviewed-by: Andrew Bartlett Reviewed-by: Stefan Metzmacher --- Summary of changes: lib/replace/system/network.h | 12 lib/replace/system/select.h | 4 lib/replace/wscript | 5 - lib/tevent/ABI/{tevent-0.14.0.sigs => tevent-0.14.1.sigs} | 0 lib/tevent/wscript| 5 + 5 files changed, 13 insertions(+), 13 deletions(-) copy lib/tevent/ABI/{tevent-0.14.0.sigs => tevent-0.14.1.sigs} (100%) Changeset truncated at 500 lines: diff --git a/lib/replace/system/network.h b/lib/replace/system/network.h index a84bfd453b1..1721d65a51a 100644 --- a/lib/replace/system/network.h +++ b/lib/replace/system/network.h @@ -91,6 +91,8 @@ #include #endif +#include + #ifndef HAVE_SOCKLEN_T #define HAVE_SOCKLEN_T typedef int socklen_t; @@ -342,6 +344,16 @@ typedef unsigned short int sa_family_t; # endif #endif +#ifndef PIPE_BUF +# ifdef __GNU__ + /* + * GNU/Hurd does not have such hardcoded limitations. But it has to support + * the minimum POSIX value anyway. + */ +# define PIPE_BUF 512 +# endif +#endif + #ifndef HAVE_STRUCT_ADDRINFO #define HAVE_STRUCT_ADDRINFO struct addrinfo { diff --git a/lib/replace/system/select.h b/lib/replace/system/select.h index 9e945c3ccfa..11c5390d901 100644 --- a/lib/replace/system/select.h +++ b/lib/replace/system/select.h @@ -34,10 +34,6 @@ #include #endif -#ifdef HAVE_SOLARIS_PORTS -#include -#endif - #ifndef SELECT_CAST #define SELECT_CAST #endif diff --git a/lib/replace/wscript b/lib/replace/wscript index 82c5a8a477b..5c2b750832b 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -44,7 +44,6 @@ def configure(conf): conf.CHECK_HEADERS('locale.h ndir.h pwd.h') conf.CHECK_HEADERS('shadow.h sys/acl.h') conf.CHECK_HEADERS('sys/attributes.h attr/attributes.h sys/capability.h sys/dir.h sys/epoll.h') -conf.CHECK_HEADERS('port.h') conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h') conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') conf.CHECK_HEADERS('sys/resource.h sys/security.h sys/shm.h sys/statfs.h sys/statvfs.h sys/termio.h') @@ -482,7 +481,6 @@ def configure(conf): conf.CHECK_FUNCS('timegm getifaddrs freeifaddrs mmap setgroups syscall setsid') conf.CHECK_FUNCS('getgrent_r getgrgid_r getgrnam_r getgrouplist getpagesize') conf.CHECK_FUNCS('getpwent_r getpwnam_r getpwuid_r epoll_create') -conf.CHECK_FUNCS('port_create') conf.CHECK_FUNCS('getprogname') if not conf.CHECK_FUNCS('copy_file_range'): conf.CHECK_CODE(''' @@ -708,9 +706,6 @@ syscall(SYS_copy_file_range,0,NULL,0,NULL,0,0); if conf.CONFIG_SET('HAVE_EPOLL_CREATE') and conf.CONFIG_SET('HAVE_SYS_EPOLL_H'): conf.
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 96154a26fee spelling fixes for 4.18 (errror implemenation proces Controler) from 2a104556e84 s3/lib: Prevent use after free of messaging_ctdb_fde_ev structs https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 96154a26fee79a496e86b7fa134223487ba7c6a3 Author: Michael Tokarev Date: Fri Jan 20 21:12:54 2023 +0300 spelling fixes for 4.18 (errror implemenation proces Controler) One of changes is somewhat interesting, it is "tfork waiter proces" process title in tfork.c. I wonder why no one noticed this before. There's another similar process title in there, "tfork waiter process(%d)". Hopefully no one does grep for "proces$" (and there's no reason to). Signed-off-by: Michael Tokarev Reviewed-by: Volker Lendecke Reviewed-by: Rowland Penny Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jan 26 20:46:11 UTC 2023 on atb-devel-224 --- Summary of changes: ctdb/server/ctdb_recoverd.c | 2 +- lib/smbconf/pysmbconf.c | 2 +- lib/util/tfork.c| 2 +- nsswitch/wbinfo.c | 2 +- source4/torture/smb2/acls.c | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_recoverd.c b/ctdb/server/ctdb_recoverd.c index bf3a66b0aaf..9d2cb6af9c9 100644 --- a/ctdb/server/ctdb_recoverd.c +++ b/ctdb/server/ctdb_recoverd.c @@ -395,7 +395,7 @@ static void ctdb_set_culprit_count(struct ctdb_recoverd *rec, struct ctdb_banning_state, len); if (t == NULL) { - DBG_WARNING("Memory allocation errror"); + DBG_WARNING("Memory allocation error"); return; } rec->banning_state = t; diff --git a/lib/smbconf/pysmbconf.c b/lib/smbconf/pysmbconf.c index 1b3c101005a..465876684ca 100644 --- a/lib/smbconf/pysmbconf.c +++ b/lib/smbconf/pysmbconf.c @@ -747,7 +747,7 @@ PyDoc_STRVAR(py_smbconf_doc, "types. Future, write based functions need a writable backend (registry).\n" "\n" "Note that the registry backend will be provided by a different\n" -"library module from the source3 tree (implemenation TBD).\n"); +"library module from the source3 tree (implementation TBD).\n"); static struct PyModuleDef moduledef = { PyModuleDef_HEAD_INIT, diff --git a/lib/util/tfork.c b/lib/util/tfork.c index 57a4e18638b..e3eaa199db5 100644 --- a/lib/util/tfork.c +++ b/lib/util/tfork.c @@ -572,7 +572,7 @@ static pid_t tfork_start_waiter_and_worker(struct tfork_state *state, /* * The "waiter" child. */ - process_set_title("tfork waiter", "tfork waiter proces"); + process_set_title("tfork waiter", "tfork waiter process"); CatchSignal(SIGCHLD, SIG_DFL); diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index de54373afe8..6148b204043 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -2551,7 +2551,7 @@ int main(int argc, const char **argv, char **envp) .argInfo= POPT_ARG_STRING, .arg= _arg, .val= OPT_CHANGE_SECRET_AT, - .descrip= "Change shared secret at Domain Controler" }, + .descrip= "Change shared secret at Domain Controller" }, { .longName = "ping-dc", .shortName = 'P', diff --git a/source4/torture/smb2/acls.c b/source4/torture/smb2/acls.c index a5df9da3b45..2f15ad27e48 100644 --- a/source4/torture/smb2/acls.c +++ b/source4/torture/smb2/acls.c @@ -2918,7 +2918,7 @@ done: * test SEC_FLAG_MAXIMUM_ALLOWED with not-granted access * * When access_mask contains SEC_FLAG_MAXIMUM_ALLOWED, the server must still - * proces other bits from access_mask. Eg if access_mask contains a right that + * process other bits from access_mask. Eg if access_mask contains a right that * the requester doesn't have, the function must validate that against the * effective permissions. */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 91f1567cdca s3:rpc_server/mdssvc: don't crash mdssvc_tracker_shutdown with NULL glue via 370b777202b s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac() from fcecdfa8e5c s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 91f1567cdcaed3a8f8faf4e77616553308a5f8eb Author: Stefan Metzmacher Date: Wed Jan 11 23:48:11 2023 +0100 s3:rpc_server/mdssvc: don't crash mdssvc_tracker_shutdown with NULL glue If mdssvc_tracker_shutdown() is called without any mds_tracker_connect() we would crash as mdssvc_tracker_init() don't call mdssvc_tracker_prepare(). Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Jan 19 19:46:01 UTC 2023 on atb-devel-224 commit 370b777202bbd9730209a3e18de102b4f163f18d Author: Stefan Metzmacher Date: Thu Dec 16 18:24:16 2021 +0100 s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15286 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- Summary of changes: source3/auth/auth_generic.c| 1 + source3/rpc_server/mdssvc/mdssvc_tracker.c | 12 ++-- 2 files changed, 11 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index ff51307e43a..6c61eb4e827 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -143,6 +143,7 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, info->account_name, info->domain_name, info, _info); + wbcFreeMemory(info); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("make_server_info_wbcAuthUserInfo failed: %s\n", nt_errstr(status))); diff --git a/source3/rpc_server/mdssvc/mdssvc_tracker.c b/source3/rpc_server/mdssvc/mdssvc_tracker.c index fab8bd22324..7ad6989fd25 100644 --- a/source3/rpc_server/mdssvc/mdssvc_tracker.c +++ b/source3/rpc_server/mdssvc/mdssvc_tracker.c @@ -286,7 +286,6 @@ static bool mdssvc_tracker_prepare(void) mdssvc_tracker_ctx->gmain_ctx = g_main_context_new(); if (mdssvc_tracker_ctx->gmain_ctx == NULL) { DBG_ERR("error from g_main_context_new\n"); - TALLOC_FREE(mdssvc_tracker_ctx); return false; } @@ -297,7 +296,7 @@ static bool mdssvc_tracker_prepare(void) if (mdssvc_tracker_ctx->glue == NULL) { DBG_ERR("samba_tevent_glib_glue_create failed\n"); g_object_unref(mdssvc_tracker_ctx->gmain_ctx); - TALLOC_FREE(mdssvc_tracker_ctx); + mdssvc_tracker_ctx->gmain_ctx = NULL; return false; } @@ -306,10 +305,19 @@ static bool mdssvc_tracker_prepare(void) static bool mdssvc_tracker_shutdown(struct mdssvc_ctx *mdssvc_ctx) { + if (mdssvc_tracker_ctx == NULL) { + return true; + } + + if (mdssvc_tracker_ctx->gmain_ctx == NULL) { + return true; + } + samba_tevent_glib_glue_quit(mdssvc_tracker_ctx->glue); TALLOC_FREE(mdssvc_tracker_ctx->glue); g_object_unref(mdssvc_tracker_ctx->gmain_ctx); + mdssvc_tracker_ctx->gmain_ctx = NULL; return true; } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 1421969b86b CI: add a test for @GMT mask in SMB1 find from 425aaf6f7eb lib: Fix a use-after-free in "net vfs getntacl" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 1421969b86bf2eab2d192d4a071080b2d021cd38 Author: Ralph Boehme Date: Thu Nov 24 16:59:49 2022 +0100 CI: add a test for @GMT mask in SMB1 find Without FLAGS2_REPARSE_PATH a path containing an @GMT token can be used to create a file including the @GMT token in the name and a directory list will also return the file as result. Verified against Windows. Samba behaves exactly the same. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jan 13 01:13:01 UTC 2023 on sn-devel-184 --- Summary of changes: source4/torture/basic/base.c | 41 + 1 file changed, 41 insertions(+) Changeset truncated at 500 lines: diff --git a/source4/torture/basic/base.c b/source4/torture/basic/base.c index 232ba9c5cb3..602eb226d0b 100644 --- a/source4/torture/basic/base.c +++ b/source4/torture/basic/base.c @@ -1979,6 +1979,44 @@ static bool torture_smb1_twrp_openroot(struct torture_context *tctx, return ret; } +static void torture_smb1_find_gmt_mask_list_fn(struct clilist_file_info *finfo, + const char *name, + void *state) +{ +} + +/** + * SMB1 @GMT token as search mask is valid + */ +static bool torture_smb1_find_gmt_mask(struct torture_context *tctx, + struct smbcli_state *cli) +{ + const char *dname = "\\torture_smb1_find_gmt_mask"; + const char *path = "\\torture_smb1_find_gmt_mask\\@GMT-2022.11.24-16.24.00"; + int fnum; + int n; + NTSTATUS status; + bool ret = true; + + smbcli_unlink(cli->tree, path); + smbcli_rmdir(cli->tree, dname); + + status = smbcli_mkdir(cli->tree, dname); + torture_assert_ntstatus_ok_goto(tctx, status, ret, done, + "smbcli_mkdir() failed\n"); + fnum = smbcli_open(cli->tree, path, O_RDWR | O_CREAT, DENY_NONE); + smbcli_close(cli->tree, fnum); + + /* Note: we don't set FLAGS2_REPARSE_PATH, so this is just a path */ + n = smbcli_list(cli->tree, path, 0, torture_smb1_find_gmt_mask_list_fn, cli); + torture_assert_int_equal_goto(tctx, n, 1, ret, done, "Wrong count\n"); + +done: + smbcli_unlink(cli->tree, path); + smbcli_rmdir(cli->tree, dname); + return ret; +} + NTSTATUS torture_base_init(TALLOC_CTX *ctx) { struct torture_suite *suite = torture_suite_create(ctx, "base"); @@ -2039,6 +2077,9 @@ NTSTATUS torture_base_init(TALLOC_CTX *ctx) torture_suite_add_1smb_test(suite, "smb1-twrp-openroot", torture_smb1_twrp_openroot); + torture_suite_add_1smb_test(suite, + "smb1-find-gmt-mask", + torture_smb1_find_gmt_mask); suite->description = talloc_strdup(suite, "Basic SMB tests (imported from the original smbtorture)"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression via ae6e76c082d lib/compression: Fix length check via 5aafff0aab3 s4:rpc_server/dnsserver: Zero-initialise pointers via cbe6fb38ec1 lib/tfork: Don't overwrite 'ret' in cleanup phase via 01bd234f6af lib/talloc: Zero-initialise chunk pointers from 8ee20346745 smbd: Use an idtree for local IDs https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d7bab36ad11eb4d67dcb6b12fc18d421074b9c5e Author: Joseph Sutton Date: Tue Dec 20 09:19:47 2022 +1300 tests/krb5: Use Python bindings for LZ77+Huffman compression We can now remove our existing decompression implementation in Python. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jan 10 21:18:01 UTC 2023 on sn-devel-184 commit ae6e76c082d476c260f156ab1eb2501320b8a65e Author: Joseph Sutton Date: Mon Jan 9 15:00:14 2023 +1300 lib/compression: Fix length check Put the division on the correct side of the inequality. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison commit 5aafff0aab3c284d2d5099e32c9064b741205ced Author: Joseph Sutton Date: Tue Jan 10 13:06:31 2023 +1300 s4:rpc_server/dnsserver: Zero-initialise pointers Ensuring pointers are always initialised simplifies the code and avoids compilation errors with FORTIFY_SOURCE=2. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison commit cbe6fb38ec13adbe06667f16241d61d4e2a80545 Author: Joseph Sutton Date: Tue Jan 10 13:06:25 2023 +1300 lib/tfork: Don't overwrite 'ret' in cleanup phase The cleanup phase of tfork_create() saves errno prior to calling functions that might modify it, with the intention of restoring it afterwards. However, the value of 'ret' is accidentally overwritten. It will always be equal to 0, and hence errno will not be restored. Fix this by introducing a new variable, ret2, for calling functions in the cleanup phase. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison commit 01bd234f6af37641017a00da0dec729928ad3060 Author: Joseph Sutton Date: Tue Jan 10 13:06:16 2023 +1300 lib/talloc: Zero-initialise chunk pointers Ensuring pointers are always initialised avoids compilation errors with FORTIFY_SOURCE=2. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison --- Summary of changes: lib/compression/pycompression.c | 2 +- lib/talloc/talloc.c | 12 +-- lib/util/tfork.c| 11 +- python/samba/tests/krb5/raw_testcase.py | 7 +- python/samba/tests/krb5/xpress.py | 128 source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 35 ++- 6 files changed, 23 insertions(+), 172 deletions(-) delete mode 100644 python/samba/tests/krb5/xpress.py Changeset truncated at 500 lines: diff --git a/lib/compression/pycompression.c b/lib/compression/pycompression.c index 00a207008fb..f67b0ddbe39 100644 --- a/lib/compression/pycompression.c +++ b/lib/compression/pycompression.c @@ -126,7 +126,7 @@ static PyObject *plain_decompress(PyObject *mod, PyObject *args) */ if (src_len <= 333) { alloc_len = 1000; - } else if (src_len / 3 >= UINT32_MAX) { + } else if (src_len > UINT32_MAX / 3) { alloc_len = UINT32_MAX; } else { alloc_len = src_len * 3; diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c index 0189fa03be0..41fa45bc99b 100644 --- a/lib/talloc/talloc.c +++ b/lib/talloc/talloc.c @@ -831,7 +831,7 @@ static inline void *__talloc(const void *context, static inline void *_talloc_pool(const void *context, size_t size) { - struct talloc_chunk *tc; + struct talloc_chunk *tc = NULL; struct talloc_pool_hdr *pool_hdr; void *result; @@ -977,7 +977,7 @@ static inline void _tc_set_name_const(struct talloc_chunk *tc, static inline void *_talloc_named_const(const void *context, size_t size, const char *name) { void *ptr; - struct talloc_chunk *tc; + struct talloc_chunk *tc = NULL; ptr = __talloc(context, size, ); if (unlikely(ptr == NULL)) { @@ -1537,7 +1537,7 @@ _PUBLIC_ void *talloc_named(const void *context, size_t size, const char *fmt, . va_list ap; void *ptr; const char *name; - struct talloc_chunk *tc; + struct talloc_chunk *tc = NULL; ptr = __talloc(context, size, ); if (unlikely(ptr == NULL)) re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8ee20346745 smbd: Use an idtree for local IDs via b73ecb28a7a lib: Remove idtree from samba_util.h via 743df9009b4 smbd: Simplify smbXsrv_open_set_replay_cache() with dbwrap_store_bystring() via bac265689ac smbd: Simplify smbXsrv_open_set_replay_cache() with a struct assignment via 43f041de656 lib: Add "starting_id" to idr_get_new_random() via a71288e86bd smbd: Remove smbXsrv_open->db_rec via fdca0558efa smbd: Remove a "can't happen" NULL check via 0c709cb6b70 smbd: Use talloc_tos() for pushing smbXsrv_open_globalB via 88191630d20 lib: Use tdb_data_dbg() where appropriate via 9d7c7357a41 lib: Add tdb_data_dbg() via ea7abdc1308 smbd: Avoid explicit ZERO_STRUCT() via db25f0a07cf smbd: Move bytes from r/w data to r/o text section via e0fc84668ba lib: Move 16 bytes to readonly .text segment via 14f761ec7dd lib: Remove unused smb_mkstemp prototype via 7ee474d9fd1 lib: Move tab_depth() to reg_parse_prs.c via 6907db5cf0a lib: Make map_share_mode_to_deny_mode() static to smbstatus via 158314e0b1d smbd: Make get_safe_[[SI]VAL|ptr] static to smb1_lanman.c from 56837f3d316 CVE-2022-38023 s3:rpc_server/netlogon: Avoid unnecessary loadparm_context allocations https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8ee203467455da0b9f774acbcc44e9b58570d811 Author: Volker Lendecke Date: Wed Jan 4 12:18:44 2023 +0100 smbd: Use an idtree for local IDs Volatile file handle IDs are purely per-process, in fact we used a dbwrap_rbt for this. To get a unique ID we however have the specialized idtree data structure, we don't need to repeat the allocation algorithm that already exists there. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jan 10 01:23:38 UTC 2023 on sn-devel-184 commit b73ecb28a7ac5996e1a8c455d15f41f59d9d8765 Author: Volker Lendecke Date: Thu Jan 5 10:04:23 2023 +0100 lib: Remove idtree from samba_util.h No need to recompile the world when only a few files need this. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 743df9009b4b9aa9d6f85a999fa9e5237f96f2b7 Author: Volker Lendecke Date: Wed Jan 4 12:34:43 2023 +0100 smbd: Simplify smbXsrv_open_set_replay_cache() with dbwrap_store_bystring() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit bac265689acd081c264013d680219078b1ef466d Author: Volker Lendecke Date: Wed Jan 4 12:31:26 2023 +0100 smbd: Simplify smbXsrv_open_set_replay_cache() with a struct assignment Use a direct struct assignment instead of a function call Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 43f041de6567bcb40a8e4564fce66ee08af6cc0b Author: Volker Lendecke Date: Wed Jan 4 11:43:59 2023 +0100 lib: Add "starting_id" to idr_get_new_random() To be used in smbXsrv_open.c, for this we need a lower bound. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit a71288e86bda43caf6feaff22a36942e6595a971 Author: Volker Lendecke Date: Wed Jan 4 11:29:51 2023 +0100 smbd: Remove smbXsrv_open->db_rec This was only referenced in smbXsrv_open_close, but it was never assigned anything but NULL. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit fdca0558efa7a22e98b851480509d2b7f11df2e0 Author: Volker Lendecke Date: Wed Jan 4 10:13:31 2023 +0100 smbd: Remove a "can't happen" NULL check This should really not happen, crashing would be the right response. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0c709cb6b70ed94b82a598bf3fb581ffb7c48200 Author: Volker Lendecke Date: Wed Jan 4 10:12:22 2023 +0100 smbd: Use talloc_tos() for pushing smbXsrv_open_globalB Use the toplevel talloc pool Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 88191630d2060ead9698c791e0d708d6e97ab83e Author: Volker Lendecke Date: Wed Jan 4 09:52:50 2023 +0100 lib: Use tdb_data_dbg() where appropriate This changes the talloc hierarchy for a few callers, but as talloc_tos() was initially designed exactly for this purpose (printing SIDs in DEBUG), it should be okay. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 9d7c7357a41389898311d0fb842968050a37 Author: Volker Lendecke Date: Wed Jan 4 09:40:06 2023 +0100 lib: Add tdb_data_dbg() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ea7abdc1308e8a718862539b595fe1b09bc43ed9 Author: Volker Lendecke Date: Wed Jan 4
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c515a5b2cc3 smbd: Make send_trans2_replies() static via 636daef0fef smbd: Hide the SMB1 posix symlink behaviour behind UCF_LCOMP_LNK_OK via 70b515be9c8 smbd: Simplify filename_convert_dirfsp_nosymlink() via aff8b4fde76 smbd: Simplify filename_convert_dirfsp_nosymlink() via 6e89a16df45 smbd: Reduce indentation in ucf_flags_from_smb_request() via b20e95fb0a5 smbd: Implement SET_REPARSE_POINT buffer size checks via f70b38321bf smbd: Rename "ctx" to the more common "mem_ctx" in reparse functions via 918a71f2a89 smbd: Print the file name in reparse point functions via 41249302a38 lib/compression: add simple python bindings from 9c707b4be27 s3:client: Fix a use-after-free issue in smbclient https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c515a5b2cc3f66b5d3c3fed5b2bdc70436bc80a9 Author: Volker Lendecke Date: Mon Dec 19 10:16:51 2022 +0100 smbd: Make send_trans2_replies() static Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Dec 22 20:46:53 UTC 2022 on sn-devel-184 commit 636daef0fef98d79161377aab78ca6c403cb71c3 Author: Volker Lendecke Date: Tue Dec 20 21:26:10 2022 +0100 smbd: Hide the SMB1 posix symlink behaviour behind UCF_LCOMP_LNK_OK This will be used in the future to also open symlinks as reparse points, so this won't be specific to only SMB1 posix extensions. I have tried to avoid additional flags for several weeks by making openat_pathref_fsp or other flavors of this to always open fsp's with symlink O_PATH opens, because I think NT_STATUS_OBJECT_NAME_NOT_FOUND with a valid stat is a really bad and racy way to express that we just hit a symlink, but I miserably failed. Adding additional flags (another one will follow) is wrong, but I don't see another way right now. Signed-off-by: Volker Lendecke commit 70b515be9c8fa5ff44cc2c2c1c9829f1591a371b Author: Volker Lendecke Date: Tue Dec 20 14:40:26 2022 +0100 smbd: Simplify filename_convert_dirfsp_nosymlink() Avoid a nested if, the "&&" is easier to understand for me. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit aff8b4fde761dc31dd5a0043ff18abec19db9c07 Author: Volker Lendecke Date: Tue Dec 20 14:38:02 2022 +0100 smbd: Simplify filename_convert_dirfsp_nosymlink() Factor out the symlink-case into a more obvious if-statement with less indentation. Review with git show -b Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6e89a16df45f208d9e72c1080d7dff176dd1abf3 Author: Volker Lendecke Date: Tue Dec 20 14:14:45 2022 +0100 smbd: Reduce indentation in ucf_flags_from_smb_request() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b20e95fb0a53e74891c043ebdb1375ce53831d91 Author: Volker Lendecke Date: Fri Dec 2 11:06:38 2022 +0100 smbd: Implement SET_REPARSE_POINT buffer size checks Partially survives samba.tests.reparsepoints.ReparsePoints.test_create_reparse NTTRANS-FSCTL needs changing: Windows 2016 returns INVALID_BUFFER_SIZE instead of our NOT_A_REPARSE_POINT. This is not the whole story, but this smbtorture3 change makes autobuild survive. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f70b38321bf3b9eb86fac99cfefe7927749c9821 Author: Volker Lendecke Date: Wed Dec 21 14:39:00 2022 +0100 smbd: Rename "ctx" to the more common "mem_ctx" in reparse functions Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 918a71f2a89b6ea4b323cb547ee91e9ce41a9810 Author: Volker Lendecke Date: Fri Dec 2 11:55:31 2022 +0100 smbd: Print the file name in reparse point functions Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 41249302a389e4e9c2c79a679d033d2331782f5b Author: Douglas Bagnall Date: Fri Nov 25 16:43:52 2022 +1300 lib/compression: add simple python bindings There are four functions, allowing compression and decompression in the two formats we support so far. The functions will accept bytes or unicode strings which are treated as utf-8. The LZ77+Huffman decompression algorithm requires an exact target length to decompress, so this is mandatory. The plain decompression algorithm does not need an exact length, but you can provide one to help it know how much space to allocate. As currently written, you can provide a short length and it will often succeed in decompressing to a different shorter string. These bindings are intended to make ad-hoc investigation easier, no
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 429bf5ce231 third_party: Update resolv_wrapper to version 1.1.8 from 6ec24883876 CI: add a test for wbinfo --change-secret-at=DC https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 429bf5ce231c417b678b576096b437d1bd58c348 Author: Andreas Schneider Date: Wed Dec 21 08:42:49 2022 +0100 third_party: Update resolv_wrapper to version 1.1.8 res_randomid() is marked as deprecated in newer glibc. Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 21 21:28:42 UTC 2022 on sn-devel-184 --- Summary of changes: buildtools/wafsamba/samba_third_party.py| 2 +- third_party/resolv_wrapper/resolv_wrapper.c | 4 +++- third_party/resolv_wrapper/wscript | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_third_party.py b/buildtools/wafsamba/samba_third_party.py index d98c0eeb18e..b0a5190bbb2 100644 --- a/buildtools/wafsamba/samba_third_party.py +++ b/buildtools/wafsamba/samba_third_party.py @@ -34,7 +34,7 @@ Build.BuildContext.CHECK_NSS_WRAPPER = CHECK_NSS_WRAPPER @conf def CHECK_RESOLV_WRAPPER(conf): -return conf.CHECK_BUNDLED_SYSTEM_PKG('resolv_wrapper', minversion='1.1.7') +return conf.CHECK_BUNDLED_SYSTEM_PKG('resolv_wrapper', minversion='1.1.8') Build.BuildContext.CHECK_RESOLV_WRAPPER = CHECK_RESOLV_WRAPPER @conf diff --git a/third_party/resolv_wrapper/resolv_wrapper.c b/third_party/resolv_wrapper/resolv_wrapper.c index b69a55a80e0..899f4ccc7a9 100644 --- a/third_party/resolv_wrapper/resolv_wrapper.c +++ b/third_party/resolv_wrapper/resolv_wrapper.c @@ -434,6 +434,8 @@ static int rwrap_create_fake_ptr_rr(const char *key, return 0; } +#define rwrap_randomid() 0x & getpid() + /* Prepares a fake header with a single response. Advances header_blob */ static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining, size_t ancount, size_t arcount) @@ -451,7 +453,7 @@ static ssize_t rwrap_fake_header(uint8_t **header_blob, size_t remaining, h.blob = *header_blob; memset(h.blob, 0, NS_HFIXEDSZ); - h.header->id = res_randomid(); /* random query ID */ + h.header->id = rwrap_randomid();/* random query ID */ h.header->qr = 1; /* response flag */ h.header->rd = 1; /* recursion desired */ h.header->ra = 1; /* recursion available */ diff --git a/third_party/resolv_wrapper/wscript b/third_party/resolv_wrapper/wscript index 7e369bd90b5..9aa06bc1508 100644 --- a/third_party/resolv_wrapper/wscript +++ b/third_party/resolv_wrapper/wscript @@ -3,7 +3,7 @@ import os from waflib import Logs -VERSION="1.1.7" +VERSION="1.1.8" def configure(conf): if conf.CHECK_RESOLV_WRAPPER(): -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6ec24883876 CI: add a test for wbinfo --change-secret-at=DC via b907013053a CI: join ad_member_s3_join to vampire_dc via 52cdf1d93a2 wbinfo: Add --change-secret-at=dcname via 682216aa29e libwbclient: add wbc[Ctx]ChangeTrustCredentialsAt() via eb1d1f19a23 winbindd: add dcname arg to ChangeMachineAccount request via 4a74748d329 winbindd: Add force_dc to bypass cached connection and DC lookup via 0fcf00121af winbindd: More simplification of cm_open_connection() via 7315c5f4a5d winbindd: simplify cm_open_connection() via ccb6b75482c winbindd: simplify find_new_dc() via 2e496efe8c2 winbindd: do an early exit in cm_open_connection() from 94b70d1ed92 gp: Don't hide managed/recommended directories https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6ec2488387635b61a5c1559240019df3a5052850 Author: Ralph Boehme Date: Wed Nov 23 14:14:45 2022 +0100 CI: add a test for wbinfo --change-secret-at=DC Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 21 20:05:59 UTC 2022 on sn-devel-184 commit b907013053a4fc68a8fd55c72ea382b4d5ef Author: Ralph Boehme Date: Wed Nov 23 14:10:36 2022 +0100 CI: join ad_member_s3_join to vampire_dc Currently ad_member_s3_join is only used for testing samba-tool join and that'll work just fine being joined to vampire_dc instead of ad_dc. vampire_dc is an additional DC in the SAMBADOMAIN "started" by ad_dc_ntvfs, so by joining ad_member_s3_join to the SAMBADOMAIN, it is member of a domain with more then one DC. Subsequently I'll add a test that needs such an environment. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 52cdf1d93a24a6e5cbdf4e23a28e05971ea5adc3 Author: Ralph Boehme Date: Tue Nov 22 14:40:07 2022 +0100 wbinfo: Add --change-secret-at=dcname Add WHATSNEW.txt entry and update wbinfo man page. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 682216aa29eda70885c7756927ebfbe88d655aa4 Author: Ralph Boehme Date: Tue Nov 22 12:00:14 2022 +0100 libwbclient: add wbc[Ctx]ChangeTrustCredentialsAt() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit eb1d1f19a23807c9951dd178b93f3cfd94f68146 Author: Ralph Boehme Date: Tue Nov 22 16:09:34 2022 +0100 winbindd: add dcname arg to ChangeMachineAccount request Existing callers will pass an empty string, later a new caller will pass an explicit DC name taken from the wbinfo command line. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 4a74748d329083e3e31201ecaf49f1fb1f2721c8 Author: Ralph Boehme Date: Tue Nov 22 14:23:21 2022 +0100 winbindd: Add force_dc to bypass cached connection and DC lookup Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 0fcf00121afd0d67c3e0eee11f8490c32e2f58a7 Author: Ralph Boehme Date: Thu Nov 24 12:17:32 2022 +0100 winbindd: More simplification of cm_open_connection() This basically moves the functionality to connect the socket to the currently preferred DC to a new helper function connect_preferred_dc() that is called from the renamed function find_new_dc(). find_dc() now either returns a connected to the preferred DC or a new DC until all possible DCs are exhausted and cm_open_connection() can just call find_dc() to get a connected socket and pass it to cm_prepare_connection(). While at it reorder the args of find_dc() and make the only real out arg "fd" the last one. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 7315c5f4a5dd08216885f4a7588f57753de6038d Author: Ralph Boehme Date: Thu Nov 24 15:18:23 2022 +0100 winbindd: simplify cm_open_connection() Simplify to retry logic: if cm_prepare_connection() succeeded just exit the retry loop, only if it failed check the "retry" variable. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit ccb6b75482c80572862ca7a189bfe26565f23b45 Author: Ralph Boehme Date: Thu Nov 24 12:15:13 2022 +0100 winbindd: simplify find_new_dc() Remove the dcname and pss args from find_new_dc(). The caller passes in the domain anyway, so let's fill in domain->dcname and domain->dcaddr directly. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 2e496efe8c29dc0342ddd09cb61e253132fe17f9 Author: Ralph Boehme Date: Thu Nov 24 11:54:14 2022 +0100 winbindd: do an early exit in cm_open_connection() Best viewed with git show -w. No change in behaviour. Signed-off-by: Ralph Boe
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 94b70d1ed92 gp: Don't hide managed/recommended directories via 0a1778cde01 gp: Ensure rsop is tested for every CSE via c435c105c51 gp: Fix rsop when final value isn't a str via 74598eeef72 gp: Enable gpupdate output when testing via 6710c50f540 gp: Ensure policy changes don't leave files behind via e6156b13502 gp: Re-create files if manually removed via d170d8cfbb4 gp: Test that files are re-created if manually removed via 5037d402a54 gp: Modify Chromium CSE to use new files applier via f36542b50c7 gp: Modify Cert Auto Enroll CSE to use new applier via acdc7fbe898 gp: Modify Centrify Crontab compatible CSE to use new files applier via f20ca1a7db2 gp: Modify Startup Scripts CSE to use new files applier via fb512e06803 gp: Modify GNOME Settings CSE to use new files applier via f3e24a325ea gp: Modify Machine Scripts CSE to use new files applier via 64f4930dc0d gp: Modify Files CSE to use new files applier via 2953329ba07 gp: Modify Sudoers CSEs to use new files applier via 81dbcae9dfb gp: Modify OpenSSH CSE to use new files applier via 50f4c3d44e1 gp: Modify PAM Access CSE to use new files applier via 3f7105894c1 gp: Modify Symlink CSE to use new files applier via 5715281918f gp: Implement appliers for monitoring policy changes from 5b19288949e s3:params:lp_do_section - protect against NULL deref https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 94b70d1ed92a6fac4a679ccc959c63c49d918349 Author: David Mulder Date: Mon Dec 12 10:05:16 2022 -0700 gp: Don't hide managed/recommended directories Making these variables hidden prevents the parent class gp_chromium_ext from reading them when subclassed in gp_chrome_ext. This caused the chrome policies to be installed in the chromium directories. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 21 03:05:46 UTC 2022 on sn-devel-184 commit 0a1778cde011fecb000f5b7e6f43920f5ab59da0 Author: David Mulder Date: Fri Dec 9 10:31:49 2022 -0700 gp: Ensure rsop is tested for every CSE A bug cropped up in the rsop that was causing a crash because this wasn't being tested. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit c435c105c511bd984b6d1bda3964100ad5ec2c31 Author: David Mulder Date: Fri Dec 9 09:40:34 2022 -0700 gp: Fix rsop when final value isn't a str The output must be a string value, or it will crash. Chromium policies output integers, which was causing the parser to crash. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 74598eeef72e6b260393df7451c957d7fde1f59a Author: David Mulder Date: Thu Dec 8 15:15:15 2022 -0700 gp: Enable gpupdate output when testing Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 6710c50f54025d8174aacd17515d58ff50e6d28a Author: David Mulder Date: Wed Dec 7 10:17:38 2022 -0700 gp: Ensure policy changes don't leave files behind This test exercises the gp_file_applier and ensures that when a policy is modified, no old policy is left behind. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit e6156b135021db5a6335bb8779acefff2f6a0bd3 Author: David Mulder Date: Wed Dec 7 09:51:12 2022 -0700 gp: Re-create files if manually removed Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit d170d8cfbb4571af8b66f1dcd7355a598b0abd1f Author: David Mulder Date: Wed Dec 7 09:49:53 2022 -0700 gp: Test that files are re-created if manually removed Currently applied files which are manually removed do not get re-applied. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 5037d402a54a0010382cc7825e6fba4322ba18b4 Author: David Mulder Date: Tue Dec 6 11:12:34 2022 -0700 gp: Modify Chromium CSE to use new files applier Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit f36542b50c70de74144b9e2e94e91944e8536421 Author: David Mulder Date: Tue Dec 6 08:56:24 2022 -0700 gp: Modify Cert Auto Enroll CSE to use new applier Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit acdc7fbe8985a16d41075b72f54a96f217c3f884 Author: David Mulder Date: Mon Dec 5 10:41:27 2022 -0700 gp: Modify Centrify Crontab compatible CSE to use new files applier Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit f20ca1a7db29ec2ccf3ef5de58a578aa7dfc4964 Author: David Mulder Date: Fri Dec 2 15:42:58 2022 -0700 gp: Modify Startup Scripts CSE to use new files applier Signed-off-by: David Mulder
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5b19288949e s3:params:lp_do_section - protect against NULL deref from 57ff5a33e9f s4:torture: Fix stack variable used out of scope in test_devicemode_full() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5b19288949e97a5af742ff2719992d56f21e364a Author: Andrew Walker Date: Mon Dec 19 08:17:47 2022 -0500 s3:params:lp_do_section - protect against NULL deref iServiceIndex may indicate an empty slot in the ServicePtrs array. In this case, lpcfg_serivce_ok(ServicePtrs[iServiceIndex]) may trigger a NULL deref and crash. Skipping the check here will cause a scan of the array in add_a_service() and the NULL slot will be used safely. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15267 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 20 18:49:54 UTC 2022 on sn-devel-184 --- Summary of changes: source3/param/loadparm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index ad24ae7e9e7..56a8bc2d28b 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -2886,7 +2886,7 @@ bool lp_do_section(const char *pszSectionName, void *userdata) /* if we have a current service, tidy it up before moving on */ bRetval = true; - if (iServiceIndex >= 0) + if ((iServiceIndex >= 0) && (ServicePtrs[iServiceIndex] != NULL)) bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]); /* if all is still well, move to the next record in the services array */ -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 57ff5a33e9f s4:torture: Fix stack variable used out of scope in test_devicemode_full() via e3c9bea002d s4:torture: Pass the dcerpc struct 's' for SetPrinter down to the macro via 34ae731b89f s4:torture: Pass the dcerpc struct 'q' for GetPrinter down to the macro via 0dc5f807690 s4:torture: Fix stack variable used out of scope in test_devmode_set_level() from 5c25e262e7d tests: add a Python test for case insensitive access https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 57ff5a33e9f4f1ff9677e44e75005e713b0a5607 Author: Andreas Schneider Date: Fri Dec 2 09:44:58 2022 +0100 s4:torture: Fix stack variable used out of scope in test_devicemode_full() ==17828==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7ffc37790230 at pc 0x7fc37e2a3a11 bp 0x7ffc3778fec0 sp 0x7ffc3778feb8 READ of size 16 at 0x7ffc37790230 thread T0 #0 0x7fc37e2a3a10 in ndr_push_spoolss_GetPrinter librpc/gen_ndr/ndr_spoolss.c:27123 #1 0x7fc380629b30 in dcerpc_binding_handle_call_send ../../librpc/rpc/binding_handle.c:416 #2 0x7fc38062a132 in dcerpc_binding_handle_call ../../librpc/rpc/binding_handle.c:553 #3 0x7fc37ed113c9 in dcerpc_spoolss_GetPrinter_r librpc/gen_ndr/ndr_spoolss_c.c:1947 #4 0x5570ba6c4d03 in test_devicemode_full ../../source4/torture/rpc/spoolss.c:2249 #5 0x5570ba6e61ea in test_PrinterInfo_DevModes ../../source4/torture/rpc/spoolss.c:2384 #6 0x5570ba6e61ea in test_PrinterInfo_DevMode ../../source4/torture/rpc/spoolss.c:2488 #7 0x5570ba6e61ea in test_printer_dm ../../source4/torture/rpc/spoolss.c:9082 #8 0x7fc37fc7b67d in wrap_test_with_simple_test ../../lib/torture/torture.c:808 #9 0x7fc37fc7d40b in internal_torture_run_test ../../lib/torture/torture.c:516 #10 0x7fc37fc7d87c in torture_run_tcase_restricted ../../lib/torture/torture.c:581 #11 0x7fc37fc7deb2 in torture_run_suite_restricted ../../lib/torture/torture.c:435 #12 0x5570ba89a65d in run_matching ../../source4/torture/smbtorture.c:95 #13 0x5570ba89a6e4 in run_matching ../../source4/torture/smbtorture.c:105 #14 0x5570ba89a6e4 in run_matching ../../source4/torture/smbtorture.c:105 #15 0x5570ba89b3e4 in torture_run_named_tests ../../source4/torture/smbtorture.c:172 #16 0x5570ba89f3e0 in main ../../source4/torture/smbtorture.c:750 #17 0x7fc37c62c5af in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 #18 0x7fc37c62c678 in __libc_start_main_impl ../csu/libc-start.c:381 #19 0x5570ba49e824 in _start ../sysdeps/x86_64/start.S:115 Address 0x7ffc37790230 is located in stack of thread T0 at offset 160 in frame #0 0x5570ba6c4562 in test_devicemode_full ../../source4/torture/rpc/spoolss.c:2186 Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 20 06:55:45 UTC 2022 on sn-devel-184 commit e3c9bea002d6ea94bcd4dd37670f07f7e4098aff Author: Andreas Schneider Date: Fri Dec 2 10:44:16 2022 +0100 s4:torture: Pass the dcerpc struct 's' for SetPrinter down to the macro Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 34ae731b89f79998b6f3c21965d35b41e4e513da Author: Andreas Schneider Date: Fri Dec 2 09:44:58 2022 +0100 s4:torture: Pass the dcerpc struct 'q' for GetPrinter down to the macro Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 0dc5f807690baae002f5c35c920663cc6c3617e0 Author: Andreas Schneider Date: Thu Dec 1 10:32:00 2022 +0100 s4:torture: Fix stack variable used out of scope in test_devmode_set_level() ==12122==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fff494dd900 at pc 0x7fdaebea71e3 bp 0x7fff494dd430 sp 0x7fff494dd428 READ of size 4 at 0x7fff494dd900 thread T0 #0 0x7fdaebea71e2 in ndr_push_spoolss_SetPrinterInfo8 librpc/gen_ndr/ndr_spoolss.c:8618 #1 0x7fdaebea71e2 in ndr_push_spoolss_SetPrinterInfo librpc/gen_ndr/ndr_spoolss.c:8796 #2 0x7fdaebea7482 in ndr_push_spoolss_SetPrinterInfoCtr librpc/gen_ndr/ndr_spoolss.c:9163 #3 0x7fdaebea7580 in ndr_push_spoolss_SetPrinter librpc/gen_ndr/ndr_spoolss.c:27000 #4 0x7fdaee3e1b30 in dcerpc_binding_handle_call_send ../../librpc/rpc/binding_handle.c:416 #5 0x7fdaee3e2132 in dcerpc_binding_handle_call ../../librpc/rpc/binding_handle.c:553 #6 0x7fdaecb103fd in dcerpc_spoolss_SetPrinter_r librpc/gen_ndr/ndr_spoolss_c.c:1722 #7 0x559a7294c2f1 in test_SetPrinter ../../source4/torture/rpc/spoolss.c:1293 #8 0x559a7297b4d4 in test_devmode_set_level ../../source4/torture/rpc/spoolss.c:2126 #9 0x559a7299cfa1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5c25e262e7d tests: add a Python test for case insensitive access from 44a44005a6b compression/huffman: debug function bails upon disaster (CID 1517261) https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5c25e262e7dce3b40c9c4982444ce965a139b490 Author: Ralph Boehme Date: Fri Dec 16 10:43:11 2022 +0100 tests: add a Python test for case insensitive access Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 20 01:32:07 UTC 2022 on sn-devel-184 --- Summary of changes: python/samba/tests/libsmb-basic.py | 52 ++ 1 file changed, 52 insertions(+) Changeset truncated at 500 lines: diff --git a/python/samba/tests/libsmb-basic.py b/python/samba/tests/libsmb-basic.py index 36566436e87..61a25a8c682 100644 --- a/python/samba/tests/libsmb-basic.py +++ b/python/samba/tests/libsmb-basic.py @@ -141,6 +141,58 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests): self.assertEqual(len(cc[0][1]),8) c.close(fnum) +def test_libsmb_TortureCaseSensitivity(self): +testdir = "test_libsmb_torture_case_sensitivity" +filename = "file" +filepath = testdir + "/" + filename + +c = libsmb.Conn(self.server_ip, "tmp", self.lp, self.creds) + +try: +c.deltree(testdir) +except: +pass + +c.mkdir(testdir) + +try: +# Now check for all possible upper-/lowercase combinations: +# - testdir/file +# - TESTDIR/file +# - testdir/FILE +# - TESTDIR/FILE + +dircases = [testdir, testdir, testdir.upper(), testdir.upper()] +filecases = [filename, filename.upper(), filename, filename.upper()] +tcases = [{'dir':dir, 'file':file} for dir,file in zip(dircases,filecases)] + +for tcase in tcases: +testpath = tcase['dir'] + "/" + tcase['file'] + +# Create the testfile +h = c.create(filepath, + DesiredAccess=security.SEC_FILE_ALL, + CreateDisposition=libsmb.FILE_OPEN_IF) +c.close(h) + +# Open +c.loadfile(testpath) + +# Search +ls = [f['name'] for f in c.list(tcase['dir'], mask=tcase['file'])] +self.assertIn(filename, ls, msg='When searching for "%s" not found in "%s"' % (tcase['file'], tcase['dir'])) + +# Rename +c.rename(testpath, tcase['dir'] + "/tmp") +c.rename(tcase['dir'] + "/TMP", filepath) +c.loadfile(testpath) + +# Delete +c.unlink(testpath) + +finally: +c.deltree(testdir) + if __name__ == "__main__": import unittest unittest.main() -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 44a44005a6b compression/huffman: debug function bails upon disaster (CID 1517261) via 628f14c1497 compression/huffman: double check distance in matches (CID 1517278) via 6b4d94c9877 compression: fix sign extension of long matches (CID 1517275) via baba440ffaa compression tests: avoid div by zero in failure (CID 1517297) via b99e0e9301d compression/tests: calm the static analysts (CID: numerous) via d6a67908e13 compression/huffman: check again for invalid codes (CID 1517302) via 27af27f9018 compression/huffman: tighten bit_len checks (fix SUSE -O3 build) via e7489be7be4 fuzz: fix lzxpress plain round-trip fuzzer via 6f77b376d47 compression/huffman: avoid semi-defined behaviour in decompress from 80c0b416892 rpc_server:srvsvc - retrieve share ACL via root context https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 44a44005a6b3222c599d4757d60af924b9cea459 Author: Douglas Bagnall Date: Wed Dec 7 09:27:00 2022 +1300 compression/huffman: debug function bails upon disaster (CID 1517261) We shouldn't get a node with a zero code, and there's probably nothing to do but stop. CID 1517261 (#1-2 of 2): Bad bit shift operation (BAD_SHIFT)11. negative_shift: In expression j >> offset - k, shifting by a negative amount has undefined behavior. The shift amount, offset - k, is -3. Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Dec 19 23:29:04 UTC 2022 on sn-devel-184 commit 628f14c149772dc4277c004018b8f02420fa3997 Author: Douglas Bagnall Date: Wed Dec 7 09:17:17 2022 +1300 compression/huffman: double check distance in matches (CID 1517278) Because we just wrote the intermediate representation to have no zero distances, we can be sure it doesn't, but Coverity doesn't know. If distance is zero, `bitlen_nonzero_16(distance)` would be bad. CID 1517278 (#1 of 1): Bad bit shift operation (BAD_SHIFT)41. large_shift: In expression 1 << code_dist, left shifting by more than 31 bits has undefined behavior. The shift amount, code_dist, is 65535. Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison commit 6b4d94c9877ec59081b9da946c00fa2647cad928 Author: Douglas Bagnall Date: Wed Dec 7 09:08:11 2022 +1300 compression: fix sign extension of long matches (CID 1517275) Very long matches would be written instead as very very long matches. We can't in fact hit this because we have a MAX_MATCH_LENGTH defined as 64M, but if we could, it might make certain 2GB+ strings impossible to compress. CID 1517275 (#1 of 1): Unintended sign extension (SIGN_EXTENSION)sign_extension: Suspicious implicit sign extension: intermediate[i + 2UL] with type uint16_t (16 bits, unsigned) is promoted in intermediate[i + 2UL] << 16 to type int (32 bits, signed), then sign-extended to type unsigned long (64 bits, unsigned). If intermediate[i + 2UL] << 16 is greater than 0x7FFF, the upper bits of the result will all be 1. Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison commit baba440ffaaf849e14e31862649767227e8c6432 Author: Douglas Bagnall Date: Tue Dec 6 11:28:58 2022 +1300 compression tests: avoid div by zero in failure (CID 1517297) Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison commit b99e0e9301d14574ed24181ce300ea61558d4d02 Author: Douglas Bagnall Date: Tue Dec 6 11:26:47 2022 +1300 compression/tests: calm the static analysts (CID: numerous) None of our test vectors are 18446744073709551615 bytes long, which means we can know an `expected_length == returned_length` check will catch the case where the compression function returns -1 for error. We know that, but Coverity doesn't. It's the same thing over and over again, in two different patterns: >>> CID 1517301: Memory - corruptions (OVERRUN) >>> Calling "memcmp" with "original.data" and "original.length" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. 393 if (original.length != decomp_written || 394 memcmp(decompressed.data, 395original.data, 396original.length) != 0) { 397 debug_message("\033[1;31mgot %zd, expected %zu\033[0m\n", 398 decomp_written, *** CID 1517299: Memory - corruptions (OVERRUN) /lib/compression/tests/test_lzxpress_
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 80c0b416892 rpc_server:srvsvc - retrieve share ACL via root context from 87fddbad78d smbd/locking: make use of the same tdb hash_size and flags for all SMB related tdb's https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 80c0b416892bfacc0d919fe032461748d7962f05 Author: Andrew Date: Fri Dec 16 08:16:10 2022 -0800 rpc_server:srvsvc - retrieve share ACL via root context share_info.tdb has permissions of 0o600 and so we need to become_root() prior to retrieving the security info. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15265 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Dec 19 20:41:15 UTC 2022 on sn-devel-184 --- Summary of changes: source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index ed262a8cd0d..8a0c63fd50e 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -542,6 +542,7 @@ static bool is_hidden_share(int snum) static bool is_enumeration_allowed(struct pipes_struct *p, int snum) { + bool allowed; struct dcesrv_call_state *dce_call = p->dce_call; struct auth_session_info *session_info = dcesrv_call_session_info(dce_call); @@ -558,9 +559,19 @@ static bool is_enumeration_allowed(struct pipes_struct *p, return false; } - return share_access_check(session_info->security_token, - lp_servicename(talloc_tos(), lp_sub, snum), - FILE_READ_DATA, NULL); + + /* +* share_access_check() must be opened as root +* because it ultimately gets a R/W db handle on share_info.tdb +* which has 0o600 permissions +*/ + become_root(); + allowed = share_access_check(session_info->security_token, +lp_servicename(talloc_tos(), lp_sub, snum), +FILE_READ_DATA, NULL); + unbecome_root(); + + return allowed; } / -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 07617a344e1 s4-auth: fix sam test binary ntstatus include path via f7cc00f7308 s3-librpc: use nbt_server_type in ads.idl via 39e8489dfc5 s3-librpc: add ads.idl and convert ads_struct to talloc. from 89828c64c9a libsmb: Simplify clistr_is_previous_version_path() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 07617a344e1a6864401ace0b42083985131c480f Author: Günther Deschner Date: Wed Nov 9 16:21:16 2022 +0100 s4-auth: fix sam test binary ntstatus include path Guenther Signed-off-by: Guenther Deschner Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Dec 16 21:35:45 UTC 2022 on sn-devel-184 commit f7cc00f7308a1476579151778ad4254c9debbab2 Author: Günther Deschner Date: Thu Aug 18 16:35:29 2016 +0200 s3-librpc: use nbt_server_type in ads.idl Guenther Signed-off-by: Guenther Deschner Reviewed-by: Jeremy Allison commit 39e8489dfc51b2293afa13d58b167819b46918dc Author: Günther Deschner Date: Wed Aug 17 11:58:02 2016 +0200 s3-librpc: add ads.idl and convert ads_struct to talloc. Guenther Signed-off-by: Guenther Deschner Reviewed-by: Jeremy Allison --- Summary of changes: lib/param/loadparm.h | 11 -- lib/param/param_table.c| 1 + libgpo/pygpo.c | 6 +- source3/include/ads.h | 90 +- source3/lib/netapi/joindomain.c| 4 +- source3/libads/ads_proto.h | 5 - source3/libads/ldap.c | 17 +-- source3/libads/ndr.c | 97 --- source3/libads/sasl_wrapping.c | 4 +- source3/libnet/libnet_join.c | 10 +- source3/librpc/idl/ads.idl | 130 + source3/librpc/idl/libnet_join.idl | 5 +- source3/librpc/idl/wscript_build | 9 ++ .../ndr/ndr_rap.c => source3/librpc/ndr/ndr_ads.c | 14 ++- source3/librpc/wscript_build | 7 +- source3/param/loadparm.c | 1 + source3/printing/nt_printing_ads.c | 6 +- source3/utils/net_ads.c| 6 +- source3/winbindd/idmap_ad.c| 1 + source3/winbindd/winbindd_ads.c| 4 +- source3/wscript_build | 2 +- source4/auth/tests/sam.c | 2 +- source4/libcli/ldap/ldap_bind.c| 1 + source4/librpc/wscript_build | 1 + 24 files changed, 197 insertions(+), 237 deletions(-) delete mode 100644 source3/libads/ndr.c create mode 100644 source3/librpc/idl/ads.idl copy librpc/ndr/ndr_rap.c => source3/librpc/ndr/ndr_ads.c (64%) Changeset truncated at 500 lines: diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h index b1641ba88d2..98263f0e62b 100644 --- a/lib/param/loadparm.h +++ b/lib/param/loadparm.h @@ -203,17 +203,6 @@ enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX, -/* ads auth control flags */ -#define ADS_AUTH_DISABLE_KERBEROS 0x0001 -#define ADS_AUTH_NO_BIND 0x0002 -#define ADS_AUTH_ANON_BIND0x0004 -#define ADS_AUTH_SIMPLE_BIND 0x0008 -#define ADS_AUTH_ALLOW_NTLMSSP0x0010 -#define ADS_AUTH_SASL_SIGN0x0020 -#define ADS_AUTH_SASL_SEAL0x0040 -#define ADS_AUTH_SASL_FORCE 0x0080 -#define ADS_AUTH_USER_CREDS 0x0100 - enum ldap_server_require_strong_auth { LDAP_SERVER_REQUIRE_STRONG_AUTH_NO, LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS, diff --git a/lib/param/param_table.c b/lib/param/param_table.c index 3ffa4bcc411..cd6e3403a4c 100644 --- a/lib/param/param_table.c +++ b/lib/param/param_table.c @@ -36,6 +36,7 @@ #include "libds/common/roles.h" #include "source4/lib/tls/tls.h" #include "auth/credentials/credentials.h" +#include "source3/librpc/gen_ndr/ads.h" #ifndef N_ #define N_(x) x diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c index 485c96f4f2d..3070e0a6394 100644 --- a/libgpo/pygpo.c +++ b/libgpo/pygpo.c @@ -229,9 +229,9 @@ static PyObject* py_ads_connect(ADS *self, PyErr_SetString(PyExc_RuntimeError, "Uninitialized"); return NULL; } - TALLOC_FREE(self->ads_ptr->auth.user_name); - TALLOC_FREE(self->ads_ptr->auth.password); - TALLOC_FREE(self->ads_ptr->auth.realm); + ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.user_name); + ADS_TALLOC_CONST_FREE(self-&
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ddbb8f1999e lib: Move 448 bytes from R/W data segment to R/O text via c5bc9f732fe lib: Avoid an includes.h via 148b86b2ce0 lib: Align an integer type via bb94ec26557 tdb: Move 160 bytes from R/W data segment to R/O text via e2ccd822037 smbd: Remove a pointless NULL check from readlink_talloc() via 88848bc0732 smbd: Use direct struct initialization, avoid explicit ZERO_STRUCT() via c26f7fcc625 smbd: Fix a debug message via 7fcbae4e494 libsmb: Don't mess up pathnames in cli_smb2_create_fnum_send() from 17bbd6ec4c2 smbd: Add "posix" flag to openat_pathref_dirfsp_nosymlink() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ddbb8f1999e9e949e3ef0db7cef94115feeb8148 Author: Volker Lendecke Date: Mon Dec 12 21:20:07 2022 +0100 lib: Move 448 bytes from R/W data segment to R/O text The linker has to relocate the pointers in the array at startup, save that. I know we have bigger .data blobs, but every bit counts :-) Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Dec 15 22:51:06 UTC 2022 on sn-devel-184 commit c5bc9f732fe45bc3a8099f57a1e771cda0036154 Author: Volker Lendecke Date: Mon Dec 12 21:02:29 2022 +0100 lib: Avoid an includes.h Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 148b86b2ce0a844a8d497c227d998371fc72c339 Author: Volker Lendecke Date: Mon Dec 12 21:02:17 2022 +0100 lib: Align an integer type Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit bb94ec26557f3d254ce3391d83c200ac3a05abdd Author: Volker Lendecke Date: Mon Dec 12 21:20:07 2022 +0100 tdb: Move 160 bytes from R/W data segment to R/O text The linker has to relocate the pointers in the array at startup, save that. I know we have bigger .data blobs, but every bit counts :-) Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e2ccd822037ac14cdedd971fde3a315922c0d135 Author: Volker Lendecke Date: Mon Dec 5 11:51:28 2022 +0100 smbd: Remove a pointless NULL check from readlink_talloc() We should never call this without the place to put the target in. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 88848bc07325cec651a57443f5998a411403774a Author: Volker Lendecke Date: Fri Dec 2 12:05:14 2022 +0100 smbd: Use direct struct initialization, avoid explicit ZERO_STRUCT() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c26f7fcc625a365cf943151437953d3dbb0d1159 Author: Volker Lendecke Date: Mon Dec 5 16:33:37 2022 +0100 smbd: Fix a debug message This used to be openat_pathref_nostream() at some point back Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7fcbae4e4940c8d89717c4fa4199d57d69c1d3a4 Author: Volker Lendecke Date: Thu Dec 15 19:06:20 2022 +0100 libsmb: Don't mess up pathnames in cli_smb2_create_fnum_send() Master-only bug introduced with dd9cdfb3b14: smb2_dfs_share_path() can change the length of fname, and if it happens that the original length hits a \ in the enlarged filename, we cut it off. Found by accident, this really made me scratch my head when looking at traces :-) Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: lib/tdb/common/error.c | 53 ++-- libds/common/flag_mapping.c| 140 - source3/libsmb/cli_smb2_fnum.c | 1 + source3/smbd/dosmode.c | 7 +-- source3/smbd/files.c | 6 +- 5 files changed, 134 insertions(+), 73 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tdb/common/error.c b/lib/tdb/common/error.c index 478eb887ffd..c3ef8bd1438 100644 --- a/lib/tdb/common/error.c +++ b/lib/tdb/common/error.c @@ -32,26 +32,43 @@ _PUBLIC_ enum TDB_ERROR tdb_error(struct tdb_context *tdb) return tdb->ecode; } -static struct tdb_errname { - enum TDB_ERROR ecode; const char *estring; -} emap[] = { {TDB_SUCCESS, "Success"}, -{TDB_ERR_CORRUPT, "Corrupt database"}, -{TDB_ERR_IO, "IO Error"}, -{TDB_ERR_LOCK, "Locking error"}, -{TDB_ERR_OOM, "Out of memory"}, -{TDB_ERR_EXISTS, "Record exists"}, -{TDB_ERR_NOLOCK, "Lock exists on other keys"}, -{TDB_ERR_EINVAL, "Invalid parameter"}, -{TDB_ERR_NOEXIST, "Record does not exist"}, -{TDB_ERR_RDONLY, "write not permitted&
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 897f08f7a03 testprogs: Use new kerberos options for samba-tool in test_kpasswd_mit.sh via bc5e8ba9f3a testprogs: Use new kerberos options for samba-tool in test_export_keytab_mit.sh via 773659baaff testprogs: Use new kerberos options for ldb and samba-tool in test_kinit_mit.sh via ecfa4e190a6 gp: Fix GNOME Settings writing unreadable user profile via 194f6661d66 gp: Fix Firewalld RSoP output skipping Zones via c12518a9b62 smbd: Remove source3/smbd/statcache.c via d04db4a5769 vfs: Fix whitespace via b94fd4229d7 smbd: Slightly simplify set_current_case_sensitive() via d48481118bc smbd: Slightly simplify set_current_case_sensitive() via 49fdf8f9ec9 smbd: Make set_current_case_sensitive() static from eb5df255fae s4:libnet: correctly handle gnutls_pbkdf2() errors https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 897f08f7a039a1ca837eb5054ca7d8ba9a6e747e Author: Andreas Schneider Date: Mon Dec 5 11:03:25 2022 +0100 testprogs: Use new kerberos options for samba-tool in test_kpasswd_mit.sh Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 14 23:56:50 UTC 2022 on sn-devel-184 commit bc5e8ba9f3aa67cff5d0420f8422b8f4765789b6 Author: Andreas Schneider Date: Mon Dec 5 08:40:08 2022 +0100 testprogs: Use new kerberos options for samba-tool in test_export_keytab_mit.sh Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 773659baaffd7530f3aaa2fca947709b57ad7cea Author: Andreas Schneider Date: Sat Dec 3 20:56:08 2022 +0100 testprogs: Use new kerberos options for ldb and samba-tool in test_kinit_mit.sh Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit ecfa4e190a6d48db4e7b514c9011aa139a5b2ac4 Author: David Mulder Date: Wed Dec 14 14:24:24 2022 -0700 gp: Fix GNOME Settings writing unreadable user profile This file must be readable by all users, otherwise the policy doesn't get read or applied. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 194f6661d665105a9433d4edb02ba70e1b70a396 Author: David Mulder Date: Wed Dec 14 14:23:48 2022 -0700 gp: Fix Firewalld RSoP output skipping Zones Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit c12518a9b6275602fd654a0dc47903d10843e91e Author: Volker Lendecke Date: Wed Dec 14 13:58:25 2022 +0100 smbd: Remove source3/smbd/statcache.c After I found that nobody calls stat_cache_add() anymore, there was no reason to keep the rest of statcache.c. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d04db4a576978be49b2c5c6533103cf8cab2f0b6 Author: Volker Lendecke Date: Wed Dec 14 13:44:50 2022 +0100 vfs: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b94fd4229d77ef150530eb434006adff346151f5 Author: Volker Lendecke Date: Tue Dec 13 17:38:25 2022 +0100 smbd: Slightly simplify set_current_case_sensitive() Remove a global cache of calculating case sensivity. The calculation is really simple: It only references a bool per-share parameter and a global variable. I really doubt there is any measurable benefit from this cache, and if there was, I don't care if SMB1 gets a tiny bit slower in response to reduced global state. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d48481118bc5e2dd8999fc112967a99e508ddf80 Author: Volker Lendecke Date: Tue Dec 13 17:33:29 2022 +0100 smbd: Slightly simplify set_current_case_sensitive() Assert this isn't called from SMB2 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 49fdf8f9ec967fb39f88f54752b2bf25e89672e5 Author: Volker Lendecke Date: Tue Dec 13 17:31:53 2022 +0100 smbd: Make set_current_case_sensitive() static This is a SMB1-only thing Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: librpc/idl/messaging.idl | 2 +- python/samba/gp/gp_firewalld_ext.py | 4 +- python/samba/gp/gp_gnome_settings_ext.py | 1 + source3/include/proto.h | 2 - source3/include/vfs.h| 10 +- source3/lib/smbd_shim.c | 8 - source3/lib/smbd_shim.h | 3 - source3/locking/locking.c| 5 - source3/smbd/close.c | 5 - source3/smbd/globals.c | 3 - source3/smbd/globals.h | 3 - source3/smbd/proto.h
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ac78cb71d69 libads: Save intermediate NULL checks with talloc_asprintf_addbuf() via 300ad4ff127 lib: Save intermediate NULL checks with talloc_asprintf_addbuf() via 4156d37db17 winbind: Save lines with talloc_asprintf_addbuf() via f25b6de771d winbind: Save an intermediate NULL check with talloc_asprintf_addbuf() via fa8a657b91c auth4: Save lines with talloc_asprintf_addbuf() in authsam_domain_group_filter() via 6b6f8debb5d libcldap: Save lines in cldap_netlogon_create_filter() with talloc_asprintf_addbuf() via c86112fe90b dns_server: Use talloc_asprintf_addbuf() in b9_format() via cbcf7f0d21b lib: Use talloc_asprintf_addbuf() in rdn_name_add() via ffba59b5c0b lib: Use talloc_asprintf_addbuf() in ldb_module_call_chain() via fe8895c83c5 lib: Use talloc_asprintf_addbuf() in print_socket_options() via bcdbe6ef6b5 lib: Use talloc_asprintf_addbuf() in ldif_write_prefixMap() via c692b5c95bd lib: Use talloc_asprintf_addbuf() in str_list_join_shell() via 2c7766c28f2 lib: Use talloc_asprintf_addbuf() in str_list_join() via 101396ab765 lib: Use talloc_asprintf_addbuf() in debug.c via ccb5bafe93e lib: Move talloc_asprintf_addbuf() to talloc via 7870e82cb44 lib: Fix whitespace from 5955dc1e4fd smbd: set long process name of smbd child processes to "smbd: " https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ac78cb71d69d0307a668311e94e7181db6ad840e Author: Volker Lendecke Date: Wed Nov 30 14:48:33 2022 +0100 libads: Save intermediate NULL checks with talloc_asprintf_addbuf() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 14 05:29:51 UTC 2022 on sn-devel-184 commit 300ad4ff1273b8656986e4e7853418c9238122ca Author: Volker Lendecke Date: Wed Nov 30 14:44:13 2022 +0100 lib: Save intermediate NULL checks with talloc_asprintf_addbuf() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4156d37db177b3b047fc0a448912d9bcb9354994 Author: Volker Lendecke Date: Wed Nov 30 14:28:54 2022 +0100 winbind: Save lines with talloc_asprintf_addbuf() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f25b6de771df587e58a28ae417bb5a2f596ec5a2 Author: Volker Lendecke Date: Wed Nov 30 14:23:26 2022 +0100 winbind: Save an intermediate NULL check with talloc_asprintf_addbuf() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit fa8a657b91c123849eb40f74dbce6974ec04338b Author: Volker Lendecke Date: Tue Nov 29 10:48:25 2022 +0100 auth4: Save lines with talloc_asprintf_addbuf() in authsam_domain_group_filter() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6b6f8debb5dedf1520a7bedfa0277849f70683dd Author: Volker Lendecke Date: Tue Nov 29 10:46:42 2022 +0100 libcldap: Save lines in cldap_netlogon_create_filter() with talloc_asprintf_addbuf() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c86112fe90b6ebd2f4206c9c2f78b845543cb96e Author: Volker Lendecke Date: Tue Nov 29 10:37:03 2022 +0100 dns_server: Use talloc_asprintf_addbuf() in b9_format() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit cbcf7f0d21b146b52bf472a3627b7ea8cd3d0b80 Author: Volker Lendecke Date: Mon Nov 28 11:25:32 2022 +0100 lib: Use talloc_asprintf_addbuf() in rdn_name_add() Add implicit NULL checks Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit ffba59b5c0b584d503f223dd5bcde84799b5d0c5 Author: Volker Lendecke Date: Mon Nov 28 11:07:25 2022 +0100 lib: Use talloc_asprintf_addbuf() in ldb_module_call_chain() This was exactly what talloc_asprintf_addbuf() does. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit fe8895c83c560f424edd35d9394414c2801127d2 Author: Volker Lendecke Date: Mon Nov 28 11:01:16 2022 +0100 lib: Use talloc_asprintf_addbuf() in print_socket_options() With the proper NULL checks we don't need the stackframe, use a passed in context instead. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit bcdbe6ef6b59ae3638f263fbd5ddf4107c3f52cf Author: Volker Lendecke Date: Mon Nov 28 10:58:46 2022 +0100 lib: Use talloc_asprintf_addbuf() in ldif_write_prefixMap() The first call of talloc_asprintf_append() did not have a NULL check. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c692b5c95bdc0d96ab7797a59b94addaa1c80d94 Author: Volker Lendecke Date: Mon Nov 28 10:55:04 2022 +0100 lib: Use talloc_asprintf_addbuf() in str_list_join_shell()
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5955dc1e4fd smbd: set long process name of smbd child processes to "smbd: " via fc57b88e6a9 smbd: remove process shortname arg from reinit_after_fork() via 38ba7d1476c smbd: remove process shortname arg from smbd_reinit_after_fork() via 62cc0bbab0a smbd: explicitly call process_set_title() via 096295a6fe3 winbindd: Use process_set_title() instead of setproctitle() via 1b62dfa68d0 s4/samba: use process_set_title() via 969e062724f lib/util: use process_set_title() in tfork() via 14571c5cc47 smbd: prepare smbd for calling setproctitle() via 19c82c19c00 lib/util: add process_set_title() from 987cba90573 CVE-2022-37966 python:/tests/krb5: call sys.path.insert(0, "bin/python") before any other imports https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5955dc1e4fde7c1335cae5c7fd9bef71fd3fab3c Author: Ralph Boehme Date: Fri Dec 2 09:49:11 2022 +0100 smbd: set long process name of smbd child processes to "smbd: " The resulting process listings, depending on the format chosen for the process name, show the relevant smbd processes like this: $ ps faxo pid,uid,comm | egrep "\_.*smbd" | grep -v grep 1690322 0 \_ smbd 1690326 0 \_ smbd-notifyd 1690327 0 \_ smbd-cleanupd 1690337 0 \_ smbd[::1] $ ps faxo pid,uid,args | egrep "\_.*smbd" | grep -v grep 1690322 0 \_ ./bin/smbd -D 1690326 0 \_ smbd: notifyd 1690327 0 \_ smbd: cleanupd 1690337 0 \_ smbd: client [::1] Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Dec 14 02:47:24 UTC 2022 on sn-devel-184 commit fc57b88e6a93d59ad243364a513d33cecf66e4ab Author: Ralph Boehme Date: Sat Dec 3 17:04:33 2022 +0100 smbd: remove process shortname arg from reinit_after_fork() All callers pass NULL anyway, so it isn't used anymore. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 38ba7d1476c1bdb5bbde70c45b47d12ab1699516 Author: Ralph Boehme Date: Sat Dec 3 16:59:39 2022 +0100 smbd: remove process shortname arg from smbd_reinit_after_fork() All callers already do this explicitly by calling process_set_title(). Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 62cc0bbab0a5146f7fdc8b3865b662b0f55f89d2 Author: Ralph Boehme Date: Sat Dec 3 16:56:20 2022 +0100 smbd: explicitly call process_set_title() Currently setting the shortname is achieved via the final arg to smbd_reinit_after_fork(), but I'm going to remove that arg soon. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 096295a6fe348937a8f23b5064f14896b59e35e6 Author: Ralph Boehme Date: Thu Dec 1 18:18:29 2022 +0100 winbindd: Use process_set_title() instead of setproctitle() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 1b62dfa68d07a2cdec76b635e82fd9b099a43c41 Author: Ralph Boehme Date: Fri Dec 2 15:39:25 2022 +0100 s4/samba: use process_set_title() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 969e062724f39d7406fddfd335533f8c24cb641d Author: Ralph Boehme Date: Fri Dec 2 15:38:44 2022 +0100 lib/util: use process_set_title() in tfork() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 14571c5cc47ccc1d168f38c65d786b61492485d9 Author: Ralph Boehme Date: Fri Dec 2 15:36:39 2022 +0100 smbd: prepare smbd for calling setproctitle() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 19c82c19c009eefe975ae95c8b709fc93f5f4c39 Author: Ralph Boehme Date: Fri Dec 2 15:17:20 2022 +0100 lib/util: add process_set_title() Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- Summary of changes: lib/util/tfork.c | 7 +++ lib/util/util_process.c | 32 +--- lib/util/util_process.h | 13 + source3/include/proto.h | 6 ++ source3/lib/background.c | 2 +- source3/lib/util.c | 7 +-- source3/nmbd/asyncdns.c | 2 +- source3/nmbd/nmbd.c | 2 +- source3/printing/print_cups.c| 2 +- source3/rpc_server/rpc_host.c| 2 +- source3/smbd/scavenger.c | 3 ++- source3/smbd/server.c| 21 - source3/smbd/server_exit.c | 4 ++-- source3/smbd/smb1_process.c | 5 +++-- source3/torture/test_g_lock.c| 6 +++--- source3/winbindd/winbindd.c | 5 +++-- source3/winbindd/winbindd_du
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5d82af05f31 smbd: Remove a few "extern userdom_struct current_user_info" via 8cc0489c804 lib: Add get_current_user_info_domain() via 46ce8a47109 lib: Make substitute.c's "remote_proto" static via 06408707a2e vfs: Remove an unnecessary if statement via 0b070db63b9 lib: Remove unused octal_string() via 3f7c6467749 lib: Remove fstring_sub() that was used just once via f9c982b5a96 smbd: Simplify dos_mode_msdfs() via 080ded09102 cldap_server: Align integer types via f30f5dd2453 smbd: Simplify is_visible_fsp() via 1625dc4b568 tsocket: Fix the build on FreeBSD via 6d365777158 nsswitch: Align integer types via c8a37a24f71 smbd: Fix whitespace from 4bb3e4df3e4 torture: test that a find with a mangled name works https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5d82af05f31bab9bea3de6b6a650a5bcc68e00af Author: Volker Lendecke Date: Wed Nov 30 18:47:21 2022 +0100 smbd: Remove a few "extern userdom_struct current_user_info" get_current_username() returns current_user_info.smb_name Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Dec 12 22:14:20 UTC 2022 on sn-devel-184 commit 8cc0489c8040b1c8836e7a54e0561ed69cb87fec Author: Volker Lendecke Date: Wed Nov 30 18:45:06 2022 +0100 lib: Add get_current_user_info_domain() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 46ce8a47109f3b92ac32d951e414b2e8c80cb5da Author: Volker Lendecke Date: Wed Nov 30 16:28:56 2022 +0100 lib: Make substitute.c's "remote_proto" static Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 06408707a2e7153668d91eddd6e1d482f843af92 Author: Volker Lendecke Date: Wed Nov 30 15:14:08 2022 +0100 vfs: Remove an unnecessary if statement get_local_machine_name() already does exactly this Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0b070db63b95cff0dbc055c199890b70b10f7d4b Author: Volker Lendecke Date: Wed Nov 30 14:17:29 2022 +0100 lib: Remove unused octal_string() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 3f7c6467749f868bae66178e34f1badc57be54b1 Author: Volker Lendecke Date: Wed Nov 30 14:14:43 2022 +0100 lib: Remove fstring_sub() that was used just once Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f9c982b5a96bed750bdff0a5243dda73c3d17587 Author: Volker Lendecke Date: Tue Dec 6 10:54:48 2022 +0100 smbd: Simplify dos_mode_msdfs() Use ISDOT[DOT] Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 080ded091025a4208625eccb142cac5b3c46d320 Author: Volker Lendecke Date: Fri Dec 9 16:25:25 2022 +0100 cldap_server: Align integer types Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f30f5dd24537bc6bb252a141d4f0b6773302335f Author: Volker Lendecke Date: Wed Dec 7 10:49:47 2022 +0100 smbd: Simplify is_visible_fsp() We don't need the wrapping if-statement, we check for the individual flags. The compiler should be smart enough so that this is not a difference in execution speed. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 1625dc4b5683ddc06fa6bf77b5b21eed7093862d Author: Volker Lendecke Date: Fri Dec 9 14:48:06 2022 +0100 tsocket: Fix the build on FreeBSD FreeBSD does not have TCP_USER_TIMEOUT Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6d365777158e141384acf43667cf6a599c183356 Author: Volker Lendecke Date: Fri Dec 9 14:36:04 2022 +0100 nsswitch: Align integer types Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c8a37a24f716dc98670c3a39b4dc0a3ae4f3852c Author: Volker Lendecke Date: Mon Dec 12 12:53:22 2022 +0100 smbd: Fix whitespace Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: lib/tsocket/wscript | 36 +++ lib/tsocket/wscript_build | 21 --- nsswitch/libwbclient/wbc_sid.c | 3 +- selftest/tests.py | 7 ++-- source3/auth/pampass.c | 2 +- source3/include/proto.h | 2 -- source3/lib/substitute.c| 12 ++- source3/lib/substitute.h| 2 ++ source3/lib/substitute_generic.c| 5 --- source3/lib/util_str.c | 18 -- source3/modules/vfs_virusfil
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4bb3e4df3e4 torture: test that a find with a mangled name works via 08997ac1a71 torture: convert mangling test to a suite via 0fa7c3f70c7 torture: add an interactive test that works out maximum name and path lenghts via 3ece2cb807a smbd: remove oplock paranoia check from file_find_dif() via 6e1f58ab7c6 torture: add a test veryfing timestamps across rename via 8d58174cdde lib/torture: fix tctx arg usage in torture_assert_nttime_equal() macro via 6c997c7fb5b torture: add another large directory enumeration performance test via cac95c3bba9 torture: print duration of smb2.dir.test_large_files via c0be0b68730 torture: increase find buffer to 1 MB in multiple_smb2_search() via 9e1c2fedb84 torture: add another simple DOS attributes test via fba4b290856 s4:torture: remove remaining checks if alloc_size is 0 on empty files via 043ce404cae vfs_zfsacl: fix mixed declaration and code error via 09a844c69eb vfs_zfsacl: remove unused function via 8a2c763d264 lib/cmdline/tests: add missing includes via 8ccbbbd4ba4 s3:locking: split out del_share_mode_open_id() via 6cc866b5901 smbd: introduce 'delete_on_close' helper variables via 0db39fad9e7 g_lock: check for zero timeout in g_lock_lock() via aa8b0ef8b93 smbd: debug in smbd_smb2_close_send() via 19a017496d6 s3/locking: Revert "s3:locking: Remove dead code" via a9c6a329a25 s3:locking: re-add saved_errno handling to fd_close_posix() via 46ac8daa797 smbd: use fsp_getinfo_ask_sharemode() in open_file_ntcreate() via f0e0fc17d3a smbd: use fsp_search_ask_sharemode() and fsp_getinfo_ask_sharemode() via 0226e0c31e6 smbd: add fsp_search_ask_sharemode() and fsp_getinfo_ask_sharemode() via 7f20625f982 smbd: use reference_smb_fname_fsp_link() in rename_internals_fsp() via d1dd3f3d73f smbd: factor out reference_smb_fname_fsp_link() from parent_pathref() via 67042d95bb3 Fix memleak in _nss_winbind_initgroups_dyn from 70e8da42917 s3:libads: Fix debug message https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4bb3e4df3e44dc7935d3852c8f45b5e4652a4df3 Author: Ralph Boehme Date: Thu Dec 1 06:13:22 2022 +0100 torture: test that a find with a mangled name works This was spawned by https://bugzilla.samba.org/show_bug.cgi?id=13472 back then. Samba implement this correctly, just add this test found in the attic. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Sat Dec 10 00:07:09 UTC 2022 on sn-devel-184 commit 08997ac1a711f4254603c7e5e90ee9309448f2a5 Author: Ralph Boehme Date: Thu Dec 1 06:09:09 2022 +0100 torture: convert mangling test to a suite More tests to come... Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 0fa7c3f70c70db1420cbb0971493fee328d70915 Author: Ralph Boehme Date: Tue Nov 29 18:30:35 2022 +0100 torture: add an interactive test that works out maximum name and path lenghts Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 3ece2cb807a122b7684096f6fe5bcfa277a3844f Author: Ralph Boehme Date: Thu Dec 1 21:38:32 2022 +0100 smbd: remove oplock paranoia check from file_find_dif() Since 4.16 stat opens will have a real fd, the only case where currently the fd can still be -1 is a POSIX request on a symlink. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 6e1f58ab7c68030a7cbc923cd22055636e233b42 Author: Ralph Boehme Date: Tue Nov 29 06:20:31 2022 +0100 torture: add a test veryfing timestamps across rename Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 8d58174cddeb2a5e62557ca23724b7acbb56e4c5 Author: Ralph Boehme Date: Tue Nov 29 12:07:19 2022 +0100 lib/torture: fix tctx arg usage in torture_assert_nttime_equal() macro Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit 6c997c7fb5b114407566887a19e9b832d067b18b Author: Ralph Boehme Date: Fri Nov 25 17:05:26 2022 +0100 torture: add another large directory enumeration performance test This one renames one file per iteration and can also be used to torture any directory caching the server may employ. Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit cac95c3bba9f0fbd02f3e96691cd679e0cd2085e Author: Ralph Boehme Date: Mon Nov 28 18:05:28 2022 +0100 torture: print duration of smb2.dir.test_large_files Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison commit c0be0b687301f5b613c917bc8f75248042fd32aa Author: Ralph Boehme Date: Fri Nov 25 17:03:37 2022 +0100 torture: increase f
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 99480c50ca6 smbd: Close the opened file in smbd_smb2_create_after_exec() error case via 9e9c5c14351 smbd: Centralize error handling in smbd_smb2_create_after_exec() from 68fc909a7f4 CVE-2022-44640 HEIMDAL: asn1: invalid free in ASN.1 codec https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 99480c50ca69826b1b2b46c22d6fdf5178c8733f Author: Volker Lendecke Date: Sat Dec 3 21:43:06 2022 +0100 smbd: Close the opened file in smbd_smb2_create_after_exec() error case smbd_smb2_create_after_exec() is only called when the file has successfully been opened. When this fails in the middle, we can't leave the fsp around. Hard to test with current code, but with reparse point handling we'll have a reproducable case soon. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Dec 6 23:37:52 UTC 2022 on sn-devel-184 commit 9e9c5c143518490e269562e8ea66c3f1e3d8a816 Author: Volker Lendecke Date: Sat Dec 3 21:42:49 2022 +0100 smbd: Centralize error handling in smbd_smb2_create_after_exec() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/smbd/smb2_create.c | 52 -- 1 file changed, 23 insertions(+), 29 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 34dd338a4a0..aba339014bb 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -1429,9 +1429,8 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) state->out_context_blobs, SMB2_CREATE_TAG_MXAC, blob); - if (tevent_req_nterror(req, status)) { - tevent_req_post(req, state->ev); - return; + if (!NT_STATUS_IS_OK(status)) { + goto fail; } } } @@ -1465,9 +1464,8 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) DEBUG(10, ("smb2_create_send: smbXsrv_open_update " "returned %s\n", nt_errstr(status))); - if (tevent_req_nterror(req, status)) { - tevent_req_post(req, state->ev); - return; + if (!NT_STATUS_IS_OK(status)) { + goto fail; } /* @@ -1485,9 +1483,8 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) state->out_context_blobs, SMB2_CREATE_TAG_DHNQ, blob); - if (tevent_req_nterror(req, status)) { - tevent_req_post(req, state->ev); - return; + if (!NT_STATUS_IS_OK(status)) { + goto fail; } } @@ -1514,9 +1511,8 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) state->out_context_blobs, SMB2_CREATE_TAG_DH2Q, blob); - if (tevent_req_nterror(req, status)) { - tevent_req_post(req, state->ev); - return; + if (!NT_STATUS_IS_OK(status)) { + goto fail; } } @@ -1541,9 +1537,8 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) state->out_context_blobs, SMB2_CREATE_TAG_QFID, blob); - if (tevent_req_nterror(req, status)) { - tevent_req_post(req, state->ev); - return; + if (!NT_STATUS_IS_OK(status)) { + goto fail; } } @@ -1560,19 +1555,16 @@ static void smbd_smb2_create_after_exec(struct tevent_req *req) } if (!smb2_lease_push(, buf, lease_len)) { - tevent_req_nterror( - req, NT_STATUS_INTERNAL_ERROR); - tevent_req_post(req, state->ev); - return; + status = NT_STATUS_INTERNAL_ERROR; + goto fail;
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 09f8d4ac81a tests: Start testing smb2 symlink error returns via 2e3e27f7e31 tests: Add nosymlinks_smb1allow share via 45091febd2a tests: Start testing reparsepoints via c58c826e43c pylibsmb: Add protocol() via c33f3a38686 pylibsmb: Add CreateDisposition values via 5907dff30ad pylibsmb: Add FSCTL codes via 7f63e98b95b libcli: Add python wappers to reparse_symlink.c via e7516fa9884 libsmb: Factor out reparse_buffer_marshall from symlink_reparse_buffer_marshall() via d79566c782f pylibsmb: Add fsctl() via 99730a59d5a pylibsmb: Add create options via 68a4be1edf7 pylibsmb: Add smb1_symlink() via 7d133943678 pylibsmb: Add smb1_readlink() via 98a627b93f4 pylibsmb: Add smb1_posix() to request smb1 posix extensions via 37784b86a06 pylibsmb: Pass symlink error to create_ex exception via 18d6334ca41 libsmb: Pass symlink error up through cli_smb2_create_fnum_recv() via 0c419b8a204 libsmb: Return symlink error struct from smb2cli_create_recv() via 218baae2d36 libsmb: Parse the smb2 symlink error response in smb2cli_create() via 3fbd4b27cb3 libsmb: Keep name_utf16 around in smb2cli_create() via f2c0f118fcc smbd: Pass unparsed_path_length to symlink_reparse_buffer_marshall() via 9e07a818124 smbd: Pass error_context_count through smbd_smb2_request_error_ex() via c14b8dc0aaf smbd: Factor out safe_symlink_target_path() via f71bdfbacbc tests: Fix an incorrect comment via b7fd2cf5bae libsmb: Add "DOMAIN" to authentication creds via c3d65f10c58 libsmb: Fix cli_fsctl() via fdb7e91df04 libsmb: Fix cli_smb2_fsctl_recv() via b4c45decd41 libsmb: Fix removing a rogue reparse point via 71789c7f6b2 pylibsmb: Add template code via b7d4b8eaac7 lib: Whitespace fixes via cb6d9e7b811 idl: Fix whitespace via 0789dd6959a libcli: Make "attr_strs" static via 9dddb9a2fc2 lib: Make lib/util/iov_buf.h self-contained via 9735498f60f pam_winbind: Fix a memleak from 59b5abbe8ce gp: Test PAM Access with DENY_ALL https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 09f8d4ac81a4b846ae472411cfaa9d8ee14c94c2 Author: Volker Lendecke Date: Thu Oct 27 12:59:53 2022 +0200 tests: Start testing smb2 symlink error returns This still all fails, but if you run them against Windows they work. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 22 19:25:34 UTC 2022 on sn-devel-184 commit 2e3e27f7e313cee7a646f57e49e2b192282f40d4 Author: Volker Lendecke Date: Thu Oct 27 12:48:59 2022 +0200 tests: Add nosymlinks_smb1allow share The next commits will create symlinks via posix extensions to test the smb2 symlink error return. Creating posix symlinks is not allowed with follow symlinks = no, but it's currently our only way to create symlinks over SMB. This could go away once we can create symlinks via reparse points. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 45091febd2aaeb9b030c8c14a4f44fe6e7f297bf Author: Volker Lendecke Date: Thu Nov 10 18:31:11 2022 +0100 tests: Start testing reparsepoints This still all fails, but if you run them against Windows they work. How to run: PYTHONPATH=bin/python \ LOCAL_PATH=/tmp \ SMB1_SHARE=share \ SMB2_SHARE=share \ SHARENAME=share \ SERVER_IP= \ DOMAIN= \ USERNAME=Administrator \ PASSWORD= \ SMB_CONF_PATH=/usr/local/samba/etc/smb.conf \ SERVERCONFFILE="$SMB_CONF_PATH" \ python3 -m samba.subunit.run samba.tests.reparsepoints Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c58c826e43c3b847b0cea3c8b6344274196506ca Author: Volker Lendecke Date: Thu Nov 3 16:42:12 2022 +0100 pylibsmb: Add protocol() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit c33f3a386869cdeca59b02a51ba5781dd58c813c Author: Volker Lendecke Date: Thu Nov 3 16:39:44 2022 +0100 pylibsmb: Add CreateDisposition values Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5907dff30adb9600235e757044fc75f3e5734dd6 Author: Volker Lendecke Date: Thu Nov 3 16:18:37 2022 +0100 pylibsmb: Add FSCTL codes Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 7f63e98b95b8a9b6c02762618ee0f4be30cafa79 Author: Volker Lendecke Date: Thu Nov 3 12:26:34 2022 +0100 libcli: Add python wappers to reparse_symlink.c Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit e7516fa9884dfa114703c1d532fa399bef47 Author: Volker Lend
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 59b5abbe8ce gp: Test PAM Access with DENY_ALL via ca5f8072a4c gp: PAM Access should implicitly deny ALL w/ allow via 9f6cf276e22 gp: samba-tool manage gpo access add don't fail w/out upn via 8d0d79ba3b3 gp: Make samba-tool gpo manage sudoers remove backward compatible via d0c4aebb0ef gp: Test that samba-tool gpo manage removes gpme sudoers via cc0c784d3ab gp: Make samba-tool gpo manage sudoers list backward compatible via 4c2b418882e gp: Test that samba-tool gpo manage lists gpme sudoers from f03665bb7e8 s3:rpc_server: Fix include directive substitution when enumerating shares https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 59b5abbe8cec52d7cf1197a91f32d832670284d5 Author: David Mulder Date: Fri Nov 18 11:42:15 2022 -0700 gp: Test PAM Access with DENY_ALL Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 21 22:05:01 UTC 2022 on sn-devel-184 commit ca5f8072a4c7be6fdebef494664a27bbd73340ff Author: David Mulder Date: Thu Nov 17 16:33:24 2022 -0700 gp: PAM Access should implicitly deny ALL w/ allow If an allow entry is specified, the PAM Access CSE should implicitly deny ALL (everyone other than the explicit allow entries). Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 9f6cf276e22b82601a81286fabeae5303f58339c Author: David Mulder Date: Thu Nov 17 12:37:20 2022 -0700 gp: samba-tool manage gpo access add don't fail w/out upn The search response for the user could possibly not include a upn (this happens with Administrator for example). Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 8d0d79ba3b317401cfe089c0df871189bb79c9dc Author: David Mulder Date: Wed Nov 16 15:04:16 2022 -0700 gp: Make samba-tool gpo manage sudoers remove backward compatible Ensure `samba-tool gpo manage sudoers remove` is backward compatible with the GPME sudo rules. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit d0c4aebb0eff59716cfc51d86eec26a52f6913c5 Author: David Mulder Date: Wed Nov 16 15:03:18 2022 -0700 gp: Test that samba-tool gpo manage removes gpme sudoers The file format for storing the sudo rules changed in samba-tool, but these can still be added via the GPME. We should still include them here. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit cc0c784d3ab914593356b4b1a0ca924c9dc4b9fa Author: David Mulder Date: Wed Nov 16 10:46:11 2022 -0700 gp: Make samba-tool gpo manage sudoers list backward compatible Ensure `samba-tool gpo manage sudoers list` is backward compatible with the GPME sudo rules. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 4c2b418882ecdb6293cc1d033c33685ada684c2e Author: David Mulder Date: Wed Nov 16 10:44:22 2022 -0700 gp: Test that samba-tool gpo manage lists gpme sudoers The file format for storing the sudo rules changed in samba-tool, but these can still be added via the GPME. We should still include them here. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/gp/vgp_access_ext.py| 54 +++--- python/samba/netcmd/gpo.py | 135 --- python/samba/tests/gpo.py| 7 +- python/samba/tests/samba_tool/gpo.py | 53 ++ 4 files changed, 197 insertions(+), 52 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/gp/vgp_access_ext.py b/python/samba/gp/vgp_access_ext.py index efd91ef93fb..474d5e278ee 100644 --- a/python/samba/gp/vgp_access_ext.py +++ b/python/samba/gp/vgp_access_ext.py @@ -19,6 +19,7 @@ from samba.gp.gpclass import gp_xml_ext from hashlib import blake2b from tempfile import NamedTemporaryFile from samba.common import get_bytes +from samba.gp.util.logging import log intro = ''' ### autogenerated by samba @@ -31,11 +32,34 @@ intro = ''' ''' +# The deny all file is implicit any time an allow entry is used +DENY_BOUND = 90 +DENY_FILE = '_gp_DENY_ALL.conf' + +# Each policy MUST create it's own DENY_ALL file if an allow entry exists, +# otherwise policies will conflict and one could remove a DENY_ALL when another +# one still requires it. +def deny_file(access): +deny_filename = os.path.join(access, +'%d%s' % (select_next_deny(access), DENY_FILE)) +with NamedTemporaryFile(delete=False, dir=access) as f: +with open(f.name, 'w') as w: +w.write(intro) +w.write('-:ALL:ALL') +os.chmod(f.name
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via f6284877ce0 nsswitch: Fix uninitialized memory when allocating pwdlastset_prelim from ebaafb2375c gitlab-ci: Update Fedora to version 37 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f6284877ce07fc5ddf4f4e2d824013b645d6e12c Author: Noel Power Date: Wed Nov 16 15:37:52 2022 + nsswitch: Fix uninitialized memory when allocating pwdlastset_prelim BUG: https://bugzilla.samba.org/show_bug.cgi?id=15224 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 16 19:29:21 UTC 2022 on sn-devel-184 --- Summary of changes: nsswitch/pam_winbind.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c index 02a8aa8df98..06a8db21b69 100644 --- a/nsswitch/pam_winbind.c +++ b/nsswitch/pam_winbind.c @@ -3228,7 +3228,7 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags, if (flags & PAM_PRELIM_CHECK) { time_t *pwdlastset_prelim = NULL; - pwdlastset_prelim = talloc_array(NULL, time_t, 1); + pwdlastset_prelim = talloc_zero(NULL, time_t); if (pwdlastset_prelim == NULL) { _pam_log(ctx, LOG_CRIT, "password - out of memory"); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 15696da0151 gp: Fix startup scripts add not always set runonce via 4321be515b4 gp: Fix startup scripts list not fail with empty args via f04f205d273 gp: startup scripts list enclude newline in output via 3bee89c1cfa gp: startup scripts add clarify 'args' option via 096a323a8ce gp: Fix startup scripts add args from fa4eba131b8 s3: smbd: Always use metadata_fsp() when processing fsctls. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 15696da01515692b5a3ce647e3049229e5b82393 Author: David Mulder Date: Mon Nov 14 10:50:28 2022 -0700 gp: Fix startup scripts add not always set runonce The runonce is always being set because neither True nor False is ever None. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 15 02:09:45 UTC 2022 on sn-devel-184 commit 4321be515b41ac4b129e2334f19cfd628809cf3d Author: David Mulder Date: Mon Nov 14 09:49:18 2022 -0700 gp: Fix startup scripts list not fail with empty args This fixes the startup scripts list command to not fail when the parameters variable is empty. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit f04f205d273605b0c09799cc55fc218ce907c827 Author: David Mulder Date: Mon Nov 14 09:35:31 2022 -0700 gp: startup scripts list enclude newline in output The output for listing startup scripts wasn't clear because there was no newline between entries. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 3bee89c1cfa53f76728a54536f9d33e134b952c1 Author: David Mulder Date: Mon Nov 14 09:34:35 2022 -0700 gp: startup scripts add clarify 'args' option Make sure it is clear how to specify args for the command, and that multiple args can be passed wrapped in quotes. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 096a323a8ce57fd75f3857449d9aaf74cb10344b Author: David Mulder Date: Mon Nov 14 09:31:41 2022 -0700 gp: Fix startup scripts add args The args for the command could not be parsed because samba-tool detects the '-' and thinks its part of the samba-tool command. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/netcmd/gpo.py | 14 +- 1 file changed, 9 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index fe8afa7d9a0..eefce9d8d0e 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -3126,8 +3126,12 @@ samba-tool gpo manage scripts startup list {31B2F340-016D-11D2-945F-00C04FB984F9 run_as = run_as.text else: run_as = 'root' -self.outf.write('@reboot %s %s %s' % (run_as, script_path, - parameters.text)) +if parameters is not None: +parameters = parameters.text +else: +parameters = '' +self.outf.write('@reboot %s %s %s\n' % (run_as, script_path, + parameters)) class cmd_add_startup(Command): """Adds VGP Startup Script Group Policy to the sysvol @@ -3135,7 +3139,7 @@ class cmd_add_startup(Command): This command adds a startup script policy to the sysvol. Example: -samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh '-n' +samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh '\\-n \\-p all' """ synopsis = "%prog
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fa4eba131b8 s3: smbd: Always use metadata_fsp() when processing fsctls. via abc4495e459 s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle. from 2ea3adfd04b gp: Test that Password and Kerberos policies fail on unknown key https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fa4eba131b882c3858b28f5fd9864998e19a4510 Author: Jeremy Allison Date: Thu Nov 10 14:43:15 2022 -0800 s3: smbd: Always use metadata_fsp() when processing fsctls. Currently all fsctls we implement need the base fsp, not an alternate data stream fsp. We may revisit this later if we implement fsctls that operate on an ADS. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236 Signed-off-by: Jeremy Allison Reviewed-by: Andrew Walker Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 14 18:13:31 UTC 2022 on sn-devel-184 commit abc4495e4591964bb4625c2669a1f84213faab77 Author: Jeremy Allison Date: Thu Nov 10 14:41:15 2022 -0800 s3: smbd: Add test to show smbd crashes when doing an FSCTL on a named stream handle. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15236 Signed-off-by: Andrew Walker Reviewed-by: Jeremy Allison --- Summary of changes: selftest/knownfail| 1 + source3/modules/vfs_default.c | 8 - source3/selftest/tests.py | 2 ++ source4/torture/smb2/ioctl.c | 74 +++ source4/torture/smb2/smb2.c | 2 ++ 5 files changed, 86 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/selftest/knownfail b/selftest/knownfail index f130d2dc3c5..cd91a7a50e6 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -202,6 +202,7 @@ ^samba4.smb2.ioctl.copy_chunk_\w*\(ad_dc_ntvfs\) # not supported by s4 ntvfs server ^samba4.smb2.ioctl.copy-chunk streams\(ad_dc_ntvfs\) # not supported by s4 ntvfs server ^samba4.smb2.ioctl.bug14769\(ad_dc_ntvfs\) # not supported by s4 ntvfs server +^samba4.smb2.ioctl-on-stream.ioctl-on-stream\(ad_dc_ntvfs\) ^samba3.smb2.dir.one ^samba3.smb2.dir.modify ^samba3.smb2.oplock.batch20 diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 93a56ef8019..000c23208f5 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -1487,7 +1487,13 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct *handle, char **out_data = (char **)_out_data; NTSTATUS status; - SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + /* +* Currently all fsctls operate on the base +* file if given an alternate data stream. +* Revisit this if we implement fsctls later +* that need access to the ADS handle. +*/ + fsp = metadata_fsp(fsp); switch (function) { case FSCTL_SET_SPARSE: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 182283d9c9d..67ba7b10484 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -1098,6 +1098,8 @@ for t in tests: plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/fs_specific -U$USERNAME%$PASSWORD', 'fs_specific') plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') +elif t == "smb2.ioctl-on-stream": +plansmbtorture4testsuite(t, "fileserver", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') elif t == "smb2.lock": plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/aio -U$USERNAME%$PASSWORD', 'aio') plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') diff --git a/source4/torture/smb2/ioctl.c b/source4/torture/smb2/ioctl.c index d5ebf93bd6a..6ceaccfc7ca 100644 --- a/source4/torture/smb2/ioctl.c +++ b/source4/torture/smb2/ioctl.c @@ -3838,6 +3838,80 @@ static bool test_ioctl_sparse_qar_malformed(struct torture_context *torture, return true; } +bool test_ioctl_alternate_data_stream(struct torture_context *tctx) +{ + bool ret = false; + const char *fname = DNAME "\\test_stream_ioctl_dir"; + const char *sname = DNAME "\\test_stream_ioctl_dir:stream"; + NTSTATUS status; + struct smb2_create create = {}; + struct smb2_tree *tree = NULL; + struct smb2_handle h1 = {{0}}; + union smb_ioctl ioctl; + + if (!torture_smb2_connection(tctx, )) { + torture_comment(tctx, "Initializing smb2 connection failed.\n"); + re
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ea3adfd04b gp: Test that Password and Kerberos policies fail on unknown key via 3ad8e8d4d43 gp: Password and Kerberos policies fail on unknown key from 09e9dd576da torture: Test the "server addresses" parameter https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ea3adfd04b07c6d449904b81d132ad3858f72fb Author: David Mulder Date: Fri Nov 11 10:04:44 2022 -0700 gp: Test that Password and Kerberos policies fail on unknown key Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Sat Nov 12 01:34:17 UTC 2022 on sn-devel-184 commit 3ad8e8d4d43b08cf1747da048c2fcc16d45a59c5 Author: David Mulder Date: Fri Nov 11 09:41:52 2022 -0700 gp: Password and Kerberos policies fail on unknown key If unrecognized keys are set in the GptTmpl.inf, the extensions would fail to apply. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- Summary of changes: python/samba/gp/gp_sec_ext.py | 4 python/samba/tests/gpo.py | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/python/samba/gp/gp_sec_ext.py b/python/samba/gp/gp_sec_ext.py index 667bc4cd48b..16cbc4c7013 100644 --- a/python/samba/gp/gp_sec_ext.py +++ b/python/samba/gp/gp_sec_ext.py @@ -67,6 +67,8 @@ class gp_krb_ext(gp_inf_ext): for section in inf_conf.sections(): if section == str(self): for key, value in inf_conf.items(section): +if key not in gp_krb_ext.apply_map: +continue att = gp_krb_ext.apply_map[key] value_func = self.mapper().get(att) self.set_kdc_tdb(att, value_func(value)) @@ -153,6 +155,8 @@ class gp_access_ext(gp_inf_ext): for section in inf_conf.sections(): if section == str(self): for key, value in inf_conf.items(section): +if key not in gp_access_ext.apply_map: +continue att = gp_access_ext.apply_map[key] (update_samba, value_func) = self.mapper().get(att) update_samba(att, value_func(value)) diff --git a/python/samba/tests/gpo.py b/python/samba/tests/gpo.py index c620a1270f7..7ba193884a1 100644 --- a/python/samba/tests/gpo.py +++ b/python/samba/tests/gpo.py @@ -7336,7 +7336,8 @@ class GPOTests(tests.TestCase): if ads.connect(): gpos = ads.get_gpo_list(machine_creds.get_username()) -stage = '[Kerberos Policy]\nMaxTicketAge = %d\n' +# Include MaxClockSkew to ensure we don't fail on a key we ignore +stage = '[Kerberos Policy]\nMaxTicketAge = %d\nMaxClockSkew = 5' opts = [100, 200] for i in range(0, 2): gpttmpl = gpofile % (local_path, guids[i]) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 10537a89bb0 s4: libcli: Ignore errors when getting A records after fetching records. from 76adda9d2fe lib/replace: fix memory leak in snprintf replacements https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 10537a89bb0b461ba31d614b7c9ed56a842422e7 Author: Jeremy Allison Date: Tue Nov 8 10:13:18 2022 -0800 s4: libcli: Ignore errors when getting A records after fetching records. The target may only be available over IPv6. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15226 Signed-off-by: Jeremy Allison Reviewed-by: Stefan Metzmacher Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 9 20:34:07 UTC 2022 on sn-devel-184 --- Summary of changes: source4/libcli/resolve/dns_ex.c | 14 -- 1 file changed, 8 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/libcli/resolve/dns_ex.c b/source4/libcli/resolve/dns_ex.c index 0bb3ba02287..b8447bec4de 100644 --- a/source4/libcli/resolve/dns_ex.c +++ b/source4/libcli/resolve/dns_ex.c @@ -245,13 +245,15 @@ static struct dns_records_container get_a__records(TALLOC_CTX *mem_ctx, * Most of the server do it, let's ask for A specificaly. */ err = dns_lookup(tmp_ctx, name, QTYPE_A, ); - if (!ERR_DNS_IS_OK(err)) { - goto done; - } - - total = reply_to_addrs(tmp_ctx, _num, , total, + if (ERR_DNS_IS_OK(err)) { + /* +* Ignore an error here and just return any +* records we already got. This may be an IPv6-only +* config. +*/ + total = reply_to_addrs(tmp_ctx, _num, , total, reply, port); - + } } if (total) { -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 3030813765f gp: Ignore crontab -l error, since it means empty from 612eeff2704 tests/krb5: Add tests of PAC group handling https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 3030813765ff2f9ef6c894a4e6eb51601fe07109 Author: David Mulder Date: Tue Nov 8 11:03:36 2022 -0700 gp: Ignore crontab -l error, since it means empty We should not fail when crontab -l errors, this just means the crontab is empty. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 8 22:33:37 UTC 2022 on sn-devel-184 --- Summary of changes: python/samba/gp/gp_scripts_ext.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/python/samba/gp/gp_scripts_ext.py b/python/samba/gp/gp_scripts_ext.py index 3ff650996bb..bbf609cf5d5 100644 --- a/python/samba/gp/gp_scripts_ext.py +++ b/python/samba/gp/gp_scripts_ext.py @@ -20,6 +20,7 @@ from samba.gp.gpclass import gp_pol_ext, drop_privileges from base64 import b64encode from hashlib import blake2b from tempfile import NamedTemporaryFile +from samba.gp.util.logging import log intro = ''' ### autogenerated by samba @@ -98,7 +99,7 @@ def fetch_crontab(username): p = Popen(['crontab', '-l', '-u', username], stdout=PIPE, stderr=PIPE) out, err = p.communicate() if p.returncode != 0: -raise RuntimeError('Failed to read the crontab: %s' % err) +log.warning('Failed to read the crontab: %s' % err) m = re.findall('%s(.*)%s' % (intro, end), out.decode(), re.DOTALL) if len(m) == 1: entries = m[0].strip().split('\n') -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via be1431a8930 smbd: Don't hide directories with "hide new files timeout" via e8848a3eab8 torture: Show that "hide new files timeout" also hides directories via 8b4a3c12a0d torture3: Run the "hidenewfiles" test against SMB2 via 721cfe94247 torture3: Fix a copy error and a typo from 635b1adfc5c gpo: GPME doesn't permit nesting of admx categories in builtin https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit be1431a8930a9386bb5dbf15604fc6b8330c42f4 Author: Volker Lendecke Date: Mon Nov 7 15:08:51 2022 +0100 smbd: Don't hide directories with "hide new files timeout" The intention of this option was to hide *files*. Before this patch we also hide directories where new files are dropped. This is a change in behaviour, but I think this option is niche enough to justify not adding another parameter that we then need to test. If workflows break with this change and people depend on directories also to be hidden, we can still add the additional option value required. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 7 22:58:33 UTC 2022 on sn-devel-184 commit e8848a3eab8fc43132640f67b858780f43f2b07c Author: Volker Lendecke Date: Mon Nov 7 14:57:04 2022 +0100 torture: Show that "hide new files timeout" also hides directories Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 8b4a3c12a0d6f08827237aba5af3c1e3eb1c43e8 Author: Volker Lendecke Date: Mon Nov 7 14:56:28 2022 +0100 torture3: Run the "hidenewfiles" test against SMB2 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 721cfe94247da7c0150b1d78f95592f7bf3a2356 Author: Volker Lendecke Date: Mon Nov 7 12:11:52 2022 +0100 torture3: Fix a copy error and a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/selftest/tests.py | 15 ++-- source3/smbd/dir.c | 6 ++-- source3/torture/proto.h | 1 + source3/torture/test_hidenewfiles.c | 70 ++--- source3/torture/torture.c | 4 +++ 5 files changed, 88 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 04e47fa962f..2155866923f 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -191,8 +191,8 @@ for t in tests: plantestsuite("samba3.smbtorture_s3.vfs_aio_pthread(%s).%s" % (env, t), env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/vfs_aio_pthread', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"]) plantestsuite("samba3.smbtorture_s3.vfs_aio_fork(%s).%s" % (env, t), env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/vfs_aio_fork', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"]) -plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)", - "fileserver_smb1", +plantestsuite("samba3.smbtorture_s3.hidenewfiles", + "simpleserver", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), 'hide-new-files-timeout', @@ -202,6 +202,17 @@ plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)", smbtorture3, "", "-l $LOCAL_PATH"]) +plantestsuite("samba3.smbtorture_s3.hidenewfiles_showdirs", + "simpleserver", + [os.path.join(samba3srcdir, +"script/tests/test_smbtorture_s3.sh"), + 'hide-new-files-timeout-showdirs', + '//$SERVER_IP/hidenewfiles', + '$USERNAME', + '$PASSWORD', + smbtorture3, + "", + "-l $LOCAL_PATH"]) # # MSDFS attribute tests. diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 64c7d5ca962..a18d70c870a 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -1404,7 +1404,8 @@ bool is_visible_fsp(struct files_struct *fsp) * only thing we can check is the * hide_new_files_timeout. */ - if (hide_new_files_timeout != 0) { + if ((hide_new_files_timeout != 0) && +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 635b1adfc5c gpo: GPME doesn't permit nesting of admx categories in builtin via 1eb2f1cca4f gpo: Install the GNOME Settings admx templates via 853a4ecd838 gp: Move GNOME admx templates from f5d77cb627d s3:winbind: Avoid unnecessary locking in wb_parent_idmap_setup_send() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 635b1adfc5c8525634cfbc3f4d64fb9efa1c6f09 Author: David Mulder Date: Tue Oct 25 08:28:22 2022 -0600 gpo: GPME doesn't permit nesting of admx categories in builtin The gnome settings were nested within a builtin admx category, which GPME does not permit. This was hiding the GNOME settings anytime windows admx templates were present. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Nov 4 19:09:09 UTC 2022 on sn-devel-184 commit 1eb2f1cca4f2df0f0885bd9276427410c4241d7c Author: David Mulder Date: Fri Oct 21 10:39:26 2022 -0600 gpo: Install the GNOME Settings admx templates Signed-off-by: David Mulder Reviewed-by: Jeremy Allison commit 853a4ecd838fcb441cbf654894a96ea728bc2efe Author: David Mulder Date: Wed Nov 2 08:39:17 2022 -0600 gp: Move GNOME admx templates waf fails to install the templates if there is a space in the name. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- Summary of changes: libgpo/admx/{GNOME Settings.admx => GNOME_Settings.admx} | 4 +--- libgpo/admx/en-US/{GNOME Settings.adml => GNOME_Settings.adml} | 0 libgpo/admx/ru-RU/{GNOME Settings.adml => GNOME_Settings.adml} | 0 libgpo/admx/wscript_build | 7 ++- 4 files changed, 7 insertions(+), 4 deletions(-) rename libgpo/admx/{GNOME Settings.admx => GNOME_Settings.admx} (98%) rename libgpo/admx/en-US/{GNOME Settings.adml => GNOME_Settings.adml} (100%) rename libgpo/admx/ru-RU/{GNOME Settings.adml => GNOME_Settings.adml} (100%) Changeset truncated at 500 lines: diff --git a/libgpo/admx/GNOME Settings.admx b/libgpo/admx/GNOME_Settings.admx similarity index 98% rename from libgpo/admx/GNOME Settings.admx rename to libgpo/admx/GNOME_Settings.admx index 6e506b1377f..202960b2c34 100644 --- a/libgpo/admx/GNOME Settings.admx +++ b/libgpo/admx/GNOME_Settings.admx @@ -10,9 +10,7 @@ - - - + diff --git a/libgpo/admx/en-US/GNOME Settings.adml b/libgpo/admx/en-US/GNOME_Settings.adml similarity index 100% rename from libgpo/admx/en-US/GNOME Settings.adml rename to libgpo/admx/en-US/GNOME_Settings.adml diff --git a/libgpo/admx/ru-RU/GNOME Settings.adml b/libgpo/admx/ru-RU/GNOME_Settings.adml similarity index 100% rename from libgpo/admx/ru-RU/GNOME Settings.adml rename to libgpo/admx/ru-RU/GNOME_Settings.adml diff --git a/libgpo/admx/wscript_build b/libgpo/admx/wscript_build index cb1cadbf782..3d513363897 100644 --- a/libgpo/admx/wscript_build +++ b/libgpo/admx/wscript_build @@ -1,3 +1,8 @@ #!/usr/bin/env python -bld.INSTALL_FILES('${DATADIR}/samba/admx', ['samba.admx', 'en-US/samba.adml']) +bld.INSTALL_FILES('${DATADIR}/samba/admx', ['samba.admx', +'en-US/samba.adml', +'GNOME_Settings.admx', +'en-US/GNOME_Settings.adml', +'ru-RU/GNOME_Settings.adml' +]) -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b3292b541ec smbget: Adds a rate limiting option --limit-rate in KB/s from bf446bcf612 third_party/heimdal_build: Update fallthrough macro for switch statements https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b3292b541ec1feb3162a514a0493054a1a5318ab Author: vporpo Date: Sat Oct 1 14:45:18 2022 -0700 smbget: Adds a rate limiting option --limit-rate in KB/s This patch implements a very simple rate limiter. It works by pausing the main download loop whenever the bytes transferred are more than what we would get with if it were transferred at the rate set by the user. Please note that this may reduce the blocksize if the limit is too small. Signed-off-by: Vasileios Porpodas Reviewed-by: Jeremy Allison Reviewed-by: Andreas Schneider Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Nov 2 22:47:10 UTC 2022 on sn-devel-184 --- Summary of changes: docs-xml/manpages/smbget.1.xml | 6 +++ source3/script/tests/test_smbget.sh | 30 +++ source3/utils/smbget.c | 73 + 3 files changed, 109 insertions(+) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smbget.1.xml b/docs-xml/manpages/smbget.1.xml index 64924ef9ca8..9d1db967f96 100644 --- a/docs-xml/manpages/smbget.1.xml +++ b/docs-xml/manpages/smbget.1.xml @@ -35,6 +35,7 @@ -O, --stdout -u, --update -e, --encrypt + --limit-rate=INT -?, --help --usage smb://host/share/path/to/file @@ -151,6 +152,11 @@ Enable SMB encryption. + +--limit-rate=INT + Limit download rate by this many KB/s. + + diff --git a/source3/script/tests/test_smbget.sh b/source3/script/tests/test_smbget.sh index c1c99579a8c..2322f3af942 100755 --- a/source3/script/tests/test_smbget.sh +++ b/source3/script/tests/test_smbget.sh @@ -269,6 +269,32 @@ test_msdfs_link() return 0 } +# Tests --limit-rate. Getting the testfile (128K in size) with --limit-rate 100 +# (that is 100KB/s) should take at least 1 sec to complete. +test_limit_rate() +{ + clear_download_area + echo "$SMBGET -v -a --limit-rate 100 smb://$SERVER_IP/smbget/testfile" + time_begin=$(date +%s) + $SMBGET -v -a --limit-rate 100 smb://$SERVER_IP/smbget/testfile + if [ $? -ne 0 ]; then + echo 'ERROR: RC does not match, expected: 0' + return 1 + fi + time_end=$(date +%s) + cmp --silent $WORKDIR/testfile ./testfile + if [ $? -ne 0 ]; then + echo 'ERROR: file content does not match' + return 1 + fi + if [ $((time_end - time_begin)) -lt 1 ]; then + echo 'ERROR: It should take at least 1s to transfer 128KB with rate 100KB/s' + return 1 + fi + return 0 +} + + create_test_data pushd $TMPDIR @@ -306,6 +332,10 @@ testit "update" test_update || testit "msdfs" test_msdfs_link || failed=$((failed + 1)) + +testit "limit rate" test_limit_rate || + failed=$((failed + 1)) + clear_download_area popd # TMPDIR diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c index 3e7c5687d83..5f3ac16b204 100644 --- a/source3/utils/smbget.c +++ b/source3/utils/smbget.c @@ -56,6 +56,7 @@ struct opt { bool send_stdout; bool update; int debuglevel; + unsigned limit_rate; }; static struct opt opt = { .blocksize = SMB_DEFAULT_BLOCKSIZE }; @@ -355,6 +356,10 @@ static bool smb_download_file(const char *base, const char *name, off_t offset_download = 0, offset_check = 0, curpos = 0, start_offset = 0; struct stat localstat, remotestat; + clock_t start_of_bucket_ticks = 0; + size_t bytes_in_bucket = 0; + size_t bucket_size = 0; + clock_t ticks_to_fill_bucket = 0; snprintf(path, SMB_MAXPATHLEN-1, "%s%s%s", base, (*base && *name && name[0] != '/' && @@ -576,6 +581,44 @@ static bool smb_download_file(const char *base, const char *name, offset_check = 0; } + /* We implement rate limiting by filling up a bucket with bytes and +* checking, once the bucket is filled, if it was filled too fast. +* If so, we sleep for some time to get an average transfer rate that +* equals to the one set by the user. +* +* The bucket size directly affects the traffic characteristics. +* The smaller the bucket the more frequent the pause/resume cycle. +* A large bucket can result in
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via bdbb38d16c8 s3: libsmbclient: Fix smbc_getxattr() to return 0 on success. via 74636dfe24c s4: torture: Show return value for smbc_getxattr() is incorrect (returns >0 for success, should return zero). from ffc59fe0946 smbd: Correct store_smb2_posix_info size check https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit bdbb38d16c8eaff33484bb747efa639c4d8e7f35 Author: Jeremy Allison Date: Fri Oct 28 15:31:39 2022 -0700 s3: libsmbclient: Fix smbc_getxattr() to return 0 on success. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Jeremy Allison Reviewed-by: David Mulder Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Nov 1 18:31:22 UTC 2022 on sn-devel-184 commit 74636dfe24c15677261fc40c0a4ec62404898cf4 Author: Jeremy Allison Date: Fri Oct 28 15:28:41 2022 -0700 s4: torture: Show return value for smbc_getxattr() is incorrect (returns >0 for success, should return zero). Add torture test to show smbc_getxattr() should return -1 on failure, 0 on success. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14808 Signed-off-by: Jeremy Allison Reviewed-by: David Mulder --- Summary of changes: source3/libsmb/libsmb_xattr.c | 6 +- source4/torture/libsmbclient/libsmbclient.c | 94 + 2 files changed, 99 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c index 58ee4965220..1e8d2718a22 100644 --- a/source3/libsmb/libsmb_xattr.c +++ b/source3/libsmb/libsmb_xattr.c @@ -2180,7 +2180,11 @@ SMBC_getxattr_ctx(SMBCCTX *context, errno = SMBC_errno(context, srv->cli); } TALLOC_FREE(frame); -return ret; + /* +* static function cacl_get returns a value greater than zero +* on success. Map this to zero meaning success. +*/ +return ret < 0 ? -1 : 0; } /* Unsupported attribute name */ diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c index d335cad3a4e..55ea26f5bc8 100644 --- a/source4/torture/libsmbclient/libsmbclient.c +++ b/source4/torture/libsmbclient/libsmbclient.c @@ -1473,6 +1473,98 @@ static bool torture_libsmbclient_getatr(struct torture_context *tctx) return true; } +static bool torture_libsmbclient_getxattr(struct torture_context *tctx) +{ + const char *smburl = torture_setting_string(tctx, "smburl", NULL); + int fhandle = -1; + SMBCCTX *ctx = NULL; + char *getxattr_name = NULL; + char value[4096]; + bool ok = false; + int ret = -1; + + if (smburl == NULL) { + torture_fail(tctx, +"option --option=torture:smburl=" +"smb://user:password@server missing\n"); + } + + ok = torture_libsmbclient_init_context(tctx, ); + torture_assert(tctx, ok, "Failed to init context"); + smbc_set_context(ctx); + + getxattr_name = talloc_asprintf(tctx, + "%s/getxattr", + smburl); + if (getxattr_name == NULL) { + torture_result(tctx, + TORTURE_FAIL, + __location__": %s", + "talloc fail\n"); + return false; + } + /* Ensure the file doesn't exist. */ + smbc_unlink(getxattr_name); + + /* Create testfile. */ + fhandle = smbc_creat(getxattr_name, 0666); + if (fhandle < 0) { + torture_fail_goto(tctx, + done, + talloc_asprintf(tctx, + "failed to create file '%s': %s", + getxattr_name, + strerror(errno))); + } + ret = smbc_close(fhandle); + torture_assert_int_equal_goto(tctx, + ret, + 0, + ok, + done, + talloc_asprintf(tctx, + "failed to close handle for '%s'", + getxattr_name)); + + /* +* Ensure getting a non-existent attribute returns -1. +*/ + ret = smbc_getxattr(getxattr_name, "foobar", value, sizeof(value)); + torture_assert_int_equal_goto(tctx, + ret, + -1, + ok, +
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8c94bbba270 testprogs/blackbox: add 'net ads keytab delete' tests to test_net_ads.sh via 797b38f5f9c testprogs/blackbox: fix prinicple => principal in test_net_ads.sh via dd0984c7191 testprogs/blackbox: let test_net_ads.sh consistently use the tmp WORKDIR via 17779a68339 s3:util: add 'net ads keytab delete' via 3dd26cb4d0c s3:libads: add ads_keytab_delete_entry() via 956c6562eba lib/krb5_wrap: add explicit keep_old_kvno/enctype_only args to smb_krb5_kt_seek_and_delete_old_entries() via 3881a440eef s3:libads: ads_keytab_flush() doesn't need a valid kvno via 173b6f6e60a lib/krb5_wrap: document the enctype argument of smb_krb5_kt_seek_and_delete_old_entries() via 7958e18b8ab lib/krb5_wrap: remove unused keep_old_entries argument from smb_krb5_kt_seek_and_delete_old_entries() via b7ea69bdff3 lib/krb5_wrap: remove unused keep_old_entries argument from smb_krb5_kt_add_entry() via 39cf93c79ef bootstrap: Update to openSUSE 15.4 from 6f1a9ef2072 lib:replace: Require bool from C99 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8c94bbba2704a07c7f13f11496c4a3a93c4fda11 Author: Stefan Metzmacher Date: Thu Oct 27 14:32:27 2022 +0200 testprogs/blackbox: add 'net ads keytab delete' tests to test_net_ads.sh Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Oct 27 22:14:53 UTC 2022 on sn-devel-184 commit 797b38f5f9cebeb6920fb78697e8c058a1554666 Author: Stefan Metzmacher Date: Thu Oct 27 14:31:42 2022 +0200 testprogs/blackbox: fix prinicple => principal in test_net_ads.sh Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit dd0984c71919e3119dc35f5b7e0bd6482456 Author: Stefan Metzmacher Date: Thu Oct 27 14:30:48 2022 +0200 testprogs/blackbox: let test_net_ads.sh consistently use the tmp WORKDIR Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 17779a68339162546d5a4125f092984034a2f943 Author: Stefan Metzmacher Date: Wed Oct 26 11:36:44 2022 +0200 s3:util: add 'net ads keytab delete' Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 3dd26cb4d0cf9742f3284a334b38ea3d0b6b653f Author: Stefan Metzmacher Date: Wed Oct 26 11:36:01 2022 +0200 s3:libads: add ads_keytab_delete_entry() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 956c6562ebaaec6f41d5b9e86af7ffe377ab00ab Author: Stefan Metzmacher Date: Wed Oct 26 11:03:34 2022 +0200 lib/krb5_wrap: add explicit keep_old_kvno/enctype_only args to smb_krb5_kt_seek_and_delete_old_entries() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 3881a440eefa1e0a3a4be2f0e9ae9c2ecd65b267 Author: Stefan Metzmacher Date: Wed Oct 26 11:02:21 2022 +0200 s3:libads: ads_keytab_flush() doesn't need a valid kvno Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 173b6f6e60a3d0ea3298f31ca7f37104d10f47bb Author: Stefan Metzmacher Date: Wed Oct 26 10:51:09 2022 +0200 lib/krb5_wrap: document the enctype argument of smb_krb5_kt_seek_and_delete_old_entries() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 7958e18b8abada5fa33d2f189166d524fb332050 Author: Stefan Metzmacher Date: Wed Oct 26 10:34:47 2022 +0200 lib/krb5_wrap: remove unused keep_old_entries argument from smb_krb5_kt_seek_and_delete_old_entries() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit b7ea69bdff3b58e3a0a15de26cd317d0e959df00 Author: Stefan Metzmacher Date: Wed Oct 26 10:34:47 2022 +0200 lib/krb5_wrap: remove unused keep_old_entries argument from smb_krb5_kt_add_entry() Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison commit 39cf93c79ef17eac4196e1de6e825955f7fbc8d8 Author: Samuel Cabrero Date: Thu Oct 27 09:05:46 2022 +0200 bootstrap: Update to openSUSE 15.4 Signed-off-by: Samuel Cabrero Reviewed-by: Andrew Bartlett --- Summary of changes: .gitlab-ci-main.yml| 10 +- bootstrap/.gitlab-ci.yml | 2 +- bootstrap/config.py| 10 +- bootstrap/generated-dists/Vagrantfile | 10 +- .../{opensuse153 => opensuse154}/Dockerfile| 2 +- .../{opensuse153 => opensuse154}/bootstrap.sh | 4 +- .../{opensuse153 => opensuse154}/locale.sh | 0 .../{opensuse153 => opensuse154}/packages.yml | 4 +- bootstrap/sha1sum.txt | 2 +- lib/krb5_wrap/krb5_samba.c
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6f1a9ef2072 lib:replace: Require bool from C99 via ae86c620aad lib:replace: Fix trailing whitespace in wscript via 3de61dc6773 wafsamba: Add -Werror=implicit-int via 0e8949bde01 wafsamba: Add -Werror=old-style-definition via b787692b5e9 s3:utils: Fix old-style function definition via 81f4335dfb8 s3:client: Fix old-style function definition via 80dc3bc2b80 s3:param: Fix old-style function definition via 7e29e70fd98 pylibsmb: Simplify py_cli_create_returns() via 6d552b1e3e0 pylibsmb: Simplify py_cli_create_contexts() via fa7ad454860 smbd: Apply some const to a variable that's never changed via 9d4ac46ea80 tests: Use samba.tests.libsmb.LibsmbTests in smb3unix.py via ab2c3859d62 tests: Use samba.tests.libsmb.LibsmbTests in libsmb-basic.py via 6be2d465704 tests: Factor out libsmb environment setup via 4638eebae8a tests: Rename python/samba/tests/libsmb.py via 51e65fa9cb4 lib: Whitespace fixes via 6d334fe2d40 ntvfs: Remove orphans from 2006 via 15f958d76e4 rpc_server: Remove an unneeded #include via 23ba1dabf5d lib: Avoid an #include includes.h via eaf38a445dc lib: Avoid an #include includes.h via 167bc2cfc5d librpc: Avoid an else via 8971f2ae0f6 librpc: Align integer types via b0d321f8332 librpc: Fix a typo via e287dfe9ed5 librpc: Add a pair of {} via 53d1b188e8b pyrpc4: Simplify py_ndr_syntax_id() with GUID_buf_string() via a91ff509fd0 lib: Avoid an includes.h via 12a556bded1 lib: Remove two unused macros via 653bcbc1f48 gensec: Align an integer type via f3eeb922c41 torture3: Fix an error message via 6404c3f64be smbd: Cut long lines via 801731b60fd smbd: Remove "link_depth" parameter from non_widelink_open() via 80856941bff smbd: Remove a comment left by copy via 8b55dabf553 winbind: Add smbconf fallback for gpupdate_callback via ea1f53fc8be winbind: Fix user gpupdate called with NULL smb.conf from 0a66c739532 s3-lib: restore truncating behavior of push_ascii_nstring() https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6f1a9ef2072621a22cd0f38c89afc5c7598682e3 Author: Andreas Schneider Date: Thu Oct 27 08:32:20 2022 +0200 lib:replace: Require bool from C99 https://fedoraproject.org/wiki/Changes/PortingToModernC We define True to true from stdbool.h and the same for false. So we don't have to do a cleanup now. Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Oct 27 19:11:30 UTC 2022 on sn-devel-184 commit ae86c620aadea19e47e3f7967b4770d496d4bc02 Author: Andreas Schneider Date: Thu Oct 27 10:45:40 2022 +0200 lib:replace: Fix trailing whitespace in wscript Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 3de61dc6773c67f44477f889deadf92656f3379e Author: Andreas Schneider Date: Thu Oct 27 08:27:13 2022 +0200 wafsamba: Add -Werror=implicit-int https://fedoraproject.org/wiki/Changes/PortingToModernC Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 0e8949bde01b5007612c1c0a17e10d2c5bbb1846 Author: Andreas Schneider Date: Thu Oct 27 08:43:39 2022 +0200 wafsamba: Add -Werror=old-style-definition See https://fedoraproject.org/wiki/Changes/PortingToModernC Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit b787692b5e915031d4653bf375995320ed1aca07 Author: Andreas Schneider Date: Thu Oct 27 08:47:32 2022 +0200 s3:utils: Fix old-style function definition Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 81f4335dfb847c041bfd3d6110fc8f1d5741d41f Author: Andreas Schneider Date: Thu Oct 27 08:46:39 2022 +0200 s3:client: Fix old-style function definition Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 80dc3bc2b80634ab7c6c71fa1f9b94f0216322b2 Author: Andreas Schneider Date: Thu Oct 27 08:44:58 2022 +0200 s3:param: Fix old-style function definition Signed-off-by: Andreas Schneider Reviewed-by: Jeremy Allison commit 7e29e70fd98c11f988d2941df0f999710cd2e700 Author: Volker Lendecke Date: Wed Oct 26 14:19:43 2022 +0200 pylibsmb: Simplify py_cli_create_returns() Py_BuildValue() can create dictionaries. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 6d552b1e3e00e5aee0a006df439668175a694ffc Author: Volker Lendecke Date: Thu Oct 20 16:46:18 2022 +0200 pylibsmb: Simplify py_cli_create_contexts() Py_BuildValue() can create tuples. Signed-off-by: Volker Lendecke Reviewed-
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 284afec29ff winbind: Enforce user group policy when enabled via 211a6a63cc6 winbind: Fix potential memory leak in winbind gpupdate from 37831c9e507 docs-xml: Fix outdated comment in documentation https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 284afec29ff5a97612aa5950e08ac8104997a596 Author: David Mulder Date: Fri Oct 14 09:00:45 2022 -0600 winbind: Enforce user group policy when enabled This only enforces user group policy at logon. We should also enforce this policy every 90 to 120 minutes, but a logoff will need to cancel the timer and we cannot have multiple timers if there are multiple sessions for the same user. Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Oct 21 18:48:18 UTC 2022 on sn-devel-184 commit 211a6a63cc62b2569958f18c3b11de8ac9fc97c8 Author: David Mulder Date: Fri Oct 21 11:01:41 2022 -0600 winbind: Fix potential memory leak in winbind gpupdate Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- Summary of changes: source3/winbindd/winbindd_gpupdate.c | 61 source3/winbindd/winbindd_pam.c | 4 +++ source3/winbindd/winbindd_proto.h| 1 + 3 files changed, 66 insertions(+) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_gpupdate.c b/source3/winbindd/winbindd_gpupdate.c index 1032251d401..475569ee9b4 100644 --- a/source3/winbindd/winbindd_gpupdate.c +++ b/source3/winbindd/winbindd_gpupdate.c @@ -44,6 +44,8 @@ struct gpupdate_state { struct loadparm_context *lp_ctx; }; +static void gpupdate_cmd_done(struct tevent_req *subreq); + static void gpupdate_callback(struct tevent_context *ev, struct tevent_timer *tim, struct timeval current_time, @@ -71,6 +73,8 @@ static void gpupdate_callback(struct tevent_context *ev, return; } + tevent_req_set_callback(req, gpupdate_cmd_done, NULL); + /* Schedule the next event */ schedule = tevent_timeval_current_ofs(gpupdate_interval(), 0); time_event = tevent_add_timer(ev, data->ctx, schedule, @@ -115,3 +119,60 @@ void gpupdate_init(void) } } +void gpupdate_user_init(const char *user) +{ + struct tevent_req *req = NULL; + TALLOC_CTX *ctx = talloc_new(global_event_context()); + struct loadparm_context *lp_ctx = + loadparm_init_s3(NULL, loadparm_s3_helpers()); + const char *const *gpupdate_cmd = lpcfg_gpo_update_command(lp_ctx); + const char *smbconf = lpcfg_configfile(lp_ctx); + + if (ctx == NULL) { + DBG_ERR("talloc_new failed\n"); + return; + } + + /* +* Check if gpupdate is enabled for winbind, if not +* return without applying user policy. +*/ + if (!lpcfg_apply_group_policies(lp_ctx)) { + return; + } + + /* +* Execute gpupdate for the user immediately. +* TODO: This should be scheduled to reapply every 90 to 120 minutes. +* Logoff will need to handle cancelling these events though, and +* multiple timers cannot be run for the same user, even if there are +* multiple active sessions. +*/ + req = samba_runcmd_send(ctx, global_event_context(), + timeval_zero(), 2, 0, + gpupdate_cmd, + "-s", + smbconf, + "--target=User", + "-U", + user, + NULL); + if (req == NULL) { + DBG_ERR("Failed to execute the gpupdate command\n"); + return; + } + + tevent_req_set_callback(req, gpupdate_cmd_done, NULL); +} + +static void gpupdate_cmd_done(struct tevent_req *subreq) +{ + int sys_errno; + int ret; + + ret = samba_runcmd_recv(subreq, _errno); + TALLOC_FREE(subreq); + if (ret != 0) { + DBG_ERR("gpupdate failed with exit status %d\n", sys_errno); + } +} diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 9805d90fef0..f306bdad0f8 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -2580,6 +2580,10 @@ done: local, result); + if (NT_STATUS_IS_OK(result)) { + gpupdate_user_init(r->in.info->username); + } + return result; } diff --git a/source3/winbindd/wi
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via fd0c01da1c7 s3: libsmbclient: Fix smbc_stat() to return ENOENT on a non-existent file. via 9eda432836b s4: torture: libsmbclient: Add a torture test to ensure smbc_stat() returns ENOENT on a non-existent file. from 0326549a052 s3/utils: check result of talloc_strdup https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit fd0c01da1c744ae6fd9d8675616d8b6d3531e469 Author: Jeremy Allison Date: Mon Oct 17 13:24:27 2022 -0700 s3: libsmbclient: Fix smbc_stat() to return ENOENT on a non-existent file. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15195 Signed-off-by: Jeremy Allison Reviewed-by: Pavel Filipenský Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Wed Oct 19 00:13:56 UTC 2022 on sn-devel-184 commit 9eda432836bfff3d3d4a365a08a5ecb54f0f2e34 Author: Jeremy Allison Date: Mon Oct 17 13:14:41 2022 -0700 s4: torture: libsmbclient: Add a torture test to ensure smbc_stat() returns ENOENT on a non-existent file. Add knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15195 Signed-off-by: Jeremy Allison Reviewed-by: Pavel Filipenský --- Summary of changes: source3/libsmb/libsmb_file.c| 34 source4/torture/libsmbclient/libsmbclient.c | 63 + 2 files changed, 89 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/libsmb_file.c b/source3/libsmb/libsmb_file.c index fa301b9fa18..98750754036 100644 --- a/source3/libsmb/libsmb_file.c +++ b/source3/libsmb/libsmb_file.c @@ -464,6 +464,7 @@ SMBC_getatr(SMBCCTX * context, struct timespec access_time_ts = {0}; struct timespec write_time_ts = {0}; struct timespec change_time_ts = {0}; + struct timespec w_time_ts = {0}; time_t write_time = 0; SMB_INO_T ino = 0; struct cli_credentials *creds = NULL; @@ -506,6 +507,7 @@ SMBC_getatr(SMBCCTX * context, } if (!srv->no_pathinfo2) { + bool not_supported_error = false; status = cli_qpathinfo2(targetcli, targetpath, _time_ts, @@ -518,11 +520,21 @@ SMBC_getatr(SMBCCTX * context, if (NT_STATUS_IS_OK(status)) { goto setup_stat; } + if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL) || + NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { + not_supported_error = true; + } + if (!not_supported_error) { + /* "Normal error". Just return it to caller. */ + TALLOC_FREE(frame); + return status; + } } srv->no_pathinfo2 = True; if (!srv->no_pathinfo3) { + bool not_supported_error = false; status = cli_qpathinfo3(targetcli, targetpath, _time_ts, @@ -535,6 +547,15 @@ SMBC_getatr(SMBCCTX * context, if (NT_STATUS_IS_OK(status)) { goto setup_stat; } + if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL) || + NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { + not_supported_error = true; + } + if (!not_supported_error) { + /* "Normal error". Just return it to caller. */ + TALLOC_FREE(frame); + return status; + } } srv->no_pathinfo3 = True; @@ -545,14 +566,11 @@ SMBC_getatr(SMBCCTX * context, } status = cli_getatr(targetcli, targetpath, , , _time); - if (NT_STATUS_IS_OK(status)) { - struct timespec w_time_ts = - convert_time_t_to_timespec(write_time); - - access_time_ts = change_time_ts = write_time_ts = w_time_ts; - - goto setup_stat; + if (!NT_STATUS_IS_OK(status)) { + goto all_failed; } + w_time_ts = convert_time_t_to_timespec(write_time); + access_time_ts = change_time_ts = write_time_ts = w_time_ts; setup_stat: setup_stat(sb, @@ -573,7 +591,7 @@ all_failed: srv->no_pathinfo3 = False; TALLOC_FREE(frame); - return NT_STATUS_ACCESS_DENIED; + return status; } /* diff --git a/source4/torture/libsmbclient/libsmbclient.c b/source4/torture/libsmbclient/libsmbclient.c index 82f64c38b69..d335cad3a4e 100644 --- a/source4/torture/libsmb
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0326549a052 s3/utils: check result of talloc_strdup via 972127daddc s3/utils: Check return of talloc_strdup via 19eb88bc53e s3/param: Check return of talloc_strdup from 6dcf8d76ccc vfs-docs: Fix the list of full_audit operations https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0326549a052c22e4929e3760fd5011c35e32fe33 Author: Noel Power Date: Mon Oct 17 10:27:31 2022 +0100 s3/utils: check result of talloc_strdup follow to commit 4b15d8c2a5c8547b84e7926fed9890b5676b8bc3 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Oct 17 19:49:37 UTC 2022 on sn-devel-184 commit 972127daddc7a32d23fb84d97102557035b06f5b Author: Noel Power Date: Mon Oct 17 10:25:00 2022 +0100 s3/utils: Check return of talloc_strdup followup to e82699fcca3716d9ed0450263fd83f948de8ffbe BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison commit 19eb88bc53e481327bbd437b0c145d5765c6dcec Author: Noel Power Date: Mon Oct 17 10:17:34 2022 +0100 s3/param: Check return of talloc_strdup followup to commit ff003fc87b8164610dfd6572347c05308c4b2fd7 BUG: https://bugzilla.samba.org/show_bug.cgi?id=15205 Signed-off-by: Noel Power Reviewed-by: Jeremy Allison --- Summary of changes: source3/param/test_lp_load.c | 5 + source3/utils/pdbedit.c | 12 ++-- source3/utils/testparm.c | 5 + 3 files changed, 20 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/param/test_lp_load.c b/source3/param/test_lp_load.c index 03be4118efd..9f3d5516805 100644 --- a/source3/param/test_lp_load.c +++ b/source3/param/test_lp_load.c @@ -83,6 +83,11 @@ int main(int argc, const char **argv) if (poptPeekArg(pc)) { config_file = talloc_strdup(frame, poptGetArg(pc)); + if (config_file == NULL) { + DBG_ERR("out of memory\n"); + TALLOC_FREE(frame); + exit(1); + } } else { config_file = get_dyn_CONFIGFILE(); } diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index eb4f3072df8..ede467108bb 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -1149,8 +1149,16 @@ int main(int argc, const char **argv) poptGetArg(pc); /* Drop argv[0], the program name */ - if (user_name == NULL) - user_name = talloc_strdup(frame, poptGetArg(pc)); + if (user_name == NULL) { + if (poptPeekArg(pc)) { + user_name = talloc_strdup(frame, poptGetArg(pc)); + if (user_name == NULL) { + fprintf(stderr, "out of memory\n"); + TALLOC_FREE(frame); + exit(1); + } + } + } setparms = (backend ? BIT_BACKEND : 0) + (verbose ? BIT_VERBOSE : 0) + diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index c751c06dcc9..e0455b9d7b6 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -844,6 +844,11 @@ static void do_per_share_checks(int s) if (poptPeekArg(pc)) { config_file = talloc_strdup(frame, poptGetArg(pc)); +if (config_file == NULL) { +DBG_ERR("out of memory\n"); +TALLOC_FREE(frame); +exit(1); +} } else { config_file = get_dyn_CONFIGFILE(); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6dcf8d76ccc vfs-docs: Fix the list of full_audit operations via fbcaecab3c7 full_audit: whitespace fixes via 0671d91ac8b s3: VFS: vfs_full_audit. Remove SMB_VFS_OP_FSYNC, it no longer exists in sync form. from 7e0e3f47cd6 s4/lib/registry: Fix use after free with popt 1.19 https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6dcf8d76ccce310515ffa693fa5a2120d8b5b206 Author: Volker Lendecke Date: Fri Oct 7 09:52:19 2022 +0200 vfs-docs: Fix the list of full_audit operations I got this list with modified source3/modules/test_vfs_full_audit.c @@ -34,6 +34,7 @@ static void test_full_audit_array(void **state) for (i=0; i Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Oct 14 17:58:56 UTC 2022 on sn-devel-184 commit fbcaecab3c748feb9015b26545098117f792389f Author: Volker Lendecke Date: Fri Oct 7 09:31:14 2022 +0200 full_audit: whitespace fixes Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 0671d91ac8b1627c9f2ce4c6e014c2d5a22c8f06 Author: Jeremy Allison Date: Fri Oct 7 17:39:39 2022 -0700 s3: VFS: vfs_full_audit. Remove SMB_VFS_OP_FSYNC, it no longer exists in sync form. Signed-off-by: Jeremy Allison Reviewed-by: Volker Lendecke --- Summary of changes: docs-xml/manpages/vfs_full_audit.8.xml | 218 - source3/modules/vfs_full_audit.c | 30 +++-- 2 files changed, 122 insertions(+), 126 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_full_audit.8.xml b/docs-xml/manpages/vfs_full_audit.8.xml index dcd71fa9b64..401ac5a0d8f 100644 --- a/docs-xml/manpages/vfs_full_audit.8.xml +++ b/docs-xml/manpages/vfs_full_audit.8.xml @@ -38,116 +38,114 @@ complete set of Samba VFS operations: -aio_force -audit_file -brl_lock_windows -brl_unlock_windows -chdir -chflags -chmod -close -closedir -connect -connectpath -create_dfs_pathat -create_file -disconnect -disk_free -durable_cookie -durable_disconnect -durable_reconnect -fallocate -fchmod -fchown -fdopendir -fget_compression -fget_dos_attributes -fget_nt_acl_at -fgetxattr -file_id_create -flistxattr -fremovexattr -fs_capabilities -fsctl -fset_dos_attributes -fset_nt_acl -fsetxattr -fs_file_id -fstat -fsync -fsync_recv -fsync_send -ftruncate -get_alloc_size -get_dfs_referrals -get_dos_attributes -get_dos_attributes_recv -get_dos_attributes_send -getlock -get_nt_acl -get_quota -get_real_filename -get_shadow_copy_data -getwd -getxattr -getxattrat_recv -getxattrat_send -is_offline -filesystem_sharemode -lchown -linkat -linux_setlease -listxattr -lock -lseek -lstat -mkdirat -mknodat -ntimes -offload_read_recv -offload_read_send -offload_write_recv -offload_write_send -open -pread -pread_recv -pread_send -pwrite -pwrite_recv -pwrite_send -read -readdir -readdir_attr -readlinkat -realpath -recvfile -removexattr -renameat -rewinddir -seekdir -sendfile -set_compression -set_dos_attributes -set_offline -set_quota -setxattr -snap_check_path -snap_create -snap_delete -stat -statvfs -streaminfo -strict_lock_check -symlinkat -sys_acl_blob_get_fd -sys_acl_blob_get_file -sys_acl_get_fd -sys_acl_get_file -sys_acl_set_fd -telldir -translate_name -unlinkat -write + aio_force + audit_file + brl_lock_windows + brl_unlock_windows + chdir + close + closedir + connect + connectpath + create_dfs_pathat + create_file + disconnect + disk_free + durable_cookie + durable_disconnect + durable_reconnect + fallocate + fchflags + fchmod + fchown + fcntl + fdopendir + fget_compression + fget_dos_attributes + fget_nt_acl + fgetxattr + file_id_create + filesystem_sharemode + flistxattr
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 0bf8d136769 docs-xml: some fixes to acl parameter documentation via a7fba3ff599 vfs_fruit: add missing calls to tevent_req_received() via 35c637f2e6c s3: VFS: fruit. Implement fsync_send()/fsync_recv(). via 1b8a8732848 s4: smbtorture: Add fsync_resource_fork test to fruit tests. from 688be0177b0 ctdb: Fix a use-after-free in run_proc https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 0bf8d136769fd00f0de003c71e3551f936c5198e Author: Björn Jacke Date: Sun Sep 25 15:56:56 2022 +0200 docs-xml: some fixes to acl parameter documentation Signed-off-by: Bjoern Jacke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Oct 6 23:04:51 UTC 2022 on sn-devel-184 commit a7fba3ff5996330158d3cc6bc24746a59492b690 Author: Ralph Boehme Date: Thu Oct 6 14:31:08 2022 +0200 vfs_fruit: add missing calls to tevent_req_received() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182 Signed-off-by: Ralph Boehme Reviewed-by: Ralph Böhme commit 35c637f2e6c671acf8fb9c2a67774bd5e74dd7d0 Author: Jeremy Allison Date: Tue Sep 20 13:25:22 2022 -0700 s3: VFS: fruit. Implement fsync_send()/fsync_recv(). For type == ADOUBLE_META, fio->fake_fd is true so writes are already synchronous, just call tevent_req_post(). For type == ADOUBLE_RSRC we know we are configured with FRUIT_RSRC_ADFILE (because fruit_must_handle_aio_stream() returned true), so we can just call SMB_VFS_NEXT_FSYNC_SEND() after replacing fsp with fio->ad_fsp. Remove knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Böhme commit 1b8a8732848169c632af12b7c2b4cd3ee73be244 Author: Jeremy Allison Date: Tue Sep 20 12:08:29 2022 -0700 s4: smbtorture: Add fsync_resource_fork test to fruit tests. This shows we currently hang when sending an SMB2_OP_FLUSH on an AFP_Resource fork. Adds knownfail. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15182 Signed-off-by: Jeremy Allison Reviewed-by: Ralph Böhme --- Summary of changes: docs-xml/manpages/vfs_acl_xattr.8.xml | 27 -- docs-xml/smbdotconf/filename/mapreadonly.xml | 2 +- docs-xml/smbdotconf/protocol/ntaclsupport.xml | 2 +- source3/modules/vfs_fruit.c | 114 +- source4/torture/vfs/fruit.c | 80 ++ 5 files changed, 215 insertions(+), 10 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/vfs_acl_xattr.8.xml b/docs-xml/manpages/vfs_acl_xattr.8.xml index 5a26359fa26..bb72f3facc6 100644 --- a/docs-xml/manpages/vfs_acl_xattr.8.xml +++ b/docs-xml/manpages/vfs_acl_xattr.8.xml @@ -29,16 +29,31 @@ samba 7 suite. + This module is made for systems which do not support + standardized NFS4 ACLs but only a deprecated POSIX ACL + draft implementation. This is usually the case on Linux systems. + Systems that do support just use NFSv4 ACLs directly instead + of this module. Such support is usually provided by the filesystem + VFS module specific to the underlying filesystem that supports + NFS4 ACLs + + The vfs_acl_xattr VFS module stores NTFS Access Control Lists (ACLs) in Extended Attributes (EAs). This enables the full mapping of Windows ACLs on Samba - servers. + servers even if the ACL implementation is not capable of + doing so. - The ACLs are stored in the Extended Attribute - security.NTACL of a file or directory. - This Attribute is not listed by - getfattr -d filename. + The NT ACLs are stored in the + security.NTACL extended attribute of files and + directories in a form containing the Windows SID representing the users + and groups in the ACL. + This is different from the uid and gids stored in local filesystem ACLs + and the mapping from users and groups to Windows SIDs must be + consistent in order to maintain the meaning of the stored NT ACL + That extended attribute is not listed by the Linux + command getfattr -d filename. To show the current value, the name of the EA must be specified (e.g. getfattr -n security.NTACL filename ). @@ -85,7 +100,7 @@ When set to yes, a best effort mapping - from/to the POSIX ACL layer will not be + from/to the POSIX draft ACL layer will not be done by this module. The default is no, which means that Samba keeps s
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via a91fa70ad56 tevent: Fix flag clearing via 3804161dca1 libsmb: Fix the smbclient readlink command via f471b2c70ed libsmb: Remove unused cli_smb2_set_reparse_point_fnum_send/recv via 3d2d066c13a libsmb: Convert cli_symlink to cli_fsctl via 091ce9c50d6 libsmb: Remove unused cli_smb2_get_reparse_point_fnum_send/recv via aaacbd0f2a9 libsmb: Convert cli_readlink() to cli_fsctl_send/recv via dccc060bc9c libsmb: Add cli_fsctl_send/recv via 50b13868d4f libsmb: Add cli_smb2_fsctl_send/recv via 4388ba47ea2 libsmb: Centralize the SMB2 protocol check via 36bd73e836f smbXcli: Align smb2cli_req_create() with tevent_req conventions via 25bb94e00e2 python: whitespace fixes via 4b3bfbaf0f2 torture3: Align integer types via d257c760a53 vfs: Fix a typo from 318da783e9d s3: smbtorture3: Add new SMB2-DFS-SHARE-NON-DFS-PATH test. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit a91fa70ad568bbca34dc9d09e098686b8482d0ed Author: Joseph Sutton Date: Fri Apr 29 12:20:06 2022 +1200 tevent: Fix flag clearing We presumably meant to clear this bit, rather than clearing all bits other than it. Signed-off-by: Joseph Sutton Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Oct 3 21:05:31 UTC 2022 on sn-devel-184 commit 3804161dca1d23ab44b2c22bdf199bf640fd6cb5 Author: Volker Lendecke Date: Thu Sep 29 15:41:30 2022 +0200 libsmb: Fix the smbclient readlink command We use cli_smb2_qpathinfo_basic() for cli_resolve_path() before calling cli_readlink(). This fails as it never tries with FILE_OPEN_REPARSE_POINT, so we never get to the point where we actually can issue the FSCTL_GET_REPARSE_POINT. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit f471b2c70ed67507a7a6abe70321089617565426 Author: Volker Lendecke Date: Thu Sep 29 12:49:10 2022 +0200 libsmb: Remove unused cli_smb2_set_reparse_point_fnum_send/recv Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 3d2d066c13a5fda4aea4089d3dc78b4828717494 Author: Volker Lendecke Date: Thu Sep 29 12:47:45 2022 +0200 libsmb: Convert cli_symlink to cli_fsctl Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 091ce9c50d6951cfe6bfdbd3cb6461a373ae56dd Author: Volker Lendecke Date: Thu Sep 29 12:41:54 2022 +0200 libsmb: Remove unused cli_smb2_get_reparse_point_fnum_send/recv Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit aaacbd0f2a95245863fa90bcd0fdbed68f590c7a Author: Volker Lendecke Date: Thu Sep 29 12:40:45 2022 +0200 libsmb: Convert cli_readlink() to cli_fsctl_send/recv Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit dccc060bc9caba6f3be1a65e213e322ccdfefd94 Author: Volker Lendecke Date: Thu Sep 29 12:22:10 2022 +0200 libsmb: Add cli_fsctl_send/recv Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 50b13868d4fce15cd2348ac9dea1bca3f049e4ad Author: Volker Lendecke Date: Thu Sep 29 12:21:53 2022 +0200 libsmb: Add cli_smb2_fsctl_send/recv Slightly refactor the symlink operations later based on this Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4388ba47ea25213d364402da7ddcd032845d2ad3 Author: Volker Lendecke Date: Thu Sep 29 11:08:12 2022 +0200 libsmb: Centralize the SMB2 protocol check Instead of checking protocol correctness in every highlevel routine, we should rely on the lowerlevel one in smbXcli_base.c to give the INVALID_PARAMETER error return when running on SMB1 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 36bd73e836f733068bdc9bb5df704f825fac7d2e Author: Volker Lendecke Date: Thu Sep 29 11:00:41 2022 +0200 smbXcli: Align smb2cli_req_create() with tevent_req conventions We don't return NULL if tevent_req_create() succeeded, and elsewhere in this function we already pass tevent_req_nterror or tevent_req_nomem (via set_endtime). Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 25bb94e00e2b82b8637814399241c382212bc180 Author: Volker Lendecke Date: Tue Sep 20 16:21:44 2022 +0200 python: whitespace fixes Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 4b3bfbaf0f2179bc6a8172dbec62128c0db74dbc Author: Volker Lendecke Date: Thu Sep 29 10:45:19 2022 +0200 torture3: Align integer types Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d257c760a53246857afa223b528a8066a00c8940 Author: Volker Lendecke Date: Thu Sep 22 10:46:56 2022 +0200 vfs: Fix a typo