Günther Deschner [Thu, 16 Nov 2023 20:05:12 +0000 (21:05 +0100)]
s4-winreg: fix _winreg_EnumValue behavior
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Wed, 15 Nov 2023 16:13:20 +0000 (17:13 +0100)]
s3-winreg: fix _winreg_EnumValue behavior
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Wed, 15 Nov 2023 16:36:46 +0000 (17:36 +0100)]
s4-torture: add test to check for Windows behavior of EnumValue call
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Günther Deschner [Wed, 15 Nov 2023 18:07:32 +0000 (19:07 +0100)]
s4-torture: add torture_assert_werr_equal_goto and torture_assert_werr_ok_goto macros
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 22:20:22 +0000 (11:20 +1300)]
s4:librpc: Add functions converting between bytes and UTF‐16 strings
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 16 06:23:35 UTC 2023 on atb-devel-224
Joseph Sutton [Wed, 8 Nov 2023 08:09:14 +0000 (21:09 +1300)]
s4:librpc: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 04:07:02 +0000 (17:07 +1300)]
tests/krb5: Allow creating Group Managed Service Accounts
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 23:10:36 +0000 (12:10 +1300)]
pidl: Don’t overwrite exception set by PyUnicode_AsEncodedString()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 9 Nov 2023 01:08:19 +0000 (14:08 +1300)]
pidl: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 02:07:53 +0000 (15:07 +1300)]
librpc:ndr: Fix comment
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:15:36 +0000 (10:15 +1300)]
librpc:ndr: Don’t duplicate strings needlessly
If the source string doesn’t need to be converted, there’s no reason for
it to be talloc‐allocated.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 16 Nov 2023 01:50:58 +0000 (14:50 +1300)]
librpc:ndr: Move call to convert_string_talloc() on to its own line
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:22:26 +0000 (10:22 +1300)]
librpc:ndr: Introduce common out path in ndr_push_string()
This ensures that ‘dest’ gets freed on failure.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 04:04:34 +0000 (17:04 +1300)]
librpc:ndr: Fix error message
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 21:43:12 +0000 (10:43 +1300)]
librpc:ndr: Fix code formatting
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 22:10:28 +0000 (11:10 +1300)]
util/charset: Add talloc_utf16_str[n]dup()
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 15 Nov 2023 02:26:56 +0000 (15:26 +1300)]
util/charset: Include missing headers
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Sun, 12 Nov 2023 23:21:20 +0000 (12:21 +1300)]
util/charset: Remove unnecessary cast
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andrew Bartlett [Thu, 16 Nov 2023 01:10:45 +0000 (14:10 +1300)]
s4-scripting: Remove repl_cleartext_pwd.py
This script was the precursor to newer samba-tool commands and no longer
works. The previous commits record some of the work to have it operate in the
modern era, but keeping this around is more trouble than it is worth.
Use these commands instead:
samba-tool drs clone-dc-database --include-secrets
samba-tool user getpassword administrator --attributes=virtualClearTextUTF8
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 16 02:46:57 UTC 2023 on atb-devel-224
Andrew Bartlett [Thu, 30 Mar 2023 01:29:22 +0000 (01:29 +0000)]
s4-scripting/devel: Fix str() vs bytes() issue in repl_cleartext_pwd.py
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Andrew Bartlett [Thu, 30 Mar 2023 01:22:24 +0000 (14:22 +1300)]
s4-scripting/devel: Fix repl_cleartext_pwd to use built-in RC4
This allows the usage test to pass on our CI hosts without
python-crypto and not uxsuccess on hosts with it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Noel Power [Wed, 15 Nov 2023 13:07:26 +0000 (13:07 +0000)]
s3/utils: Use sddl_decode_err_msg instead of sddl_decode
Use sddl_decode_err_msg instead of sddl_decode for possible better
error reporting.
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Wed, 15 Nov 2023 12:55:36 +0000 (12:55 +0000)]
s3/utils: Detect (and report) failure to parse sddl
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Noel Power [Wed, 15 Nov 2023 11:29:46 +0000 (11:29 +0000)]
libcli/security: Debug only when we failed to decode
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 23:45:35 +0000 (12:45 +1300)]
python:tests: Ensure we clean up callbacks in pymessaging tests
Not calling ‘deregister()’ results in memory getting leaked.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 15 23:11:13 UTC 2023 on atb-devel-224
Joseph Sutton [Mon, 13 Nov 2023 23:34:01 +0000 (12:34 +1300)]
python:tests: Fix crashing pymessaging tests
Commit
8c75d9fc73614fad29a998d08c4b11034ab2aebb changed
Messaging.deregister() to take a two‐element tuple containing private
data as well as a callback, but it did not change the call in
samba.tests.messaging.MessagingTests.test_register to match.
Since imessaging_deregister() completely ignored the ‘private_data’
parameter passed to it (assuming the callback was registered with
msg_type == -1), everything still appeared to work — until commit
b22c21799527323877b330c16c23057582721abb changed Messaging.deregister()
to no longer leak memory. Now the wrong variable had its reference count
decremented, causing the test to crash.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:46:17 +0000 (12:46 +1300)]
util/charset: Prefer PULL_LE_U16() to older SVAL() macro
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 23:31:07 +0000 (12:31 +1300)]
util/charset/tests: Add tests for UTF‐16 string length functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 00:07:19 +0000 (13:07 +1300)]
s4:torture: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:43:07 +0000 (12:43 +1300)]
util/charset: Add utf16_len_n()
This function returns the length in bytes — at most ‘n’ — of a UTF‐16
string excluding the null terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 14 Nov 2023 01:38:48 +0000 (14:38 +1300)]
util/charset: Include final UTF‐16 code unit in length calculation loop
Change ‘<’ to ‘<=’ so that we check the final UTF‐16 code unit in our
search for the null terminator. This makes no difference to the result:
if we’ve reached the final code unit without finding a terminator, the
final code unit will be included in the length whether it is a null
terminator or not.
Why make this change? We’re about to factor out this loop into a new
function, utf16_len_n(), where including the final code unit *will*
matter.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:39:02 +0000 (12:39 +1300)]
util/charset: Add utf16_len()
This function returns the length in bytes of a UTF‐16 string excluding
the null terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:36:21 +0000 (12:36 +1300)]
util/charset: Rename utf16_len() to utf16_null_terminated_len()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:33:43 +0000 (12:33 +1300)]
util/charset: Rename utf16_len_n() to utf16_null_terminated_len_n()
The new name indicates that — contrary to functions such as strnlen() —
the length may include the terminator.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:33:16 +0000 (12:33 +1300)]
s4:smb_server: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:32:20 +0000 (12:32 +1300)]
s4:libcli: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 23:31:22 +0000 (12:31 +1300)]
util/charset: Remove trailing whitespace
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 04:09:04 +0000 (17:09 +1300)]
librpc:ndr: Convert NDR flags types to enumerations
Using an enumeration rather than ‘uint32_t’ or ‘uint64_t’ means that
debuggers such as gdb can now associate the flag constants with their
respective types. This means that if you have an instance of these flags
types, the debugger will show you the individual flags that make up the
value rather than an inscrutable integer value.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Mon, 13 Nov 2023 00:48:22 +0000 (13:48 +1300)]
librpc:ndr: Fix comment
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:59:52 +0000 (14:59 +1200)]
libndr:ndr: Allow only one string encoding flag
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:44:40 +0000 (14:44 +1200)]
librpc:ndr: Prohibit STR_NULLTERM|STR_NOTERM flags combination
ndr_pull_string() prohibited this, but ndr_push_string() always masked
STR_NOTERM out. Now the set of allowed flags should be consistent
between the two functions.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 8 Nov 2023 03:18:54 +0000 (16:18 +1300)]
librpc:ndr: Check return values of talloc functions
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Thu, 13 Jul 2023 02:37:27 +0000 (14:37 +1200)]
librpc:ndr: Fix error messages
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 23:11:24 +0000 (12:11 +1300)]
libcli/security:sddl_decode message offset safety latch
the message offset is largely calculated using the differences
between pointers in many places scattered throughout the code.
If we got one of these wrong, we could easily have a SIZE_MAX-ish
offset, which would be unfortunate if we came decided to display
the offset using spaces.
We can sanely limit the offset to the length of the SDDL.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:44:56 +0000 (11:44 +1300)]
libcli/security/test_sddl_conditional_ace: add message tests
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:33:56 +0000 (11:33 +1300)]
libcli/security:sddl_parse: add some top level error messages
the way we parse things, we can't really distinguish between complete
nonsense and an ACL that seems to end early because of bad flags. That
is, "D:ZZ(A;;;;;WD)" looks the same as "ZZ" to the parser. But at least
we can point to the right place in the string.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:28:57 +0000 (11:28 +1300)]
libcl/security:sddl_decode_acl: expand a comment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:28:35 +0000 (11:28 +1300)]
libcli/security:sddl_decode_ace: fix ';' count message
The wrong number of semicolons is usually one less than count (which
counts sections separated by semicolons), except when count is zero.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 05:45:57 +0000 (18:45 +1300)]
libcl/security:sddl_decode_acl: add a message
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 05:45:19 +0000 (18:45 +1300)]
libcli/security:sddl_decode_ace: add more messages
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 23:51:36 +0000 (12:51 +1300)]
libcli/security: adjust log verbosity in sddl_decode
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 05:43:33 +0000 (18:43 +1300)]
libcli/security:sddl_decode_ace: turn DBG_WARNINGs into messages
This allows the messages to be more reliably presented by client tools
in a useful way.
The messages lose the trailing \n, and some were slightly tweaked (e.g.
s/Resource ACE/Resource Attribute ACE/).
They will still show up in logs for callers of sddl_decode(), but at
NOTICE level rather than WARNING.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 22:47:07 +0000 (11:47 +1300)]
pytest:samba-tool domain auth policy: expect error message detail
The knownfail will stay around for a few commits, because the message
we get is slightly wrong.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Douglas Bagnall [Thu, 9 Nov 2023 04:56:48 +0000 (17:56 +1300)]
libcli/security:sddl_decode_err_msg(): don't pretend msg is optional (CID1548624)
Having it optionally NULL just complicates the code, and Coverity
rightly complained.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:44:02 +0000 (12:44 -0700)]
vfs_zfsacl: Call stat CAP_DAC_OVERRIDE functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Wed Nov 15 19:55:07 UTC 2023 on atb-devel-224
Christof Schmitt [Thu, 9 Nov 2023 19:42:13 +0000 (12:42 -0700)]
vfs_aixacl2: Call stat DAC_CAP_OVERRIDE functions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:39:57 +0000 (12:39 -0700)]
nfs4_acls: Make fstat_with_cap_dac_override static
No other module is calling this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:38:46 +0000 (12:38 -0700)]
nfs4_acls: Make stat_with_cap_dac_override static
No other module is calling this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:37:25 +0000 (12:37 -0700)]
nfs4_acls: Make fstatat_with_cap_dac_override static
No other module is calling this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:35:21 +0000 (12:35 -0700)]
vfs_gpfs: Move vfs_gpfs_fstatat to nfs4_acls.c and rename function
All stat DAC_CAP_OVERRIDE code is being moved to nfs4_acls.c to allow
reuse. Move the vfs_gpfs_fstatat function and rename it to the more
generic name nfs4_acl_fstat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:30:27 +0000 (12:30 -0700)]
vfs_gpfs: Move vfs_gpfs_lstat to nfs4_acls.c and rename function
All stat CAP_DAC_OVERRIDE code is being moved to nf4_acls.c to allow
reuse. Move the vfs_gpfs_lstat function and rename to the more generic
name nfs4_acl_lstat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:27:58 +0000 (12:27 -0700)]
vfs_gpfs: Move vfs_gpfs_fstat to nfs4_acls.c and rename function
All stat DAC_CAP_OVERRIDE code is moving to nfs4_acls.c to allow reuse.
Move the vfs_gpfs_fstat function and rename to the more generic name
nfs4_acl_fstat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:23:49 +0000 (12:23 -0700)]
vfs_gpfs: Move vfs_gpfs_stat to nfs4_acls.c and rename function
All stat DAC_CAP_OVERRIDE code is moving to nfs4_acls.c to allow reuse
by other file system modules. Also rename the function to the more
generic name nfs4_acl_stat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:20:38 +0000 (12:20 -0700)]
vfs_gpfs: Move stat_with_capability to nfs4_acls.c and rename function
All stat CAP_DAC_OVERRIDE code is moving to nfs4_acls.c to allow reuse
by other filesystem modules. Also rename the function to the slightly
more precise name stat_with_cap_dac_overide.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:17:21 +0000 (12:17 -0700)]
vfs_gpfs: Move fstatat_with_cap_dac_override to nfs4_acls.c
All stat DAC_CAP_OVERRIDE code is being moved to nfs4_acls.c to allow
reuse by other filesystem modules.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Christof Schmitt [Thu, 9 Nov 2023 19:01:56 +0000 (12:01 -0700)]
nfs4_acls: Implement fstat with DAC_CAP_OVERRIDE
AT_EMTPY_PATH does not exist on AIX. Address this by implementing an
override for fstat. Implement the new override function in nfs4_acls.c
since all stat functions with DAC_CAP_OVERRIDE will be moved there to
allow reuse by other filesystems.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Björn Jacke <bjacke@samba.org>
Anoop C S [Mon, 13 Nov 2023 06:58:19 +0000 (12:28 +0530)]
docs-xml: Fix a usage for case sensitive parameter
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 15 18:52:16 UTC 2023 on atb-devel-224
Anoop C S [Mon, 13 Nov 2023 07:17:17 +0000 (12:47 +0530)]
vfs_ceph: Replace libceph with libcephfs in comments
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Anoop C S [Mon, 13 Nov 2023 07:13:59 +0000 (12:43 +0530)]
vfs_ceph: Fix the comment quoting module usage
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Anoop C S [Sat, 11 Nov 2023 05:43:15 +0000 (11:13 +0530)]
vfs_ceph: Fix a comment in cephwrap_fchmod()
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Anoop C S [Sat, 11 Nov 2023 05:37:28 +0000 (11:07 +0530)]
vfs_ceph: Add path based fallback mechanism for SMB_VFS_CHOWN
Fallback mechanism was missing in cephwrap_fchown() for path based call.
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 14 Nov 2023 11:12:22 +0000 (12:12 +0100)]
smbd: Get the symlink mode for posix through fdos_mode()
fdos_mode() has special code to deal with symlinks, so we don't have
to replicate that logic here.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Nov 15 06:10:38 UTC 2023 on atb-devel-224
Volker Lendecke [Tue, 14 Nov 2023 11:11:17 +0000 (12:11 +0100)]
smbd: Centralize fdos_mode() in smbd_dirptr_get_entry()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 14 Nov 2023 11:09:54 +0000 (12:09 +0100)]
smbd: Centralize wiping the ".." stat info
Make sure this also happens for symlinks etc.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 13 Nov 2023 12:46:51 +0000 (13:46 +0100)]
smbd: Simplify smbd_dirptr_get_entry()
This uses the much simpler openat_pathef_fsp_lcomp, avoiding
non_widelink_open where we don't need it. The only case where we still
have to call openat_pathref_fsp() in its full capacity is to find out
whether a symlink we found is dangling or not.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 13 Nov 2023 12:48:42 +0000 (13:48 +0100)]
smbd: Remove a pointless NULL check
We've dereferenced smb_fname before, and talloc_move() never fails.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 13 Nov 2023 09:25:58 +0000 (10:25 +0100)]
smbd: Slightly simplify smbd_dirptr_get_entry()
Check for dirptr being toplevel just once.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 12 Nov 2023 10:48:30 +0000 (11:48 +0100)]
smbd: Move mask_match_search() to smb1_reply.c
Only called there.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sun, 12 Nov 2023 10:30:11 +0000 (11:30 +0100)]
smbd: Simplify smbd_dirptr_get_entry()
Both mode_fn's are now the same. Fold them into smbd_dirptr_get_entry()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Sat, 11 Nov 2023 18:12:16 +0000 (19:12 +0100)]
smbd: Simplify smbd_dirptr_8_3_mode_fn()
Do the smb1-specific code directly in smb1-code. Don't tunnel it
through generic smb1/smb2 code.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 9 Nov 2023 11:50:07 +0000 (12:50 +0100)]
smbd: Rename "fsp" to "dirfsp" in smbd_smb2_query_directory_state
Makes it clearer to me what we have there.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Tue, 14 Nov 2023 09:53:30 +0000 (10:53 +0100)]
smbd: Directly print errno in openat_pathref_fsp_lcomp()
This is where the error came from.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Thu, 9 Nov 2023 11:25:32 +0000 (12:25 +0100)]
smbd: Remove a NULL check that became obsolete
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Volker Lendecke [Mon, 13 Nov 2023 16:30:22 +0000 (17:30 +0100)]
smbd: Modernize a DEBUG statement
Avoid casts
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 21:21:02 +0000 (10:21 +1300)]
netcmd: docs: update docs for silo member grant + revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Nov 15 05:00:58 UTC 2023 on atb-devel-224
Rob van der Linde [Tue, 7 Nov 2023 20:44:14 +0000 (09:44 +1300)]
netcmd: tests: update silo member grant and revoke docstings and comments
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:42:33 +0000 (09:42 +1300)]
netcmd: tests: rename silo member tests to grant + revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:35:13 +0000 (09:35 +1300)]
netcmd: tests: rename add_silo_member and remove_silo_member methods in test
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:26:15 +0000 (09:26 +1300)]
netcmd: silo member: update docstrings comments and print statements for grant + revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:24:59 +0000 (09:24 +1300)]
netcmd: silo member: update command line options help text for grant + revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:20:59 +0000 (09:20 +1300)]
netcmd: silo member: rename add and remove commands to grant and revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:13:04 +0000 (09:13 +1300)]
netcmd: silo member: update model docstrings and exception text
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 20:10:14 +0000 (09:10 +1300)]
netcmd: silo member: rename model methods to grant and revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 19:30:22 +0000 (08:30 +1300)]
netcmd: silo member: rename exceptions to grant and revoke
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Wed, 8 Nov 2023 11:41:51 +0000 (00:41 +1300)]
netcmd: models: fix incorrect return type should not be User
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Wed, 8 Nov 2023 01:06:10 +0000 (14:06 +1300)]
netcmd: models: Model.query method makes use of Query class
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 7 Nov 2023 23:09:22 +0000 (12:09 +1300)]
netcmd: models: add Query class to replace simple generator
This allows other methods to be added on top of the Query class like .first() and .one()
Sometimes it's useful to raise an exception if 0 rows are returned, while other times it's best to return None.
Having a Query class makes it easy to add methods like .one() and .first() to take care of this requirement.
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 31 Oct 2023 03:59:31 +0000 (16:59 +1300)]
netcmd: docs: document samba-tool user auth silo and policy commands
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 31 Oct 2023 02:20:25 +0000 (15:20 +1300)]
netcmd: tests: add tests for user auth policy and silo commands
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Rob van der Linde [Tue, 31 Oct 2023 02:36:53 +0000 (15:36 +1300)]
netcmd: tests: rename domain_auth_base.py to silo_base.py
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
git.samba.org / gd / samba / .git / log