s3: VFS: full_audit. Ensure the module doesn't load if an operation name is miss...

Document this new behavior. Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15098

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/docs-xml/manpages/vfs_full_audit.8.xml b/docs-xml/manpages/vfs_full_audit.8.xml
index fc08845ac3c3d936d9aeac9a4cd0069e4dd48a33..dcd71fa9b646d75e2024b35597c530fbee8dd4a2 100644 (file)
--- a/docs-xml/manpages/vfs_full_audit.8.xml
+++ b/docs-xml/manpages/vfs_full_audit.8.xml
@@ -156,6 +156,11 @@
        the VFS operations and none of the VFS operations respectively.
        </para>
 
+       <para>If an unknown operation name is used (for example an operation name
+       is miss-spelled), the module will fail to load and clients will
+       be refused connections to a share using this module.
+       </para>
+
        <para><command>vfs_full_audit</command> records operations in fixed
        format consisting of fields separated by '|' characters. The
        format is: </para>

diff --git a/selftest/knownfail.d/full_audit_badname b/selftest/knownfail.d/full_audit_badname
deleted file mode 100644 (file)
index b353875..0000000
--- a/selftest/knownfail.d/full_audit_badname
+++ /dev/null
@@ -1,2 +0,0 @@
-^samba3.blackbox.test_full_audit_success_badname.Cannot\ connect\ to\ share\ full_audit_success_bad_name\(fileserver\)
-^samba3.blackbox.test_full_audit_fail_badname.Cannot\ connect\ to\ share\ full_audit_fail_bad_name\(fileserver\)

diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c
index 167f446938b89da1f8904e6384397353c8ceed22..6d38738ac529020dfd1c25139b9ba2165b9b6c24 100644 (file)
--- a/source3/modules/vfs_full_audit.c
+++ b/source3/modules/vfs_full_audit.c
@@ -751,9 +751,19 @@ static int smb_full_audit_connect(vfs_handle_struct *handle,
        pd->success_ops = init_bitmap(
                pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
                                        "success", none));
+       if (pd->success_ops == NULL) {
+               DBG_ERR("Invalid success operations list. Failing connect\n");
+               SMB_VFS_NEXT_DISCONNECT(handle);
+               return -1;
+       }
        pd->failure_ops = init_bitmap(
                pd, lp_parm_string_list(SNUM(handle->conn), "full_audit",
                                        "failure", none));
+       if (pd->failure_ops == NULL) {
+               DBG_ERR("Invalid failure operations list. Failing connect\n");
+               SMB_VFS_NEXT_DISCONNECT(handle);
+               return -1;
+       }
 
        /* Store the private data. */
        SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL,