Dimitry Andric [Fri, 1 Jan 2021 17:25:48 +0000 (18:25 +0100)]
lib: Avoid declaring zero-length VLAs in various messaging functions
In messaging_rec_create(), messaging_recv_cb() and
messaging_dispatch_rec(), variable length arrays of file descriptors are
declared using an incoming num_fds parameter.
However, there are several scenarios where num_fds can be zero, and
declaring a zero-length VLA is undefined behavior. This can lead to
segmentation faults and/or other crashes when compiling with recent
versions of clang at high optimization levels.
To avoid ever using zero as the length for these declarations, use
MAX(1, length) instead.
Signed-off-by: Dimitry Andric <dimitry@andric.com> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Jan 4 10:50:07 UTC 2021 on sn-devel-184
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Jan 1 11:56:23 UTC 2021 on sn-devel-184
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Wed Dec 23 13:52:41 UTC 2020 on sn-devel-184
Gary Lockyer [Thu, 10 Dec 2020 22:55:01 +0000 (11:55 +1300)]
tests python krb5: PEP8 cleanups
Fix all the PEP8 warnings in samba/tests/krb5. With the exception of
rfc4120_pyasn1.py, which is generated from rfc4120.asn1.
As these tests are new, it makes sense to ensure that they conform to
PEP8. And set an aspirational goal for the rest of our python code.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Dec 21 21:29:28 UTC 2020 on sn-devel-184
Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Björn Jacke <bjacke@samba.org>
Autobuild-Date(master): Sat Dec 19 18:20:30 UTC 2020 on sn-devel-184
David Mulder [Tue, 3 Nov 2020 17:45:45 +0000 (10:45 -0700)]
gpo: Apply Group Policy Sudo Rights from VGP
This adds a Group Policy extension which applies
Sudo rights set by Vintela Group Policy in the
SYSVOL.
Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Dec 19 08:11:50 UTC 2020 on sn-devel-184
Jeremy Allison [Thu, 17 Dec 2020 20:31:35 +0000 (12:31 -0800)]
smbd: close_file() should never see an internal dirfsp.
Assert this is the case.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 18 16:27:38 UTC 2020 on sn-devel-184
Ralph Boehme [Wed, 16 Dec 2020 14:41:07 +0000 (15:41 +0100)]
vfs_acl_tdb: avoid deleting the NT ACL from the tdb
...when called as part of setting a new NT ACL. This implements the same logic
added to vfs_acl_xattr in the previous commit, to make sure both modules behave
identically.
This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Dec 17 20:04:22 UTC 2020 on sn-devel-184
Ralph Boehme [Wed, 16 Dec 2020 14:37:02 +0000 (15:37 +0100)]
vfs_acl_common: add an fsp extension when setting ACL
This allows the module checking for the fsp extension variable setting_nt_acl
and will be used in the module functions for .sys_acl_set_fd_fn (so
sys_acl_set_fd_xattr() and sys_acl_set_fd_tdb()).
This depends on the previous code changes, so
won't be back ported. But for reference the
bug id is below.
Ralph Boehme [Wed, 16 Dec 2020 14:27:39 +0000 (15:27 +0100)]
smbd: use a real dirfsp/atname in mkdir_internal() with SMB_VFS_MKDIRAT()
Now that all VFS modules support real dirfsps in SMB_VFS_MKDIRAT(), pass the
pathref fsp from the parent directory and the basename of the new directory.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Wed, 16 Dec 2020 14:20:47 +0000 (15:20 +0100)]
smbd: open a pathref fsp on the parent directory
Prepares for calling SMB_VFS_MKDIRAT() below with a real dirfsp/atname. As
parent_dir_fname now has a pathref fsp in parent_dir_fname->fsp, make sure to
talloc_free() the parent_dir_fname before leaving the function, so the pathref
fsp is closed right there and not left around until the talloc tos is
destroyed (parent_dir_fname is a child of talloc-tos).
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Mon, 14 Dec 2020 10:51:20 +0000 (11:51 +0100)]
smbd: move mode logic out of vfswrap_mkdirat() to the caller mkdir_internal()
This is the correct place where this code should be. It also means opaque VFS
modules that implement their own mkdirat() like glusterfs now use this logic.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 17 Dec 2020 11:41:29 +0000 (12:41 +0100)]
smbd: remove fd_close() from open_directory()
fd_close() was accidentally added twice by d00d09fdcf73a5839ae4f82cf8e953bb761bfbfb. If it would have been removed by 5770cdd7635a018817418f58bd37268aedebd6a9 that adds the reopen_from_procfd()
optimisation, all would be fine. But fd_close() still being called before
reopen_from_procfd() means we're closing the pathref fd prevening the
optimisation.
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Wed, 16 Dec 2020 23:44:41 +0000 (15:44 -0800)]
smbd: On error exit in create_file_unixpath(), we can't call close_file() on uncompleted opens.
We can't call directly into close_file(), as that cannot deal
with regular file and directory opens where fsp->fsp_flags.is_fsa
hasn't been set to true (uncompleted opens).
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
This option can be used to make use of the change notify privilege.
By default notify results are not checked against the file system
permissions.
If "honor change notify privilege" is enabled, a user will only
receive notify results, if he has change notify privilege or sufficient
file system permissions. If a user has the change notify privilege, he
will receive all requested notify results, even if the user does not
have the permissions on the file system.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Björn Baumbach <bb@sernet.de> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec 17 15:01:53 UTC 2020 on sn-devel-184
Björn Baumbach [Mon, 20 Jul 2020 14:49:39 +0000 (16:49 +0200)]
python/tests: add tests for smb notify and the dependency to the TRAVERSE privilege
The easiest way to run this against Windows was to use a domain
controller and configure an enforce group policy and grant the
"Bypass Traverse Checking" only to the "BUILTIN\Administrators" group.
(Note that "LOCAL SERVICE" and "NETWORK SERVICE" are always added in
the local security policy.
libsmb_samba_internal: calculate the access_mask for {g,s}et_acl() based on the secinfo flags
SEC_FLAG_MAXIMUM_ALLOWED will never result in SEC_FLAG_SYSTEM_SECURITY
being granted. As SECINFO_SACL is part of the default secinfo value
(SECINFO_DEFAULT_FLAGS), {g,s}et_acl() will always return
NT_STATUS_ACCESS_DENIED by default.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
libsmb_samba_internal: don't send SECINFO_[UN]PROTECTED_{S,D}ACL by default
We want to get the default behavior.
It's also pointless to set PROTECTED and UNPROTECTED at the same time.
These are defined in MS-DTYP 2.4.7 SECURITY_INFORMATION with a brief
description, but they aren't referenced in anywhere in MS-DTYP itself,
nor in MS-FSA are any other document.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
changes = notify_req.get_changes(wait=False)
# changes is likely to be None if no result arrived yet
# ... do other operations on conn.*() ...
changes = notify_req.get_changes(wait=True)
# changes is a list of change dictionaries
# each containing "name" (a string) and
# "action" (an integer, e.g. libsmb.NOTIFY_ACTION_REMOVED)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
This is useful in order to test async requests
tevent_queue_wait_send/recv() can be used to block
the queue between requests or wait for the queue to be flushed.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Gary Lockyer [Tue, 15 Dec 2020 21:56:22 +0000 (10:56 +1300)]
pep8 tidy up config
Enable the following warnings:
E126: continuation line over-indented for hanging indent
E131: continuation line unaligned for hanging indent
E203: whitespace before ':'
E221: multiple spaces before operator
E501: line too long
E722: do not use bare 'except'
These were originally chosen so that as much of the existing samba code
passed. With the intention of integrating PEP8 checking into build
process. But the PEP8 output does not integrate into the known fail
mechanism, so this approach was abandoned.
setup.cfg is the default PEP8 config file having these exceptions
enabled means that new code can be added with those issues. Also tools
like pyls (python language server) use setup.cfg.
Disable the following warnings:
E402: module level import not at top of file
Samba has a significant amount of code setting
sys.path.insert(0, "bin/python")
W503: Line break before binary operator
We need to have a preference, and PEP8 expresses a weak preference
for disabling 503
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec 17 00:54:51 UTC 2020 on sn-devel-184
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Noel Power <noel.power@suse.com>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 16 13:56:49 UTC 2020 on sn-devel-184
wafsamba: move clang_compilation_database usage behind an --enable-clangdb option
Writing bin/default/compile_commands.json doubles the total time used
for a noop build. That price should only be paid if someone wants to
use it actually.
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
Jeremy Allison [Mon, 14 Dec 2020 20:15:48 +0000 (12:15 -0800)]
smbd: Remove the smb_fname parameter from set_ea().
We know we must have a valid fsp.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Dec 16 10:15:11 UTC 2020 on sn-devel-184
Jeremy Allison [Mon, 14 Dec 2020 20:07:48 +0000 (12:07 -0800)]
smbd: smb_info_set_ea() can only get fsp==NULL in POSIX mode accessing a symlink.
Ensure this is the case and force-return NT_STATUS_ACCESS_DENIED here.
Remove any race condition if anyone modifies the symlink whilst the
operation is in process.
This now allows us to require a valid fsp for operations on EAs.
Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Now that handle based fdos_mode() is used everywhere we can be sure that we're
also always getting a handle in SMB_VFS_GET_COMPRESSION() so we can now safely
remove the path parameter. :)
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
projects / thirdparty / samba.git / log
