Ralph Boehme [Thu, 9 Jan 2025 11:27:43 +0000 (12:27 +0100)]
smbtorture: add test "open-brlock-deadlock"
smbtorture reproducer for bug 15767. As it needs a very specific setup that
can't easily be done in selftest, the test is only executed when manually called
with
Pavel Filipenský [Thu, 20 Feb 2025 19:33:19 +0000 (20:33 +0100)]
s3: Fix use of dbwrap_transaction_cancel() in machine_account_secrets.c
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Mar 29 19:02:35 UTC 2025 on atb-devel-224
Douglas Bagnall [Thu, 6 Mar 2025 23:01:14 +0000 (12:01 +1300)]
pylibsmb: avoid unnecessary check of sid/gid counts
This causes compiler conniptions because the check is tautologically
false with 64 bit size_t, while a 32 bit ssize_t that wraps to a
negative number is rejected by PyList_New(). Besides which, out of
bounds access is blocked by PyList_SetItem(), and talloc won't create
arrays that large.
The trouble is picky compilers can say things like:
../../source3/libsmb/pylibsmb.c: In function ‘py_smb_posix_whoami’:
../../source3/libsmb/pylibsmb.c:2226:22: warning: comparison is always
false due to limited range of data type [-Wtype-limits]
2226 | if (num_gids > PY_SSIZE_T_MAX) {
which draws endless but useless developer attention.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Douglas Bagnall [Fri, 23 Dec 2022 08:36:26 +0000 (21:36 +1300)]
lib/compression: add a windows python script for test vectors
The C program we have (generate-windows-test-vectors.c) uses a higher
level API than MS-XCA refers to, which plays tricks like refusing to
do compression if the result would be larger than the original. It
does that because I could not successfully compile something using the
correct RtlCompressBuffer API in Cygwin.
It turns out you don't need to compile anything; using the Python
ctypes library, the Windows libraries are available to Python.
The compression *is* the same, which is what we expected.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Douglas Bagnall [Fri, 20 Jan 2023 00:07:43 +0000 (13:07 +1300)]
s4/dns/dlz: log when falling back to obsolete dns ldb path
Prior to 4.8 or so, the dlz dns files were kept in samba/private, but
sharing those files is a bit less than private so a new bind-dns
directory was added. As part of that patch set efforts were made to
fallback gracefully to the old locations. But now that silent grace is
causing confusion; the time has come to fallback resentfully.
Douglas Bagnall [Fri, 14 Mar 2025 03:53:42 +0000 (16:53 +1300)]
.github: CodeQL triggers on current branches
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Mar 29 12:38:10 UTC 2025 on atb-devel-224
Douglas Bagnall [Fri, 14 Mar 2025 03:21:41 +0000 (16:21 +1300)]
.github: add CodeQL workflow
This is the automatically generated config file for CodeQL, a code
query language, which can be used to run bespoke static analysis
tasks.
It is currently set to "autobuild" mode, which in Github's terminology
means it tries `./configure && make`, which fails because configure
looks for packages that aren't installed.
In another commit or two we'll add the necessary bootstrap lines, and
perhaps remove some of the unneeded bits.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Martin Schwenke <martin@meltin.net>
Douglas Bagnall [Wed, 26 Mar 2025 02:55:33 +0000 (15:55 +1300)]
samba-tool backup restore: cope with no sysvol
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15661 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Mar 29 08:25:39 UTC 2025 on atb-devel-224
Douglas Bagnall [Wed, 19 Mar 2025 00:16:12 +0000 (13:16 +1300)]
samba-tool gpo: use a real XML parser to check entity validity
The expat parser comes with the Python standard library, so we can use
it to check the entities work, rather than relying on a fragile
regular expression.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Douglas Bagnall [Thu, 20 Mar 2025 03:43:41 +0000 (16:43 +1300)]
pytest: source_tree_topdir() checks more thoroughly
We are more certain of how many ../ steps we are from top than we are
that the existence of a thing called 'source4' is a definite sign
that this is a full source tree. So we check fewer depths and more
subdirectories.
This also modernises the return type to be a pathlib.Path, which works
without change for current callers.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Saurabh Singh [Wed, 12 Mar 2025 09:18:07 +0000 (14:48 +0530)]
vfs_vxfs: pathref fixes
These fixes are required as after the pathref changes done in vxfs code, set
and get attribute was not working. fsp_get_io_fd(fsp) was returing -1 always.
Signed-off-by: Saurabh Singh <saurabh.singh@veritas.com> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Mar 28 09:02:10 UTC 2025 on atb-devel-224
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Mar 28 07:53:25 UTC 2025 on atb-devel-224
Volker Lendecke [Tue, 25 Feb 2025 16:31:16 +0000 (17:31 +0100)]
lib: Slightly simplify ad_alloc()
Use a struct initialization to avoid talloc_zero()
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Mar 27 14:11:11 UTC 2025 on atb-devel-224
Volker Lendecke [Thu, 20 Mar 2025 16:57:11 +0000 (17:57 +0100)]
net: Fix a panic in "net vfs getntacl"
We have to explicitly free smb_fname, because after openat_pathref_fsp
we have a file descriptor around. If we then later talloc_free() the
connection_struct, fd_handle_destructor() panics because talloc_free()
does not free smb_fname before the connection_struct.
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Anoop C S <anoopcs@samba.org>
Ralph Boehme [Mon, 10 Mar 2025 15:31:13 +0000 (16:31 +0100)]
smbd: implement modern write time update logic
The gist of this is:
1. A write or other modifications as per MS-FSA "2.1.4.17 Algorithm for Noting
that a File Has Been Modified" immediately update the file times, there's no
delayed update.
2. Setting a timestamp on a handle only disables further timestamp updates via
that handle. Modifications via other handles must still update the timestamps.
This can not be implemented by storing the sticky writetime in the
share_mode_data record for performance reasons, as from 2 it follows that the
record would have to be checked and updated for every write on all handles.
Instead, writes on handles with sticky writetime in effect, record the current
timestamp before the modification and reset the filesystem timestamp to the
recorded value after doing the modification.
For reference, these are the relevant pieces from MS-FSA:
2.1.1.6 Abstract Date Model: Per Open
- UserSetModificationTime: A Boolean that is TRUE if a user has explicitly set
File.LastModificationTime through this Open.
- UserSetChangeTime: A Boolean that is TRUE if a user has explicitly set
File.LastChangeTime through this Open.
- UserSetAccessTime: A Boolean that is TRUE if a user has explicitly set
File.LastAccessTime through this Open.
2.1.4.17 Algorithm for Noting That a File Has Been Modified
The inputs for this algorithm are as follows:
- Open: The Open through which the file was modified.
The pseudocode for the algorithm is as follows:
The object store SHOULD<43>:
- If Open.UserSetModificationTime is FALSE, set Open.File.LastModificationTime
to the current system time.
- If Open.UserSetChangeTime is FALSE, set Open.File.LastChangeTime to the
current system time.
- If Open.UserSetAccessTime is FALSE, set Open.File.LastAccessTime to the
current system time.
- Set Open.File.FileAttributes.FILE_ATTRIBUTE_ARCHIVE to TRUE.
This then gets used for eg writes:
2.1.5.4 Server Requests a Write
...
- The object store MUST note that the file has been modified as specified in
section 2.1.4.17 with Open equal to Open.
...
Note the following differences between Windows behaviour and current
MS-FSA, these are documentation bugs that will be fixed in later
releases as discussed here:
* When processing FileEndOfFileInformation timestamps must be updated
if new size equals current size
* When processing FileAllocationInformation timestamps must be updated
if new size equals current size
* When processing FileAllocationInformation,
If (the new allocation size is less than the existing allocation)
Set the modification time (which will also updates the change time)
Else
Update the LastChangeTime
Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Mar 27 06:37:31 UTC 2025 on atb-devel-224
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Mar 26 01:51:40 UTC 2025 on atb-devel-224
Signed-off-by: Björn Jacke <bjacke@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Signed-off-by: Thomas Karlsson <thomas.karlsson@relea.se> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Mar 25 05:21:49 UTC 2025 on atb-devel-224
Douglas Bagnall [Fri, 14 Mar 2025 04:45:18 +0000 (17:45 +1300)]
samba-tool gpo: better entities check copes with new lines
Per https://www.w3.org/TR/xml/#sec-entity-decl (and MS references)
there is always some whitespace between '<!ENTITY' and the name, and
between the name and whatever is next. Also, it is valid XML to have
newlines inside entity declarations, like this:
<!ENTITY
bubble
"*S-1-5-113"
>
We used to create such files, so we should allow them.
There is a kind of entity that has '%' before the name, and there are
non-ascii names, which we continue not to support.
This meant we were testing nothing because the assertions are all that
the files are the same -- though the only affected check is one in
test_backup_restore_generalize().
Andreas Hasenack [Tue, 18 Feb 2025 15:43:46 +0000 (12:43 -0300)]
python:netcmd:gpo: fix crash when updating an MOTD GPO
When the policy exists already, there is no exception and the code
tries to use the "data" variable, but it doesn't exist because it was
only defined in the exception handling.
Signed-off-by: Andreas Hasenack <andreas.hasenack@canonical.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Douglas Bagnall [Fri, 14 Mar 2025 06:47:53 +0000 (19:47 +1300)]
samba-tool gpo: close opened files
It is almost certain that we are not going to run out of files, as
they get garbage collected anyway, but in some circumstances these can
fill your screen with "ResourceWarning: unclosed file" messages, which
hides the real messages.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 19 15:56:38 UTC 2025 on atb-devel-224
Before that commit we included only SEC_ACE_TYPE_ACCESS_ALLOWED(0)
as 'not type & SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT' filtered out
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT(5), but also
SEC_ACE_TYPE_ACCESS_DENIED and SEC_ACE_TYPE_ACCESS_DENIED_OBJECT.
After that commit we started to include
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT, which is wrong.
It was also always wrong to exclude SEC_ACE_TYPE_ACCESS_DENIED(1).
So now we make it explicit that we only include
SEC_ACE_TYPE_ACCESS_ALLOWED and SEC_ACE_TYPE_ACCESS_DENIED.
projects / thirdparty / samba.git / log
