s3:libads: let kerberos_kinit_password_ext() always initialize *ntstatus

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libads: fix compiler warning in trust_pw_change()

../../source3/libads/trusts_util.c: In function ‘trust_pw_change’:
../../source3/libads/trusts_util.c:302:45: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
  302 |                                    (void **)&new_trust_pw_blob.data,

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:rpc_client: remember the local/remote ipv4 or ipv6 addresses

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: remove useless lines in add_trusted_domains_dc()

add_trusted_domain() above already sets this...

Review with: git show -U15

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: make use of samba_sockaddr in set_remote_addresses() to avoid warnings

../../source3/winbindd/winbindd_dual_ndr.c: In function ‘set_remote_addresses’:
../../source3/winbindd/winbindd_dual_ndr.c:467:51: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
  467 |         struct sockaddr *sar = (struct sockaddr *)&st;

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: make use of samba_sockaddr add_one_dc_unique() to avoid warnings

../../source3/winbindd/winbindd_cm.c: In function ‘add_one_dc_unique’:
../../source3/winbindd/winbindd_cm.c:1172:48: warning: dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
 1172 |                             (struct sockaddr *)(void *)&(*dcs)[i].ss,

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:winbindd: let wb_dsgetdcname* normalize to dns names on an ad_dc

wb_dsgetdcname() is typically used by dcerpc_wbint_DsGetDcName_send()
from netr_DsRGetDCName* in the netlogon server, when domain members
try to ask for domain controllers of a trusted domain.

The domain might disabled netbios support, so we better try the
already dns name if available.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:utils: let net_rpc_testjoin() work for ad domains and no ipv4 address

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:libsmb: let discover_dc_netbios() return DOMAIN_CONTROLLER_NOT_FOUND

We may get NT_STATUS_NOT_FOUND when the name can't be resolved
and NT_STATUS_INVALID_ADDRESS if the system doesn't have ipv4
addresses...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth: return RESOURCE_REQUIREMENTS_CHANGED is the proposed flags changed

This will be important when we add support for netr_ServerAuthenticateKerberos().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:torture/rpc: make use of creds->client_requested_flags

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s4:librpc/rpc: make use of creds_state->client_requested_flags

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

schannel.idl: change netlogon_creds_CredentialState layout for 4.22

This breaks compat with 4.21 and moves stuff out of
netlogon_creds_CredentialState_extra_info.

It also prepares support for netr_ServerAuthenticateKerberos()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Revert "libcli/auth: let netlogon_creds_cli_store_internal check netlogon_creds_CredentialState_legacy"

This reverts commit c3fa132fbe179bd4e1451240ce572ec791356a16.

We break the compat of the netlogon_creds_cli.tdb records compared to
4.21 with the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli/auth: don't loose server_dns_domain in netlogon_creds_cli_context_global()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: add NetlogonTicketLogonInformation/NetlogonValidationTicketLogon

I have basic tests, which have shown that the payload is not
encrypted at application level.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpc/ndr: let ndr_print_bitmap_flag work for bitmap64bit values

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

python/ndr: allow print_secrets=True for ndr_print*

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

pidl/Python: allow ndr_print(print_secrets=True)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpc/ndr: add ndr_print_{struct,union,function}_secret_string()

Keep libndr at 6.0.0, this has not been released yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

librpr/ndr: split out ndr_print_generic_string()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: use authservice("netlogon")

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

netlogon.idl: mark some structs as public so that ndr.ndr_deepcopy() works in python

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

samr/netlogon.idl: add [flag(NDR_SECRET)] in some more places

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

s3:tests: Adapt winbind_call_depth_trace to depth=3

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Pavel Filipensky <pfilipensky@samba.org>
Autobuild-Date(master): Thu Dec  5 15:54:57 UTC 2024 on atb-devel-224

s3:tests: Make winbind_call_depth_trace to use global_inject.conf

To get the expected traces we need:

debug syslog format = no
log level = 10

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libcli: Speed up sddl_decode_ace()

Factor out talloc-less sddl_transition_decode_sid()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Dec  3 09:03:01 UTC 2024 on atb-devel-224

libcli: Remove a special case

dom_sid_parse_endp does accept the lowercase "s" in "s-1-1-0".

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: Simplify sddl_decode_err_msg()

We have security_descriptor_initialise() for this

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: README.Coding for dom_sid routines

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

lib: Simplify security_descriptor_initialise() with a struct init

Rely no the default NULL init.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

libcli: Fix a signed/unsigned comparison warning

With this we compare pointers, not numbers

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Dec  2 05:52:56 UTC 2024 on atb-devel-224

libcli: Use dom_sid_dup() instead of talloc_memdup()

We have specialized code for this, why not use it...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Apply a little const

Probably does not matter code-wise, but looks nicer to me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Fix a typo

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Fix whitespace

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libcli: Avoid an unnecessary "else"

We return in the error case anyway

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Modernize DEBUGs

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_posix_lock()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_file_position_information()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_file_position_information()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_file_allocation_info()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_file_allocation_info()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smb_set_info_standard()

We've asserted fsp!=NULL in the caller

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Simplify smbd_smb2_query_directory_send()

We don't need to call strcmp() to find an empty string.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Remove a pointless comment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

pdbedit: Avoid a use of convert_time_t_to_uint32_t()

We should avoid converting time_t to 32 bit wherever possible

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libndr: Apply const to the ndr_print_* functions's void *

ndr_print_fn_t has a const void *, so we can extend this to the
callers. Keep ABI at 6.0.0, 4.21 is 5.0.0 and 4.22 is not there yet.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: TALLOC_FREE(sd) where it was allocated

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

smbd: Avoid a cast

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

printing: Fix Coverity ID 1508942 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

printing: Fix Coverity ID 1509000 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

lib: Simplify smbconf_txt_load_file()

file_modtime() returns errno, so we can skip the racy file_exist()
call.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

lib: Move some R/W "data" segment to R/O "text"

Doesn't really matter for tests, but I just came across it.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

net: Fix Coverity ID 1509022 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libndr: Fix Coverity ID 1509020 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

rpcclient: Fix Coverity ID 1509018 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

passdb: Fix Coverity ID 1509016 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

libsmb: Fix Coverity ID 1509012 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

pdb_ldap: Fix Coverity ID 1508985 Use of 32-bit time_t

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

s4:smbtorture: Fix samba3.smb.dir on btrfs

"If a file is removed from or added to the directory after the most recent call
to opendir() or rewinddir(), whether a subsequent call to readdir() returns
an entry for that file is unspecified."
https://pubs.opengroup.org/onlinepubs/009604599/functions/readdir.html

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Nov 29 15:10:13 UTC 2024 on atb-devel-224

s4:torture: Fix samba3.smb2.name-mangling on btrfs

If a file is removed from or added to the directory after the most recent call
to opendir() or rewinddir(), whether a subsequent call to readdir() returns
an entry for that file is unspecified."
https://pubs.opengroup.org/onlinepubs/009604599/functions/readdir.html

As it is unspecified, the different filesystems on Linux implement this
differently:

ext4:

./a.out
opendir(foo)
creat(foo/bar)
readdir() loop
  readdir entry: bar
  readdir entry: ..
  readdir entry: .
readdir() detected the newly created file `foo`

btrfs:

./a.out
opendir(foo)
creat(foo/bar)
readdir() loop
  readdir entry: .
  readdir entry: ..
readdir() did not detect the newly created file `foo`

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libcli/auth: let netlogon_creds_copy() make use of ndr_deepcopy_struct()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Nov 28 13:53:25 UTC 2024 on atb-devel-224

librpc/ndr: add ndr_deepcopy_struct() helper

Keep libndr at 6.0.0, this has not been released yet.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: use fsctl_get_reparse_point() in smb3_file_posix_information_init()

This allows returning the POSIX type info from fsctl_get_reparse_point().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Nov 27 19:32:45 UTC 2024 on atb-devel-224

smbd: move calling fsctl_get_reparse_tag() into smb3_file_posix_information_init()

This already fixes SMB2-GETINFO with POSIX infolevel to return the reparse tag
of reparse points.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: simplify smb3_file_posix_information_init()

The dos attributes are already setup by fdos_mode(). Still assert
FILE_ATTRIBUTE_REPARSE_POINT is correctly set just in case.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: fix DOS attributes for reparse points in fdos_mode()

Reparse have only FILE_ATTRIBUTE_REPARSE_POINT set, but never
FILE_ATTRIBUTE_NORMAL or FILE_ATTRIBUTE_DIRECTORY at the same time.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: test POSIX file type on reparse point

Create a symlink reparse point over SMB2. Then query file info over SMB2 and
check the POSIX file type is correctly assigned in the POSIX info levels.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: check reparse tag and POSIX file type from query-file with POSIX infolevel

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: fix test teardown/cleanup of test_create_reparse_directory()

This kept failing in a local make test not being able to cleanup the test
directory in the *subsequent* test test_create_reparse_nonempty_directory().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: prepare reparsepoints.py for using POSIX on the SMB2 connection

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

tests: move wire_mode_to_unix() to libsmb.py

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

pylibsmb: implement getinfo level FSCC_FILE_POSIX_INFORMATION

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: rename SMB2_FS_POSIX_INFORMATION to FSCC_FS_POSIX_INFORMATION

Streamline the info-level defines. Also get rid of
SMB2_FS_POSIX_INFORMATION_INTERNAL which is not needed for an info-level that
is exclusive to SMB2.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: rename SMB2_FILE_POSIX_INFORMATION to FSCC_FILE_POSIX_INFORMATION

Streamline the info-level defines. Also get rid of
SMB2_FILE_POSIX_INFORMATION_INTERNAL which is not needed for an info-level that
is exclusive to SMB2.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

smbd: use NT_PASSTHROUGH_OFFSET in a few places

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

gitlab-ci: Fix building debian 32bit images

Trying to pull registry-1.docker.io/i386/debian:12...
Error: creating build container: choosing an image from manifest list
docker://registry-1.docker.io/i386/debian:12: no image found in image index for
architecture "amd64", variant "", OS "linux"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 27 16:32:07 UTC 2024 on atb-devel-224

gitlab-ci: Move to Fedora 41

Python 3.13 removed the `crypt` module. I can work around it on Fedora 41, but
we need to address this better sooner than later.

See also https://bugzilla.samba.org/show_bug.cgi?id=15756

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

selftest: Allow to use SHA1 with OpenSSL for selftest

This is needed for samba.tests.krb5.pkinit_tests with sha1.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

python: Fix length of Common Name x509 attribute

File "bin/python/samba/tests/krb5/pkinit_tests.py", line 1496, in
create_certificate
  x509.NameAttribute(NameOID.COMMON_NAME,
  ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^
                     f'{cert_name}/emailAddress={cert_name}'),
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.13/site-packages/cryptography/x509/name.py",
line 152, in __init__
  raise ValueError(msg)
ValueError: Attribute's length must be >= 1 and <= 64, but it was 84

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

autobuild: Run the samba-minimal-smbd build jobs with -j 2

samba-minimal-smbd is now always the slowest job by many
minutes. There's no timeouts to be expected, so run them with nice -n
19.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Nov 26 12:38:17 UTC 2024 on atb-devel-224

libndr: Add overflow check to ndr_push_subcontext_end()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Nov 25 15:36:07 UTC 2024 on atb-devel-224

tests: Check symlinks are readable as reparse points

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Nov 22 11:05:33 UTC 2024 on atb-devel-224

smbd: Return NT_STATUS_STOPPED_ON_SYMLINK

Do this for "follow symlinks = now" and smb2 unix extensions

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Always init symlink_err in filename_convert_dirfsp_nosymlink()

Make sure that we don't leave symlink_err in the caller
uninitialized.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Create the proper error blob for STOPPED_ON_SYMLINK

Unused so far, our lowerlevel routines so far never return
NT_STATUS_STOPPED_ON_SYMLINK. Also see the NULL passed as
"symlink_reparse", this will change soon. Separate patch for easier
review.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Prepare smbd_smb2_create_recv() to return a symlink error

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

tests: Fix test_symlinkerror_absolute_inshare

This tests converting an absolute into a relative target. Reflect that
in the flags expected from the STOPPED_ON_SYMLINK error response.

As of this patch it's still knownfail, so irrelevant. But soon this test will
succeed.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

tests: Reparse point dirs are shown as REPARSE_POINT|DIRECTORY

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

tests: Reparse point files are shown as FILE_ATTRIBUTE_REPARSE_POINT

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Allow a symlink as lcomp when asking for REPARSE_POINT

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Fix the turning an absolute symlink into a relative one

If dirfsp is the share root, we end up with a "/." at the end of
subdir_path. subdir_of() does not cover that case. fsp_fullbasepath()
takes care of that case and also avoids a talloc.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Set fsp->fsp_flags.posix_open in openat_pathref_fsp_lcomp()

Not sure why this wasn't caught as a bug yet...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Allow symlinks to be read via GET_REPARSE_POINT

... to be used soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Prepare fdos_mode() for handling symlinks in smb2

We should show all special files as NORMAL|REPARSE_POINT, except
symlinks for SMB1 Posix Extensions. IFREG and IFDIR are handled via
our xattr mechanisms.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libsmb: Retry the open with OPEN_REPARSE_POINT on IO_REPARSE_TAG_NOT_HANDLED

If we get that error message, we want to look at the reparse point as
such. This does not affect normal files, but soon we will need it in
our tests.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make filename_convert_dirfsp_nosymlink() public

To be used directly in smb2_create.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Revert "smbd: Simplify filename_convert_dirfsp()"

This reverts commit bd30c9c128c203c3ed4b123b651862a9953f6cf2.

While this does indeed slightly simplify code, it simplifies too much: Soon we
will need filename_convert_dirfsp_nosymlink raw without looking at
UCF_LCOMP_LNK_OK. So in hindsight this went too far.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Pass "create_options" to filename_create_ucf_flags()

OPEN_REPARSE_POINT will trigger symlinks not being followed but
returned, even if we have "follow symlinks = yes". Prepare for setting
UCF_LCOMP_LNK_OK for this case in a central place.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>