smbd: realign synthetic_smb_fname() args in file_new()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/rpc_server: fss: realign synthetic_smb_fname() args in snap_path_exists()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/printing: realign synthetic_smb_fname() args in print_spool_open()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/printing: realign synthetic_smb_fname() args in driver_unlink_internals()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_xattr_tdb: realign synthetic_smb_fname() args in xattr_tdb_get_file_id()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_virusfilter: realign synthetic_smb_fname() args in infected_file_action_quarantine()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_virusfilter: realign synthetic_smb_fname() args in quarantine_create_dir()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_gpfs: realign synthetic_smb_fname() args in gpfsacl_emu_chmod()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_glusterfs: realign synthetic_smb_fname() args in vfs_gluster_realpath()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: realign synthetic_smb_fname() args in fruit_get_bandsize()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: realign synthetic_smb_fname() args in delete_invalid_meta_stream()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: realign synthetic_smb_fname() args in vfswrap_realpath()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_fruit: realign synthetic_smb_fname() args in vfswrap_realpath()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_default: realign synthetic_smb_fname() args in vfswrap_realpath()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_default: realign synthetic_smb_fname() args in vfswrap_fs_capabilities()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_ceph_snapshots: realign synthetic_smb_fname() args in ceph_snap_gmt_convert_dir()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_ceph_snapshots: realign synthetic_smb_fname() args in ceph_snap_fill_label()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_catia: realign synthetic_smb_fname() args in catia_readdir_attr()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3/lib: realign synthetic_smb_fname() args in synthetic_smb_fname_split()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: realign synthetic_smb_fname() args in check_reduced_name_with_privilege()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: realign args calling synthetic_smb_fname() in change_dir_owner_to_parent()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_vxfs: pass name as struct smb_filename to vxfs_compare()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_vxfs: realign vxfs_compare() args to one per line

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_streams_depot: realign synthetic_smb_fname() to one arg per line

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_streams_depot: pass dirname to walk_streams()/collect_one_stream() as struct smb_filename

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

vfs_gpfs: pass smb_fname to gpfsacl_emu_chmod()

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libsmb: Protect cli_oem_change_password() from rprcnt<2

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue May  5 17:12:04 UTC 2020 on sn-devel-184

libsmb: Protect cli_RNetServerEnum against rprcnt<6

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libsmb: Protect cli_RNetShareEnum() against rprcnt<6

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

libsmb: Fix indentation in cli_RNetShareEnum()

Also remove a level of indentation with a "goto done;"

Best review with "git show -b", almost no code change

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14362
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

smbd: Make share_mode_for_one_entry() use just a uint8*

"num_share_modes" is passed separately, so "data.dsize" was not used

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May  5 13:23:49 UTC 2020 on sn-devel-184

smbd: Make share_mode_do_locked() use a const uint8_t *

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make parse_share_modes() use a const ptr

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make share_mode_memcache_fetch() use a const ptr

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Convert get_share_mode_blob_header() to use a const ptr

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make share_mode_entry_find() take a const pointer

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Make sure share_mode_entry_do() maintains sorting order

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Simplify reset_share_mode_entry()

This has more lines, but it's a lot simpler: reset_share_mode_entry is
only called during durable reconnect, which only works with a single
share mode entry. See durable_reconnect_fn(). Thus we don't have to
keep the share mode array sorted, there is just a single entry.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

smbd: Simplify share_mode_entry_get()

If we don't use a DATA_BLOB, we can more correctly state in the
prototype that the buffer we parse is constant.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libsmb: Add a NULL check

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libsmb: Align integer types in net_share_enum_rpc()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libsmb: Use talloc_strndup() to cut a backslash

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

libsmb: Add a NULL check after talloc_strdup()

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

lib: Move push_skip_string() to clirap2.c

It's only used there

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

librpc: Align integer types

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

net: Add g_lock dumpall

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

net: "net g_lock locks" needs to print binary keys

In 2017 g_lock changed to take TDB_DATA as a key

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

rpc_server3: Align integer types

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

lib: Fix a comment

The "deleted bit" went away with 341223a00596e

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

lib: Remove two unused macro definitions

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

torture4: Move a variable declaration closer to its use

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

registry3: Align a few integer types

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

locking: Move br_off typedef to where it's used

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

locking: Move SMB_OFF_T_BITS macro to its only user

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

vfs_virusfilter: Fix canonicalizing socket path

canonicalize_absolute_path() returns its result, the previous code was
a no-op

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

vfs_widelinks: Fix small typos

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

pytdb tests: add test for storev()

Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue May  5 11:24:52 UTC 2020 on sn-devel-184

pytdb: add python binding for storev()

Signed-off-by: Jule Anger <ja@sernet.de>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

s3: smbd: Add a dirfsp parameter to smbd_calculate_maximum_allowed_access().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon May  4 15:33:09 UTC 2020 on sn-devel-184

s3: smbd: Reformat users of smbd_calculate_maximum_allowed_access().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add a dirfsp parameter to smbd_calculate_access_mask().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat users of smbd_calculate_access_mask().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add a dirfsp parameter to check_parent_access().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat users of check_parent_access().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add a dirfsp parameter to user_can_read_file().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat users of user_can_read_file().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add a dirfsp parameter to smbd_check_access_rights().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat users of smbd_check_access_rights().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dirfsp parameter to can_write_to_file().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat users of can_write_to_file().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dirfsp parameter to user_can_write_file().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat caller of user_can_write_file().

Make new parameter addition clearer.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add dirfsp parameter to can_delete_file_in_directory().

Not yet used. Currently always conn->cwd_fsp.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat definition and callers of can_delete_file_in_directory().

Makes future addition of parameter easier to see.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

CVE-2020-10700: dsdb: Do not permit the ASQ control for the GUID search in paged_results

ASQ is a very strange control and a BASE search can return multiple results
that are NOT the requested DN, but the DNs pointed to by it!

Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon May  4 10:14:28 UTC 2020 on sn-devel-184

CVE-2020-10700: ldb: Always use ldb_next_request() in ASQ module

We want to keep going down the module stack, and not start from the top again.

ASQ is above the ACL modules, but below paged_results and we do not wish to
re-trigger that work.

Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

CVE-2020-10700: dsdb: Add test for ASQ and ASQ in combination with paged_results

Thanks to Andrei Popa <andrei.popa@next-gen.ro> for finding,
reporting and working with us to diagnose this issue!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14331

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

CVE-2020-10704 libcli ldap: Check search request lengths.

Check the search request lengths against the limits passed to
ldap_decode.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon May  4 04:40:10 UTC 2020 on sn-devel-184

CVE-2020-10704: libcli ldap_message: Add search size limits to ldap_decode

Add search request size limits to ldap_decode calls.

The ldap server uses the smb.conf variable
"ldap max search request size" which defaults to 250Kb.
For cldap the limit is hard coded as 4096.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: S4 ldap server: Limit request sizes

Check the size of authenticated and anonymous ldap requests and reject
them if they exceed the limits in smb.conf

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: smb.conf: Add max ldap request sizes

Add two new smb.conf parameters to control the maximum permitted ldap
request size.

Adds:
   ldap max anonymous request size       default 250Kb
   ldap max authenticated request size   default 16Mb

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: ldapserver tests: Limit search request sizes

Add tests to ensure that overly long (> 256000 bytes) LDAP search
requests are rejected.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: lib util asn1: Check parse tree depth

Check the current depth of the parse tree and reject the input if the
depth exceeds that passed to asn1_init

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: libcli ldap: test recursion depth in ldap_decode_filter_tree

Add tests to check that ASN.1 ldap requests with deeply nested elements
are rejected.  Previously there was no check on the on the depth of
nesting and excessive nesting could cause a stack overflow.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

CVE-2020-10704: lib util asn1: Add ASN.1 max tree depth

Add maximum parse tree depth to the call to asn1_init, which will be
used to limit the depth of the ASN.1 parse tree.

Credit to OSS-Fuzz

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20454
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14334

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

smbd: use is_lease_stat_open() in delay_for_oplock()

This allows READ_CONTROL_ACCESS in the access mask as stat open if a file has
only leases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 30 21:10:43 UTC 2020 on sn-devel-184

smbd: add is_lease_stat_open()

This adds a leases specific stat opens access mask check function.

See also:

https://lists.samba.org/archive/cifs-protocol/2020-March/003409.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smbd: rename is_stat_open() to is_oplock_stat_open()

Testing stat opens with with leases reveals that that the access mask

  SYNCHRONIZE_ACCESS | FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES

is specific to oplocks.

See also:

https://lists.samba.org/archive/cifs-protocol/2020-March/003409.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4/torture: add a comprehensive "non-lease-break-trigger" access mask test case

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4/torture: add a comprehensive "non-oplock-break-trigger" access mask test case

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3: smbd: Add dirfsp parameter to check_access().

Not yet used.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Apr 30 09:11:56 UTC 2020 on sn-devel-184

s3: smbd: Reformat callers of check_access().

Makes it easier to see when we add the dirfsp
parameter.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Make check_access() a simple wrapper around smbd_check_access_rights().

Now we call check_access_fsp() separately in the callers we don't need the fsp
parameter anymore.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat spacing for parameters of check_access().

Makes it easier to see the removal of the parameter next.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Move the fsp check up one level from check_access().

This allows us to call check_access_fsp() directly when
we have an fsp, and to add in the dirfsp for relative
name access to check_access() in the next commit, making
it clear what it's for (and not confusing it with the
file fsp).

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Cleanup - move the function get_nt_acl_no_snum() to it's user module.

Make static. It was only called from one place.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Add a dirfsp parameter to directory_has_default_acl().

Not yet used, but will make it easier to move to SMB_VFS_GET_NT_ACL_AT()
later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat uses of directory_has_default_acl().

Makes it easier to add a dirfsp parameter.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Change is_visible_file() to take a directory handle not a name.

No change in functionality as the name is
easily retrieved from the directory handle
(it's always the name we opened the directory with)
and this will allow us to use the directory handle
fsp later.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Reformat calls to is_visible_file() to one arg per line.

Will make it easier to see parameter change in a later commit.

No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>