Jeremy Allison [Wed, 23 Jun 2021 00:56:11 +0000 (17:56 -0700)]
s3: VFS: catia: Remove catia_getxattr.
No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Wed, 23 Jun 2021 00:55:01 +0000 (17:55 -0700)]
s3: VFS: cap: Remove cap_getxattr.
No longer used.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:56:30 +0000 (13:56 -0700)]
s3: lib: adouble.c: In ad_read_meta() we can now guarantee a valid fsp.
There are now no more callers of SMB_VFS_GETXATTR().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:55:04 +0000 (13:55 -0700)]
s3: VFS: fruit: In fruit_streaminfo_meta_netatalk(), ad_get() -> ad_get_meta_fsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:53:02 +0000 (13:53 -0700)]
s3: VFS: fruit: In fruit_stat_meta_netatalk(), ad_get() -> ad_get_meta_fsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:52:02 +0000 (13:52 -0700)]
s3: VFS: fruit: In readdir_attr_meta_finderi_netatalk(), ad_get() -> ad_get_meta_fsp().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:50:48 +0000 (13:50 -0700)]
s3: VFS: fruit: In update_btime(), ad_get() -> ad_get_meta_fsp().
Uncomment ad_get_meta_fsp() as we're now using it.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:43:49 +0000 (13:43 -0700)]
s3: VFS: fruit: Add helper function ad_get_meta_fsp().
Not yet used. We will use this to replace calls
to ad_get(..., ADOUBLE_META). It uses openat_pathref_fsp()
to get a handle before calling into ad_get(..., ADOUBLE_META).
Uses the recursion guard to prevent recursion into openat_pathref_fsp()
from stat calls within.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:40:39 +0000 (13:40 -0700)]
s3: VFS: fruit: In the fruit handle->fruit_config_data, add a recursion guard we will set before calling openat_pathref_fsp().
Not yet used.
Same technique as used to prevent recursion in stat calls in vfs_fake_acls.c
This will go away once SMB_VFS_STATX() is added and we can select exactly
what fields we are calling stat() to get.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:37:56 +0000 (13:37 -0700)]
s3: VFS: fruit: In fruit_stat_meta_netatalk(), move the call to fruit_stat_base() before the ad_get() call.
Both must succeed for a valid return, and we're next going
to replace ad_get() with a wrapper that calls openat_pathref_fsp(),
which needs a VALID_STAT().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:47:30 +0000 (13:47 -0700)]
s3: VFS: fruit: Inside fruit_open_meta_netatalk() change to use fsp->base_fsp->fsp_name in ad_get() instead of smb_fname.
We know this will have a valid fsp within.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Fri, 2 Jul 2021 20:35:37 +0000 (13:35 -0700)]
s3: lib: In ad_read_meta(), allow use of SMB_VFS_FGETXATTR() as well as SMB_VFS_GETXATTR().
Eventually we will guarantee a valid smb_fname->fsp here and
will remove SMB_VFS_GETXATTR().
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 1 Jul 2021 01:40:59 +0000 (18:40 -0700)]
s3: smbd: Fix fsp->base_fsp->fsp_name->fsp == fsp->base_fsp invarient in non_widelink_open().
Currently in master when we call into openat() in the VFS
we violate the invarient:
fsp->base_fsp->fsp_name->fsp == fsp->base_fsp.
The reason for this is subtle. Inside open.c:non_widelink_open()
we change the fsp->base_fsp to be relative to the new $cwd.
We do this by the following code in open.c:non_widelink_open():
/* Also setup base_fsp to be relative to the new cwd */
if (fsp->base_fsp != NULL) {
base_smb_fname_rel = (struct smb_filename) {
.base_name = smb_fname_rel->base_name,
};
orig_base_fsp_name = fsp->base_fsp->fsp_name;
fsp->base_fsp->fsp_name = &base_smb_fname_rel;
}
Note that fsp->base_fsp->fsp_name now points at a
stack variable struct smb_filename, with smb_fname->fsp == NULL.
This fixes that problem by removing the horrid
stack based smb_filename and changing to use a
talloc'ed fsp->base_fsp->fsp_name, with
correctly linked fsp->base_fsp->fsp_name-> pointer.
Remove the selftest/knownfail.d/fruit_vfs_invariant
file as all vfs_fruit tests now pass again.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Jeremy Allison [Thu, 1 Jul 2021 18:26:21 +0000 (11:26 -0700)]
s3: smbd: Code inside non_widelink_open() breaks an invarient inside the VFS. Demonstrate this.
vfs_fruit isn't the bad guy here. It's just a convenient
place to show that non_widelink_open() violates:
fsp->base_fsp->fsp_name->fsp == fsp->base_fsp invarient
Add selftest/knownfail.d/fruit_vfs_invariant to show
what this breaks. Next patch will fix the non_widelink_open()
code and remove the knownfail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Pavel Filipenský [Fri, 2 Jul 2021 07:14:18 +0000 (09:14 +0200)]
s3:libads: Remove extra new line in keytab list output
net ads keytab list prints extra new line for uknown encoding types,
so it spans over two lines, instead over a single line:
1 AES-128 CTS mode with 96-bit SHA-1 HMAC ADDC$@ADDOM.SAMBA.EXAMPLE.COM
1 UNKNOWN: 3
ADDC$@ADDOM.SAMBA.EXAMPLE.COM
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 2 11:45:48 UTC 2021 on sn-devel-184
Stefan Metzmacher [Fri, 10 Apr 2020 21:10:28 +0000 (23:10 +0200)]
s4:kdc: prefer newer enctypes for preauth responses
This matches Windows KDCs, which was demonstrated by the
krb5.as_req_tests tests.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 1 18:37:14 UTC 2021 on sn-devel-184
Joseph Sutton [Mon, 21 Jun 2021 02:14:48 +0000 (14:14 +1200)]
s4:torture/krb5/kdc-heimdal: Automatically determine AS-REP enctype to check against
This enables us to more easily switch to a different algorithm to find
the strongest key in _kdc_find_etype().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Wed, 16 Jun 2021 00:52:11 +0000 (12:52 +1200)]
tests/krb5: Use admin creds for SamDB rather than user creds
This makes the purpose of each set of credentials more consistent, and
makes some tests more convenient to run standalone as they no longer
require user credentials.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 23:49:05 +0000 (11:49 +1200)]
tests/krb5/as_canonicalization_tests.py: Refactor account creation
Making this test a subclass of KDCBaseTest allows us to make use of its
methods for obtaining credentials and creating accounts, which helps to
eliminate some duplicated code.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 23:01:50 +0000 (11:01 +1200)]
tests/krb5: Deduplicate 'host' attribute initialisation
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 01:25:34 +0000 (13:25 +1200)]
tests/krb5/raw_testcase.py: Check for an explicit 'unspecified kvno' value
This is clearer than using the constant zero, which could be mistaken
for a valid kvno value.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 01:24:22 +0000 (13:24 +1200)]
tests/krb5/as_req_tests.py: Check the client kvno
Ensure we have the correct kvno for the client, rather than an 'unknown'
value.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 21 Apr 2020 09:07:45 +0000 (11:07 +0200)]
tests/krb5/as_req_tests.py: add simple test_as_req_enc_timestamp test
Example commands:
Windows 2012R2:
SERVER=172.31.9.188 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE CLIENT_USERNAME=ldaptestuser CLIENT_PASSWORD=
a1B2c3D4 CLIENT_AS_SUPPORTED_ENCTYPES=28 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
2eb6d146a2653d333cdbfb641a4efbc3de81af49e878e112bb4f6cbdd73fca52 KRBTGT_RC4_KEY_HEX=
4e6d99c30e5fab901ea71f8894289d3b python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
SERVER=172.31.9.188 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
2eb6d146a2653d333cdbfb641a4efbc3de81af49e878e112bb4f6cbdd73fca52 KRBTGT_RC4_KEY_HEX=
4e6d99c30e5fab901ea71f8894289d3b python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
SERVER=172.31.9.188 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.188 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 CLIENT_KVNO=1 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.188 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=ldaptestuser CLIENT_PASSWORD=
a1B2c3D4 CLIENT_AS_SUPPORTED_ENCTYPES=28 CLIENT_KVNO=4 python/samba/tests/krb5/as_req_tests.py
Windows 2008R2:
SERVER=172.31.9.133 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 CLIENT_KVNO=17 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
550aea2ea2719cb81c87692569796d1b3a099d433a93438f53bee798cc2f83be KRBTGT_RC4_KEY_HEX=
dbc0d1feaaca3d5abc6794857b7f6fe0 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.133 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 CLIENT_KVNO=1 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
550aea2ea2719cb81c87692569796d1b3a099d433a93438f53bee798cc2f83be KRBTGT_RC4_KEY_HEX=
dbc0d1feaaca3d5abc6794857b7f6fe0 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.133 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 CLIENT_KVNO=1 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.133 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 CLIENT_KVNO=17 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.133 SMB_CONF_PATH=/dev/null STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 python/samba/tests/krb5/as_req_tests.py
Samba:
SERVER=172.31.9.163 SMB_CONF_PATH=/dev/null STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 CLIENT_KVNO=17 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
550aea2ea2719cb81c87692569796d1b3a099d433a93438f53bee798cc2f83be KRBTGT_RC4_KEY_HEX=
dbc0d1feaaca3d5abc6794857b7f6fe0 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.163 SMB_CONF_PATH=/dev/null STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 CLIENT_KVNO=1 KRBTGT_KVNO=2 KRBTGT_AES256_KEY_HEX=
550aea2ea2719cb81c87692569796d1b3a099d433a93438f53bee798cc2f83be KRBTGT_RC4_KEY_HEX=
dbc0d1feaaca3d5abc6794857b7f6fe0 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.163 SMB_CONF_PATH=/dev/null STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 CLIENT_KVNO=1 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.163 SMB_CONF_PATH=/dev/null STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 CLIENT_KVNO=17 python/samba/tests/krb5/as_req_tests.py
SERVER=172.31.9.163 SMB_CONF_PATH=/dev/null STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE ADMIN_USERNAME=administrator ADMIN_PASSWORD=
A1b2C3d4 python/samba/tests/krb5/as_req_tests.py
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Wed, 16 Jun 2021 02:51:22 +0000 (14:51 +1200)]
tests/krb5/as_req_tests.py: Automatically obtain credentials
The credentials for the client and krbtgt accounts are now fetched
automatically rather than using environment variables, and the client
account is now automatically created.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 04:07:16 +0000 (16:07 +1200)]
tests/krb5/kdc_base_test.py: Add fallback methods to obtain client and krbtgt credentials
Now if the client credentials are not supplied in the environment, we
can fall back to creating a new user account. Similarly, if the krbtgt
credentials are not supplied, we can fetch the credentials of the
existing krbtgt account.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 03:55:17 +0000 (15:55 +1200)]
tests/krb5/raw_testcase.py: Simplify conditionals
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 05:12:39 +0000 (17:12 +1200)]
tests/krb5/raw_testcase.py: Allow specifying a fallback credentials function
This allows us to use other methods of obtaining credentials if getting
them from the environment fails.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 05:10:44 +0000 (17:10 +1200)]
tests/krb5/raw_testcase.py: Cache obtained credentials
If credentials are used more than once, we can now use the credentials
that we already obtained and so avoid fetching them again.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 04:55:02 +0000 (16:55 +1200)]
tests/krb5/raw_testcase.py: Add allow_missing_keys parameter for getting creds
This allows us to require encryption keys in the case that a password
would not be required, such as for the krbtgt account.
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 03:59:11 +0000 (15:59 +1200)]
tests/krb5/raw_testcase.py: Make env_get_var() a standalone method
This allows it to be used elsewhere in the tests.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 01:15:10 +0000 (13:15 +1200)]
tests/krb5/raw_testcase.py: Add method to obtain Kerberos keys over DRS
This requires admin credentials, and removes the need to pass these keys
as environment variables.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 03:12:38 +0000 (15:12 +1200)]
tests/krb5/kdc_base_test.py: Add methods to determine supported encryption types
This is done based on the domain functional level, which corresponds to
the logic Samba uses to decide whether or not to generate a
Primary:Kerberos-Newer-Keys element for the supplementalCredentials
attribute.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 23:40:41 +0000 (11:40 +1200)]
tests/krb5/kdc_base_test.py: Create loadparm only when needed
Now the .conf file is only loaded on its first use, which means that
SMB_CONF_PATH need not be defined for tests that don't make use of it.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 23:31:26 +0000 (11:31 +1200)]
tests/krb5/kdc_base_test.py: Remove 'credentials' class attribute
Credentials for tests are now obtained using the get_user_creds()
method.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 23:04:00 +0000 (11:04 +1200)]
tests/krb5/kdc_base_test.py: Create database connection only when needed
Now the database connection is only created on its first use, which
means database credentials are no longer required for tests that don't
make use of it.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 01:14:33 +0000 (13:14 +1200)]
tests/krb5/raw_testcase.py: Add get_admin_creds()
This method allows obtaining credentials that can be used for
administrative tasks such as creating accounts.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Joseph Sutton [Tue, 15 Jun 2021 03:38:28 +0000 (15:38 +1200)]
tests/krb5/kdc_base_test.py: Defer account deletion until tearDownClass() is called
This allows accounts created for permutation tests to be reused, rather
than having to be recreated for every test.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 21 Apr 2020 09:07:45 +0000 (11:07 +0200)]
selftest: run new as_req_tests against fl2008r2dc and fl2003dc
There are a lot of things we should improve in our KDC
in order to work like a Windows KDC.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 21 Apr 2020 09:07:45 +0000 (11:07 +0200)]
tests/krb5/as_req_tests.py: add new tests to cover more of the AS-REQ protocol
Example commands:
Windows 2012R2:
SERVER=172.31.9.188 STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE CLIENT_USERNAME=ldaptestuser CLIENT_PASSWORD=
a1B2c3D4 CLIENT_AS_SUPPORTED_ENCTYPES=28 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
SERVER=172.31.9.188 STRICT_CHECKING=1 DOMAIN=W2012R2-L6 REALM=W2012R2-L6.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
Windows 2008R2:
SERVER=172.31.9.133 STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
SERVER=172.31.9.133 STRICT_CHECKING=1 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
Samba 4.14:
SERVER=172.31.9.163 STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=cifsmount CLIENT_PASSWORD=
A1b2C3d4-08 CLIENT_AS_SUPPORTED_ENCTYPES=28 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
SERVER=172.31.9.163 STRICT_CHECKING=0 DOMAIN=W4EDOM-L4 REALM=W4EDOM-L4.BASE CLIENT_USERNAME=administrator CLIENT_PASSWORD=
A1b2C3d4 CLIENT_AS_SUPPORTED_ENCTYPES=4 python/samba/tests/krb5/as_req_tests.py AsReqKerberosTests
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 21 Apr 2020 09:07:45 +0000 (11:07 +0200)]
tests/krb5/raw_testcase.py: introduce a _generic_kdc_exchange() infrastructure
This will allow us to write tests, which will all cross check almost
every aspect of the KDC response (including encrypted parts).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 16 Apr 2020 15:13:35 +0000 (17:13 +0200)]
tests/krb5/raw_testcase.py: Add TicketDecryptionKey_from_creds()
This will allow building test_as_req_enc_timestamp()
It also introduces ways to specify keys in hex formated environment
variables ${PREFIX}_{AES256,AES128,RC4}_KEY_HEX.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Mon, 20 Apr 2020 18:02:52 +0000 (20:02 +0200)]
tests/krb5/raw_testcase.py: add methods to iterate over etype permutations
It's often useful to run tests over a lot of input parameter
permutations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 16 Apr 2020 08:43:54 +0000 (10:43 +0200)]
tests/krb5/raw_testcase.py: add KERB_PA_PAC_REQUEST_create()
This allows building the pre-authentication data that encodes
the request for the KDC (or more likely a request not to include)
the KRB5 PAC in the resulting ticket.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Tue, 21 Apr 2020 12:45:01 +0000 (14:45 +0200)]
tests/krb5/raw_testcase.py: split KDC_REQ_BODY_create() from KDC_REQ_create()
This allows us to reuse body in future and calculate checksums on it.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 15 Apr 2020 15:57:37 +0000 (17:57 +0200)]
tests/krb5/raw_testcase.py: Allow prettyPrint of more MS-KILE-defined values
By setting krb5_asn1.APOptions.prettyPrint = BitString_NamedValues_prettyPrint
we allow the BitString_NamedValues_prettyPrint() routine to show more named values.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 15 Apr 2020 15:50:00 +0000 (17:50 +0200)]
tests/krb5/raw_testcase.py: Allow prettyPrint of more RFC-defined values
By setting krb5_asn1.APOptions.prettyPrint = BitString_NamedValues_prettyPrint
we allow the BitString_NamedValues_prettyPrint() routine to show more named values.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 15 Apr 2020 11:49:52 +0000 (13:49 +0200)]
tests/krb5/raw_testcase.py: add assertElement*()
These helper functions make writing subsequent Kerberos test
clearer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 9 Apr 2020 20:28:32 +0000 (22:28 +0200)]
tests/krb5/raw_testcase.py: introduce STRICT_CHECKING=0 in order to relax the checks in future
We should write tests as strict as possible in order to let them run
against Windows servers.
But at the same time we want to allow tests to be useful for Samba
too...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 9 Apr 2020 08:55:28 +0000 (10:55 +0200)]
tests/krb5/raw_testcase.py: Add get_{client,server,krbtgt}_creds()
These helpful functions allow us to build the various credentials
that we will use in validating the KDC responses in this test.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 9 Apr 2020 09:10:11 +0000 (11:10 +0200)]
tests/krb5/rfc4120.asn1: Improve definitions to allow expanded testing
Update and re-generate the ASN.1 to allow an improved testsuite.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Wed, 15 Apr 2020 14:50:55 +0000 (16:50 +0200)]
Rename python/samba/tests/krb5/{rfc4120_pyasn1_regen.sh => pyasn1_regen.sh}
This is a clearer name for the script
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Stefan Metzmacher [Thu, 9 Apr 2020 19:04:44 +0000 (21:04 +0200)]
auth/credentials: allow credentials.Credentials to act as base class
In tests it's useful to add more details.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Ralph Boehme [Thu, 1 Jul 2021 13:19:56 +0000 (15:19 +0200)]
vfs_default: use fsp_get_io_fd() for copy_file_range()
Unintentionally used fsp_get_pathref_fd() in the initial patchset.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 1 17:45:49 UTC 2021 on sn-devel-184
Stefan Metzmacher [Thu, 1 Jul 2021 12:07:34 +0000 (14:07 +0200)]
WHATSNEW: document new preopen:* options
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 1 13:48:32 UTC 2021 on sn-devel-184
Stefan Metzmacher [Fri, 18 Jun 2021 14:00:25 +0000 (14:00 +0000)]
vfs_preopen: add useful debug messages which can be configured on adjustable log levels
The following are the default values:
preopen:nomatch_log_level = 5
preopen:match_log_level = 5
preopen:nodigits_log_level = 1
preopen:founddigits_log_level = 3
preopen:reset_log_level = 5
preopen:push_log_level = 3
preopen:queue_log_level = 10
This gives admins a way to debug/audit the preopen usage.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 19:07:03 +0000 (19:07 +0000)]
vfs_preopen: introduce support for "preopen:posix-basic-regex = yes"
This will allow the usage of patterns as
'POSIX Basic Regular Expression'
vfs objects = preopen
preopen:posix-basic-regex = yes
preopen:names = /Re7599Ex\([0-9]\).*\.txt/test\([0-9]*\)\.dat/
The key is that exactly one 'subexpression' starting with '\(' and
ending with '\)' is specified in order to select the position where
the digits are searched.
E.g. given a file name 'Re7599Ex01234.txt' will actually preopen:
Re7599Ex01234.txt
Re7599Ex11234.txt
Re7599Ex21234.txt
Re7599Ex31234.txt
Re7599Ex41234.txt
As '\([0-9]\)' will only match the first digit after 'Re7599Ex'.
It also means it's now possible to have digits in the fixed part of the
filename, which was the actual motivation for this patchset.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 28 Jun 2021 09:54:29 +0000 (11:54 +0200)]
docs-xml:vfs_preopen.8: improve the documentation of the current detection algorithm
We should be more verbose that the first digits in a name are taken by
default, if at least 3 digits were found.
There might be cases were the last group of digits describe the
increasing frame number, while the fixed name already contains
3 digits. This is currently not supported.
It's also possible to provide more than one pattern.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 21:08:19 +0000 (21:08 +0000)]
vfs_preopen: make use of any hints from samba_path_matching_check_last_component()
samba_path_matching_check_last_component() may return the start and end
offset of a submatch (for us the bytes where the digits are expected).
We use that in order to allow preopen_parse_fname() to just
look at these bytes and ignore any trailing digits after the submatch.
For the current use of samba_path_matching_mswild_create(),
there's no difference as we'll always get replace_start=-1 and
replace_end=-1. But the next commit will make optional use of
samba_path_matching_regex_sub1_create(), which will change the situation
and allow to return hints we got from regexec().
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 18 Jun 2021 18:29:31 +0000 (18:29 +0000)]
vfs_preopen: cap the queue length to the maximum number that fits into the digits space
If we have a single digit we only replace up to '9', which also fits
into a single digit.
We operate on numbers from 0 to
9999999999999999999 independent of the
architecture.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 21:08:19 +0000 (21:08 +0000)]
vfs_preopen: introduce helper variables in preopen_parse_fname()
Calculating the start_idx and num_digits at the first possible place
will make the following commits much easier.
At the end we just want to assign the return values without any logic.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 18 Jun 2021 13:31:58 +0000 (13:31 +0000)]
vfs_preopen: completely reset the queue if the name structure changes
There's no point in trying to check if the current number is part
of the existing queue. This makes the logic at least more unstandable
to me.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 20:03:49 +0000 (20:03 +0000)]
vfs_preopen: only reset the queue state if preopen_parse_fname() found matching digits
Otherwise there's no point in stopping the existing queue to continue
via pending preopen_helper_readable() invocations.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 9 Jun 2021 13:08:38 +0000 (15:08 +0200)]
vfs_preopen: make use of new samba_path_matching_* infrastructure
There should not be any logic change in this commit,
for now we'll keep the same ms wildcard matching we had before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 20:05:14 +0000 (20:05 +0000)]
vfs_preopen: only try to preopen if we can construct an absolute path
So we make sure the dirfsp contains an absolute path to begin with
and smb_fname is a relative name within the directory.
Note: dirfsp->fsp_name->base_name[0] is only '/' because currently all callers pass
conn->cwd_fsp as dirfsp ... though there's already one caller that calls
fd_openat() with a real dirfsp, that is in vfs_fruit though on the
resource fork stream so doesn't really effect us currently.
If more callers are changed in future the situation may change,
but I guess then this is not the only place with potential problems.
We most likely need a generic helper function that returns the absolute
path of a dirfsp and use it here.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Tue, 8 Jun 2021 08:56:22 +0000 (10:56 +0200)]
vfs_preopen: introduce "preopen" debug class
It might be useful to change the level/location
of debug messages specific to this module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Mon, 28 Jun 2021 09:44:27 +0000 (11:44 +0200)]
docs-xml: document dynamic debug classes from modules
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 18 Jun 2021 12:18:00 +0000 (12:18 +0000)]
lib/util: improve debug message about unknown classes
debug classes registered by vfs modules are not available immediately.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 11 Jun 2021 19:03:42 +0000 (19:03 +0000)]
s3:lib: add samba_path_matching_regex_sub1_create()
This will allow the usage 'POSIX Basic Regular Expression'
instead of 'ms wildcard' strings.
We allow exactly one 'subexpression' starting with '\(' and
ending with '\)' in order to find a replacement (byte) region
in the matching string.
This will be used in the vfs_preopen module in the following
commits.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Wed, 9 Jun 2021 12:44:39 +0000 (14:44 +0200)]
s3:lib: add a new samba_path_matching* infrastructure
This aims to replace the current is_in_path() code in the long run.
For now it implements samba_path_matching_mswild_create()
in order to replace is_in_path() in the long run.
But there will be other "backends" using regexec() too.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Stefan Metzmacher [Fri, 18 Jun 2021 21:54:27 +0000 (21:54 +0000)]
s3:torture: add STR-MATCH-MSWILD test for is_in_path()
I want to assert at least some of the behavior as the
next commits will add a new abstraction that should
at least partly behave the same.
Note: case_[in]sensitive_idx is the index to the patterns
in the namelist, set to -1 on non-match, otherwise to
a value >= 0.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Ralph Boehme [Thu, 24 Jun 2021 14:21:42 +0000 (16:21 +0200)]
vfs_default: use copy_file_range()
Original file on an XFS filesystem:
$ ls -l /mnt/test/
1048578-file
-rw-rw-r--. 1 slow slow
1048578 Jun 25 11:40 /mnt/test/
1048578-file
$ xfs_bmap /mnt/test/
1048578-file
/mnt/test/
1048578-file:
0: [0..2055]: 192..2247
Copy created with cp --reflink=never:
$ xfs_bmap /mnt/test/
1048578-file-reflink-never
/mnt/test/
1048578-file-reflink-never:
0: [0..2055]: 2248..4303
Copy created with cp --reflink=always
$ xfs_bmap /mnt/test/
1048578-file-reflink-always
/mnt/test/
1048578-file-reflink-always:
0: [0..2055]: 192..2247
Copy done from a Windows client:
$ xfs_bmap /mnt/test/
1048578-file\ -\ Copy
/mnt/test/
1048578-file - Copy:
0: [0..2055]: 192..2247
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 30 17:40:23 UTC 2021 on sn-devel-184
Ralph Boehme [Mon, 28 Jun 2021 13:50:32 +0000 (15:50 +0200)]
smbd: use sys_io_ranges_overlap() in fsctl_dup_extents_check_overlap()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Sat, 26 Jun 2021 10:21:19 +0000 (12:21 +0200)]
lib: add sys_io_ranges_overlap()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Fri, 25 Jun 2021 13:47:38 +0000 (15:47 +0200)]
vfs_default: properly track written bytes for copy-chunk
No change in behavour, this just makes the logic slightly more
understandable. In theory it would also allow the logic to be adjusted for
allowing short reads which is not quite clear from MS-SMB2 if we should allow
it. The file could be truncated while we're reading it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Ralph Boehme [Thu, 24 Jun 2021 12:13:50 +0000 (14:13 +0200)]
replace: copy_file_range()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12033
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Jeremy Allison [Mon, 28 Jun 2021 23:48:51 +0000 (16:48 -0700)]
s3: VFS: fake_acls. Remove two static 'recursion' global booleans.
Ralph made me feel really guilty about this, so I cleaned it up :-).
This may also be the way we can finally get rid of SMB_VFS_GETXATTR()
from adouble.c too.
This will go away once we have SMB_VFS_STATX() and we will
have a way for a caller to as for specific stat fields in a
granular way. Then we will know exactly what fields the caller
wants, so we won't have to fill in everything.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jun 29 22:08:02 UTC 2021 on sn-devel-184
Noel Power [Thu, 17 Jun 2021 09:03:05 +0000 (10:03 +0100)]
s3: VFS: Update status of SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Noel Power <npower@samba.org>
Autobuild-Date(master): Tue Jun 29 09:10:00 UTC 2021 on sn-devel-184
Noel Power [Fri, 11 Jun 2021 15:58:24 +0000 (16:58 +0100)]
VFS: Remove SMB_VFS_CHFLAGS, not used anymore
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:34:01 +0000 (16:34 +0100)]
VFS: unityed_media: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:33:30 +0000 (16:33 +0100)]
VFS: snapper: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:33:02 +0000 (16:33 +0100)]
VFS: shadow_copy2: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:32:41 +0000 (16:32 +0100)]
VFS: media_harmony: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:32:04 +0000 (16:32 +0100)]
VFS: glusterfs Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:30:04 +0000 (16:30 +0100)]
VFS: catia: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:31:38 +0000 (16:31 +0100)]
VFS: ceph_snapshot Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:31:13 +0000 (16:31 +0100)]
VFS: ceph: Remove SMB_VFS_CHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 15:23:12 +0000 (16:23 +0100)]
s3/smbd: smb_set_file_unix_info2: SMB_VFS_CHFLAGS -> SMB_VFS_FCHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 14:46:56 +0000 (15:46 +0100)]
VFS: snapper: Add SMB_VFS_FCHFLAGS implementation
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 14:46:30 +0000 (15:46 +0100)]
VFS: shadow_copy2: Add SMB_VFS_FCHFLAGS implementation
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 14:46:07 +0000 (15:46 +0100)]
VFS: glusterfs: Add SMB_VFS_FCHFLAGS implementation
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 14:45:51 +0000 (15:45 +0100)]
VFS: ceph_snapshots: Add SMB_VFS_FCHFLAGS implementation
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Fri, 11 Jun 2021 14:45:38 +0000 (15:45 +0100)]
VFS: ceph: Add SMB_VFS_FCHFLAGS implementation
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Noel Power [Thu, 10 Jun 2021 15:31:40 +0000 (16:31 +0100)]
VFS: Add initial implemenataion for SMB_VFS_FCHFLAGS
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Pavel Filipenský [Tue, 22 Jun 2021 14:00:00 +0000 (16:00 +0200)]
idl: secrets_domain_info1_change is not a recursive structure
575d39048e3b4f619d65d65303ac809c40c5d495 has marked
several structures as recursive, they contain typically a
backpointer named '* next'. secrets_domain_info1 is not self
recursive, it only contains a pointer named '*next_change'.
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jun 29 03:07:17 UTC 2021 on sn-devel-184
Andreas Schneider [Tue, 22 Jun 2021 07:37:13 +0000 (09:37 +0200)]
s4:dsdsb: Check return code of cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 22 Jun 2021 07:35:47 +0000 (09:35 +0200)]
s3:libsmb: Check return code of cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 22 Jun 2021 07:34:39 +0000 (09:34 +0200)]
s3:libnetapi: Check return code of cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 22 Jun 2021 07:24:38 +0000 (09:24 +0200)]
auth:creds: Check return code of cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 27 Apr 2021 14:19:31 +0000 (16:19 +0200)]
lib:cmdline: Ignore the return code of cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Andreas Schneider [Tue, 27 Apr 2021 14:15:30 +0000 (16:15 +0200)]
auth:creds: Return bool for cli_credentials_guess()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>