The branch, master has been updated
via e0aab377bdc s3:winbindd: Remove unused set_routing_domain()
via 890724f8a58 nsswitch:winbind: Remove WINBINDD_SHOW_SEQUENCE
via bf20ec9642e s3:winbindd: Remove implementation of
WINBINDD_SHOW_SEQUENCE
via e97fbcc4b1e s4:torture: Remove test for deprecated
WINBINDD_SHOW_SEQUENCE
via 2e8009b4ca5 nsswitch:wbinfo: Remove implementation of deprecated
'--sequence'
via e52873766ef docs-xml:manpages: Remove deprecated 'wbinfo --sequence'
via a7d8d801793 nsswitch:tests: Remove test for deprecated wbinfo
--sequence
via 04977dbb67e smbd: Simplify rmdir_internals()
via 83f7129e584 smbd: Streamline recursive_rmdir()
via 663f03996ca smbd: Simplify rmdir_internals()
via cf69a9ef142 smbd: Factor out can_delete_directory_hnd()
via 671186d8f63 smbd: Make can_delete_directory_fsp() look cleaner in
strace
via f29b06760a4 smbd: Fix can_delete_directory_fsp()
via 9afd9fc7daf smbd: simplify can_delete_directory_fsp()
via 6262f9a66e4 smbd: Remove a pointless and partially wrong comment
via 719d4f98c4f smbd: Fix typos
via 6098724e8b8 smbd: Simplify ReadDirName()
via e166299b186 lib: Simplify ad_get_internal()
via e1767db3dbf smbd: Pass "dirfsp" through open_streams_for_delete()
via 6b7ca29ffb7 smbd: Fix a %d/%u format string hickup
via 7116dca925d rpcclient: Fix Coverity ID 1508978 Use of 32-bit time_t
via be20007cc75 net: Fix Coverity ID 1508974 Use of 32-bit time_t
via c1b9dc9f7ac eventlog: Fix Coverity ID 1508977 Use of 32-bit time_t
via 3035f98364c winbind: Fix Coverity ID 1509002 Use of 32-bit time_t
via de8babd6af5 printing: Remove a few obsolete openat_pathref_fsp()
calls
via d745a0799ba smbd: Remove an obsolete comment
via aff7a1fde6c smbd: Simplify smb_set_file_end_of_file_info()
via ee3a7b31e01 smbd: Simplify call_trans2setfileinfo()
via 253e5f4a689 lib: Fix Coverity ID 1636566 Untrusted loop bound
via 06cca7bf020 smbd: Modernize DEBUGs
via 69d74563add smbd: Avoid a (double) cast
via 2d6d890f45b smbd: Pass "dirfsp" to get_posix_fsp()
via 3a16c35ab48 smbd: Simplify smb_set_posix_acl()
via b768c54bd59 smbd: Simplify smb_q_posix_acl()
via a780c07c249 smbd: Simplify get_posix_fsp()
via f41dc1440be libcli: Modernize a DEBUG
via 84faa9dbb47 libcli: Fix a potential 32-bit problem with PRIu32
via ddc88fa8b6e libcli: Make handling implicit_owner_rights bit easier
to read
via 9312bdd271f libcli: Simplify disp_sec_ace_object()
via d6ec1f42c62 libcli: Align an integer type
via 391962e2620 libcli: Remove the "mem_ctx" argument from
pull_integer()
via dddbab8e36c libcli: Simplify pull_integer()
via 8f1d9035248 vfs: Simplify connect_acl_tdb()
via d088738342a vfs: Simplify connect_acl_xattr()
via 54124677f6f smbd: Pass "dirfsp" through posix_mkdir()
via 3b2134e231f libcli: Avoid an unnecessary "else"
via 8ed1b9e874e libcli: Use ndr_deepcopy_struct() in
security_token_duplicate()
from e37e4d16e9c s3:open.c: Fix a typo
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit e0aab377bdc86884d460ef9b4515484f4282b31e
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:39:54 2024 +0100
s3:winbindd: Remove unused set_routing_domain()
Commit 9a613f4 winbindd: add routing_domain as parameter to
add_trusted_domain
deleted all calls of set_routing_domain().
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
Autobuild-User(master): Volker Lendecke <[email protected]>
Autobuild-Date(master): Tue Dec 17 13:30:25 UTC 2024 on atb-devel-224
commit 890724f8a58af9c5cb421d0a945673c8b778c4b7
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:10:48 2024 +0100
nsswitch:winbind: Remove WINBINDD_SHOW_SEQUENCE
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit bf20ec9642eacabc1a2379528cc0c3d4bb5cfc85
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:16:07 2024 +0100
s3:winbindd: Remove implementation of WINBINDD_SHOW_SEQUENCE
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit e97fbcc4b1ee79dd15462e9db58886bc38c12ca1
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:12:22 2024 +0100
s4:torture: Remove test for deprecated WINBINDD_SHOW_SEQUENCE
torture_winbind_struct_show_sequence() is failing if run as:
make -j8 test TESTS="samba4.rpc.lsa.trusted.*ad_dc
samba4.winbind.struct.ad_dc"
The reason is that the test constructs two lists of domains and assumes
that the list contain same domains in the same order.
However:
- the list based on DO_STRUCT_REQ_REP(WINBINDD_SHOW_SEQUENCE, &req, &rep)
contains 51 domains
- the list based on DO_STRUCT_REQ_REP(WINBINDD_LIST_TRUSTDOM, &req, &rep)
contains 39 domains
and we got:
failure: show_sequence [ ../../source4/torture/winbind/struct_based.c:824:
domlist[i].netbios_name was TORTURE201, expected TORTURE200: inconsistent order
of domain lists
]
Both list are based on full domain list, however the smaller one filters
out domain without trust_type in winbindd_list_trusted_domains():
trust_type = get_trust_type_string(talloc_tos(), d, domain);
if (trust_type == NULL) {
continue;
}
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit 2e8009b4ca54003c72da52c76e1f2f1b175f2314
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 13:57:17 2024 +0100
nsswitch:wbinfo: Remove implementation of deprecated '--sequence'
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit e52873766efb2cffae49ef10875096e8dbb7534c
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:01:42 2024 +0100
docs-xml:manpages: Remove deprecated 'wbinfo --sequence'
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit a7d8d801793742926402421783485c906332b647
Author: Pavel Filipenský <[email protected]>
Date: Mon Dec 16 14:01:42 2024 +0100
nsswitch:tests: Remove test for deprecated wbinfo --sequence
Signed-off-by: Pavel Filipenský <[email protected]>
Reviewed-by: Volker Lendecke <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit 04977dbb67ea59f9263db16e0c69367c0233c6f0
Author: Volker Lendecke <[email protected]>
Date: Fri Dec 6 09:23:21 2024 +0100
smbd: Simplify rmdir_internals()
Remove another "copy" of recursive_rmdir()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 83f7129e584898b5db16af32f65b7fd1b6e978c3
Author: Volker Lendecke <[email protected]>
Date: Fri Dec 6 09:19:08 2024 +0100
smbd: Streamline recursive_rmdir()
By factoring out recursive_rmdir_fsp() we can do the recursion using
openat_pathref_fsp_lcomp(). This makes strace for a recursive
directory removal look a *lot* cleaner.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 663f03996ca10bd2dd73bef10ea21fd3947fe129
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 17:20:41 2024 +0100
smbd: Simplify rmdir_internals()
Remove a "copy" of can_delete_directory_hnd()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit cf69a9ef142098704ab358f01abf5e0e79652973
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 17:17:59 2024 +0100
smbd: Factor out can_delete_directory_hnd()
To be used in close.c next
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 671186d8f6371ce6d20886179daa4f411d3cdc33
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 16:50:12 2024 +0100
smbd: Make can_delete_directory_fsp() look cleaner in strace
I'm not sure, but it might be that we don't have a full fd coming into
can_delete_directory_fsp() without O_PATH. We open a real fd for
readdir() in all cases, which we can use for sure in openat &
friends. Use that as dirfsp for openat.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit f29b06760a46021dddeeddf94a422caf045120de
Author: Volker Lendecke <[email protected]>
Date: Fri Dec 6 11:31:56 2024 +0100
smbd: Fix can_delete_directory_fsp()
We should only ignore veto files if they are about to deleted anyway
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 9afd9fc7daf3e0c3bf28ac8d0f38b4d9c68c9888
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 13:08:32 2024 +0100
smbd: simplify can_delete_directory_fsp()
openat_pathref_fsp_lcomp does all of what we do here manually
anyway. Use it.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 6262f9a66e411efdc2f4fd489ab5fae149254af6
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 20:07:03 2024 +0100
smbd: Remove a pointless and partially wrong comment
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 719d4f98c4f9800768aa149b43bdda804c607e87
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 11:38:51 2024 +0100
smbd: Fix typos
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 6098724e8b8e815e10d08e2f892e2897fa9ecd18
Author: Volker Lendecke <[email protected]>
Date: Thu Dec 5 11:37:15 2024 +0100
smbd: Simplify ReadDirName()
"fp" is only used for DBG messages where I don't think we need the
full accuracy of full_path_from_dirfsp_at_basename(). Save a talloc.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit e166299b186e11376b7cfdb902805e013fc0f598
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 19:37:20 2024 +0100
lib: Simplify ad_get_internal()
We have metadata_fsp() for this
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit e1767db3dbf88c61687049bba6372b1d4cbfc922
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 19:29:03 2024 +0100
smbd: Pass "dirfsp" through open_streams_for_delete()
One SMB_VFS_CREATE_FILE call less with "NULL" as dirfsp
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 6b7ca29ffb7a5f2aa9dd69036e3ef42c308f7dec
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 19:19:57 2024 +0100
smbd: Fix a %d/%u format string hickup
num_streams is an unsigned int
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 7116dca925d1798373da75fb5444ccfefe5d8243
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 17:03:46 2024 +0100
rpcclient: Fix Coverity ID 1508978 Use of 32-bit time_t
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit be20007cc75e78cd2b786667c9345849ad7b4e47
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 17:00:50 2024 +0100
net: Fix Coverity ID 1508974 Use of 32-bit time_t
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit c1b9dc9f7ac66a6d5b1f962a48e4bd7c7d0e02f4
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 16:59:01 2024 +0100
eventlog: Fix Coverity ID 1508977 Use of 32-bit time_t
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 3035f98364c7865fb3873aac87b997beda931aee
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 16:38:47 2024 +0100
winbind: Fix Coverity ID 1509002 Use of 32-bit time_t
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit de8babd6af50764cdb5e9ddf369b639d3918b3e1
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 16:30:03 2024 +0100
printing: Remove a few obsolete openat_pathref_fsp() calls
driver_convert_unix calls filename_convert_dirfsp, which these days
fills smb_fname->fsp. So openat_pathref_fsp() will immediately return
success as it finds smb_fname->fsp != NULL.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit d745a0799baf76a7910d6332986c7ce9fbc8a6eb
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 16:11:44 2024 +0100
smbd: Remove an obsolete comment
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit aff7a1fde6c96e37c1a487ba46f89d7ba97b8aa7
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 16:06:10 2024 +0100
smbd: Simplify smb_set_file_end_of_file_info()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit ee3a7b31e0118275d1ceec70920e04d00faca135
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 15:53:41 2024 +0100
smbd: Simplify call_trans2setfileinfo()
Avoid an "else"
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 253e5f4a68939516d249e4f9e33c931226b828cf
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 14:03:12 2024 +0100
lib: Fix Coverity ID 1636566 Untrusted loop bound
Sanitize num_auths to [0,15] in sid_copy()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 06cca7bf020dab38bff6d1354eaf466ef2526b21
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 12:42:43 2024 +0100
smbd: Modernize DEBUGs
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 69d74563add41bee79c9bdd59b7df0a80953b4b8
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 12:42:00 2024 +0100
smbd: Avoid a (double) cast
We don't need floating point here, intmax_t and %jd should be
sufficient
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 2d6d890f45bf50f46b7d77e14b1bf4d8c4dcca73
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 12:28:34 2024 +0100
smbd: Pass "dirfsp" to get_posix_fsp()
The two places where get_posix_fsp() is called we do have the dirfsp
around. Pass this through to SMB_VFS_CREATE_FILE(), looks much cleaner
in strace.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 3a16c35ab48bbca2fa047ea17611801f85b0a1b5
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 09:01:15 2024 +0100
smbd: Simplify smb_set_posix_acl()
Call get_posix_fsp() in the caller, this removes if-conditions in
smb_set_posix_acl() itself
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit b768c54bd59614e300db5bcabd5e86a9b5c0479d
Author: Volker Lendecke <[email protected]>
Date: Wed Dec 4 08:54:19 2024 +0100
smbd: Simplify smb_q_posix_acl()
Ensure it's called with a valid fsp. In the pathinfo case, use
get_posix_fsp() in the caller, in the fileinfo case the client has
sent us the fid. A client-visible fid is always a fsa fsp.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit a780c07c24929f44aca3d47f5d72309a5696d392
Author: Volker Lendecke <[email protected]>
Date: Tue Dec 3 17:24:40 2024 +0100
smbd: Simplify get_posix_fsp()
Remove three variables only set at initialization time
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit f41dc1440beedcd85a0b4526336cdb26bfead721
Author: Volker Lendecke <[email protected]>
Date: Fri Nov 29 15:35:50 2024 +0100
libcli: Modernize a DEBUG
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 84faa9dbb4703a9f5f679c5d71f72b8c31a16dcb
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 18:44:02 2024 +0100
libcli: Fix a potential 32-bit problem with PRIu32
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit ddc88fa8b6e8c7facfc4b972d8316989b11eeade
Author: Volker Lendecke <[email protected]>
Date: Fri Nov 29 13:06:03 2024 +0100
libcli: Make handling implicit_owner_rights bit easier to read
The first time I came across this I missed the "FALL_THROUGH" and had
to look closely at what happens. I had expected
IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS to grant two rights,
which to me is now more obvious. It was correct before, but to me this
is now more obvious. YMMV.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 9312bdd271f2d1b8d0ac84507d92df1f65b82a73
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 18:41:50 2024 +0100
libcli: Simplify disp_sec_ace_object()
Directly use GUID_buf_string()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit d6ec1f42c6222601665217fb71934983674997e0
Author: Volker Lendecke <[email protected]>
Date: Tue Dec 3 13:33:48 2024 +0100
libcli: Align an integer type
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 391962e26208ee722dca3367e8a9f793bfa7b079
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 18:01:21 2024 +0100
libcli: Remove the "mem_ctx" argument from pull_integer()
Not needed anymore
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit dddbab8e36ca47fb1799cfc38087d5bfcd694a03
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 17:58:59 2024 +0100
libcli: Simplify pull_integer()
Use ndr_pull_struct_blob_noalloc, we don't need talloc here.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 8f1d9035248ff1007d8472ddec98631f4a4b7627
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 15:48:45 2024 +0100
vfs: Simplify connect_acl_tdb()
We don't need talloc for printing a mask with %o
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit d088738342a378cdd2469abd13d32c80a9233355
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 15:48:45 2024 +0100
vfs: Simplify connect_acl_xattr()
We don't need talloc for printing a mask with %o
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 54124677f6f0db2f5b2081cb9d12d90d098fa1cb
Author: Volker Lendecke <[email protected]>
Date: Sat Nov 23 16:51:15 2024 +0100
smbd: Pass "dirfsp" through posix_mkdir()
One less caller of SMB_VFS_CREATE_FILE with dirfsp==NULL
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 3b2134e231fe74bc51bb3c9550ec4233f58c569f
Author: Volker Lendecke <[email protected]>
Date: Mon Nov 25 12:04:53 2024 +0100
libcli: Avoid an unnecessary "else"
We return in the if-branch
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
commit 8ed1b9e874e6b7213e8b8c01016030cc9e152456
Author: Volker Lendecke <[email protected]>
Date: Thu Nov 28 13:56:19 2024 +0100
libcli: Use ndr_deepcopy_struct() in security_token_duplicate()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Pavel Filipenský <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/wbinfo.1.xml | 8 -
libcli/security/access_check.c | 27 +-
libcli/security/conditional_ace.c | 35 ++-
libcli/security/display_sec.c | 21 +-
libcli/security/security_descriptor.c | 3 +-
libcli/security/security_token.c | 29 +--
libcli/security/util_sid.c | 7 +-
nsswitch/tests/test_wbinfo.sh | 21 --
nsswitch/wbinfo.c | 22 --
nsswitch/winbind_struct_protocol.h | 5 +-
source3/lib/adouble.c | 7 +-
source3/modules/vfs_acl_tdb.c | 15 +-
source3/modules/vfs_acl_xattr.c | 20 +-
source3/printing/nt_printing.c | 22 --
source3/rpcclient/cmd_samr.c | 4 +-
source3/smbd/close.c | 397 +++++-------------------------
source3/smbd/dir.c | 206 +++++++---------
source3/smbd/dir.h | 1 +
source3/smbd/open.c | 8 +-
source3/smbd/smb1_trans2.c | 201 ++++++---------
source3/smbd/smb2_trans2.c | 9 +-
source3/utils/eventlogadm.c | 8 +-
source3/utils/net_rpc_sh_acct.c | 5 +-
source3/winbindd/wb_seqnum.c | 78 ------
source3/winbindd/wb_seqnums.c | 153 ------------
source3/winbindd/winbindd.c | 2 -
source3/winbindd/winbindd_ads.c | 8 +-
source3/winbindd/winbindd_proto.h | 20 --
source3/winbindd/winbindd_show_sequence.c | 167 -------------
source3/winbindd/winbindd_util.c | 13 -
source3/winbindd/wscript_build | 3 -
source4/torture/winbind/struct_based.c | 157 ------------
32 files changed, 325 insertions(+), 1357 deletions(-)
delete mode 100644 source3/winbindd/wb_seqnum.c
delete mode 100644 source3/winbindd/wb_seqnums.c
delete mode 100644 source3/winbindd/winbindd_show_sequence.c
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml
index 9b517006c3c..911e8c522f7 100644
--- a/docs-xml/manpages/wbinfo.1.xml
+++ b/docs-xml/manpages/wbinfo.1.xml
@@ -62,7 +62,6 @@
<arg choice="opt">--remove-uid-mapping uid,sid</arg>
<arg choice="opt">-s sid</arg>
<arg choice="opt">--separator</arg>
- <arg choice="opt">--sequence</arg>
<arg choice="opt">--set-auth-user user%password</arg>
<arg choice="opt">--set-gid-mapping gid,sid</arg>
<arg choice="opt">--set-uid-mapping uid,sid</arg>
@@ -458,13 +457,6 @@
</para></listitem>
</varlistentry>
- <varlistentry>
- <term>--sequence</term>
- <listitem><para>This command has been deprecated. Please use
- the --online-status option instead.
- </para></listitem>
- </varlistentry>
-
<varlistentry>
<term>--set-auth-user
<replaceable>username%password</replaceable></term>
<listitem><para>Store username and password used by
<citerefentry>
diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
index 3dc982332da..aa48e1ffed2 100644
--- a/libcli/security/access_check.c
+++ b/libcli/security/access_check.c
@@ -245,8 +245,9 @@ static uint32_t access_check_max_allowed(const struct
security_descriptor *sd,
if (security_token_has_sid(token, sd->owner_sid)) {
switch (implicit_owner_rights) {
case IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS:
- granted |= SEC_STD_WRITE_DAC;
- FALL_THROUGH;
+ granted |= (SEC_STD_READ_CONTROL |
+ SEC_STD_WRITE_DAC);
+ break;
case IMPLICIT_OWNER_READ_CONTROL_RIGHTS:
granted |= SEC_STD_READ_CONTROL;
break;
@@ -282,8 +283,8 @@ static uint32_t access_check_max_allowed(const struct
security_descriptor *sd,
if (am_owner && !have_owner_rights_ace) {
switch (implicit_owner_rights) {
case IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS:
- granted |= SEC_STD_WRITE_DAC;
- FALL_THROUGH;
+ granted |= (SEC_STD_READ_CONTROL | SEC_STD_WRITE_DAC);
+ break;
case IMPLICIT_OWNER_READ_CONTROL_RIGHTS:
granted |= SEC_STD_READ_CONTROL;
break;
@@ -436,8 +437,9 @@ static NTSTATUS se_access_check_implicit_owner(const struct
security_descriptor
if (am_owner && !have_owner_rights_ace) {
switch (implicit_owner_rights) {
case IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS:
- bits_remaining &= ~SEC_STD_WRITE_DAC;
- FALL_THROUGH;
+ bits_remaining &= ~(SEC_STD_WRITE_DAC |
+ SEC_STD_READ_CONTROL);
+ break;
case IMPLICIT_OWNER_READ_CONTROL_RIGHTS:
bits_remaining &= ~SEC_STD_READ_CONTROL;
break;
@@ -596,10 +598,10 @@ NTSTATUS se_file_access_check(const struct
security_descriptor *sd,
access_desired |= SEC_RIGHTS_PRIV_RESTORE;
}
- DEBUG(10,("se_file_access_check: MAX desired = 0x%x "
- "mapped to 0x%x\n",
- orig_access_desired,
- access_desired));
+ DBG_DEBUG("MAX desired = 0x%0" PRIx32 " mapped to 0x%" PRIx32
+ "\n ",
+ orig_access_desired,
+ access_desired);
}
status = se_access_check_implicit_owner(sd,
@@ -751,8 +753,9 @@ NTSTATUS sec_access_check_ds_implicit_owner(const struct
security_descriptor *sd
security_token_has_sid(token, sd->owner_sid)) {
switch (implicit_owner_rights) {
case IMPLICIT_OWNER_READ_CONTROL_AND_WRITE_DAC_RIGHTS:
- bits_remaining &= ~SEC_STD_WRITE_DAC;
- FALL_THROUGH;
+ bits_remaining &= ~(SEC_STD_WRITE_DAC |
+ SEC_STD_READ_CONTROL);
+ break;
case IMPLICIT_OWNER_READ_CONTROL_RIGHTS:
bits_remaining &= ~SEC_STD_READ_CONTROL;
break;
diff --git a/libcli/security/conditional_ace.c
b/libcli/security/conditional_ace.c
index c2411c4649e..ccdc63e91b1 100644
--- a/libcli/security/conditional_ace.c
+++ b/libcli/security/conditional_ace.c
@@ -109,26 +109,23 @@ static bool check_integer_range(const struct
ace_condition_token *tok)
return true;
}
-
-static ssize_t pull_integer(TALLOC_CTX *mem_ctx,
- uint8_t *data, size_t length,
- struct ace_condition_int *tok)
+static ssize_t pull_integer(uint8_t *data,
+ size_t length,
+ struct ace_condition_int *tok)
{
- ssize_t bytes_used;
+ size_t consumed;
enum ndr_err_code ndr_err;
- DATA_BLOB v = data_blob_const(data, length);
- struct ndr_pull *ndr = ndr_pull_init_blob(&v, mem_ctx);
- if (ndr == NULL) {
- return -1;
- }
- ndr_err = ndr_pull_ace_condition_int(ndr, NDR_SCALARS|NDR_BUFFERS, tok);
+
+ ndr_err = ndr_pull_struct_blob_noalloc(
+ data,
+ length,
+ tok,
+ (ndr_pull_flags_fn_t)ndr_pull_ace_condition_int,
+ &consumed);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- TALLOC_FREE(ndr);
return -1;
}
- bytes_used = ndr->offset;
- TALLOC_FREE(ndr);
- return bytes_used;
+ return consumed;
}
static ssize_t push_integer(uint8_t *data, size_t available,
@@ -335,8 +332,7 @@ static ssize_t pull_composite(TALLOC_CTX *mem_ctx,
case CONDITIONAL_ACE_TOKEN_INT16:
case CONDITIONAL_ACE_TOKEN_INT32:
case CONDITIONAL_ACE_TOKEN_INT64:
- consumed = pull_integer(mem_ctx,
- el_data,
+ consumed = pull_integer(el_data,
available,
&el->data.int64);
ok = check_integer_range(el);
@@ -507,7 +503,7 @@ static ssize_t pull_end_padding(uint8_t *data, size_t
length)
*
* zero is also called CONDITIONAL_ACE_TOKEN_INVALID_OR_PADDING.
*/
- ssize_t i;
+ size_t i;
if (length > 2) {
return -1;
}
@@ -592,8 +588,7 @@ struct ace_condition_script
*parse_conditional_ace(TALLOC_CTX *mem_ctx,
case CONDITIONAL_ACE_TOKEN_INT16:
case CONDITIONAL_ACE_TOKEN_INT32:
case CONDITIONAL_ACE_TOKEN_INT64:
- consumed = pull_integer(program,
- tok_data,
+ consumed = pull_integer(tok_data,
available,
&tok->data.int64);
ok = check_integer_range(tok);
diff --git a/libcli/security/display_sec.c b/libcli/security/display_sec.c
index be89a33f176..b525e5ef8c9 100644
--- a/libcli/security/display_sec.c
+++ b/libcli/security/display_sec.c
@@ -110,20 +110,18 @@ void display_sec_ace_flags(uint8_t flags)
****************************************************************************/
static void disp_sec_ace_object(struct security_ace_object *object)
{
- char *str;
+ struct GUID_txt_buf buf;
+
if (object->flags & SEC_ACE_OBJECT_TYPE_PRESENT) {
- str = GUID_string(NULL, &object->type.type);
- if (str == NULL) return;
printf("Object type: SEC_ACE_OBJECT_TYPE_PRESENT\n");
- printf("Object GUID: %s\n", str);
- talloc_free(str);
+ printf("Object GUID: %s\n",
+ GUID_buf_string(&object->type.type, &buf));
}
if (object->flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) {
- str = GUID_string(NULL, &object->inherited_type.inherited_type);
- if (str == NULL) return;
printf("Object type: SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT\n");
- printf("Object GUID: %s\n", str);
- talloc_free(str);
+ printf("Object GUID: %s\n",
+ GUID_buf_string(&object->inherited_type.inherited_type,
+ &buf));
}
}
@@ -186,8 +184,9 @@ void display_sec_acl(struct security_acl *sec_acl)
{
uint32_t i;
- printf("\tACL\tNum ACEs:\t%u\trevision:\t%x\n",
- sec_acl->num_aces, sec_acl->revision);
+ printf("\tACL\tNum ACEs:\t%" PRIu32 "\trevision:\t%x\n",
+ sec_acl->num_aces,
+ sec_acl->revision);
printf("\t---\n");
if (sec_acl->size != 0 && sec_acl->num_aces != 0) {
diff --git a/libcli/security/security_descriptor.c
b/libcli/security/security_descriptor.c
index a7159e7da7e..60e206bf7da 100644
--- a/libcli/security/security_descriptor.c
+++ b/libcli/security/security_descriptor.c
@@ -298,7 +298,8 @@ static NTSTATUS security_descriptor_acl_add(struct
security_descriptor *sd,
if (idx < 0) {
return NT_STATUS_ARRAY_BOUNDS_EXCEEDED;
- } else if (idx > acl->num_aces) {
+ }
+ if (idx > acl->num_aces) {
return NT_STATUS_ARRAY_BOUNDS_EXCEEDED;
}
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
index 79de6e3b31b..0218eed1722 100644
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -51,52 +51,27 @@ struct security_token *security_token_initialise(TALLOC_CTX
*mem_ctx,
struct security_token *security_token_duplicate(TALLOC_CTX *mem_ctx, const
struct security_token *src)
{
- TALLOC_CTX *frame = NULL;
struct security_token *dst = NULL;
- DATA_BLOB blob;
enum ndr_err_code ndr_err;
if (src == NULL) {
return NULL;
}
- frame = talloc_stackframe();
-
- ndr_err = ndr_push_struct_blob(
- &blob,
- frame,
- src,
- (ndr_push_flags_fn_t)ndr_push_security_token);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DBG_ERR("Failed to duplicate security_token
ndr_push_security_token failed: %s\n",
- ndr_errstr(ndr_err));
- TALLOC_FREE(frame);
- return NULL;
- }
-
dst = talloc_zero(mem_ctx, struct security_token);
if (dst == NULL) {
DBG_ERR("talloc failed\n");
- TALLOC_FREE(frame);
return NULL;
}
- ndr_err = ndr_pull_struct_blob(
- &blob,
- dst,
- dst,
- (ndr_pull_flags_fn_t)ndr_pull_security_token);
-
+ ndr_err = ndr_deepcopy_struct(security_token, src, dst, dst);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- DBG_ERR("Failed to duplicate security_token
ndr_pull_security_token "
- "failed: %s\n",
+ DBG_ERR("Failed to duplicate security_token: %s\n",
ndr_errstr(ndr_err));
TALLOC_FREE(dst);
- TALLOC_FREE(frame);
return NULL;
}
- TALLOC_FREE(frame);
return dst;
}
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index 0942b2fe259..31f3ad161eb 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -323,16 +323,17 @@ bool sid_peek_check_rid(const struct dom_sid
*exp_dom_sid, const struct dom_sid
void sid_copy(struct dom_sid *dst, const struct dom_sid *src)
{
- int i;
+ const int8_t num_auths = MIN(15, MAX(0, src->num_auths));
+ int8_t i;
*dst = (struct dom_sid) {
.sid_rev_num = src->sid_rev_num,
- .num_auths = src->num_auths,
+ .num_auths = num_auths,
};
memcpy(&dst->id_auth[0], &src->id_auth[0], sizeof(src->id_auth));
- for (i = 0; i < src->num_auths; i++)
+ for (i = 0; i < num_auths; i++)
dst->sub_auths[i] = src->sub_auths[i];
}
diff --git a/nsswitch/tests/test_wbinfo.sh b/nsswitch/tests/test_wbinfo.sh
index b36e4c63bc1..fcddedb74f0 100755
--- a/nsswitch/tests/test_wbinfo.sh
+++ b/nsswitch/tests/test_wbinfo.sh
@@ -36,24 +36,6 @@ testfail()
fi
}
-knownfail()
-{
- name="$1"
- shift
- cmdline="$*"
- echo "test: $name"
- $cmdline
- status=$?
- if [ x$status = x0 ]; then
- echo "failure: $name [unexpected success]"
- status=1
- else
- echo "knownfail: $name"
- status=0
- fi
- return $status
-}
-
KRB5CCNAME_PATH="$PREFIX/test_wbinfo_krb5ccache"
rm -f $KRB5CCNAME_PATH
@@ -218,9 +200,6 @@ else
failed=$(expr $failed + 1)
fi
-# this does not work
-knownfail "wbinfo --sequence against $TARGET" $wbinfo --sequence
-
# this is stubbed out now
testit "wbinfo -D against $TARGET" $wbinfo -D $DOMAIN || failed=$(expr $failed
+ 1)
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index 87053fac9a7..4d0179edde9 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -605,14 +605,6 @@ static bool wbinfo_list_own_domain(void)
return true;
}
-/* show sequence numbers */
-static bool wbinfo_show_sequence(const char *domain)
-{
- d_printf("This command has been deprecated. Please use the "
- "--online-status option instead.\n");
- return false;
-}
-
/* show sequence numbers */
static bool wbinfo_show_onlinestatus(const char *domain)
{
@@ -2295,7 +2287,6 @@ enum {
OPT_SET_AUTH_USER = 1000,
OPT_GET_AUTH_USER,
OPT_DOMAIN_NAME,
- OPT_SEQUENCE,
OPT_GETDCNAME,
OPT_DSGETDCNAME,
OPT_DC_INFO,
@@ -2581,12 +2572,6 @@ int main(int argc, const char **argv, char **envp)
.val = OPT_LIST_OWN_DOMAIN,
.descrip = "List own domain",
},
- {
- .longName = "sequence",
- .argInfo = POPT_ARG_NONE,
- .val = OPT_SEQUENCE,
- .descrip = "Deprecated command, see --online-status",
- },
{
.longName = "online-status",
.argInfo = POPT_ARG_NONE,
@@ -3099,13 +3084,6 @@ int main(int argc, const char **argv, char **envp)
goto done;
}
break;
- case OPT_SEQUENCE:
- if (!wbinfo_show_sequence(opt_domain_name)) {
- d_fprintf(stderr,
- "Could not show sequence numbers\n");
- goto done;
- }
- break;
case OPT_ONLINESTATUS:
if (!wbinfo_show_onlinestatus(opt_domain_name)) {
d_fprintf(stderr,
diff --git a/nsswitch/winbind_struct_protocol.h
b/nsswitch/winbind_struct_protocol.h
index 9365b312e30..a0314627870 100644
--- a/nsswitch/winbind_struct_protocol.h
+++ b/nsswitch/winbind_struct_protocol.h
@@ -63,8 +63,9 @@ typedef char fstring[FSTRING_LEN];
* 31: added "client_name" to the request
* 32: added "traceid" to the request
* removed WINBINDD_INIT_CONNECTION
+ * 33: removed WINBINDD_SHOW_SEQUENCE
*/
-#define WINBIND_INTERFACE_VERSION 32
+#define WINBIND_INTERFACE_VERSION 33
/* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
On a 64bit Linux box, we have to support a constant structure size
@@ -141,8 +142,6 @@ enum winbindd_cmd {
WINBINDD_DSGETDCNAME, /* Issue a DsGetDCName Request */
WINBINDD_DC_INFO, /* Which DC are we connected to? */
- WINBINDD_SHOW_SEQUENCE, /* display sequence numbers of domains */
-
/* WINS commands */
WINBINDD_WINS_BYIP,
diff --git a/source3/lib/adouble.c b/source3/lib/adouble.c
index 264e8f69013..71efa4a6a9f 100644
--- a/source3/lib/adouble.c
+++ b/source3/lib/adouble.c
@@ -2584,11 +2584,8 @@ static struct adouble *ad_get_internal(TALLOC_CTX *ctx,
int mode;
if (fsp != NULL) {
- if (fsp_is_alternate_stream(fsp)) {
- smb_fname = fsp->base_fsp->fsp_name;
- } else {
- smb_fname = fsp->fsp_name;
- }
+ struct files_struct *meta_fsp = metadata_fsp(fsp);
+ smb_fname = meta_fsp->fsp_name;
}
DEBUG(10, ("ad_get(%s) called for %s\n",
diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 5ecba7ba757..f2d2692159f 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -274,23 +274,20 @@ static int connect_acl_tdb(struct vfs_handle_struct
*handle,
if (config->ignore_system_acls) {
mode_t create_mask = lp_create_mask(SNUM(handle->conn));
- char *create_mask_str = NULL;
if ((create_mask & 0666) != 0666) {
+ char create_mask_str[16];
+
create_mask |= 0666;
- create_mask_str = talloc_asprintf(handle, "0%o",
- create_mask);
- if (create_mask_str == NULL) {
- DBG_ERR("talloc_asprintf failed\n");
- return -1;
- }
+ snprintf(create_mask_str,
+ sizeof(create_mask_str),
+ "0%o",
+ create_mask);
DBG_NOTICE("setting 'create mask = %s'\n",
create_mask_str);
lp_do_parameter (SNUM(handle->conn),
"create mask", create_mask_str);
-
- TALLOC_FREE(create_mask_str);
}
DBG_NOTICE("setting 'directory mask = 0777', "
diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index 1a3ab34d659..7f7b9006570 100644
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -218,23 +218,21 @@ static int connect_acl_xattr(struct vfs_handle_struct
*handle,
if (config->ignore_system_acls) {
mode_t create_mask = lp_create_mask(SNUM(handle->conn));
- char *create_mask_str = NULL;
if ((create_mask & 0666) != 0666) {
+ char create_mask_str[16];
+
create_mask |= 0666;
- create_mask_str = talloc_asprintf(handle, "0%o",
- create_mask);
- if (create_mask_str == NULL) {
- DBG_ERR("talloc_asprintf failed\n");
- return -1;
- }
+ snprintf(create_mask_str,
+ sizeof(create_mask_str),
+ "0%o",
+ create_mask);
--
Samba Shared Repository
