[SCM] Samba Shared Repository - branch master updated

[Jeremy Allison]

The branch, master has been updated
   via  62621bd686a smbd: use is_lease_stat_open() in delay_for_oplock()
   via  9b0a31af128 smbd: add is_lease_stat_open()
   via  1286e1d smbd: rename is_stat_open() to is_oplock_stat_open()
   via  aa3b3e18a7b s4/torture: add a comprehensive 
"non-lease-break-trigger" access mask test case
   via  4371c62f2ce s4/torture: add a comprehensive 
"non-oplock-break-trigger" access mask test case
  from  d3be759aeea s3: smbd: Add dirfsp parameter to check_access().

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 62621bd686a91328ae378cd56f9876c66be8eac4
Author: Ralph Boehme 
Date:   Thu Mar 5 15:16:07 2020 +0100

smbd: use is_lease_stat_open() in delay_for_oplock()

This allows READ_CONTROL_ACCESS in the access mask as stat open if a file 
has
only leases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Apr 30 21:10:43 UTC 2020 on sn-devel-184

commit 9b0a31af128f9ec2551b6cca7200903d8e24a6f4
Author: Ralph Boehme 
Date:   Thu Mar 5 15:14:21 2020 +0100

smbd: add is_lease_stat_open()

This adds a leases specific stat opens access mask check function.

See also:

https://lists.samba.org/archive/cifs-protocol/2020-March/003409.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

commit 1286e1d8bd583f676d380b9c335432b0f61d
Author: Ralph Boehme 
Date:   Thu Mar 5 15:12:20 2020 +0100

smbd: rename is_stat_open() to is_oplock_stat_open()

Testing stat opens with with leases reveals that that the access mask

  SYNCHRONIZE_ACCESS | FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES

is specific to oplocks.

See also:

https://lists.samba.org/archive/cifs-protocol/2020-March/003409.html

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

commit aa3b3e18a7b59da2e0498f1f38bffef25757ebb1
Author: Ralph Boehme 
Date:   Tue Mar 3 12:09:09 2020 +0100

s4/torture: add a comprehensive "non-lease-break-trigger" access mask test 
case

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

commit 4371c62f2ce4ca8f6a9ccbda1ed92a3676418d80
Author: Ralph Boehme 
Date:   Tue Mar 3 12:09:09 2020 +0100

s4/torture: add a comprehensive "non-oplock-break-trigger" access mask test 
case

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14357

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

---

Summary of changes:
 selftest/knownfail|   1 +
 source3/smbd/open.c   |  32 ++--
 source3/smbd/proto.h  |   3 +-
 source4/torture/smb2/lease.c  | 185 ++
 source4/torture/smb2/oplock.c | 155 +++
 5 files changed, 370 insertions(+), 6 deletions(-)


Changeset truncated at 500 lines:

diff --git a/selftest/knownfail b/selftest/knownfail
index 09276dd2261..6394a2957c3 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -170,6 +170,7 @@
 ^samba4.smb2.oplock.batch20\(.*\)$ # samba 4 oplocks are a mess
 ^samba4.smb2.oplock.batch26\(.*\)$
 ^samba4.smb2.oplock.stream1 # samba 4 oplocks are a mess
+^samba4.smb2.oplock.statopen1\(ad_dc_ntvfs\)$ # fails with ACCESS_DENIED on a 
SYNCHRONIZE_ACCESS open
 ^samba4.smb2.getinfo.complex # streams on directories does not work
 ^samba4.smb2.getinfo.qfs_buffercheck # S4 does not do the 
INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy
 ^samba4.smb2.getinfo.qfile_buffercheck # S4 does not do the 
INFO_LENGTH_MISMATCH/BUFFER_OVERFLOW thingy
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index aa86cef944a..8383fe1df5c 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -1563,7 +1563,10 @@ static bool validate_my_share_entries_fn(
 }
 #endif
 
-bool is_stat_open(uint32_t access_mask)
+/**
+ * Allowed access mask for stat opens relevant to oplocks
+ **/
+bool is_oplock_stat_open(uint32_t access_mask)
 {
const uint32_t stat_open_bits =
(SYNCHRONIZE_ACCESS|
@@ -1574,6 +1577,21 @@ bool is_stat_open(uint32_t access_mask)
((access_mask & ~stat_open_bits) == 0));
 }
 
+/**
+ * Allowed access mask for stat opens relevant to leases
+ **/
+bool is_lease_stat_open(uint32_t access_mask)
+{
+   const uint32_t stat_open_bits =
+   (SYNCHRONIZE_ACCESS|
+FILE_READ_ATTRIBUTES|
+FILE_WRITE_ATTRIBUTES|
+READ_CONTROL_ACCESS);
+
+   return (((access_mask &  

[SCM] Samba Shared Repository - branch master updated

[Ralph Böhme]

The branch, master has been updated
   via  d3be759aeea s3: smbd: Add dirfsp parameter to check_access().
   via  cc5b49b80a3 s3: smbd: Reformat callers of check_access().
   via  3a7fb967e5d s3: smbd: Make check_access() a simple wrapper around 
smbd_check_access_rights().
   via  3fa18f98669 s3: smbd: Reformat spacing for parameters of 
check_access().
   via  dc0ea4a1957 s3: smbd: Move the fsp check up one level from 
check_access().
   via  d7f4bb57f27 s3: smbd: Cleanup - move the function 
get_nt_acl_no_snum() to it's user module.
   via  152fb23fac4 s3: smbd: Add a dirfsp parameter to 
directory_has_default_acl().
   via  98c8785c581 s3: smbd: Reformat uses of directory_has_default_acl().
   via  2243ba78d9d s3: smbd: Change is_visible_file() to take a directory 
handle not a name.
   via  668ef24701b s3: smbd: Reformat calls to is_visible_file() to one 
arg per line.
   via  3373500f7e8 s3: VFS: snapper. Remove snapper_gmt_fget_nt_acl().
   via  26e48cb18bc s3: VFS: ceph_snapshots. Remove duplicate definition of 
get_nt_acl_fn.
   via  2ef629fed73 s3: VFS: ceph_snapshots. Remove 
ceph_snap_gmt_fget_nt_acl().
   via  031d665728d s3: VFS: shadow_copy2. SMB_VFS_FGET_NT_ACL() makes no 
sense in this module.
   via  7288e9a445e s3: smbd: In posix_fget_nt_acl() remove the fall-back 
to path based operations.
  from  3be17c891b6 s3 rpc server: set on-wire handle type explicitly

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit d3be759aeeaa9885a0f3eca0f1800ee0f4f6c56a
Author: Jeremy Allison 
Date:   Wed Apr 29 15:32:21 2020 -0700

s3: smbd: Add dirfsp parameter to check_access().

Not yet used.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Thu Apr 30 09:11:56 UTC 2020 on sn-devel-184

commit cc5b49b80a39d8c8b451b46d6db63a3bf858b1c5
Author: Jeremy Allison 
Date:   Wed Apr 29 15:28:27 2020 -0700

s3: smbd: Reformat callers of check_access().

Makes it easier to see when we add the dirfsp
parameter.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 3a7fb967e5d3fe28d9db06841f1d53064440cf0d
Author: Jeremy Allison 
Date:   Wed Apr 29 15:26:08 2020 -0700

s3: smbd: Make check_access() a simple wrapper around 
smbd_check_access_rights().

Now we call check_access_fsp() separately in the callers we don't need the 
fsp
parameter anymore.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 3fa18f986698d835c73503074ec46861742af583
Author: Jeremy Allison 
Date:   Wed Apr 29 15:23:30 2020 -0700

s3: smbd: Reformat spacing for parameters of check_access().

Makes it easier to see the removal of the parameter next.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit dc0ea4a1957966b66512fc1d1340c0bc37d75531
Author: Jeremy Allison 
Date:   Wed Apr 29 15:22:31 2020 -0700

s3: smbd: Move the fsp check up one level from check_access().

This allows us to call check_access_fsp() directly when
we have an fsp, and to add in the dirfsp for relative
name access to check_access() in the next commit, making
it clear what it's for (and not confusing it with the
file fsp).

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit d7f4bb57f2718aaf191591769a4e93c09968b762
Author: Jeremy Allison 
Date:   Wed Apr 29 15:18:57 2020 -0700

s3: smbd: Cleanup - move the function get_nt_acl_no_snum() to it's user 
module.

Make static. It was only called from one place.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 152fb23fac4431adbf4978298104d14dee100b0d
Author: Jeremy Allison 
Date:   Wed Apr 29 15:14:41 2020 -0700

s3: smbd: Add a dirfsp parameter to directory_has_default_acl().

Not yet used, but will make it easier to move to SMB_VFS_GET_NT_ACL_AT()
later.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 98c8785c5810b1dc5820212b98ffa6279ea80cea
Author: Jeremy Allison 
Date:   Wed Apr 29 15:11:33 2020 -0700

s3: smbd: Reformat uses of directory_has_default_acl().

Makes it easier to add a dirfsp parameter.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 2243ba78d9dc4c3515217001f907be5ed0c1fea3
Author: Jeremy Allison 
Date:   Wed Apr 29 14:43:50 2020 -0700

s3: smbd: Change is_visible_file() to take a directory handle not a name.

No change in functionality as the name is
easily retrieved from the directory handle
(it's always the name we opened the directory with)
and this will allow us to use the directory handle
fsp later.

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

commit 668ef24701ba9d7992b1e44f8b2b87bc5522fb1a
Author: 

[SCM] Samba Shared Repository - branch master updated

[Alexander Bokovoy]

The branch, master has been updated
   via  3be17c891b6 s3 rpc server: set on-wire handle type explicitly
  from  954d877a2ee smbd: remove unneeded parent_dir variable from 
mkdir_internal()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 3be17c891b61a7cbe3b529a2dc0d68753e81de35
Author: Alexander Bokovoy 
Date:   Wed Apr 29 11:54:07 2020 +0300

s3 rpc server: set on-wire handle type explicitly

Since wire_handle.handle_type is uint32_t, we can simply assign uint8_t
handle type to it without using SIVAL() macros. Further unify with s4
RPC server code flow.

Fixes CID 1462616
>>> CID 1462616:(CONSTANT_EXPRESSION_RESULT)
>>> "(uint32_t)handle_type >> 16" is 0 regardless of the values of its 
operands. This occurs as a value.
284 SIVAL(_hnd->wire_handle.handle_type, 0 , handle_type);

Signed-off-by: Alexander Bokovoy 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Alexander Bokovoy 
Autobuild-Date(master): Thu Apr 30 07:09:55 UTC 2020 on sn-devel-184

---

Summary of changes:
 source3/rpc_server/rpc_handles.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/rpc_handles.c b/source3/rpc_server/rpc_handles.c
index d215a6a6d88..8ae9d970ced 100644
--- a/source3/rpc_server/rpc_handles.c
+++ b/source3/rpc_server/rpc_handles.c
@@ -281,7 +281,7 @@ static struct dcesrv_handle_old *create_rpc_handle_internal(
pol_hnd_high++;
}
 
-   SIVAL(_hnd->wire_handle.handle_type, 0 , handle_type);
+   rpc_hnd->wire_handle.handle_type = handle_type;
 
/* second bit is incrementing */
SIVAL(_hnd->wire_handle.uuid.time_low, 0 , pol_hnd_low);


-- 
Samba Shared Repository