[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 612eeff2704 tests/krb5: Add tests of PAC group handling via 53f9ac4b6fc tests/krb5: Allow checking domain SID in PAC via 8556576d8df tests/krb5: Overhaul PAC logon info group checking via 5a613db6f51 tests/krb5: Add (un)expected group parameters to get_service_ticket() and get_tgt() via f59f6968003 tests/krb5: Allow creating accounts without Resource SID compression support via 29723765b31 tests/krb5: Allow adding multiple members to a group via 3a13e3b6667 tests/krb5: Allow creating groups with a specified type via 6674f67537d tests/krb5: Fix bits_to_etypes() to not fail on Resource SID compression bit via 90f39b69591 tests/krb5: Remember to pass in expected_groups parameter via 0161d375746 tests/krb5: Remove unused copy-and-paste remnant via bdbe5c5a324 s4:kdc: add initial support for compound claims via f96fbe6eb1f s4:kdc: fetch client_claims_blob from samba_kdc_get_pac_blobs() via 03250eefaaf s4:kdc: pass client_claims, device_info, device_claims into samba_make_krb5_pac() via aa62775eb4f s4-auth: Make PAC parameters const via 7d3416e8cb6 krb5: Detect support for krb5_const_pac type via 6fe6992258d wafsamba: Have CHECK_C_PROTOTYPE() pass through 'lib' into CHECK_CODE() via a3ee0ce255c wscript: Correctly determine dependencies for system Heimdal build via 77bb72d6720 build: Remove unused dependencies from be1431a8930 smbd: Don't hide directories with "hide new files timeout" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 612eeff2704bf6705b2ccce4006f7d9c6f0ee06a Author: Joseph Sutton Date: Thu Nov 3 14:49:17 2022 +1300 tests/krb5: Add tests of PAC group handling In which we make AS and TGS requests and verify the SIDs we expect are returned in the PAC. Example command to test against Windows Server 2019 functional level 2016 with FAST enabled: ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass1 \ CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 DC_SERVER=ADDC.EXAMPLE.COM \ DOMAIN=EXAMPLE EXPECT_PAC=1 FAST_SUPPORT=1 KRB5_CONFIG=krb5.conf \ PYTHONPATH=bin/python REALM=EXAMPLE.COM SERVER=ADDC.EXAMPLE.COM \ SKIP_INVALID=1 SMB_CONF_PATH=smb.conf STRICT_CHECKING=1 \ TKT_SIG_SUPPORT=1 python3 python/samba/tests/krb5/group_tests.py Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue Nov 8 03:37:37 UTC 2022 on sn-devel-184 commit 53f9ac4b6fc41cef4966b1f5eca0485be621f786 Author: Joseph Sutton Date: Thu Nov 3 14:55:36 2022 +1300 tests/krb5: Allow checking domain SID in PAC Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 8556576d8df47710757ff4e32b04668fa5045daf Author: Joseph Sutton Date: Thu Nov 3 14:54:23 2022 +1300 tests/krb5: Overhaul PAC logon info group checking We can now verify attributes of SIDs and the PAC locations in which SIDs are placed. We also gain the ability to assert that no SIDs are present in the PAC other than the ones we expect. We lighten somewhat the requirement that no duplicates are present among the SIDs, as such a situation may arise even with Windows, especially if group types are changed. For example, if a Universal group containing a user is changed to a Domain-Local group in between an AS-REQ and a TGS-REQ, the group's SID will be added to the PAC once for each request. We only verify that there are no exact duplicates (SID, attributes, and PAC location all being identical). Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 5a613db6f511cfe3739cfe04cefa84e4f6681c99 Author: Joseph Sutton Date: Thu Nov 3 14:51:26 2022 +1300 tests/krb5: Add (un)expected group parameters to get_service_ticket() and get_tgt() Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit f59f6968003a3b314fb21ca84548806c03ae0b0a Author: Joseph Sutton Date: Thu Nov 3 14:48:09 2022 +1300 tests/krb5: Allow creating accounts without Resource SID compression support Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 29723765b31866524b7db5c37600b8f6c9c0a2e7 Author: Joseph Sutton Date: Thu Nov 3 14:47:51 2022 +1300 tests/krb5: Allow adding multiple members to a group As well as passing in a single 'str', we can now choose to pass a collection of member DN strings. Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 3a13e3b6667909fbdafaf95be88106d138013f9c Author: Joseph Sutton Date: Thu Nov 3 14:46:53 2022 +1300 tests/krb5: Allow creating groups with a specified type This will be useful for testing the handling of
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via be1431a8930 smbd: Don't hide directories with "hide new files timeout" via e8848a3eab8 torture: Show that "hide new files timeout" also hides directories via 8b4a3c12a0d torture3: Run the "hidenewfiles" test against SMB2 via 721cfe94247 torture3: Fix a copy error and a typo from 635b1adfc5c gpo: GPME doesn't permit nesting of admx categories in builtin https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit be1431a8930a9386bb5dbf15604fc6b8330c42f4 Author: Volker Lendecke Date: Mon Nov 7 15:08:51 2022 +0100 smbd: Don't hide directories with "hide new files timeout" The intention of this option was to hide *files*. Before this patch we also hide directories where new files are dropped. This is a change in behaviour, but I think this option is niche enough to justify not adding another parameter that we then need to test. If workflows break with this change and people depend on directories also to be hidden, we can still add the additional option value required. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Nov 7 22:58:33 UTC 2022 on sn-devel-184 commit e8848a3eab8fc43132640f67b858780f43f2b07c Author: Volker Lendecke Date: Mon Nov 7 14:57:04 2022 +0100 torture: Show that "hide new files timeout" also hides directories Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 8b4a3c12a0d6f08827237aba5af3c1e3eb1c43e8 Author: Volker Lendecke Date: Mon Nov 7 14:56:28 2022 +0100 torture3: Run the "hidenewfiles" test against SMB2 Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 721cfe94247da7c0150b1d78f95592f7bf3a2356 Author: Volker Lendecke Date: Mon Nov 7 12:11:52 2022 +0100 torture3: Fix a copy error and a typo Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison --- Summary of changes: source3/selftest/tests.py | 15 ++-- source3/smbd/dir.c | 6 ++-- source3/torture/proto.h | 1 + source3/torture/test_hidenewfiles.c | 70 ++--- source3/torture/torture.c | 4 +++ 5 files changed, 88 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 04e47fa962f..2155866923f 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -191,8 +191,8 @@ for t in tests: plantestsuite("samba3.smbtorture_s3.vfs_aio_pthread(%s).%s" % (env, t), env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/vfs_aio_pthread', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"]) plantestsuite("samba3.smbtorture_s3.vfs_aio_fork(%s).%s" % (env, t), env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/vfs_aio_fork', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"]) -plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)", - "fileserver_smb1", +plantestsuite("samba3.smbtorture_s3.hidenewfiles", + "simpleserver", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), 'hide-new-files-timeout', @@ -202,6 +202,17 @@ plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)", smbtorture3, "", "-l $LOCAL_PATH"]) +plantestsuite("samba3.smbtorture_s3.hidenewfiles_showdirs", + "simpleserver", + [os.path.join(samba3srcdir, +"script/tests/test_smbtorture_s3.sh"), + 'hide-new-files-timeout-showdirs', + '//$SERVER_IP/hidenewfiles', + '$USERNAME', + '$PASSWORD', + smbtorture3, + "", + "-l $LOCAL_PATH"]) # # MSDFS attribute tests. diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 64c7d5ca962..a18d70c870a 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -1404,7 +1404,8 @@ bool is_visible_fsp(struct files_struct *fsp) * only thing we can check is the * hide_new_files_timeout. */ - if (hide_new_files_timeout != 0) { + if ((hide_new_files_timeout != 0) && + !S_ISDIR(fsp->fsp_name->st.st_ex_mode)) { double age = timespec_elapsed( >fsp_name->st.st_ex_mtime); @@ -1443,7 +1444,8 @@ bool is_visible_fsp(struct files_struct *fsp) return false; } - if
[SCM] NSS Wrapper Repository - branch master updated
The branch, master has been updated via ff54c5b gitlab-ci: Add runner for ThreadSanitizer via 84a24c2 gitlab-ci: Format yaml file via a5687c3 gitlab-ci: Add stages via 8a495a5 nwrap: Add NWRAP_REINIT_ALL to initialize mutexes via 92f0f6a nwrap: Remove unneeded nss_module_symbol_binding_mutex via 8c35ff4 nwrap: Bind symbols only once via 5461b4e nwrap: Introduce nwrap_mutex_(un)lock() for better debugging via 5187e32 nwrap: Move nwrap_thread_*() to the end via da2f3f5 nwrap: Fix mutex unlocking in nwrap_init() via 71e56b8 tests: Disable deep binding with ThreadSanitizer via 4dab609 cmake: Add support for ThreadSanitizer via b698b7e Add editorconfig from ea36a64 Bump version to 1.1.12 https://git.samba.org/?p=nss_wrapper.git;a=shortlog;h=master - Log - commit ff54c5b94eed33ae86cd2cea6e70300d828259c9 Author: Andreas Schneider Date: Fri Nov 4 09:46:06 2022 +0100 gitlab-ci: Add runner for ThreadSanitizer Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 84a24c27ab3f935e06783c3aefad33f1d349c128 Author: Andreas Schneider Date: Fri Nov 4 09:48:31 2022 +0100 gitlab-ci: Format yaml file Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit a5687c30077ae177c49d8e18a8a7b2ec0c4bb5ce Author: Andreas Schneider Date: Fri Nov 4 09:44:44 2022 +0100 gitlab-ci: Add stages Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 8a495a5e9a4977f7226dce8da334f5fb4a724225 Author: Andreas Schneider Date: Fri Nov 4 14:47:16 2022 +0100 nwrap: Add NWRAP_REINIT_ALL to initialize mutexes Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 92f0f6a93037685fdb7fffbacc32efdc13a2980a Author: Andreas Schneider Date: Fri Nov 4 14:35:50 2022 +0100 nwrap: Remove unneeded nss_module_symbol_binding_mutex This loading of nss symbols already is protected by the mutex of nwrap_init(). Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 8c35ff4bd5bfdcc61a57dc81cbc165901d81f02b Author: Andreas Schneider Date: Fri Nov 4 14:24:54 2022 +0100 nwrap: Bind symbols only once Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 5461b4e9403f1a39ed3de1f63368ce180529e68a Author: Andreas Schneider Date: Fri Nov 4 13:57:23 2022 +0100 nwrap: Introduce nwrap_mutex_(un)lock() for better debugging Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 5187e32fcc89271c02480221c896eb6ed70ecc78 Author: Andreas Schneider Date: Fri Nov 4 13:52:05 2022 +0100 nwrap: Move nwrap_thread_*() to the end Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit da2f3f5ce3828f572415c168555274cf51fd9d9c Author: Andreas Schneider Date: Fri Nov 4 13:19:55 2022 +0100 nwrap: Fix mutex unlocking in nwrap_init() Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 71e56b8abea3cbbc6f461f4fb426faf46c5a09c9 Author: Andreas Schneider Date: Fri Nov 4 14:41:19 2022 +0100 tests: Disable deep binding with ThreadSanitizer Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit 4dab609787bf58db4a652694a9c05067bc9be1a0 Author: Andreas Schneider Date: Fri Nov 4 09:42:06 2022 +0100 cmake: Add support for ThreadSanitizer Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher commit b698b7e17615c8434f0c0e2f815cc314fbcf0f36 Author: Andreas Schneider Date: Fri Nov 4 13:26:19 2022 +0100 Add editorconfig Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher --- Summary of changes: .editorconfig | 23 +++ .gitlab-ci.yml | 220 +++- cmake/Modules/DefineCompilerFlags.cmake | 12 ++ src/nss_wrapper.c | 343 +--- tests/CMakeLists.txt| 7 + 5 files changed, 397 insertions(+), 208 deletions(-) create mode 100644 .editorconfig Changeset truncated at 500 lines: diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 000..bbe1bd5 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,23 @@ +root = true + +[*] +charset = utf-8 +max_line_length = 80 +end_of_line = lf +trim_trailing_whitespace = true +insert_final_newline = true + +[*.{c,h}] +indent_style = tab +indent_size = 8 +tab_width = 8 + +[*.cmake] +indent_style = space +indent_size = 4 +tab_width = 4 + +[CMake*] +indent_style = space +indent_size = 4 +tab_width = 4 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index dbf5351..f35b1f3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,3 +1,4 @@