[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 612eeff2704 tests/krb5: Add tests of PAC group handling via 53f9ac4b6fc tests/krb5: Allow checking domain SID in PAC via 8556576d8df tests/krb5: Overhaul PAC logon info group checking via 5a613db6f51 tests/krb5: Add (un)expected group parameters to get_service_ticket() and get_tgt() via f59f6968003 tests/krb5: Allow creating accounts without Resource SID compression support via 29723765b31 tests/krb5: Allow adding multiple members to a group via 3a13e3b6667 tests/krb5: Allow creating groups with a specified type via 6674f67537d tests/krb5: Fix bits_to_etypes() to not fail on Resource SID compression bit via 90f39b69591 tests/krb5: Remember to pass in expected_groups parameter via 0161d375746 tests/krb5: Remove unused copy-and-paste remnant via bdbe5c5a324 s4:kdc: add initial support for compound claims via f96fbe6eb1f s4:kdc: fetch client_claims_blob from samba_kdc_get_pac_blobs() via 03250eefaaf s4:kdc: pass client_claims, device_info, device_claims into samba_make_krb5_pac() via aa62775eb4f s4-auth: Make PAC parameters const via 7d3416e8cb6 krb5: Detect support for krb5_const_pac type via 6fe6992258d wafsamba: Have CHECK_C_PROTOTYPE() pass through 'lib' into CHECK_CODE() via a3ee0ce255c wscript: Correctly determine dependencies for system Heimdal build via 77bb72d6720 build: Remove unused dependencies from be1431a8930 smbd: Don't hide directories with "hide new files timeout" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 612eeff2704bf6705b2ccce4006f7d9c6f0ee06a Author: Joseph Sutton Date: Thu Nov 3 14:49:17 2022 +1300 tests/krb5: Add tests of PAC group handling In which we make AS and TGS requests and verify the SIDs we expect are returned in the PAC. Example command to test against Windows Server 2019 functional level 2016 with FAST enabled: ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass1 \ CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 DC_SERVER=ADDC.EXAMPLE.COM \ DOMAIN=EXAMPLE EXPECT_PAC=1 FAST_SUPPORT=1 KRB5_CONFIG=krb5.conf \ PYTHONPATH=bin/python REALM=EXAMPLE.COM SERVER=ADDC.EXAMPLE.COM \ SKIP_INVALID=1 SMB_CONF_PATH=smb.conf STRICT_CHECKING=1 \ TKT_SIG_SUPPORT=1 python3 python/samba/tests/krb5/group_tests.py Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue Nov 8 03:37:37 UTC 2022 on sn-devel-184 commit 53f9ac4b6fc41cef4966b1f5eca0485be621f786 Author: Joseph Sutton Date: Thu Nov 3 14:55:36 2022 +1300 tests/krb5: Allow checking domain SID in PAC Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 8556576d8df47710757ff4e32b04668fa5045daf Author: Joseph Sutton Date: Thu Nov 3 14:54:23 2022 +1300 tests/krb5: Overhaul PAC logon info group checking We can now verify attributes of SIDs and the PAC locations in which SIDs are placed. We also gain the ability to assert that no SIDs are present in the PAC other than the ones we expect. We lighten somewhat the requirement that no duplicates are present among the SIDs, as such a situation may arise even with Windows, especially if group types are changed. For example, if a Universal group containing a user is changed to a Domain-Local group in between an AS-REQ and a TGS-REQ, the group's SID will be added to the PAC once for each request. We only verify that there are no exact duplicates (SID, attributes, and PAC location all being identical). Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 5a613db6f511cfe3739cfe04cefa84e4f6681c99 Author: Joseph Sutton Date: Thu Nov 3 14:51:26 2022 +1300 tests/krb5: Add (un)expected group parameters to get_service_ticket() and get_tgt() Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit f59f6968003a3b314fb21ca84548806c03ae0b0a Author: Joseph Sutton Date: Thu Nov 3 14:48:09 2022 +1300 tests/krb5: Allow creating accounts without Resource SID compression support Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 29723765b31866524b7db5c37600b8f6c9c0a2e7 Author: Joseph Sutton Date: Thu Nov 3 14:47:51 2022 +1300 tests/krb5: Allow adding multiple members to a group As well as passing in a single 'str', we can now choose to pass a collection of member DN strings. Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett commit 3a13e3b6667909fbdafaf95be88106d138013f9c Author: Joseph Sutton Date: Thu Nov 3 14:46:53 2022 +1300 tests/krb5: Allow creating groups with a specified type This will be useful for testing the handling of
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via be1431a8930 smbd: Don't hide directories with "hide new files
timeout"
via e8848a3eab8 torture: Show that "hide new files timeout" also hides
directories
via 8b4a3c12a0d torture3: Run the "hidenewfiles" test against SMB2
via 721cfe94247 torture3: Fix a copy error and a typo
from 635b1adfc5c gpo: GPME doesn't permit nesting of admx categories in
builtin
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit be1431a8930a9386bb5dbf15604fc6b8330c42f4
Author: Volker Lendecke
Date: Mon Nov 7 15:08:51 2022 +0100
smbd: Don't hide directories with "hide new files timeout"
The intention of this option was to hide *files*. Before this patch we
also hide directories where new files are dropped.
This is a change in behaviour, but I think this option is niche enough
to justify not adding another parameter that we then need to test. If
workflows break with this change and people depend on directories also
to be hidden, we can still add the additional option value required.
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
Autobuild-User(master): Jeremy Allison
Autobuild-Date(master): Mon Nov 7 22:58:33 UTC 2022 on sn-devel-184
commit e8848a3eab8fc43132640f67b858780f43f2b07c
Author: Volker Lendecke
Date: Mon Nov 7 14:57:04 2022 +0100
torture: Show that "hide new files timeout" also hides directories
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit 8b4a3c12a0d6f08827237aba5af3c1e3eb1c43e8
Author: Volker Lendecke
Date: Mon Nov 7 14:56:28 2022 +0100
torture3: Run the "hidenewfiles" test against SMB2
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
commit 721cfe94247da7c0150b1d78f95592f7bf3a2356
Author: Volker Lendecke
Date: Mon Nov 7 12:11:52 2022 +0100
torture3: Fix a copy error and a typo
Signed-off-by: Volker Lendecke
Reviewed-by: Jeremy Allison
---
Summary of changes:
source3/selftest/tests.py | 15 ++--
source3/smbd/dir.c | 6 ++--
source3/torture/proto.h | 1 +
source3/torture/test_hidenewfiles.c | 70 ++---
source3/torture/torture.c | 4 +++
5 files changed, 88 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 04e47fa962f..2155866923f 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -191,8 +191,8 @@ for t in tests:
plantestsuite("samba3.smbtorture_s3.vfs_aio_pthread(%s).%s" % (env, t),
env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t,
'//$SERVER_IP/vfs_aio_pthread', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l
$LOCAL_PATH"])
plantestsuite("samba3.smbtorture_s3.vfs_aio_fork(%s).%s" % (env, t), env,
[os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t,
'//$SERVER_IP/vfs_aio_fork', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l
$LOCAL_PATH"])
-plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)",
- "fileserver_smb1",
+plantestsuite("samba3.smbtorture_s3.hidenewfiles",
+ "simpleserver",
[os.path.join(samba3srcdir,
"script/tests/test_smbtorture_s3.sh"),
'hide-new-files-timeout',
@@ -202,6 +202,17 @@
plantestsuite("samba3.smbtorture_s3.hidenewfiles(fileserver_smb1)",
smbtorture3,
"",
"-l $LOCAL_PATH"])
+plantestsuite("samba3.smbtorture_s3.hidenewfiles_showdirs",
+ "simpleserver",
+ [os.path.join(samba3srcdir,
+"script/tests/test_smbtorture_s3.sh"),
+ 'hide-new-files-timeout-showdirs',
+ '//$SERVER_IP/hidenewfiles',
+ '$USERNAME',
+ '$PASSWORD',
+ smbtorture3,
+ "",
+ "-l $LOCAL_PATH"])
#
# MSDFS attribute tests.
diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index 64c7d5ca962..a18d70c870a 100644
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -1404,7 +1404,8 @@ bool is_visible_fsp(struct files_struct *fsp)
* only thing we can check is the
* hide_new_files_timeout.
*/
- if (hide_new_files_timeout != 0) {
+ if ((hide_new_files_timeout != 0) &&
+ !S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
double age = timespec_elapsed(
>fsp_name->st.st_ex_mtime);
@@ -1443,7 +1444,8 @@ bool is_visible_fsp(struct files_struct *fsp)
return false;
}
- if
[SCM] NSS Wrapper Repository - branch master updated
The branch, master has been updated
via ff54c5b gitlab-ci: Add runner for ThreadSanitizer
via 84a24c2 gitlab-ci: Format yaml file
via a5687c3 gitlab-ci: Add stages
via 8a495a5 nwrap: Add NWRAP_REINIT_ALL to initialize mutexes
via 92f0f6a nwrap: Remove unneeded nss_module_symbol_binding_mutex
via 8c35ff4 nwrap: Bind symbols only once
via 5461b4e nwrap: Introduce nwrap_mutex_(un)lock() for better debugging
via 5187e32 nwrap: Move nwrap_thread_*() to the end
via da2f3f5 nwrap: Fix mutex unlocking in nwrap_init()
via 71e56b8 tests: Disable deep binding with ThreadSanitizer
via 4dab609 cmake: Add support for ThreadSanitizer
via b698b7e Add editorconfig
from ea36a64 Bump version to 1.1.12
https://git.samba.org/?p=nss_wrapper.git;a=shortlog;h=master
- Log -
commit ff54c5b94eed33ae86cd2cea6e70300d828259c9
Author: Andreas Schneider
Date: Fri Nov 4 09:46:06 2022 +0100
gitlab-ci: Add runner for ThreadSanitizer
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 84a24c27ab3f935e06783c3aefad33f1d349c128
Author: Andreas Schneider
Date: Fri Nov 4 09:48:31 2022 +0100
gitlab-ci: Format yaml file
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit a5687c30077ae177c49d8e18a8a7b2ec0c4bb5ce
Author: Andreas Schneider
Date: Fri Nov 4 09:44:44 2022 +0100
gitlab-ci: Add stages
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 8a495a5e9a4977f7226dce8da334f5fb4a724225
Author: Andreas Schneider
Date: Fri Nov 4 14:47:16 2022 +0100
nwrap: Add NWRAP_REINIT_ALL to initialize mutexes
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 92f0f6a93037685fdb7fffbacc32efdc13a2980a
Author: Andreas Schneider
Date: Fri Nov 4 14:35:50 2022 +0100
nwrap: Remove unneeded nss_module_symbol_binding_mutex
This loading of nss symbols already is protected by the mutex of
nwrap_init().
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 8c35ff4bd5bfdcc61a57dc81cbc165901d81f02b
Author: Andreas Schneider
Date: Fri Nov 4 14:24:54 2022 +0100
nwrap: Bind symbols only once
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 5461b4e9403f1a39ed3de1f63368ce180529e68a
Author: Andreas Schneider
Date: Fri Nov 4 13:57:23 2022 +0100
nwrap: Introduce nwrap_mutex_(un)lock() for better debugging
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 5187e32fcc89271c02480221c896eb6ed70ecc78
Author: Andreas Schneider
Date: Fri Nov 4 13:52:05 2022 +0100
nwrap: Move nwrap_thread_*() to the end
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit da2f3f5ce3828f572415c168555274cf51fd9d9c
Author: Andreas Schneider
Date: Fri Nov 4 13:19:55 2022 +0100
nwrap: Fix mutex unlocking in nwrap_init()
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 71e56b8abea3cbbc6f461f4fb426faf46c5a09c9
Author: Andreas Schneider
Date: Fri Nov 4 14:41:19 2022 +0100
tests: Disable deep binding with ThreadSanitizer
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit 4dab609787bf58db4a652694a9c05067bc9be1a0
Author: Andreas Schneider
Date: Fri Nov 4 09:42:06 2022 +0100
cmake: Add support for ThreadSanitizer
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
commit b698b7e17615c8434f0c0e2f815cc314fbcf0f36
Author: Andreas Schneider
Date: Fri Nov 4 13:26:19 2022 +0100
Add editorconfig
Signed-off-by: Andreas Schneider
Reviewed-by: Stefan Metzmacher
---
Summary of changes:
.editorconfig | 23 +++
.gitlab-ci.yml | 220 +++-
cmake/Modules/DefineCompilerFlags.cmake | 12 ++
src/nss_wrapper.c | 343 +---
tests/CMakeLists.txt| 7 +
5 files changed, 397 insertions(+), 208 deletions(-)
create mode 100644 .editorconfig
Changeset truncated at 500 lines:
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 000..bbe1bd5
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,23 @@
+root = true
+
+[*]
+charset = utf-8
+max_line_length = 80
+end_of_line = lf
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.{c,h}]
+indent_style = tab
+indent_size = 8
+tab_width = 8
+
+[*.cmake]
+indent_style = space
+indent_size = 4
+tab_width = 4
+
+[CMake*]
+indent_style = space
+indent_size = 4
+tab_width = 4
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index dbf5351..f35b1f3 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,3 +1,4 @@
