[SCM] Samba Shared Repository - branch master updated

[Ralph Böhme]

The branch, master has been updated
   via  80159018e41 s3:utils: Fix Inherit-Only flag being automatically 
propagated to children
   via  eba2bfde347 python/samba/tests/blackbox: Add tests for Inherit-only 
flag propagation
  from  96b5cfe4e6c s3:libsmb: Pass a memory context to get_ipc_connect()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 80159018e411c643fbfe7ef82bd33e30b6147901
Author: Anna Popova 
Date:   Fri Apr 12 17:32:37 2024 +0300

s3:utils: Fix Inherit-Only flag being automatically propagated to children

Inherit-only flag applies only to the container it was set to and it
shouldn't be automatically propagated to children.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15636

Signed-off-by: Anna Popova 
Reviewed-by: Noel Power 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Mon Apr 29 10:56:48 UTC 2024 on atb-devel-224

commit eba2bfde347041a395f0fbd3c57235be63b1890d
Author: yuzu367 
Date:   Thu Apr 11 11:31:07 2024 +0300

python/samba/tests/blackbox: Add tests for Inherit-only flag propagation

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15636

Signed-off-by: Anna Popova 
Reviewed-by: Noel Power 
Reviewed-by: Ralph Boehme 

---

Summary of changes:
 .../blackbox/smbcacls_propagate_inhertance.py  | 108 +
 source3/utils/smbcacls.c   |   4 +
 2 files changed, 112 insertions(+)


Changeset truncated at 500 lines:

diff --git a/python/samba/tests/blackbox/smbcacls_propagate_inhertance.py 
b/python/samba/tests/blackbox/smbcacls_propagate_inhertance.py
index cc13727b8fb..5b3a27111d5 100644
--- a/python/samba/tests/blackbox/smbcacls_propagate_inhertance.py
+++ b/python/samba/tests/blackbox/smbcacls_propagate_inhertance.py
@@ -1288,3 +1288,111 @@ class 
InheritanceSmbCaclsTests(SmbCaclsBlockboxTestBase):
 
 except BlackboxProcessError as e:
 self.fail(str(e))
+
+def test_simple_iocioi_add(self):
+"""test smbcacls '--propagate-inheritance --add' which attempts to add 
the ACL
+for the file and additionally use inheritance rules to propagate 
appropriate
+changes to children
+
+This test adds an ACL with (IO)(CI)(OI)(READ)
+
+before:
+
++-tar_test_dir/(OI)(CI)(I)(F)
+  +-oi_dir/(OI)(CI)(I)(F)
+  | +-file.1(I)(F)
+  | +-nested/  (OI)(CI)(I)(F)
+  |   +-file.2  (I)(F)
+  |   +-nested_again/ (OI)(CI)(I)(F)
+  | +-file.3  (I)(F)
+
+after/expected:
+
++-tar_test_dir/(OI)(CI)(I)(F)
+  +-oi_dir/(OI)(CI)(I)(F), (IO)(CI)(OI)(READ)
+  | +-file.1(I)(F), (I)(READ)
+  | +-nested/  (OI)(CI)(I)(F), (I)(CI)(OI)(READ)
+  |   +-file.2  (I)(F), (I)(READ)
+  |   +-nested_again/ (OI)(CI)(I)(F), (I)(CI)(OI)(READ)
+  | +-file.3  (I)(F), (I)(READ)"""
+
+dir_add_acl_str = "ACL:%s:ALLOWED/OI|CI|IO/READ" % self.user
+obj_inherited_ace_str = "ACL:%s:ALLOWED/I/READ" % self.user
+dir_inherited_ace_str = "ACL:%s:ALLOWED/OI|CI|I/READ" % self.user
+
+try:
+
+self.smb_cacls(["--propagate-inheritance", "--add",
+dir_add_acl_str, self.oi_dir])
+
+# check top level container 'oi_dir' has IO|CI|OI/READ
+dir_ace = self.ace_parse_str(dir_add_acl_str)
+self.assertTrue(self.file_ace_check(self.oi_dir, dir_ace))
+
+# file 'oi_dir/file-1' should  have inherited I/READ
+child_file_ace = self.ace_parse_str(obj_inherited_ace_str)
+self.assertTrue(self.file_ace_check(self.f1, child_file_ace))
+
+# nested dir  'oi_dir/nested/' should have I|CI|OI/READ
+child_dir_ace = self.ace_parse_str(dir_inherited_ace_str)
+self.assertTrue(self.file_ace_check(self.nested_dir, 
child_dir_ace))
+
+# nested file 'oi_dir/nested/file-2' should  have inherited I/READ
+self.assertTrue(self.file_ace_check(self.f2, child_file_ace))
+
+# nested_again dir  'oi_dir/nested/nested_again' should have 
I|CI|OI/READ
+child_dir_ace = self.ace_parse_str(dir_inherited_ace_str)
+self.assertTrue(self.file_ace_check(self.nested_again_dir, 
child_dir_ace))
+# nested_again file 'oi_dir/nested/nested_again/file-3' should  
have inherited I/READ
+self.assertTrue(self.file_ace_check(self.f3, child_file_ace))
+except BlackboxProcessError as e:
+self.fail(str(e))
+
+def test_simple_ioci_add(self):
+"""test smbcacls '--propagate-inheritance --add' which attempts to add 
the ACL
+   

[SCM] Samba Shared Repository - branch master updated

[Volker Lendecke]

The branch, master has been updated
   via  96b5cfe4e6c s3:libsmb: Pass a memory context to get_ipc_connect()
   via  56426eda9bd s3:libsmb: Make get_ipc_connect() static
   via  bf688e0d2af s3:libnet: Fix memory leak in 
libnet_join_connect_dc_ipc()
   via  d2297b41a20 s3:libsmb: Pass memory context to 
cli_full_connection_creds()
   via  5c63d5bdab1 s3:libsmb: Pass memory context to 
cli_full_connection_creds_recv()
   via  f95947b s3:libsmb: Pass a memory context to 
cli_start_connection()
   via  f3fda1e440c s3:libsmb: Pass a memory context to 
cli_start_connection_recv()
   via  bbb21797bf6 s3:libsmb: Pass memory context to cli_connect_nb()
   via  4f62937dfab s3:torture: Remove trailing spaces in torture.c
   via  c8eabee18bd s3:nmbd: Remove trailing spaces in nmbd_synclists.c
   via  2154bd37e41 s3:libsmb: Pass a memory context to 
cli_connect_nb_recv()
  from  73e3ffb8418 python:tests: Store keys as bytes rather than as lists 
of ints

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -
commit 96b5cfe4e6c4b727c286b0856446c1d5a31b920b
Author: Andreas Schneider 
Date:   Thu Nov 23 15:53:29 2023 +0100

s3:libsmb: Pass a memory context to get_ipc_connect()

Indirect leak of 792 byte(s) in 1 object(s) allocated from: 

 #0 0x7f261b8dc03f in malloc 
(/lib64/libasan.so.8+0xdc03f) (BuildId: 
3e1694ad218c99a8b1b69231666a27df63cf19d0)
#1 0x7f261b2c2bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783 

 #2 0x7f261b2c473d in __talloc 
../../lib/talloc/talloc.c:825
#3 0x7f261b2c473d in _talloc_named_const ../../lib/talloc/talloc.c:982
#4 0x7f261b2c473d in _talloc_zero ../../lib/talloc/talloc.c:2421

 #5 0x7f2618cb42bc in smbXcli_conn_create 
../../libcli/smb/smbXcli_base.c:350
#6 0x7f261a74acd3 in cli_state_create 
../../source3/libsmb/clientgen.c:196
   #7 
0x7f261a751f0d in cli_connect_nb_done ../../source3/libsmb/cliconnect.c:2715
#8 0x7f261a69bacf in _tevent_req_notify_callback 
../../lib/tevent/tevent_req.c:177   
#9 0x7f261a69bd06 in 
tevent_req_finish ../../lib/tevent/tevent_req.c:234
#10 0x7f261a69bd6e in _tevent_req_done 
../../lib/tevent/tevent_req.c:240   
  #11 
0x7f261a752dde in cli_connect_sock_done ../../source3/libsmb/cliconnect.c:2624
#12 0x7f261a69bacf in _tevent_req_notify_callback 
../../lib/tevent/tevent_req.c:177
#13 0x7f261a69bd06 in tevent_req_finish 
../../lib/tevent/tevent_req.c:234
#14 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#15 0x7f261a7ba2c4 in smbsock_any_connect_connected 
../../source3/libsmb/smbsock_connect.c:788
#16 0x7f261a69bacf in _tevent_req_notify_callback 
../../lib/tevent/tevent_req.c:177
#17 0x7f261a69bd06 in tevent_req_finish 
../../lib/tevent/tevent_req.c:234
#18 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#19 0x7f261a7b75ad in smbsock_connect_connected 
../../source3/libsmb/smbsock_connect.c:524
#20 0x7f261a69bacf in _tevent_req_notify_callback 
../../lib/tevent/tevent_req.c:177
#21 0x7f261a69bd06 in tevent_req_finish 
../../lib/tevent/tevent_req.c:234
#22 0x7f261a69bd6e in _tevent_req_done ../../lib/tevent/tevent_req.c:240
#23 0x7f261b4b400a in open_socket_out_connected 
../../source3/lib/util_sock.c:484
#24 0x7f261a69bacf in _tevent_req_notify_callback 
../../lib/tevent/tevent_req.c:177
#25 0x7f261a69bd06 in tevent_req_finish 
../../lib/tevent/tevent_req.c:234
#26 0x7f261a69be3e in tevent_req_trigger 
../../lib/tevent/tevent_req.c:291
#27 0x7f261a699df4 in tevent_common_invoke_immediate_handler 
../../lib/tevent/tevent_immediate.c:190
#28 0x7f261a699e31 in tevent_common_loop_immediate 
../../lib/tevent/tevent_immediate.c:236
#29 0x7f261a6ad3ec in epoll_event_loop_once 
../../lib/tevent/tevent_epoll.c:905
#30 0x7f261a6a679e in std_event_loop_once 
../../lib/tevent/tevent_standard.c:110
#31 0x7f261a696538 in _tevent_loop_once ../../lib/tevent/tevent.c:820

Signed-off-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Apr 29 09:48:47