mirror of
https://github.com/samba-team/samba.git
synced 2025-01-21 18:04:06 +03:00
conf: Remove "smb3 unix extensions" parameter
Always offer it, it's a client thing to ask for it or not. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Sep 21 17:43:23 UTC 2023 on atb-devel-224
This commit is contained in:
parent
8b9f464420
commit
b3cae8dcf1
@ -48,6 +48,7 @@ smb.conf changes
|
||||
|
||||
Parameter Name Description Default
|
||||
-------------- ----------- -------
|
||||
smb3 unix extensions removed always offered
|
||||
|
||||
|
||||
KNOWN ISSUES
|
||||
|
@ -1,11 +0,0 @@
|
||||
<samba:parameter name="smb3 unix extensions"
|
||||
context="G"
|
||||
type="boolean"
|
||||
function="_smb3_unix_extensions"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>Incomplete SMB 3.11 Unix Extensions. This is only available
|
||||
if Samba is compiled in DEVELOPER mode.</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
@ -26,129 +26,67 @@ def posix_context(mode):
|
||||
|
||||
class Smb3UnixTests(samba.tests.libsmb.LibsmbTests):
|
||||
|
||||
def enable_smb3unix(self):
|
||||
with open(self.global_inject, 'w') as f:
|
||||
f.write("smb3 unix extensions = yes\n")
|
||||
|
||||
def disable_smb3unix(self):
|
||||
with open(self.global_inject, 'w') as f:
|
||||
f.truncate()
|
||||
|
||||
def test_negotiate_context_posix(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_negotiate_context_noposix(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertFalse(c.have_posix())
|
||||
|
||||
def test_negotiate_context_posix_invalid_length(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
with self.assertRaises(NTSTATUSError) as cm:
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
negotiate_contexts=[(0x100, b'01234')])
|
||||
|
||||
e = cm.exception
|
||||
self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER)
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_negotiate_context_posix_invalid_blob(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
negotiate_contexts=[(0x100, b'0123456789012345')])
|
||||
self.assertFalse(c.have_posix())
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_posix_create_context(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'0000')]
|
||||
fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in)
|
||||
self.assertEqual(cc_in[0][0],cc_out[0][0])
|
||||
|
||||
c.close(fnum)
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_posix_create_context_noposix(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertFalse(c.have_posix())
|
||||
|
||||
cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'0000')]
|
||||
fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in)
|
||||
self.assertEqual(len(cc_out), 0)
|
||||
|
||||
c.close(fnum)
|
||||
|
||||
def test_posix_create_invalid_context_length(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
def test_negotiate_context_posix_invalid_length(self):
|
||||
with self.assertRaises(NTSTATUSError) as cm:
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
negotiate_contexts=[(0x100, b'01234')])
|
||||
|
||||
cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'00000')]
|
||||
e = cm.exception
|
||||
self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER)
|
||||
|
||||
with self.assertRaises(NTSTATUSError) as cm:
|
||||
fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in)
|
||||
def test_negotiate_context_posix_invalid_blob(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
negotiate_contexts=[(0x100, b'0123456789012345')])
|
||||
self.assertFalse(c.have_posix())
|
||||
|
||||
e = cm.exception
|
||||
self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER)
|
||||
def test_posix_create_context(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'0000')]
|
||||
fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in)
|
||||
self.assertEqual(cc_in[0][0],cc_out[0][0])
|
||||
|
||||
c.close(fnum)
|
||||
|
||||
def test_posix_create_invalid_context_length(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"tmp",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
cc_in=[(libsmb.SMB2_CREATE_TAG_POSIX,b'00000')]
|
||||
|
||||
with self.assertRaises(NTSTATUSError) as cm:
|
||||
fnum,_,cc_out = c.create_ex("",CreateContexts=cc_in)
|
||||
|
||||
e = cm.exception
|
||||
self.assertEqual(e.args[0], ntstatus.NT_STATUS_INVALID_PARAMETER)
|
||||
|
||||
def delete_test_file(self, c, fname, mode=0):
|
||||
f,_,cc_out = c.create_ex(fname,
|
||||
@ -161,8 +99,6 @@ class Smb3UnixTests(samba.tests.libsmb.LibsmbTests):
|
||||
def test_posix_query_dir(self):
|
||||
test_files = []
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
@ -193,63 +129,47 @@ class Smb3UnixTests(samba.tests.libsmb.LibsmbTests):
|
||||
for fname in test_files:
|
||||
self.delete_test_file(c, fname)
|
||||
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_posix_reserved_char(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
test_files = ['a ', 'a ', '. ', '. ', 'a.',
|
||||
'.a', ' \\ ', '>', '<' '?']
|
||||
|
||||
test_files = ['a ', 'a ', '. ', '. ', 'a.',
|
||||
'.a', ' \\ ', '>', '<' '?']
|
||||
|
||||
for fname in test_files:
|
||||
try:
|
||||
f,_,cc_out = c.create_ex('\\%s' % fname,
|
||||
CreateDisposition=libsmb.FILE_CREATE,
|
||||
DesiredAccess=security.SEC_STD_DELETE,
|
||||
CreateContexts=[posix_context(0o744)])
|
||||
except NTSTATUSError as e:
|
||||
self.fail(e)
|
||||
c.delete_on_close(f, True)
|
||||
c.close(f)
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_posix_delete_on_close(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
f,_,cc_out = c.create_ex('\\TESTING999',
|
||||
DesiredAccess=security.SEC_STD_ALL,
|
||||
CreateDisposition=libsmb.FILE_CREATE,
|
||||
CreateContexts=[posix_context(0o744)])
|
||||
for fname in test_files:
|
||||
try:
|
||||
f,_,cc_out = c.create_ex('\\%s' % fname,
|
||||
CreateDisposition=libsmb.FILE_CREATE,
|
||||
DesiredAccess=security.SEC_STD_DELETE,
|
||||
CreateContexts=[posix_context(0o744)])
|
||||
except NTSTATUSError as e:
|
||||
self.fail(e)
|
||||
c.delete_on_close(f, True)
|
||||
c.close(f)
|
||||
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
def test_posix_delete_on_close(self):
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
f,_,cc_out = c.create_ex('\\TESTING999',
|
||||
DesiredAccess=security.SEC_STD_ALL,
|
||||
CreateDisposition=libsmb.FILE_CREATE,
|
||||
CreateContexts=[posix_context(0o744)])
|
||||
c.delete_on_close(f, True)
|
||||
c.close(f)
|
||||
|
||||
def test_posix_case_sensitive(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
@ -281,13 +201,9 @@ class Smb3UnixTests(samba.tests.libsmb.LibsmbTests):
|
||||
finally:
|
||||
self.delete_test_file(c, '\\xx')
|
||||
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_posix_perm_files(self):
|
||||
test_files = {}
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
@ -337,28 +253,21 @@ class Smb3UnixTests(samba.tests.libsmb.LibsmbTests):
|
||||
for fname in test_files.keys():
|
||||
self.delete_test_file(c, '\\%s' % fname)
|
||||
|
||||
self.disable_smb3unix()
|
||||
|
||||
def test_share_root_null_sids_fid(self):
|
||||
try:
|
||||
self.enable_smb3unix()
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
c = libsmb.Conn(
|
||||
self.server_ip,
|
||||
"smb3_posix_share",
|
||||
self.lp,
|
||||
self.creds,
|
||||
posix=True)
|
||||
self.assertTrue(c.have_posix())
|
||||
|
||||
res = c.list("", info_level=100, posix=True)
|
||||
found_files = {get_string(i['name']): i for i in res}
|
||||
dotdot = found_files['..']
|
||||
self.assertEqual('S-1-0-0', dotdot['owner_sid'],
|
||||
'The owner sid for .. was not NULL')
|
||||
self.assertEqual('S-1-0-0', dotdot['group_sid'],
|
||||
'The group sid for .. was not NULL')
|
||||
self.assertEqual(0, dotdot['ino'], 'The ino for .. was not 0')
|
||||
self.assertEqual(0, dotdot['dev'], 'The dev for .. was not 0')
|
||||
finally:
|
||||
self.disable_smb3unix()
|
||||
res = c.list("", info_level=100, posix=True)
|
||||
found_files = {get_string(i['name']): i for i in res}
|
||||
dotdot = found_files['..']
|
||||
self.assertEqual('S-1-0-0', dotdot['owner_sid'],
|
||||
'The owner sid for .. was not NULL')
|
||||
self.assertEqual('S-1-0-0', dotdot['group_sid'],
|
||||
'The group sid for .. was not NULL')
|
||||
self.assertEqual(0, dotdot['ino'], 'The ino for .. was not 0')
|
||||
self.assertEqual(0, dotdot['dev'], 'The dev for .. was not 0')
|
||||
|
@ -4677,12 +4677,6 @@ void widelinks_warning(int snum)
|
||||
"These parameters are incompatible. "
|
||||
"Wide links will be disabled for this share.\n",
|
||||
lp_const_servicename(snum));
|
||||
} else if (lp_smb3_unix_extensions()) {
|
||||
DBG_ERR("Share '%s' has wide links and SMB3 unix "
|
||||
"extensions enabled. "
|
||||
"These parameters are incompatible. "
|
||||
"Wide links will be disabled for this share.\n",
|
||||
lp_const_servicename(snum));
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -4690,7 +4684,7 @@ void widelinks_warning(int snum)
|
||||
bool lp_widelinks(int snum)
|
||||
{
|
||||
/* wide links is always incompatible with unix extensions */
|
||||
if (lp_smb1_unix_extensions() || lp_smb3_unix_extensions()) {
|
||||
if (lp_smb1_unix_extensions()) {
|
||||
/*
|
||||
* Unless we have "allow insecure widelinks"
|
||||
* turned on.
|
||||
@ -4830,16 +4824,3 @@ uint32_t lp_get_async_dns_timeout(void)
|
||||
*/
|
||||
return MAX(Globals.async_dns_timeout, 1);
|
||||
}
|
||||
|
||||
bool lp_smb3_unix_extensions(void)
|
||||
{
|
||||
/*
|
||||
* FIXME: If this gets always enabled, check source3/selftest/tests.py
|
||||
* and source3/wscript for HAVE_SMB3_UNIX_EXTENSIONS.
|
||||
*/
|
||||
#if defined(DEVELOPER)
|
||||
return lp__smb3_unix_extensions();
|
||||
#else
|
||||
return false;
|
||||
#endif
|
||||
}
|
||||
|
@ -182,7 +182,6 @@ void widelinks_warning(int snum);
|
||||
const char *lp_ncalrpc_dir(void);
|
||||
void _lp_set_server_role(int server_role);
|
||||
uint32_t lp_get_async_dns_timeout(void);
|
||||
bool lp_smb3_unix_extensions(void);
|
||||
|
||||
/* The following definitions come from param/loadparm_ctx.c */
|
||||
|
||||
|
@ -276,41 +276,41 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
|
||||
return smbd_smb2_request_error(req, status);
|
||||
}
|
||||
|
||||
if (lp_smb3_unix_extensions()) {
|
||||
in_posix = smb2_negotiate_context_find(&in_c,
|
||||
SMB2_POSIX_EXTENSIONS_AVAILABLE);
|
||||
in_posix = smb2_negotiate_context_find(
|
||||
&in_c,
|
||||
SMB2_POSIX_EXTENSIONS_AVAILABLE);
|
||||
|
||||
if (in_posix != NULL) {
|
||||
const uint8_t *inbuf = in_posix->data.data;
|
||||
size_t inbuflen = in_posix->data.length;
|
||||
bool posix_found = false;
|
||||
/*
|
||||
* For now the server only supports one variant.
|
||||
* Check it's the right one.
|
||||
*/
|
||||
if ((inbuflen % 16) != 0) {
|
||||
return smbd_smb2_request_error(req,
|
||||
NT_STATUS_INVALID_PARAMETER);
|
||||
}
|
||||
SMB_ASSERT(strlen(SMB2_CREATE_TAG_POSIX) == 16);
|
||||
for (ofs=0; ofs<inbuflen; ofs+=16) {
|
||||
if (memcmp(inbuf+ofs,
|
||||
SMB2_CREATE_TAG_POSIX,
|
||||
16) == 0) {
|
||||
posix_found = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (posix_found) {
|
||||
DBG_DEBUG("Client requested SMB2 unix "
|
||||
"extensions\n");
|
||||
} else {
|
||||
DBG_DEBUG("Client requested unknown "
|
||||
"SMB2 unix extensions:\n");
|
||||
dump_data(10, inbuf, inbuflen);
|
||||
in_posix = NULL;
|
||||
if (in_posix != NULL) {
|
||||
const uint8_t *inbuf = in_posix->data.data;
|
||||
size_t inbuflen = in_posix->data.length;
|
||||
bool posix_found = false;
|
||||
/*
|
||||
* For now the server only supports one variant.
|
||||
* Check it's the right one.
|
||||
*/
|
||||
if ((inbuflen % 16) != 0) {
|
||||
return smbd_smb2_request_error(
|
||||
req,
|
||||
NT_STATUS_INVALID_PARAMETER);
|
||||
}
|
||||
SMB_ASSERT(strlen(SMB2_CREATE_TAG_POSIX) == 16);
|
||||
for (ofs = 0; ofs < inbuflen; ofs += 16) {
|
||||
if (memcmp(inbuf + ofs,
|
||||
SMB2_CREATE_TAG_POSIX,
|
||||
16) == 0) {
|
||||
posix_found = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (posix_found) {
|
||||
DBG_DEBUG("Client requested SMB2 unix "
|
||||
"extensions\n");
|
||||
} else {
|
||||
DBG_DEBUG("Client requested unknown "
|
||||
"SMB2 unix extensions:\n");
|
||||
dump_data(10, inbuf, inbuflen);
|
||||
in_posix = NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1712,9 +1712,6 @@ static NTSTATUS smbd_marshall_dir_entry(TALLOC_CTX *ctx,
|
||||
if (!(conn->sconn->using_smb2)) {
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
if (!lp_smb3_unix_extensions()) {
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
|
||||
/* Determine the size of the posix info context */
|
||||
plen = store_smb2_posix_info(conn,
|
||||
@ -1976,8 +1973,7 @@ static bool fsinfo_unix_valid_level(connection_struct *conn,
|
||||
uint16_t info_level)
|
||||
{
|
||||
if (conn->sconn->using_smb2 &&
|
||||
lp_smb3_unix_extensions() &&
|
||||
info_level == SMB2_FS_POSIX_INFORMATION_INTERNAL) {
|
||||
info_level == SMB2_FS_POSIX_INFORMATION_INTERNAL) {
|
||||
return true;
|
||||
}
|
||||
#if defined(SMB1SERVER)
|
||||
@ -3019,8 +3015,7 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
|
||||
ok = true;
|
||||
}
|
||||
|
||||
if (lp_smb3_unix_extensions() &&
|
||||
(fsp != NULL) &&
|
||||
if ((fsp != NULL) &&
|
||||
(fsp->posix_flags & FSP_POSIX_FLAGS_OPEN)) {
|
||||
DBG_DEBUG("SMB2 posix open\n");
|
||||
ok = true;
|
||||
@ -3670,9 +3665,6 @@ NTSTATUS smbd_do_qfilepathinfo(connection_struct *conn,
|
||||
if (!(conn->sconn->using_smb2)) {
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
if (!lp_smb3_unix_extensions()) {
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
if (fsp == NULL) {
|
||||
return NT_STATUS_INVALID_HANDLE;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user