IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The corresponding tests were removed in commit
938afb8b28.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
If it is a wire claim (which is probably most common), the checking
and sorting has already happened. We don't need to make a copy to
sort and check.
In either case, there is still a copy step to make the conditional ACE
token.
This shuffles around some knownfails because the claim_v1_copy()
function we were using is checking for duplicates, which we don't
always want. That will be fixed soon.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This roughly returns things to where they were a few commits ago, with
the claims being checked for uniqueness.
The difference is the claims will be sorted afterwards, and the
uniqueness check will be far more efficient on large claims.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This changes the behaviour when one of the strings is NULL. Previously
a single NULL string would be ignored, and two would cause an error.
That will be restored in the next commit.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
And we allocate all the values together as an array, because
we might as well.
This and the next couple of commits might look like steps backwards,
and they are, but they allow us to get a run-up to leap over a big
fence.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Our composite comparisons are currently all wrong.
Soon they will be fixed, but we are going to have an inflection point
where we switch from the naive compare-everything approach to a sort
based comparison, and we want to test both sides. Also, we use these
tests for a little bit of timing, which reveals it is all fast enough.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These are unit tests for converting wire claims into sorted claims v1
structures.
These are based from packets derived from the krb5.conditional_ace
tests, and currently don't test more than they do, but they work about
a hundred thousand times quicker.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This basically reverts commit b3cae8dcf1
with a few important differences:
* SMB3 UNIX extensions are always built, but disabled by default at runtime.
* They are globally enabled in the fileserver test environment.
* It's now a per-share option, so admins can selectively disable them
on a per-share basis. This allows clients to detect early that a share
doesn't support user mount requested POSIX and fail appropiately, passing
the failure to the requesting application (mount command).
Signed-off-by: Ralph Boehme <slow@samba.org>
We had two sets of test vectors (Windows ground-truth for SDDL
compilation) that got mixed up.
The "oversized ACLs" set is ACLs that contain repeated ACEs, like
"D:P(D;;;;;MP)(D;;;;;MP)" -- Windows will assign a size to the ACL
that is greater than the sum of the ACEs, while Samba will not (in
part because we don't actually store a size for the ACL, instead
calculating it on the fly from the size of the ACEs).
The "TX integers" set is for resource attribute ACEs with octet-string
data that contains pure integers (lacking '#' characters) in their
SDDL, like «(RA;;;;;WD;("bar",TX,0x0,0077,00,0077,00))». We used to
think that was weird, and that RA-TX ACEs should contain octet-strings
in the conditional ACE style. But now we have realised it's not weird,
it's normal, and we have fixed our handling of these ACEs.
As a result of this mix-up, some of the tests labelled as "oversized
ACLs" started passing when we fixed the TX integer problem, and that
was confusing. All of the removed tests are already on the TX integer
set -- the removed ones were duplicates.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We are going to parse octet strings like Windows (as opposed to like
Windows docs), so the tests need changing.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Nov 23 00:32:33 UTC 2023 on atb-devel-224
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 04:50:00 UTC 2023 on atb-devel-224
When returning WERR_MORE_DATA the winreg server needs to indicate the
required buffer size.
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This allows the usage test to pass on our CI hosts without
python-crypto and not uxsuccess on hosts with it.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
The wrong number of semicolons is usually one less than count (which
counts sections separated by semicolons), except when count is zero.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
The knownfail will stay around for a few commits, because the message
we get is slightly wrong.
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Given two opens on a file:
1. Windows open with delete-on-close
2. POSIX open with delete-on-close set
When handle 1 is closed processing in has_other_nonposix_opens_fn() will not
delete the file as (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) is false, so
has_other_nonposix_opens() will return true which is wrong.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15517
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Nov 13 19:34:29 UTC 2023 on atb-devel-224
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 9 09:01:25 UTC 2023 on atb-devel-224
Such buffers are not to be trusted.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Nov 7 22:54:42 UTC 2023 on atb-devel-224
Test that the KDC removes these buffers from RODC‐issued PACs.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is what Windows does, and it removes a couple of knownfails.
We can change it here cheaply without affecting the core dom_sid code,
which is good because there seem to be other places where we need the
uppercase S (for example in ldap search <SID=> queries).
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
samba_kdc_get_user_info_dc() will add the Asserted Identity and Claims
Valid SIDs as appropriate.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
These tests crash Windows, but we can assume reasonable behaviour for
Samba.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15505
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct 27 21:19:35 UTC 2023 on atb-devel-224