sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code
138,599 Commits 60 Branches 1,146 Tags
Commit Graph

12467 Commits

Author SHA1 Message Date
Volker Lendecke
2686a189c6 smbd: Assert we have an fsp in smbd_do_setfilepathinfo 
With this in the future we can avoid some special cases in our callees

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug  6 17:37:39 UTC 2024 on atb-devel-224
 2024-08-06 17:37:39 +00:00
Volker Lendecke
7e82052ce7 smbd: filename_convert_dirfsp always gives an fsp 
We're in setpathinfo, so if there's without an fsp it's
OBJECT_NAME_NOT_FOUND, the last component is missing.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
0e8a0f3bd4 smbd: Simplify check_user_ok() 
Don't walk the cache at all if we get UID_FIELD_INVALID

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
95c031b660 smbd: Make parent_override_delete a bit more readable 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
83537703ba smbd: Remove some dead code 
We have returned from this function if fsp==NULL above

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
fe7b78adb3 smbd: Fix some DBGs 
DBG_DEBUG already has the function name prefix

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
51262e47af smbd: Modernize a DEBUG 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
cfa24f0563 smbd: Fix a comment and an error message 
Tested manually, but OBJECT_NAME_NOT_FOUND makes much more sense given
the new semantics of filename_convert_dirfsp.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
cb67a70113 smbd: Save a few lines with a "goto done;" 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
33d517fe13 smbd: Modernize DEBUGs 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
51ce5ce709 smbd: protect check_smb2_posix_chmod_ace against invalid trustees 
Found because I got this wrong in new code coming soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-08-06 16:29:33 +00:00
Volker Lendecke
a150714cc6 lib: Remove "token" parameter from set_namearray 
Not needed anymore

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15688
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-31 08:39:29 +00:00
Volker Lendecke
17becb5f52 smbd: Respect per-user hide and veto files with parametric options 
For my taste this is a nicer configuration syntax than

/../username1/file1/../username2/file2/

Is this too expensive? I don't think so. The scanning only happens an
tcon time, and it only walks the parametric options. If this turns out
to be a performance problem, we should think about smarter data
structures for parametric options instead of just a linked list of
string triples for everything.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15688
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-31 08:39:29 +00:00
Ralph Boehme
607d2c1e3e s3/lib: return error from set_namearray() 
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:31 +00:00
Ralph Boehme
02ae847b45 smbd: return errors from token_contains_name() 
Invalid names in "valid users", "invalid users", "read list", "write list",
"veto files" and "hide files" are logged and ignored, but a failure to contact
winbind or a DC from winbind, or a memory allocation failure, now all trigger a
failure of the tree connect.

Manually tested with smbclient with the following hack in winbindd:

---8<---
  $ git di
   source3/winbindd/winbindd_cache.c | 7 +++++++
   1 file changed, 7 insertions(+)

  diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
  index c889489dbbbc..8ccf0a28e11a 100644
  --- a/source3/winbindd/winbindd_cache.c
  +++ b/source3/winbindd/winbindd_cache.c
  @@ -1821,6 +1821,13 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
          ZERO_STRUCTP(sid);
          *type = SID_NAME_UNKNOWN;

  +       if (strequal(name, "unknown")) {
  +               return NT_STATUS_OK;
  +       }
  +       if (strequal(name, "iotimeout")) {
  +               return NT_STATUS_IO_TIMEOUT;
  +       }
  +
          status = wcache_name_to_sid(domain, domain_name, name, sid, type);
          if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
                  return status;
---8<---

  veto files = ../unknown/file1/../slow/file2

  $ bin/smbclient -U slow%x //localhost/test -c quit
  $

In the log:

  [2024/03/04 15:21:33.659356,  1, pid=977167, effective(0, 0), real(0, 0)] ../../source3/lib/util_namearray.c:128(token_contains_name)
    token_contains_name: lookup_name 'unknown' failed

  veto files = ../iotimeout/file1/../slow/file2

  $ bin/smbclient -U slow%x //localhost/test -c quit
  tree connect failed: NT_STATUS_LOGON_FAILURE
  $

  [2024/03/04 15:22:15.655811,  0, pid=977177, effective(0, 0), real(0, 0)] ../../source3/lib/util_namearray.c:131(token_contains_name)
    token_contains_name: lookup_name 'iotimeout' failed NT_STATUS_NO_SUCH_DOMAIN
  [2024/03/04 15:22:15.655846,  1, pid=977177, effective(0, 0), real(0, 0)] ../../source3/smbd/uid.c:381(change_to_user_impersonate)
    change_to_user_impersonate: SMB user slow (unix user slow) not permitted access to share test.
  [2024/03/04 15:22:15.655855,  0, pid=977177, effective(0, 0), real(0, 0)] ../../source3/smbd/smb2_service.c:689(make_connection_snum)
    make_connection_snum: Can't become connected user!

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:31 +00:00
Ralph Boehme
b8b2f21835 s3/lib: add per-user support to set_namearray() 
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:31 +00:00
Ralph Boehme
02e7c70ab3 smbd: move token_contains_name() to util_namearray.c and make it public 
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:31 +00:00
Ralph Boehme
8ab29157b9 smbd: maintain veto_list and hide_list in the vuid cache 
Prepares for adding per-user support to both options. I don't think it makes
sense also adding per-user support to "veto oplock files" and "aio write behind"
so I'm ignoring those.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:30 +00:00
Ralph Boehme
cfa9a73319 smbd: prepare free_conn_session_info_if_unused() for more cleanup logic 
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:30 +00:00
Ralph Boehme
630f1228d1 smbd: move target code out of loop body 
Reduces indentation of the code code that is run in this function and prepares
for adding more of it.

Review with: git show -w

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:30 +00:00
Ralph Boehme
7fc74c7883 s3/lib: modernize set_namearray() 
No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:30 +00:00
Ralph Boehme
f564fcb7c1 s3/lib: move path_to_strv() to util_path.c 
More callers are coming.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
 2024-07-26 10:06:30 +00:00
Andreas Schneider
f124c2df92 s3:smbd: Initialize struct security_ace array 
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4599: var_decl: Declaring variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4676: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"".
 4674|   	idx++;
 4675|
 4676|-> 	new_dacl = make_sec_acl(ctx,
 4677|   			NT4_ACL_REVISION,
 4678|   			idx,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
 2024-07-18 12:47:29 +00:00
Volker Lendecke
bbe2c82f62 smbd: Show blk and chr devices as nfs reparse points 
Can't test these in selftest, we can't create devices and I don't want
us to depend on /dev to exist. Tested manually on a system where
/dev/null exists:

Try "help" to get a list of possible commands.
smb: \> allinfo null
altname: null
create_time:    Fri Jun 21 02:45:59 PM 2024 CEST
access_time:    Fri Jun 21 02:45:59 PM 2024 CEST
write_time:     Fri Jun 21 02:45:59 PM 2024 CEST
change_time:    Fri Jun 21 02:45:59 PM 2024 CEST
attributes:  (480)
stream: [::$DATA], 0 bytes
0x80000014 (IO_REPARSE_TAG_NFS)
 0x524843 (NFS_SPECFILE_CHR)
 1/3
smb: \>

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 12 21:36:16 UTC 2024 on atb-devel-224
 2024-07-12 21:36:16 +00:00
Volker Lendecke
51ded0ae7c smbd: Show sockets as reparse points in fdos_mode 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-07-12 20:35:34 +00:00
Volker Lendecke
a03f339e96 smbd: Show fifos as reparse points in fdos_mode 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-07-12 20:35:34 +00:00
Volker Lendecke
f1440cebf2 smbd: Turn file type handling in fdos_mode into a switch 
There will be more cases soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-07-12 20:35:34 +00:00
Volker Lendecke
e4e5242b27 smbd: Add DBG to return tag for SMB_FILE_ATTRIBUTE_TAG_INFORMATION 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
 2024-07-12 20:35:34 +00:00
Andreas Schneider
0131e4737c s3:smbd: Fix invalid memory free 
"Error: BAD_FREE (CWE-590):
samba-4.20.0rc2/source3/smbd/smb1_process.c:1485: array_free: ""smb1_srv_send"" frees array ""errbuf"".
 1483|   		char errbuf[smb_size];
 1484|   		error_packet(errbuf, 0, 0, status, __LINE__, __FILE__);
 1485|-> 		if (!smb1_srv_send(req->xconn,
 1486|   				   errbuf,
 1487|   				   true,"

Pair-Programmed-With: Ralph Boehme <slow@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
 2024-07-08 07:36:32 +00:00
Andreas Schneider
94b8fa4134 s3:smbd: Remove trailing spaces in seal.c 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
 2024-07-08 07:36:32 +00:00
Andreas Schneider
982c6b2bfa s3:smbd: Remove trailing spaces in smb1_process.c 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
 2024-07-08 07:36:32 +00:00
Volker Lendecke
8292481bc0 smbd: Don't talloc_zero where we assign the struct a line below 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul  4 16:31:39 UTC 2024 on atb-devel-224
 2024-07-04 16:31:39 +00:00
Volker Lendecke
94f37866b5 smbd: Use new symlink_target_path routine 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2024-07-04 15:26:36 +00:00
Volker Lendecke
659cb9f728 smbd: Rename symlink_target_path to _symlink_target_path 
Only temporary, next step is a new more general symlink_target_path
routine, we'll need that in libcli/smb as well.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2024-07-04 15:26:36 +00:00
Stefan Metzmacher
2aca5cfbfa smbd: correctly restore ENOENT if fstatfs() modifies it 
Review with: git show -U5

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul  3 11:41:12 UTC 2024 on atb-devel-224
 2024-07-03 11:41:12 +00:00
Jo Sutton
03e9575e38 s3:smbd: Avoid compiler warning for unused label 
If either of HAVE_FSTATFS and HAVE_LINUX_MAGIC_H are not defined, gcc
produces the following error:

../../source3/smbd/open.c: In function ‘reopen_from_fsp’:
../../source3/smbd/open.c:1222:1: error: label ‘namebased_open’ defined but not used [-Werror=unused-label]
 1222 | namebased_open:
      | ^~~~~~~~~~~~~~

Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul  2 04:44:56 UTC 2024 on atb-devel-224
 2024-07-02 04:44:56 +00:00
Andreas Schneider
aae8cab3f9 s3:smbd: Make sure struct security_ace is initialized 
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4706: var_decl: Declaring variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4748: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"".
 4746|   	idx++;
 4747|
 4748|-> 	new_dacl = make_sec_acl(ctx,
 4749|   				NT4_ACL_REVISION,
 4750|   				idx,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
 2024-06-30 23:20:34 +00:00
Andreas Schneider
1478619363 s3:smbd: Make sure struct security_ace is initialized 
"Error: UNINIT (CWE-457):
samba-4.20.0rc2/source3/smbd/posix_acls.c:4778: var_decl: Declaring variable ""aces"" without initializer.
samba-4.20.0rc2/source3/smbd/posix_acls.c:4799: uninit_use_in_call: Using uninitialized value ""*aces"". Field ""aces->object"" is uninitialized when calling ""make_sec_acl"".
 4797|   	idx++;
 4798|
 4799|-> 	new_dacl = make_sec_acl(ctx,
 4800|   				NT4_ACL_REVISION,
 4801|   				idx,"

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
 2024-06-30 23:20:33 +00:00
Andreas Schneider
df8d19e53b s3:smbd: Remove trailing spaces in posix_acls.c 
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
 2024-06-30 23:20:33 +00:00
Volker Lendecke
b565901a47 smbd: Simplify smbd_do_qfsinfo with direct struct initialization 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
d2932c22e0 smbd: Simplify reopen_from_fsp 
In a variable declaration the (struct ...) is not needed

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
c3799dfb4a smbd: Remove some unused code 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
1fb07bc721 smbd: Avoid a cast 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
9cb187d188 smbd: Print reparse_point in dos_mode_debug_print 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
7b03fc3d9f smbd: Simplify dos_mode_from_sbuf 
We don't need that else branch, this could be a switch as well

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
e2ba614465 smbd: Simplify fdos_mode 
We don't need the outer !NT_STATUS_IS_OK and the comment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
6a077e2fcd smbd: Simplify filename_convert_dirfsp_nosymlink 
Initialize the timestamps in the existing struct assignment

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
5e206ffbe3 smbd: Remove an obsolete comment 
We have a good understanding of SAMBA_UTIME_OMIT these days

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
e94de8a4af smbd: Simplify init_smb_file_time 
Call make_omit_timespec just once, saves a few .text bytes

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00
Volker Lendecke
e5a304193b smbd: Simplify copy_stat_ex_timestamps 
copy_stat_ex_timestamps doesn't need the fsp, it only needs the
destination stat struct

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
 2024-06-28 13:26:24 +00:00