IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This is not strictly needed, but makes it easier to audit
that we don't miss important places.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
For this test only, explicitly copy the SMB1 tcon struct,
don't use cli_state_save_tcon()//cli_state_restore_tcon()
as these calls will soon change to just manipulate the pointer
to avoid TALLOC_FREE() on the tcon struct which calls
destructors on child pipe data.
In SMB1 this test calls cli_tdis() twice with an invalid
vuid and expects the SMB1 tcon struct to be preserved
across the calls.
SMB1 cli_tdis() frees cli->smb1.tcon so we must put back
a deep copy into cli->smb1.tcon to be able to safely call
cli_tdis() again.
This is a test-only hack. Real client code
uses cli_state_save_tcon()/cli_state_restore_tcon()
if it needs to temporarily swap out the active
tcon on a client connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13992
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e93e6108837eff0cebad8dc26d055c0e1386093a)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13992
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit f9ca91bd293e9f2710c4449c5d4f5d016a066049)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13992
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit dc701959cad7bf15aa47cad6451212606520f67f)
Confirm that record overwrite with TDB_INSERT and record insert with
TDB_MODIFY both fail with appropriate error values.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 10 20:28:45 UTC 2020 on sn-devel-184
Only Samba does the SMB1 posix extensions, and we do the "advanced"
trans-based call.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix the callers. Note the special casing of mapping (uint16)-1 -> (uint32_t)-1
in SMBC_setatr() where we can't change the ABI.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Cleanup. It's never been a UNIX mode, always a DOS attribute field.
Make that explicit.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
No change in behaviour. ucf_flags are just now checked *inside*
canonicalize_snapshot_path() instead of the caller.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Prepares for having canonicalize_snapshot_path() strip any @GMT token from link
targets. In the future VFS modules won't be doing @GMT token stripping, so we
have to do it here.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Most places take twrp from a local struct smb_filename variable that the
function is working on. Some don't for various reasons:
o synthetic_smb_fname_split() is only called in very few places where we don't
expect twrp paths
o implementations of SMB_VFS_GETWD(), SMB_VFS_FS_CAPABILITIES() and
SMB_VFS_REALPATH() return the systems view of cwd and realpath without twrp info
o VFS modules implementing previous-versions support (vfs_ceph_snapshots,
vfs_shadow_copy2, vfs_snapper) synthesize raw paths that are passed to VFS NEXT
functions and therefor do not use twrp
o vfs_fruit: macOS doesn't support VSS
o vfs_recycle: in recycle_create_dir() we need a raw OS path to create a directory
o vfs_virusfilter: a few places where we need raw OS paths
o vfs_xattr_tdb: needs a raw OS path for SMB_VFS_NEXT_STAT()
o printing and rpc server: don't support VSS
o vfs_default_durable_reconnect: no Durable Handles on VSS handles, this might
be enhances in the future. No idea if Windows supports this.
o get_real_filename_full_scan: hm.... FIXME??
o get_original_lcomp: working on a raw path
o msdfs: doesn't support VSS
o vfs_get_ntquota: synthesizes an smb_filename from ".", so doesn't support VSS
even though VFS modules implement it
o fd_open: conn_rootdir_fname is a raw path
o msg_file_was_renamed: obvious
o open_np_file: pipes don't support VSS
o Python bindings: get's a raw path from the caller
o set_conn_connectpath: raw path
o set_conn_connectpath: raw path
o torture: gets raw paths from the caller
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Create -o files per -N client connections, set a specific timestamp, then write
a bit. This leads to the locking.tdb dmasters to be spread across all nodes.
Then list from one node. This makes sure that the async share mode fetch works
right.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
canonicalize_absolute_path() has a bug.
In canonicalize_absolute_path()
///a/./././///component/../////path/ -> /a//path
It should go to /a/path. Mark as knownfail.
Adding these tests so I can ultimately remove
resolve_realpath_name() and re-use the existing
canonicalize_absolute_path() code in vfs_widelinks.c
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Shows bits needed to set/get a SACL. We need a script within Samba to run this
as it depends on a user with SeSecurityPrivilege to work.
Test does the following:
1). Create a test file.
2). Open with SEC_FLAG_SYSTEM_SECURITY *only*. ACCESS_DENIED.
NB. SMB2-only behavior. SMB1 allows this as tested in SMB1-SYSTEM-SECURITY.
3). Open with SEC_FLAG_SYSTEM_SECURITY|FILE_WRITE_ATTRIBUTES.
4). Write SACL. Should fail with ACCESS_DENIED (seems to need WRITE_DAC).
5). Close (3).
6). Open with SEC_FLAG_SYSTEM_SECURITY|SEC_STD_WRITE_DAC.
7). Write SACL. Success.
8). Close (4).
9). Open with SEC_FLAG_SYSTEM_SECURITY|READ_ATTRIBUTES.
10). Read SACL. Success.
11). Read DACL. Should fail with ACCESS_DENIED (no READ_CONTROL).
12). Close (9).
13 - and on error). Delete test file.
Passes against Windows 10.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
NB. This is also tested in samba3.base.createx_access
but this makes it very explicit what we're looking for.
Shows SMB1 allows explicit open of a file with only
he SEC_FLAG_SYSTEM_SECURITY access mask requested.
SMB2 doesn't.
Requires a Windows 10 system with a user with
SeSecurityPrivilege set. Passes against Windows 10
with SMB1 enabled.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Note that as ReadDirName() returns translated names (in Windows "encoding"), in
cmd_translate_name() test we have to translate back to UNIX "encoding" to check
if the filename matches the user requested path which is also in UNIX
"encoding".
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This walks different code paths in the subsequent locker. And the one
that we did not test so far is in fact buggy
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
