[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Sep 6 13:30:02 UTC 2017
The branch, master has been updated
via 8c365c5 python: Enable execution of samba.tests.security with Python 3.
via c81aff3 python: Fix bad type in conversion of NTSTATUS.
via 6f87728 python: Add tests for check_access function from samba.security.
via 022aa5e python: Port samba.security to Python 3 compatible form.
from 2d0e138 python:samba: Add code to remove obsolete files in the private dir
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8c365c5fe09e396e55891945bb4983c0e95d6c13
Author: Lumir Balhar <lbalhar at redhat.com>
Date: Tue Aug 8 08:50:35 2017 +0200
python: Enable execution of samba.tests.security with Python 3.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Sep 6 15:29:58 CEST 2017 on sn-devel-144
commit c81aff362fe99a65385c6f8337ffcb47c9456829
Author: Lumir Balhar <lbalhar at redhat.com>
Date: Wed Sep 6 09:27:02 2017 +0200
python: Fix bad type in conversion of NTSTATUS.
More info: https://lists.samba.org/archive/samba-technical/2017-August/122574.html
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6f877285a3e92029cd761d55836c062a93e94749
Author: Lumir Balhar <lbalhar at redhat.com>
Date: Tue Aug 8 08:48:28 2017 +0200
python: Add tests for check_access function from samba.security.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 022aa5ea34c82e3906c626a50a722ad0e9f33a1d
Author: Lumir Balhar <lbalhar at redhat.com>
Date: Mon May 22 15:21:08 2017 +0200
python: Port samba.security to Python 3 compatible form.
Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/security/pysecurity.c | 22 +++++++++++++++-------
libcli/security/wscript_build | 12 +++++++-----
python/samba/tests/security.py | 26 ++++++++++++++++++++++++++
selftest/tests.py | 2 +-
source4/libcli/util/pyerrors.h | 2 +-
5 files changed, 50 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/pysecurity.c b/libcli/security/pysecurity.c
index 5dbf95c..7205842 100644
--- a/libcli/security/pysecurity.c
+++ b/libcli/security/pysecurity.c
@@ -18,13 +18,12 @@
*/
#include <Python.h>
+#include "python/py3compat.h"
#include "includes.h"
#include "libcli/util/pyerrors.h"
#include "libcli/security/security.h"
#include "pytalloc.h"
-void initsecurity(void);
-
static PyObject *py_se_access_check(PyObject *module, PyObject *args, PyObject *kwargs)
{
NTSTATUS nt_status;
@@ -65,7 +64,7 @@ static PyObject *py_se_access_check(PyObject *module, PyObject *args, PyObject *
PyErr_NTSTATUS_IS_ERR_RAISE(nt_status);
}
- return PyLong_FromLong(access_granted);
+ return PyInt_FromLong(access_granted);
}
static PyMethodDef py_security_methods[] = {
@@ -74,12 +73,21 @@ static PyMethodDef py_security_methods[] = {
{ NULL },
};
-void initsecurity(void)
+static struct PyModuleDef moduledef = {
+ PyModuleDef_HEAD_INIT,
+ .m_name = "security",
+ .m_doc = "Security support.",
+ .m_size = -1,
+ .m_methods = py_security_methods,
+};
+
+MODULE_INIT_FUNC(security)
{
PyObject *m;
- m = Py_InitModule3("security", py_security_methods,
- "Security support.");
+ m = PyModule_Create(&moduledef);
if (m == NULL)
- return;
+ return NULL;
+
+ return m;
}
diff --git a/libcli/security/wscript_build b/libcli/security/wscript_build
index b529ec8..6a6b012 100644
--- a/libcli/security/wscript_build
+++ b/libcli/security/wscript_build
@@ -7,8 +7,10 @@ bld.SAMBA_LIBRARY('samba-security',
deps='talloc ndr NDR_SECURITY'
)
-bld.SAMBA_PYTHON('pysecurity',
- source='pysecurity.c',
- deps='samba-security pytalloc-util',
- realname='samba/security.so'
- )
+for env in bld.gen_python_environments():
+ pytalloc_util = bld.pyembed_libname('pytalloc-util')
+ bld.SAMBA_PYTHON('pysecurity',
+ source='pysecurity.c',
+ deps='samba-security %s' % pytalloc_util,
+ realname='samba/security.so'
+ )
diff --git a/python/samba/tests/security.py b/python/samba/tests/security.py
index d2938aa..e0df912 100644
--- a/python/samba/tests/security.py
+++ b/python/samba/tests/security.py
@@ -19,6 +19,10 @@
import samba.tests
from samba.dcerpc import security
+from samba.security import access_check
+from samba import ntstatus
+from samba import NTSTATUSError
+
class SecurityTokenTests(samba.tests.TestCase):
@@ -141,3 +145,25 @@ class PrivilegeTests(samba.tests.TestCase):
self.assertEquals(security.SEC_PRIV_SHUTDOWN,
security.privilege_id("SeShutdownPrivilege"))
+
+class CheckAccessTests(samba.tests.TestCase):
+
+ def test_check_access(self):
+ desc = security.descriptor.from_sddl("O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)", security.dom_sid("S-2-0-0"))
+ token = security.token()
+
+ self.assertEqual(access_check(desc, token, 0), 0)
+
+ params = (
+ (security.SEC_FLAG_SYSTEM_SECURITY,
+ ntstatus.NT_STATUS_PRIVILEGE_NOT_HELD),
+ (security.SEC_STD_READ_CONTROL, ntstatus.NT_STATUS_ACCESS_DENIED)
+ )
+
+ for arg, num in params:
+ try:
+ result = access_check(desc, token, arg)
+ except Exception as e:
+ self.assertTrue(isinstance(e, NTSTATUSError))
+ e_num, e_msg = e.args
+ self.assertEqual(num, e_num)
diff --git a/selftest/tests.py b/selftest/tests.py
index b232153..9d1d9d3 100644
--- a/selftest/tests.py
+++ b/selftest/tests.py
@@ -58,7 +58,7 @@ planpythontestsuite("none", "samba.tests.credentials", py3_compatible=True)
planpythontestsuite("none", "samba.tests.registry")
planpythontestsuite("none", "samba.tests.auth", py3_compatible=True)
planpythontestsuite("none", "samba.tests.get_opt", py3_compatible=True)
-planpythontestsuite("none", "samba.tests.security")
+planpythontestsuite("none", "samba.tests.security", py3_compatible=True)
planpythontestsuite("none", "samba.tests.dcerpc.misc", py3_compatible=True)
planpythontestsuite("none", "samba.tests.dcerpc.integer")
planpythontestsuite("none", "samba.tests.param", py3_compatible=True)
diff --git a/source4/libcli/util/pyerrors.h b/source4/libcli/util/pyerrors.h
index c3b3076..1c91c5a 100644
--- a/source4/libcli/util/pyerrors.h
+++ b/source4/libcli/util/pyerrors.h
@@ -24,7 +24,7 @@
#define PyErr_FromHRESULT(err) Py_BuildValue("(i,s)", HRES_ERROR_V(err), discard_const_p(char, hresult_errstr_const(err)))
-#define PyErr_FromNTSTATUS(status) Py_BuildValue("(i,s)", NT_STATUS_V(status), discard_const_p(char, get_friendly_nt_error_msg(status)))
+#define PyErr_FromNTSTATUS(status) Py_BuildValue("(I,s)", NT_STATUS_V(status), discard_const_p(char, get_friendly_nt_error_msg(status)))
#define PyErr_FromString(str) Py_BuildValue("(s)", discard_const_p(char, str))
--
Samba Shared Repository
More information about the samba-cvs
mailing list