[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Wed Sep 6 13:30:02 UTC 2017 

The branch, master has been updated
       via  8c365c5 python: Enable execution of samba.tests.security with Python 3.
       via  c81aff3 python: Fix bad type in conversion of NTSTATUS.
       via  6f87728 python: Add tests for check_access function from samba.security.
       via  022aa5e python: Port samba.security to Python 3 compatible form.
      from  2d0e138 python:samba: Add code to remove obsolete files in the private dir

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8c365c5fe09e396e55891945bb4983c0e95d6c13
Author: Lumir Balhar <lbalhar at redhat.com>
Date:   Tue Aug 8 08:50:35 2017 +0200

    python: Enable execution of samba.tests.security with Python 3.
    
    Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Wed Sep  6 15:29:58 CEST 2017 on sn-devel-144

commit c81aff362fe99a65385c6f8337ffcb47c9456829
Author: Lumir Balhar <lbalhar at redhat.com>
Date:   Wed Sep 6 09:27:02 2017 +0200

    python: Fix bad type in conversion of NTSTATUS.
    
    More info: https://lists.samba.org/archive/samba-technical/2017-August/122574.html
    
    Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit 6f877285a3e92029cd761d55836c062a93e94749
Author: Lumir Balhar <lbalhar at redhat.com>
Date:   Tue Aug 8 08:48:28 2017 +0200

    python: Add tests for check_access function from samba.security.
    
    Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit 022aa5ea34c82e3906c626a50a722ad0e9f33a1d
Author: Lumir Balhar <lbalhar at redhat.com>
Date:   Mon May 22 15:21:08 2017 +0200

    python: Port samba.security to Python 3 compatible form.
    
    Signed-off-by: Lumir Balhar <lbalhar at redhat.com>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 libcli/security/pysecurity.c   | 22 +++++++++++++++-------
 libcli/security/wscript_build  | 12 +++++++-----
 python/samba/tests/security.py | 26 ++++++++++++++++++++++++++
 selftest/tests.py              |  2 +-
 source4/libcli/util/pyerrors.h |  2 +-
 5 files changed, 50 insertions(+), 14 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/security/pysecurity.c b/libcli/security/pysecurity.c
index 5dbf95c..7205842 100644
--- a/libcli/security/pysecurity.c
+++ b/libcli/security/pysecurity.c
@@ -18,13 +18,12 @@
 */
 
 #include <Python.h>
+#include "python/py3compat.h"
 #include "includes.h"
 #include "libcli/util/pyerrors.h"
 #include "libcli/security/security.h"
 #include "pytalloc.h"
 
-void initsecurity(void);
-
 static PyObject *py_se_access_check(PyObject *module, PyObject *args, PyObject *kwargs)
 {
 	NTSTATUS nt_status;
@@ -65,7 +64,7 @@ static PyObject *py_se_access_check(PyObject *module, PyObject *args, PyObject *
 		PyErr_NTSTATUS_IS_ERR_RAISE(nt_status);
 	}
 
-	return PyLong_FromLong(access_granted);
+	return PyInt_FromLong(access_granted);
 }
 
 static PyMethodDef py_security_methods[] = {
@@ -74,12 +73,21 @@ static PyMethodDef py_security_methods[] = {
 	{ NULL },
 };
 
-void initsecurity(void)
+static struct PyModuleDef moduledef = {
+	PyModuleDef_HEAD_INIT,
+	.m_name = "security",
+	.m_doc = "Security support.",
+	.m_size = -1,
+	.m_methods = py_security_methods,
+};
+
+MODULE_INIT_FUNC(security)
 {
 	PyObject *m;
 
-	m = Py_InitModule3("security", py_security_methods,
-			   "Security support.");
+	m = PyModule_Create(&moduledef);
 	if (m == NULL)
-		return;
+		return NULL;
+
+	return m;
 }
diff --git a/libcli/security/wscript_build b/libcli/security/wscript_build
index b529ec8..6a6b012 100644
--- a/libcli/security/wscript_build
+++ b/libcli/security/wscript_build
@@ -7,8 +7,10 @@ bld.SAMBA_LIBRARY('samba-security',
                   deps='talloc ndr NDR_SECURITY'
                   )
 
-bld.SAMBA_PYTHON('pysecurity',
-                 source='pysecurity.c',
-                 deps='samba-security pytalloc-util',
-                 realname='samba/security.so'
-                 )
+for env in bld.gen_python_environments():
+    pytalloc_util = bld.pyembed_libname('pytalloc-util')
+    bld.SAMBA_PYTHON('pysecurity',
+                     source='pysecurity.c',
+                     deps='samba-security %s' % pytalloc_util,
+                     realname='samba/security.so'
+                     )
diff --git a/python/samba/tests/security.py b/python/samba/tests/security.py
index d2938aa..e0df912 100644
--- a/python/samba/tests/security.py
+++ b/python/samba/tests/security.py
@@ -19,6 +19,10 @@
 
 import samba.tests
 from samba.dcerpc import security
+from samba.security import access_check
+from samba import ntstatus
+from samba import NTSTATUSError
+
 
 class SecurityTokenTests(samba.tests.TestCase):
 
@@ -141,3 +145,25 @@ class PrivilegeTests(samba.tests.TestCase):
         self.assertEquals(security.SEC_PRIV_SHUTDOWN,
                 security.privilege_id("SeShutdownPrivilege"))
 
+
+class CheckAccessTests(samba.tests.TestCase):
+
+    def test_check_access(self):
+        desc = security.descriptor.from_sddl("O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)", security.dom_sid("S-2-0-0"))
+        token = security.token()
+
+        self.assertEqual(access_check(desc, token, 0), 0)
+
+        params = (
+            (security.SEC_FLAG_SYSTEM_SECURITY,
+             ntstatus.NT_STATUS_PRIVILEGE_NOT_HELD),
+            (security.SEC_STD_READ_CONTROL, ntstatus.NT_STATUS_ACCESS_DENIED)
+        )
+
+        for arg, num in params:
+            try:
+                result = access_check(desc, token, arg)
+            except Exception as e:
+                self.assertTrue(isinstance(e, NTSTATUSError))
+                e_num, e_msg = e.args
+                self.assertEqual(num, e_num)
diff --git a/selftest/tests.py b/selftest/tests.py
index b232153..9d1d9d3 100644
--- a/selftest/tests.py
+++ b/selftest/tests.py
@@ -58,7 +58,7 @@ planpythontestsuite("none", "samba.tests.credentials", py3_compatible=True)
 planpythontestsuite("none", "samba.tests.registry")
 planpythontestsuite("none", "samba.tests.auth", py3_compatible=True)
 planpythontestsuite("none", "samba.tests.get_opt", py3_compatible=True)
-planpythontestsuite("none", "samba.tests.security")
+planpythontestsuite("none", "samba.tests.security", py3_compatible=True)
 planpythontestsuite("none", "samba.tests.dcerpc.misc", py3_compatible=True)
 planpythontestsuite("none", "samba.tests.dcerpc.integer")
 planpythontestsuite("none", "samba.tests.param", py3_compatible=True)
diff --git a/source4/libcli/util/pyerrors.h b/source4/libcli/util/pyerrors.h
index c3b3076..1c91c5a 100644
--- a/source4/libcli/util/pyerrors.h
+++ b/source4/libcli/util/pyerrors.h
@@ -24,7 +24,7 @@
 
 #define PyErr_FromHRESULT(err) Py_BuildValue("(i,s)", HRES_ERROR_V(err), discard_const_p(char, hresult_errstr_const(err)))
 
-#define PyErr_FromNTSTATUS(status) Py_BuildValue("(i,s)", NT_STATUS_V(status), discard_const_p(char, get_friendly_nt_error_msg(status)))
+#define PyErr_FromNTSTATUS(status) Py_BuildValue("(I,s)", NT_STATUS_V(status), discard_const_p(char, get_friendly_nt_error_msg(status)))
 
 #define PyErr_FromString(str) Py_BuildValue("(s)", discard_const_p(char, str))
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list