[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Wed Oct 11 00:25:01 UTC 2023
The branch, master has been updated
via 6071220fcb1 libcli: Make debug_unix_user_token() use just one DEBUG statement
via 09c787c34a9 libcli: Make security_token_debug() use just one DEBUG statement
via 1ad84c70fe2 libcli: Convert security_token_debug_privileges() to talloc_asprintf
via a77c6b59395 smbd: is_in_path() deals with a NULL namelist
via a8dd943c11d smbd: Remove a pointless NULL check
via 5130ade6882 smbd: Use SMB_VFS_FSTATAT() instead of SMB_LSTAT()
via d4a05fc1450 smbd: Fix a typo
via 99789537868 vfs: Fix a typo
via 94dcbed38db smbd: Modernize two DBG statements
via e8570f73acd smbd: Reduce indentation, remove a nested if-statement
via d7f5267c2bd libsmb: Remove unused smb2_create_blob_remove()
via 0b38cd8ea77 smbd: Avoid casts in a DBG statement
via 446ae3f8e7c rpc_server3: Avoid a pointless DEBUGADD
via be1cf356ad9 rpc_server3: Remove a duplicate comment
via 768990ec4d3 rpc_netlogon4: Simplify dcesrv_netr_ServerAuthenticate3_helper()
via e2e5ae1eb24 dsdb: Slightly simplify dsdb_trust_get_incoming_passwords()
via 7bc1fa707dc lsa_srv4: Fix a typo
via 770f279ab75 pdb: Slightly simplify pdb_samba_dsdb_set_trusteddom_pw()
via 8cd296e42d6 Remove IS_DOS_*() macros
via b48d7a8e344 libsmb: Expand IS_DOS_DIR() macro
via c23d336ca45 examples: Expand IS_DOS_DIR() macros
via 29895176d29 smbd: Expand IS_DOS_READONLY() macros
via 28295775945 smbd: Expand IS_DOS_ARCHIVE() macros
via 226a7c7bc39 libsmb: Expand IS_DOS_* macros
via 817f68e4a13 smbd: Expand IS_DOS_* macros
from 1fbf08e8120 CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6071220fcb109f93833c45bcc8d8cd24235d6f30
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 13:02:02 2023 +0200
libcli: Make debug_unix_user_token() use just one DEBUG statement
This avoids messing up the debug logs when multiple processes are
writing into the same file.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Oct 11 00:24:58 UTC 2023 on atb-devel-224
commit 09c787c34a9bf3423f5653474eb0ba093e448352
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 12:46:18 2023 +0200
libcli: Make security_token_debug() use just one DEBUG statement
This avoids messing up the debug logs when multiple processes are
writing into the same file.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1ad84c70fe2f45dd8354d60b29ceabccd11c34c8
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 12:39:00 2023 +0200
libcli: Convert security_token_debug_privileges() to talloc_asprintf
Reduces the number of DEBUGADD calls which leads to messed debug logs
between processes.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit a77c6b5939585f73746c8eb6db7b7c103a65f5be
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 1 13:21:09 2023 +0200
smbd: is_in_path() deals with a NULL namelist
Don't need to check in the callers
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit a8dd943c11deb7aed8b59e49f2a540d6eeb6b1a6
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 1 13:18:14 2023 +0200
smbd: Remove a pointless NULL check
boolean short-circuiting already gives us this condition.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5130ade6882bb528de44b1b559bfbd85aea4a27c
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 16:35:47 2023 +0200
smbd: Use SMB_VFS_FSTATAT() instead of SMB_LSTAT()
Use the dirfsp when we have it available
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d4a05fc145062dcf3efdda99645a40473596a2fb
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 12:50:09 2023 +0200
smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 997895378688ad24337ae5084b05e81dfa435cac
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 12:01:13 2023 +0200
vfs: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 94dcbed38dbc094a6b9a961b9dbeedd38aa3d5a6
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 11:37:00 2023 +0200
smbd: Modernize two DBG statements
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e8570f73acddeb348676db0eea6c1bfd4081c647
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 11:33:02 2023 +0200
smbd: Reduce indentation, remove a nested if-statement
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d7f5267c2bdd33f6365799a60619dfe5273e3a09
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 11:23:58 2023 +0200
libsmb: Remove unused smb2_create_blob_remove()
Trivial to re-add if needed.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 0b38cd8ea77f210923851b74de0f6693589be3c2
Author: Volker Lendecke <vl at samba.org>
Date: Thu Aug 31 11:17:02 2023 +0200
smbd: Avoid casts in a DBG statement
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 446ae3f8e7c52db3bb7f82e64dda83ac8d5652ee
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 13:32:38 2023 +0200
rpc_server3: Avoid a pointless DEBUGADD
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit be1cf356ad9defe86db13753e401f40a8f257347
Author: Volker Lendecke <vl at samba.org>
Date: Wed Aug 30 13:28:57 2023 +0200
rpc_server3: Remove a duplicate comment
Review with "git sh -U20"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 768990ec4d3120c3b5cedf35578b75522f694d4a
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 08:26:11 2023 +0200
rpc_netlogon4: Simplify dcesrv_netr_ServerAuthenticate3_helper()
Use a switch/case statement instead of a if/else chain. Easier to read
to me.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e2e5ae1eb24f25eadfae9ce87a88643ee9966eb0
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 08:00:06 2023 +0200
dsdb: Slightly simplify dsdb_trust_get_incoming_passwords()
Use talloc_memdup() instead of a manual copy.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7bc1fa707dcc1cee22b703d6fe53f05150f2ca85
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 07:52:12 2023 +0200
lsa_srv4: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 770f279ab751fb984e6cc8a3f80ae076c8fcad90
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 07:51:27 2023 +0200
pdb: Slightly simplify pdb_samba_dsdb_set_trusteddom_pw()
This is easier to read to me.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8cd296e42d61388d278ab1ecf537159ce1d5c444
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 15:52:22 2023 +0200
Remove IS_DOS_*() macros
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b48d7a8e344476279b7d53bff095256376f07887
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 15:50:29 2023 +0200
libsmb: Expand IS_DOS_DIR() macro
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c23d336ca454dc7c3ed48973727dac0decd160e6
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 15:43:55 2023 +0200
examples: Expand IS_DOS_DIR() macros
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 29895176d2917a7794dd94ffc3d428511c035978
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 15:41:47 2023 +0200
smbd: Expand IS_DOS_READONLY() macros
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 282957759452887daef402d9ec32f247c936f3cd
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 14:03:31 2023 +0200
smbd: Expand IS_DOS_ARCHIVE() macros
Together with the "dosmode | FILE_ATTRIBUTE_ARCHIVE" a line below this
is more obvious to me.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 226a7c7bc3970945bacd7aea85c2de49b9e302ae
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 13:48:09 2023 +0200
libsmb: Expand IS_DOS_* macros
To me these macros hide more than they clarify.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 817f68e4a13d38acc6e9849643a95e35a7ef08e1
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 6 13:42:19 2023 +0200
smbd: Expand IS_DOS_* macros
To me these macros hide more than they clarify. In a lot of places we
already directly check for these flags without those macros. Unify
that.
Also, check for the dosmode bits first, lp_map_* is a bit more effort
to evaluate.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
examples/fuse/clifuse.c | 2 +-
libcli/security/privileges.c | 37 +++++++++-----
libcli/security/privileges.h | 3 +-
libcli/security/security_token.c | 27 +++++++---
libcli/smb/smb2_create_blob.c | 15 ------
libcli/smb/smb2_create_blob.h | 2 -
source3/auth/token_util.c | 31 ++++++++----
source3/include/smb_macros.h | 7 ---
source3/lib/util.c | 2 +-
source3/libsmb/libsmb_stat.c | 12 ++---
source3/libsmb/libsmb_xattr.c | 10 ++--
source3/modules/vfs_acl_common.c | 2 +-
source3/modules/vfs_virusfilter.c | 4 +-
source3/passdb/pdb_samba_dsdb.c | 7 +--
source3/rpc_server/srv_access_check.c | 11 +++--
source3/smbd/dosmode.c | 19 ++++---
source3/smbd/fileio.c | 2 +-
source3/smbd/open.c | 71 ++++++++++++++-------------
source4/dsdb/common/util_trusts.c | 7 ++-
source4/rpc_server/lsa/dcesrv_lsa.c | 2 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 42 +++++++++++-----
21 files changed, 177 insertions(+), 138 deletions(-)
Changeset truncated at 500 lines:
diff --git a/examples/fuse/clifuse.c b/examples/fuse/clifuse.c
index ba4aca751fe..59af1602980 100644
--- a/examples/fuse/clifuse.c
+++ b/examples/fuse/clifuse.c
@@ -370,7 +370,7 @@ static NTSTATUS cli_get_unixattr_recv(struct tevent_req *req,
return status;
}
- if (IS_DOS_DIR(state->mode)) {
+ if (state->mode & FILE_ATTRIBUTE_DIRECTORY) {
st->st_mode = (S_IFDIR | 0555);
st->st_nlink = 2;
} else {
diff --git a/libcli/security/privileges.c b/libcli/security/privileges.c
index acaf0b0fbc0..33debdc1fed 100644
--- a/libcli/security/privileges.c
+++ b/libcli/security/privileges.c
@@ -454,34 +454,45 @@ void security_token_set_right_bit(struct security_token *token, uint32_t right_b
token->rights_mask |= right_bit;
}
-void security_token_debug_privileges(int dbg_class, int dbg_lev, const struct security_token *token)
+char *security_token_debug_privileges(TALLOC_CTX *mem_ctx,
+ const struct security_token *token)
{
- DEBUGADDC(dbg_class, dbg_lev, (" Privileges (0x%16llX):\n",
- (unsigned long long) token->privilege_mask));
+ char *s = NULL;
+
+ s = talloc_asprintf(mem_ctx,
+ " Privileges (0x%16" PRIX64 "):\n",
+ token->privilege_mask);
if (token->privilege_mask) {
size_t idx = 0;
- int i = 0;
+ size_t i = 0;
for (idx = 0; idx<ARRAY_SIZE(privs); idx++) {
if (token->privilege_mask & privs[idx].privilege_mask) {
- DEBUGADDC(dbg_class, dbg_lev,
- (" Privilege[%3lu]: %s\n", (unsigned long)i++,
- privs[idx].name));
+ talloc_asprintf_addbuf(
+ &s,
+ " Privilege[%3zu]: %s\n",
+ i++,
+ privs[idx].name);
}
}
}
- DEBUGADDC(dbg_class, dbg_lev, (" Rights (0x%16lX):\n",
- (unsigned long) token->rights_mask));
+
+ talloc_asprintf_addbuf(&s,
+ " Rights (0x%16" PRIX32 "):\n",
+ token->rights_mask);
if (token->rights_mask) {
size_t idx = 0;
- int i = 0;
+ size_t i = 0;
for (idx = 0; idx<ARRAY_SIZE(rights); idx++) {
if (token->rights_mask & rights[idx].right_mask) {
- DEBUGADDC(dbg_class, dbg_lev,
- (" Right[%3lu]: %s\n", (unsigned long)i++,
- rights[idx].name));
+ talloc_asprintf_addbuf(&s,
+ " Right[%3zu]: %s\n",
+ i++,
+ rights[idx].name);
}
}
}
+
+ return s;
}
diff --git a/libcli/security/privileges.h b/libcli/security/privileges.h
index 2224543d25a..e9dab113712 100644
--- a/libcli/security/privileges.h
+++ b/libcli/security/privileges.h
@@ -110,6 +110,7 @@ void security_token_set_privilege(struct security_token *token, enum sec_privile
*/
void security_token_set_right_bit(struct security_token *token, uint32_t right_bit);
-void security_token_debug_privileges(int dbg_class, int dbg_lev, const struct security_token *token);
+char *security_token_debug_privileges(TALLOC_CTX *mem_ctx,
+ const struct security_token *token);
#endif /* PRIVILEGES_H */
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c
index 060c3ee82a0..79de6e3b31b 100644
--- a/libcli/security/security_token.c
+++ b/libcli/security/security_token.c
@@ -30,6 +30,7 @@
#include "libcli/security/dom_sid.h"
#include "libcli/security/privileges.h"
#include "librpc/gen_ndr/ndr_security.h"
+#include "lib/util/talloc_stack.h"
/*
return a blank security token
@@ -104,24 +105,36 @@ struct security_token *security_token_duplicate(TALLOC_CTX *mem_ctx, const struc
****************************************************************************/
void security_token_debug(int dbg_class, int dbg_lev, const struct security_token *token)
{
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *sids = NULL;
+ char *privs = NULL;
uint32_t i;
if (!token) {
DEBUGC(dbg_class, dbg_lev, ("Security token: (NULL)\n"));
+ TALLOC_FREE(frame);
return;
}
- DEBUGC(dbg_class, dbg_lev, ("Security token SIDs (%"PRIu32"):\n",
- token->num_sids));
+ sids = talloc_asprintf(frame,
+ "Security token SIDs (%" PRIu32 "):\n",
+ token->num_sids);
for (i = 0; i < token->num_sids; i++) {
struct dom_sid_buf sidbuf;
- DEBUGADDC(dbg_class,
- dbg_lev,
- (" SID[%3"PRIu32"]: %s\n", i,
- dom_sid_str_buf(&token->sids[i], &sidbuf)));
+ talloc_asprintf_addbuf(
+ &sids,
+ " SID[%3" PRIu32 "]: %s\n",
+ i,
+ dom_sid_str_buf(&token->sids[i], &sidbuf));
}
- security_token_debug_privileges(dbg_class, dbg_lev, token);
+ privs = security_token_debug_privileges(frame, token);
+
+ DEBUGC(dbg_class,
+ dbg_lev,
+ ("%s%s", sids ? sids : "(NULL)", privs ? privs : "(NULL)"));
+
+ TALLOC_FREE(frame);
}
/* These really should be cheaper... */
diff --git a/libcli/smb/smb2_create_blob.c b/libcli/smb/smb2_create_blob.c
index ecd61e0c9b2..57c7a9d1150 100644
--- a/libcli/smb/smb2_create_blob.c
+++ b/libcli/smb/smb2_create_blob.c
@@ -225,18 +225,3 @@ struct smb2_create_blob *smb2_create_blob_find(const struct smb2_create_blobs *b
return NULL;
}
-
-void smb2_create_blob_remove(struct smb2_create_blobs *b, const char *tag)
-{
- struct smb2_create_blob *blob = smb2_create_blob_find(b, tag);
-
- if (blob == NULL) {
- return;
- }
-
- TALLOC_FREE(blob->tag);
- data_blob_free(&blob->data);
-
- *blob = b->blobs[b->num_blobs-1];
- b->num_blobs -= 1;
-}
diff --git a/libcli/smb/smb2_create_blob.h b/libcli/smb/smb2_create_blob.h
index d6dac5e05be..642695a752c 100644
--- a/libcli/smb/smb2_create_blob.h
+++ b/libcli/smb/smb2_create_blob.h
@@ -72,6 +72,4 @@ NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, struct smb2_create_blobs *b,
struct smb2_create_blob *smb2_create_blob_find(const struct smb2_create_blobs *b,
const char *tag);
-void smb2_create_blob_remove(struct smb2_create_blobs *b, const char *tag);
-
#endif /* _LIBCLI_SMB_SMB2_CREATE_BLOB_H_ */
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index aac5749a815..e93ec30421f 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -888,16 +888,29 @@ NTSTATUS finalize_local_nt_token(struct security_token *result,
void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid,
int n_groups, gid_t *groups)
{
+ TALLOC_CTX *frame = talloc_stackframe();
+ char *s = NULL;
int i;
- DEBUGC(dbg_class, dbg_lev,
- ("UNIX token of user %ld\n", (long int)uid));
-
- DEBUGADDC(dbg_class, dbg_lev,
- ("Primary group is %ld and contains %i supplementary "
- "groups\n", (long int)gid, n_groups));
- for (i = 0; i < n_groups; i++)
- DEBUGADDC(dbg_class, dbg_lev, ("Group[%3i]: %ld\n", i,
- (long int)groups[i]));
+
+ s = talloc_asprintf(frame,
+ "UNIX token of user %ld\n",
+ (long int)uid);
+
+ talloc_asprintf_addbuf(
+ &s,
+ "Primary group is %ld and contains %i supplementary "
+ "groups\n",
+ (long int)gid,
+ n_groups);
+ for (i = 0; i < n_groups; i++) {
+ talloc_asprintf_addbuf(&s,
+ "Group[%3i]: %ld\n",
+ i,
+ (long int)groups[i]);
+ }
+
+ DEBUGC(dbg_class, dbg_lev, ("%s", s ? s : "(NULL)"));
+ TALLOC_FREE(frame);
}
/*
diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h
index 42ff9ffb0d4..f9aaf786ed3 100644
--- a/source3/include/smb_macros.h
+++ b/source3/include/smb_macros.h
@@ -27,13 +27,6 @@
#define BOOLSTR(b) ((b) ? "Yes" : "No")
#define BITSETW(ptr,bit) ((SVAL(ptr,0) & (1<<(bit)))!=0)
-/* for readability... */
-#define IS_DOS_READONLY(test_mode) (((test_mode) & FILE_ATTRIBUTE_READONLY) != 0)
-#define IS_DOS_DIR(test_mode) (((test_mode) & FILE_ATTRIBUTE_DIRECTORY) != 0)
-#define IS_DOS_ARCHIVE(test_mode) (((test_mode) & FILE_ATTRIBUTE_ARCHIVE) != 0)
-#define IS_DOS_SYSTEM(test_mode) (((test_mode) & FILE_ATTRIBUTE_SYSTEM) != 0)
-#define IS_DOS_HIDDEN(test_mode) (((test_mode) & FILE_ATTRIBUTE_HIDDEN) != 0)
-
/* these are useful macros for checking validity of handles */
#define IS_IPC(conn) ((conn) && (conn)->ipc)
#define IS_PRINT(conn) ((conn) && (conn)->printer)
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 93c01b862b3..b6305da91ed 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -733,7 +733,7 @@ bool is_in_path(const char *name, name_compare_entry *namelist, bool case_sensit
const char *last_component;
/* if we have no list it's obviously not in the path */
- if((namelist == NULL ) || ((namelist != NULL) && (namelist[0].name == NULL))) {
+ if ((namelist == NULL) || (namelist[0].name == NULL)) {
return False;
}
diff --git a/source3/libsmb/libsmb_stat.c b/source3/libsmb/libsmb_stat.c
index f25ee8f89a3..ae18f594647 100644
--- a/source3/libsmb/libsmb_stat.c
+++ b/source3/libsmb/libsmb_stat.c
@@ -58,22 +58,22 @@ void setup_stat(struct stat *st,
{
st->st_mode = 0;
- if (IS_DOS_DIR(attr)) {
+ if (attr & FILE_ATTRIBUTE_DIRECTORY) {
st->st_mode = (S_IFDIR | 0555);
} else {
st->st_mode = (S_IFREG | 0444);
}
- if (IS_DOS_ARCHIVE(attr)) {
+ if (attr & FILE_ATTRIBUTE_ARCHIVE) {
st->st_mode |= S_IXUSR;
}
- if (IS_DOS_SYSTEM(attr)) {
+ if (attr & FILE_ATTRIBUTE_SYSTEM) {
st->st_mode |= S_IXGRP;
}
- if (IS_DOS_HIDDEN(attr)) {
+ if (attr & FILE_ATTRIBUTE_HIDDEN) {
st->st_mode |= S_IXOTH;
}
- if (!IS_DOS_READONLY(attr)) {
+ if (!(attr & FILE_ATTRIBUTE_READONLY)) {
st->st_mode |= S_IWUSR;
}
@@ -90,7 +90,7 @@ void setup_stat(struct stat *st,
st->st_uid = getuid();
st->st_gid = getgid();
- if (IS_DOS_DIR(attr)) {
+ if (attr & FILE_ATTRIBUTE_DIRECTORY) {
st->st_nlink = 2;
} else {
st->st_nlink = 1;
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 1aab4dd47dc..77a215c1f54 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -629,11 +629,11 @@ dos_attr_parse(SMBCCTX *context,
if (strncasecmp_m(tok, "MODE:", 5) == 0) {
long request = strtol(tok+5, NULL, 16);
if (request == 0) {
- dad->mode = (request |
- (IS_DOS_DIR(dad->mode)
- ? FILE_ATTRIBUTE_DIRECTORY
- : FILE_ATTRIBUTE_NORMAL));
- } else {
+ dad->mode =
+ (dad->mode & FILE_ATTRIBUTE_DIRECTORY)
+ ? FILE_ATTRIBUTE_DIRECTORY
+ : FILE_ATTRIBUTE_NORMAL;
+ } else {
dad->mode = request;
}
continue;
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 341806b09a4..daad612e565 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -449,7 +449,7 @@ static NTSTATUS validate_nt_acl_blob(TALLOC_CTX *mem_ctx,
switch (xattr_version) {
case 1:
case 2:
- /* These xattr types are unilatteral, they do not
+ /* These xattr types are unilateral, they do not
* require confirmation of the hash. In particular,
* the NTVFS file server uses version 1, but
* 'samba-tool ntacl' can set these as well */
diff --git a/source3/modules/vfs_virusfilter.c b/source3/modules/vfs_virusfilter.c
index b24cc0ea9a9..ea1886d85c8 100644
--- a/source3/modules/vfs_virusfilter.c
+++ b/source3/modules/vfs_virusfilter.c
@@ -1495,9 +1495,7 @@ static int virusfilter_vfs_close(
return close_result;
}
- if (config->exclude_files && is_in_path(fname,
- config->exclude_files, false))
- {
+ if (is_in_path(fname, config->exclude_files, false)) {
DBG_INFO("Not scanned: exclude files: %s/%s\n",
cwd_fname, fname);
return close_result;
diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
index 7e96c863314..ef90ab7342b 100644
--- a/source3/passdb/pdb_samba_dsdb.c
+++ b/source3/passdb/pdb_samba_dsdb.c
@@ -2723,12 +2723,7 @@ static bool pdb_samba_dsdb_set_trusteddom_pw(struct pdb_methods *m,
}
for (i = 0; i < old_blob.current.count; i++) {
- struct AuthenticationInformation *o =
- &old_blob.current.array[i];
- struct AuthenticationInformation *p =
- &new_blob.previous.array[i];
-
- *p = *o;
+ new_blob.previous.array[i] = old_blob.current.array[i];
new_blob.previous.count++;
}
for (; i < new_blob.count; i++) {
diff --git a/source3/rpc_server/srv_access_check.c b/source3/rpc_server/srv_access_check.c
index a4a58b2c7ae..23d9252a0b7 100644
--- a/source3/rpc_server/srv_access_check.c
+++ b/source3/rpc_server/srv_access_check.c
@@ -71,8 +71,6 @@ NTSTATUS access_check_object( struct security_descriptor *psd, struct security_t
is_root = true;
}
- /* Check if we are root */
-
/* check privileges; certain SAM access bits should be overridden
by privileges (mostly having to do with creating/modifying/deleting
users and groups) */
@@ -95,9 +93,12 @@ NTSTATUS access_check_object( struct security_descriptor *psd, struct security_t
}
if (is_system || is_root) {
- DEBUG(4,("%s: ACCESS should be DENIED (requested: %#010x)\n", debug, des_access));
- DEBUGADD(4,("but overritten by %s\n",
- is_root ? "euid == initial uid" : "system token"));
+ DEBUG(4,
+ ("%s: ACCESS should be DENIED (requested: %#010x)\n"
+ "but overritten by %s\n",
+ debug,
+ des_access,
+ is_root ? "euid == initial uid" : "system token"));
priv_granted = true;
*acc_granted = des_access;
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c
index dec1a22edd0..54108910004 100644
--- a/source3/smbd/dosmode.c
+++ b/source3/smbd/dosmode.c
@@ -112,7 +112,8 @@ mode_t unix_mode(connection_struct *conn, int dosmode,
mode_t dir_mode = 0; /* Mode of the inherit_from directory if
* inheriting. */
- if (!lp_store_dos_attributes(SNUM(conn)) && IS_DOS_READONLY(dosmode)) {
+ if ((dosmode & FILE_ATTRIBUTE_READONLY) &&
+ !lp_store_dos_attributes(SNUM(conn))) {
result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
}
@@ -140,7 +141,7 @@ mode_t unix_mode(connection_struct *conn, int dosmode,
result = 0;
}
- if (IS_DOS_DIR(dosmode)) {
+ if (dosmode & FILE_ATTRIBUTE_DIRECTORY) {
/* We never make directories read only for the owner as under DOS a user
can always create a file in a read-only directory. */
result |= (S_IFDIR | S_IWUSR);
@@ -158,14 +159,20 @@ mode_t unix_mode(connection_struct *conn, int dosmode,
result |= lp_force_directory_mode(SNUM(conn));
}
} else {
- if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
+ if ((dosmode & FILE_ATTRIBUTE_ARCHIVE) &&
+ lp_map_archive(SNUM(conn))) {
result |= S_IXUSR;
+ }
- if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
+ if ((dosmode & FILE_ATTRIBUTE_SYSTEM) &&
+ lp_map_system(SNUM(conn))) {
result |= S_IXGRP;
+ }
- if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
+ if ((dosmode & FILE_ATTRIBUTE_HIDDEN) &&
+ lp_map_hidden(SNUM(conn))) {
result |= S_IXOTH;
+ }
if (dir_mode) {
/* Inherit 666 component of parent directory mode */
@@ -979,7 +986,7 @@ int file_set_dosmode(connection_struct *conn,
/* if we previously had any w bits set then leave them alone
whilst adding in the new w bits, if the new mode is not rdonly */
- if (!IS_DOS_READONLY(dosmode)) {
+ if (!(dosmode & FILE_ATTRIBUTE_READONLY)) {
unixmode |= (smb_fname->st.st_ex_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
}
diff --git a/source3/smbd/fileio.c b/source3/smbd/fileio.c
index e5de8272734..3b3d3a5fcd9 100644
--- a/source3/smbd/fileio.c
+++ b/source3/smbd/fileio.c
@@ -246,7 +246,7 @@ void mark_file_modified(files_struct *fsp)
}
dosmode = fdos_mode(fsp);
- if (IS_DOS_ARCHIVE(dosmode)) {
+ if (dosmode & FILE_ATTRIBUTE_ARCHIVE) {
return;
}
file_set_dosmode(fsp->conn, fsp->fsp_name,
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0b27f8493c8..14434ba6832 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -464,7 +464,7 @@ static NTSTATUS check_base_file_access(struct files_struct *fsp,
return NT_STATUS_ACCESS_DENIED;
}
dosattrs = fdos_mode(fsp);
- if (IS_DOS_READONLY(dosattrs)) {
+ if (dosattrs & FILE_ATTRIBUTE_READONLY) {
return NT_STATUS_ACCESS_DENIED;
}
}
@@ -1603,7 +1603,7 @@ static NTSTATUS open_file(
* There is only one legit case where end up here:
* openat_pathref_fsp() failed to open a symlink, so the
* fsp was created by fsp_new() which doesn't set
- * is_pathref. Other then that, we should always have a
+ * is_pathref. Other than that, we should always have a
* pathref fsp at this point. The subsequent checks
* assert this.
*/
@@ -1670,9 +1670,9 @@ static NTSTATUS open_file(
fsp->fsp_flags.modified = false;
fsp->sent_oplock_break = NO_BREAK_SENT;
fsp->fsp_flags.is_directory = false;
- if (conn->aio_write_behind_list &&
- is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
- posix_open ? true: conn->case_sensitive)) {
+ if (is_in_path(smb_fname->base_name,
+ conn->aio_write_behind_list,
+ posix_open ? true : conn->case_sensitive)) {
fsp->fsp_flags.aio_write_behind = true;
}
@@ -3512,7 +3512,7 @@ static NTSTATUS smbd_calculate_maximum_allowed_access_fsp(
}
dosattrs = fdos_mode(fsp);
- if (IS_DOS_READONLY(dosattrs) || !CAN_WRITE(fsp->conn)) {
+ if ((dosattrs & FILE_ATTRIBUTE_READONLY) || !CAN_WRITE(fsp->conn)) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list