[SCM] Samba Shared Repository - branch v4-18-test updated

Jule Anger janger at samba.org
Tue Jan 16 10:06:01 UTC 2024


The branch, v4-18-test has been updated
       via  ee2df0bbb34 smbd: move access override for previous versions to the SMB layer
       via  1e108b3ac07 smbd: check for previous versions in check_any_access_fsp()
       via  d3f062e2122 smbd: use check_any_access_fsp() for all access checks
       via  77a71bc9932 smbd: replace CHECK_WRITE() macro with calls to check_any_access_fsp()
       via  15536403f63 smbd: set fsp->fsp_flags.can_write to false for access to previous-versions
       via  8ee0768d6f2 smbd: return correct error when trying to create a hardlink to a VSS file
       via  8c08511f97d smbd: fix check_any_access_fsp() for non-fsa fsps
       via  b775434b7eb smbd: rename check_access_fsp() to check_any_access_fsp()
       via  d87294724e6 smbd: set fsp_flags.is_fsa to true on printer file handles
       via  c8e1d26cea5 smbd: return the correct error in can_rename()
       via  7080c5b4850 smbtorture: expand smb2.twrp.write test
       via  469c91c4133 s4/libcli/raw: implemement RAW_SFILEINFO_LINK_INFORMATION
       via  29f629a155f selftest: remove error_inject from shadow_write share
      from  a9862b23e00 docs-xml: use XML_CATALOG_FILES env var if defined

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -----------------------------------------------------------------
commit ee2df0bbb3429ca2bece2b651e00182453d1b089
Author: Ralph Boehme <slow at samba.org>
Date:   Fri Dec 15 11:59:36 2023 +0100

    smbd: move access override for previous versions to the SMB layer
    
    Doing the previous version access checks and semantics at the SMB
    layer means we can simplify the shadow_copy2 and remove the kludge.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Ralph Böhme <slow at samba.org>
    Autobuild-Date(master): Mon Jan  8 16:58:26 UTC 2024 on atb-devel-224
    
    (backported from commit f14a7065690b00e3c6af2c1f0b0aec51c1e0b372)
    [slow at samba.org: vfs_shadow_copy2.c: no TALLOC_FREE() in context]
    [slow at samba.org: open.c: assign result from calculate_open_access_flags()]
    
    Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
    Autobuild-Date(v4-18-test): Tue Jan 16 10:05:29 UTC 2024 on atb-devel-224

commit 1e108b3ac072ac396fc07f4cb4073217af2877bf
Author: Ralph Boehme <slow at samba.org>
Date:   Wed Dec 20 15:09:59 2023 +0100

    smbd: check for previous versions in check_any_access_fsp()
    
    Now that check_any_access_fsp() is broadly used consistently to
    restrict access for all modifying operations, we can add a check for
    previous versions to check_any_access_fsp() and it gets enforced
    consistently.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit fd4e41144a819b4403340e4a28664ac586722b41)

commit d3f062e21224f720ca724dee740ade5d56748da1
Author: Ralph Boehme <slow at samba.org>
Date:   Wed Dec 20 18:01:57 2023 +0100

    smbd: use check_any_access_fsp() for all access checks
    
    Replaces the direct access to fsp->access_mask with a call to
    check_any_access_fsp() which allows doing additional checks if needed.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (backported from commit 02ed99343d19fd0845531ad99a46b1dd5b8a7a4f)
    [slow at samba.org: vfs_acl_common.c: different chown_needed check]

commit 77a71bc9932acc7e73fe4b89443bf500c0374a98
Author: Ralph Boehme <slow at samba.org>
Date:   Wed Dec 20 18:32:25 2023 +0100

    smbd: replace CHECK_WRITE() macro with calls to check_any_access_fsp()
    
    The additional check if fd underlying fd is valid and not -1 should not be done
    at this place. I actually would prefer an write to fail with EBADF if this
    happens, as it's likely easier to debug why this happened. These days we should
    always have a valid fd.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 995a31c8d4c1789c16bae6b8196f2565d4b1dfdb)

commit 15536403f631e757b8d3db77ea442cb858e03bd3
Author: Ralph Boehme <slow at samba.org>
Date:   Wed Dec 20 18:03:22 2023 +0100

    smbd: set fsp->fsp_flags.can_write to false for access to previous-versions
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit ee3035218df4cfd68b6aab6825c78f2b85234c6c)

commit 8ee0768d6f2c1b79a4ad381f0cef1ae32a9618b7
Author: Ralph Boehme <slow at samba.org>
Date:   Fri Dec 22 11:19:38 2023 +0100

    smbd: return correct error when trying to create a hardlink to a VSS file
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit a0ae45be770a13373c148a689b9761f14c4f942c)

commit 8c08511f97d0915fdc87c77f4c5a815e1dcfb42a
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Dec 21 10:58:09 2023 +0100

    smbd: fix check_any_access_fsp() for non-fsa fsps
    
    smbd_check_access_rights_fsp() requires *all* rights in access_mask to
    be granted by the underlying ACL, but the semantics of this function
    is supposed to grant access if any one of the rights in
    access_requested is allowed.
    
    Fix this by looping over the requested access mask. If
    smbd_check_access_rights_fsp() returns sucess, mask will be non-null
    and when assigned to access_granted, the subsequent check will pass,
    fail otherwise.
    
    I'm not doing an early exit on purpose because a subsequent commit
    adds additional security checks that are done in the subsequent code
    path common for fsa and non-fsa fsps.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit bf497819e61131cfa6469971596af3aa9bd4bb49)

commit b775434b7eb1a08fff283e153817f3e0376c9af8
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Dec 21 10:58:09 2023 +0100

    smbd: rename check_access_fsp() to check_any_access_fsp()
    
    The semantics of the access check in check_access_fsp() itself is to
    allow access if *at least* one or more rights of the rights in
    access_mask are allowed. The name check_any_access_fsp() better
    reflects this.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 96b577c380fa914eb1ffa95849c82bdb88aa1ec6)

commit d87294724e6066870346ff90b16c76fcfd294b9c
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Dec 21 16:27:42 2023 +0100

    smbd: set fsp_flags.is_fsa to true on printer file handles
    
    Printer file handles went through SMB_VFS_CREATE_FILE() and are network
    callable, so it makes sense to set this on them.
    
    This ensures that check_access_fsp() doesn't take the codepath calling
    smbd_check_access_rights_fsp(), but just checks the request rights from
    fsp->access_mask.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 76c8fe16bff36a29fa326355256b50737d04bd85)

commit c8e1d26cea525c6d0642923bf1b5196813145744
Author: Ralph Boehme <slow at samba.org>
Date:   Tue Dec 19 13:06:55 2023 +0100

    smbd: return the correct error in can_rename()
    
    This is what Windows returns for this case.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 276c5bd851ab6ab818a49d9c47f6b96de8024778)

commit 7080c5b4850c39c63e61d458d5928151fa7f1c00
Author: Ralph Boehme <slow at samba.org>
Date:   Fri Dec 15 19:55:23 2023 +0100

    smbtorture: expand smb2.twrp.write test
    
    Test more modifying operations are blocked and access masks are correct.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 537eedfe2a79fba2e1f062f14ba7a0c5f8f70a88)

commit 469c91c4133e18700a19558910449e59957afccd
Author: Ralph Boehme <slow at samba.org>
Date:   Fri Dec 22 10:40:39 2023 +0100

    s4/libcli/raw: implemement RAW_SFILEINFO_LINK_INFORMATION
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688
    
    Signed-off-by: Ralph Boehme <slow at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit c62484bc2c60ebac42635793d94cb8e62629acbf)

commit 29f629a155faae5945414b912a5f248c1d7fd43a
Author: Ralph Boehme <slow at samba.org>
Date:   Thu Dec 21 19:40:21 2023 +0100

    selftest: remove error_inject from shadow_write share
    
    Frankly, I can't remember why I added this as part of bug 13688. The
    goal of the corresponding test is to verify a write on a read-only
    file han