samba.git/libcli/security/conditional_ace.c, branch talloc-2.4.2 Unnamed repository; edit this file 'description' to name the repository. libcli/security: don't allow conditional ACE SIDs to have trailing bytes 2023-12-14T03:31:37+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-12-13T02:39:33+00:00 a016ce70684e5237764b2432fa182ba8b0af6b0b They should be tightly packed, allowing conditional ACEs to round-trip. Credit to OSS-Fuzz. REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64197 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
They should be tightly packed, allowing conditional ACEs to
round-trip.

Credit to OSS-Fuzz.

REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64197

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: note suboptimality of conditional ACE Contains operators 2023-11-27T23:38:13+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-24T23:55:09+00:00 a757a51a26f664591ab776db99bf48acfa698591 The Contains and Any_of operators could use a sorted comparison like compare_composites_via_sort(), rather than O(n²) nested loops. But that would involve amount of quite fiddly work that I am not starting on now. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Mon Nov 27 23:38:13 UTC 2023 on atb-devel-224 
The Contains and Any_of operators could use a sorted comparison like
compare_composites_via_sort(), rather than O(n²) nested loops. But
that would involve amount of quite fiddly work that I am not starting
on now.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 27 23:38:13 UTC 2023 on atb-devel-224
libcli/security: comparability check: claim members are of one type 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-23T00:03:15+00:00 2eb00c0bba5ed1abaa15c1511c6012da56a78604 We know from the way claims are defined, and from the code that checks sortedness and sets the flag. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
We know from the way claims are defined, and from the code that checks
sortedness and sets the flag.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: shift comparability check to shortcut exits 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-23T00:01:49+00:00 55999b7b7b2b423eea3c26425c09130059bb4fd9 The ordinary comparison path, using the sorted arrays, already implicitly checks for comparability. We only need this when we're leaving early. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
The ordinary comparison path, using the sorted arrays, already implicitly
checks for comparability. We only need this when we're leaving early.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: add shortcuts for conditional ACE compare 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-22T23:47:45+00:00 6c6f25904ee34fc34ce760311197ead6fa64d8ab If the number of members does not match in certain ways we can say the sets are not equal without comparing the members. We first need to check for comparability, though, so that we can return an error if things aren't comparable. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
If the number of members does not match in certain ways we can
say the sets are not equal without comparing the members.

We first need to check for comparability, though, so that we can return
an error if things aren't comparable.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: improve conditional ACE composite comparison 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-10T03:27:45+00:00 8bad19c42e14f0f7d459db41577a950f97306bcc We had the comparison method wrong. Composites are compared as sets or flabby sets, depending on their origin. Until now we compared them as something a bit like sets, but not quite, in a maximally inefficient way. Claims are always sets, and the left hand side is always a claim, but literal composites on the right hand side can be multi-sets (containing duplicate values). When it comes to comparison, composites are reduced down to sets. To do the comparison we sort each side and compare in order. The fact that either side might ask for case-sensitive comparison (if it is a claim) is an interesting complication. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
We had the comparison method wrong. Composites are compared as sets or
flabby sets, depending on their origin. Until now we compared them as
something a bit like sets, but not quite, in a maximally inefficient way.

Claims are always sets, and the left hand side is always a claim, but
literal composites on the right hand side can be multi-sets
(containing duplicate values). When it comes to comparison, composites
are reduced down to sets. To do the comparison we sort each side and
compare in order.

The fact that either side might ask for case-sensitive comparison (if
it is a claim) is an interesting complication.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
lib/security:CA: tokens_are_comparable() accepts NULL operator 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-10T03:15:25+00:00 33d2deec514048f200bfb57a7dd64d6f9876f42a In some circumstances we are going to know general comparability without having an operator around to use. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
In some circumstances we are going to know general comparability
without having an operator around to use.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: CA: tokens_are_comparable() considers the obvious 2023-11-27T22:37:32+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-10T03:13:40+00:00 6e15a20228c78e0f7b74da2fc4bc7edd78b6507f Existing callers already make this check, but we are soon going to use it in contexts that don't. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Existing callers already make this check, but we are soon going to use
it in contexts that don't.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: initialise conditional ACE token flags 2023-11-27T01:12:40+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2023-11-17T03:34:23+00:00 f18ffd11829d2e666348a4932481fd7a267b67be Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
libcli/security: Fix code spelling 2023-10-25T22:23:37+00:00 Joseph Sutton josephsutton@catalyst.net.nz 2023-07-30T22:14:48+00:00 47975ea8964411d7e372fbe2dee34d33f7ed9799 Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>