samba.git/python, branch talloc-2.4.4 Unnamed repository; edit this file 'description' to name the repository. setup:adprep: Import the latest {Domain-Wide,Forest-Wide,Read-Only-Domain-Controller,Schema}-Updates.md 2025-08-27T03:41:36+00:00 Jennifer Sutton jennifersutton@catalyst.net.nz 2025-06-17T05:04:45+00:00 10d0d9700654b6f83611bcf927689528b7009093 Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:samba: Raise an exception if we can’t parse a Markdown operation 2025-08-27T03:41:36+00:00 Jennifer Sutton jennifersutton@catalyst.net.nz 2025-08-12T00:26:52+00:00 32bfbc788d2fd161569f2ac3c192667a3cd196a9 Otherwise we would continue with the wrong GUID and filename. Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Otherwise we would continue with the wrong GUID and filename.

Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
schema: Add Validated-Write-Computer Extended Right from Windows Server 2016 2025-08-27T03:41:36+00:00 Jennifer Sutton jennifersutton@catalyst.net.nz 2025-06-17T04:22:56+00:00 5934b746adc80e39521eb69361374c905dc9870a Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
tests/krb5: Remove redundant line 2025-08-27T03:41:36+00:00 Jennifer Sutton jennifersutton@catalyst.net.nz 2025-06-10T00:43:21+00:00 264faeaea05175b58a6df87f7433707de010e4b5 Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:tarfile: notes about extraction_filter 2025-08-26T23:43:08+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2025-08-22T04:23:16+00:00 0aee889f5548e2cae596ab84e0d39780f9844735 a reminder to delete. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Tue Aug 26 23:43:08 UTC 2025 on atb-devel-224 
a reminder to delete.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Tue Aug 26 23:43:08 UTC 2025 on atb-devel-224
pytest: safe_tarfile: accept NotADirectoryError as bad path rejection 2025-08-26T22:42:39+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2025-08-22T03:24:34+00:00 7a5b22e4221ea2a0960a26cf79339168f0899d0c After recent upstream Python fixes for various path escape and symlink CVEs in tarfile, in particular this commit: commit 3612d8f51741b11f36f8fb0494d79086bac9390a Author: Łukasz Langa <lukasz@langa.pl> Date: Tue Jun 3 12:42:11 2025 +0200 gh-135034: Normalize link targets in tarfile, add `os.path.realpath(strict='allow_missing')` (#135037) Addresses CVEs 2024-12718, 2025-4138, 2025-4330, and 2025-4517. Signed-off-by: Łukasz Langa <lukasz@langa.pl> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> Co-authored-by: Petr Viktorin <encukou@gmail.com> Co-authored-by: Seth Michael Larson <seth@python.org> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Serhiy Storchaka <storchaka@gmail.com> our ../../ test that looks for a tarfile.OutsideDestinationError now meets a NotADirectoryError in recent Python versions (this from 3.13, Fedora 42): UNEXPECTED(error): samba.tests.safe_tarfile.samba.tests.safe_tarfile.SafeTarFileTestCase.test_dots(none) REASON: Exception: Exception: Traceback (most recent call last): File "/tmp/samba-testbase/b1/samba-o3/bin/python/samba/tests/safe_tarfile.py", line 48, in test_dots self.assertRaises(tarfile.OutsideDestinationError, ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ stf.extractall, ^^^^^^^^^^^^^^^ tarname) ^^^^^^^^ File "/usr/lib64/python3.13/unittest/case.py", line 795, in assertRaises return context.handle('assertRaises', args, kwargs) ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib64/python3.13/unittest/case.py", line 238, in handle callable_obj(*args, **kwargs) ~~~~~~~~~~~~^^^^^^^^^^^^^^^^^ File "/usr/lib64/python3.13/tarfile.py", line 2343, in extractall tarinfo, unfiltered = self._get_extract_tarinfo( ~~~~~~~~~~~~~~~~~~~~~~~~~^ member, filter_function, path) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib64/python3.13/tarfile.py", line 2432, in _get_extract_tarinfo self._handle_fatal_error(e) ~~~~~~~~~~~~~~~~~~~~~~~~^^^ File "/usr/lib64/python3.13/tarfile.py", line 2430, in _get_extract_tarinfo filtered = filter_function(unfiltered, path) File "/usr/lib64/python3.13/tarfile.py", line 842, in tar_filter new_attrs = _get_filtered_attrs(member, dest_path, False) File "/usr/lib64/python3.13/tarfile.py", line 783, in _get_filtered_attrs target_path = os.path.realpath(os.path.join(dest_path, name), strict=os.path.ALLOW_MISSING) File "<frozen posixpath>", line 457, in realpath NotADirectoryError: [Errno 20] Not a directory: '/tmp/samba-testbase/b1/samba-o3/bin/ab/tmp/tmpbn6e69ci/tar.tar' In this commit, we say that a NotADirectoryError is OK. When we started safe_tarfile we were acting in advance of upstream Python, but now they are well ahead of us. If we trust their work in recent versions and accept the error conditions they choose, we can more easily get rid of our safe_tarfile when the time is right. For the moment we still support as far back as Python 3.6 for some old enterprise distros, and it is for those that we continue to maintain safe_tarfile. In versions before 3.11 we will see tarfile.ExtractError, and the test for that is unaffected by this change. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
After recent upstream Python fixes for various path escape and symlink
CVEs in tarfile, in particular this commit:

  commit 3612d8f51741b11f36f8fb0494d79086bac9390a
  Author: Łukasz Langa <lukasz@langa.pl>
  Date:   Tue Jun 3 12:42:11 2025 +0200

  gh-135034: Normalize link targets in tarfile, add `os.path.realpath(strict='allow_missing')` (#135037)

  Addresses CVEs 2024-12718, 2025-4138, 2025-4330, and 2025-4517.

  Signed-off-by: Łukasz Langa <lukasz@langa.pl>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
  Co-authored-by: Petr Viktorin <encukou@gmail.com>
  Co-authored-by: Seth Michael Larson <seth@python.org>
  Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com>
  Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

our ../../ test that looks for a tarfile.OutsideDestinationError now
meets a NotADirectoryError in recent Python versions (this from 3.13,
Fedora 42):

UNEXPECTED(error): samba.tests.safe_tarfile.samba.tests.safe_tarfile.SafeTarFileTestCase.test_dots(none)
REASON: Exception: Exception: Traceback (most recent call last):
  File "/tmp/samba-testbase/b1/samba-o3/bin/python/samba/tests/safe_tarfile.py", line 48, in test_dots
    self.assertRaises(tarfile.OutsideDestinationError,
    ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                      stf.extractall,
                      ^^^^^^^^^^^^^^^
                      tarname)
                      ^^^^^^^^
  File "/usr/lib64/python3.13/unittest/case.py", line 795, in assertRaises
    return context.handle('assertRaises', args, kwargs)
           ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.13/unittest/case.py", line 238, in handle
    callable_obj(*args, **kwargs)
    ~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.13/tarfile.py", line 2343, in extractall
    tarinfo, unfiltered = self._get_extract_tarinfo(
                          ~~~~~~~~~~~~~~~~~~~~~~~~~^
        member, filter_function, path)
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.13/tarfile.py", line 2432, in _get_extract_tarinfo
    self._handle_fatal_error(e)
    ~~~~~~~~~~~~~~~~~~~~~~~~^^^
  File "/usr/lib64/python3.13/tarfile.py", line 2430, in _get_extract_tarinfo
    filtered = filter_function(unfiltered, path)
  File "/usr/lib64/python3.13/tarfile.py", line 842, in tar_filter
    new_attrs = _get_filtered_attrs(member, dest_path, False)
  File "/usr/lib64/python3.13/tarfile.py", line 783, in _get_filtered_attrs
    target_path = os.path.realpath(os.path.join(dest_path, name),
                                   strict=os.path.ALLOW_MISSING)
  File "<frozen posixpath>", line 457, in realpath
NotADirectoryError: [Errno 20] Not a directory: '/tmp/samba-testbase/b1/samba-o3/bin/ab/tmp/tmpbn6e69ci/tar.tar'

In this commit, we say that a NotADirectoryError is OK.

When we started safe_tarfile we were acting in advance of upstream
Python, but now they are well ahead of us. If we trust their work in
recent versions and accept the error conditions they choose, we can
more easily get rid of our safe_tarfile when the time is right.

For the moment we still support as far back as Python 3.6 for some old
enterprise distros, and it is for those that we continue to maintain
safe_tarfile. In versions before 3.11 we will see
tarfile.ExtractError, and the test for that is unaffected by this
change.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
python:build: do not allow sizeof(int) != 4 2025-08-26T22:42:39+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2025-05-29T00:58:48+00:00 812998b15ff9130d8f7139e20ac61ac75e68eff0 A non-32 bit int will (if the compiler allows it) result in code where we write into memory adjacent to a target uint32_t value in many python bindings using the python arg-parsing API. The more correct thing to do would be to always parse into an unsigned long long and error if it is greater than UINT32_MAX, but we do this in so many places that there is reason to believe we'll just keep adding more. Note, we already check in lib/replace/wscript that int is at least 32 bits; here we are effectively just checking that it is not more. There was apparently a version of 64 bit Solaris in the 1990s that had 64 bit ints. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz> 
A non-32 bit int will (if the compiler allows it) result in code
where we write into memory adjacent to a target uint32_t value in
many python bindings using the python arg-parsing API. The more
correct thing to do would be to always parse into an unsigned long
long and error if it is greater than UINT32_MAX, but we do this in
so many places that there is reason to believe we'll just keep
adding more.

Note, we already check in lib/replace/wscript that int is at least
32 bits; here we are effectively just checking that it is not more.

There was apparently a version of 64 bit Solaris in the 1990s that
had 64 bit ints.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
auth:creds: Make sure to uppercase the realm of a principal 2025-08-25T11:03:38+00:00 Andreas Schneider asn@samba.org 2025-08-06T14:33:21+00:00 5879410caf9303a378f3d90365e60928a735e65a BUG: https://bugzilla.samba.org/show_bug.cgi?id=15893 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15893

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
pytest:samba-tool group: remove unused imports 2025-08-20T05:35:03+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2025-08-01T04:25:13+00:00 246ce57e52e76b3e4b190a6b93309b3a8b938dde Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Wed Aug 20 05:35:03 UTC 2025 on atb-devel-224 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Aug 20 05:35:03 UTC 2025 on atb-devel-224
pytest: run user_keytrust tests as computer keytrust tests 2025-08-20T04:34:37+00:00 Douglas Bagnall douglas.bagnall@catalyst.net.nz 2025-08-17T09:59:07+00:00 624a8c2261cfcb84e0080b19c2a6bb48f8c40750 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>