Auto update vendored Samba code (#779)

ubuntu · Sep 4, 2023 · f3c8203 · f3c8203
2 parents 4b86d9e + 1dfbf46
commit f3c8203
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 33 deletions.
diff --git a/.github/samba/python/samba/gp/gp_cert_auto_enroll_ext.py b/.github/samba/python/samba/gp/gp_cert_auto_enroll_ext.py
@@ -264,7 +264,7 @@ def update_ca_command():
 
 def changed(new_data, old_data):
     """Return True if any key present in both dicts has changed."""
-    return any((new_data[k] != old_data[k] if k in old_data else False) \
+    return any((new_data[k] != old_data[k] if k in old_data else False)
             for k in new_data.keys())
 
 def cert_enroll(ca, ldb, trust_dir, private_dir, auth='Kerberos'):
@@ -335,7 +335,7 @@ def cert_enroll(ca, ldb, trust_dir, private_dir, auth='Kerberos'):
 
 class gp_cert_auto_enroll_ext(gp_pol_ext, gp_applier):
     def __str__(self):
-        return 'Cryptography\AutoEnrollment'
+        return r'Cryptography\AutoEnrollment'
 
     def unapply(self, guid, attribute, value):
         ca_cn = base64.b64decode(attribute)
@@ -387,7 +387,7 @@ def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
 
         for gpo in changed_gpo_list:
             if gpo.file_sys_path:
-                section = 'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
+                section = r'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
                 pol_file = 'MACHINE/Registry.pol'
                 path = os.path.join(gpo.file_sys_path, pol_file)
                 pol_conf = self.parse(path)
@@ -407,7 +407,7 @@ def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
                                                      trust_dir, private_dir)
 
                             # Cleanup any old CAs that have been removed
-                            ca_attrs = [base64.b64encode(n.encode()).decode() \
+                            ca_attrs = [base64.b64encode(n.encode()).decode()
                                     for n in ca_names]
                             self.clean(gpo.name, keep=ca_attrs)
                         else:
@@ -507,7 +507,7 @@ def __enroll(self, guid, entries, trust_dir, private_dir):
     def rsop(self, gpo):
         output = {}
         pol_file = 'MACHINE/Registry.pol'
-        section = 'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
+        section = r'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
         if gpo.file_sys_path:
             path = os.path.join(gpo.file_sys_path, pol_file)
             pol_conf = self.parse(path)

diff --git a/.github/samba/python/samba/gp/gpclass.py b/.github/samba/python/samba/gp/gpclass.py
@@ -21,7 +21,7 @@
 import tdb
 import pwd
 sys.path.insert(0, "bin/python")
-from samba import NTSTATUSError, WERRORError
+from samba import WERRORError
 from configparser import ConfigParser
 from io import StringIO
 import traceback
@@ -33,12 +33,10 @@
 from samba.dcerpc import nbt
 from samba.samba3 import libsmb_samba_internal as libsmb
 import samba.gpo as gpo
-from samba.param import LoadParm
 from uuid import UUID
 from tempfile import NamedTemporaryFile
 from samba.dcerpc import preg
-from samba.dcerpc import misc
-from samba.ndr import ndr_pack, ndr_unpack
+from samba.ndr import ndr_unpack
 from samba.credentials import SMB_SIGNING_REQUIRED
 from samba.gp.util.logging import log
 from hashlib import blake2b
@@ -47,7 +45,7 @@
 from samba.samdb import SamDB
 from samba.auth import system_session
 import ldb
-from samba.dsdb import UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT, GPLINK_OPT_ENFORCE, GPLINK_OPT_DISABLE, GPO_INHERIT, GPO_BLOCK_INHERITANCE
+from samba.dsdb import UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT, GPLINK_OPT_ENFORCE, GPLINK_OPT_DISABLE, GPO_BLOCK_INHERITANCE
 from samba.auth import AUTH_SESSION_INFO_DEFAULT_GROUPS, AUTH_SESSION_INFO_AUTHENTICATED, AUTH_SESSION_INFO_SIMPLE_PRIVILEGES
 from samba.dcerpc import security
 import samba.security
@@ -359,25 +357,28 @@ def rsop(self, gpo):
 
 class gp_inf_ext(gp_ext):
     def read(self, data_file):
-        policy = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            policy = f.read()
         inf_conf = ConfigParser(interpolation=None)
         inf_conf.optionxform = str
         try:
-            inf_conf.readfp(StringIO(policy.decode()))
+            inf_conf.read_file(StringIO(policy.decode()))
         except UnicodeDecodeError:
-            inf_conf.readfp(StringIO(policy.decode('utf-16')))
+            inf_conf.read_file(StringIO(policy.decode('utf-16')))
         return inf_conf
 
 
 class gp_pol_ext(gp_ext):
     def read(self, data_file):
-        raw = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            raw = f.read()
         return ndr_unpack(preg.file, raw)
 
 
 class gp_xml_ext(gp_ext):
     def read(self, data_file):
-        raw = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            raw = f.read()
         try:
             return etree.fromstring(raw.decode())
         except UnicodeDecodeError:
@@ -586,7 +587,7 @@ def apply(self, guid, attribute, value_hash, applier_func, *args, sep=':'):
         old_val = self.cache_get_attribute_value(guid, attribute)
         # Ignore removal if this policy is applied and hasn't changed
         old_val_hash, old_val_files = self.__parse_value(old_val, sep)
-        if (old_val_hash != value_hash or \
+        if (old_val_hash != value_hash or
                 self.cache_get_apply_state() == GPOSTATE.ENFORCE) or \
                 not all([os.path.exists(f) for f in old_val_files]):
             self.unapply(guid, attribute, old_val_files)
@@ -711,7 +712,7 @@ def get_gpo_link(samdb, link_dn):
                        '(objectclass=*)', ['gPLink', 'gPOptions'])
     if res.count != 1:
         raise ldb.LdbError(ldb.ERR_NO_SUCH_OBJECT, 'get_gpo_link: no result')
-    if not 'gPLink' in res.msgs[0]:
+    if 'gPLink' not in res.msgs[0]:
         raise ldb.LdbError(ldb.ERR_NO_SUCH_ATTRIBUTE,
             "get_gpo_link: no 'gPLink' attribute found for '{}'".format(link_dn)
         )

diff --git a/.github/samba/python/samba/gp/util/logging.py b/.github/samba/python/samba/gp/util/logging.py
@@ -17,7 +17,6 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-import json
 import datetime
 import logging
 import gettext

diff --git a/internal/policies/certificate/python/vendor_samba/gp/gp_cert_auto_enroll_ext.py b/internal/policies/certificate/python/vendor_samba/gp/gp_cert_auto_enroll_ext.py
@@ -264,7 +264,7 @@ def update_ca_command():
 
 def changed(new_data, old_data):
     """Return True if any key present in both dicts has changed."""
-    return any((new_data[k] != old_data[k] if k in old_data else False) \
+    return any((new_data[k] != old_data[k] if k in old_data else False)
             for k in new_data.keys())
 
 def cert_enroll(ca, ldb, trust_dir, private_dir, auth='Kerberos'):
@@ -335,7 +335,7 @@ def cert_enroll(ca, ldb, trust_dir, private_dir, auth='Kerberos'):
 
 class gp_cert_auto_enroll_ext(gp_pol_ext, gp_applier):
     def __str__(self):
-        return 'Cryptography\AutoEnrollment'
+        return r'Cryptography\AutoEnrollment'
 
     def unapply(self, guid, attribute, value):
         ca_cn = base64.b64decode(attribute)
@@ -387,7 +387,7 @@ def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
 
         for gpo in changed_gpo_list:
             if gpo.file_sys_path:
-                section = 'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
+                section = r'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
                 pol_file = 'MACHINE/Registry.pol'
                 path = os.path.join(gpo.file_sys_path, pol_file)
                 pol_conf = self.parse(path)
@@ -407,7 +407,7 @@ def process_group_policy(self, deleted_gpo_list, changed_gpo_list,
                                                      trust_dir, private_dir)
 
                             # Cleanup any old CAs that have been removed
-                            ca_attrs = [base64.b64encode(n.encode()).decode() \
+                            ca_attrs = [base64.b64encode(n.encode()).decode()
                                     for n in ca_names]
                             self.clean(gpo.name, keep=ca_attrs)
                         else:
@@ -507,7 +507,7 @@ def __enroll(self, guid, entries, trust_dir, private_dir):
     def rsop(self, gpo):
         output = {}
         pol_file = 'MACHINE/Registry.pol'
-        section = 'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
+        section = r'Software\Policies\Microsoft\Cryptography\AutoEnrollment'
         if gpo.file_sys_path:
             path = os.path.join(gpo.file_sys_path, pol_file)
             pol_conf = self.parse(path)

diff --git a/internal/policies/certificate/python/vendor_samba/gp/gpclass.py b/internal/policies/certificate/python/vendor_samba/gp/gpclass.py
@@ -33,12 +33,10 @@
 from samba.dcerpc import nbt
 from samba.samba3 import libsmb_samba_internal as libsmb
 import samba.gpo as gpo
-from samba.param import LoadParm
 from uuid import UUID
 from tempfile import NamedTemporaryFile
 from samba.dcerpc import preg
-from samba.dcerpc import misc
-from samba.ndr import ndr_pack, ndr_unpack
+from samba.ndr import ndr_unpack
 from samba.credentials import SMB_SIGNING_REQUIRED
 from vendor_samba.gp.util.logging import log
 from hashlib import blake2b
@@ -350,25 +348,28 @@ def rsop(self, gpo):
 
 class gp_inf_ext(gp_ext):
     def read(self, data_file):
-        policy = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            policy = f.read()
         inf_conf = ConfigParser(interpolation=None)
         inf_conf.optionxform = str
         try:
-            inf_conf.readfp(StringIO(policy.decode()))
+            inf_conf.read_file(StringIO(policy.decode()))
         except UnicodeDecodeError:
-            inf_conf.readfp(StringIO(policy.decode('utf-16')))
+            inf_conf.read_file(StringIO(policy.decode('utf-16')))
         return inf_conf
 
 
 class gp_pol_ext(gp_ext):
     def read(self, data_file):
-        raw = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            raw = f.read()
         return ndr_unpack(preg.file, raw)
 
 
 class gp_xml_ext(gp_ext):
     def read(self, data_file):
-        raw = open(data_file, 'rb').read()
+        with open(data_file, 'rb') as f:
+            raw = f.read()
         try:
             return etree.fromstring(raw.decode())
         except UnicodeDecodeError:
@@ -550,7 +551,7 @@ def apply(self, guid, attribute, value_hash, applier_func, *args, sep=':'):
         old_val = self.cache_get_attribute_value(guid, attribute)
         # Ignore removal if this policy is applied and hasn't changed
         old_val_hash, old_val_files = self.__parse_value(old_val, sep)
-        if (old_val_hash != value_hash or \
+        if (old_val_hash != value_hash or
                 self.cache_get_apply_state() == GPOSTATE.ENFORCE) or \
                 not all([os.path.exists(f) for f in old_val_files]):
             self.unapply(guid, attribute, old_val_files)

diff --git a/internal/policies/certificate/python/vendor_samba/gp/util/logging.py b/internal/policies/certificate/python/vendor_samba/gp/util/logging.py
@@ -17,7 +17,6 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-import json
 import datetime
 import logging
 import gettext