Bump icewind/smb from 3.5.4 to 3.6.0 in /apps/files_external/3rdparty

apps/files_external/3rdparty/composer.json

@@ -18,7 +18,7 @@
 	},
 	"require": {
 		"php": ">=7.4",
-		"icewind/smb": "3.5.4",
+		"icewind/smb": "3.6.0",
 		"icewind/streams": "0.7.7",
 		"google/apiclient": "2.15.0"
 	},

apps/files_external/3rdparty/composer/autoload_classmap.php

@@ -169,6 +169,7 @@
     'Icewind\\SMB\\Exception\\InvalidPathException' => $vendorDir . '/icewind/smb/src/Exception/InvalidPathException.php',
     'Icewind\\SMB\\Exception\\InvalidRequestException' => $vendorDir . '/icewind/smb/src/Exception/InvalidRequestException.php',
     'Icewind\\SMB\\Exception\\InvalidResourceException' => $vendorDir . '/icewind/smb/src/Exception/InvalidResourceException.php',
+    'Icewind\\SMB\\Exception\\InvalidTicket' => $vendorDir . '/icewind/smb/src/Exception/InvalidTicket.php',
     'Icewind\\SMB\\Exception\\InvalidTypeException' => $vendorDir . '/icewind/smb/src/Exception/InvalidTypeException.php',
     'Icewind\\SMB\\Exception\\NoLoginServerException' => $vendorDir . '/icewind/smb/src/Exception/NoLoginServerException.php',
     'Icewind\\SMB\\Exception\\NoRouteToHostException' => $vendorDir . '/icewind/smb/src/Exception/NoRouteToHostException.php',
@@ -187,6 +188,7 @@
     'Icewind\\SMB\\ITimeZoneProvider' => $vendorDir . '/icewind/smb/src/ITimeZoneProvider.php',
     'Icewind\\SMB\\KerberosApacheAuth' => $vendorDir . '/icewind/smb/src/KerberosApacheAuth.php',
     'Icewind\\SMB\\KerberosAuth' => $vendorDir . '/icewind/smb/src/KerberosAuth.php',
+    'Icewind\\SMB\\KerberosTicket' => $vendorDir . '/icewind/smb/src/KerberosTicket.php',
     'Icewind\\SMB\\Native\\NativeFileInfo' => $vendorDir . '/icewind/smb/src/Native/NativeFileInfo.php',
     'Icewind\\SMB\\Native\\NativeReadStream' => $vendorDir . '/icewind/smb/src/Native/NativeReadStream.php',
     'Icewind\\SMB\\Native\\NativeServer' => $vendorDir . '/icewind/smb/src/Native/NativeServer.php',

apps/files_external/3rdparty/composer/autoload_static.php

@@ -239,6 +239,7 @@ class ComposerStaticInit98fe9b281934250b3a93f69a5ce843b3
         'Icewind\\SMB\\Exception\\InvalidPathException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/InvalidPathException.php',
         'Icewind\\SMB\\Exception\\InvalidRequestException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/InvalidRequestException.php',
         'Icewind\\SMB\\Exception\\InvalidResourceException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/InvalidResourceException.php',
+        'Icewind\\SMB\\Exception\\InvalidTicket' => __DIR__ . '/..' . '/icewind/smb/src/Exception/InvalidTicket.php',
         'Icewind\\SMB\\Exception\\InvalidTypeException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/InvalidTypeException.php',
         'Icewind\\SMB\\Exception\\NoLoginServerException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/NoLoginServerException.php',
         'Icewind\\SMB\\Exception\\NoRouteToHostException' => __DIR__ . '/..' . '/icewind/smb/src/Exception/NoRouteToHostException.php',
@@ -257,6 +258,7 @@ class ComposerStaticInit98fe9b281934250b3a93f69a5ce843b3
         'Icewind\\SMB\\ITimeZoneProvider' => __DIR__ . '/..' . '/icewind/smb/src/ITimeZoneProvider.php',
         'Icewind\\SMB\\KerberosApacheAuth' => __DIR__ . '/..' . '/icewind/smb/src/KerberosApacheAuth.php',
         'Icewind\\SMB\\KerberosAuth' => __DIR__ . '/..' . '/icewind/smb/src/KerberosAuth.php',
+        'Icewind\\SMB\\KerberosTicket' => __DIR__ . '/..' . '/icewind/smb/src/KerberosTicket.php',
         'Icewind\\SMB\\Native\\NativeFileInfo' => __DIR__ . '/..' . '/icewind/smb/src/Native/NativeFileInfo.php',
         'Icewind\\SMB\\Native\\NativeReadStream' => __DIR__ . '/..' . '/icewind/smb/src/Native/NativeReadStream.php',
         'Icewind\\SMB\\Native\\NativeServer' => __DIR__ . '/..' . '/icewind/smb/src/Native/NativeServer.php',

apps/files_external/3rdparty/composer/installed.json

@@ -182,17 +182,17 @@
         },
         {
             "name": "icewind/smb",
-            "version": "v3.5.4",
-            "version_normalized": "3.5.4.0",
+            "version": "v3.6.0",
+            "version_normalized": "3.6.0.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/icewind1991/SMB.git",
-                "reference": "76995aa11c14e39bccd0f2370ed63b2f8f623a6d"
+                "reference": "e0e86b16640f5892dd00408ed50ad18357dac6c1"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/icewind1991/SMB/zipball/76995aa11c14e39bccd0f2370ed63b2f8f623a6d",
-                "reference": "76995aa11c14e39bccd0f2370ed63b2f8f623a6d",
+                "url": "https://api.github.com/repos/icewind1991/SMB/zipball/e0e86b16640f5892dd00408ed50ad18357dac6c1",
+                "reference": "e0e86b16640f5892dd00408ed50ad18357dac6c1",
                 "shasum": ""
             },
             "require": {
@@ -205,7 +205,7 @@
                 "phpunit/phpunit": "^8.5|^9.3.8",
                 "psalm/phar": "^4.3"
             },
-            "time": "2022-05-30T15:18:19+00:00",
+            "time": "2023-08-10T13:17:39+00:00",
             "type": "library",
             "installation-source": "dist",
             "autoload": {
@@ -226,7 +226,7 @@
             "description": "php wrapper for smbclient and libsmbclient-php",
             "support": {
                 "issues": "https://github.com/icewind1991/SMB/issues",
-                "source": "https://github.com/icewind1991/SMB/tree/v3.5.4"
+                "source": "https://github.com/icewind1991/SMB/tree/v3.6.0"
             },
             "install-path": "../icewind/smb"
         },

apps/files_external/3rdparty/composer/installed.php

@@ -3,7 +3,7 @@
         'name' => 'files_external/3rdparty',
         'pretty_version' => 'dev-master',
         'version' => 'dev-master',
-        'reference' => '79d2d94bd16ca97a2738cb1e18241c9290e55248',
+        'reference' => 'e44073ed1efb847dd459cded7fa5e51dd69795e8',
         'type' => 'library',
         'install_path' => __DIR__ . '/../',
         'aliases' => array(),
@@ -13,7 +13,7 @@
         'files_external/3rdparty' => array(
             'pretty_version' => 'dev-master',
             'version' => 'dev-master',
-            'reference' => '79d2d94bd16ca97a2738cb1e18241c9290e55248',
+            'reference' => 'e44073ed1efb847dd459cded7fa5e51dd69795e8',
             'type' => 'library',
             'install_path' => __DIR__ . '/../',
             'aliases' => array(),
@@ -65,9 +65,9 @@
             ),
         ),
         'icewind/smb' => array(
-            'pretty_version' => 'v3.5.4',
-            'version' => '3.5.4.0',
-            'reference' => '76995aa11c14e39bccd0f2370ed63b2f8f623a6d',
+            'pretty_version' => 'v3.6.0',
+            'version' => '3.6.0.0',
+            'reference' => 'e0e86b16640f5892dd00408ed50ad18357dac6c1',
             'type' => 'library',
             'install_path' => __DIR__ . '/../icewind/smb',
             'aliases' => array(),

apps/files_external/3rdparty/icewind/smb/.github/workflows/ci.yaml

@@ -7,7 +7,7 @@ jobs:
     name: PHP-CS-Fixer
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@master
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
@@ -49,7 +49,7 @@ jobs:
       - name: Install packages
         run: |
           sudo apt-get install smbclient
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
@@ -70,7 +70,7 @@ jobs:
           command: php ./vendor/bin/phpunit tests -c tests/phpunit.xml --coverage-clover=coverage.xml
         env:
           BACKEND: ${{ matrix.backend }}
-      - uses: codecov/codecov-action@v1
+      - uses: codecov/codecov-action@v3
         with:
           files: ./coverage.xml
 
@@ -82,7 +82,10 @@ jobs:
       fail-fast: false
       matrix:
         client-version:
-          - "4.15.1"
+          - "4.18.1"
+          - "4.17.7"
+          - "4.16.10"
+          - "4.15.13"
           - "4.14.9"
           - "4.11.17"
           - "4.10.18"
@@ -111,9 +114,9 @@ jobs:
           sudo apt install libjansson4 libcap2 libbsd0 libreadline8 libicu66
           sudo mkdir -p /etc/samba /var/lib/samba/private
           echo "[global]\nclient min protocol = SMB2\nclient max protocol = SMB3" | sudo tee /etc/samba/smb.conf
-          sudo wget "https://github.com/icewind1991/smbclient-builder/releases/download/v0.1.0/smbclient-${{ matrix.client-version }}" -O /usr/local/bin/smbclient
+          sudo wget "https://github.com/icewind1991/smbclient-builder/releases/download/v0.1.2/smbclient-${{ matrix.client-version }}" -O /usr/local/bin/smbclient
           sudo chmod +x /usr/local/bin/smbclient
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
@@ -134,7 +137,7 @@ jobs:
           command: php ./vendor/bin/phpunit tests -c tests/phpunit.xml --coverage-clover=coverage.xml
         env:
           BACKEND: smbclient
-      - uses: codecov/codecov-action@v1
+      - uses: codecov/codecov-action@v3
         with:
           files: ./coverage.xml
 
@@ -154,7 +157,7 @@ jobs:
           - 445:445
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
@@ -175,7 +178,7 @@ jobs:
     runs-on: ubuntu-20.04
     name: Kerberos SSO tests
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
@@ -194,7 +197,7 @@ jobs:
         run: |
           DC_IP=$(docker inspect dc --format '{{.NetworkSettings.IPAddress}}')
           LIST=$(docker run --rm --name client -v /tmp/shared:/shared --dns $DC_IP --hostname client.domain.test icewind1991/samba-krb-test-client \
-            curl -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/example-apache-kerberos.php)
+            curl -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/example-sso-kerberos.php)
           echo $LIST
           LIST=$(echo $LIST | tr -d '[:space:]')
           [[ $LIST == "test.txt" ]]
@@ -204,7 +207,7 @@ jobs:
           docker logs apache
 
   static-psalm-analysis:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     name: Psalm static analysis
 
     strategy:
@@ -215,12 +218,14 @@ jobs:
           - "7.3"
           - "7.4"
           - "8.0"
+          - "8.1"
+          - "8.2"
 
     steps:
       - name: krb5-dev
         run: sudo apt-get install -y libkrb5-dev
       - name: Checkout
-        uses: actions/checkout@master
+        uses: actions/checkout@v3
       - name: Set up php
         uses: shivammathur/setup-php@master
         with:
@@ -242,7 +247,7 @@ jobs:
     steps:
       - name: krb5-dev
         run: sudo apt-get install -y libkrb5-dev
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:

apps/files_external/3rdparty/icewind/smb/README.md

@@ -65,19 +65,20 @@ $server = $serverFactory->createServer('localhost', $auth);
 
 By re-using a client ticket you can create a single sign-on setup where the user authenticates against
 the web service using kerberos. And the web server can forward that ticket to the smb server, allowing it
-to act on the behalf of the user without requiring the user to enter his passord.
+to act on the behalf of the user without requiring the user to enter his password.
 
 The setup for such a system is fairly involved and requires roughly the following this
 
 - The web server is authenticated against kerberos with a machine account
 - Delegation is enabled for the web server's machine account
-- Apache is setup to perform kerberos authentication and save the ticket in it's environment
+- The web server is setup to perform kerberos authentication and save the ticket in it's environment
 - Php has the krb5 extension installed
 - The client authenticates using a ticket with forwarding enabled
 
 ```php
 $serverFactory = new ServerFactory();
-$auth = new KerberosApacheAuth();
+$auth = new KerberosAuth();
+$auth->setTicket(KerberosTicket::fromEnv());
 $server = $serverFactory->createServer('localhost', $auth);
 ```
 

apps/files_external/3rdparty/icewind/smb/example-apache-kerberos.php → apps/files_external/3rdparty/icewind/smb/example-sso-kerberos.php

@@ -1,5 +1,7 @@
 <?php
 
+use Icewind\SMB\KerberosTicket;
+
 require('vendor/autoload.php');
 
 if (php_sapi_name() == "cli") {
@@ -10,7 +12,8 @@
 $host = 'krb.domain.test';
 $share = 'netlogon';
 
-$auth = new \Icewind\SMB\KerberosApacheAuth();
+$auth = new \Icewind\SMB\KerberosAuth();
+$auth->setTicket(KerberosTicket::fromEnv());
 $serverFactory = new \Icewind\SMB\ServerFactory();
 
 $server = $serverFactory->createServer($host, $auth);

apps/files_external/3rdparty/icewind/smb/psalm.xml

@@ -6,6 +6,10 @@
     xmlns="https://getpsalm.org/schema/config"
     xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
 >
+    <stubs>
+        <file name="tests/krb.phpstub" preloadClasses="true"/>
+        <file name="tests/smbclient.phpstub" preloadClasses="true"/>
+    </stubs>
     <projectFiles>
         <directory name="src" />
         <ignoreFiles>

apps/files_external/3rdparty/icewind/smb/src/Exception/InvalidTicket.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2022 Robin Appelman <robin@icewind.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Icewind\SMB\Exception;
+
+class InvalidTicket extends Exception {
+
+}