The annotated tag, samba-4.8.1 has been created
at ee057295cd82d0e932cafcbea90d19552a6d323e (tag)
tagging e5b036ddc413389ac7b967af85b97e86d8128f55 (commit)
replaces samba-4.8.0
tagged by Karolin Seeger
on Thu Apr 26 09:25:55 2018 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.8.1
-----BEGIN PGP SIGNATURE-----
iEYEABECAAYFAlrhfwQACgkQbzORW2Vot+rlmwCfXMkvhwzurecvDtP5hudSOVD1
VdgAnipmoOL9tvSbQqKvbKCUiu8wuDd4
=U0Tj
-----END PGP SIGNATURE-----
Amitay Isaacs (4):
ctdb-client: Do not try to allocate 0 sized record
ctdb-client: Add missing initialization of tevent_context
ctdb-client: Client code should never free the client context
ctdb-scripts: Drop "net serverid wipe" from 50.samba event script
Andreas Schneider (1):
s3:passdb: Do not return OK if we don't have pinfo set up
Anton Nefedov via samba-technical (1):
s3:smbd: map nterror on smb2_flush errorpath
Björn Baumbach (2):
samba-tool visualize: fix python2.6 incompatibility
ms_schema: fix python2.6 incompatibility
Christof Schmitt (5):
test_smbclient_s3.sh: Use correct separator in "list with backup
privilege" test
nsswitch: Fix wbcListUsers test
nsswitch: Fix wbcListGroups test
Add test for wbinfo name lookup
winbindd: Do not ignore domain in the LOOKUPNAME request
Eric Vannier (1):
Allow AESNI to be used on all processor supporting AESNI, not just
Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on
Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran
on Ryzen, and observed 50% increased speed.
Jeremy Allison (23):
s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we
don't own it here.
s3: smbd: Fix possible directory fd leak if the underlying OS doesn't
support fdopendir()
s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE
entries.
s3: vfs_fruit: Ensure we operate on a copy of the incoming security
descriptor.
s3: vfs_fruit. If the security descriptor was modified, ensure we set the
flags correctly to reflect the ACE's left.
s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's
generated by fruit_fget_nt_acl().
s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE
remover.
s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with
remove_virtual_nfs_aces().
s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with
remove_virtual_nfs_aces().
s4: vfs: fruit tests: Add regression test for dealing with NFS ACE
entries.
s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer.
s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all
smbd/smb2_*.c files with it.
lib: debug: Add DBGC_XXX versions of the macros to allow class-specific
messages.
s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit
issues.
s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes.
s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without
delete access.
s4: torture: Ensure a failed file create doesn't create the file.
s4: torture: Test all combinations of file create to ensure behavior is
the same.
s4: torture: Test all combinations of file open with existing file to
ensure behavior is the same.
s4: torture: Test all combinations of directory create to ensure behavior
is the same.
s4: torture: Test all combinations of directory open with existing
directory to ensure behavior is the same.
s3: smbd: Fix memory leak in vfswrap_getwd()
s3: smbd: Unix extensions attempts to change wrong field in fchown call.
Karolin Seeger (3):
VERSION: Bump version up to 4.8.1...
WHATSNEW: Add release notes for Samba 4.8.1.
VERSION: Disable GIT_SNAPSHOT for the 4.8.1 release.
Lutz Justen (1):
s3: lib: messages: Don't use the result of sec_init() before calling
sec_init().
Martin Schwenke (1):
ctdb-tests: Don't use nc -d or -w options
Noel Power (1):
lib:replace: Fix linking when libtirpc-devel overwrites system headers
Ralph Boehme (16):
libcli/security: only announce a session as GUEST if 'Builtin\Guests' is
there without 'Authenticated User'
selftest: run vfs.fruit_netatalk test against seperate share
selftest: vfs.fruit: add xattr_tdb where possible
s3:smbd: don't use the directory cache for SMB2/3
winbindd: add and use ldap_reconnect_need_retry() in
winbindd_reconnect_ads.c
winbindd: check for NT_STATUS_IO_DEVICE_ERROR in
reset_cm_connection_on_error()
winbindd: make reset_cm_connection_on_error() public
winbindd: call reset_cm_connection_on_error() from reconnect_need_retry()
winbindd: force netlogon reauth for certain errors in
reset_cm_connection_on_error()
winbindd: call dcerpc_binding_handle_is_connected() from
reset_cm_connection_on_error()
winbindd: fix logic calling dcerpc_binding_handle_is_connected()
winbindd: use reset_cm_connection_on_error() instead of
dcerpc_binding_handle_is_connected()
winbindd: add retry to _wbint_LookupSids()
winbindd: add retry to _wbint_DsGetDcName
winbindd: add retry to _winbind_DsrUpdateReadOnlyServerDnsRecords
winbindd: add retry to _winbind_SendToSam
Stefan Metzmacher (29):
s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous
s3:selftest: run SMB2-ANONYMOUS
s3:auth: remove unused auth_serversupplied_info->system
s3:auth: add the "Unix Groups" sid for the primary gid
s3:auth: move add_local_groups() out of finalize_local_nt_token()
s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}()
s3:auth: only call secrets_fetch_domain_sid() once in
finalize_local_nt_token()
s3:auth: add add_builtin_guests() handling to finalize_local_nt_token()
s3:auth: don't try to expand system or anonymous tokens in
finalize_local_nt_token()
s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token()
s3:auth: remove static from finalize_local_nt_token()
auth: add auth_user_info_copy() function
s3:auth: add auth3_user_info_dc_add_hints() and
auth3_session_info_create()
s3:auth: base make_new_session_info_system() on
auth_system_user_info_dc() and auth3_create_session_info()
s3:auth: pass the whole auth_session_info from
copy_session_info_serverinfo_guest() to create_local_token()
s3:auth: add make_{server,session}_info_anonymous()
s3:rpc_server: make use of make_session_info_anonymous()
s3:auth: make use of make_{server,session}_info_anonymous()
s3:smb2_server: correctly maintain request counters for compound requests
lib/util: remove unused '#include <sys/syscall.h>' from tests/tfork.c
lib/replace: define __[u]intptr_t_defined if we prove an replacement
nsswitch: maintain prototypes for the linux based functions only once
nsswitch: add some const to _nss_winbind_initgroups_dyn() prototype
nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11
s3:modules: fix the picky-developer build of vfs_virusfilter.c on FreeBSD
11
s3:modules: make virusfilter_io_connect_path() more portable
lib/crypto: avoid 'return void_function();' which isn't portable
ldb/tests: avoid 'return void_function();' which isn't portable
s3:modules: fix the build of vfs_aixacl2.c
Timur I. Bakeyev (1):
Fix invocation of gnutls_aead_cipher_encrypt()
Volker Lendecke (13):
dsdb: Fix CID 1034966 Uninitialized scalar variable
torture: Test compound request request counters
libads: Fix the build --without-ads
rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair
libsmb: Handle long-running smb2cli_notify
libsmb: Handle IO_TIMEOUT in cli_smb2_notify properly
smbclient: Handle ENUM_DIR in "notify" command
utils: Add destroy_netlogon_creds_cli
winbind: Add smbcontrol disconnect-dc
winbind: Keep "force_reauth" in invalidate_cm_connection
vfs_virusfilter: Fix CID 1428739 Buffer not null terminated
vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0
vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0
-----------------------------------------------------------------------
--
Samba Shared Repository
