The annotated tag, samba-4.8.1 has been created at ee057295cd82d0e932cafcbea90d19552a6d323e (tag) tagging e5b036ddc413389ac7b967af85b97e86d8128f55 (commit) replaces samba-4.8.0 tagged by Karolin Seeger on Thu Apr 26 09:25:55 2018 +0200
- Log ----------------------------------------------------------------- samba: tag release samba-4.8.1 -----BEGIN PGP SIGNATURE----- iEYEABECAAYFAlrhfwQACgkQbzORW2Vot+rlmwCfXMkvhwzurecvDtP5hudSOVD1 VdgAnipmoOL9tvSbQqKvbKCUiu8wuDd4 =U0Tj -----END PGP SIGNATURE----- Amitay Isaacs (4): ctdb-client: Do not try to allocate 0 sized record ctdb-client: Add missing initialization of tevent_context ctdb-client: Client code should never free the client context ctdb-scripts: Drop "net serverid wipe" from 50.samba event script Andreas Schneider (1): s3:passdb: Do not return OK if we don't have pinfo set up Anton Nefedov via samba-technical (1): s3:smbd: map nterror on smb2_flush errorpath Björn Baumbach (2): samba-tool visualize: fix python2.6 incompatibility ms_schema: fix python2.6 incompatibility Christof Schmitt (5): test_smbclient_s3.sh: Use correct separator in "list with backup privilege" test nsswitch: Fix wbcListUsers test nsswitch: Fix wbcListGroups test Add test for wbinfo name lookup winbindd: Do not ignore domain in the LOOKUPNAME request Eric Vannier (1): Allow AESNI to be used on all processor supporting AESNI, not just Intel's This improves performance/reduced CPU usage. Tests performed: - Ran on Ivy Bridge and Ryzen and verified that AESNI is detected (crypto tests) - Ran on Ryzen, and observed 50% increased speed. Jeremy Allison (23): s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here. s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir() s3: vfs_fruit. Ensure we only return one set of the 'virtual' UNIX ACE entries. s3: vfs_fruit: Ensure we operate on a copy of the incoming security descriptor. s3: vfs_fruit. If the security descriptor was modified, ensure we set the flags correctly to reflect the ACE's left. s3: vfs_fruit. Change check_ms_nfs() to remove the virtual ACE's generated by fruit_fget_nt_acl(). s3: smbd: vfs_fruit: Add remove_virtual_nfs_aces() a generic NFS ACE remover. s3: smbd: vfs_fruit: Replace code in check_ms_nfs() with remove_virtual_nfs_aces(). s3: smbd: vfs_fruit: Replace code in fruit_fget_nt_acl() with remove_virtual_nfs_aces(). s4: vfs: fruit tests: Add regression test for dealing with NFS ACE entries. s3: smbd: Fruit. Make the use of dom_sid_compare_domain() much clearer. s3: debug: smb2: Create a new DBGC_SMB2 debug class and mark all smbd/smb2_*.c files with it. lib: debug: Add DBGC_XXX versions of the macros to allow class-specific messages. s3: smbd: SMB2: Add DBGC_SMB2_CREDITS class to specifically debug credit issues. s3: docs: Add documentation for "smb2" and "smb2_credits" debug classes. s3: smbd: Files or directories can't be opened DELETE_ON_CLOSE without delete access. s4: torture: Ensure a failed file create doesn't create the file. s4: torture: Test all combinations of file create to ensure behavior is the same. s4: torture: Test all combinations of file open with existing file to ensure behavior is the same. s4: torture: Test all combinations of directory create to ensure behavior is the same. s4: torture: Test all combinations of directory open with existing directory to ensure behavior is the same. s3: smbd: Fix memory leak in vfswrap_getwd() s3: smbd: Unix extensions attempts to change wrong field in fchown call. Karolin Seeger (3): VERSION: Bump version up to 4.8.1... WHATSNEW: Add release notes for Samba 4.8.1. VERSION: Disable GIT_SNAPSHOT for the 4.8.1 release. Lutz Justen (1): s3: lib: messages: Don't use the result of sec_init() before calling sec_init(). Martin Schwenke (1): ctdb-tests: Don't use nc -d or -w options Noel Power (1): lib:replace: Fix linking when libtirpc-devel overwrites system headers Ralph Boehme (16): libcli/security: only announce a session as GUEST if 'Builtin\Guests' is there without 'Authenticated User' selftest: run vfs.fruit_netatalk test against seperate share selftest: vfs.fruit: add xattr_tdb where possible s3:smbd: don't use the directory cache for SMB2/3 winbindd: add and use ldap_reconnect_need_retry() in winbindd_reconnect_ads.c winbindd: check for NT_STATUS_IO_DEVICE_ERROR in reset_cm_connection_on_error() winbindd: make reset_cm_connection_on_error() public winbindd: call reset_cm_connection_on_error() from reconnect_need_retry() winbindd: force netlogon reauth for certain errors in reset_cm_connection_on_error() winbindd: call dcerpc_binding_handle_is_connected() from reset_cm_connection_on_error() winbindd: fix logic calling dcerpc_binding_handle_is_connected() winbindd: use reset_cm_connection_on_error() instead of dcerpc_binding_handle_is_connected() winbindd: add retry to _wbint_LookupSids() winbindd: add retry to _wbint_DsGetDcName winbindd: add retry to _winbind_DsrUpdateReadOnlyServerDnsRecords winbindd: add retry to _winbind_SendToSam Stefan Metzmacher (29): s3:torture: add SMB2-ANONYMOUS which asserts no GUEST bit for anonymous s3:selftest: run SMB2-ANONYMOUS s3:auth: remove unused auth_serversupplied_info->system s3:auth: add the "Unix Groups" sid for the primary gid s3:auth: move add_local_groups() out of finalize_local_nt_token() s3:passdb: handle dom_sid=NULL in create_builtin_{users,administrators}() s3:auth: only call secrets_fetch_domain_sid() once in finalize_local_nt_token() s3:auth: add add_builtin_guests() handling to finalize_local_nt_token() s3:auth: don't try to expand system or anonymous tokens in finalize_local_nt_token() s3:auth: pass AUTH_SESSION_INFO_* flags to finalize_local_nt_token() s3:auth: remove static from finalize_local_nt_token() auth: add auth_user_info_copy() function s3:auth: add auth3_user_info_dc_add_hints() and auth3_session_info_create() s3:auth: base make_new_session_info_system() on auth_system_user_info_dc() and auth3_create_session_info() s3:auth: pass the whole auth_session_info from copy_session_info_serverinfo_guest() to create_local_token() s3:auth: add make_{server,session}_info_anonymous() s3:rpc_server: make use of make_session_info_anonymous() s3:auth: make use of make_{server,session}_info_anonymous() s3:smb2_server: correctly maintain request counters for compound requests lib/util: remove unused '#include <sys/syscall.h>' from tests/tfork.c lib/replace: define __[u]intptr_t_defined if we prove an replacement nsswitch: maintain prototypes for the linux based functions only once nsswitch: add some const to _nss_winbind_initgroups_dyn() prototype nsswitch: fix the developer build of nsswitch/wins.c on freebsd 11 s3:modules: fix the picky-developer build of vfs_virusfilter.c on FreeBSD 11 s3:modules: make virusfilter_io_connect_path() more portable lib/crypto: avoid 'return void_function();' which isn't portable ldb/tests: avoid 'return void_function();' which isn't portable s3:modules: fix the build of vfs_aixacl2.c Timur I. Bakeyev (1): Fix invocation of gnutls_aead_cipher_encrypt() Volker Lendecke (13): dsdb: Fix CID 1034966 Uninitialized scalar variable torture: Test compound request request counters libads: Fix the build --without-ads rpc_server: Init local_server_* in make_internal_rpc_pipe_socketpair libsmb: Handle long-running smb2cli_notify libsmb: Handle IO_TIMEOUT in cli_smb2_notify properly smbclient: Handle ENUM_DIR in "notify" command utils: Add destroy_netlogon_creds_cli winbind: Add smbcontrol disconnect-dc winbind: Keep "force_reauth" in invalidate_cm_connection vfs_virusfilter: Fix CID 1428739 Buffer not null terminated vfs_virusfilter: Fix CID 1428740 Macro compares unsigned to 0 vfs_virusfilter: Fix CID 1428738 Macro compares unsigned to 0 ----------------------------------------------------------------------- -- Samba Shared Repository