The annotated tag, ldb-2.0.5 has been created
at 509e4be0f83f04a97de38cde9e2ca5bb113810a4 (tag)
tagging 86d480ade25953a175b0837667ce5efb8b7e65df (commit)
replaces ldb-1.6.3
tagged by Stefan Metzmacher
on Tue Aug 20 15:37:17 2019 +0200
- Log -----------------------------------------------------------------
ldb: tag release ldb-2.0.5
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl1b940ACgkQR5ORYRMI
QCXCwwgAiUajsomZp888bJCkYFkOJK4tSBrtAmbMKcnryioS276vDhPMcL1EdNoZ
UxgeIm8ZNApa/nOWFTkckVQ8lbRvJQMSPVOIOYfCVjLBv2sY1MYQPpe9gqij4e1F
2VCchcZPG9P/WHaYspx+KHuqE7ITp/4SJlLGTkNyvCpbKBdlIdbqT9siBKegGGoh
ZD3afyYWrGRhuXsJXGh7+4O7htFq+mk3GsCEASUJJiYs99ePlvromLorkG4nhCxq
mADAQZz+uMJDElgUfRX9rtZwTv0TLDft7aiZEA7D0Z3821tJpl5NzRoQKt1g83ve
E4/sghm9BVLpQgMVD4Gnz/YeTQoulQ==
=jU8G
-----END PGP SIGNATURE-----
Aaron Haslett (44):
paged_search: perf testing paged search
ldb: cmocka test for empty attributes bug
lmdb: iterate_range cmocka testing
ldb: <= and >= indexed searching
ldb: activating <= and >= indexing for integers
ldb: tests for <= and >= integer indexing
ldb: version 2.0.0
samdb: test for schemainfo update with relax control
dsdb:samdb: schemainfo update with relax control
selftest: tagging tests for new schemaupgrade_dc target
repl: test for schema object and LA repl across chunks
selftest: split schemaupgrade testenv out
ldap: test for empty attributes list
selftest: correcting empty attribute usage in requests
ldb: removing alloc from unpack_data
ldb: perf test for pack format
ldb: removing msg and dn copying from filter attrs
ldb: remove unpack only attr list functionality
ldb: baseinfo pack format check on init
ldb: push and pull macros for pack format
ldb: replacing length increments with constants in pack
ldb: unpack function for new pack format
ldb: pack function for new pack format
ldb: Release ldb 2.0.2
ldb: removing unnecessary module pointer
ldb: ldb_key_value_test fix
ldb: ldbdump key and pack format version comments
ldb: test for parse errors
sambaundoguididx: renamed to downgradedatabase
downgradedatabase: blackbox test
ldb: only used a->syntax->index_format_fn if GUID indexing is enabled
ldb: binding ordered indexes to GUID indexing
downgradedatabase: blackbox: check ordered integer removed
ldb: repack old format database if GUID indexing enabled
ldb: python test for repack
downgradedatabase: blackbox: database repacked
ldb: pack_format_override option
dsdb: disable ORDERED_INTEGER with MDB pack format v1
downgradedatabase: adding special case for MDB
downgradedatabase: blackbox: MDB backend
ldb: Release ldb 2.0.3
selftest: specifying 2008_R2 base schema for tests that need it
schema: changing default base schema to 2012_R2
selftest: schema version check in provision test
Amit Kumar (1):
docs: Correct 'net ads dns unregister --help' description
Amitay Isaacs (3):
ctdb-common: Avoid race between fd and signal events
ctdb-tests: Add reqid wrapping test
ctdb-common: Fix memory leak in run_proc
Andreas Schneider (211):
s3:lib: Increase debug level for messaging_send_buf message
s3:script: Fix running rsync in fake_snap.pl
s3:script: Fix running cp in modprinter.pl
libcli: Use a define for the SMB_SUICIDE_PACKET
s3:smbd: Make clear that we got a suicide packet
s3:torture: Move the init of the locking out of the loop
s3:torture: Improve the debug message output
s3:waf: Fix the detection of makdev() macro on Linux
third_party: Update socket_wrapper to version 1.2.3
selftest: Increase nss_wrapper max host entries handling
docs: Update smbclient manpage for --max-protocol
s3:utils: Add 'smbstatus -L --resolve-uids' to show usernames
selftest: Add smbstatus to testhelper
s3:tests: Add test for smbstatus and smbstatus --resolve_uids
s3:libads: Print more information when LDAP fails
s3:libsmb: Add some useful debug output to cliconnect
auth:creds: Prefer the principal over DOMAIN/username when using NTLM
s3:libnet: Use more secure name for the JOIN krb5.conf
s3:libads: Make sure we can lookup KDCs which are not configured
lib:util: Add support to keep talloc chunks secret
lib:util: Add test for talloc_keep_secret()
lib:util: Include talloc_keep_secret.h in samba_util.h
autobuild: Build also Samba AD with MIT Kerberos
s3:modules: Fix size types
s4:heimdal: Disable format truncation warnings
bootstrap: Fix dnf commands
bootstrap: Add missing packages on RPM distributions
bootstrap: Add missing packages for XFS quota support
bootstrap: Add glusterfs and cephfs packages
gitlab-ci: Enable fedora29 and update generated dists
gitlab-ci: Remove Ubuntu 14.04
lib:audit_logging: Use C99 initializer for server_id in audit_logging
s3:lib: Use correct C99 initializer for 'struct flock' in messages_dgm
s4:dsdb: Use C99 initializer in dsdb util_trusts
s3:libsmb: Fix C99 initializer in cli_smb2_fnum.c
wafsamba: Enable warnings for missing field initializer
gitlab-ci: Install missing krb5-kdc package on Ubuntu/Debian
bootstrap: Only install required packages on Fedora
bootstrap: Only install required packages on openSUSE
gitlab-ci: Update for building new containers
replace: Add ZERO_ARRAY_LEN() macro
lib:util: Sync memory.h with replace.h
waf: Add mandatory requirement for GnuTLS >= 3.2.0
s3:tls: Remove #ifdef for GnuTLS
s4:rpc_server: Remove obsolete gcrypt init
waf: Remove configure steps from source4/lib/tls
waf: Move gnutls_pkcs7_get_embedded_data_oid to main gnutls file
waf: Add check for gnutls_x509_crt_set_subject_unique_id()
waf: Move check for gnutls_aead_cipher_init to main gnutls wscript
waf: Remove unused GNUTLS defines
s3:modules: Use GnuTLS SHA256 in vfs_acl_common
s4:utils: Use gnutls SHA256 in oLschema2ldif
s4:libcli:smb2: Use GnuTLS SHA256 HMAC for signing
libcli:auth: Use GnuTLS SHA256 HMAC for credentials
libcli:auth: Add return code for netlogon_creds_init_hmac_sha256()
libcli:smb: Use GnuTLS SHA256 HMAC in smb2_key_derivation()
libcli:smb: Use GnuTLS SHA256 HMAC in smb2_signing_sign_pdu()
libcli:smb: Use GnuTLS SHA256 HMAC in smb2_signing_check_pdu()
libcli:smb: Introduce a structure for the smb2_singing_key
libcli:smb: Use 'struct smb2_signing_key' in smbXcli_base.c
s3:librpc: Rename the data blobs for keys in smbXsrv.idl
s3:librpc: Add smb2_signing_key to smbXsrv.idl
s3:smbd: Start to use the smb2_signing_key structure
libcli:smb: Add smb2_signing_key_destructor()
libcli:smb: Use smb2_signing_key for smb2_signing_sign_pdu()
libcli:smb: Use smb2_signing_key for smb2_signing_check_pdu()
auth:gensec: Use GnuTLS SHA256 HMAC for schannel
auth:gensec: Add return code for netsec_do_sign()
lib:crypto: Remove unused SHA256 and HMAC SHA256
lib:torture: Fix size type in torture macro
s4:samdb: Make sure value is initialized with 0
waf: Also check for gnutls_privkey_export_x509()
bootstrap: Fix yum commands
bootstrap: Make sure that the python3 interpreter is installed
bootstrap: Move to python 3.6 on CentOS
bootstrap: Install correct python modules on CentOS7
gitlab-ci: Enable building on CentOS7
libcli:smb: Use GnuTLS SHA512 in smbXcli_base
s3:smbd: Use GnuTLS SHA512 in smb2 server
s3:smbd: Use GnuTLS SHA512 in smb2 session setup
lib:crypto: Remove unused SHA512
ctdb: Fix format in db_hash_test
wafsamba: Enable warnings about format overflows
wafsamba: Enable warnings about zero-length formats
s4:auth: Fix debug statement in gensec_gssapi
s3:rpc_server: Do not free the tdbname before we printed it
s4:ntvfs: Do not free eadb before we printed an error
s4:torture: Do not print NULL strings we just checked before
lib:torture: Fix string comparison macros where we directly pass NULL
s4:torture: Do not free full_name before we printed it
ctdb:common: Do not print NULL if we don't get a sockpath
s3:winbindd: Do not free db_path in idmap_tdb2 before we printed it
s3:utils: If share is NULL in smbcquotas, don't print it
s3:utils: If share is NULL in smbcacls, don't print it
s3:smbspool: Fix regression printing with Kerberos credentials
gitlab-ci: Install libtasn1-tools on Fedora based distributions
s3:libsmb: Add missing OOM check in fill_quota_buffer()
lib:util: Remove unused ALIGN marcos from byteorder.h
lib:util: Remove PPC big endian asm optimized code in byteorder.h
lib:util: Move VWV macro to smb_constants.h
lib:util: Add a test for byteorder.h
libcli:auth: Use GnuTLS MD5 for E_md5hash() in smbcrypt
libcli:auth: Use GnuTLS MD5 in encode_or_decode_arc4_passwd_buffer()
libcli:auth: Use GnuTLS MD5 in encode_wkssvc_join_password_buffer()
libcli:auth: Use GnuTLS MD5 in encode_or_decode_arc4_passwd_buffer()
libcli:auth: Use GnuTLS MD5 in decode_wkssvc_join_password_buffer()
libcli:auth: Use GnuTLS MD5 HMAC in ntv2_owf_gen()
libcli:auth: Use GnuTLS MD5 HMAC in SMBOWFencrypt_ntv2()
libcli:auth: Use GnuTLS MD5 HMAC in SMBsesskeygen_ntv2()
libcli:auth: Use 'bool ok' in ntv2_owf_gen()
libcli:auth: Use GnuTLS MD5 and HMAC MD5 in netlogon_creds_init_128bit
libcli:auth: Add return codes for netlogon_creds_init_128bit()
libcli:drsuapi: Use GnuTLS MD5 in drsuapi_decrypt_attribute_value()
libcli:drsuapi: Use GnuTLS MD5 in drsuapi_encrypt_attribute_value()
libcli:smb: Use GnuTLS MD5 and HMAC MD5 in smb_signing_md5()
libcli:smb: Use GnuTLS HMAC MD5 in smb_key_derivation()
libcli:smb: Return NTSTATUS for smb_signing_md5()
libcli:smb: Return NTSTATUS for smb_signing_sign_pdu()
libcli:smb: Check return code of smb_signing_md5()
libcli:smb: Return NTSTATUS for smb_key_derivation()
auth:ntlmssp: Use GnuTLS HMAC MD5 in ntlmssp client
auth:ntlmssp: Use GnuTLS MD5 and HMAC MD5 in ntlmssp server
auth:ntlmssp: Use GnuTLS MD5 and HMAC MD5 in ntlmssp sign
auth:creds: Use GnuTLS MD5 in ntlm creds
auth:gensec: Use GnuTLS HMAC MD5 in netsec_do_seq_num()
auth:gensec: Use GnuTLS HMAC MD5 in netsec_do_seal()
auth:gensec: Use GnuTLS HMAC MD5 and MD5 in netsec_do_sign()
auth:gensec: Return NTSTATUS for netsec_do_seq_num()
s3:smbd: Return NTSTATUS for srv_calculate_sign_mac()
s3:vfs: Use GnuTLS MD5 in vfs_streams_xattr
s3:vfs: Use GnuTLS MD5 in vfs_fruit
s3:profile: Use GnuTLS MD5
s3:rpc_client: Use GnuTLS MD5 for samr
s4:dsdb: Use GnuTLS MD5 in password_hash module
s3:libcli: Use GnuTLS MD5 for smb singing
s4:libnet: Use GnuTLS MD5 for samr passwords
s4:ntp_signd: Use GnuTLS MD5 in signd
s4:rpc_server: Use GnuTLS MD5 for samr password
s4:messaging: Use GnuTLS MD5 in messaging test
s3:torture: Use GnuTLS MD5
s4:torture: Use GnuTLS MD5 and HMAC MD5 in samlogon test
s4:torture: Use GnuTLS MD5 in ntp_signd test
s4:torture: Use GnuTLS MD5 in samr password tests
s4:torture: Use GnuTLS MD5 for samr password
s4:torture: Use GnuTLS MD5 for samba3rpc
lib:crypto: Remove obsolete MD5 and HMAC MD5
s3:smbspool: Add the 'lp' group to the users groups
s3:smbspool: Print the principal we use to authenticate with
s3:smbspool: Add debug for finding KRB5CCNAME
s3:smbspool: Use %u format specifier to print uid
s3:smbspool: Fallback to default ccache if KRB5CCNAME is not set
s3:smbspool: Print the filename we failed to open
s3:smbspool: Always try to authenticate using Kerberos
s3:smbspool: Add debug messages to kerberos_ccache_is_valid()
s3:smbspool: Use NTSTATUS return codes
third_party: Update nss_wrapper to version 1.1.6
ctdb:tests: Add missing va_end() in ctdb_set_error()
lib:mscat: Add missing return check for error in dumpsmcat
s3:utils: Only declare variables if we're gonna use them
s3:lib: Move up NULL check
s3:modules: Put debug msg into the if clause checking the strings exists
third_party: Update waf to version 2.0.17
libcli:smb: Fix signing with multichannel
libcli/smb: only fallback to the global smb2 signing key if we should sign
s3:client: Link smbspool_krb5_wrapper against krb5samba
gitlab-ci: Add Fedora 30
libcli:util: Add gnutls_error
s4:libcli: Use gnutls_error_to_ntstatus() or singing
libcli:smb: Return NSTATUS for smb2_signing_check_pdu()
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu()
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu()
auth:gensec: Use gnutls_error_to_ntstatus() in schannel
libcli:smb: Use gnutls_error_to_ntstatus() in smbXcli_base.c
s3:smbd: Use gnutls_error_to_ntstatus() in smb2_server
s3:smbd: Use gnutls_error_to_ntstatus() in smb2_sesssetup
libcli:auth: Use gnutls_error_to_ntstatus() in credentials
libcli:smb: Use gnutls_error_to_ntstatus() in smb_signing
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_client
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_server
auth:ntlmssp: Use gnutls_error_to_ntstatus() in ntlmssp_sign
auth:creds: Use gnutls_error_to_ntstatus() in credentials_ntlm
s3:libnet: Use gnutls_error_to_ntstatus() in libnet_passwd
s4:rpc_server: Use gnutls_error_to_ntstatus() in samr_password
s4:ntp_signd: Use gnutls_error_to_ntstatus() in ntp_signd
libcli:util: Add gnutls_error_to_werror()
libcli:auth: Use gnutls_error_to_werror() in smbencrypt
libcli:drsuapi: Use gnutls_error_to_werror() in repl_decrypt
libcli:auth: Use GnuTLS RC4 for netlogon credentials
libcli:auth: Return NTSTATUS for
netlogon_creds_encrypt_samlogon_validation()
libcli:auth: Return NTSTATUS for
netlogon_creds_decrypt_samlogon_validation()
libcli:auth: Return NTSTATUS for netlogon_creds_server_step_check()
libcli:auth: Return NTSTATUS for netlogon_creds_encrypt_samlogon_logon()
libcli:auth: Return NTSTATUS for netlogon_creds_decrypt_samlogon_logon()
libcli:auth: Return NTSTATUS for netlogon_creds_crypt_samlogon_logon()
libcli:auth: Return NTSTATUS for netlogon_creds_arcfour_crypt()
auth:gensec: Use GnuTLS RC4 in netsec_do_seq_num()
auth:gensec: Use GnuTLS RC4 in netsec_do_seal()
auth:gensec: Return NTSTATUS for netsec_do_seal()
auth:ntlmssp: Use GnuTLS RC4 in ntlmssp server
s3:rpc_client: Use C99 inititializer in dcerpc_samr_chgpasswd_user()
s4:rpc_server: Use GnuTLS RC4 in lsa endpoint
s3:utils: Use GnuTLS RC4 in npc_rpc_trust
s4:rpc_server: Use GnuTLS RC4 in lsa server
nsswitch: Use GnuTLS RC4 in wbclient test
s4:tortue: Use GnuTLS RC4 in rpc lsa test
s4:torture: Use GnuTLS RC4 in rpc forest_trust test
s3:winbind: Add support for storing KRB5 credential in KCM
s3:modules: Add hash_inode() function based on SHA1
s3:modules: Allow SHA1 usage for file IDs in FIPS mode
s3:modules: Use hash_inode() in vfs_fruit
s3:modules: Use hash_inode() in vfs_streams_xattr
Andrew Bartlett (136):
selftest: Correct name of flapping smb2.notify test
CVE-2019-3870 pysmbd: Include tests to show the outside umask has no
impact
CVE-2019-3870 pysmbd: Move umask manipuations as close as possible to
users
CVE-2019-3870 pysmbd: Ensure a zero umask is set for smbd.mkdir()
ldb_kv: Skip @ records early in a search full scan
ldb: Avoid calling talloc_get_type() in ldb_kv_parse_data_unpack()
ndrdump: change behaviour of flags to operate as flags
selftest: Move simple-dc-steps.sh to correct folder
build: Remove build of replacetort
replace: Fix "make test" to actually test libreplace
talloc: Follow pattern of ldb and tdb to ensure "make test" depends on a
build
pidl: No longer use Python3 compat define: PyInt_FromLong ->
PyLong_FromLong
pidl: Always call PyLong_FromLongLong() in ndr_PyLong_FromLongLong()
pidl: Always call PyLong_FromUnsignedLongLong() in
ndr_PyLong_FromUnsignedLongLong()
pidl: Call PyLong_FromLongLong() directly rather than via inline helper
pidl: Call PyLong_FromUnsignedLongLong directly rather than via inline
helper
build: Remove ndr_PyLong_FromUnsignedLongLong wrapper from NT_STATUS and
W_ERROR table generator
s4-winbindd: Removed unused wb_utils.c
lib/tls: Remove unused source4/lib/tls/tls.c (tls socket wrapper)
torture: Remove unused torture_ldap_connection2()
torture: Remove unused torture_join_server_dn_str()
torture: Remove unused dsdb_attribute_ldb_to_drsuapi()
libnet: Remove unused source4/libnet/libnet_samsync_ldb.c
libnet: Remove unused source4/libnet/libnet_sam{dump,sync}:
ldb_kv: Remove incorrect reference to LDB_UNPACK_DATA_FLAG_NO_DN
ldb_kv: Use ldb_msg_add_steal_value() in msg_add_distinguished_name()
ldb: move ldb_kv's filter into pack code
ldb: Release ldb 2.0.1
s4 dsdb/repl_meta_data: allocate new extended DNs during ADD on a better
context
tdb: Do not return errors from tdb_repack() in the tail of
tdb_transaction_commit()
dsdb: Add tests for large LDAP responses
tdb: Release tdb 1.4.1
dsdb: Add random values to names in tests for large LDAP responses
dsdb/partition: Ensure metadata.tdb is opened early in
partition_reload_if_required()
dsdb/partition: Move in_transaction decrement to end of
partition_del_trans()
dsdb/partition: Remove teardown of data->metadata on
partition_metadata_set_sequence_number() failure
dsdb: lock metadata.tdb during lock_read in partitions module
selftest: Remove gensec.FEATURE_SEAL from samba4.ldap.notification
ldap_server: Remove success_limit
ldap_server: Run the ldap_encode() step in ldapsrv_queue_reply()
ldap_server: Use an array of struct iovec to avoid data_blob_append()
ldap_server: Add explict repsonse size limit of 256MB
ldap_server: chunk the writev() calls at 25MB
ldap_server: Run ldapsrv_queue_reply() in the ldb callback, rather than
waiting for the full result
torture: Address flapping samba4.rpc.altercontext test
Remove unused auth_get_challenge_not_implemented
dsdb: Remove unsued dsdb_class_by_cn()
libcli/auth: Remove des_crypt64() from smbdes
s4-rpc_server: Remove unused dnsserver_find_partition()
lib: Remove "tdb based replacement for gettext"
libcli/security: Remove unused dup_sec_desc_buf()
libcli/ldap: Remove unsued ldap_transaction()
ntvfs: Remove unused nbench vfs module
ntvfs: Remove unused and untested SMB1 -> SMB2 proxy module
s4-ntvfs: Remove untested stub vfs_print backend
s4-ntvfs: Remove untested ntvfs_cifsposix backend
sambaundoguididx: Add flags=ldb.FLG_DONT_CREATE_DB and port to Python3
Run test for initshutdown
selftest: Add more testing of wkssvc in source3
selftest: Remove infinite client/server loop in srvsvc_NetNameValidate
test
selftest: Run samba3.srvsvc tests covering more of the srvsvc server
ldb: Fix segfault parsing new pack formats
sambaundoguididx: fix for -s
sambadowngradedatabase: Add "or later" to warning about using tools from
Samba 4.8
docs: Improve documentation of "lanman auth" and "ntlm auth" connection
py3: Remove Python2 side of py3compat.h
py3: Remove unused IS_PY3 macro from py3compat.h
py3: Remove unused PyStr_CheckExact macro from py3compat.h
py3: Remove unused PyStr_Concat macro from py3compat.h
py3: Remove unused PyStr_Format macro from py3compat.h
py3: Remove unused PyStr_InternInPlace macro from py3compat.h
py3: Remove unused PyStr_InternFromString macro from py3compat.h
py3: Remove unused PyStr_Decode macro from py3compat.h
py3: Remove unused PyStr_AsUTF8String macro from py3compat.h
py3: Remove unused PY_DESC_PY3_STRING macro from py3compat.h
py3: Remove unused PyInt_CheckExact macro from py3compat.h
py3: Remove unused PyInt_FromString macro from py3compat.h
py3: Remove unused PyInt_FromSsize_t macro from py3compat.h
py3: Remove unused PyInt_FromSize_t macro from py3compat.h
py3: Remove unused PyInt_AS_LONG macro from py3compat.h
py3: Remove unused PyInt_AsUnsignedLongLongMask macro from py3compat.h
py3: Remove unused PyInt_AsSsize_t macro from py3compat.h
selftest: Specifically remove files generated by provision
Revert TestCaseInSubDir parts of "downgradedatabase: blackbox test"
lib/replace: Remove #undef TCP_NODELAY
provision: Suggest "minimal-responses yes;" by default
py3: Remove PyStr_Type() compatability macro
py3: Remove PyStr_Check() compatability macro
py3: Remove PyStr_FromString() compatability macro
py3: Remove PyStr_FromStringAndSize() compatability macro
py3: Remove PyStr_FromFormat() compatability macro
py3: Remove PyStr_FromFormatV() compatability macro
py3: Remove PyStr_AsString() compatability macro
py3: Remove PyStr_AsUTF8() compatability macro
py3: Remove PyStr_AsUTF8AndSize() compatability macro
py3: Remove duplicated PyUnicode_Check() after the py3 compat macros were
removed
ntvfs: Remove now unused functions
lib/tls: Remove unused header definitions from source4/lib/tls/tls.h (tls
socket wrapper)
s4-torture: Remove unused #include of librpc/gen_ndr/ndr_dcerpc_c.h
librpc: Do not generate client code for dbgidl.idl
librpc: Remove unused RPC_NDR_NTLMSSP
librpc: Remove unused RPC_NDR_DRSBLOBS
librpc: Remove unused RPC_NDR_XATTR
librpc: Remove unused RPC_NDR_IDMAP
librpc: Remove unused RPC_NDR_SMB_ACL
librpc: Remove unused RPC_NDR_AUDIOSRV
librpc: Remove unused RPC_NDR_EFS
librpc: Remove unused RPC_NDR_POLICYAGENT
librpc: Remove unused RPC_NDR_WINSIF
librpc: Remove unused RPC_NDR_DSBACKUP
librpc: Remove unused RPC_NDR_NBT
librpc: Remove unused RPC_NDR_SERVER_ID
librpc: Remove unused RPC_NDR_MSGSVC
librpc: Remove unused RPC_NDR_WZCSVC
librpc: Remove unused RPC_NDR_SCERPC
librpc: Remove unused RPC_NDR_TRKWKS
librpc: Remove unused RPC_NDR_KEYSVC
librpc: Remove unused RPC_NDR_MDSSVC
librpc: Remove frsblobs.idl
librpc: Do not generate extra unused client or python bindings with PIDL
librpc: No longer generate or build unused client bindings for frsrpc
pidl: Remove the need to always specify --client with --python
lib/crypto: move gnutls error wrapper to own subsystem
libcli/drsuapi: Make drsuapi_decrypt_attribute_value() static
libcli/drsuapi: Add const to *in parameters to
drsuapi_{en,de}crypt_attribute_value()
libcli/drsuapi: Add expected value unit tests for
drsuapi_{en,de}crypt_attribute_value()
libcli/drsuapi: Correct comment in drsuapi_decrypt_attribute_value()
lib/crypto: Add GnuTLS helper function
samba_gnutls_arcfour_confounded_md5()
liblic/drsupai: use samba_gnutls_arcfour_confounded_md5() wrapper
lib/crypto: Use GnuTLS RC4 for samba_gnutls_arcfour_confounded_md5()
.gitlab-ci.yml: Increase resources for samba-ad-dc-backup job
provision: If --targetdir has been specified then we must always reset
posix:eadb and xattr_tdb:file
pyldb: Apply flags specified by ldb.Ldb(flags=...) even if the URL is not
set
ldb: Add tests for Ldb.write_ldif() including the FLG_SHOW_BINARY and
FLAG_FORCE_NO_BASE64_LDIF
ldb: Try to explain the confusing overload of the LDB_FLG_MOD_*
enumeration and other flags
ldb: Fix dependency on ldb_key_value_sub_txn_{mdb_}test
Anoop C S (3):
s3/vfs_glusterfs: Dynamically determine NAME_MAX
s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX
s3-smbcontrol: Replace && with || to declare variables in do_sleep()
Björn Baumbach (36):
samba-tool: fix some typos
doc: add missing samba-tool user edit documentation
doc: fix typos in samba-tool documentation
doc: add missing "samba-tool computer" entry
doc: add missing "samba-tool ou" entry
s4:rpc_server: add missing newline to error debug message
s4:torture:fsmo.py: test role transfers of dns partitions
s4:torture:fsmo.py: remove unused 'net_cmd' variable
samba-tool: add 'import samba.drs_utils' to fsmo.py
selftest: add test for samba-tool ntacl get/set --use-ntvfs
--xattr-backend=tdb
python/ntacls: use correct "state directory" smb.conf option instead of
"state dir"
samba-tool ntacl: consolidate code for getting the local domain sid
samba-tool: add ntacl changedomsid command
selftest: add tests for samba-tool ntacl changedomsid
docs: add documentation for the samba-tool ntacl changedomsid command
docs: fix typo in "ntlm auth" doc in smb.conf man page
samba-tool: fix format of command description (help messages)
samba-tool tests: rename "user edit" test from edit.sh to user_edit.sh
samba-tool tests: remove probably outdated comment
samba-tool user edit test: use testit instead of subunit_start_test,
pass/failed
ldb/ldb_ldif: add copy_raw_bytes helper variable to ldb_ldif_write_trace()
ldb/ldb_ldif: add LDB_FLAG_FORCE_NO_BASE64_LDIF flag
samba-tool tests: add additional tests for "samba-tool user edit" command
samba-tool user edit: use ldb methods to create ldif to modify user
samba-tool user edit: simplify code
samba-tool tests: add test for 'samba-tool user edit', using
LDB_FLAG_FORCE_NO_BASE64_LDIF
samba-tool user edit: avoid base64 encoded strings in editable ldif if
possible
samba-tool computer: add 'edit' command to edit an AD computer object
doc: add samba-tool computer command to samba-tool man page
samba-tool tests: add test for 'samba-tool computer edit' command
samba-tool group: add 'edit' command to edit an AD group object
samba-tool tests: add test for 'samba-tool group edit' command
doc: add samba-tool group command to samba-tool man page
samba-tool: implement contact management commands
samba-tool tests: add tests for contact management
doc: add documentation for "samba-tool" contact management
Björn Jacke (1):
README: fix samba mailman list address
Christof Schmitt (29):
memcache: Introduce struct for storing talloc pointer
memcache: Properly track the size of talloc objects
memcache: Increase size of default memcache to 512k
torture: Add test for talloc size accounting in memcache
vfs_full_audit: Fix logging of get_real_filename output
nsswitch: Add testcase for checking output of wbinfo --sid-to-name
winbind: Query domain from msrpc name_to_sid
winbind: Query domain from winbind rpc name_to_sid
winbind: Query domain from winbind sam_name_to_sid
winbind: Return queried domain name from name_to_sid
winbind: Use domain name from lsa query for sid_to_name cache entry
nsswitch: Fix usage information of test_wbinfo_name_lookup.sh
vfs_gpfs: Remove usage of gpfs_prealloc
vfs_gpfs: Remove gpfs:prealloc from manpage
gpfswrap: Remove unused gpfs_prealloc wrapper
vfs_gpfs: Block punchhole calls for non-sparse files
selftest: Add gid-to-sid lookup to idmap_ad test
selftest: Use fl2008r2dc for ad_member_idmap_ad
selftest: Make trusted domain information available for idmap_ad
environment
selftest: Add idmap configuration for trusted domain for idmap_ad
selftest: Pass trusted domain information to idmap_ad test
selftest: Add trusted domain tests for idmap_ad
wscript: Remove checks for shm_open and shmget
wafsamba: Add compiler check for missing field initializer check
smbd: Move deadtime default to parameter definition and man page
selftest: Add test for case-preserving in 'net [rpc] conf showshare'
net: Return share name in correct case from net rpc conf showshare
libsmbconf:registry: Return correct case for get_share
torture: Use two connections in SMB2 sharemode tests
David Disseldorp (10):
vfs_snapper: drop unneeded fstat handler
build: add explicit cephfs include path for vfs_ceph builds
vfs_ceph: explicitly enable libcephfs POSIX ACL support
docs/vfs_ceph: describe new ACL behaviour
ctdb/build: fix ctdb_mutex_ceph_rados_helper builds
vfs_ceph: fix cephwrap_flistxattr() debug message
vfs_ceph: drop fdopendir handler
vfs: add ceph_snapshots module
docs: add vfs_ceph_snapshots manpage
client: enable allinfo and altname tab completion
Douglas Bagnall (91):
selftest: use test smb.conf in provision
perf-tests: rename paged search test for regex disambiguation
spell "recursive"
dsdb mods/extended_dn_store: used the ldb we already have
dsdb/modules: minor comment typos in samba_dsdb
autobuild: attempt authenticated email if environment suggests it
ldb_kv_search: avoid handling uninitialised dn
pytest/segfault: segfault with nameless element
pyldb: avoid segfault when adding an element with no name
s4/replmd: delete checks flag before laborious search
s4/replmd delete: optimise attribute preservation with binary search
dsdb/pytest/ldap: revive commented out test for attr size range
dsdb/pytest/ldap: use idiomatic 'e' for exceptions
s4/tests.py: shorten lines with common path
dsdb pytests: test the effect of reordering modify requests
pytests: try ldap.modify_order with normal user
pytests: slightly better errors in Testcase.insta_creds()
dsdb/modules: a module to count attribute searches and results
script/attr_count_read: load and correlate all data
talloc torture: avoid NULL dereference
rpc/dnsdata: do not crash if message attr missing (CID: 1414773)
rpc/dnsdata: avoid crash on missing attr (CID: 1414757)
rpc/dns: leak less on memory failure (CID 1363191)
rpc/dns: reduce the CID count on temporary variables
s4/rpc/dns: check for IP address errors at startup
s4/rpc/drsuapi/writespn: check the actual error code (CID 1034691)
s4/rpc/dcerpc_roh_channel_out: check ndr_init (CID 1273065)
s4/rpc/dcerpc_roh_channel_out: check ndr_init (CID 1273062)
tdbtool: avoid theoretical NULL dereference (CID 1361462)
lib/texpect: avoid theoretical NULL dereference (CID 1273099)
s4/auth/sam: silence CID 1435849
dsdb/modules/acl: avoid deref of missing data (CID 1107200)
dsdb/modules/dirsync: avoid possible NULL dereference (CID 1034800)
dsdb/modules/dirsync: remove useless function call
dsdb/modules/dirsync: ensure attrs exist (CID 1107212)
dsdb/modules/linked_attrs: remove pointless check (CID 240768)
auth/creds/guess: avoid segfault with NULL lp (CID 241187)
auth/creds/torture: add a test showing segfault
pyrpc: ndr PY_CHECK_TYPE checks for NULL as well as type
pyrpc: remove crutch for python <= 2.5
ldb: avoid NULL deref in ldb_dn_from_ldb_val (CID 1034730)
ldb_ldif: avoid NULL dereference with unexpected arguments (CID 1107195)
ldb_map: check a return value (CID 241354)
ldb_mdb: check fcntl return values (CID 1435851)
ldb modules: paged_search checks control is not NULL (CID 241355)
librpc/ndr: make push_charset_to_null UTF-16 safe (CID 1399648)
s4/dnsserver: handle broken zone values in sort (CID 1414763, 1414769)
s4/dnsserver: delay return when trying to log (CID 1444976)
s4/dsdb/util_samr: check some return codes (CID 1444977)
dsdb/mod/count_attrs: set ldb var before using it (CID 1444979)
s4/ldap_bind: notice backend init failure
s4/messaging: do not deref NULL state (CID 1437973)
s4/policy/gp_filesys: avoid SIZE_MAX smbcli write (CID 1034779)
ldb.h: improve comment for LDB_ATTR_FLAG_INDEXED
ldb.h: spelling of 'means'
dsdb/util: spell "equivalence"!
kdb_kv_search: spell 'linearized'
ldb: use ldb_msg_new(), not talloc/talloc_zero
s4: use ldb_msg_new(), not talloc/talloc_zero
dsdb/mod/extended_dn_out: zero whole fake_msg struct
dsdb mods/extended_dn_out: remove element using ldb_msg api
dsdb/replmd: use ldb_msg_remove_element()
ldb_ldap: trust db_msg_new() to return empty message
ldb_ldap: use ldb_msg API to add elements
ldb/tools/ldbtest: initialise msg object
ldb_kv: use ldb_msg_remove_element()
ldb_msg: remove_element() checks element array bounds
dsdb/mod/extended_dn_out: use faster removal filters
dsdb mod/linked_attributes: fix_link_slow(): clarify a comment.
s4/lib/policy/gp_ldap: use ldb API to find messages
util/charset/convert_string: always set length
util/charset/convert: do not overflow dest len
util/charset/convert: do not overflow dest len in corner case
util/charset/convert: when retrying, retry from the start
util/charset/convert: do not pretend to realloc
util/charset/torture: ensure each cp850 high bytes is 3 utf8 bytes
tests/samba-tool: test dns serverinfo/zoneinfo
samba-tool dns: use bytes for inet_ntop
CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in
DnssrvOperation
CVE-2019-12435 rpc/dns: avoid NULL deference if zone not found in
DnssrvOperation2
CVE-2019-12436 dsdb/paged_results: ignore successful results without
messages
s4/scripting/autoidl: another py3 incompatible except
script/bisect-test: fix for py3
wintest: py3 telnet.sendline() doesn't like string with ^Z
s4/script/rodcdns: str type doesn't need decoding
s4/tests/dsdb_schema: not usefully executable as script
pytests/subunitrun: not usefully executable
s4/scripting/smbstatus: approach py3 compatibility
net idmap check: correct spelling of --force
man net: include --json option
docs/smbclient: document -Tcn
Fabrice Fontaine (2):
test_regfio.c: include stdint.h before cmoka.h
Fix uClibc build on 64bit platforms by including stdint.h
Garming Sam (18):
dlz: Add test to ensure there are writable zones
acl_read: Fix regression caused by
db15fcfa899e1fe4d6994f68ceb299921b8aa6f1 for empty lists
libnet vampire: NULL access bug fix
lmdb: iterate_range implementation
ldb_kv_index: Make the edge keys slightly cleaner and generic
ldb_kv_index: Add a giant comment in regards to index_format_fn
schema_syntax: Add comments for our index format functions
ldb: Add ORDERED_INTEGER to the proto-schema handling
ldb: tests for <= and >= integer indexing with duplicates
ldb_mdb: Add some warnings about poorly constructed callbacks
ldb_kv: Remove unnecessary space
ldb_mdb: Change function declaration as per README.coding
ldb_kv: Avoid memdup of database records in the case of base searches
tests/ldb_kv: Add another case for completeness
selftest: rename schemaupgrade_dc (+pair) to schema_dc
CID 1363287: Resource leak using str_list_append
CID 1363286: Resource leak by failing to free tmp_ctx
ldap: Add a database open after fork to speed-up prefork binds
Gary Lockyer (94):
prefork tests: disable restart tests MIT
flapping tests: Add samba3.smb2.notify
lib ldb key_value: Remove index cache lazy initialisation
lib ldb key_value: Pass index cache size
lib ldb key_value: Add get_size method
lib ldb key_value: set the cache size for re-indexing
lib ldb key_value: Set index cache size on open
python join: Set index transaction cache size.
lib util debug: Increase format buffer to 4KiB
s4 heimdal_build: disable leak checks for asn1 compiler
selftest: Utils.cmd_output returns byte string
nsswitch pam_winbind: Fix Asan use after free
s4 dns_server Bind9: Log opertion durations
s4 lib socket: Ensure address string owned by parent struct
s4 librpc rpc pyrpc: Ensure tevent_context deleted last
s3 rpc_client: Fix Asan stack use after scope
s4 dsdb: fix use after free in samldb_rename_search_base_callback
selftest: enable undefined behaviour sanitizer
s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value
samba_autoconf: fix undefined behaviour sanitizer compile flags
s4 librpc rpc pyrpc: Fix flapping dcerpc.bare tests
ldap tests: test scheme for referrals
ldap server: generate correct referral schemes
Fix ubsan null pointer passed as argument 2
s4 lib rpc pyrpc: Fix error message
tests auth log winbind: Fix flapping test
tests blackbox ndrdump: Add test for struct printing
pidl: Allow ndrdump to print public structures
ndrdump: print public structures
drsblobs.idl: remove decode functions
ntlmssp.idl: remove unused decode functions
dnsp.idl: remove unused decode functions
cab.idl: remove unused decode functions
krb5pac.idl: remove unused decode functions
nbt.idl: remove unused decode functions
negoex.idl: remove unused decode functions
preg.idl: remove unused decode functions
security.idl: remove unused decode functions
ntp_signd.idl: remove unused decode functions
sasl_helpers.idl: remove unused decode functions
winsrepl.idl: remove unused decode functions
ntprinting.idl: remove decode functions
tests blackbox ndrdump: Clean up pep8 warnings
WHATSNEW.txt: reindex performance, Bind9 logging
auth auth_log: csbuild unused parm unix_username
auth auth_log: csbuild unused parm transport_protection
lib audit_logging tests: csbuild unused parms
lib ldb ldb_key_value: csbuild unused parm module
lib ldb ldb_key_value: csbuild unused parm module
lib ldb ldb_key_value: csbuild unused parm ldb_kv
lib ldb: csbuild add lib/util/attr.h to dist
lib ldb ldb_key_value: csbuild unused parm ldb_kv_timeout
lib ldb ldb_key_value: csbuild fix integer comparison
lib ldb ldb_key_value: csbuild unused parm tdb
lib ldb ldb_key_value: csbuild unused parm ldb
lib ldb ldb_key_value: csbuild ldb_kv_index_dn_not unused parms
lib ldb ldb_key_value: csbuild unused parms ldb_kv, key
lib ldb ldb_key_value: csbuild fix signed unsigned compare
lib ldb ldb_key_value: csbuild fix unused parm data
lib ldb_key_value: csbuild unused parm key
lib ldb ldb_key_value: csbuild unused parm ldb_kv
lib ldb tests: Test nested transactions
lib ldb tests: remove deprecation warning from api.py
lib ldb key value backends: Add nested txn support
lib ldb key value: add nested transaction support.
lib ldb ldb_key_value tests: Add tests for wrapped operations
lib ldb key value: Remove check_parent from ldb_kv_index_idxptr()
lib ldb key value: fix index buffering
lib ldb key value: use TALLOC_FREE() per README.Coding
lib tdb: memcmp ubsan warning
provision tests: Add --backend-store-size option.
python getopt: Add bytes option type
samba-tool: Make the 'bytes' option type avaiable
samba-tool domain provision: add lmdb database size option
lib ldb: save a copy of the options on the context
ldb: Release ldb 2.0.4
lib ldb ldb_mdb: Pass the lmdb map size as an ldb option
provision: Add --backend-store-size option
domain join tests: Add --backend-store-size option.
samba-tool domain join: Add --backend-store-size option
clone-dc-database tests: Add --backend-store-size option
samba-tool clone-dc-database: Add --backend-store-size option
samba-tool dcpromo tests: add --backend-store-size option
samba-tool domain dcpromo: add --backend-store-size option
join subdomain: changes for --backend-store-size
samba-tool domain join: remove the subdomain option
WHATSNEW.txt: samba-tool --backend-size-parameter
kcc: default to logging to DBGLVL_WARNING
ldb: Add new internal helper function ldb_options_get()
s4 samdb: pass ldb options to ldb_module_connect_backend
ldb key_value: Add batch_mode option
ldb ldb_key_value: test ldb batch
ldb: Rework index_transaction_cache_size to allow caller to specify a
larger size
ldb: Release ldb 2.0.5
Guenther Deschner (3):
s3:libnet: Fix debug message in libnet_DomainJoin()
auth:ntlmssp: Add back CRAP ndr debug output
s3:ldap: Leave add machine code early for pre-existing accounts
Günther Deschner (14):
s3-libnet_join: always pass down admin domain to ads layer
s3-libnet_join: setup libnet join error string when AD connect fails
s3-libnet_join: allow fallback to NTLMSSP auth in libnet_join
lib/replace: define NAME_MAX for platforms that don't have it
s4-torture: include torture/util.h in lease break handler
s4-torture: add new smb2 multichannel suite skeleton.
s4-torture: move oplock break handler out of the replay testsuite.
s4-torture: add test for interface information retrieval for multichannel.
s4-torture: add torture_block/torture_unblock smb2 transport functions
Revert "lib/replace: define NAME_MAX for platforms that don't have it"
Revert "s3/vfs_glusterfs: Dynamically determine NAME_MAX"
Revert "s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX"
s3/vfs_glusterfs: Avoid using NAME_MAX directly
s3/vfs_glusterfs_fuse: Avoid using NAME_MAX directly
Isaac Boukris (5):
CVE-2018-16860 selftest: Add test for S4U2Self with unkeyed checksum
CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum
selftest: remote_pac: s/s2u4self/s4u2self/g
selftest: check for PrimaryGroupId in DC returned group array
Add PrimaryGroupId to group array in DC response
Jeremy Allison (54):
CVE-2019-3880 s3: rpc: winreg: Remove implementations of
SaveKey/RestoreKey.
CVE-2019-3880 s3: rpc: winreg: Remove implementations of
SaveKey/RestoreKey.
s3: SMB1: Don't allow recvfile on stream fsp's.
s3: net: Harden guess_charset() against overflow errors.
s3: net: Harden act_val_hex() act_val_sz() against errors.
s3: net: Harden srprs_str() against memcmp overread.
s3: net: Rewrite of reg_parse_fd() to harden against buffer overwrites.
s3: net: Test of fuzzer problems with net rpc registry import.
lib: popen: Prepare to remove sys_popen().
lib: util: Add file_ploadv().
s3: lib: util: Add file_lines_ploadv().
s3: smbd: Convert dfree code to use file_lines_ploadv().
s3: smbd: Convert print_svid code to use file_lines_ploadv().
s3: smbd: Convert sysquotas.c code to use file_lines_ploadv().
s3: lib: Remove file_lines_pload().
lib: util: Remove file_pload()
s3: lib: Add file_ploadv_send().
s3: winbind: Convert idmap to use file_ploadv_send().
s3: lib: Remove file_pload_send().
lib: util: Finally remove possibilities of using sys_popen() unsafely.
docs: dfree command. Correct usage of dfree scripts.
s3: winbind: Fix crash when invoking winbind idmap scripts.
s3: smbd: Ensure open for security descriptor access actually opens an fd.
s3: torture: Fix a debug typo.
s3: smbd: Update smb_set_posix_acl() to modern coding standards.
s3: smbd: Update smb_set_posix_acl() argument list to prepare for handle
open.
s3: smbd: Update smb_set_posix_acl() to have only one exit path.
s3: smbd: Add correct wrap checks to smb_set_posix_acl().
s3: smbd: Make data offset use clearer in smb_set_posix_acl()
s3: smbd: Clarify logic with helper variables in smb_set_posix_acl()
s3: smbd: Add get_posix_fsp() utility function. Not yet used.
s3: smbd: Update smb_set_posix_acl() to always use an open file handle.
s3: smbd: Now we always have a handle in smb_set_posix_acl(), use it
instead of smb_fname.
s3: smbd: Factor out code into a separate function smb_query_posix_acl().
s3: smbd: Fix smb_query_posix_acl() to use modern coding standards.
s3: smbd: Plumb through struct smb_request *req parameter so it can be
used by smb_query_posix_acl().
s3: smbd: Fix smb_query_posix_acl() to always use fsp handle.
s3: smbd: Cleanup - make remove_posix_acl() use modern coding standards.
s3: smbd: Cleanup - make set_unix_posix_acl() use modern coding standards.
s3: smbd: Cleanup - make remove_posix_acl() return NTSTATUS.
s3: smbd: Make set_unix_posix_acl() return NTSTATUS.
s3: smbd: Cleanup - make set_unix_posix_default_acl() use modern coding
standards.
s3: smbd: Change set_unix_posix_default_acl() to return NTSTATUS.
s3: smbd: Only pass fsp to set_unix_posix_acl(). No longer uses smb_fname.
s3: smbd: Only pass fsp to remove_posix_acl(). No longer uses smb_fname.
s3: smbd: Add default ACLS can only be set on directory check to
smb_set_posix_acl().
s3: smbd: Make set_unix_posix_default_acl() take an fsp argument, not
smb_fname.
s3: smbd: If smbd_do_qfilepathinfo() causes an oplock or lease break, we
must check for deferred open here.
s3: modules: Fruit. Now we know we have a handle, always use VFS_FCHMOD
instead of VFS_CHMOD.
s3: smbd: Posix ACLs. Now we know we have a handle, always use VFS_FCHMOD
instead of VFS_CHMOD.
s3: torture: Add POSIX-ACL-OPLOCK test to check interaction of posix ACL
operations with an oplocked Windows handle.
s3: smbd: We also need to open a real directory fd when modifying
security.
s3: torture: Ensure we can always get a POSIX ACL on a directory handle.
s3: smbd: Make open_directory() always open a fd.
Joe Guo (43):
samba_dnsupdate: small tweaks to make code more pythonic
bootstrap/config.py: mv locale setup from bootstrap.sh
bootstrap/config.py: change UTF-8 to utf8 for locale name in Dockerfile
ENV
bootstrap/config.py: adjust package list to align current ci image
bootstrap/config.py: add missing dev packages
bootstrap/config.py: rm ENV for ccache since we didn't use it any more
bootstrap/config.py: add ARG in Dockerfile to allow add sha1sum into
docker image
bootstrap/config.py: link ld to ld.gold when available
bootstrap/template.py: render locale.sh for each dist and make shell
scripts executable
bootstrap/template.py: add sha1sum support
bootstrap/.gitlab-ci.yml: add ci file to trigger image auto build
.gitlab-ci.yml: make use of bootstrap/.gitlab-ci.yml and use the new
defined image
traffic: make code more pythonic
traffic: define kerberos_state to simplify code
traffic: load dns query from file and write stats to file
.gitlab-ci.yml: keep samba-ci-private tag only for private jobs
bootstrap: add lcov to generate code coverage report
.gitlab-ci.yml: rm abs path in artifacts
.gitlab-ci.yml: add docker tag back for private jobs
samba_dnsupdate: flush dns update cache file after write
selftest/target/Samba4.pm: increase max_wait from 60s to 120s to avoid
timeout failure in samba-ad-dc-backup
wscript: mv --enable-coverage option to global
script/autobuild.py: rename sdir to test_source_dir
script/autobuild.py: mv find_git_root and gitroot to top
script/autobuild.py: mv optionparse to top
script/autobuild.py: add --enable-coverage option
script/autobuild.py: replace more placeholders in cmds for coverage
script/autobuild.py: add ENABLE_COVERAGE placeholder in configure cmd
option
script/autobuild.py: define LCOV_CMD and run it after each make test
.gitlab-ci.yml: add var SAMBA_CI_AUTOBUILD_ENABLE_COVERAGE
.gitlab-ci.yml: add pages job to generate coverage report and publish to
gitlab pages
script/.gitlab-ci.yml: do not run o3 jobs if coverage enabled
Makefile: add lcov command
.gitlab-ci.yml: avoid using != to compare variables to support old
versions
script/autobuild.py: fix tasks indent
script/autobuild.py: rm unused mime type text/plain in tasks
script/autobuild.py: replace random-sleep.sh with python function
script/autobuild.py: add helper functions to simplify make test cmd
script/autobuild.py: improve run_cmd with check_output
script/autobuild.py: define cwd for builder and avoid chdir
script/autobuild.py: rm redundant empty str in options
script/autobuild.py: avoid nested try except block
script/autobuild.py: make code more pythonic
Juergen Hoetzel (1):
docs: Fix typo
Karolin Seeger (2):
docs: Add another dns forwarder in the example.
packaging: Update READMEs to reflect current status.
Kristján Valur (5):
pytalloc: Refactor the pytalloc_reference and pytalloc_steal to use a
common method.
pytalloc: Further refactoring to eliminate duplicate code.
pytalloc: Handle memory errors when creating pytalloc objects.
pytalloc: Check for errors during module initialization.
make some auth functions return an NTSTATUS like other similar functions
for better diagnostics.
Lukas Slebodnik (1):
wafsamba: Use native waf timer
Lutz Justen (2):
waf: install: Remove installation of PIDL and manpages.
waf: build: Respect --disable-python for third_party modules
Martin Schwenke (64):
ctdb-scripts: Reindent some functions prior to making changes
ctdb-scripts: Rename variable nfslock_service to nfs_lock_service
ctdb-scripts: Add test variable CTDB_NFS_DISTRO_STYLE
ctdb-scripts: Factor out nfs_load_config()
ctdb-scripts: Stop/start mount/rquotad/status via NFS call-out
ctdb-scripts: Start NFS quota service if defined
ctdb-scripts: Add systemd services to NFS call-out
ctdb-tests: Update NFS test infrastructure to support systemd services
ctdb-scripts: Default to using systemd services in NFS call-out
ctdb-scripts: Allow load_system_config() to take multiple alternatives
ctdb-scripts: Update statd-callout to try several configuration files
ctdb-scripts: Do not "correct" number of nfsd threads when it is 0
Revert "ctdb-scripts: Do not "correct" number of nfsd threads when it is
0"
ctdb-daemon: Revert "We can not assume that just because we could
complete a TCP handshake"
ctdb-build: Add check for getrusage()
ctdb-daemon: Log when ctdbd CPU utilisation exceeds a threshold
ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL
ctdb-tests: Extend test to cover ctdb rddumpmemory
ctdb-scripts: Drop script configuration variable CTDB_MONITOR_SWAP_USAGE
ctdb-tests: Change sanity_check_output() to internally use $out
ctdb-tests: Make try_command_on_node less error-prone
ctdb-tests: Avoid bulk output in $out, prefer $outfile
ctdb-tests: Wait to allow database attach/detach to take effect
ctdb-tests: Fix usage message
ctdb-tests: Don't clean up test var directory in autotest target
ctdb-daemon: Never use 0 as a client ID
ctdb-tests: Add dump-logs command for local daemons
ctdb-tests: Actually restart if cluster doesn't become healthy
ctdb-tests: Remove old socket wrapper state directory during setup
ctdb-tests: Capture output in $out on failure as well
ctdb-tests: Make ctdb reloadips tests more reliable
ctdb-tests: Fix logic error in simple ctdb reloadips test
ctdb-recoverd: Fix memory leak
ctdb-common: Fix memory leak
ctdb-tools: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-tools: Fix signed/unsigned comparisons by declaring extra variable
ctdb-tools: Fix signed/unsigned comparisons by casting
ctdb-tools: Fix signed/unsigned comparison by declaring as unsigned
ctdb-tools: Fix signed/unsigned comparison by declaring as int
ctdb-tools: Fix signed/unsigned conversion by declaring as size_t
ctdb-tools: Fix potentially uninitialised data
ctdb-common: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-common: Fix signed/unsigned comparisons by casting
ctdb-common: Use #ifdef to avoid TEST_RB_TREE not defined
ctdb-common: Avoid warning for potentially uninitialised pointers
ctdb-common: Avoid unused value warning
ctdb-client: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-client: Fix potentially uninitialised data
ctdb-tests: Fix signed/unsigned comparison by using constant
ctdb-recovery: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-recovery: Fix signed/unsigned comparison by casting
ctdb-recovery: Avoid -1 as a PNN, use CTDB_UNKNOWN_PNN instead
ctdb-recovery: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-utils: Avoid warning about unused value
ctdb-tests: Avoid potentially uninitialised data
ctdb-ipalloc: Fix signed/unsigned comparisons by declaring as unsigned
ctdb-ipalloc: Avoid -1 as a PNN, use CTDB_UNKNOWN_PNN instead
ctdb-ipalloc: Fix warning about unused value assigned to srcimbl
ctdb-cluster: CID 1435726: NULL pointer dereference
ctdb-daemon: Attempt to silence CID 1357985 (Unchecked return value)
ctdb-utils: Fix CID 1125558 (Unchecked return value from library)
util: Fix signed/unsigned comparisons by declaring as size_t
util: Fix signed/unsigned comparisons by declaring as size_t
util: Fix signed/unsigned comparisons by casting
Mathieu Parent (6):
Fix tests whithout lmdb
Spelling fix s/informations/information/
Spelling fixes s/overrided/overridden/
Spelling fixes s/conficts/conflicts/
Spelling fixes s/verson/version/
Relax GPGME version check
Michael Adam (2):
vfs:glusterfs: treat ENOATTR as ENOENT
vfs:glusterfs_fuse: treat ENOATTR as ENOENT
Michael Hanselmann (8):
Split oLschema2ldif into library and binary
Remove ad2oLschema man page
waf: Simplify condition for undefined symbol detection
oLschema2ldif: Resolve multiple parsing bugs
ndrdump: Remove local variables for pipes
read_smb_length: Use correct function name in debug message
ldb: Avoid read beyond buffer
regfio: Return instead of assert for short blocks
Michael Saxl (1):
s4:dlz make b9_has_soa check dc=@ node
Noel Power (68):
s4/scripting/bin Remove unecessary scripts
s3/registry: Fix func cast error (diff in params size_t vs uint32)
s3/registry: Fix incompatible func casts
s3/registry: fix various 'cast between incompatible function' warnings
s3/rpcclient: Fix bad (and illegal) func cast
python: Create macro to hide ugly function signature cast
pidl: Call PY_DISCARD_FUNC_SIG in generated code to avoid ugly warning
s3/smbd: squash 'cast between incompatible function types' warning
s3/ntvfs: squash 'cast between incompatible function types' warning
s4/librpc: squash 'cast between incompatible function types' warning
s3: squash 'cast between incompatible function types' warning
s4: squash 'cast between incompatible function types' warning
squash 'cast between incompatible function types' warning
lib/tdb: squash 'cast between incompatible function types' warning
lib/tevent: squash 'cast between incompatible function types' warning
lib/talloc: squash 'cast between incompatible function types' warning
lib/ldb: squash 'cast between incompatible function types' warning
lib/ldb: Fix incorrect return type for (setter) func type
lib/ldb-samba: squash 'cast between incompatible function types' warning
lib/crypto: squash 'cast between incompatible function types' warning
lib/util: Fix cppcheck null pointer dereference warning
s3/libads: cppcheck fix error: shiftTooManyBitsSigned: error
s3/lib/netapi: Fix 'Possible null pointer dereference' warning
s3/lib: don't write to buffer (which might be NULL) if bufsize <=0
s3/printing: cppcheck avoid 'nullPointerArithmetic:' error
s3/smbd: cppcheck: Fix ctunullpointer error
s4/ntvfs/cifs: cppcheck: squash nullPointer: Possible null pointer
dereference
s4/rpc_server/dnsserver: cppcheck: Fix Uninitialized variable error.
s4/rpc_server/dnsserver: clang: fix Value stored to 'status' is never read
s4/smb_server/smb: cppcheck: Fix uninitvar & uninitStructMember errors
s4/smdb: cppcheck: fix nullPointer: Possible null pointer dereference
warning.
nsswitch: cppcheck: Fix memleakOnRealloc errors
s4/torture/raw: cppcheck: Fix shiftTooManyBitsSigned error
s4/torture/raw: cppcheck: Fix shiftTooManyBitsSigned error
s4/torture/smb2: cppcheck: Fix shiftTooManyBitsSigned error
s4/torture/smb2: cppcheck: Fix shiftTooManyBitsSigned error
s4/torture/unix: cppcheck: Fix shiftTooManyBitsSigned error
s3/rpcclient: cppcheck: Fix shiftTooManyBitsSigned error
lib/pthreadpool: cppcheck: Fix Memory leak
s3/modules: cppcheck: Fix ctunullpointer error
s3/winbdind: cppcheck: fix nullPointerArithmetic error
ctdb/server: cppcheck: fix shiftTooManyBitsSigned error
lib/util/tests: clang fix Value stored to 'lines' is never read warning
nsswitch: cppcheck: Fix ctunullpointer error
s4/torture/rpc: cppcheck: Fix ctunullpointer error
lib/tevent: clang:
DLIST_REMOVE: clang: Fix dereference of a null pointer warning
lib/util: clang: Fix 'Null pointer passed as an argument...' warning
lib/util/charset: clang: Fix Value stored to 'reason' is never read
warning
lib/util: clang: Fix a dereference of a null pointer warning(s)
lib/util: clang: Fix dereference of a null pointer warning
librpc/ndr: clang: Fix Assigned value is garbage or undefined warning
lib/tdb/common: clang: Fix 'Value stored to 'last_ptr' is never read'
lib/tdb: clang: Fix warning: Dereference of null pointer
clang: Fix Null pointer passed as argument warning
lib/util: clang: Fix Value stored during its initialization is never read
lib/dbwrap: clang: Fix 'all argument is an uninitialized value'
lib/dwrap: Fix 'Null pointer passed as an argument to a 'nonnull'
parameter '
librpc/ndr: clang: Fix warning 'Value stored to 'towernum' is never read'
lib/param: clang: Fix 'dereference of a null pointer' warning
lib/util: Fix Value stored to 'ret' is never read warning
lib/tdb/common: Fix warning: Null pointer passed as argument to param
lib/tdb/common: Fix Array access results in a null pointer dereference
lib/ldb/common: clang: Fix Value stored to 'ret' is never read warning
lib/util: clang: Fix warning: Value stored to 'ret' is never read warning
lib/krb5_wrap: clang: Fix warning: Call to function 'mktemp' is insecure
lib/krb5_wrap: clang: Fix warning: Null pointer passed as an argument
lib/krb5_wrap: Fix leaking using mkstemp
Philipp Gesang (3):
libcli: permit larger values of DataLength in
SMB2_ENCRYPTION_CAPABILITIES of negotiate response
provision: use ASCII quotes
python/samba: ignore encoding errors while reading files
Rafael David Tinoco via samba-technical (1):
ctdb-scripts: Fix tcp_tw_recycle existence check
Ralf Habacker (1):
winbind: fix crash in fill_domain_username_talloc() if specified username
is NULL
Ralph Boehme (86):
bootstrap/config.py: add glib2-dev
bootstrap/config.py: add libicu-dev/libicu-devel
bootstrap: move flex to common packages
waf: fix array access out of bounds exception in the check for flex
s3: build: seperate out check for Gnome Tracker from Spotlight
s3:wscript: fix flex and bison detection message when not installed
s3:wscript: fix flex and bison detection
s3/lib: new tevent_glib_glue subsystem
s3/lib: add a tevent_glib_glue subsystem test
s3/lib: tevent-glib-glue test utiltity with Tracker
s3-mdssvc: add tevent context arg to mds_init_ctx
s3-mdssvc: call [un]become_authenticated_pipe_user()
s3-mdssvc: use tevent_glib_glue in mdssvc RPC service
s3-mdssvc: use default g_main context
s3-mdssvc: add missing call to g_cancellable_new()
s3-mdssvc: make mds_ctx_destructor_cb static
s3-mdssvc: add a comment to mds_init()
s3:utils: use struct initializer in async-tracker long_options
waf: only set mandatory to False if not already set by the caller
s3:smbd: don't use recvfile on streams
s4:torture/vfs/fruit: ensure test_adouble_conversion() uses a non-emtpy
resourcefork
s4:torture/vfs/fruit: ensure test_adouble_conversion_wo_xattr() uses a
non-emtpy resourcefork
selftest: run vfs.fruit test against a share that deletes empty resource
forks
vfs_fruit: add a forward declaration for ad_get()
vfs_fruit: change trigger points of AppleDouble conversion
s3: lib: Rename all uses of file_pload_XXX -> file_ploadv_XXX.
registry: add a missing include
s3:mdssvc: fix flex compilation error
vfs_fruit: pass handle to ad_fset()
vfs_fruit: pass handle to ad_set()
vfs_fruit: pass handle to ad_read()
vfs_fruit: pass handle to ad_read_meta()
vfs_fruit: indentation fix
vfs_fruit: use proper VFS function in ad_read_meta()
vfs_fruit: pass handle to ad_read_rsrc() and all the way down
vfs_fruit: indentation fix
vfs_fruit: pass handle to ad_convert_xattr()
vfs_fruit: pass handle to ad_convert_blank_rfork()
vfs_fruit: pass handle to ad_convert_finderinfo()
vfs_fruit: pass handle to ad_convert_delete_adfile()
vfs_fruit: finally, remove ad_handle from struct adouble
vfs_fruit: add and use is_adouble_file()
vfs_fruit: add a missing else
vfs_fruit: ignore AppleDouble files in fruit_unlink()
vfs_fruit: use correct case FRUIT_RSRC_STREAM in readdir_attr_rfork_size()
vfs_fruit: use stream code for resource fork size calculation in
readdir_attr_rfork_size()
vfs_fruit: remove now unused AppleDouble code for resource fork in xattr
vfs_fruit: remove xattr code from the AppleDouble subsystem
vfs_fruit: pass VFS handle to ad_convert_move_reso()
vfs_fruit: remove a layer of indirection
vfs_fruit: only do cross protocol locking on non-internal opens
vfs_fruit: convert ad_open_rsrc() to open a proper fsp with
SMB_VFS_CREATE_FILE()
vfs_fruit: remove use of mmap() from ad_convert_move_reso()
vfs_fruit: use fsp and remove mmap in ad_convert_xattr()
vfs_fruit: add VFS handle to ad_convert_truncate()
vfs_fruit: use VFS function in ad_convert_truncate()
vfs_fruit: use fsp and remove syscalls from ad_convert_blank_rfork()
vfs_fruit: use VFS functions in ad_read_rsrc_adouble()
vfs_fruit: remove a now unnecessary include
s3:auth: add reinit_guest_session_info()
s3:smbd: call reinit_guest_session_info() in the conf updated handler
selftest: allow guest login in the ad_member_idmap_rid env
tests: add a test for guest authentication
s3:auth: explicitly add BUILTIN\Guests to the guest token
vfs_catia: pass stat info to synthetic_smb_fname()
idl: add xattr_DosInfo4 to xattr_DosInfo in xattr.idl
s3: remove unused st_ex_mask from struct stat_ex
s3: convert struct stat_ex st_ex_calculated_birthtime bool to flags
s3: add st_ex_itime to struct stat_ex
s3: add st_ex_file_id to struct stat_ex
s3/lib: add update_stat_ex_itime()
s3/lib: add update_stat_ex_file_id()
s3/lib: add make_file_index_from_itime()
s3:smbd: mark itime non-calculated if we created a file or dir
s3:smbd: parse xattr_DosInfo4 in parse_dos_attribute_blob()
s3:smbd: use xattr_DosInfo4 in set_ea_dos_attribute()
s3:smbd: return inode number, not FileIndex for UNIX query info level
s3:smbd: rename get_FileIndex() to get_fs_file_id()
s3:vfs: add SMB_VFS_FS_FILE_ID()
s3:vfs: move get_fs_file_id to vfs_default
s3:smbd: use stored file_id in SMB_VFS_FS_FILE_ID()
s3:smbd: set file_id in fetch_dos_mode_done()
vfs_fruit: move zero file-id to vfs_fruit
vfs_fruit: make "fruit:zero_file_id" a per share option
vfs_fruit: change default for "fruit:zero_file_id" to false
selftest: add a test that itime is not set when setting DOS attrs
Ralph Wuerthner (5):
s3-messages: modify msg_pool_usage() to allow enhanced memory reports
s3-messages: add mallinfo() information to pool-usage report
s3:debug: use struct initializer
s3:debug: adjust indention
s3:debug: enable logging for early startup failures
Richard Sharpe (1):
s3: smbd: Don't log at WARNING level when exiting the server on error.
Rikard Falkeborn (5):
lib:util: Fix tfork return value if sigprocmask fails
vfs_catia: Fix return value in lock functions
vfs_gpfs: Fix return value if getting data fails
s3: libsmbclient: Fix return value if cli_open() fails
s3: torture: Fix return values
Robert Sander (1):
s3: modules: ceph: use current working directory instead of share path
Sachin Prabhu (14):
s4-torture: move torture_wait_for_oplock_break() to central oplock
handler.
s4-torture: Add function declarations to lease_break_handler.h
s4-torture: Add handlers to ignore incoming oplock/lease break requests
s4-torture: Increase timeout for lease/oplock break handlers
s4-torture: Add #defines required by the new tests
s4-torture: Add helper functions to create channels.
s4-torture: Add handlers to block channels for testing
s4-torture: Add oplock break retry tests - test1
s4-torture: Add oplock break retry tests - test2
s4-torture: Add lease break retry tests - test1
s4-torture: Add lease break retry tests - test2
s4-torture: Add lease break retry tests - test3
s4-torture: Add lease break retry tests - test4
s4-torture: add test to check for max. number of channels per session.
Samuel Cabrero (16):
s4:torture: Initialize tm struct
selftest: Woraround uid wrapper issues when using bash shell
s4:dsdb: Check errno to determine if crypt or crypt_r succeeded
selftests:password_hash: Raise SHA256 rounds to 5000
selftest: Do not include system krb5.conf in s4 test environments
bootstrap/config.py: Add gzip, which and hostname to base packages
bootstrap/config.py: Use generic lsb-release package name
bootstrap/config.py: Fix lmdb-utils package name for RPM family
bootstrap/config.py: Create the 'samba' group in containers
bootstrap/config.py: Add openSUSE Leap 15.0
selftests: Place credential cache file inside environment directory
credentials: Initialize krb5 client to retrieve creds from ccache
credentials: Workaround krb5_cc_remove_cred not implemented in MIT
kerberos
.gitlab-ci.yml: Allow overriding the default image using a variable
s3: net: Consider unprocessed in input buffer
bootstrap: Add OpenSUSE 15.1 image
Shyamsunder Rathi (2):
s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary
s3:notifyd: Handle sigup in notifyd to reparse smb.conf
Stefan Metzmacher (80):
dbcheck: use the str() value of the "name" attribute
dbcheck: fix the err_empty_attribute() check
s4:libcli/raw: don't schedule idle handlers on a dead connection
s4:libcli/smb2: don't schedule idle handlers on a dead connection
s4:torture/raw: test_notify_tcp_dis trigger idle event every 0.25s
s4:torture/smb2: test_notify_tcp_dis trigger idle event every 0.25s
s3:smb2_write: add missing initialization of state->in_offset
s3:smbd: fix SAFE_FREE() vs. TALLOC_FREE() in list_sessions()
s3:smbd: handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO
smb2_ioctl_network_fs: remove unused
fsctl_srv_copychunk_state->aapl_copyfile
smb2_server: allow smbd_smb2_request_pending_queue(0) to avoid
STATUS_PENDING
smb2_sesssetup: avoid STATUS_PENDING responses for session setup
smb2_tcon: avoid STATUS_PENDING responses for tree connect
smb2_sesssetup: avoid STATUS_PENDING completely on session logoff
smb2_tcon: avoid STATUS_PENDING completely on tdis
vfs_default: fix DEBUG messages in vfswrap_offload_write_*_done()
vfs_default: fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE
check
smb2_server: grant all 8192 credits to clients
s4:libcli/smb2: fix smb2_getinfo_send() marshalling
s4:libcli/smb2: calculate the correct credit charge in smb2_getinfo_send()
s4:libcli/smb2: align struct smb_ioctl.smb2 to [MS-SMB2] names
s4:libcli/smb2: calculate the correct credit charge in smb2_ioctl_send()
s4:libcli/smb2: calculate the correct credit charge in smb2_notify_send()
s4:torture/smb2: add smb2_create_simple_file() and
torture_setup_simple_file()
s4:torture/smb2/notify: make use of torture_setup_simple_file() in
test_valid_request()
s4:torture/smb2: replace torture:cn_max_buffer_size option with the
negotiated max trans size
s3:smbd: fix max_buffer handling of initial notify requests
drsuapi.idl: add DRSUAPI_ATTID_schemaInfo
ldapcmp: ignore 'schemaInfo' if two domains are compared
s4:provision: split out provision_self_join_modify_schema.ldif
python/provision: use provision and relax controls for schema provision
dsdb/repl: we need to replicate the whole schema before we can apply it
.gitlab-ci.yml: remove before_script section of .private_template
.gitlab-ci.yml: print out /etc/os-release
.gitlab-ci.yml: print out /proc/swaps
.gitlab-ci.yml: show the system state also as after_script
.gitlab-ci.yml: run samba-schemaupgrade on the private runner
.gitlab-ci.yml: remove outdated comments
.gitlab-ci.yml: require samba-ci-private tag for our private runners
bootstrap/config.py: add patch, rsync and tar
bootstrap/config.py: add a hind how to rebuild generated files
bootstrap/config.py: generate rendered files into
bootstrap/generated-dists/
bootstrap/template.py: generate Vagrantfile just once
bootstrap: remove unused docker.py
bootstrap: add the result of bootstrap/template.py --render
bootstrap/READMD.md: update the instructions to reflect the current code
.gitlab-ci.yml: split AUTOBUILD_JOB_NAME from CI_JOB_NAME
.gitlab-ci.yml: run the samba-o3 job on each working container image
.gitlab-ci.yml: use the ubuntu1804 image as default
s4:torture/smb2: add smb2.stream.names3 test
smbd: allow case insensitive opens of named streams
s4:libcli/raw: add RAW_FILEINFO_NORMALIZED_NAME_INFORMATION support
s4:torture/smb2: add smb2.getinfo.normalized test
smbd: implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling
lib/util: fix call to dbghdrclass() for DEBUGC()
lib/util: remove unused prototypes in debug.h
lib/util: set current_msg_{level,class} also during a DEBUGADD[C]() call
dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL
SID)] ..."
python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get
the ACL
dbcheck: fallback to the default tombstoneLifetime of 180 days
winexe: Use C99 initializer for poptOption in winexe.c
bootstrap: add mingw packages
samba-tool: fix replication after dns partition fsmo role transfer
samba-tool: use only one LDAP modify for dns partition fsmo role transfer
s4:rpc_server:netlogon: don't require NEG_AUTHENTICATED_RPC in
netr_ServerAuthenticate*()
s3:rpc_server:netlogon: don't require NEG_AUTHENTICATED_RPC in
netr_ServerAuthenticate*()
s3:rpc_server:netlogon: simplify AUTH_TYPE_SCHANNEL check in
netr_creds_server_step_check()
ctdb:protocol_util: remove 'const' from allocated strings
ctdb:takeover: add better debugging when a client connects to a non
public address
libcli/smb: add missing struct smb2_signing_key allocation in
smb2cli_session_set_channel_key()
Revert "libcli/smb: add missing struct smb2_signing_key allocation in
smb2cli_session_set_channel_key()"
Revert "libcli:smb: Fix signing with multichannel"
libcli/smb: make sure the session->{smb2->,smb2_channel.}signing_key is
never NULL!
s4:torture: force signing in the smb2.session.bind1 test
libcli/smb: s/smbXcli_session_copy/smbXcli_session_shallow_copy
libcli/smb: harden smbXcli_session_shallow_copy against nonce reusage
s4:torture: add local.ndr.dnsp tests
dnsp.idl: fix dnsp_ip4_array definition
dnsp.idl: fix the dnsp_dns_addr_array definition
dnsp.idl: fix payload for DSPROPERTY_ZONE_DELETED_FROM_HOSTNAME
Swen Schillig (30):
ctdb-test: Modify ctdb_io_test test_setup to provide queue reference
ctdb-test: Adding test case verifying data in buffer move
ctdb-test: Adding test case to verify queue resizeing
lib: modify string conversion wrapper to handle invalid strings
lib: Update error check for new string conversion wrapper
utils: Update error check for new string conversion wrapper
modules: Update error check for new string conversion wrapper
ctdb-protocol: Update error check for new string conversion wrapper
ctdb-tools: Update error check for new string conversion wrapper
common-lib: Update error check for new string conversion wrapper
libcli: Update error check for new string conversion wrapper
source4: Update error check for new string conversion wrapper
lib: remove duplicate check
tests-util: Adding strtoul(l)_err() test leaving errno untouched
tests-util: Adding test to verify negative "number" detection
tests-util: Adding test to verify "no-conversion" detection
lib: Add flag definitions to control the internal string to int
conversion routines
lib: Prepare for strtoul_err(), strtoull_err() API change
lib: Add check for full string consumption when converting string to int
lib: Add capability to enable standard glibc behaviour for string to int
conversion
ctdb: Update all consumers of strtoul_err(), strtoull_err() to new API
lib: Update all consumers of strtoul_err(), strtoull_err() to new API
libcli: Update all consumers of strtoul_err(), strtoull_err() to new API
nsswitch: Update all consumers of strtoul_err(), strtoull_err() to new API
source3: Update all consumers of strtoul_err(), strtoull_err() to new API
source4: Update all consumers of strtoul_err(), strtoull_err() to new API
util: cleanup API change for strtoul(l) wrappers
tests-util: Adding test to verify "allow-negative" flag
tests-util: Adding test to verify "full-string-conversion" flag
tests-util: Adding test to verify "allow no conversion" flag
Tim Beale (32):
selftest: Restore IPs 12-16 for selftest client
s4/torture: Update winsreplication to only use IPv4 addresses
tests: Add test for setting min/maxPwdAge
netcmd: Use python constant for -0x8000000000000000
netcmd: Add some timestamp conversion helper functions
netcmd: Fix passwordsettings --max-pwd-age command
CVE-2019-3870 tests: Extend smbd tests to check for umask being
overwritten
CVE-2019-3870 tests: Add test to check file-permissions are correct after
provision
selftest: Add new 2-DC testenv for live schema upgrade
traffic_replay: Assign users to groups by default
traffic_replay: Avoid Exception if no packet rate is specified
selftest: Refactor duplicated code to set ENV vars
selftest: remove unused variable (@optargs)
selftest: Move fork cmd args up a level
selftest: Add helper function to build up s3 daemon cmd
selftest: Store fork-and-exec daemon info in a hashmap
selftest: Rework setting env variables for nmbd
selftest: Rework setting env variables for other forked binaries
selftest: Add common fork_and_exec() function
selftest: Use scalar variable for new daemon_ctx hashmap
selftest: Allow for wider range of terminals (besides xterm)
selftest: Add helper scripts to run selftest in namespaces
selftest: Add TESTENV_DIR "env" variable
selftest: Add linux namespace support (USE_NAMESPACES=1)
selftest: Add helper scripts for accessing the testenv namespace
selftest: Add more notes on using selftest with namespaces
provision: Fallback to assumption root-UID==zero
selftest: Add check customdc has valid realm/domain
selftest: Don't use global dirs when parsing customdc realm
dsdb: Handle DB corner-case where PSO container doesn't exist
tests: Add getncchanges test for cross-partition links + TGT
repl_md: Avoid dropping cross-partition links
Volker Lendecke (201):
rpc_server: Simplify make_server_pipes_struct
rpc_server: Fix an error path memleak in make_server_pipes_struct
rpc_server: Make make_server_pipes_struct API safer
rpc_server: Favor talloc_move over talloc_steal
rpc_server: Simplify named_pipe_accept_function
rpc_server: Avoid casts in DBG statements
tstream_npa: Avoid an unnecessary ZERO_STRUCTP
tsocket: Simplify tsocket.h
librpc: Add a required #include
rpc_server3: Add a \n to a DEBUG message
libsmb: Fix cli_smb2_get_reparse_point_fnum_send
lib: Make fd_load work for non-regular files
libsmb: Fix valgrind errors in cli_smb2_get_reparse_point
libsmb: Rename "readlink_state" to "cli_posix_readlink_state"
libsmb: Don't pass "cli" to cli_posix_readlink_recv
libsmb: Change cli_posix_readlink to return talloc'ed target
libsmb: Rename InfoType from [MS-SMB2] according to the spec
libsmb: Make "struct smb2_lock_element" generally usable
libsmb: Make cli_posix_chown/chmod proper tevent_req functions
rpc: Don't crash if npa_accept fails
auth: Add necessary decoration to auth/auth_util.h
rpc: Fix a typo
rpc: Add tstream_u32_read
rpc: Convert npa_tstream.c to use tstream_u32_read_send
ctdb: Slightly simplify ctdb_ltdb_lock_fetch_requeue
ctdb: Fix a typo
lib: Initialize getline() arguments
lib: Initialize variables in parse_resolvconf_fp
smbd: Factor out map_lease_type_to_oplock
leases_db: Make leases_db_rename atomic
leases_db: Make leases_db_add use leases_db_do_locked
leases_db: Make leases_db_del use leases_db_do_locked
build: Move smbstatus definition to source3/utils/wscript_build
smbd: Remove some unused includes
utils: Move conn_tdb.c to utils/
smbd: Small optimization for break_to_none
smbd: Introduce a helper variable in delay_for_oplock()
smbd: Introduce a helper variable in delay_for_oplock()
smbd: Pass lease parameters explicitly to find_fsp_lease
leases_db: Add share_mode_lease info to leases.tdb
leases_db: Add getter/setter for share_mode_lease metadata
smbd: Use leases_db_set()
smbd: Add lease key to share_mode_entry
smbd: Use share_mode_entry's lease data in delay_for_oplock()
smbd: Use share_mode_entry's lease data in delay_rename_for_lease_break()
smbd: Use share_mode_entry's lease data in is_same_lease()
smbd: Use share_mode_entry's lease data in remove_share_mode_lease()
smbd: Use share_mode_entry's lease data in remove_share_mode_lease()
smbd: Use share_mode_entry's lease data in vfs_default_durable_reconnect()
smbd: Use share_mode_entry's lease data in lease_match()
smbd: Use leases_db in delay_for_oplock()
smbd: Use leases_db in get_lease_type()
smbd: Use leases_db in fsp_lease_update()
utils: Use leases_db in smbstatus
smbd: Don't pass lease_idx down to set_share_mode()
smbd: Don't pass up lease_idx from grant_fsp_lease
smbd: Add update_share_mode_lease_from_db()
smbd: Split up grant_fsp_lease()
smbd: Use leases_db in try_lease_upgrade()
smbd: Use leases_db in downgrade_lease()
smbd: Use leases_db in vfs_default_durable_reconnect()
smbd: Use leases_db in process_oplock_break_message()
smbd: Make find_share_mode_lease() static
smbd: Use leases_db in lease_match()
smbd: Add share_mode_forall_leases()
smbd: Use share_mode_forall_leases in rename_share_filename()
smbd: Use share_mode_forall_leases in do_break_to_none()
smbd: Use share_mode_forall_leases in share_mode_cleanup_disconnected()
smbd: Remove share_mode_lease and the leases array from share_mode_entry
winbind: Fix overlapping id ranges
smbd: Use smbd_check_access_rights in reply_setatr()
smbd: Make "check_access()" static to trans2.c
smbd: Use a struct initializer
libcli: Remove an unnecessary #include
libcli: Align integer types
smbd: Use "ISDOT" in reply_setatr
dbwrap: Fix tdb_data_buf()
dbwrap: Adapt tdb_data_buf's overflow handling to modern conventions
g_lock: Apply some const
g_lock: Fix a typo
smbd: Use a direct struct assignment in reply_setatr()
smbd: Fix a typo
smbd: Slightly simplify delay_for_oplock()
smbd: Remove an obsolete comment from share_conflict()
smbd: Remove a pointless "continue" statement
smbd: Use send_break_message() in send_break_to_none()
smbd: Do oplock break messages in ndr
smbd: Add file_rename_message in idl
smbd: Send "share_file_id" with the rename msg
smbd: Enable "smbd:suicide mode" for smb2
smbtorture: Add a test to make smbd panic
smbd: Fix a panic
smbd: Merge "print_lock_struct" into one DBG
tdb: Fix typo in README
smbd: Calculate delay_mask only once in delay_for_oplock
ctdb: Remove unused ctdb_ltdb_fetch_with_header()
ctdb: Make TDB_SEQNUM work synchronously with ctdb
lib: Only compile resolvconftest if fmemopen exists
lib: Fix CID 1445648 Null pointer dereferences
smbd: Fix a typo
brlock: Remove clustering special case
dbwrap: Use sizeof, not an integer constant
smbd: Fix a typo
smbd: Use "fsp->lease" instead of "lease"
smbd: Simplify fsp_lease_update()
smbd: Factor out fsps_lease_update()
smbd: Fix a typo
smbd: Avoid casts in smbd_do_locking()
smbd: Use tevent_req_simple_recv_ntstatus() in smbd_smb2_lock_recv()
smbtorture: Fix a typo
smbd: Simplify an if-expression in smbd_do_locking()
smbd: Align integer types in smbd_do_unlocking()
smbd: Avoid casts in smbd_do_unlocking()
smbd: Avoid casts in do_unlock()
smbd: Avoid casts in smbd_smb2_lock_send()
smbd: Adapt brl_pending_overlap to README.Coding
autobuild: Fix autobuild for python3
smbd: Avoid a "?true:false" in smbd_do_locking
libsmb: Align integer types
libsmb: Remove unused cli_[un]lock64()
smbd: Use smb1cli_is_andx_req()
libsmb: Remove unused is_andx_req
libsmb: Add async cli_lockingx()
libsmb: Use cli_lockingx() in cli_oplock_ack()
libsmb: Use cli_lockingx() in cli_locktype()
libsmb: Use cli_lockingx() in cli_unlock()
smbd: Slightly simplify reply_lockingX()
smbd: Slightly simplify reply_lockingX()
smbd: Slightly simplify reply_lockingX()
smbd: Simplify smbd_do_locking()
smbd: smbd_do_locking() does not use the "type" param anymore
smbd: Fix a typo
smbtorture: Match comment with test
smbd: Avoid casts
smbd: Align integer types in reply_lockingX
smbd: Add a explanation for num_aio_requests
smbd: Slightly simplify smb_set_posix_lock()
smbd: Deprecate "blocking locks" parameter
smbd: Only remove locks by mid if necessary
tevent: Fix a typo
smbd: Fix a typo
lib: Fix a typo
smbd: Avoid casts in reply_unlock()
smbd: Use NT_STATUS_IS_OK() in reply_unlock()
smbd: Avoid casts in smb_set_posix_lock()
smbd: Simplify smb_set_posix_lock()
smbd: Add "lock_flav" to smbd_do_unlocking()
smbd: Use smbd_do_unlocking() in smb_set_posix_lock()
smbd: Use smbd_do_unlocking() in reply_writeunlock()
smbd: Use smbd_do_unlocking() in reply_unlock()
torture3: Add a test to block a locking&read
torture3: Test LOCKINGX_CANCEL without locks
torture3: Test blocking posix locks
torture3: Run a blocking lock&x call with a subsequent read
libsmb: Make cli_lockingx cancellable
torture3: Test cancelling locking&x with ntcancel
smbd: Add "blocker_pid" to brl_lock()
smbd: Add some paranoia against NULL dereference
smbd: Return "blocker_pid" from do_lock()
smbd: Slightly simplify smbd_smb2_lock_send()
smbd: Add smbd_smb1_do_locks_send/recv()
smbd: Ping dbwrap_watch on locking.tdb for in smbd_do_unlocking()
smbd: Remove SMB1 special case handling from brlock.c
smbd: Use smbd_smb1_do_locks_send() in reply_lockread()
smbd: Use smbd_smb1_do_locks_send() in reply_lock()
smbd: Use smbd_smb1_do_locks_send() in reply_lockingX()
smbd: Use smbd_smb1_do_locks_send() in smb_set_posix_lock()
smbd: Base smb2_lock.c on tevent_req
smbd: Don't call cancel_pending_lock_requests_by_fid on close
smbd: Add a clarifying comment on triggering waiters
smbd: Cancel smbd_smb1_do_locks requests in reply_ntcancel
smbd: Remove unused brlock code
vfs: Remove SMB_VFS_BRL_CANCEL_WINDOWS
smbd: Remove struct blocking_lock_record
smbd: Fix broken brlock for clustering
vfs_preopen: Fix for O_NOFOLLOW
vfs_preopen: Fix an uninitialized variable read
vfs_preopen: TALLOC_FREE(fde) before closing the underlying fd
librpc/idl: fix build with --enable-spotlight
smbd: Ensure initialized vars in do_lock
smbd: Avoid casts in do_lock()
smbd: Make do_lock() return NTSTATUS
smbd: do_lock() never sees blocking locks anymore
smbd: brl_lock() never sees blocking locks anymore
vfs: Remove "blocking_lock" from SMB_VFS_BRL_LOCK_WINDOWS
smbd: Remove unused "blocking_lock" from brl_lock_windows_default()
smbd: Remove unused "msg_ctx" from brl_lock_posix
smbd: Remove unused "msg_ctx" from brl_lock()
smbd: Remove unused "msg_ctx" from do_lock()
smbd: Remove unused "msg_ctx" from brl_unlock_posix()
vfs: Remove unused "msg_ctx" from SMB_VFS_BRL_UNLOCK_WINDOWS
smbd: Remove unused "msg_ctx" from brl_unlock()
smbd: Remove unused "msg_ctx" from brl_close_fnum()
smbd: Remove unused "msg_ctx" from do_unlock()
smbd: Remove unused "msg_ctx" from locking_close_file()
smbd: Remove unused "msg_ctx" from smbd_do_locks_try()
smbd: Remove unused "msg_ctx" from smbd_smb1_do_locks_send()
smbd: Simplify filename_convert_internal()
tdb: Adapt tdb_rescue() to README.Coding
tdb: Adapt _tdb_transaction_cancel() to README.Coding
lib: Fix return of server_id_db_prune_name()
-----------------------------------------------------------------------
--
Samba Shared Repository
