[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2b77b07 s3/libsmb: Free memdup'd local variable via 9a9e569 passdb: Patch memory leak in pdb_ldap.c from 293aac0 testprogs: Fix pkinit test with system ldb. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2b77b072862accc3fffddc964740917102898567 Author: Jose A. Rivera Date: Thu Feb 20 09:14:59 2014 -0600 s3/libsmb: Free memdup'd local variable secrets_fetch_machine_password() sets pwd to point to memdup()'d (and thus malloc()'d) memory. This memory should be freed before we go out of scope. Change-Id: I07e575819c309fa5b85627dce2eb969bc720ce4e Coverity-Id: 1168001 Reviewed-by: Ira Cooper Signed-off-by: Jose A. Rivera Reviewed-by: Simo Sorce Autobuild-User(master): Simo Sorce Autobuild-Date(master): Sat Feb 22 00:58:23 CET 2014 on sn-devel-104 commit 9a9e56943d186e5a8655b5d731a339e453da8ae8 Author: Jose A. Rivera Date: Tue Feb 18 07:35:37 2014 -0600 passdb: Patch memory leak in pdb_ldap.c Moved the call to the talloc autofree function to as early a point as possible. init_ldap_from_sam() already calls smbldap_set_mod(), and there's a chance that the init will fail after having already allocated memory for &mods. Coverity-Id: 1167997 Change-Id: Ic26bfb3c530f90aa885e447b8409deba49708d64 Reviewed-by: Ira Cooper Signed-off-by: Jose A. Rivera Reviewed-by: Simo Sorce --- Summary of changes: source3/libsmb/trusts_util.c |1 + source3/passdb/pdb_ldap.c| 10 ++ 2 files changed, 7 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index b38aec6..bb2e977 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -118,6 +118,7 @@ NTSTATUS trust_pw_change(struct netlogon_creds_cli_context *context, TALLOC_FREE(frame); return NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE; } + free(pwd); break; case SEC_CHAN_DOMAIN: if (!pdb_get_trusteddom_pw(domain, &pwd, &sid, &pass_last_set_time)) { diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 6be5fb6..cea8627 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -5168,6 +5168,7 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, uint32_t num_result; bool is_machine = False; bool add_posix = False; + bool init_okay = False; LDAPMod **mods = NULL; struct samu *user; char *filter; @@ -5285,7 +5286,10 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, return NT_STATUS_UNSUCCESSFUL; } - if (!init_ldap_from_sam(ldap_state, entry, &mods, user, pdb_element_is_set_or_changed)) { + init_okay = init_ldap_from_sam(ldap_state, entry, &mods, user, pdb_element_is_set_or_changed); + smbldap_talloc_autofree_ldapmod(tmp_ctx, mods); + + if (!init_okay) { DEBUG(1,("ldapsam_create_user: Unable to fill user structs\n")); return NT_STATUS_UNSUCCESSFUL; } @@ -5371,9 +5375,7 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods, smbldap_set_mod(&mods, LDAP_MOD_ADD, "loginShell", shell); } - smbldap_talloc_autofree_ldapmod(tmp_ctx, mods); - - if (add_posix) { + if (add_posix) { rc = smbldap_add(ldap_state->smbldap_state, dn, mods); } else { rc = smbldap_modify(ldap_state->smbldap_state, dn, mods); -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 293aac0 testprogs: Fix pkinit test with system ldb. via 069015b testprogs: Fix kinit test with system ldb. via f26db53 nsswitch: Fix idmap rfc2307 test with system ldb. via 153dfc5 selftest: Use the absolute path to the ldb modules. via d871a31 heimdal: Use krb5_free_default_realm() for free() via 58e7e56 kdc: Free the resource which is not used anymore via 66fb0ce s3:winbindd: avoid directly asking a trusted domain in wb_lookupsids*() via 3413e64 s3:winbindd: fix _wbint_LookupSids() on error from 33f10d0 s3:smbd: avoid invalid lock_order panic triggered by "CTDB_SRVID_RELEASE_IP" http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 293aac0508d64551f549512d622e04ed22f297f6 Author: Andreas Schneider Date: Fri Feb 21 15:55:22 2014 +0100 testprogs: Fix pkinit test with system ldb. Reviewed-by: Alexander Bokovoy Autobuild-User(master): Andreas Schneider Autobuild-Date(master): Fri Feb 21 17:58:24 CET 2014 on sn-devel-104 commit 069015bee917aa45a0e99194d767582df01ce24f Author: Andreas Schneider Date: Fri Feb 21 15:52:42 2014 +0100 testprogs: Fix kinit test with system ldb. Reviewed-by: Alexander Bokovoy commit f26db53273a8f97267982af9799c26b49ef5b216 Author: Andreas Schneider Date: Fri Feb 21 15:37:52 2014 +0100 nsswitch: Fix idmap rfc2307 test with system ldb. Reviewed-by: Alexander Bokovoy commit 153dfc514c5885e52f11852b25dd018fc1160067 Author: Andreas Schneider Date: Fri Feb 21 14:23:00 2014 +0100 selftest: Use the absolute path to the ldb modules. This fixes 'make test' on Fedora with external ldb. Reviewed-by: Guenther Deschner Reviewed-by: Alexander Bokovoy commit d871a31e61e1e0156644cc19cd636452ccbbe20b Author: Santosh Kumar Pradhan Date: Fri Feb 21 09:48:31 2014 +0530 heimdal: Use krb5_free_default_realm() for free() The resource allocated by krb5_default_default_realm() should be free()'d by krb5_free_default_realm() instead of plain free() for better readability. Signed-off-by: Santosh Kumar Pradhan Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 58e7e564d7c81dc1b1084174957568396233a743 Author: Santosh Kumar Pradhan Date: Fri Feb 21 09:43:47 2014 +0530 kdc: Free the resource which is not used anymore In samba_kdc_firstkey() routine, krb5_get_default_realm() allocates memory for "realm" but never used afterwards. Free() the leaked memory. CID: 1107223 Signed-off-by: Santosh Kumar Pradhan Reviewed-by: Volker Lendecke Reviewed-by: Andreas Schneider commit 66fb0ce9557553a4c01607b517e65ac4c93841d0 Author: Gregor Beck Date: Thu Feb 20 11:25:53 2014 +0100 s3:winbindd: avoid directly asking a trusted domain in wb_lookupsids*() As a domain member we should always use a DC of our own domain. It would be possible to pass all sids in one single dcerpc_wbint_LookupSids() call. For now we just fix bug. Pair-Programmed-With: Stefan Metzmacher Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458 Signed-off-by: Gregor Beck Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider commit 3413e64149702136429d7b5acaa7a52c49abf564 Author: Gregor Beck Date: Thu Feb 20 13:14:31 2014 +0100 s3:winbindd: fix _wbint_LookupSids() on error We need to make sure that r->out.domains remains valid, otherwise we're not able to marshall the response. Note that wbint_LookupSids() has [out,ref] lsa_RefDomainList *domains, while lsa_LookupSids() has [out,ref] lsa_RefDomainList **domains. Pair-Programmed-With: Stefan Metzmacher Bug: https://bugzilla.samba.org/show_bug.cgi?id=10458 Signed-off-by: Gregor Beck Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider --- Summary of changes: nsswitch/tests/test_idmap_rfc2307.sh | 13 +++-- selftest/wscript |2 +- source3/winbindd/wb_lookupsids.c |2 +- source3/winbindd/winbindd_dual_srv.c |8 +++- source4/heimdal/lib/krb5/principal.c |6 +++--- source4/kdc/db-glue.c|1 + testprogs/blackbox/test_kinit.sh | 12 ++-- testprogs/blackbox/test_pkinit.sh| 12 ++-- 8 files changed, 44 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh index b9efd34..d3087a1 100755 --- a/nsswitch/tests/test_idmap_rfc2307.sh +++ b/nsswitch/tests/test_idmap_rfc2307.sh @@ -18,8 +18,17 @@ DC_PASSWORD="$9" echo called with: $1 $2 $3 $4 $5 $6 $7 $8 $9 wbinfo="$VALGRIND $BINDIR/wbinfo" -ldbad
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 33f10d0 s3:smbd: avoid invalid lock_order panic triggered by "CTDB_SRVID_RELEASE_IP" via 9677fae s3:lib/ctdbd_conn: let release_ip_handler return bool via 52ccb40 s3:smbd: maintain smbd_server_connection->status via 58c71be s3:smbd: simplify exit_server_common() from 913b2a1 clitar: don't panic, propagate talloc errors upwards http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 33f10d06baf44e31d558bc5bd926c886915322cc Author: Stefan Metzmacher Date: Thu Feb 13 15:36:27 2014 +0100 s3:smbd: avoid invalid lock_order panic triggered by "CTDB_SRVID_RELEASE_IP" If smbd_server_connection_terminate("CTDB_SRVID_RELEASE_IP") is triggered from within ctdbd_migrate(), we got a smb_panic complaining about invalid lock_order, as ctdbd_migrate is called from dbwrap_fetch_locked(). Bug: https://bugzilla.samba.org/show_bug.cgi?id=10444 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Feb 21 14:51:51 CET 2014 on sn-devel-104 commit 9677fae6aab26d2bf0884dc31516d2dcd8840c03 Author: Stefan Metzmacher Date: Mon Feb 17 11:57:52 2014 +0100 s3:lib/ctdbd_conn: let release_ip_handler return bool If it returns true the passed ip address matched and we let a nested ctdb operation fail with NT_STATUS_ADDRESS_CLOSED. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 52ccb40d595fc80bfa53b0b9cd75ffb902369681 Author: Stefan Metzmacher Date: Mon Feb 17 12:01:12 2014 +0100 s3:smbd: maintain smbd_server_connection->status If this isn't NT_STATUS_OK, we skip any io on the socket. This avoids possible problems during shutdown. Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke commit 58c71bee40bb91868fc69d8f7fa640db0e33efae Author: Stefan Metzmacher Date: Mon Feb 17 12:05:42 2014 +0100 s3:smbd: simplify exit_server_common() Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke --- Summary of changes: source3/include/ctdbd_conn.h |2 +- source3/lib/ctdbd_conn.c | 36 +--- source3/smbd/globals.h |1 + source3/smbd/process.c | 72 +++-- source3/smbd/server_exit.c | 17 +++-- source3/smbd/smb2_server.c | 16 + 6 files changed, 129 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/ctdbd_conn.h b/source3/include/ctdbd_conn.h index ce5c8ba..0f85229 100644 --- a/source3/include/ctdbd_conn.h +++ b/source3/include/ctdbd_conn.h @@ -76,7 +76,7 @@ NTSTATUS ctdbd_traverse(uint32_t db_id, NTSTATUS ctdbd_register_ips(struct ctdbd_connection *conn, const struct sockaddr_storage *server, const struct sockaddr_storage *client, - void (*release_ip_handler)(const char *ip_addr, + bool (*release_ip_handler)(const char *ip_addr, void *private_data), void *private_data); diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c index 6ab4bbe..4d90324 100644 --- a/source3/lib/ctdbd_conn.c +++ b/source3/lib/ctdbd_conn.c @@ -59,7 +59,7 @@ struct ctdbd_connection { struct ctdb_packet_context *pkt; struct tevent_fd *fde; - void (*release_ip_handler)(const char *ip_addr, void *private_data); + bool (*release_ip_handler)(const char *ip_addr, void *private_data); void *release_ip_priv; }; @@ -428,10 +428,23 @@ static NTSTATUS ctdb_read_req(struct ctdbd_connection *conn, uint32_t reqid, if ((conn->release_ip_handler != NULL) && (msg->srvid == CTDB_SRVID_RELEASE_IP)) { + bool ret; + /* must be dispatched immediately */ DEBUG(10, ("received CTDB_SRVID_RELEASE_IP\n")); - conn->release_ip_handler((const char *)msg->data, -conn->release_ip_priv); + ret = conn->release_ip_handler((const char *)msg->data, + conn->release_ip_priv); + if (ret) { + /* +* We need to release the ip, +* so return an error to the upper layers. +* +* We make sure we don't trigger this again. +*/ + conn->release_ip_handler = NULL;
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via ce98b19 librpc/nbt: increase MAX_COMPONENTS limit for nbt_names. via 09e750b dfs: always call create_conn_struct with root privileges from 629e95e VERSION: Bump version number up to 4.1.6... http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit ce98b1995f09d2f2739d520e09044b78596756a5 Author: Günther Deschner Date: Tue Feb 4 16:38:46 2014 +0100 librpc/nbt: increase MAX_COMPONENTS limit for nbt_names. domains with more then 10 subdomains are not so uncommon. https://bugzilla.samba.org/show_bug.cgi?id=10439 Guenther Signed-off-by: Günther Deschner Reviewed-by: Andreas Schneider Autobuild-User(master): Günther Deschner Autobuild-Date(master): Thu Feb 13 16:30:50 CET 2014 on sn-devel-104 (cherry picked from commit 4e05bad0d18e351cb2a2db74860e77adea727c79) Signed-off-by: Andreas Schneider Autobuild-User(v4-1-test): Karolin Seeger Autobuild-Date(v4-1-test): Fri Feb 21 13:19:27 CET 2014 on sn-devel-104 commit 09e750b25e9901ed36ca9d6946d0781149d6254d Author: Garming Sam Date: Thu Dec 19 09:55:44 2013 +1300 dfs: always call create_conn_struct with root privileges This fixes a bug in dfs_samba4 identified by Daniel Müller. create_conn_struct calls SMB_VFS_CONNECT which requires root privileges. SMB_VFS_CONNECT in turn calls dfs_samba4_connect which connects to samdb. Calls were made to this function without ever becoming root (notably via setup_dfs_referral) which resulted in an error and the VFS connect failing. This happens when you have an active directory domain controller with host msdfs = yes in smb.conf and dfs links in place. Signed-off-by: Garming Sam Reviewed-by: Bjoern Baumbach Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Jan 10 20:11:03 CET 2014 on sn-devel-104 (cherry picked from commit 24a687642de21ce872d25f16b3525003844d05f9) Fix bug #10378 - dfs: always call create_conn_struct with root privileges. --- Summary of changes: librpc/ndr/ndr_nbt.c |2 +- source3/smbd/msdfs.c | 31 ++- 2 files changed, 31 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/ndr/ndr_nbt.c b/librpc/ndr/ndr_nbt.c index f2a1ca3..842e972 100644 --- a/librpc/ndr/ndr_nbt.c +++ b/librpc/ndr/ndr_nbt.c @@ -27,7 +27,7 @@ #include "../libcli/netlogon/netlogon.h" /* don't allow an unlimited number of name components */ -#define MAX_COMPONENTS 10 +#define MAX_COMPONENTS 128 /** print a nbt string diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c index 52a2a48..096a3a0 100644 --- a/source3/smbd/msdfs.c +++ b/source3/smbd/msdfs.c @@ -221,9 +221,11 @@ static NTSTATUS parse_dfs_path(connection_struct *conn, Fake up a connection struct for the VFS layer, for use in applications (such as the python bindings), that do not want the global working directory changed under them. + + SMB_VFS_CONNECT requires root privileges. */ -NTSTATUS create_conn_struct(TALLOC_CTX *ctx, +static NTSTATUS create_conn_struct_as_root(TALLOC_CTX *ctx, struct tevent_context *ev, struct messaging_context *msg, connection_struct **pconn, @@ -347,6 +349,33 @@ NTSTATUS create_conn_struct(TALLOC_CTX *ctx, } / + Fake up a connection struct for the VFS layer, for use in + applications (such as the python bindings), that do not want the + global working directory changed under them. + + SMB_VFS_CONNECT requires root privileges. +*/ + +NTSTATUS create_conn_struct(TALLOC_CTX *ctx, + struct tevent_context *ev, + struct messaging_context *msg, + connection_struct **pconn, + int snum, + const char *path, + const struct auth_session_info *session_info) +{ + NTSTATUS status; + become_root(); + status = create_conn_struct_as_root(ctx, ev, + msg, pconn, + snum, path, + session_info); + unbecome_root(); + + return status; +} + +/ Fake up a connection struct for the VFS layer. Note: this performs a vfs connect and CHANGES CWD JRA. -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via bfc3b3b Announce Samba 4.1.5. from 315b80c Announce Samba 4.0.15. http://gitweb.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit bfc3b3be78b3e9c116305c65748d27b008e3c16a Author: Karolin Seeger Date: Fri Feb 21 10:39:16 2014 +0100 Announce Samba 4.1.5. Signed-off-by: Karolin Seeger --- Summary of changes: generated_news/latest_10_bodies.html| 25 ++-- generated_news/latest_10_headlines.html |4 +- generated_news/latest_2_bodies.html | 25 ++-- history/header_history.html |1 + history/{samba-4.0.15.html => samba-4.1.5.html} | 49 --- latest_stable_release.html |6 +- 6 files changed, 66 insertions(+), 44 deletions(-) copy history/{samba-4.0.15.html => samba-4.1.5.html} (60%) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 2acc2e6..e3a280d 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,16 @@ + 21 February 2014 + Samba 4.1.5 Available for Download + This is the latest stable release of the Samba 4.1 series. + +The uncompressed tarballs and patch files have been signed +using GnuPG (ID 6568B7EA). The source code can be +http://samba.org/samba/ftp/stable/samba-4.1.5.tar.gz";>downloaded +now. A http://samba.org/samba/ftp/patches/patch-4.1.4-4.1.5.diffs.gz";> +patch against Samba 4.1.4 is also available. See +http://samba.org/samba/history/samba-4.1.5.html";> the release notes + for more info. + + 18 February 2014 Samba 4.0.15 Available for Download This is the latest stable release of the Samba 4.0 series. @@ -133,15 +146,3 @@ patch against Samba 4.0.11 is also available. See http://samba.org/samba/ftp/stable/samba-3.6.20.tar.gz";>download Samba 3.6.20. - - 11 October 2013 - Samba 4.1.0 Available for Download - This is the first stable release of the Samba 4.1 series. - -The uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -http://samba.org/samba/ftp/stable/samba-4.1.0.tar.gz";>downloaded -now. A http://samba.org/samba/ftp/patches/patch-4.0.10-4.1.0.diffs.gz";> -patch against Samba 4.0.10 is also available. See -http://samba.org/samba/history/samba-4.1.0.html";> the release notes - for more info. diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 4a1a270..846d13e 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ +21 February 2014 Samba 4.1.5 Available for Download + 18 February 2014 Samba 4.0.15 Available for Download 02 February 2014 cwrap 1.0.0 Available for Download @@ -20,6 +22,4 @@ 11 November 2013 Samba 4.1.1, 4.0.11 (CVE-2013-4475 and CVE-2013-4476) and 3.6.20 (CVE-2013-4475) Security Releases Available for Download - -11 October 2013 Samba 4.1.0 Available for Download diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index ab3bc10..4b6fd30 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,3 +1,16 @@ + 21 February 2014 + Samba 4.1.5 Available for Download + This is the latest stable release of the Samba 4.1 series. + +The uncompressed tarballs and patch files have been signed +using GnuPG (ID 6568B7EA). The source code can be +http://samba.org/samba/ftp/stable/samba-4.1.5.tar.gz";>downloaded +now. A http://samba.org/samba/ftp/patches/patch-4.1.4-4.1.5.diffs.gz";> +patch against Samba 4.1.4 is also available. See +http://samba.org/samba/history/samba-4.1.5.html";> the release notes + for more info. + + 18 February 2014 Samba 4.0.15 Available for Download This is the latest stable release of the Samba 4.0 series. @@ -9,15 +22,3 @@ now. A http://samba.org/samba/ftp/patches/patch-4.0.14-4.0.15.diffs patch against Samba 4.0.14 is also available. See http://samba.org/samba/history/samba-4.0.15.html";> the release notes for more info. - - - 02 February 2014 - cwrap 1.0.0 Available for Download - - http://cwrap.org/";>cwrap, a project to test your full - software stack, has been released at http://fosdem.org/";> - FOSDEM. It is a set of tools to create a fully isolated network testing - environment to test client/server components on a single host. The cwrap - project does not require virtualization and can be used to build - environments on different operating systems. http://cwrap.org/";> - Learn more ... diff --git a/hi
[SCM] Samba Shared Repository - annotated tag samba-4.1.5 created
The annotated tag, samba-4.1.5 has been created at 84e79157c13c639276316fea14cf5694debab6ee (tag) tagging 144791ecd8a604877ba8236849036bc07fce8d0c (commit) replaces samba-4.1.4 tagged by Karolin Seeger on Fri Feb 21 10:25:15 2014 +0100 - Log - samba: tag release samba-4.1.5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlMHG3sACgkQbzORW2Vot+oo9ACggn/HcSrJu3XGzDFjNBJQMnG+ HXoAoLgLnbk3sSJWnPsvwriXpy8FbFt4 =F/mL -END PGP SIGNATURE- Alistair Leslie-Hughes (1): Stop use after free Andreas Schneider (4): lib: Fix strict-aliasing warning in md5 code. s3-libads: Fix memory leaks in ads_build_path(). wbinfo: Fix a memory leak in wbinfo_ping_dc(). s3-passdb: Fix string duplication to pointers. Andrew Bartlett (1): kdc: Add belts-and-braces check that we fail if the hdb version changes David Disseldorp (3): torture: add zero length FSCTL_SRV_COPYCHUNK test smbd/smb2_ioctl: fail zero length copy chunk requests vfs_btrfs: pass-through copy-chunk(len=0) requests Jeffrey Clark (1): Support for Heimdal's unified krb5 and hdb plugin system. Jelmer Vernooij (1): Cope with first element in hdb_method having a different name in different heimdal versions. Jeremy Allison (14): s3: winbindd: Move the logic of whether to set 'domain->primary' into add_trusted_domain(). s3: winbindd: Move calling setup_domain_child() into add_trusted_domain(). s3:dir - In the old SMB1 search code, rename offset to wire_offset to distinguish between wire and native offsets. s3:dir - Introduce a function to map a directory cookie to a 32-bit wire cookie. s3: dir - Introduce 32-bit wire versions of the 'special' values. s3:dir - Cope with fixed mapping of 'special' values. s3:dir - Map wire offsets to native directory cookies. s3:dir - Add a new memcache type (non-talloc) - SMB1_SEARCH_OFFSET_MAP. s3:dir - Introduce a 64-bit directory offset <-> 32 bit wire offset map using memcache. s3:dir - We now pass the previously spinning directory tests on ext4. s3: smbpasswd - fix crashes on invalid input. s3: vfs_dirsort module. s3: vfs_dirsort module. s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true. Karolin Seeger (4): VERSION: Bump version number up to 4.1.5... docs: Fix typos in vfs_shadow_copy2.8.xml. WHATSNEW: Add release notes for Samba 4.1.5. VERSION: Disable git snapshots for the 4.1.5 release. Michael Adam (35): shadow_copy2: break overly long lines in shadow_copy2_snapshot_to_gmt() shadow_copy2: add comment header describing shadow_copy2_strip_snapshot() shadow_copy2: add header comment explaining have_snapdir() shadow_copy2: add comment block explaining shadow_copy2_find_snapdir() shadow_copy2: add comment block explaining shadow_copy2_insert_string() shadow_copy2: add comment block explaining shadow_copy2_convert() shadow_copy2: add comment explaining the SMB level GMT format pattern shadow_copy2: introduce config struct and function shadow_copy2_connect() shadow_copy2: introduce the bool "snapdir_absolute" in the config. shadow_copy2: disable "snapdir:crossmountpoints" if the snapdir is absolute. shadow_copy2: re-add the basedir option. shadow_copy2: introduce "shadow:mountpoint" option shadow_copy2: add rel_connectpath to config. shadow_copy2: add snapshot_basepath to the config. shadow_copy2: log resulting config at the end of shadow_copy2_connect() shadow_copy2: implement disk_free shadow_copy2: in the classical case, use configured path in shadow_copy2_find_snapdir() shadow_copy2: make shadow_copy2_find_snapdir() return const char * shadow_copy2: shadow_copy2_insert_string(): do not prepend a "/" in absolute mode shadow_copy2: factor shadow_copy2_posix_gmt_string() out of shadow_copy2_insert_string() shadow_copy2: introduce shadow_copy2_snapshot_path() shadow_copy2: add comments explaining decisions in shadow_copy2_strip_snapshot() shadow_copy2: add some debug to shadow_copy2_strip_snapshot() shadow_copy2: fix shadow_copy2_strip_snapshot() in the classical case shadow_copy2: initialize "converted" string to null in shadow_copy2_convert() shadow_copy2: add some blank lines for visual separation to shadow_copy2_convert() shadow_copy2: fix shadow_copy2_convert() in the classical case. shadow_copy2: improve debug in shadow_copy2_convert() in snapdirseverywhere mode shadow_copy2: use stored mount_point instead of recalculating. s3:module:shadow_copy2: add my (C) s3:modules:shadow_copy2: improve headline comment s3:modules:shadow_copy2: remove redunda
[SCM] Samba Shared Repository - branch v4-1-stable updated
The branch, v4-1-stable has been updated via 144791e VERSION: Disable git snapshots for the 4.1.5 release. via a738491 WHATSNEW: Add release notes for Samba 4.1.5. via 8c2ee1f s3:smb2_notify: fix use after free on long living notify requests via dd83f1d s3: modules: streaminfo: As we have no VFS function SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() is true. via 6763283 s3: vfs_dirsort module. via 9cb8ae1 s3: vfs_dirsort module. via 4ce9501 smbd: Fix an ancient oplock bug via b5253bf vfs_btrfs: pass-through copy-chunk(len=0) requests via 1271434 smbd/smb2_ioctl: fail zero length copy chunk requests via 3a3d027 torture: add zero length FSCTL_SRV_COPYCHUNK test via 6265959 kdc: Add belts-and-braces check that we fail if the hdb version changes via 593ce2a Support for Heimdal's unified krb5 and hdb plugin system. via 68dc374 Cope with first element in hdb_method having a different name in different heimdal versions. via 3f09c5c smbd: Fix memory overwrites via dc58296 s3-winbind: Improve performance of wb_fill_pwent_sid2uid_done(). via e31075d Stop use after free via 28ddd77 s3: smbpasswd - fix crashes on invalid input. via 13e65fa s3:dir - We now pass the previously spinning directory tests on ext4. via da502c0 s3:dir - Introduce a 64-bit directory offset <-> 32 bit wire offset map using memcache. via 3f28508 s3:dir - Add a new memcache type (non-talloc) - SMB1_SEARCH_OFFSET_MAP. via d8bed98 s3:dir - Map wire offsets to native directory cookies. via 45e65e1 s3:dir - Cope with fixed mapping of 'special' values. via 23596ff s3: dir - Introduce 32-bit wire versions of the 'special' values. via d9e8ac1 s3:dir - Introduce a function to map a directory cookie to a 32-bit wire cookie. via 9b6d61c s3:dir - In the old SMB1 search code, rename offset to wire_offset to distinguish between wire and native offsets. via f4c8846 vfs/glusterfs: in case atime is not passed, set it to the current atime via d49d8b6 s3-passdb: Fix string duplication to pointers. via bf88959 wbinfo: Fix a memory leak in wbinfo_ping_dc(). via 07f1312 s3-libads: Fix memory leaks in ads_build_path(). via a498c8a lib: Fix strict-aliasing warning in md5 code. via a91d000 shadow_copy2: add a comment explaining why we don't talloc_zero_array(). via cc773c5 shadow_copy2: revert expensive and unnecessary zero-initialization via e8bc1ac docs: Fix typos in vfs_shadow_copy2.8.xml. via 4fe0bad docs: update the manpage of vfs_shadow_copy2 via 33fb6c1 s3:modules:shadow_copy2: remove redundant documentation comment block via 572ca24 s3:modules:shadow_copy2: improve headline comment via 44db7d8 s3:module:shadow_copy2: add my (C) via db8ea0a shadow_copy2: use stored mount_point instead of recalculating. via 5e9daae shadow_copy2: improve debug in shadow_copy2_convert() in snapdirseverywhere mode via c775897 shadow_copy2: fix shadow_copy2_convert() in the classical case. via 3672c20 shadow_copy2: add some blank lines for visual separation to shadow_copy2_convert() via 9f269c9 shadow_copy2: initialize "converted" string to null in shadow_copy2_convert() via 285e1e4 shadow_copy2: fix shadow_copy2_strip_snapshot() in the classical case via 790fcac shadow_copy2: add some debug to shadow_copy2_strip_snapshot() via 9607710 shadow_copy2: add comments explaining decisions in shadow_copy2_strip_snapshot() via 9af2451 shadow_copy2: introduce shadow_copy2_snapshot_path() via 042b0aa shadow_copy2: factor shadow_copy2_posix_gmt_string() out of shadow_copy2_insert_string() via 15170c0 shadow_copy2: shadow_copy2_insert_string(): do not prepend a "/" in absolute mode via b6a6eb5 shadow_copy2: make shadow_copy2_find_snapdir() return const char * via f61106d shadow_copy2: in the classical case, use configured path in shadow_copy2_find_snapdir() via 47a0a04 shadow_copy2: implement disk_free via cfa7632 shadow_copy2: log resulting config at the end of shadow_copy2_connect() via 1b1d020 shadow_copy2: add snapshot_basepath to the config. via fa6b219 shadow_copy2: add rel_connectpath to config. via 9b376b7 shadow_copy2: introduce "shadow:mountpoint" option via 52c70fb shadow_copy2: re-add the basedir option. via 266a8de shadow_copy2: disable "snapdir:crossmountpoints" if the snapdir is absolute. via e86972d shadow_copy2: introduce the bool "snapdir_absolute" in the config. via 5037f83 shadow_copy2: introduce config struct and function shadow_copy2_connect() via 0985cce shadow_copy2: add comment explaining the SMB level GMT format pattern via cd96d92
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 629e95e VERSION: Bump version number up to 4.1.6... via 144791e VERSION: Disable git snapshots for the 4.1.5 release. via a738491 WHATSNEW: Add release notes for Samba 4.1.5. from 8c2ee1f s3:smb2_notify: fix use after free on long living notify requests http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 629e95e6607b6d7cbf0a1861bc2f85fa7a6a5fd8 Author: Karolin Seeger Date: Fri Feb 21 10:21:08 2014 +0100 VERSION: Bump version number up to 4.1.6... and re-enable git snapshots. Signed-off-by: Karolin Seeger commit 144791ecd8a604877ba8236849036bc07fce8d0c Author: Karolin Seeger Date: Fri Feb 21 10:20:09 2014 +0100 VERSION: Disable git snapshots for the 4.1.5 release. Signed-off-by: Karolin Seeger commit a738491bd8791a4b866be0a31e6be486bba80411 Author: Karolin Seeger Date: Fri Feb 21 10:19:38 2014 +0100 WHATSNEW: Add release notes for Samba 4.1.5. Signed-off-by: Karolin Seeger --- Summary of changes: VERSION |2 +- WHATSNEW.txt | 103 - 2 files changed, 102 insertions(+), 3 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 5783c03..92562f5 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=1 -SAMBA_VERSION_RELEASE=5 +SAMBA_VERSION_RELEASE=6 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index b864e8a..977c85a 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,103 @@ = + Release Notes for Samba 4.1.5 + February 21, 2014 + = + + +This is the latest stable release of Samba 4.1. + +Major enhancements in Samba 4.1.5 include: + +o Fix 100% CPU utilization in winbindd when trying to free memory in + winbindd_reinit_after_fork (bug #10358). +o smbd: Fix memory overwrites (bug #10415). + + +Changes since 4.1.4: + + +o Michael Adam +* BUG 10259: Make shadow_copy2 module working with Windows 7. + + +o Jeremy Allison +* BUG 2662: Make revamped directory handling code 64bit clean. +* BUG 10320: s3: smbpasswd: Fix crashes on invalid input. +* BUG 10358: Fix 100% CPU utilization in winbindd when trying to free + memory in winbindd_reinit_after_fork. +* BUG 10406: s3: vfs_dirsort module: Allow dirsort to work when multiple + simultaneous directories are open. +* BUG 10429: s3: modules: streaminfo: As we have no VFS function + SMB_VFS_LLISTXATTR we can't cope with a symlink when lp_posix_pathnames() + is true. + + +o Alistair Leslie-Hughes +* BUG 10087: ntlm_auth sometimes returns the wrong username to + mod_ntlm_auth_winbind. + + +o Andrew Bartlett +* BUG 10418: Fix INTERNAL ERROR: Signal 11 in the kdc pid. + + +o Jeffrey Clark +* BUG 10418: Add support for Heimdal's unified krb5 and hdb plugin system. + + +o Niels de Vos +* BUG 10384: vfs/glusterfs: In case atime is not passed, set it to the + current atime. + + +o David Disseldorp +* BUG 10424: vfs_btrfs: Fix incorrect zero length server-side copy request + handling. + + +o Volker Lendecke +* BUG 2191: s3-winbind: Improve performance of wb_fill_pwent_sid2uid_done(). +* BUG 10415: smbd: Fix memory overwrites. +* BUG 10436: smbd: Fix an ancient oplock bug. + + +o Stefan Metzmacher +* BUG 10442: Fix crash bug in smb2_notify code. + + +o Andreas Schneider +* BUG 10367: Fix several memory leaks. + + +o Jelmer Vernooij +* BUG 10418: Cope with first element in hdb_method having a different name + in different heimdal versions. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the Samba 4.1 product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: +--