autobuild[sn-devel-144]: intermittent test failure detected
The autobuild test system (on sn-devel-144) has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: https://git.samba.org/autobuild.flakey.sn-devel-144/2018-04-14-0636/flakey.log The failure seems to be in the "samba-ad-dc" suite, whose build logs are available here: https://git.samba.org/autobuild.flakey.sn-devel-144/2018-04-14-0636/samba-ad-dc.stderr https://git.samba.org/autobuild.flakey.sn-devel-144/2018-04-14-0636/samba-ad-dc.stdout The top commit at the time of the failure was: commit b8f71674742a45c296b6ef6a69be3870c4ddf61c Author: Volker LendeckeDate: Sun Feb 25 13:00:39 2018 +0100 libdgram: Fix an error path memleak Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Apr 13 21:04:28 CEST 2018 on sn-devel-144 and the last 50 lines of the stdout log were: [450(2951)/525 at 19m51s] samba.wbinfo_simple.domain-info=$DOMAIN(ad_member:local) [451(2952)/525 at 19m51s] samba.wbinfo_simple.online-status(ad_member:local) [452(2953)/525 at 19m51s] samba.wbinfo_simple.online-status.domain=BUILTIN(ad_member:local) [453(2954)/525 at 19m51s] samba.wbinfo_simple.online-status.domain=$DOMAIN(ad_member:local) [454(2955)/525 at 19m51s] samba.wbinfo_simple.check-secret.domain=$DOMAIN(ad_member:local) [455(2956)/525 at 19m52s] samba.wbinfo_simple.change-secret.domain=$DOMAIN(ad_member:local) [456(2957)/525 at 19m52s] samba.wbinfo_simple.check-secret.domain=$DOMAIN(ad_member:local) [457(2958)/525 at 19m53s] samba.wbinfo_simple.online-status.domain=$DOMAIN(ad_member:local) [458(2959)/525 at 19m53s] samba.wbinfo_simple.domain-users(ad_member:local) [459(2960)/525 at 19m53s] samba.wbinfo_simple.domain-groups(ad_member:local) [460(2961)/525 at 19m53s] samba.wbinfo_simple.name-to-sid=$DC_USERNAME(ad_member:local) [461(2962)/525 at 19m53s] samba.wbinfo_simple.name-to-sid=$DOMAIN/$DC_USERNAME(ad_member:local) [462(2963)/525 at 19m53s] samba.wbinfo_simple.user-info=$DOMAIN/$DC_USERNAME(ad_member:local) [463(2964)/525 at 19m53s] samba.wbinfo_simple.user-groups=$DOMAIN/$DC_USERNAME(ad_member:local) [464(2965)/525 at 19m53s] samba.wbinfo_simple.authenticate=$DOMAIN/$DC_USERNAME%$DC_PASSWORD(ad_member:local) [465(2966)/525 at 19m53s] samba.wbinfo_simple.allocate-uid(ad_member:local) [466(2967)/525 at 19m54s] samba.wbinfo_simple.allocate-gid(ad_member:local) [467(2968)/525 at 19m54s] samba.wbinfo_sids2xids.(ad_member:local)(ad_member:local) UNEXPECTED(failure): samba.wbinfo_sids2xids.(ad_member:local).sids2xids(ad_member:local) REASON: Exception: Exception: failed to call wbcLookupName: WBC_ERR_INVALID_SID Could not lookup name ADDOMAIN/ Couldn't delete specified entry Entry deleted. Couldn't delete specified entry Entry deleted. Couldn't delete specified entry Couldn't delete specified entry wbcSidToString(-512) failed: WBC_ERR_INVALID_PARAM wbinfo_sids_to_unix_ids failed Traceback (most recent call last): File "/memdisk/autobuild/fl/b3088179/samba-ad-dc/source3/script/tests/test_wbinfo_sids2xids_int.py", line 51, in idtypes.append(result[0]) IndexError: list index out of range FAILED (1 failures, 0 errors and 0 unexpected successes in 0 testsuites) A summary with detailed information can be found in: ./bin/ab/summary TOP 10 slowest tests samba3.local.nss(ad_dc:local) -> 77 samba3.raw.session krb5(ad_dc) -> 52 samba3.rpc.samr.passwords.pwdlastset(ad_dc) -> 52 samba3.smb2.session krb5(ad_dc) -> 35 samba4.blackbox.net_ads(ad_dc:client)(ad_dc:client) -> 33 samba3.rpc.schannel(ad_dc) -> 21 samba3.smb2.dir(ad_dc) -> 20 samba3.base.delete(ad_dc) -> 20 samba4.blackbox.trust_utils(fl2008r2dc:local)(fl2008r2dc:local) -> 18 samba3.rpc.spoolss.printer(ad_dc) -> 18 ERROR: test failed with exit code 1
[SCM] Samba Shared Repository - branch v4-7-test updated
The branch, v4-7-test has been updated via 5a2066f torture: Test compound request request counters via bb15458 s3:smb2_server: correctly maintain request counters for compound requests from 686b2ba winbindd: Do not ignore domain in the LOOKUPNAME request https://git.samba.org/?p=samba.git;a=shortlog;h=v4-7-test - Log - commit 5a2066f5ca52d8f1421139f27112183952070a05 Author: Volker LendeckeDate: Wed Apr 11 15:11:10 2018 +0200 torture: Test compound request request counters This will send an unfixed smbd into the SMB_ASSERT(op->request_count > 0); in smbd_smb2_request_reply_update_counts BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215 Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Thu Apr 12 14:38:39 CEST 2018 on sn-devel-144 (cherry picked from commit 40edd1bc273f664d5567ef5be169033899acee1f) Autobuild-User(v4-7-test): Stefan Metzmacher Autobuild-Date(v4-7-test): Fri Apr 13 22:48:05 CEST 2018 on sn-devel-144 commit bb15458485e48ce173e54186f1b54aef2e852544 Author: Stefan Metzmacher Date: Wed Apr 11 12:14:59 2018 +0200 s3:smb2_server: correctly maintain request counters for compound requests If a session expires during a compound request chain, we exit smbd_smb2_request_dispatch() with 'return smbd_smb2_request_error(req, ...)' before calling smbd_smb2_request_dispatch_update_counts(). As req->request_counters_updated was only reset within smbd_smb2_request_dispatch_update_counts(), smbd_smb2_request_reply_update_counts() was called twice on the same request, which triggers SMB_ASSERT(op->request_count > 0); BUG: https://bugzilla.samba.org/show_bug.cgi?id=13215 Signed-off-by: Stefan Metzmacher Reviewed-by: Volker Lendecke (cherry picked from commit 87e25cd1e45bfe57292b62ffc44ddafc01c61ca0) --- Summary of changes: source3/smbd/smb2_server.c | 6 +++- source4/torture/smb2/compound.c | 77 + 2 files changed, 82 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index ee03a8e..177e5ff 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -2180,7 +2180,7 @@ static NTSTATUS smbd_smb2_request_dispatch_update_counts( bool update_open = false; NTSTATUS status = NT_STATUS_OK; - req->request_counters_updated = false; + SMB_ASSERT(!req->request_counters_updated); if (xconn->protocol < PROTOCOL_SMB2_22) { return NT_STATUS_OK; @@ -2315,6 +2315,8 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) DO_PROFILE_INC(request); + SMB_ASSERT(!req->request_counters_updated); + /* TODO: verify more things */ flags = IVAL(inhdr, SMB2_HDR_FLAGS); @@ -2755,6 +2757,8 @@ static void smbd_smb2_request_reply_update_counts(struct smbd_smb2_request *req) return; } + req->request_counters_updated = false; + if (xconn->protocol < PROTOCOL_SMB2_22) { return; } diff --git a/source4/torture/smb2/compound.c b/source4/torture/smb2/compound.c index c592308..d2d4d7e 100644 --- a/source4/torture/smb2/compound.c +++ b/source4/torture/smb2/compound.c @@ -1030,6 +1030,81 @@ done: return ret; } +static bool test_compound_invalid4(struct torture_context *tctx, + struct smb2_tree *tree) +{ + struct smb2_create cr; + struct smb2_read rd; + NTSTATUS status; + const char *fname = "compound_invalid4.dat"; + struct smb2_close cl; + bool ret = true; + bool ok; + struct smb2_request *req[2]; + + smb2_transport_credits_ask_num(tree->session->transport, 2); + + smb2_util_unlink(tree, fname); + + ZERO_STRUCT(cr); + cr.in.security_flags = 0x00; + cr.in.oplock_level= 0; + cr.in.impersonation_level = NTCREATEX_IMPERSONATION_IMPERSONATION; + cr.in.create_flags= 0x; + cr.in.reserved= 0x; + cr.in.desired_access = SEC_RIGHTS_FILE_ALL; + cr.in.file_attributes = FILE_ATTRIBUTE_NORMAL; + cr.in.share_access= NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE | + NTCREATEX_SHARE_ACCESS_DELETE; + cr.in.create_disposition = NTCREATEX_DISP_OPEN_IF; + cr.in.create_options =
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via b8f7167 libdgram: Fix an error path memleak via 8b770e6 libnbt: Align data types via 5fea3e3 libnbt: Add an explicit "mem_ctx" to name_request_send from ce63db2 traffic_relay: bulk port print to modern py3 style https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit b8f71674742a45c296b6ef6a69be3870c4ddf61c Author: Volker LendeckeDate: Sun Feb 25 13:00:39 2018 +0100 libdgram: Fix an error path memleak Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Fri Apr 13 21:04:28 CEST 2018 on sn-devel-144 commit 8b770e646aa28e6ef36647f42b97a8330203bbd0 Author: Volker Lendecke Date: Thu Apr 12 20:40:32 2018 +0200 libnbt: Align data types ARRAY_SIZE returns size_t Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher commit 5fea3e3f23cf75e111b9043ddad8a93aad6c06bf Author: Volker Lendecke Date: Sun Feb 4 12:16:14 2018 + libnbt: Add an explicit "mem_ctx" to name_request_send Implicitly hanging requests off nbtsock is too inflexible for future use Signed-off-by: Volker Lendecke Reviewed-by: Stefan Metzmacher --- Summary of changes: libcli/nbt/namequery.c | 4 ++-- libcli/nbt/namerefresh.c| 2 +- libcli/nbt/nameregister.c | 2 +- libcli/nbt/namerelease.c| 2 +- libcli/nbt/nbt_proto.h | 3 ++- libcli/nbt/nbtsocket.c | 7 --- source4/libcli/dgram/mailslot.c | 1 + 7 files changed, 12 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/nbt/namequery.c b/libcli/nbt/namequery.c index e344235..49ab10c 100644 --- a/libcli/nbt/namequery.c +++ b/libcli/nbt/namequery.c @@ -56,7 +56,7 @@ _PUBLIC_ struct nbt_name_request *nbt_name_query_send(struct nbt_name_socket *nb dest = socket_address_from_strings(packet, nbtsock->sock->backend_name, io->in.dest_addr, io->in.dest_port); if (dest == NULL) goto failed; - req = nbt_name_request_send(nbtsock, dest, packet, + req = nbt_name_request_send(nbtsock, nbtsock, dest, packet, io->in.timeout, io->in.retries, false); if (req == NULL) goto failed; @@ -160,7 +160,7 @@ _PUBLIC_ struct nbt_name_request *nbt_name_status_send(struct nbt_name_socket *n dest = socket_address_from_strings(packet, nbtsock->sock->backend_name, io->in.dest_addr, io->in.dest_port); if (dest == NULL) goto failed; - req = nbt_name_request_send(nbtsock, dest, packet, + req = nbt_name_request_send(nbtsock, nbtsock, dest, packet, io->in.timeout, io->in.retries, false); if (req == NULL) goto failed; diff --git a/libcli/nbt/namerefresh.c b/libcli/nbt/namerefresh.c index b525356..b3aef76 100644 --- a/libcli/nbt/namerefresh.c +++ b/libcli/nbt/namerefresh.c @@ -72,7 +72,7 @@ struct nbt_name_request *nbt_name_refresh_send(struct nbt_name_socket *nbtsock, nbtsock->sock->backend_name, io->in.dest_addr, io->in.dest_port); if (dest == NULL) goto failed; - req = nbt_name_request_send(nbtsock, dest, packet, + req = nbt_name_request_send(nbtsock, nbtsock, dest, packet, io->in.timeout, io->in.retries, false); if (req == NULL) goto failed; diff --git a/libcli/nbt/nameregister.c b/libcli/nbt/nameregister.c index ff5418c..8e8271d 100644 --- a/libcli/nbt/nameregister.c +++ b/libcli/nbt/nameregister.c @@ -80,7 +80,7 @@ struct nbt_name_request *nbt_name_register_send(struct nbt_name_socket *nbtsock, dest = socket_address_from_strings(packet, nbtsock->sock->backend_name, io->in.dest_addr, io->in.dest_port); if (dest == NULL) goto failed; - req = nbt_name_request_send(nbtsock, dest, packet, + req = nbt_name_request_send(nbtsock, nbtsock, dest, packet, io->in.timeout, io->in.retries, false); if (req == NULL) goto failed; diff --git a/libcli/nbt/namerelease.c b/libcli/nbt/namerelease.c index 8f46981..68c8252 100644 --- a/libcli/nbt/namerelease.c +++ b/libcli/nbt/namerelease.c @@ -69,7 +69,7 @@ _PUBLIC_ struct nbt_name_request *nbt_name_release_send(struct nbt_name_socket * dest = socket_address_from_strings(packet, nbtsock->sock->backend_name,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via ce63db2 traffic_relay: bulk port print to modern py3 style via c034caa s4/webserver: initialise optional parameter via 30fb803 s4/lib/py-registry: initialize optional parameters for open_* functions via 2a30501 s3/py_passdb: initialize optional parameters earlier via 399c22a nbt/pynbt: initialize optional parameter in nbt_name_refresh via e62d2bd nbt/pynbt: initialize optional parameter in nbt_name_register via 0d56edb ldb/pyldb: initialize optional parameter in ldb_connect() via 6eb3391 kcc/graph: add __hash__ to InternalEdge for py3 via c7f3c91 kcc: fix sort for py3 via 9491094 kcc/kcc_utils: fix divide for py3 via 09081ea kcc/kcc_utils: convert dict.keys to list via 767f6e5 kcc/graph_utils: port string.translate for py3 via 16a228c selftest/graph: enable py3 for samba.tests.graph via d1312c8 python/tests/graph: actually test graphs, don't print via 6d696d6 graph: fix sort for py3 via fadd2ce graph: fix divide for py3 via 470499f selftest: enable py3 for samba.tests.krb5_credentials via a9f5913 selftest: enable py3 for samba.tests.docs via c070680 selftest: enable py3 for samba.tests.source via eec07f2 selftest: enable py3 for samba.tests.lsa_string via fb97281 selftest: enable py3 for samba.tests.dcerpc.registry via 9b8b40f selftest: enable py3 for samba.tests.dcerpc.rpcecho via e209cc2 selftest: enable py3 for samba.tests.dcerpc.bare via 01ace23 selftest: enable py3 for samba.tests.dcerpc.sam via aeb6e07 python: fix unicode escape in doc string via 5258add python: bulk convert zip to list via 8432ca2 python: bulk replace file to open for py3 via 9d79329 python: bulk replace dict.itervalues to values for py3 via 2892293 python: bulk port tdb iterkeys for py3 via f3b5287 python: bulk replace dict.iteritems to items for py3 via 6716971c python/wscript: build grouping library for py2/py3 (--extra-python) via 6210510 s3/lib/policy/wscript_build: build samba_policy lib for extra-python/py3 via 84f7ead s3/libnet/wscript: build samba-net lib for extra-python/py3 via f24f0e1 s3/param/wscript: build PROVISION subsytem for extra-python/py3 via 4a58393 wscript_build: make sure we link extra-python versions of libraries via e48e6b0 python: create test for pysmb module. via 5c7e7ca s4/libcli: python3 port for smb module from 23d8410 dbwrap: Fix "use mmap = no" https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit ce63db26a1d9fd2272e7d708965557d0461a4eac Author: Joe GuoDate: Fri Apr 13 15:00:01 2018 +1200 traffic_relay: bulk port print to modern py3 style Change print to function and avoid the ugly `print >>sys.stderr`. Signed-off-by: Joe Guo Reviewed-by: Douglas Bagnall Reviewed-by: Garming Sam Autobuild-User(master): Douglas Bagnall Autobuild-Date(master): Fri Apr 13 10:36:32 CEST 2018 on sn-devel-144 commit c034caaf956dd7bf151ca86fe028928befe88f7b Author: Douglas Bagnall Date: Thu Apr 12 17:19:20 2018 +1200 s4/webserver: initialise optional parameter OK, this is unused and unimplemented. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Alexander Bokovoy commit 30fb803ec07eb865c4c31c54320cef08e1cafff0 Author: Douglas Bagnall Date: Thu Apr 12 17:15:19 2018 +1200 s4/lib/py-registry: initialize optional parameters for open_* functions Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Alexander Bokovoy commit 2a305014b530145563a581e880a14af17fc3fc04 Author: Douglas Bagnall Date: Thu Apr 12 17:13:05 2018 +1200 s3/py_passdb: initialize optional parameters earlier It is just a bit easier to see what is happening. Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Alexander Bokovoy commit 399c22a86f0b8614137f783d957547ade219e431 Author: Douglas Bagnall Date: Thu Apr 12 17:10:10 2018 +1200 nbt/pynbt: initialize optional parameter in nbt_name_refresh Signed-off-by: Douglas Bagnall Reviewed-by: Andrew Bartlett Reviewed-by: Alexander Bokovoy
[SCM] Samba Shared Repository - branch v4-6-stable updated
The branch, v4-6-stable has been updated via c4d44b9 VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release. via 46be020 WHATSNEW: Add release notes for Samba 4.6.15. via c90accf torture: Test compound request request counters via fb602bd s3:smb2_server: correctly maintain request counters for compound requests via e1c58ec s3: smbd: Unix extensions attempts to change wrong field in fchown call. via b11b0e0 s3:smbd: map nterror on smb2_flush errorpath via 24354b0 vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async via 94d91c9 s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir() via 8f4202e s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here. via 0afb85c tests/bind.py: Add a bind test with NTLMSSP with no domain via 96d9297 s3:cliconnect.c: remove useless ';' via bb14cec s3:libsmb: allow -U"\administrator" to work via d71e1a2 Merge tag 'samba-4.6.14' into v4-6-test via 2d2fb95 VERSION: Bump version up to 4.6.15... via 85fc0d5 build: fix libceph-common detection via 903 VERSION: Disable GIT_SNAPSHOT for the 4.6.14 release. via 5cabac8 WHATSNEW: Add release notes for Samba 4.6.14. via 58c2418 CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control via 03b1513 CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID via 96261a0 CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control via 9e03a09 CVE-2018-1057: s4:dsdb/acl: run password checking only once via 43863fc CVE-2018-1057: s4/dsdb: correctly detect password resets via 0c2ef5f CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights() via 2cce162 CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control via a0e418a CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks via 4a8b22c CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights() via ed471f3 CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights() via a976076 CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values via 4b93237 CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE via 1610632 CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete via 5365141 CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs. via ae55cfe s3:smbd: Do not crash if we fail to init the session table via 8fe0589 libsmb: Use smb2 tcon if conn_protocol >= SMB2_02 via 3dadbb3 torture: Add test for channel sequence number handling via 597aba1 smbXcli: Add "force_channel_sequence" via 082c08e smbd: Fix channel sequence number checks for long-running requests via c3bce29 smbd: Remove a "!" from an if-condition for easier readability via 65992c6 torture4: Fix typos via dc5dbc6 smbd: Fix a typo via b726719 s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions via 7118165 s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions via f0e7a7c s4:torture: add smb2.session.expire2 test via d0c6802 Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData" via c190c37 Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()" via e1a5f80 Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key" via 542382a Revert "s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob" via fb65808 Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key" via 4afb9bd Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function" via cb60d1c Revert "s4:kdc: use the strongest possible tgs session key" via 0cd6906 Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers" via 89f27fa Revert "TODO s4:kdc: indicate support for new encryption types by adding empty keys" via 3a54a04 Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets" via 56a40ab samba: Only use async signal-safe functions in signal handler via 670af37 subnet: Avoid a segfault when renaming subnet objects via f2e21e6 HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets via ffda28e TODO s4:kdc: indicate support for new encryption types by adding empty keys via 075f061 TODO s4:kdc: msDS-SupportedEncryptionTypes
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 84f273d NEWS[4.6.15]: Samba 4.6.15 Available for Download from 73e8fbc team: fix Gary Lockyer's details (typo) https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 84f273dca9848bad9811634ad882b8ec2bb63c70 Author: Karolin Seeger <ksee...@samba.org> Date: Fri Apr 13 09:47:19 2018 +0200 NEWS[4.6.15]: Samba 4.6.15 Available for Download Signed-off-by: Karolin Seeger <ksee...@samba.org> --- Summary of changes: history/samba-4.6.15.html| 74 posted_news/20180413-075519.4.6.15.body.html | 13 + posted_news/20180413-075519.4.6.15.headline.html | 3 + 3 files changed, 90 insertions(+) create mode 100644 history/samba-4.6.15.html create mode 100644 posted_news/20180413-075519.4.6.15.body.html create mode 100644 posted_news/20180413-075519.4.6.15.headline.html Changeset truncated at 500 lines: diff --git a/history/samba-4.6.15.html b/history/samba-4.6.15.html new file mode 100644 index 000..2adcbe2 --- /dev/null +++ b/history/samba-4.6.15.html @@ -0,0 +1,74 @@ +http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;> +http://www.w3.org/1999/xhtml;> + +Samba 4.6.15 - Release Notes + + +Samba 4.6.15 Available for Download + +https://download.samba.org/pub/samba/stable/samba-4.6.15.tar.gz;>Samba 4.6.15 (gzipped) +https://download.samba.org/pub/samba/stable/samba-4.6.15.tar.asc;>Signature + + +https://download.samba.org/pub/samba/patches/samba-4.6.14-4.6.15.diffs.gz;>Patch (gzipped) against Samba 4.6.14 +https://download.samba.org/pub/samba/patches/samba-4.6.14-4.6.15.diffs.asc;>Signature + + + + == + Release Notes for Samba 4.6.15 + April 13, 2018 + == + + +This is the latest stable release of the Samba 4.6 release series. + + +Changes since 4.6.14: +- + +o Jeremy Allison j...@samba.org + * BUG 13244: s3: ldap: Ensure the ADS_STRUCT pointer doesnt get freed + on error, we dont own it here. + * BUG 13270: s3: smbd: Fix possible directory fd leak if the underlying + OS doesnt support fdopendir(). + * BUG 13375: s3: smbd: Unix extensions attempts to change wrong field + in fchown call. + +o Gnther Deschner g...@samba.org + * BUG 13277: build: fix libceph-common detection. + +o Poornima G pguru...@redhat.com + * BUG 13297: vfs_glusterfs: Fix the wrong pointer being sent in + glfs_fsync_async. + +o Volker Lendecke v...@samba.org + * BUG 13215: Fix smbd panic if the client-supplied channel sequence number + wraps. + * BUG 13240: samba: Only use async signal-safe functions in signal handler. + +o Stefan Metzmacher me...@samba.org + * BUG 13197: SMB2 close/lock/logoff can generate + NT_STATUS_NETWORK_SESSION_EXPIRED. + * BUG 13206: Fix authentication with an empty string domain . + * BUG 13215: s3:smb2_server: correctly maintain request counters for + compound requests. + +o Anton Nefedov + * BUG 13338: s3:smbd: Map nterror on smb2_flush errorpath. + +o Dan Robertson drobert...@tripwire.com + * BUG 13310: libsmb: Use smb2 tcon if conn_protocol = SMB2_02. + +o Garming Sam garm...@catalyst.net.nz + * BUG 13031: subnet: Avoid a segfault when renaming subnet objects. + +o Andreas Schneider a...@samba.org + * BUG 13315: s3:smbd: Do not crash if we fail to init the session table. + + + + + + diff --git a/posted_news/20180413-075519.4.6.15.body.html b/posted_news/20180413-075519.4.6.15.body.html new file mode 100644 index 000..34875f1 --- /dev/null +++ b/posted_news/20180413-075519.4.6.15.body.html @@ -0,0 +1,13 @@ + +13 April 2018 +Samba 4.6.15 Available for Download + +This is the latest stable release of the Samba 4.6 release series. + + +The uncompressed tarball has been signed using GnuPG (ID 6F33915B6568B7EA). +The source code can be https://download.samba.org/pub/samba/stable/samba-4.6.15.tar.gz;>downloaded now. +A https://download.samba.org/pub/samba/patches/samba-4.6.14-4.6.15.diffs.gz;>patch against Samba 4.6.14 is also available. +See https://www.samba.org/samba/history/samba-4.6.15.html;>the release notes for more info. + + diff --git a/posted_news/20180413-075519.4.6.15.headline.html b/posted_news/20180413-075519.4.6.15.headline.html new file mode 100644 index 000..71403b1 --- /dev/null +++ b/posted_news/20180413-075519.4.6.15.headline.html @@ -0,0 +1,3 @@ + + 13 April 2018 Samba 4.6.15 Available for Download + -- Samba Website Repository
[SCM] Samba Shared Repository - annotated tag samba-4.6.15 created
The annotated tag, samba-4.6.15 has been created at ea132b05d3b6a2543922c8c8395646e3174a78fa (tag) tagging c4d44b9a78f65a27803ee7005a077292b45690f7 (commit) replaces samba-4.6.14 tagged by Karolin Seeger on Fri Apr 13 09:46:43 2018 +0200 - Log - samba: tag release samba-4.6.15 -BEGIN PGP SIGNATURE- iEYEABECAAYFAlrQYGQACgkQbzORW2Vot+qI4gCghayfrXCSXvxapnCBVATwjnpE y+QAoIycikSkkpvqAPLgrAGd/iTMqsHm =A2qV -END PGP SIGNATURE- Andreas Schneider (1): s3:smbd: Do not crash if we fail to init the session table Anton Nefedov via samba-technical (1): s3:smbd: map nterror on smb2_flush errorpath Dan Robertson (1): libsmb: Use smb2 tcon if conn_protocol >= SMB2_02 Garming Sam (2): subnet: Avoid a segfault when renaming subnet objects tests/bind.py: Add a bind test with NTLMSSP with no domain Günther Deschner (1): build: fix libceph-common detection Jeremy Allison (4): CVE-2018-1050: s3: RPC: spoolss server. Protect against null pointer derefs. s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed on error, we don't own it here. s3: smbd: Fix possible directory fd leak if the underlying OS doesn't support fdopendir() s3: smbd: Unix extensions attempts to change wrong field in fchown call. Karolin Seeger (16): VERSION: Bump version up to 4.6.14... Revert "HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets" Revert "TODO s4:kdc: indicate support for new encryption types by adding empty keys" Revert "TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers" Revert "s4:kdc: use the strongest possible tgs session key" Revert "HEIMDAL:hdb: export a hdb_enctype_supported() helper function" Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key" Revert "s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob" Revert "HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key" Revert "HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply()" Revert "HEIMDAL:kdc: fix memory leak when decryption AuthorizationData" WHATSNEW: Add release notes for Samba 4.6.14. VERSION: Disable GIT_SNAPSHOT for the 4.6.14 release. VERSION: Bump version up to 4.6.15... WHATSNEW: Add release notes for Samba 4.6.15. VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release. Poornima G (1): vfs_glusterfs: Fix the wrong pointer being sent in glfs_fsync_async Ralph Boehme (13): CVE-2018-1057: s4:dsdb/tests: add a test for password change with empty delete CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for LDB_FLAG_MOD_TYPE CVE-2018-1057: s4:dsdb/password_hash: add a helper variable for passwordAttr->num_values CVE-2018-1057: s4:dsdb/acl: only call dsdb_acl_debug() if we checked the acl in acl_check_password_rights() CVE-2018-1057: s4:dsdb/acl: remove unused else branches in acl_check_password_rights() CVE-2018-1057: s4:dsdb/acl: check for internal controls before other checks CVE-2018-1057: s4:dsdb/acl: add check for DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control CVE-2018-1057: s4:dsdb/acl: add a NULL check for talloc_new() in acl_check_password_rights() CVE-2018-1057: s4/dsdb: correctly detect password resets CVE-2018-1057: s4:dsdb/acl: run password checking only once CVE-2018-1057: s4:dsdb/samdb: define DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID control CVE-2018-1057: s4:dsdb: use DSDB_CONTROL_PASSWORD_ACL_VALIDATION_OID CVE-2018-1057: s4:dsdb/acl: changing dBCSPwd is only allowed with a control Stefan Metzmacher (17): HEIMDAL:kdc: fix memory leak when decryption AuthorizationData HEIMDAL:kdc: decrypt b->enc_authorization_data in tgs_build_reply() HEIMDAL:kdc: if we don't have an authenticator subkey for S4U2Proxy we need to use the additional tickets key s4:kdc: fix the principal names in samba_kdc_update_delegation_info_blob HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key HEIMDAL:hdb: export a hdb_enctype_supported() helper function s4:kdc: use the strongest possible tgs session key TODO s4:kdc: msDS-SupportedEncryptionTypes only on computers TODO s4:kdc: indicate support for new encryption types by adding empty keys HEIMDAL:kdc: use the correct authtime from addtitional ticket for S4U2Proxy tickets s4:torture: add smb2.session.expire2 test s3:smbd: return the correct error for cancelled SMB2 notifies on expired sessions s3:smb2_server: allow logoff, close, unlock, cancel and echo on expired sessions Merge tag 'samba-4.6.14' into v4-6-test s3:libsmb: allow -U"\\administrator" to work
[SCM] Samba Shared Repository - branch v4-6-test updated
The branch, v4-6-test has been updated via 7705a4d VERSION: Bump version up to 4.6.16... via c4d44b9 VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release. via 46be020 WHATSNEW: Add release notes for Samba 4.6.15. from c90accf torture: Test compound request request counters https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test - Log - commit 7705a4d471a427041616a9897158474d8a5ff457 Author: Karolin SeegerDate: Tue Apr 10 21:22:32 2018 +0200 VERSION: Bump version up to 4.6.16... and re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger commit c4d44b9a78f65a27803ee7005a077292b45690f7 Author: Karolin Seeger Date: Tue Apr 10 21:21:39 2018 +0200 VERSION: Disable GIT_SNAPSHOT for the 4.6.15 release. Signed-off-by: Karolin Seeger commit 46be02065ab90c160911e0671c2b4f8c80a0a032 Author: Karolin Seeger Date: Tue Apr 10 21:21:09 2018 +0200 WHATSNEW: Add release notes for Samba 4.6.15. Signed-off-by: Karolin Seeger --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 81 +--- 2 files changed, 79 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index f746dee..466bd23 100644 --- a/VERSION +++ b/VERSION @@ -25,7 +25,7 @@ SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=6 -SAMBA_VERSION_RELEASE=15 +SAMBA_VERSION_RELEASE=16 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index ca1e471..fa673c3 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,4 +1,79 @@ == + Release Notes for Samba 4.6.15 + April 13, 2018 + == + + +This is the latest stable release of the Samba 4.6 release series. + + +Changes since 4.6.14: +- + +o Jeremy Allison + * BUG 13244: s3: ldap: Ensure the ADS_STRUCT pointer doesn't get freed + on error, we don't own it here. + * BUG 13270: s3: smbd: Fix possible directory fd leak if the underlying + OS doesn't support fdopendir(). + * BUG 13375: s3: smbd: Unix extensions attempts to change wrong field + in fchown call. + +o Günther Deschner + * BUG 13277: build: fix libceph-common detection. + +o Poornima G + * BUG 13297: vfs_glusterfs: Fix the wrong pointer being sent in + glfs_fsync_async. + +o Volker Lendecke + * BUG 13215: Fix smbd panic if the client-supplied channel sequence number + wraps. + * BUG 13240: samba: Only use async signal-safe functions in signal handler. + +o Stefan Metzmacher + * BUG 13197: SMB2 close/lock/logoff can generate + NT_STATUS_NETWORK_SESSION_EXPIRED. + * BUG 13206: Fix authentication with an empty string domain ''. + * BUG 13215: s3:smb2_server: correctly maintain request counters for + compound requests. + +o Anton Nefedov + * BUG 13338: s3:smbd: Map nterror on smb2_flush errorpath. + +o Dan Robertson + * BUG 13310: libsmb: Use smb2 tcon if conn_protocol >= SMB2_02. + +o Garming Sam + * BUG 13031: subnet: Avoid a segfault when renaming subnet objects. + +o Andreas Schneider + * BUG 13315: s3:smbd: Do not crash if we fail to init the session table. + + +### +Reporting bugs & Development Discussion +### + +Please discuss this release on the samba-technical mailing list or by +joining the #samba-technical IRC channel on irc.freenode.net. + +If you do report problems then please try to send high quality +feedback. If you don't provide vital information to help us track down +the problem then you will probably be ignored. All bug reports should +be filed under the "Samba 4.1 and newer" product in the project's Bugzilla +database (https://bugzilla.samba.org/). + + +== +== Our Code, Our Bugs, Our Responsibility. +== The Samba Team +== + + +Release notes for older releases follow: + + + == Release Notes for Samba 4.6.14 March 13, 2018 = @@ -36,7 +111,7 @@ o CVE-2018-1057: