[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 240addaed7b smbd: Convert ret==false into !ret via b063aa1cf13 lib: Use a direct struct initialization via 8f248bee5be smbd: Make sure we don't overwrite tmp_buf via b829d6671f9 smbd: Avoid casts via 62d21fac5ff smbd: Fix typos via 738dc11cb33 vfs: Use cp_smb_filename_nostream() in vfswrap_parent_pathname() via d64e180ba93 smbd: Move "struct fd_handle" into fd_handle.c via 05c41a02dd6 lib: Slightly tune cp_smb_filename_nostream() via 68078e560aa libcli4: Remove outdated README file via 5e9a781dcb8 vfs: Fix a few typos via cde87d62d35 smbd: Fix a typo via d542cbb9a76 smb.conf.5: Fix a typo for "username map script" via a21bc14e13b libsmb: Move cli_qfilename() to its only user in torture.c via 69546f56fe8 dbwrap: Remove unused dbwrap_watched_wakeup() via 72e9b8ceede lib: Fix a debug typo in g_lock.c via b7fc678107d libcli: Remove NT_STATUS_INACCESSIBLE_SYSTEM_SHORTCUT error code via 8b89be8c379 VFS: Fix a typo via d0759cb648f libsmb: move reparse_symlink to libcli/smb/ via 2bb63e04035 libsmb: Avoid a talloc_stackframe.c dependency via 5823634b46e libsmb: Introduce "struct symlink_reparse_struct" via 58c8289b2ff libsmb: Give reparse_symlink.c its own header via fadce102d47 libcli: "smb_util.h" needs "ntstatus.h" via c05bc2d2218 libsmb: Remove "trans_oob()" macro via 8820101cd0b smbclient: Use cli_checkpath in "cd" command via c0fda0bd626 libsmb: Use cli_ntcreate in cli_chkpath via 99d1f1fa10d smbd: Remove unused "struct connections_key" via ca8afc66047 smbd: Give smbXsrv_open.c its own header file from c89799beda6 docs-xml: Fix smbget manpage https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 240addaed7b87759dff13c1c6c18681815c28c92 Author: Volker Lendecke Date: Tue Nov 2 10:35:35 2021 +0100 smbd: Convert ret==false into !ret Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Thu Nov 11 19:59:03 UTC 2021 on sn-devel-184 commit b063aa1cf13ece9673edbf225281993cfa39085d Author: Volker Lendecke Date: Fri Nov 5 11:48:25 2021 +0100 lib: Use a direct struct initialization Don't init with 0 just to overwrite again. Probably the compiler will figure that out anyway, but to me this looks cleaner. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 8f248bee5be182cfbffce99f373cd3675724adba Author: Volker Lendecke Date: Sun Nov 7 19:33:31 2021 +0100 smbd: Make sure we don't overwrite tmp_buf Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit b829d6671f93deeea07ce8b42a023bf9944cb55b Author: Volker Lendecke Date: Fri Nov 5 18:52:56 2021 +0100 smbd: Avoid casts Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 62d21fac5ff243d92089a635ce07298dc3c3b7c9 Author: Volker Lendecke Date: Fri Nov 5 18:52:40 2021 +0100 smbd: Fix typos Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 738dc11cb336d658ff325fb85ac7402428e24d62 Author: Volker Lendecke Date: Fri Nov 5 12:58:58 2021 +0100 vfs: Use cp_smb_filename_nostream() in vfswrap_parent_pathname() Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit d64e180ba93630867d0027cca92c51f8f0ca7d31 Author: Volker Lendecke Date: Fri Nov 5 12:03:02 2021 +0100 smbd: Move "struct fd_handle" into fd_handle.c A separate header file is not required here, everything goes through the API published by fd_handle.c. This makes it harder to include the fd_handle definition and violate the guarantees. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 05c41a02dd6dee3e29b44b69ac3dd6f60d87b475 Author: Volker Lendecke Date: Fri Nov 5 11:51:33 2021 +0100 lib: Slightly tune cp_smb_filename_nostream() Don't talloc_strdup() the stream_name, just to free it again. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 68078e560aae6bafbe9ffc48133271b6552ef1e1 Author: Volker Lendecke Date: Sat Oct 30 11:45:20 2021 +0200 libcli4: Remove outdated README file This has not materialized since 2005. We can easily add it once we create libsmbclient4. Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit 5e9a781dcb82f6c1b8049c0cabdf674f2cb76261 Author: Volker Lendecke Date: Tue Nov 2 11:16:57 2021 +0100 vfs: Fix a few typos Signed-off-by: Volker Lendecke Reviewed-by: Jeremy Allison commit cde87d62d35e7691d29bd7a5aa45022c96db4fd3 Author: Volker Lendecke Date: Tue Nov 2 11:06:18 2021 +0100
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 7604118 add references to https://bugzilla.samba.org/show_bug.cgi?id=14901 from 8375dbc add a reference to the regression fixes at https://bugzilla.samba.org/show_bug.cgi?id=14899 https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 76041187b55e10febd033ce7087c3ef4c6160af1 Author: Stefan Metzmacher Date: Thu Nov 11 21:23:05 2021 +0100 add references to https://bugzilla.samba.org/show_bug.cgi?id=14901 --- Summary of changes: posted_news/20211108-113640.4.15.2.body.html | 6 ++ security/CVE-2020-25717.html | 10 ++ 2 files changed, 16 insertions(+) Changeset truncated at 500 lines: diff --git a/posted_news/20211108-113640.4.15.2.body.html b/posted_news/20211108-113640.4.15.2.body.html index 7ebb6a3..4370442 100644 --- a/posted_news/20211108-113640.4.15.2.body.html +++ b/posted_news/20211108-113640.4.15.2.body.html @@ -21,6 +21,12 @@ as there are important behaviour changes for There's sadly a regression that "allow trusted domains = no" prevents winbindd from starting, fixes are available at https://bugzilla.samba.org/show_bug.cgi?id=14899;>bug #14899. + +Please also notice the additional fix and advanced example +for the 'username map [script]' based fallback from +'DOMAIN\user' to 'user'. See +https://bugzilla.samba.org/show_bug.cgi?id=14901;>bug #14901 and +https://gitlab.com/samba-team/samba/-/merge_requests/2251;>Gitlab merge request 2251. diff --git a/security/CVE-2020-25717.html b/security/CVE-2020-25717.html index 8371c90..49811db 100644 --- a/security/CVE-2020-25717.html +++ b/security/CVE-2020-25717.html @@ -94,6 +94,16 @@ Please consult 'man 5 smb.conf' for further details on 'username map' or 'username map script'. Also note that in the above example '\' refers to the default value of the 'winbind separator' option. +[Added 2021-11-11] + There's sadly a regression that "allow trusted domains = no" + prevents winbindd from starting, fixes are available at + https://bugzilla.samba.org/show_bug.cgi?id=14899 + + Please also notice the additional fix and advanced example + for the 'username map [script]' based fallback from + 'DOMAIN\user' to 'user'. See + https://bugzilla.samba.org/show_bug.cgi?id=14901 and + https://gitlab.com/samba-team/samba/-/merge_requests/2251 Beyond Samba -- Samba Website Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c89799beda6 docs-xml: Fix smbget manpage from 57c1e115ece smbd: reopen logs on SIGHUP for notifyd and cleanupd https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c89799beda6757c03045e3b103344adc15006a33 Author: Andreas Schneider Date: Thu Nov 11 14:46:15 2021 +0100 docs-xml: Fix smbget manpage There is no anymore. Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Nov 11 16:27:12 UTC 2021 on sn-devel-184 --- Summary of changes: docs-xml/manpages/smbget.1.xml | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smbget.1.xml b/docs-xml/manpages/smbget.1.xml index e91e5eb8cf4..64924ef9ca8 100644 --- a/docs-xml/manpages/smbget.1.xml +++ b/docs-xml/manpages/smbget.1.xml @@ -34,6 +34,7 @@ -b, --blocksize -O, --stdout -u, --update + -e, --encrypt -?, --help --usage smb://host/share/path/to/file @@ -145,7 +146,10 @@ Download only when remote file is newer than local file or local file is missing. - + +-e, --encrypt + Enable SMB encryption. + -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 57c1e115ece smbd: reopen logs on SIGHUP for notifyd and cleanupd
from 06ed4ccba6c lib/cmdline: setup default file logging for servers
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 57c1e115ecef41ef18599e5233079ccd83d13bfc
Author: Volker Lendecke
Date: Tue Jul 7 11:32:46 2020 +0200
smbd: reopen logs on SIGHUP for notifyd and cleanupd
Signed-off-by: Volker Lendecke
Reviewed-by: Ralph Boehme
Autobuild-User(master): Volker Lendecke
Autobuild-Date(master): Thu Nov 11 15:34:28 UTC 2021 on sn-devel-184
---
Summary of changes:
source3/smbd/server.c | 26 +-
1 file changed, 25 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index d02ff1bd883..05592d0ef41 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -403,6 +403,7 @@ static void notifyd_sig_hup_handler(struct tevent_context
*ev,
{
DBG_NOTICE("notifyd: Reloading services after SIGHUP\n");
reload_services(NULL, NULL, false);
+ reopen_logs();
}
static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive,
@@ -410,10 +411,10 @@ static bool smbd_notifyd_init(struct messaging_context
*msg, bool interactive,
{
struct tevent_context *ev = messaging_tevent_context(msg);
struct tevent_req *req;
+ struct tevent_signal *se = NULL;
pid_t pid;
NTSTATUS status;
bool ok;
- struct tevent_signal *se;
if (interactive) {
req = notifyd_req(msg, ev);
@@ -570,6 +571,17 @@ static void notifyd_started(struct tevent_req *req)
}
}
+static void cleanupd_sig_hup_handler(struct tevent_context *ev,
+struct tevent_signal *se,
+int signum,
+int count,
+void *siginfo,
+void *pvt)
+{
+ DBG_NOTICE("cleanupd: Reloading services after SIGHUP\n");
+ reopen_logs();
+}
+
static void cleanupd_stopped(struct tevent_req *req);
static bool cleanupd_init(struct messaging_context *msg, bool interactive,
@@ -577,6 +589,7 @@ static bool cleanupd_init(struct messaging_context *msg,
bool interactive,
{
struct tevent_context *ev = messaging_tevent_context(msg);
struct server_id parent_id = messaging_server_id(msg);
+ struct tevent_signal *se = NULL;
struct tevent_req *req;
pid_t pid;
NTSTATUS status;
@@ -647,6 +660,17 @@ static bool cleanupd_init(struct messaging_context *msg,
bool interactive,
exit(1);
}
+ se = tevent_add_signal(ev,
+ ev,
+ SIGHUP,
+ 0,
+ cleanupd_sig_hup_handler,
+ NULL);
+ if (se == NULL) {
+ DBG_ERR("Could not add SIGHUP handler\n");
+ exit(1);
+ }
+
req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
if (req == NULL) {
DBG_WARNING("smbd_cleanupd_send failed\n");
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 06ed4ccba6c lib/cmdline: setup default file logging for servers
via 97592f16bfb lib/cmdline: remember config_type in
samba_cmdline_init()
via 120a598e531 lib/cmdline: fix indentation
via fa9d9974d06 lib/debug: in debug_set_logfile() call
reopen_logs_internal()
via 948a82bd265 lib/debug: fix fd check before dup'ing to stderr
via 117d45df47a winbindd: remove is_default_dyn_LOGFILEBASE() logic
via 54f54fc2627 samba-bgqd: fix startup and logging
via 25043ebb2e6 source3: move lib/substitute.c functions out of proto.h
from c28be406746 auth:creds: Guess the username first via getpwuid(my_id)
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 06ed4ccba6cfe08aef061866f98b1d1da26682b8
Author: Ralph Boehme
Date: Mon Nov 8 12:09:43 2021 +0100
lib/cmdline: setup default file logging for servers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
RN: samba process doesn't log to logfile
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
Autobuild-User(master): Ralph Böhme
Autobuild-Date(master): Thu Nov 11 14:42:13 UTC 2021 on sn-devel-184
commit 97592f16bfb8590efbd2ed31fc9883d747ec650f
Author: Ralph Boehme
Date: Mon Nov 8 12:09:16 2021 +0100
lib/cmdline: remember config_type in samba_cmdline_init()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
commit 120a598e53173aacc0994318223bdac33dac4fbd
Author: Ralph Boehme
Date: Mon Nov 8 12:08:47 2021 +0100
lib/cmdline: fix indentation
s/whitespace/tab/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
commit fa9d9974d068897d35539e5316f606a15e8b38de
Author: Ralph Boehme
Date: Mon Nov 8 19:41:50 2021 +0100
lib/debug: in debug_set_logfile() call reopen_logs_internal()
This simplifies the logging API for callers that typically would want to set
logging by just setup_logging() once without bothering that typically
configuration is loaded (via some lpcfg_load*() or lp_load*() varient) which
will only then pick up the configured logfile from smb.conf without actually
applying the new logifle to the logging subsytem.
Therefor our daemons will additionally call reopen_logs() explicitly in
their
startup code after config is loaded, eg
setup_logging(getprogname(), DEBUG_FILE);
...
lpcfg_load(lp_ctx, config_file);
...
reopen_logs();
By calling reopen_logs_internal() implicitly from debug_set_logfile()
there's no
need to call reopen_logs() explicitly anymore to apply the logfile.
As reopen_logs() will also apply other logging configuration options, we
have to
keep the explicit calls in the daemon code. But at least this allows
consistent
logging setup wrt to the logfile in the new cmdline library.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
commit 948a82bd2651e73e4e669a89dc77ba93abbb9b2f
Author: Ralph Boehme
Date: Wed Nov 10 14:13:11 2021 +0100
lib/debug: fix fd check before dup'ing to stderr
Before I added per-class logfile and we had only one fd for the logfile the
code
looked like this:
/* Take over stderr to catch output into logs */
if (state.fd > 0) {
if (dup2(state.fd, 2) == -1) {
/* Close stderr too, if dup2 can't point it -
at the logfile. There really isn't much
that can be done on such a fundamental
failure... */
close_low_fd(2);
}
}
In the current code the equivalent to state.fd is dbgc_config[DBGC_ALL].fd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
commit 117d45df47a1f3206bc38aaeaa11f2b327e43530
Author: Ralph Boehme
Date: Wed Nov 10 18:27:08 2021 +0100
winbindd: remove is_default_dyn_LOGFILEBASE() logic
Handling of -l commandline parameter is already implemented by lib/cmdline/.
is_default_dyn_LOGFILEBASE() == true is the default case and this causes us
to
temporarily overwrite the configured logfile with LOGFILEBASE/log.winbindd
until
winbindd_reload_services_file() restores it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14897
Signed-off-by: Ralph Boehme
Reviewed-by: Andreas Schneider
commit 54f54fc2627acbf5fac5e1fa86ab9f743741f3c4
Author: Ralph Boehme
Date: Thu Nov 11 05:23:09 2021 +0100
[SCM] Resolv Wrapper Repository - branch master updated
The branch, master has been updated
via c75587f cmake: Fix detection of a fully seperate libresolv
via c741eab doc: Update documentation for glibc 2.34 changes
via fd4b5a4 doc: Rename resolv_wrapper.1.txt to resolv_wrapper.1.adoc
via 7909e0a rwrap: Use our own rwrap_randomid()
via 9172ea4 tests: Add test_res_fake_uri_nsearch()
from fce9dec Bump version to 1.1.7
https://git.samba.org/?p=resolv_wrapper.git;a=shortlog;h=master
- Log -
commit c75587f858eb49e6b13ab610e63289df0485ddac
Author: Andreas Schneider
Date: Wed Nov 3 15:12:22 2021 +0100
cmake: Fix detection of a fully seperate libresolv
With glibc 2.24 all res_* symbols moved from libresolv to libc. This means
that socket_wrapper is not able to do the traffic to the DNS server. This
leaves us only with DNS faking.
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
commit c741eabfaad7a611bdb6cb6bac5bbe53ca4582cc
Author: Andreas Schneider
Date: Wed Nov 3 15:22:44 2021 +0100
doc: Update documentation for glibc 2.34 changes
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
commit fd4b5a4719d6e13d883d7e1fc9c9e944dfa2715e
Author: Andreas Schneider
Date: Wed Nov 3 15:24:42 2021 +0100
doc: Rename resolv_wrapper.1.txt to resolv_wrapper.1.adoc
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
commit 7909e0a3dcd23a4d5e340de9410d628e223ea524
Author: Andreas Schneider
Date: Wed Nov 3 15:09:56 2021 +0100
rwrap: Use our own rwrap_randomid()
This is what glibc does, but the function is marked as deprecated now.
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
commit 9172ea46b69655603e8db97fc6f1cdffdde03da0
Author: Andreas Schneider
Date: Thu Aug 19 12:47:30 2021 +0200
tests: Add test_res_fake_uri_nsearch()
Signed-off-by: Andreas Schneider
Reviewed-by: Ralph Boehme
---
Summary of changes:
ConfigureChecks.cmake | 21 ++-
doc/README | 6 +-
doc/resolv_wrapper.1 | 166 +++--
...{resolv_wrapper.1.txt => resolv_wrapper.1.adoc} | 4 +
src/resolv_wrapper.c | 4 +-
tests/test_dns_fake.c | 60
6 files changed, 175 insertions(+), 86 deletions(-)
rename doc/{resolv_wrapper.1.txt => resolv_wrapper.1.adoc} (92%)
Changeset truncated at 500 lines:
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index 8444232..6eb00da 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -57,12 +57,23 @@ check_function_exists(getexecname HAVE_GETEXECNAME)
find_library(RESOLV_LIRBRARY resolv)
if (RESOLV_LIRBRARY)
-set(HAVE_LIBRESOLV TRUE)
+check_function_exists(res_nquery HAVE_LIBC_RES_INIT)
+check_function_exists(__res_query HAVE_LIBC__RES_INIT)
+
+if (NOT HAVE_LIBC_RES_INIT AND NOT HAVE_LIBC__RES_INIT)
+set(CMAKE_REQUIRED_LIBRARIES ${RESOLV_LIRBRARY})
+check_function_exists(res_query HAVE_RES_QUERY)
+check_function_exists(__res_query HAVE___RES_QUERY)
+unset(CMAKE_REQUIRED_LIBRARIES)
+
+if (HAVE_RES_QUERY OR HAVE___RES_QUERY)
+set(HAVE_LIBRESOLV 1)
+
+endif()
+endif()
# If we have a libresolv, we need to check functions linking the library
list(APPEND _REQUIRED_LIBRARIES ${RESOLV_LIRBRARY})
-else()
-message(STATUS "libresolv not found on ${CMAKE_SYSTEM_NAME}: Only dns
faking will be available")
endif()
set(CMAKE_REQUIRED_LIBRARIES ${RESOLV_LIRBRARY})
@@ -205,4 +216,8 @@ int main(void) {
# ENDIAN
test_big_endian(WORDS_BIGENDIAN)
+if (NOT HAVE_LIBRESOLV)
+message(STATUS "Limited features: Only dns faking will be available")
+endif()
+
set(RWRAP_REQUIRED_LIBRARIES ${_REQUIRED_LIBRARIES} CACHE INTERNAL
"resolv_wrapper required system libraries")
diff --git a/doc/README b/doc/README
index 8798ec5..94e5d47 100644
--- a/doc/README
+++ b/doc/README
@@ -1,3 +1,7 @@
The manpage is written with asciidoc. To generate the manpage use:
-a2x --doctype manpage --format manpage doc/resolv_wrapper.1.txt
+asciidoctor -b manpage doc/resolv_wrapper.1.adoc
+
+or
+
+a2x --doctype manpage --format manpage doc/resolv_wrapper.1.txt
diff --git a/doc/resolv_wrapper.1 b/doc/resolv_wrapper.1
index 1def7e8..ccbf282 100644
--- a/doc/resolv_wrapper.1
+++ b/doc/resolv_wrapper.1
@@ -1,50 +1,54 @@
'\" t
.\" Title: resolv_wrapper
.\"Author: The Samba Team
-.\" Generator: DocBook XSL Stylesheets vsnapshot
[SCM] Samba Shared Repository - branch v4-13-test updated
The branch, v4-13-test has been updated
via b7158d4ce85 s3:winbindd: fix "allow trusted domains = no" regression
from 959fb5a4c69 VERSION: Bump version up to Samba 4.13.15...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-13-test
- Log -
commit b7158d4ce853f3ce4342ff9756490104ad163b9c
Author: Stefan Metzmacher
Date: Tue Nov 9 20:50:20 2021 +0100
s3:winbindd: fix "allow trusted domains = no" regression
add_trusted_domain() should only reject domains
based on is_allowed_domain(), which now also
checks "allow trusted domains = no", if we don't
have an explicit trust to the domain (SEC_CHAN_NULL).
We use at least SEC_CHAN_LOCAL for local domains like
BUILTIN.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14899
Signed-off-by: Stefan Metzmacher
Reviewed-by: Andreas Schneider
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Nov 10 11:21:31 UTC 2021 on sn-devel-184
(cherry picked from commit a7f6c60cb037b4bc9eee276236539b8282213935)
Autobuild-User(v4-13-test): Stefan Metzmacher
Autobuild-Date(v4-13-test): Thu Nov 11 10:37:06 UTC 2021 on sn-devel-184
---
Summary of changes:
source3/winbindd/winbindd_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 1ae4a8d3ca3..a4f33c4765b 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -131,7 +131,7 @@ static NTSTATUS add_trusted_domain(const char *domain_name,
return NT_STATUS_INVALID_PARAMETER;
}
- if (!is_allowed_domain(domain_name)) {
+ if (secure_channel_type == SEC_CHAN_NULL &&
!is_allowed_domain(domain_name)) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
--
Samba Shared Repository
