[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via cc93469 lib: Fix CID 1128553 Unchecked return value from library
via 0db470d lib: Fix CID 1325733 Uninitialized scalar variable
via 70dbba9 s3:ctdbd_conn: make sure we destroy tevent_fd before
closing the socket
from 97bb100 lib: Pass sockname and timeout to ctdbd_probe()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit cc93469a047ef92036c3e0eed24933d3e2c1b353
Author: Volker Lendecke <v...@samba.org>
Date: Tue Oct 6 09:57:59 2015 +0200
lib: Fix CID 1128553 Unchecked return value from library
At the same time, avoid chmod in favor of fchmod
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Tue Oct 6 13:12:48 CEST 2015 on sn-devel-104
commit 0db470df9172bb855409f4ba51dfc95e87e90c55
Author: Volker Lendecke <v...@samba.org>
Date: Tue Oct 6 09:54:19 2015 +0200
lib: Fix CID 1325733 Uninitialized scalar variable
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 70dbba96e311449575f571db68710584fc991234
Author: Stefan Metzmacher <me...@samba.org>
Date: Mon Oct 5 15:57:42 2015 +0200
s3:ctdbd_conn: make sure we destroy tevent_fd before closing the socket
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
---
Summary of changes:
source3/lib/ctdbd_conn.c | 7 ++-
source3/lib/dbwrap/dbwrap_ctdb.c | 18 +-
2 files changed, 19 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index da2c3a9..c743356 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -405,7 +405,11 @@ static int ctdb_read_req(struct ctdbd_connection *conn,
uint32_t reqid,
static int ctdbd_connection_destructor(struct ctdbd_connection *c)
{
- close(c->fd);
+ TALLOC_FREE(c->fde);
+ if (c->fd != -1) {
+ close(c->fd);
+ c->fd = -1;
+ }
return 0;
}
/*
@@ -690,6 +694,7 @@ static NTSTATUS ctdbd_control(struct ctdbd_connection *conn,
if (hdr->operation != CTDB_REPLY_CONTROL) {
DEBUG(0, ("received invalid reply\n"));
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
goto fail;
}
reply = (struct ctdb_reply_control *)hdr;
diff --git a/source3/lib/dbwrap/dbwrap_ctdb.c b/source3/lib/dbwrap/dbwrap_ctdb.c
index 9852bc7..9402bdd 100644
--- a/source3/lib/dbwrap/dbwrap_ctdb.c
+++ b/source3/lib/dbwrap/dbwrap_ctdb.c
@@ -1597,11 +1597,6 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
tdb_flags &= TDB_SEQNUM|TDB_VOLATILE|
TDB_MUTEX_LOCKING|TDB_CLEAR_IF_FIRST;
- /* honor permissions if user has specified O_CREAT */
- if (open_flags & O_CREAT) {
- chmod(db_path, mode);
- }
-
prio.db_id = db_ctdb->db_id;
prio.priority = lock_order;
@@ -1653,6 +1648,19 @@ struct db_context *db_open_ctdb(TALLOC_CTX *mem_ctx,
}
talloc_free(db_path);
+ /* honor permissions if user has specified O_CREAT */
+ if (open_flags & O_CREAT) {
+ int fd, ret;
+ fd = tdb_fd(db_ctdb->wtdb->tdb);
+ ret = fchmod(fd, mode);
+ if (ret == -1) {
+ DBG_WARNING("%s: fchmod failed: %s\n", __func__,
+ strerror(errno));
+ TALLOC_FREE(result);
+ return NULL;
+ }
+ }
+
if (result->persistent) {
db_ctdb->lock_ctx = g_lock_ctx_init(db_ctdb,
ctdb_conn_msg_ctx(conn));
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 1d2a1a6 s4:lib/messaging: use 'msg.lock' and 'msg.sock' for
messaging related subdirs
via 1aabd92 s3:lib/messages: use 'msg.lock' and 'msg.sock' for
messaging related subdirs
via b0fa831 s3:lib/messages: add missing allocation check for priv_path
from 5866fcc s4: tests: Fix nss_tests build on Solaris.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 1d2a1a685ebdf479c511e01764e5148dbcbb37c9
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 16 12:44:43 2015 +0200
s4:lib/messaging: use 'msg.lock' and 'msg.sock' for messaging related
subdirs
In Samba 4.2, we used lock_path("msg") (with 0700) for the socket directory,
while we use lock_path("msg") (with 0755) for the lock file directory.
This generates a conflict that prevents samba, smbd, nmbd and winbindd
from starting after an upgrade.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11515
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Thu Sep 17 09:04:59 CEST 2015 on sn-devel-104
commit 1aabd9298d59d4f57d321ecaee59e99d966089ff
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 16 12:44:43 2015 +0200
s3:lib/messages: use 'msg.lock' and 'msg.sock' for messaging related subdirs
In Samba 4.2, we used lock_path("msg") (with 0700) for the socket directory,
while we use lock_path("msg") (with 0755) for the lock file directory.
This generates a conflict that prevents samba, smbd, nmbd and winbindd
from starting after an upgrade.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11515
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit b0fa8316beefc7808b059f514448d41224d1c1fb
Author: Stefan Metzmacher <me...@samba.org>
Date: Wed Sep 16 12:42:48 2015 +0200
s3:lib/messages: add missing allocation check for priv_path
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11515
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
---
Summary of changes:
source3/lib/messages.c| 10 +++---
source4/lib/messaging/messaging.c | 4 ++--
2 files changed, 9 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index 78ff721..07d1c83 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -306,7 +306,7 @@ struct messaging_context *messaging_init(TALLOC_CTX
*mem_ctx,
sec_init();
- lck_path = lock_path("msg");
+ lck_path = lock_path("msg.lock");
if (lck_path == NULL) {
TALLOC_FREE(ctx);
return NULL;
@@ -321,7 +321,11 @@ struct messaging_context *messaging_init(TALLOC_CTX
*mem_ctx,
return NULL;
}
- priv_path = private_path("sock");
+ priv_path = private_path("msg.sock");
+ if (priv_path == NULL) {
+ TALLOC_FREE(ctx);
+ return NULL;
+ }
ok = directory_create_or_exist_strict(priv_path, sec_initial_uid(),
0700);
@@ -395,7 +399,7 @@ NTSTATUS messaging_reinit(struct messaging_context *msg_ctx)
msg_ctx->msg_dgm_ref = messaging_dgm_ref(
msg_ctx, msg_ctx->event_ctx, msg_ctx->id.unique_id,
- private_path("sock"), lock_path("msg"),
+ private_path("msg.sock"), lock_path("msg.lock"),
messaging_recv_cb, msg_ctx, );
if (msg_ctx->msg_dgm_ref == NULL) {
diff --git a/source4/lib/messaging/messaging.c
b/source4/lib/messaging/messaging.c
index 6ce1ce7..d91d175 100644
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -323,7 +323,7 @@ struct imessaging_context *imessaging_init(TALLOC_CTX
*mem_ctx,
/* create the messaging directory if needed */
- msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "sock");
+ msg->sock_dir = lpcfg_private_path(msg, lp_ctx, "msg.sock");
if (msg->sock_dir == NULL) {
goto fail;
}
@@ -332,7 +332,7 @@ struct imessaging_context *imessaging_init(TALLOC_CTX
*mem_ctx,
goto fail;
}
- msg->lock_dir = lpcfg_lock_path(msg, lp_ctx, "msg");
+ msg->lock_dir = lpcfg_lock_path(msg, lp_ctx, "msg.lock");
if (msg->lock_dir == NULL) {
goto fail;
}
--
Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated
via 3a93b1a generated_news.sh: generate
generated_news/latest_stable_release.html based on history/samba.*
from 5be2055 use the autogenerated latest_stable_release.html
https://git.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -
commit 3a93b1ae71ed807a72d4dbd327009dd6611408fc
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 8 10:57:53 2015 +0200
generated_news.sh: generate generated_news/latest_stable_release.html based
on history/samba.*
Signed-off-by: Stefan Metzmacher <me...@samba.org>
---
Summary of changes:
generated_news.sh | 41 +
1 file changed, 37 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/generated_news.sh b/generated_news.sh
index 9f4e708..e6001b2 100755
--- a/generated_news.sh
+++ b/generated_news.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
#
LC_ALL=C
@@ -33,10 +33,43 @@ generate() {
return 0
}
+generate_latest_stable_release() {
+ local dst="$1"
+ local download_url="$2"
+
+ pushd history >/dev/null
+ ALL_VERSIONS=$(ls samba-*.html | cut -d '-' -f2- | cut -d '.' -f1-3 |
sort -t. -k 1,1n -k 2,2n -k 3,3n -u)
+ LATEST_VERSION=$(echo "${ALL_VERSIONS}" | tail -1)
+ popd >/dev/null
+
+ echo "LATEST_VERSION: ${LATEST_VERSION}"
+
+ local tgz="samba-${LATEST_VERSION}.tar.gz"
+ local asc="samba-${LATEST_VERSION}.tar.asc"
+ local release_notes="history/samba-${LATEST_VERSION}.html"
+
+ test "${dst}" -nt "${release_notes}" && {
+ echo "${dst}: up to date"
+ return 0
+ }
+
+ echo "${dst}: regenerating"
+ {
+ echo ""
+ echo ""
+ echo "Samba
${LATEST_VERSION} (gzipped)"
+ echo "Release Notes
"
+ echo "Signature"
+ echo ""
+ echo ""
+
+ } > ${dst}.tmp
+ mv ${dst}.tmp ${dst}
+}
+
generate "generated_news/latest_10_headlines.html" "10" "*.headline.html"
generate "generated_news/latest_10_bodies.html" "10" "*.body.html"
generate "generated_news/latest_2_bodies.html" "2" "*.body.html"
-test -l generated_news/latest_stable_release.html || {
- ln -s ../ftp/.latest_stable_release.html
generated_news/latest_stable_release.html
-}
+download_url="https://download.samba.org/pub/samba/stable;
+generate_latest_stable_release "generated_news/latest_stable_release.html"
"${download_url}"
--
Samba Website Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated
via 5be2055 use the autogenerated latest_stable_release.html
from 232ed66 NEWS[socket_wrapper-1.1.4]: socket_wrapper-1.1.4 released
https://git.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -
commit 5be2055951de5801fed94537bad230a982e441c0
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 8 10:19:18 2015 +0200
use the autogenerated latest_stable_release.html
Signed-off-by: Stefan Metzmacher <me...@samba.org>
---
Summary of changes:
.gitignore | 1 +
box_releases.html | 2 +-
generated_news.sh | 4
latest_stable_release.html | 7 ---
4 files changed, 6 insertions(+), 8 deletions(-)
delete mode 100644 latest_stable_release.html
Changeset truncated at 500 lines:
diff --git a/.gitignore b/.gitignore
index 139d1bf..1abc650 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
generated_news/latest_10_headlines.html
generated_news/latest_10_bodies.html
generated_news/latest_2_bodies.html
+generated_news/latest_stable_release.html
diff --git a/box_releases.html b/box_releases.html
index 52172dd..98bbea9 100644
--- a/box_releases.html
+++ b/box_releases.html
@@ -1,6 +1,6 @@
Current stable release
-
+
Release History
diff --git a/generated_news.sh b/generated_news.sh
index d2c64aa..9f4e708 100755
--- a/generated_news.sh
+++ b/generated_news.sh
@@ -36,3 +36,7 @@ generate() {
generate "generated_news/latest_10_headlines.html" "10" "*.headline.html"
generate "generated_news/latest_10_bodies.html" "10" "*.body.html"
generate "generated_news/latest_2_bodies.html" "2" "*.body.html"
+
+test -l generated_news/latest_stable_release.html || {
+ ln -s ../ftp/.latest_stable_release.html
generated_news/latest_stable_release.html
+}
diff --git a/latest_stable_release.html b/latest_stable_release.html
deleted file mode 100644
index b1d5676..000
--- a/latest_stable_release.html
+++ /dev/null
@@ -1,7 +0,0 @@
-
-
- Samba 4.2.3
(gzipped)
- Release Notes
- Signature
-
-
--
Samba Website Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 18e3eba samr4: Use
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 5a2608f history: fix and in samba-4.3.0.html from 765517d history: fix and order in samba-4.3.0.html https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 5a2608f8e7a775fd029d959c2da27926b3ba390e Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 9 01:24:43 2015 +0200 history: fix and in samba-4.3.0.html Signed-off-by: Stefan Metzmacher <me...@samba.org> --- Summary of changes: history/samba-4.3.0.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/history/samba-4.3.0.html b/history/samba-4.3.0.html index e451e6a..d2092bd 100644 --- a/history/samba-4.3.0.html +++ b/history/samba-4.3.0.html @@ -340,7 +340,7 @@ CHANGES SINCE 4.2.0rc3 o Ralph Boehme s...@samba.org * Bug 11444: Crash in notify_remove caused by change notify = no -o Guuml;nther Deschner g...@samba.org +o Gnther Deschner g...@samba.org * Bug 11411: smbtorture does not build when configured --with-system-mitkrb5 o Volker Lendecke v...@samba.org @@ -395,7 +395,7 @@ CHANGES SINCE 4.3.0rc1 o Jeremy Allison j...@samba.org * BUG 11359: strsep is not available on Solaris -o Bjouml;rn Baumbach b...@sernet.de +o Bjrn Baumbach b...@sernet.de * BUG 11421: Build with GPFS support is broken o Justin Maggard jmagg...@netgear.com -- Samba Website Repository
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 0befbeb samr4: Use
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via 9bc968a samr4: Use
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via b9e5d16 ldb:wscript: make it possible to build samba with a system
ldb again
from c1c5a2e selftest: add a check for disabled change notify
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit b9e5d16aca1f31b99da09852121e8dba814295cb
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Aug 27 11:14:51 2015 +0200
ldb:wscript: make it possible to build samba with a system ldb again
This fixes a regression in commit fcf4a891945b22dc6eccdc71fd441f1a879f556a.
If we check for 'ldb' later the 'pyldb-util' can't depend on the 'ldb'
check.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11458
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org>
Autobuild-Date(master): Mon Aug 31 18:53:16 CEST 2015 on sn-devel-104
(cherry picked from commit 2947a7041ba22b52a8a4ce0ad5ebc6095ea09ea0)
Autobuild-User(v4-3-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-3-test): Tue Sep 1 12:36:48 CEST 2015 on sn-devel-104
---
Summary of changes:
lib/ldb/wscript | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 0e81932..0996f51 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -56,11 +56,11 @@ def configure(conf):
if not conf.env.standalone_ldb:
if conf.CHECK_BUNDLED_SYSTEM_PKG('pyldb-util', minversion=VERSION,
- onlyif='talloc tdb tevent ldb',
+ onlyif='talloc tdb tevent',
implied_deps='replace talloc tdb tevent
ldb'):
conf.define('USING_SYSTEM_PYLDB_UTIL', 1)
if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', minversion=VERSION,
- onlyif='talloc tdb tevent',
+ onlyif='talloc tdb tevent pyldb-util',
implied_deps='replace talloc tdb
tevent'):
conf.define('USING_SYSTEM_LDB', 1)
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-3-stable updated
winbindd/wb_gid2sid.c | 15 +-
source3/winbindd/wb_uid2sid.c | 15 +-
source3/winbindd/winbindd.h| 7 -
source3/winbindd/winbindd_dual_srv.c | 6 +-
source3/winbindd/winbindd_util.c | 33 --
source4/selftest/tests.py | 4 +-
source4/torture/local/local.c | 2 +
source4/torture/rpc/lsa.c | 11 +
source4/torture/smb2/notify_disabled.c | 119 ++
source4/torture/smb2/smb2.c| 1 +
source4/torture/smb2/wscript_build | 2 +-
43 files changed, 1821 insertions(+), 635 deletions(-)
create mode 100644 lib/crypto/aes_ccm_128_test.c
create mode 100644 lib/crypto/aes_test.h
create mode 100644 source4/torture/smb2/notify_disabled.c
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 799aa62..041639a 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
-SAMBA_VERSION_RC_RELEASE=3
+SAMBA_VERSION_RC_RELEASE=4
# To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 68ff6ef..2a8e09a 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=
-This is the third release candidate of Samba 4.3. This is *not*
+This is the fourth release candidate of Samba 4.3. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -257,6 +257,13 @@ results are more accurate than running the test with an
emulator, because
they reflect the exact kernel and system libraries that exist on the
target.
+Improved Sparse File Support
+
+Support for the FSCTL_SET_ZERO_DATA and FSCTL_QUERY_ALLOCATED_RANGES
+SMB2 requests has been added to the smbd file server.
+This allows for clients to deallocate (hole punch) regions within a
+sparse file, and check which portions of a file are allocated.
+
##
Changes
@@ -290,6 +297,32 @@ KNOWN ISSUES
Currently none.
+CHANGES SINCE 4.2.0rc3
+==
+
+o Ralph Boehme <s...@samba.org>
+* Bug 11444: Crash in notify_remove caused by change notify = no
+
+o Günther Deschner <g...@samba.org>
+* Bug 11411: smbtorture does not build when configured
--with-system-mitkrb5
+
+o Volker Lendecke <v...@samba.org>
+* Bug 11455: fix recursion problem in rep_strtoll in lib/replace/replace.c
+* Bug 11464: xid2sid gives inconsistent results
+* Bug 11465: ctdb: Fix the build on FreeBSD 10.1
+
+o Roel van Meer <r...@1afa.com>
+* Bug 11427: nmbd incorrectly matches netbios names as own name
+
+o Stefan Metzmacher <me...@samba.org>
+* Bug 11451: Poor SMB3 encryption performance with AES-GCM
+* Bug 11458: --bundled-libraries=!ldb,!pyldb,!pyldb-util doesn't
+ disable ldb build and install
+
+o Andreas Schneider <a...@samba.org>
+* Bug 9862: Samba "map to guest = Bad uid" doesn't work
+
+
CHANGES SINCE 4.3.0rc2
==
diff --git a/ctdb/common/system_util.c b/ctdb/common/system_util.c
index 1ae0bae..663df6e 100644
--- a/ctdb/common/system_util.c
+++ b/ctdb/common/system_util.c
@@ -157,7 +157,7 @@ bool parse_ipv4(const char *s, unsigned port, struct
sockaddr_in *sin)
}
#ifdef HAVE_SOCK_SIN_LEN
- sin->ip.sin_len = sizeof(*sin);
+ sin->sin_len = sizeof(*sin);
#endif
return true;
}
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index a47a456..800a97e 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -32,9 +32,10 @@
*/
#include "replace.h"
+#include "aes.h"
+#ifdef SAMBA_RIJNDAEL
#include "rijndael-alg-fst.h"
-#include "aes.h"
int
AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
@@ -65,7 +66,9 @@ AES_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key)
{
rijndaelDecrypt(key->key, key->rounds, in, out);
}
+#endif /* SAMBA_RIJNDAEL */
+#ifdef SAMBA_AES_CBC_ENCRYPT
void
AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
unsigned long size, const AES_KEY *key,
@@ -112,25 +115,29 @@ AES_cbc_encrypt(const unsigned char *in, unsigned char
*out,
}
}
}
+#endif /* SAMBA_AES_CBC_ENCRYPT */
-void aes_cfb8_encrypt(const uint8_t *in, uint8_t *out,
- size_t length, const AES_KEY *key,
- uint8_t *iv, int forward)
+#ifdef SAMBA_AES_CFB8_ENCRYPT
+void
+AES_cfb8_encrypt(const unsigned char *in, unsigned char *o
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 07e605d NEWS[4.3.0rc4]: Samba 4.3.0rc4 Available for Download from b07ec09 NEWS[4.1.20]: Samba 4.1.20 Available for Download https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 07e605d7105dc840c6babb19977f277279b7f485 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Sep 1 14:13:08 2015 +0200 NEWS[4.3.0rc4]: Samba 4.3.0rc4 Available for Download Signed-off-by: Stefan Metzmacher <me...@samba.org> --- Summary of changes: posted_news/20150901-121137.4.3.0rc4.body.html | 13 + posted_news/20150901-121137.4.3.0rc4.headline.html | 3 +++ 2 files changed, 16 insertions(+) create mode 100644 posted_news/20150901-121137.4.3.0rc4.body.html create mode 100644 posted_news/20150901-121137.4.3.0rc4.headline.html Changeset truncated at 500 lines: diff --git a/posted_news/20150901-121137.4.3.0rc4.body.html b/posted_news/20150901-121137.4.3.0rc4.body.html new file mode 100644 index 000..3060b80 --- /dev/null +++ b/posted_news/20150901-121137.4.3.0rc4.body.html @@ -0,0 +1,13 @@ + +01 September 2015 +Samba 4.3.0rc4 Available for Download + +This is the fourth release candidate of the upcoming Samba 4.3 release series. + + +The uncompressed tarball has been signed using GnuPG (ID 6568B7EA). +The source code can be https://download.samba.org/pub/samba/rc/samba-4.3.0rc4.tar.gz;>downloaded now. +See https://download.samba.org/pub/samba/rc/samba-4.3.0rc4.WHATSNEW.txt;>the release notes for more info. + + + diff --git a/posted_news/20150901-121137.4.3.0rc4.headline.html b/posted_news/20150901-121137.4.3.0rc4.headline.html new file mode 100644 index 000..974f23b --- /dev/null +++ b/posted_news/20150901-121137.4.3.0rc4.headline.html @@ -0,0 +1,3 @@ + + 01 September 2015 Samba 4.3.0rc4 Available for Download + -- Samba Website Repository
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via c9ed862 WHATSNEW: Prepare release notes for Samba 4.3.0rc5
via df1bc8b VERSION: Bump version up to 4.3.0rc5...
via a05925b VERSION: Release Samba 4.3.0rc4
via 087e2f2 WHATSNEW: Update release notes for Samba 4.3.0rc3
via 5cf3083 WHATSNEW: mention improved sparse file support
from b9e5d16 ldb:wscript: make it possible to build samba with a system
ldb again
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit c9ed862d73a6c36c7e23f3a320671006fff48f1a
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 1 12:48:40 2015 +0200
WHATSNEW: Prepare release notes for Samba 4.3.0rc5
Signed-off-by: Stefan Metzmacher <me...@samba.org>
commit df1bc8b5c31570e7add72ba82867da122f439f76
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 1 12:46:47 2015 +0200
VERSION: Bump version up to 4.3.0rc5...
...and re-enable git snapshots.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
commit a05925b083bab99cd004b6f1688a4da7127ef98b
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 1 12:46:21 2015 +0200
VERSION: Release Samba 4.3.0rc4
Signed-off-by: Stefan Metzmacher <me...@samba.org>
commit 087e2f28f4db8f891ce799d8c06c6b74dfc78c7c
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 1 11:52:10 2015 +0200
WHATSNEW: Update release notes for Samba 4.3.0rc3
Signed-off-by: Stefan Metzmacher <me...@samba.org>
commit 5cf30835c98b0b43c41680d7a5f14c85d27e5904
Author: David Disseldorp <dd...@samba.org>
Date: Tue Sep 1 11:33:33 2015 +0200
WHATSNEW: mention improved sparse file support
Signed-off-by: David Disseldorp <dd...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
---
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 35 ++-
2 files changed, 35 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 2b6b1ad..8d25539 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
-SAMBA_VERSION_RC_RELEASE=4
+SAMBA_VERSION_RC_RELEASE=5
# To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4150dba..fa9a157 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=
-This is the fourth release candidate of Samba 4.3. This is *not*
+This is the fifth release candidate of Samba 4.3. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -257,6 +257,13 @@ results are more accurate than running the test with an
emulator, because
they reflect the exact kernel and system libraries that exist on the
target.
+Improved Sparse File Support
+
+Support for the FSCTL_SET_ZERO_DATA and FSCTL_QUERY_ALLOCATED_RANGES
+SMB2 requests has been added to the smbd file server.
+This allows for clients to deallocate (hole punch) regions within a
+sparse file, and check which portions of a file are allocated.
+
##
Changes
@@ -290,9 +297,35 @@ KNOWN ISSUES
Currently none.
+CHANGES SINCE 4.2.0rc4
+==
+
+
CHANGES SINCE 4.2.0rc3
==
+o Ralph Boehme <s...@samba.org>
+* Bug 11444: Crash in notify_remove caused by change notify = no
+
+o Günther Deschner <g...@samba.org>
+* Bug 11411: smbtorture does not build when configured
--with-system-mitkrb5
+
+o Volker Lendecke <v...@samba.org>
+* Bug 11455: fix recursion problem in rep_strtoll in lib/replace/replace.c
+* Bug 11464: xid2sid gives inconsistent results
+* Bug 11465: ctdb: Fix the build on FreeBSD 10.1
+
+o Roel van Meer <r...@1afa.com>
+* Bug 11427: nmbd incorrectly matches netbios names as own name
+
+o Stefan Metzmacher <me...@samba.org>
+* Bug 11451: Poor SMB3 encryption performance with AES-GCM
+* Bug 11458: --bundled-libraries=!ldb,!pyldb,!pyldb-util doesn't
+ disable ldb build and install
+
+o Andreas Schneider <a...@samba.org>
+* Bug 9862: Samba "map to guest = Bad uid" doesn't work
+
CHANGES SINCE 4.3.0rc2
==
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag samba-4.3.0rc4 created
The annotated tag, samba-4.3.0rc4 has been created
at 9605e80aa520c46286d4d540b39ca9f1d0b60103 (tag)
tagging a05925b083bab99cd004b6f1688a4da7127ef98b (commit)
replaces samba-4.3.0rc3
tagged by Stefan Metzmacher
on Tue Sep 1 14:08:11 2015 +0200
- Log -
samba: tag release samba-4.3.0rc4
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iD8DBQBV5ZUrbzORW2Vot+oRAhV+AJwLfW5/mSCW+xWwVga0cGWI45PZiwCdF2lC
vSicAClvwneMIAxMUn4U4dc=
=e1zz
-END PGP SIGNATURE-
Andreas Schneider (3):
s3-auth: Fix 'map to guest = Bad Uid' support
s3-auth: Pass nt_username to check_account()
s3-auth: Fix a memory leak in make_server_info_info3()
David Disseldorp (1):
WHATSNEW: mention improved sparse file support
Günther Deschner (2):
s4-torture: don't build the lsa forest trust krb5 tests when building
with MIT Kerberos.
vfs: fix build warning in smb traffic analyzer.
Ralph Boehme (3):
notify: check for valid notify_ctx in notify_remove
selftest: add change notify = no to simpleserver env
selftest: add a check for disabled change notify
Roel van Meer (1):
s3-util: Compare the maximum allowed length of a NetBIOS name
Stefan Metzmacher (17):
VERSION: Bump version up to 4.3.0rc4...
WHATSNEW: Prepare release notes for Samba 4.3.0rc4
s3:vfs_smb_traffic_analyzer: remove samba_ prefix from AES_* function
calls
lib/crypto: add aes_cmac_128 chunked tests
lib/crypto: run all aes_gcm_128 testcases
lib/crypto: verify 0 updates in aes_gcm_128 tests
lib/crypto: add aes_ccm_128 tests
lib/crypto: add optimized helper functions aes_block_{xor,lshift,rshift}()
lib/crypto: optimize aes_cmac_128
lib/crypto: optimize aes_ccm_128
lib/crypto: optimize aes_gcm_128
lib/crypto: make use of aes_test.h in aes_gcm_128_test.c
lib/crypto: sync AES_cfb8_encrypt() from heimdal
lib/crypto: make it possible to use only parts of aes.[ch]
ldb:wscript: make it possible to build samba with a system ldb again
WHATSNEW: Update release notes for Samba 4.3.0rc3
VERSION: Release Samba 4.3.0rc4
Volker Lendecke (14):
replace: Fix bug 11455
ctdb: Fix the build on FreeBSD 10.1
loadparm3: Add lp_wi_scan_global_parametrics()
idmap: Move idmap_init() under the static vars
idmap: Initialize all idmap domains at startup
idmap: Use a range search in idmap_backends_unixid_to_sid
idmap: Remove "domname" from idmap_backends_unixid_to_sid
idmap: Remove "domname" from idmap_uid_to_sid
idmap: Remove "domname" from idmap_gid_to_sid
idmap: Remove dom_name from wbint_Uid2Sid
idmap: Remove dom_name from wbint_Gid2Sid
winbind: Do not look for the domain in wb_uid2sid
winbind: Do not look for the domain in wb_gid2sid
winbind: Remove "have_idmap_config" from winbindd_domain
---
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5aefea8 python/tests: Add more assertions that we get back the
value we expect
via 1f50e19 python/tests: Add tests for 64 bit signed integers
via e6fbeb8 pidl/python: also add a ndr_PyLong_FromLongLong() for
symnetric reasons
via d1416d6 pidl/python: Provide static inline helper function
ndr_PyLong_FromUnsignedLongLong
via c2f4e32 pidl/python: Calculate maximum integer values using a
lookup table
from 88b27eb spoolss: handle SetPrinter for info level 4
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5aefea842528d053b86b50ff2ed9047db1ca4594
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 1 15:00:30 2015 +1200
python/tests: Add more assertions that we get back the value we expect
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Tue Sep 1 17:00:53 CEST 2015 on sn-devel-104
commit 1f50e194517b84ccc8d0208d563e83dabfb2327a
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 1 14:58:20 2015 +1200
python/tests: Add tests for 64 bit signed integers
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit e6fbeb860638ad1113914b9460a618025d950d08
Author: Stefan Metzmacher <me...@samba.org>
Date: Tue Sep 1 10:30:49 2015 +0200
pidl/python: also add a ndr_PyLong_FromLongLong() for symnetric reasons
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit d1416d65a3cc61e4e56d1a43bb634d12f418ba0e
Author: Andrew Bartlett <abart...@samba.org>
Date: Tue Sep 1 14:33:35 2015 +1200
pidl/python: Provide static inline helper function
ndr_PyLong_FromUnsignedLongLong
This should isolate any coverity warnings on 64-bit platforms
(where LONG_MAX is larger than any possible 32 bit value) to
a single spot, or possibly eliminate it.
This is needed for the unsigned 64 bit case, and on 32 bit
systems, as PyInt_FromLong is limited to a signed "long" int.
The compiler should be able to eliminate many of these calls
with the embedded type knowlege.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Signed-off-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit c2f4e324d9c1ced2e1da859594ef67ae9f645919
Author: Andrew Bartlett <abart...@samba.org>
Date: Fri Aug 28 11:46:56 2015 +1200
pidl/python: Calculate maximum integer values using a lookup table
This avoids a << of 64 bits in the unused end of the conditional expression.
This was flagged by Coverity and the fix was suggested by metze.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11429
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
---
Summary of changes:
pidl/lib/Parse/Pidl/Samba4/Python.pm | 67
python/samba/tests/dcerpc/integer.py | 34 +-
2 files changed, 94 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Samba4/Python.pm
b/pidl/lib/Parse/Pidl/Samba4/Python.pm
index ad9ff88..180b6b2 100644
--- a/pidl/lib/Parse/Pidl/Samba4/Python.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/Python.pm
@@ -974,7 +974,7 @@ sub ConvertObjectFromPythonData($$;$)
|uid_t|gid_t)$/x) {
$self->pidl("{");
$self->indent;
- $self->pidl("const unsigned long long uint_max =
(sizeof($target) == 8) ? UINT64_MAX : (unsigned long long)((1ULL <<
(sizeof($target) * 8)) - 1);");
+ $self->pidl("const unsigned long long uint_max =
ndr_sizeof2uintmax(sizeof($target));");
$self->pidl("if (PyLong_Check($cvar)) {");
$self->indent;
$self->pidl("unsigned long long test_var;");
@@ -1025,7 +1025,7 @@ sub ConvertObjectFromPythonData($$;$)
if ($ctype_alias =~ /^(dlong|char|int[0-9]*|time_t)$/x) {
$self->pidl("{");
$self->indent;
- $self->pidl("const long long int_max = (long long)((1ULL <<
(sizeof($target) * 8 - 1)) -
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via c1c5a2e selftest: add a check for disabled change notify
via 8464dcf selftest: add change notify = no to simpleserver env
via e1ad520 notify: check for valid notify_ctx in notify_remove
from 8370cb4 winbind: Remove "have_idmap_config" from winbindd_domain
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit c1c5a2e545de0e581fc1966852cea48526df4771
Author: Ralph Boehme <s...@samba.org>
Date: Wed Aug 12 11:06:15 2015 +0200
selftest: add a check for disabled change notify
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Mon Aug 31 15:50:49 CEST 2015 on sn-devel-104
(cherry picked from commit 770fb8cd07bd047b5206a2a7fe01eb14d9077eea)
Autobuild-User(v4-3-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-3-test): Tue Sep 1 01:38:43 CEST 2015 on sn-devel-104
commit 8464dcfa540c5202254e1ccc09eede598e8afc67
Author: Ralph Boehme <s...@samba.org>
Date: Wed Aug 12 11:35:27 2015 +0200
selftest: add change notify = no to simpleserver env
A subsequent patch will use this env in a torture test.
The aren't any existing tests that make use of change notify, so
disabling change notify in this test environment doesn't impact existing
tests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit b9c561273b60ea8fe1ff047238013e5cc5411c04)
commit e1ad5205c3caba4348d3a3548866dfe490978873
Author: Ralph Boehme <s...@samba.org>
Date: Tue Aug 11 16:49:46 2015 +0200
notify: check for valid notify_ctx in notify_remove
notify_ctx will be NULL when "change notify = no" is set in smb.conf.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Michael Adam <ob...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
(cherry picked from commit 098b8a5110b4e1b873196032098807b7922e232c)
---
Summary of changes:
selftest/target/Samba3.pm | 1 +
source3/selftest/tests.py | 2 +
source3/smbd/notify_msg.c | 5 ++
source4/selftest/tests.py | 4 +-
source4/torture/smb2/notify_disabled.c | 119 +
source4/torture/smb2/smb2.c| 1 +
source4/torture/smb2/wscript_build | 2 +-
7 files changed, 132 insertions(+), 2 deletions(-)
create mode 100644 source4/torture/smb2/notify_disabled.c
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index d48dbec..32f8f3d 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -535,6 +535,7 @@ sub setup_simpleserver($$)
my $simpleserver_options = "
lanman auth = yes
vfs objects = xattr_tdb streams_depot
+ change notify = no
[vfs_aio_fork]
path = $prefix_abs/share
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 1833b9f..be3cf0e 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -386,6 +386,8 @@ for t in tests:
elif t == "local.nss":
for env in ["nt4_dc:local", "ad_member:local", "nt4_member:local",
"ad_dc:local", "ad_dc_ntvfs:local"]:
plansmbtorture4testsuite(t, env, '//$SERVER/tmp
-U$USERNAME%$PASSWORD')
+elif t == "smb2.change_notify_disabled":
+plansmbtorture4testsuite(t, "simpleserver", '//$SERVER/tmp
-U$USERNAME%$PASSWORD')
elif t == "smb2.notify":
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD --signing=required')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp
-U$USERNAME%$PASSWORD --signing=required')
diff --git a/source3/smbd/notify_msg.c b/source3/smbd/notify_msg.c
index 8641983..ea067d0 100644
--- a/source3/smbd/notify_msg.c
+++ b/source3/smbd/notify_msg.c
@@ -183,6 +183,11 @@ NTSTATUS notify_remove(struct notify_context *ctx, void
*private_data)
struct iovec iov[2];
NTSTATUS status;
+ /* see if change notify is enabled at all */
+ if (ctx == NULL) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
for (listel = ctx->list; listel != NULL; listel = listel->ne
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via 8370cb4 winbind: Remove "have_idmap_config" from winbindd_domain
via 4e987b3 winbind: Do not look for the domain in wb_gid2sid
via 9021612 winbind: Do not look for the domain in wb_uid2sid
via 79a1174 idmap: Remove dom_name from wbint_Gid2Sid
via 617687d idmap: Remove dom_name from wbint_Uid2Sid
via 7f4b57e idmap: Remove "domname" from idmap_gid_to_sid
via 92976d0 idmap: Remove "domname" from idmap_uid_to_sid
via 64450da idmap: Remove "domname" from idmap_backends_unixid_to_sid
via 9de5e9b idmap: Use a range search in idmap_backends_unixid_to_sid
via 4fed476 idmap: Initialize all idmap domains at startup
via 56ac018 idmap: Move idmap_init() under the static vars
via ef97c16 loadparm3: Add lp_wi_scan_global_parametrics()
via f484b24 lib/crypto: make it possible to use only parts of aes.[ch]
via 922732a lib/crypto: sync AES_cfb8_encrypt() from heimdal
via 8863034 lib/crypto: make use of aes_test.h in aes_gcm_128_test.c
via d7e5e1e lib/crypto: optimize aes_gcm_128
via e5b015c lib/crypto: optimize aes_ccm_128
via ec84abe lib/crypto: optimize aes_cmac_128
via 3a63317 lib/crypto: add optimized helper functions
aes_block_{xor,lshift,rshift}()
via da29dc5 lib/crypto: add aes_ccm_128 tests
via a4bc721 lib/crypto: verify 0 updates in aes_gcm_128 tests
via 33c7c5a lib/crypto: run all aes_gcm_128 testcases
via 862b204 lib/crypto: add aes_cmac_128 chunked tests
via c3ecf14 s3:vfs_smb_traffic_analyzer: remove samba_ prefix from
AES_* function calls
via 8fc7a9a vfs: fix build warning in smb traffic analyzer.
via ae3c0c8 s3-util: Compare the maximum allowed length of a NetBIOS
name
via aca49d0 s3-auth: Fix a memory leak in make_server_info_info3()
via f5c6c89 s3-auth: Pass nt_username to check_account()
via 3271b5b s3-auth: Fix 'map to guest = Bad Uid' support
from f55942d s4-torture: don't build the lsa forest trust krb5 tests
when building with MIT Kerberos.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit 8370cb4c012ab813c7f19c54686c82a81a03da64
Author: Volker Lendecke <v...@samba.org>
Date: Fri Aug 21 11:25:33 2015 +0200
winbind: Remove "have_idmap_config" from winbindd_domain
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
Autobuild-User(master): Volker Lendecke <v...@samba.org>
Autobuild-Date(master): Mon Aug 24 19:19:31 CEST 2015 on sn-devel-104
(cherry picked from commit 617bc3fe611266b8d3d0fd47b839d4ac8ad73f8f)
Autobuild-User(v4-3-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-3-test): Mon Aug 31 13:23:48 CEST 2015 on sn-devel-104
commit 4e987b39ab6e5e2d5e87282b1008ac49a392c1ae
Author: Volker Lendecke <v...@samba.org>
Date: Wed Aug 19 13:48:17 2015 +0200
winbind: Do not look for the domain in wb_gid2sid
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
(cherry picked from commit b62c7e26b4783cdff11e406e4d75bc2e0fba7933)
commit 9021612c3da01bcd07f9dae5a7f2e5dae80ce59f
Author: Volker Lendecke <v...@samba.org>
Date: Wed Aug 19 13:48:17 2015 +0200
winbind: Do not look for the domain in wb_uid2sid
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
(cherry picked from commit 2387d03b8ae9a471694503677667e623dff8ef88)
commit 79a1174e10715c1fb40766a5be39b9f863991057
Author: Volker Lendecke <v...@samba.org>
Date: Wed Aug 19 13:44:02 2015 +0200
idmap: Remove dom_name from wbint_Gid2Sid
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
(cherry picked from commit 8856555af43848830b7c1e47765d26ce59dfa62b)
commit 617687d0ad075c370999d54e032dbd7adee6537b
Author: Volker Lendecke <v...@samba.org>
Date: Wed Aug 19 13:44:02 2015 +0200
idmap: Remove dom_name from wbint_Uid2Sid
Signed-off-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11464
(cherry picked from commit d4730474da30c707339e21746c27eed5871cfdfe)
commit 7f4b57ebf910d5fc48964e3328d06eaf374750b4
Author: Volker Lendecke <v...@samba.org>
Date: Wed Aug 19 13:34:58 2015 +0200
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated
via 08c s3-util: Compare the maximum allowed length of a NetBIOS
name
via f2a2ac4 s3-auth: Fix a memory leak in make_server_info_info3()
via 175e73d s3-auth: Pass nt_username to check_account()
via 281bd2f s3-auth: Fix 'map to guest = Bad Uid' support
from 7e43c43 s3: winbindd: Fix TALLOC_FREE of uninitialized groups
variable.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -
commit 08c87f7dd2b9f09b85ca7e361046095d2fb5
Author: Roel van Meer <r...@1afa.com>
Date: Tue Aug 4 16:50:43 2015 +0200
s3-util: Compare the maximum allowed length of a NetBIOS name
This fixes a problem where is_myname() returns true if one of our names
is a substring of the specified name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427
Reviewed-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 4e178ed498c594ffcd5592d0b792d47b064b9586)
Autobuild-User(v4-2-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-2-test): Mon Aug 31 12:33:42 CEST 2015 on sn-devel-104
commit f2a2ac4bd9621d2d11e0945fad6143aeaa92536f
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:19:30 2015 +0200
s3-auth: Fix a memory leak in make_server_info_info3()
We call make_server_info(NULL) and it is possible that we do not free
it, because server_info is not allocated on the memory context we pass
to the function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit 6363c0232c2238e1a782e9c22ef762e3ff9b7563)
commit 175e73d006b9166e8edfde1d963ff6d023463d81
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:24:08 2015 +0200
s3-auth: Pass nt_username to check_account()
We set nt_username above but do not use it in this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit e8c76932e4ac192a00afa3b9731f5921c4b37da6)
commit 281bd2fb84fed3965d1201050d7b6cc7338c5fdb
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:11:47 2015 +0200
s3-auth: Fix 'map to guest = Bad Uid' support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit 34965d4d98d172e848e2b96fad8a9e0b99288ba7)
---
Summary of changes:
source3/auth/auth_util.c | 48 +++-
source3/lib/util.c | 2 +-
2 files changed, 36 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1c2cf80..2b355e4 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1349,6 +1349,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
bool username_was_mapped;
struct passwd *pwd;
struct auth_serversupplied_info *result;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
/*
Here is where we should check the list of
@@ -1357,15 +1358,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
*/
if (!sid_compose(_sid, info3->base.domain_sid, info3->base.rid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!sid_compose(_sid, info3->base.domain_sid,
info3->base.primary_gid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
- nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string);
+ nt_username = talloc_strdup(tmp_ctx, info3->base.account_name.string);
if (!nt_username) {
/* If the server didn't give us one, just use the one we sent
* them */
@@ -1392,18 +1395,33 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* this call will try to create the user if necessary */
- nt_status = check_account(mem_ctx, nt_domain, sent_nt_username,
-_username, ,
-_was_mapped);
+ nt_status = check_account(tmp_ctx,
+ nt_domain,
+ nt_username,
+
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 770fb8c selftest: add a check for disabled change notify
via b9c5612 selftest: add change notify = no to simpleserver env
via 098b8a5 notify: check for valid notify_ctx in notify_remove
from c3647ec web_server: Fix server not to segfault on startup
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 770fb8cd07bd047b5206a2a7fe01eb14d9077eea
Author: Ralph Boehme <s...@samba.org>
Date: Wed Aug 12 11:06:15 2015 +0200
selftest: add a check for disabled change notify
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Mon Aug 31 15:50:49 CEST 2015 on sn-devel-104
commit b9c561273b60ea8fe1ff047238013e5cc5411c04
Author: Ralph Boehme <s...@samba.org>
Date: Wed Aug 12 11:35:27 2015 +0200
selftest: add change notify = no to simpleserver env
A subsequent patch will use this env in a torture test.
The aren't any existing tests that make use of change notify, so
disabling change notify in this test environment doesn't impact existing
tests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 098b8a5110b4e1b873196032098807b7922e232c
Author: Ralph Boehme <s...@samba.org>
Date: Tue Aug 11 16:49:46 2015 +0200
notify: check for valid notify_ctx in notify_remove
notify_ctx will be NULL when "change notify = no" is set in smb.conf.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11444
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Reviewed-by: Michael Adam <ob...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
---
Summary of changes:
selftest/target/Samba3.pm | 1 +
source3/selftest/tests.py | 2 +
source3/smbd/notify_msg.c | 5 ++
source4/selftest/tests.py | 4 +-
source4/torture/smb2/notify_disabled.c | 119 +
source4/torture/smb2/smb2.c| 1 +
source4/torture/smb2/wscript_build | 2 +-
7 files changed, 132 insertions(+), 2 deletions(-)
create mode 100644 source4/torture/smb2/notify_disabled.c
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 4638b16..de4346e 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -535,6 +535,7 @@ sub setup_simpleserver($$)
my $simpleserver_options = "
lanman auth = yes
vfs objects = xattr_tdb streams_depot
+ change notify = no
[vfs_aio_fork]
path = $prefix_abs/share
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 58f2190..ecbb368 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -387,6 +387,8 @@ for t in tests:
elif t == "local.nss":
for env in ["nt4_dc:local", "ad_member:local", "nt4_member:local",
"ad_dc:local", "ad_dc_ntvfs:local"]:
plansmbtorture4testsuite(t, env, '//$SERVER/tmp
-U$USERNAME%$PASSWORD')
+elif t == "smb2.change_notify_disabled":
+plansmbtorture4testsuite(t, "simpleserver", '//$SERVER/tmp
-U$USERNAME%$PASSWORD')
elif t == "smb2.notify":
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp
-U$USERNAME%$PASSWORD --signing=required')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp
-U$USERNAME%$PASSWORD --signing=required')
diff --git a/source3/smbd/notify_msg.c b/source3/smbd/notify_msg.c
index 8641983..ea067d0 100644
--- a/source3/smbd/notify_msg.c
+++ b/source3/smbd/notify_msg.c
@@ -183,6 +183,11 @@ NTSTATUS notify_remove(struct notify_context *ctx, void
*private_data)
struct iovec iov[2];
NTSTATUS status;
+ /* see if change notify is enabled at all */
+ if (ctx == NULL) {
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
for (listel = ctx->list; listel != NULL; listel = listel->next) {
if (listel->private_data == private_data) {
DLIST_REMOVE(ctx->list, listel);
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 3bc820c..6c72c34 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -235,7 +235,9 @@ for t in nbt_tests:
# Tests against the NTVFS POSIX backend
ntvfsargs = ["--optio
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via 711131e s3-util: Compare the maximum allowed length of a NetBIOS
name
from 0c640d0 s3-net: use talloc array in share allowedusers
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit 711131ea3df7ab7decc33d035c0b395caadbfe5c
Author: Roel van Meer <r...@1afa.com>
Date: Tue Aug 4 16:50:43 2015 +0200
s3-util: Compare the maximum allowed length of a NetBIOS name
This fixes a problem where is_myname() returns true if one of our names
is a substring of the specified name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427
Reviewed-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 4e178ed498c594ffcd5592d0b792d47b064b9586)
Autobuild-User(v4-1-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-1-test): Mon Aug 31 14:39:49 CEST 2015 on sn-devel-104
---
Summary of changes:
source3/lib/util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 641a67e..0905ca2 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -1194,7 +1194,7 @@ bool is_myname(const char *s)
for (n=0; my_netbios_names(n); n++) {
const char *nbt_name = my_netbios_names(n);
- if (strncasecmp_m(nbt_name, s, strlen(nbt_name)) == 0) {
+ if (strncasecmp_m(nbt_name, s, MAX_NETBIOSNAME_LEN-1) == 0) {
ret=True;
break;
}
--
Samba Shared Repository
Compiler errors on ubuntu 14.04 (svhdx changes)
Hi,
can someone please push this fix?
It's required when using --pick-developer on ubuntu 14.04.
Thanks!
metze
Am 28.08.2015 um 03:20 schrieb Jeremy Allison:
The branch, master has been updated
via e6c234d Move the error handling for svhdx to vfswrap_create to
give VFS module writers a chance to handle RSVD opens if they want to.
from d9166eb lib/crypto: make it possible to use only parts of aes.[ch]
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e6c234d31ad22120d0890b561dac9b456f8f6530
Author: Richard Sharpe rsha...@samba.org
Date: Tue Jul 28 19:08:02 2015 -0700
Move the error handling for svhdx to vfswrap_create to give VFS module
writers a chance to handle RSVD opens if they want to.
Also handle a review comment by Metze.
Signed-off-by: Richard Sharpe rsha...@samba.org
Reviewed-by: Ira Cooper i...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Fri Aug 28 03:19:36 CEST 2015 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_default.c | 16
source3/smbd/smb2_create.c| 7 ---
2 files changed, 16 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 460837c..9ea630a 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -563,6 +563,22 @@ static NTSTATUS vfswrap_create_file(vfs_handle_struct
*handle,
const struct smb2_create_blobs
*in_context_blobs,
struct smb2_create_blobs *out_context_blobs)
{
+ struct smb2_create_blob *svhdx = NULL;
+
+ /*
+ * It might be empty ... and smb2_create_blob_find does not handle that
+ */
+ if (in_context_blobs) {
+ svhdx = smb2_create_blob_find(in_context_blobs,
+ SVHDX_OPEN_DEVICE_CONTEXT);
+ }
+
+ if (svhdx != NULL) {
+ /* SharedVHD is not yet supported */
+ DEBUG(10, (Shared VHD not yet supported,
INVALID_DEVICE_REQUEST\n));
+ return NT_STATUS_INVALID_DEVICE_REQUEST;
+ }
+
return create_file_default(handle-conn, req, root_dir_fid, smb_fname,
access_mask, share_access,
create_disposition, create_options,
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 880ceee..9f14544 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -910,13 +910,6 @@ static struct tevent_req
*smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
}
}
- if (svhdx != NULL) {
- /* SharedVHD is not yet supported */
- tevent_req_nterror(
- req, NT_STATUS_INVALID_DEVICE_REQUEST);
- return tevent_req_post(req, ev);
- }
-
/* these are ignored for SMB2 */
in_create_options = ~(0x10);/* NTCREATEX_OPTIONS_SYNC_ALERT */
in_create_options = ~(0x20);/* NTCREATEX_OPTIONS_ASYNC_ALERT */
From 56edd939fa9299a6e6b62cff2890daed9455d89e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher me...@samba.org
Date: Fri, 28 Aug 2015 14:16:14 +0200
Subject: [PATCH] s3:smb2_create: #if 0 unused variable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This fixes the build on ubuntu 14.04, which failed like this:
[2852/3952] Compiling source3/smbd/smb2_create.c
../source3/smbd/smb2_create.c: In function ‘smbd_smb2_create_send’:
../source3/smbd/smb2_create.c:678:28: error: variable ‘svhdx’ set but not
used [-Werror=unused-but-set-variable]
struct smb2_create_blob *svhdx = NULL;
Signed-off-by: Stefan Metzmacher me...@samba.org
---
source3/smbd/smb2_create.c | 4
1 file changed, 4 insertions(+)
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 9f14544..e151e96 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -675,7 +675,9 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX
*mem_ctx,
struct smb2_lease lease;
struct smb2_lease *lease_ptr = NULL;
ssize_t lease_len = -1;
+#if 0
struct smb2_create_blob *svhdx = NULL;
+#endif
exta = smb2_create_blob_find(in_context_blobs,
SMB2_CREATE_TAG_EXTA);
@@ -689,6 +691,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX
*mem_ctx,
SMB2_CREATE_TAG_TWRP
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via 02d549a replace: Fix bug 11455
from 610de62 WHATSNEW: Prepare release notes for Samba 4.3.0rc4
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit 02d549ab4da7b9689f22dd719bdd8b9d66f61d60
Author: Volker Lendecke v...@samba.org
Date: Tue Aug 18 20:57:27 2015 +0200
replace: Fix bug 11455
Don't call rep_strtoull recursively
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11455
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Autobuild-User(master): Ralph Böhme s...@samba.org
Autobuild-Date(master): Wed Aug 19 11:22:38 CEST 2015 on sn-devel-104
(cherry picked from commit 62d08ea715d1664a7600250abbd1dc83f3a33a4c)
Autobuild-User(v4-3-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-3-test): Mon Aug 24 17:21:13 CEST 2015 on sn-devel-104
---
Summary of changes:
lib/replace/replace.c | 1 +
1 file changed, 1 insertion(+)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 0806ce3..798990a 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -538,6 +538,7 @@ long long int rep_strtoll(const char *str, char **endptr,
int base)
}
#else
#ifdef HAVE_BSD_STRTOLL
+#undef strtoll
long long int rep_strtoll(const char *str, char **endptr, int base)
{
long long int nb = strtoll(str, endptr, base);
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via dcc657a selftest: Add assertion that we actually fix the replPropertyMetaData sort order via 5504502 selftest: Add in steps to re-create this database via a6957ba Update release-4-1-0rc3 to include data using schema modifications via 6122aca ldb: create a cache of known wellknown objects instead of continously searching in the db via c049106 dbcheck: Use set() operations to make dbcheck more efficient via fb88f9c dbcheck: Try to avoid duplicate searches via 2ff9b17 dbcheck: Add additional tests for the attributeID list via 2766bad dbcheck: Add explict tests for unknown and unsorted attributeID values via e3cf25b pidl: Assert that python arrays will not overflow the C array via bed29f3 pydsdb: Allow the full range of uint32_t values for attributeID via 336d411 python/tests: Add tests for integer overflow handling via 5206ccd pidl: Change PIDL to correctly use and validate python integer types via 3faa7dc python: Use an unsigned integer for buf_size, not -1 via 4ef468e dnsserver: Remove incorrect and not required include of ldb_private.h from 617bc3f winbind: Remove have_idmap_config from winbindd_domain https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit dcc657a2219498beac8bde6cbf999ee7cf6acae8 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 3 13:50:08 2015 +1200 selftest: Add assertion that we actually fix the replPropertyMetaData sort order This ensures that the dbcheck rule fixes the sort order (and only fixes the sort order). BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue Aug 25 02:45:58 CEST 2015 on sn-devel-104 commit 5504502aa68f4901f52dc2e8f7ee8b3a9c74546e Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 3 11:25:02 2015 +1200 selftest: Add in steps to re-create this database This may assist if this needs to be changed again BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit a6957ba5da3130994d2f35328aea6f4cd604147a Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 3 11:24:10 2015 +1200 Update release-4-1-0rc3 to include data using schema modifications This allows us to know that the previous patches are correct. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6122acad0f1a7bc23b6f58862c16968e13da979d Author: Matthieu Patou m...@matws.net Date: Mon May 25 09:17:55 2015 -0700 ldb: create a cache of known wellknown objects instead of continously searching in the db Profiling on dbcheck have shown that we spend 10% of the time looking for wellknown objects. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Change-Id: I13ed58e8062d1b7b6179d17b0e7e56f943572c6c Signed-off-by: Matthieu Patou m...@matws.net Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit c049106bf8267b30a9242d2d574661291cced780 Author: Andrew Bartlett abart...@samba.org Date: Mon Jul 27 15:11:56 2015 +1200 dbcheck: Use set() operations to make dbcheck more efficient BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit fb88f9cbd969267aaffa021724cf34087c653ba8 Author: Andrew Bartlett abart...@samba.org Date: Mon Jul 27 15:44:56 2015 +1200 dbcheck: Try to avoid duplicate searches BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 2ff9b171378922e68205d5f0eefd2231607b5b89 Author: Andrew Bartlett abart...@samba.org Date: Tue Jul 28 16:11:54 2015 +1200 dbcheck: Add additional tests for the attributeID list BUG: https://bugzilla.samba.org/show_bug.cgi?id=10973 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 2766bad5ef1e1949746c059c29f179ddae476239 Author: Andrew Bartlett abart...@samba.org Date: Thu Jul 23 16:01:14 2015 +1200 dbcheck: Add explict tests for unknown and unsorted attributeID values Unknown attributeID values would cause an exception previously, and unsorted attributes cause a failure to replicate with Samba 4.2. In commit
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 610de62 WHATSNEW: Prepare release notes for Samba 4.3.0rc4 via 554a887 VERSION: Bump version up to 4.3.0rc4... via 5d9f4f9 VERSION: Release Samba 4.3.0rc3 via 5b3545e WHATSNEW: Update release notes for Samba 4.3.0rc3 from dfa6a2d ctdb-daemon: Correctly process the exit code from failed eventscripts https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit 610de623d9dfe130656fcf03c761192b17f2751e Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 18 12:36:33 2015 +0200 WHATSNEW: Prepare release notes for Samba 4.3.0rc4 Signed-off-by: Stefan Metzmacher me...@samba.org commit 554a887f56fa423c874d45dc447ec80936571e38 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 18 12:31:57 2015 +0200 VERSION: Bump version up to 4.3.0rc4... ...and re-enable git snapshots. Signed-off-by: Stefan Metzmacher me...@samba.org commit 5d9f4f950e5c63d30611e77eb7bc7fcfcf985b82 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 18 12:30:59 2015 +0200 VERSION: Release Samba 4.3.0rc3 Signed-off-by: Stefan Metzmacher me...@samba.org commit 5b3545e4b939990a6d39a13e43cc2ab1f3469345 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 18 12:27:47 2015 +0200 WHATSNEW: Update release notes for Samba 4.3.0rc3 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 37 - 2 files changed, 37 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 32bb725..2b6b1ad 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # - 3.0.0rc1 # -SAMBA_VERSION_RC_RELEASE=3 +SAMBA_VERSION_RC_RELEASE=4 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index a657a9e..4150dba 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the third release candidate of Samba 4.3. This is *not* +This is the fourth release candidate of Samba 4.3. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -126,6 +126,12 @@ Both client and server have support for SMB 3.1.1 now. This is the dialect introduced with Windows 10, it improves the secure negotiation of SMB dialects and features. +There's also a new optinal encryption algorithm aes-gcm-128, +but for now this is only selected as fallback and aes-ccm-128 +is preferred because of the better performance. This might change +in future versions when hardware encryption will be supported. +See https://bugzilla.samba.org/show_bug.cgi?id=11451. + New smbclient subcommands - @@ -284,9 +290,38 @@ KNOWN ISSUES Currently none. +CHANGES SINCE 4.2.0rc3 +== + + CHANGES SINCE 4.3.0rc2 == +o Andrew Bartlett abart...@samba.org +* Bug 11436: samba-tool uncaught exception error +* Bug 10493: revert LDAP extended rule 1.2.840.113556.1.4.1941 + LDAP_MATCHING_RULE_IN_CHAIN changes + +o Ralph Boehme s...@samba.org +* Bug 11278: Stream names with colon don't work with + fruit:encoding = native +* Bug 11426: net share allowedusers crashes + +o Amitay Isaacs ami...@gmail.com +* Bug 11432: Fix crash in nested ctdb banning +* Bug 11434: Cannot build ctdbpmda +* Bug 11431: CTDB's eventscript error handling is broken + +o Stefan Metzmacher me...@samba.org +* Bug 11451: Poor SMB3 encryption performance with AES-GCM (part1) +* Bug 11316: tevent_fd needs to be destroyed before closing the fd + +o Arvid Requate requ...@univention.de +* Bug 11291: NetApp joined to a Samba/ADDC cannot resolve SIDs + +o Martin Schwenke mar...@meltin.net +* Bug 11432: Fix crash in nested ctdb banning + CHANGES SINCE 4.3.0rc1 == -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via a740dca NEWS[4.3.0rc3]: Samba 4.3.0rc3 Available for Download from 817d77e sambaXP-2015-recordings: fix typo in headline html https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit a740dca85e45d9c468fad6ddcec30f9b996e5503 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 18 12:49:06 2015 +0200 NEWS[4.3.0rc3]: Samba 4.3.0rc3 Available for Download Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: posted_news/20150818-104759.4.3.0rc3.body.html | 13 + posted_news/20150818-104759.4.3.0rc3.headline.html | 3 +++ 2 files changed, 16 insertions(+) create mode 100644 posted_news/20150818-104759.4.3.0rc3.body.html create mode 100644 posted_news/20150818-104759.4.3.0rc3.headline.html Changeset truncated at 500 lines: diff --git a/posted_news/20150818-104759.4.3.0rc3.body.html b/posted_news/20150818-104759.4.3.0rc3.body.html new file mode 100644 index 000..18742d1 --- /dev/null +++ b/posted_news/20150818-104759.4.3.0rc3.body.html @@ -0,0 +1,13 @@ +!-- BEGIN: posted_news/20150818-104759.4.3.0rc3.body.html -- +h5a name=4.3.0rc318 August 2015/a/h5 +p class=headlineSamba 4.3.0rc3 Available for Download/p +p +This is the third release candidate of the upcoming Samba 4.3 release series. +/p +p +The uncompressed tarball has been signed using GnuPG (ID 6568B7EA). +The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc3.tar.gz;downloaded now/a. +See a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc3.WHATSNEW.txt;the release notes for more info/a. +/p +!-- END: posted_news/20150818-104759.4.3.0rc3.body.html -- + diff --git a/posted_news/20150818-104759.4.3.0rc3.headline.html b/posted_news/20150818-104759.4.3.0rc3.headline.html new file mode 100644 index 000..76604f0 --- /dev/null +++ b/posted_news/20150818-104759.4.3.0rc3.headline.html @@ -0,0 +1,3 @@ +!-- BEGIN: posted_news/20150818-104759.4.3.0rc3.headline.html -- +li 18 August 2015 a href=#4.3.0rc3Samba 4.3.0rc3 Available for Download/a/li +!-- END: posted_news/20150818-104759.4.3.0rc3.headline.html -- -- Samba Website Repository
[SCM] Samba Shared Repository - branch v4-3-stable updated
release candidate of Samba 4.3. This is *not* +This is the third release candidate of Samba 4.3. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -126,6 +126,12 @@ Both client and server have support for SMB 3.1.1 now. This is the dialect introduced with Windows 10, it improves the secure negotiation of SMB dialects and features. +There's also a new optinal encryption algorithm aes-gcm-128, +but for now this is only selected as fallback and aes-ccm-128 +is preferred because of the better performance. This might change +in future versions when hardware encryption will be supported. +See https://bugzilla.samba.org/show_bug.cgi?id=11451. + New smbclient subcommands - @@ -177,6 +183,80 @@ The tls priority option can be used to change the supported TLS protocols. The default is to disable SSLv3, which is no longer considered secure. +Samba-tool now supports all 7 FSMO roles +--- + +Previously samba-tool fsmo could only show, transfer or seize the +five well-known FSMO roles: + + Schema Master + Domain Naming Master + RID Master + PDC Emulator + Infrastructure Master + +It can now also show, transfer or seize the DNS infrastructure roles: + + DomainDnsZones Infrastructure Master + ForestDnsZones Infrastructure Master + +CTDB logging changes + + +The destination for CTDB logging is now set via a single new +configuration variable CTDB_LOGGING. This replaces CTDB_LOGFILE and +CTDB_SYSLOG, which have both been removed. See ctdbd.conf(5) for +details of CTDB_LOGGING. + +CTDB no longer runs a separate logging daemon. + +CTDB NFS support changes + + +CTDB's NFS service management has been combined into a single 60.nfs +event script. This updated 60.nfs script now uses a call-out to +interact with different NFS implementations. See the CTDB_NFS_CALLOUT +option in the ctdbd.conf(5) manual page for details. A default +call-out is provided to interact with the Linux kernel NFS +implementation. The 60.ganesha event script has been removed - a +sample call-out is provided for NFS Ganesha, based on this script. + +The method of configuring NFS RPC checks has been improved. See +ctdb/config/nfs-checks.d/README for details. + +Improved Cross-Compiling Support + + +A new hybrid build configuration mode is added to improve +cross-compilation support. + +A common challenge in cross-compilation is that of obtaining the results +of tests that have to run on the target, during the configuration +phase of the build. The Samba build system already supports the following +means to do so: + + - Executing configure tests using the --cross-execute parameter + - Obtaining the results from an answers file using the --cross-answers +parameter + +The first method has the drawback of inaccurate results if the tests are +run using an emulator, or a need to be connected to a running target +while building, if the tests are to be run on an actual target. The +second method presents a challenge of figuring out the test results. + +The new hybrid mode runs the tests and records the result in an answer file. +To activate this mode, use both --cross-execute and --cross-answers in the +same configure invocation. This mode can be activated once against a +running target, and then the generated answers file can be used in +subsequent builds. + +Also supplied is an example script that can be used as the +cross-execute program. This script copies the test to a running target +and runs the test on the target, obtaining the result. The obtained +results are more accurate than running the test with an emulator, because +they reflect the exact kernel and system libraries that exist on the +target. + ## Changes @@ -210,7 +290,36 @@ KNOWN ISSUES Currently none. -CHANGES SINCE 4.2.0rc1 +CHANGES SINCE 4.3.0rc2 +== + +o Andrew Bartlett abart...@samba.org +* Bug 11436: samba-tool uncaught exception error +* Bug 10493: revert LDAP extended rule 1.2.840.113556.1.4.1941 + LDAP_MATCHING_RULE_IN_CHAIN changes + +o Ralph Boehme s...@samba.org +* Bug 11278: Stream names with colon don't work with + fruit:encoding = native +* Bug 11426: net share allowedusers crashes + +o Amitay Isaacs ami...@gmail.com +* Bug 11432: Fix crash in nested ctdb banning +* Bug 11434: Cannot build ctdbpmda +* Bug 11431: CTDB's eventscript error handling is broken + +o Stefan Metzmacher me...@samba.org +* Bug 11451: Poor SMB3 encryption performance with AES-GCM (part1) +* Bug 11316: tevent_fd needs to be destroyed before closing the fd + +o Arvid Requate requ
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via dfa6a2d ctdb-daemon: Correctly process the exit code from failed
eventscripts
via 37e126d ctdb-tool: Correctly print timed out event scripts output
from 88c53b8 s3:lib: fix some corner cases of open_socket_out_cleanup()
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit dfa6a2d025e68250b49cb1c27ce69fbcbd7bdde8
Author: Amitay Isaacs ami...@gmail.com
Date: Tue Jul 21 16:37:04 2015 +1000
ctdb-daemon: Correctly process the exit code from failed eventscripts
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11431
Signed-off-by: Amitay Isaacs ami...@gmail.com
Reviewed-by: Martin Schwenke mar...@meltin.net
Autobuild-User(master): Martin Schwenke mart...@samba.org
Autobuild-Date(master): Wed Jul 22 15:03:53 CEST 2015 on sn-devel-104
(cherry picked from commit 00ec3c477eba50206801b451ae4eb64c12aba5db)
Autobuild-User(v4-3-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-3-test): Tue Aug 18 10:55:54 CEST 2015 on sn-devel-104
commit 37e126daf941fd577290e34ac580b5ae0cc4a674
Author: Amitay Isaacs ami...@gmail.com
Date: Mon Jul 20 16:37:58 2015 +1000
ctdb-tool: Correctly print timed out event scripts output
The timed out error is ignored for certain events (start_recovery,
recoverd, takeip, releaseip). If these events time out, then the debug
hung script outputs the following:
3 scripts were executed last releaseip cycle
00.ctdb Status:OKDuration:4.381 Thu Jul 16 23:45:24 2015
01.reclock Status:OKDuration:13.422 Thu Jul 16 23:45:28 2015
10.external Status:DISABLED
10.interface Status:OKDuration:-1437083142.208 Thu Jul 16
23:45:42 2015
The endtime for timed out scripts is not set. Since the status is not
returned as -ETIME for some events, ctdb scriptstatus prints -ve duration.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11431
Signed-off-by: Amitay Isaacs ami...@gmail.com
Reviewed-by: Martin Schwenke mar...@meltin.net
(cherry picked from commit 71b89b2b7a9768de437347e6678370b2682da892)
---
Summary of changes:
ctdb/server/ctdb_event_helper.c | 6 +-
ctdb/tools/ctdb.c | 8
2 files changed, 13 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/ctdb/server/ctdb_event_helper.c b/ctdb/server/ctdb_event_helper.c
index f14e336..a1b5318 100644
--- a/ctdb/server/ctdb_event_helper.c
+++ b/ctdb/server/ctdb_event_helper.c
@@ -128,7 +128,11 @@ int main(int argc, char *argv[])
exit(1);
}
if (WIFEXITED(status)) {
- output = -WEXITSTATUS(status);
+ output = WEXITSTATUS(status);
+ /* Only errors should be returned as -ve values */
+ if (output == ENOENT || output == ENOEXEC) {
+ output = -output;
+ }
sys_write(write_fd, output, sizeof(output));
exit(0);
}
diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c
index 4734b26..c6da621 100644
--- a/ctdb/tools/ctdb.c
+++ b/ctdb/tools/ctdb.c
@@ -1424,6 +1424,14 @@ static int control_one_scriptstatus(struct ctdb_context
*ctdb,
for (i=0; iscript_status-num_scripts; i++) {
const char *status = NULL;
+ /* The ETIME status is ignored for certain events.
+* In that case the status is 0, but endtime is not set.
+*/
+ if (script_status-scripts[i].status == 0
+ timeval_is_zero(script_status-scripts[i].finished)) {
+ script_status-scripts[i].status = -ETIME;
+ }
+
switch (script_status-scripts[i].status) {
case -ETIME:
status = TIMEDOUT;
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated
via b688f57 s4:rpc_server/netlogon: fix bugs in
dcesrv_netr_DsRGetDCNameEx2()
from 75e2768 ctdb-daemon: Correctly process the exit code from failed
eventscripts
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -
commit b688f57ba0f1cbaf65dbe81075848ed7aeba702f
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 22 11:22:25 2015 +
s4:rpc_server/netlogon: fix bugs in dcesrv_netr_DsRGetDCNameEx2()
We should return the our ip address the client is connected too.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
(cherry picked from commit 459d1d3fb9a5282d19121eaacba9d611896b37ff)
Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-2-test): Tue Aug 18 19:15:43 CEST 2015 on sn-devel-104
---
Summary of changes:
source4/rpc_server/netlogon/dcerpc_netlogon.c | 22 ++
1 file changed, 14 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c
b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 3ea26e2..b2f0073 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1828,15 +1828,16 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call,
struct ldb_context *sam_ctx;
struct netr_DsRGetDCNameInfo *info;
struct loadparm_context *lp_ctx = dce_call-conn-dce_ctx-lp_ctx;
+ const struct tsocket_address *local_address;
+ char *local_addr = NULL;
const struct tsocket_address *remote_address;
- char *addr = NULL;
+ char *remote_addr = NULL;
const char *server_site_name;
char *guid_str;
struct netlogon_samlogon_response response;
NTSTATUS status;
const char *dc_name = NULL;
const char *domain_name = NULL;
- struct interface *ifaces;
const char *pdc_ip;
ZERO_STRUCTP(r-out.info);
@@ -1847,10 +1848,16 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call,
return WERR_DS_UNAVAILABLE;
}
+ local_address = dcesrv_connection_get_local_address(dce_call-conn);
+ if (tsocket_address_is_inet(local_address, ip)) {
+ local_addr = tsocket_address_inet_addr_string(local_address,
mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(local_addr);
+ }
+
remote_address = dcesrv_connection_get_remote_address(dce_call-conn);
if (tsocket_address_is_inet(remote_address, ip)) {
- addr = tsocket_address_inet_addr_string(remote_address,
mem_ctx);
- W_ERROR_HAVE_NO_MEMORY(addr);
+ remote_addr = tsocket_address_inet_addr_string(remote_address,
mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(remote_addr);
}
/* server_unc is ignored by w2k3 */
@@ -1908,7 +1915,7 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call,
r-in.domain_name,
NULL, guid_str,
r-in.client_account,
-r-in.mask, addr,
+r-in.mask, remote_addr,
NETLOGON_NT_VERSION_5EX_WITH_IP,
lp_ctx, response, true);
if (!NT_STATUS_IS_OK(status)) {
@@ -1956,12 +1963,11 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call,
info = talloc(mem_ctx, struct netr_DsRGetDCNameInfo);
W_ERROR_HAVE_NO_MEMORY(info);
info-dc_unc = talloc_asprintf(mem_ctx, %s%s,
- dc_name[0] == '\\'? :,
+ dc_name[0] != '\\'? :,
talloc_strdup(mem_ctx, dc_name));
W_ERROR_HAVE_NO_MEMORY(info-dc_unc);
- load_interface_list(mem_ctx, lp_ctx, ifaces);
- pdc_ip = iface_list_best_ip(ifaces, addr);
+ pdc_ip = local_addr;
if (pdc_ip == NULL) {
pdc_ip = 127.0.0.1;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag samba-4.3.0rc3 created
The annotated tag, samba-4.3.0rc3 has been created at d9dba7b73405b961046f4b0ac9da5e020ea0ddb0 (tag) tagging 5d9f4f950e5c63d30611e77eb7bc7fcfcf985b82 (commit) replaces samba-4.3.0rc2 tagged by Stefan Metzmacher on Tue Aug 18 12:44:21 2015 +0200 - Log - samba: tag release samba-4.3.0rc3 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iD8DBQBV0wyFbzORW2Vot+oRAotpAKCzNRTGsDKS75hG/r3hJ5VLed3UKACdEu7E RiUBLnzM/ct8INAPtGddw6c= =1Gze -END PGP SIGNATURE- Amitay Isaacs (4): ctdb-banning: If node is already banned, do not run ctdb_local_node_got_banned() ctdb-pmda: Add missing prototype declaration for non-static function ctdb-tool: Correctly print timed out event scripts output ctdb-daemon: Correctly process the exit code from failed eventscripts Andrew Bartlett (3): python:samba/upgrade.py Fix format string syntax in error condition Revert dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN Revert ldb-samba: Implement transitive extended matching Arvid Requate (1): s4:rpc_server/netlogon: Fix for NetApp Martin Schwenke (2): WHATSNEW: Document CTDB logging and NFS changes ctdb-daemon: Check if updates are in flight when releasing all IPs Ralph Boehme (5): vfs_streams_xattr: stream names may contain colons vfs_catia: run translation on stream names s4:torture:vfs_fruit: pass xattr name as arg to torture_setup_local_xattr() s4:torture:vfs_fruit: add a test for stream names s3-net: use talloc array in share allowedusers Rowland Penny (1): WHATSNEW: add a section about samba-tool fsmo Stefan Metzmacher (11): VERSION: Bump version up to 4.3.0rc3... WHATSNEW: Prepare release notes for Samba 4.3.0rc3 WHATSNEW: fix version numbers script/release.sh: This is a new script to do releases script/librelease.sh: this is replaced by script/release.sh now release-scripts/build-manpages-nogit: run make realdistclean at the end libcli/smb: prefer AES128_CCM s3:smb2_negprot: prefer AES128_CCM if the client supports it s3:lib: fix some corner cases of open_socket_out_cleanup() WHATSNEW: Update release notes for Samba 4.3.0rc3 VERSION: Release Samba 4.3.0rc3 Uri Simchoni (1): WHATSNEW: Add description of improved cross-compilation support --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via 75e2768 ctdb-daemon: Correctly process the exit code from failed eventscripts via bbaef4d ctdb-daemon: Improve error handling for running event scripts via 0d36fba ctdb-tool: Correctly print timed out event scripts output via 1f7e86d s3:lib: fix some corner cases of open_socket_out_cleanup() via 7ad714e lib: Fix rundown of open_socket_out() from e9d22f1 s4:torture:vfs_fruit: add a test for stream names https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log - commit 75e2768a08f4d53644d1f1f6a1a348f811440358 Author: Amitay Isaacs ami...@gmail.com Date: Tue Jul 21 16:37:04 2015 +1000 ctdb-daemon: Correctly process the exit code from failed eventscripts BUG: https://bugzilla.samba.org/show_bug.cgi?id=11431 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net Autobuild-User(master): Martin Schwenke mart...@samba.org Autobuild-Date(master): Wed Jul 22 15:03:53 CEST 2015 on sn-devel-104 (cherry picked from commit 00ec3c477eba50206801b451ae4eb64c12aba5db) Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-2-test): Tue Aug 18 15:55:44 CEST 2015 on sn-devel-104 commit bbaef4d48ed9f835a00cdff57b5282835af45f3d Author: Amitay Isaacs ami...@gmail.com Date: Thu Nov 13 11:02:26 2014 +1100 ctdb-daemon: Improve error handling for running event scripts BUG: https://bugzilla.samba.org/show_bug.cgi?id=11431 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net Autobuild-User(master): Martin Schwenke mart...@samba.org Autobuild-Date(master): Fri Nov 14 03:06:12 CET 2014 on sn-devel-104 (cherry picked from commit d04bfc6ec6ad7a4749ebfee2284253c4a91a81aa) commit 0d36fbabdc2457cdea80e18ca224232317142b06 Author: Amitay Isaacs ami...@gmail.com Date: Mon Jul 20 16:37:58 2015 +1000 ctdb-tool: Correctly print timed out event scripts output The timed out error is ignored for certain events (start_recovery, recoverd, takeip, releaseip). If these events time out, then the debug hung script outputs the following: 3 scripts were executed last releaseip cycle 00.ctdb Status:OKDuration:4.381 Thu Jul 16 23:45:24 2015 01.reclock Status:OKDuration:13.422 Thu Jul 16 23:45:28 2015 10.external Status:DISABLED 10.interface Status:OKDuration:-1437083142.208 Thu Jul 16 23:45:42 2015 The endtime for timed out scripts is not set. Since the status is not returned as -ETIME for some events, ctdb scriptstatus prints -ve duration. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11431 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net (cherry picked from commit 71b89b2b7a9768de437347e6678370b2682da892) commit 1f7e86d813293a36e1f84bc4983c8cbb528cfc71 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 14 12:54:00 2015 +0200 s3:lib: fix some corner cases of open_socket_out_cleanup() In case of timeouts we retry the async_connect_send() and forgot to remember it, this results in an abort() in async_connect_cleanup() as the fd is already closed when calling fcntl(F_SETFL). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit ce3c77fb45ccf4d45a0fa655325e30e748d89245) commit 7ad714e2eb4758edbbdd774db2af3287c41c6eba Author: Volker Lendecke v...@samba.org Date: Mon Jun 29 19:00:55 2015 +0200 lib: Fix rundown of open_socket_out() Under valgrind I've seen the abort in async_connect_cleanup kick in. Yes, it's good that we check these return codes! Bug: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan (metze) Metzmacher me...@samba.org Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Tue Jun 30 20:24:37 CEST 2015 on sn-devel-104 (cherry picked from commit 6fc65aaf956f35e2068e2a6f8521af2f2351d31e) --- Summary of changes: ctdb/server/ctdb_event_helper.c | 44 ++--- ctdb/server/eventscript.c | 10 +++-- ctdb/tools/ctdb.c | 8 +++ source3/lib/util_sock.c | 48 ++--- 4 files changed, 83 insertions(+), 27 deletions(-) Changeset truncated at 500 lines: diff --git a/ctdb/server/ctdb_event_helper.c b/ctdb/server/ctdb_event_helper.c index 9ff763c..a1b5318
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via e9d22f1 s4:torture:vfs_fruit: add a test for stream names via d6ed2f9 s4:torture:vfs_fruit: pass xattr name as arg to torture_setup_local_xattr() via 7ed25fc vfs_catia: run translation on stream names via b827f28 vfs_streams_xattr: stream names may contain colons via 34fc0cd s4:torture:vfs_fruit: copyfile via 9f7ca62 vfs:fruit: implement copyfile style copy_chunk via bb56c5f smb2:ioctl: support for OS X AAPL copyfile style copy_chunk via 9923741 s3:util: add internal function for transfer_file that uses pread/pwrite from baf5328 ctdb-build: Fix building of PCP PMDA module https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log - commit e9d22f1efd008445f56aadf1f4f0b43c5ef2399b Author: Ralph Boehme s...@samba.org Date: Sun May 10 11:58:32 2015 +0200 s4:torture:vfs_fruit: add a test for stream names Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 7258061e5e9cd4b68f1c010c3667c3fd2b0663cc) Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-2-test): Tue Aug 18 01:07:03 CEST 2015 on sn-devel-104 commit d6ed2f96e7a08ffbafc0c680aca7b3d94cb1747f Author: Ralph Boehme s...@samba.org Date: Thu Aug 6 13:48:54 2015 +0200 s4:torture:vfs_fruit: pass xattr name as arg to torture_setup_local_xattr() Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit fe4909f1cab72f80715a996a63290462102aabc6) commit 7ed25fca4376d29b2fdd21fdb9f996fe313427a8 Author: Ralph Boehme s...@samba.org Date: Sat May 9 15:12:41 2015 +0200 vfs_catia: run translation on stream names With vfs_fruit option fruit:encoding = native we're already converting stream names that contain illegal NTFS characters from their on-the-wire Unicode Private Range encoding to their native ASCII representation. Unfortunately the reverse mapping for stream names was not perfomed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 1db11998bf1b0eef5f543377700b03ab8739338d) commit b827f2821c75c000a1aa11b74abeffa1369d44f7 Author: Ralph Boehme s...@samba.org Date: Sat May 9 15:02:03 2015 +0200 vfs_streams_xattr: stream names may contain colons With vfs_fruit option fruit:encoding = native we're already converting stream names that contain illegal NTFS characters from their on-the-wire Unicode Private Range encoding to their native ASCII representation. As as result the name of xattrs storing the streams (via vfs_streams_xattr) may contain a colon, so we have to use strrchr_m() instead of strchr_m() for matching the stream type suffix. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit fb9a64ea37dd4b0cd754fe6d421417a4c8ccbc57) commit 34fc0cd146aaa0ead8c9e9c0ca4d7b0a6da6924f Author: Ralph Boehme s...@samba.org Date: Wed Jun 10 15:30:04 2015 +0200 s4:torture:vfs_fruit: copyfile Bug: https://bugzilla.samba.org/show_bug.cgi?id=11317 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 43820da1ca2ae09a030a510f42fc1b5d848f7fcc) commit 9f7ca62453ac6c1edc1ce855352529fa3434e6d0 Author: Ralph Boehme s...@samba.org Date: Wed Apr 22 22:29:16 2015 +0200 vfs:fruit: implement copyfile style copy_chunk Implement Apple's special copy_chunk ioctl that requests a copy of the whole file along with all attached metadata. These copy_chunk requests have a chunk count of 0 that we translate to a copy_chunk_send VFS call overloading the parameters src_off = dest_off = num = 0. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11317 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit e34c879471fe6a4a5c88144394bf621e910cc82b) commit bb56c5f0aa938c34693402ce3f082b3a9c3c0465 Author: Ralph Boehme s...@samba.org Date: Wed Apr 22 22:29:16 2015 +0200 smb2:ioctl: support for OS X AAPL copyfile style copy_chunk Apple's special copy_chunk ioctl that requests a copy of the whole file along with all attached metadata. These copy_chunk requests have a chunk count of 0 that we translate to a copy_chunk_send VFS call overloading the parameters src_off = dest_off = num = 0
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 88c53b8 s3:lib: fix some corner cases of open_socket_out_cleanup() via 2aff77c s3:smb2_negprot: prefer AES128_CCM if the client supports it via ef11f8d libcli/smb: prefer AES128_CCM via 9da9cf5 release-scripts/build-manpages-nogit: run make realdistclean at the end via 6fc5d55 Revert ldb-samba: Implement transitive extended matching via 3f5cd1f Revert dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN from ec7f97c ctdb-pmda: Add missing prototype declaration for non-static function https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit 88c53b84aeb492f95d4913600eab2fc22eceb515 Author: Stefan Metzmacher me...@samba.org Date: Fri Aug 14 12:54:00 2015 +0200 s3:lib: fix some corner cases of open_socket_out_cleanup() In case of timeouts we retry the async_connect_send() and forgot to remember it, this results in an abort() in async_connect_cleanup() as the fd is already closed when calling fcntl(F_SETFL). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit ce3c77fb45ccf4d45a0fa655325e30e748d89245) Autobuild-User(v4-3-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-3-test): Tue Aug 18 01:35:44 CEST 2015 on sn-devel-104 commit 2aff77c172de0b87553cc2754f22af6613b9288c Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 17 08:56:43 2015 +0200 s3:smb2_negprot: prefer AES128_CCM if the client supports it Callgrind showed that we use 28,165,720,719 cpu cycles to send a 100MB file to a client using aes-ccm. With aes-gcm this is raises up to 723,094,413,831 cpu cycles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Ralph Boehme s...@samba.org (cherry picked from commit bd0ec51cfca2b3baed60d304125079c74815073a) commit ef11f8d2674b750c35456379db17d55d8744cd3c Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 17 08:56:43 2015 +0200 libcli/smb: prefer AES128_CCM Callgrind showed that we use 28,165,720,719 cpu cycles to send a 100MB file to a client using aes-ccm. With aes-gcm this is raises up to 723,094,413,831 cpu cycles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Ralph Boehme s...@samba.org (cherry picked from commit 05dbd3b47a728acada971b545df458ae0e082ec5) commit 9da9cf524a03bce8f54aed31ad4317d42a884e1f Author: Stefan Metzmacher me...@samba.org Date: Sat Aug 15 10:59:45 2015 +0200 release-scripts/build-manpages-nogit: run make realdistclean at the end Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Ralph Boehme s...@samba.org (cherry picked from commit b2986dcb1dca6b3c46beb8c003aede18874c813c) commit 6fc5d559e1354b88ae3fc01c8c6e27d83cc0c8c8 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 17 16:03:10 2015 +1200 Revert ldb-samba: Implement transitive extended matching This reverts commit 2a22ba34cd6f28950246b54c6577c922c61f4fdb. selftest/knownfail entries are added to ensure 'make test' continues to pass BUG: https://bugzilla.samba.org/show_bug.cgi?id=10493 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit dc2d5ccd56ff8c59f3686a652ec3082069914bb4) commit 3f5cd1fd088e26879843354f1a3eba8041f41129 Author: Andrew Bartlett abart...@samba.org Date: Mon Aug 17 16:09:35 2015 +1200 Revert dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN This reverts commit 1a012d591bca727b5cabacf6455d2009afb16bd7. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10493 Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 8cacd5b8113fa30fb4ccaaf3193839660feb285f) --- Summary of changes: lib/ldb-samba/ldb_matching_rules.c | 338 lib/ldb-samba/ldb_matching_rules.h | 28 -- lib/ldb-samba/ldif_handlers.c | 6 - lib/ldb-samba/wscript_build | 2 +- libcli/smb/smbXcli_base.c | 8 +- release-scripts/build-manpages-nogit| 4 + selftest/knownfail | 13 + source3/lib/util_sock.c | 3 + source3/smbd/smb2_negprot.c | 18 +- source4/dsdb/samdb/ldb_modules/extended_dn_in.c | 4 +- 10 files changed
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via 0c640d0 s3-net: use talloc array in share allowedusers
from 49e39b0 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit 0c640d097fe6f83f3585d76f875c5fb0cade26af
Author: Ralph Boehme s...@samba.org
Date: Tue Aug 4 11:18:34 2015 +0200
s3-net: use talloc array in share allowedusers
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11426
Signed-off-by: Ralph Boehme s...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Ralph Böhme s...@samba.org
Autobuild-Date(master): Tue Aug 4 16:48:36 CEST 2015 on sn-devel-104
(cherry picked from commit 95eb6db580678a29b1f5f30a9567ea449a43d75a)
Autobuild-User(v4-1-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-1-test): Mon Aug 17 20:01:19 CEST 2015 on sn-devel-104
---
Summary of changes:
source3/utils/net_rpc.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index c5c4d6c..48c85c2 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -4342,10 +4342,25 @@ static struct full_alias *server_aliases;
/*
* Add an alias to the static list.
*/
-static void push_alias(TALLOC_CTX *mem_ctx, struct full_alias *alias)
+static void push_alias(struct full_alias *alias)
{
- if (server_aliases == NULL)
- server_aliases = SMB_MALLOC_ARRAY(struct full_alias, 100);
+ size_t array_size;
+
+ if (server_aliases == NULL) {
+ server_aliases = talloc_array(NULL, struct full_alias, 100);
+ if (server_aliases == NULL) {
+ smb_panic(talloc_array failed);
+ }
+ }
+
+ array_size = talloc_array_length(server_aliases);
+ if (array_size == num_server_aliases) {
+ server_aliases = talloc_realloc(NULL, server_aliases,
+ struct full_alias, array_size +
100);
+ if (server_aliases == NULL) {
+ smb_panic(talloc_realloc failed);
+ }
+ }
server_aliases[num_server_aliases] = *alias;
num_server_aliases += 1;
@@ -4454,7 +4469,7 @@ static NTSTATUS rpc_fetch_domain_aliases(struct
rpc_pipe_client *pipe_hnd,
sid_compose(alias.sid, domain_sid,
groups-entries[i].idx);
- push_alias(mem_ctx, alias);
+ push_alias(alias);
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
@@ -5084,6 +5099,7 @@ static NTSTATUS rpc_share_allowedusers_internals(struct
net_context *c,
free_user_token(tokens[i].token);
}
SAFE_FREE(tokens);
+ TALLOC_FREE(server_aliases);
return nt_status;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via baf5328 ctdb-build: Fix building of PCP PMDA module via a156ca8 ctdb-daemon: Check if updates are in flight when releasing all IPs via 864ca13 ctdb-banning: If node is already banned, do not run ctdb_local_node_got_banned() via dc65591 s3-net: use talloc array in share allowedusers via 65f09ac s4:rpc_server/netlogon: Fix for NetApp from 98ac8fc s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log - commit baf532857f534f659bfa28f6110a0cf97fc987e6 Author: Martin Schwenke mar...@meltin.net Date: Thu Jun 25 15:06:27 2015 +1000 ctdb-build: Fix building of PCP PMDA module Signed-off-by: Martin Schwenke mar...@meltin.net Reviewed-by: Amitay Isaacs ami...@gmail.com (cherry picked from commit 1e13455d7e9d668b426427e8bdebc73328e50d92) Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-2-test): Mon Aug 17 20:39:02 CEST 2015 on sn-devel-104 commit a156ca8113f3c0eeb0e1045ef3589fadfe773152 Author: Martin Schwenke mar...@meltin.net Date: Fri Jul 24 15:32:42 2015 +1000 ctdb-daemon: Check if updates are in flight when releasing all IPs Some code involved in releasing IPs is not re-entrant. Memory corruption can occur if, for example, overlapping attempts are made to ban a node. We haven't been able to recreate the corruption but this should protect against it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11432 Signed-off-by: Martin Schwenke mar...@meltin.net Reviewed-by: Amitay Isaacs ami...@gmail.com (cherry picked from commit 952a50485f68b3cffdf57da84aa9bb9fde630b7e) commit 864ca138b0d0b83c570f6d519835a319ccd1f7e4 Author: Amitay Isaacs ami...@gmail.com Date: Mon Jul 27 16:51:08 2015 +1000 ctdb-banning: If node is already banned, do not run ctdb_local_node_got_banned() This calls release_all_ips() only once on the first ban. If the node gets banned again due to event script timeout while running release_all_ips(), then avoid calling release_all_ips() in re-entrant fashion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11432 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net (cherry picked from commit 8eb04d09b119e234c88150e1dc35fc5057f9c926) commit dc65591c9ada6df1c93403eaaeee6e389cefecb1 Author: Ralph Boehme s...@samba.org Date: Tue Aug 4 11:18:34 2015 +0200 s3-net: use talloc array in share allowedusers Bug: https://bugzilla.samba.org/show_bug.cgi?id=11426 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Ralph Böhme s...@samba.org Autobuild-Date(master): Tue Aug 4 16:48:36 CEST 2015 on sn-devel-104 (cherry picked from commit 95eb6db580678a29b1f5f30a9567ea449a43d75a) commit 65f09ac77c78e653fc96b0c294d1cad9a6fab661 Author: Arvid Requate requ...@univention.de Date: Thu Aug 6 15:00:25 2015 +0200 s4:rpc_server/netlogon: Fix for NetApp This patch fixes an issue where NetApp filers joined to a Samba/ADDC cannot resolve SIDs. Without this patch the issue can only be avoided by setting allow nt4 crypto = yes in smb.conf. The issue is triggered by NetApp filers in three steps: 1. The client calls netr_ServerReqChallenge to set up challenge tokens 2. Next it calls netr_ServerAuthenticate2 with NETLOGON_NEG_STRONG_KEYS set to 0. Native AD and Samba respond to this with NT_STATUS_DOWNGRADE_DETECTED. At this point Samba throws away the challenge token negotiated in the first step. 3. Next the client calls netr_ServerAuthenticate2 again, this time with NETLOGON_NEG_STRONG_KEYS set to 1. Samba returns NT_STATUS_ACCESS_DENIED as it has lost track of the challenge and denies logon with the message No challenge requested by client [CLNT1/CLNT1$], cannot authenticate Git commit 321ebc99b5a00f82265aee741a48aa84b214d6e8 introduced a workaround for a different but related issue. This patch makes a minor adjustment to that commit to delay flushing the cached challenge until it's clear that we are not in a NT_STATUS_DOWNGRADE_DETECTED situation. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11291 Signed-off-by: Arvid Requate requ...@univention.de Reviewed-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Aug 6 20:29:04 CEST 2015 on sn-devel-104 (cherry picked from commit d3ac3da98611e665dc0f4e825faa5f12f6c848ef
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via ec7f97c ctdb-pmda: Add missing prototype declaration for non-static function via d0c4863 ctdb-daemon: Check if updates are in flight when releasing all IPs via 3c7f3e7 ctdb-banning: If node is already banned, do not run ctdb_local_node_got_banned() via b37340b s3-net: use talloc array in share allowedusers via 0c7e786 s4:torture:vfs_fruit: add a test for stream names via 3c1e7cb s4:torture:vfs_fruit: pass xattr name as arg to torture_setup_local_xattr() via 047cbb3 vfs_catia: run translation on stream names via fe55c949 vfs_streams_xattr: stream names may contain colons via 977be7b python:samba/upgrade.py Fix format string syntax in error condition via 20d00d3 s4:rpc_server/netlogon: Fix for NetApp from 1d3e6b5 WHATSNEW: Add description of improved cross-compilation support https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit ec7f97cb4145d24d2fbc09fa6aff63c5cac6eed4 Author: Amitay Isaacs ami...@gmail.com Date: Mon Aug 3 15:36:06 2015 +1000 ctdb-pmda: Add missing prototype declaration for non-static function BUG: https://bugzilla.samba.org/show_bug.cgi?id=11434 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net (cherry picked from commit 6538ba5243a043bc727039a16a7a9d5d8027fa06) Autobuild-User(v4-3-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-3-test): Mon Aug 17 21:14:21 CEST 2015 on sn-devel-104 commit d0c48632d2268ac2978f3ceca0e5215e06d17d25 Author: Martin Schwenke mar...@meltin.net Date: Fri Jul 24 15:32:42 2015 +1000 ctdb-daemon: Check if updates are in flight when releasing all IPs Some code involved in releasing IPs is not re-entrant. Memory corruption can occur if, for example, overlapping attempts are made to ban a node. We haven't been able to recreate the corruption but this should protect against it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11432 Signed-off-by: Martin Schwenke mar...@meltin.net Reviewed-by: Amitay Isaacs ami...@gmail.com (cherry picked from commit 952a50485f68b3cffdf57da84aa9bb9fde630b7e) commit 3c7f3e7b989b1bae03c2f6de18b6359f2f6e313e Author: Amitay Isaacs ami...@gmail.com Date: Mon Jul 27 16:51:08 2015 +1000 ctdb-banning: If node is already banned, do not run ctdb_local_node_got_banned() This calls release_all_ips() only once on the first ban. If the node gets banned again due to event script timeout while running release_all_ips(), then avoid calling release_all_ips() in re-entrant fashion. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11432 Signed-off-by: Amitay Isaacs ami...@gmail.com Reviewed-by: Martin Schwenke mar...@meltin.net (cherry picked from commit 8eb04d09b119e234c88150e1dc35fc5057f9c926) commit b37340bc50538b027a4c2804e2b1de574ef03856 Author: Ralph Boehme s...@samba.org Date: Tue Aug 4 11:18:34 2015 +0200 s3-net: use talloc array in share allowedusers Bug: https://bugzilla.samba.org/show_bug.cgi?id=11426 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Ralph Böhme s...@samba.org Autobuild-Date(master): Tue Aug 4 16:48:36 CEST 2015 on sn-devel-104 (cherry picked from commit 95eb6db580678a29b1f5f30a9567ea449a43d75a) commit 0c7e786cfaf8f06b56042a4fb4dc6a7779bcd53b Author: Ralph Boehme s...@samba.org Date: Sun May 10 11:58:32 2015 +0200 s4:torture:vfs_fruit: add a test for stream names Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 7258061e5e9cd4b68f1c010c3667c3fd2b0663cc) commit 3c1e7cb2244172b12c6bb93598826466f7e1bf5b Author: Ralph Boehme s...@samba.org Date: Thu Aug 6 13:48:54 2015 +0200 s4:torture:vfs_fruit: pass xattr name as arg to torture_setup_local_xattr() Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off-by: Ralph Boehme s...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit fe4909f1cab72f80715a996a63290462102aabc6) commit 047cbb35e2b289d46f6f82bab76658114adac51f Author: Ralph Boehme s...@samba.org Date: Sat May 9 15:12:41 2015 +0200 vfs_catia: run translation on stream names With vfs_fruit option fruit:encoding = native we're already converting stream names that contain illegal NTFS characters from their on-the-wire Unicode Private Range encoding to their native ASCII representation. Unfortunately the reverse mapping for stream names was not perfomed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11278 Signed-off
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 1d3e6b5 WHATSNEW: Add description of improved cross-compilation support via f8b5de9 WHATSNEW: Document CTDB logging and NFS changes via 4fb42e8 WHATSNEW: add a section about samba-tool fsmo from e408235 script/librelease.sh: this is replaced by script/release.sh now https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit 1d3e6b5c2fb7f29fac411259c58f47110c98001b Author: Uri Simchoni urisimch...@gmail.com Date: Mon Aug 10 12:37:09 2015 +0300 WHATSNEW: Add description of improved cross-compilation support Signed-off-by: Uri Simchoni urisimch...@gmail.com Reviewed-by: Stefan Metzmacher me...@samba.org commit f8b5de91379d44ca717f4c2fe7620ea7f738f5eb Author: Martin Schwenke mar...@meltin.net Date: Mon Aug 10 14:27:01 2015 +1000 WHATSNEW: Document CTDB logging and NFS changes Signed-off-by: Martin Schwenke mar...@meltin.net Reviewed-by: Stefan Metzmacher me...@samba.org commit 4fb42e87182b25bb3f0695864be848018f79973c Author: Rowland Penny repenny241...@gmail.com Date: Wed Aug 5 10:36:33 2015 +0100 WHATSNEW: add a section about samba-tool fsmo Signed-off-by: Rowland Penny repenny241...@gmail.com Reviewed-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: WHATSNEW.txt | 74 1 file changed, 74 insertions(+) Changeset truncated at 500 lines: diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 33b2766..a657a9e 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -177,6 +177,80 @@ The tls priority option can be used to change the supported TLS protocols. The default is to disable SSLv3, which is no longer considered secure. +Samba-tool now supports all 7 FSMO roles +--- + +Previously samba-tool fsmo could only show, transfer or seize the +five well-known FSMO roles: + + Schema Master + Domain Naming Master + RID Master + PDC Emulator + Infrastructure Master + +It can now also show, transfer or seize the DNS infrastructure roles: + + DomainDnsZones Infrastructure Master + ForestDnsZones Infrastructure Master + +CTDB logging changes + + +The destination for CTDB logging is now set via a single new +configuration variable CTDB_LOGGING. This replaces CTDB_LOGFILE and +CTDB_SYSLOG, which have both been removed. See ctdbd.conf(5) for +details of CTDB_LOGGING. + +CTDB no longer runs a separate logging daemon. + +CTDB NFS support changes + + +CTDB's NFS service management has been combined into a single 60.nfs +event script. This updated 60.nfs script now uses a call-out to +interact with different NFS implementations. See the CTDB_NFS_CALLOUT +option in the ctdbd.conf(5) manual page for details. A default +call-out is provided to interact with the Linux kernel NFS +implementation. The 60.ganesha event script has been removed - a +sample call-out is provided for NFS Ganesha, based on this script. + +The method of configuring NFS RPC checks has been improved. See +ctdb/config/nfs-checks.d/README for details. + +Improved Cross-Compiling Support + + +A new hybrid build configuration mode is added to improve +cross-compilation support. + +A common challenge in cross-compilation is that of obtaining the results +of tests that have to run on the target, during the configuration +phase of the build. The Samba build system already supports the following +means to do so: + + - Executing configure tests using the --cross-execute parameter + - Obtaining the results from an answers file using the --cross-answers +parameter + +The first method has the drawback of inaccurate results if the tests are +run using an emulator, or a need to be connected to a running target +while building, if the tests are to be run on an actual target. The +second method presents a challenge of figuring out the test results. + +The new hybrid mode runs the tests and records the result in an answer file. +To activate this mode, use both --cross-execute and --cross-answers in the +same configure invocation. This mode can be activated once against a +running target, and then the generated answers file can be used in +subsequent builds. + +Also supplied is an example script that can be used as the +cross-execute program. This script copies the test to a running target +and runs the test on the target, obtaining the result. The obtained +results are more accurate than running the test with an emulator, because +they reflect the exact kernel and system libraries that exist on the +target. + ## Changes -- Samba
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via e408235 script/librelease.sh: this is replaced by script/release.sh
now
via e41e6a5 script/release.sh: This is a new script to do releases
via c55e72e WHATSNEW: fix version numbers
from 3f010b5 WHATSNEW: Prepare release notes for Samba 4.3.0rc3
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit e4082352b8d843c62c7817f423248e70cf16b8a2
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 15:41:29 2015 +0200
script/librelease.sh: this is replaced by script/release.sh now
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Andrew Bartlett abart...@samba.org
Autobuild-Date(master): Thu Aug 6 03:49:40 CEST 2015 on sn-devel-104
(cherry picked from commit 54cbecbe306eff1c36db5c98fdd106aeccdf096e)
commit e41e6a57e9a457d48b4017383f880a191c66
Author: Stefan Metzmacher me...@samba.org
Date: Tue Aug 4 11:33:26 2015 +0200
script/release.sh: This is a new script to do releases
This will replace script/librelease.sh and is more flexible
and powerful.
Usage: release.sh PRODUCT COMMAND
PRODUCT: ldb, talloc, tevent, tdb, samba-rc
COMMAND: fullrelease, create, push, upload, announce
GNUPGHOME=/path/to/private/gpg script/librelease.sh tdb
becomes
GNUPGHOME=/path/to/private/gpg script/release.sh tdb fullrelease
GNUPGHOME=/path/to/private/gpg script/librelease.sh samba
becomes
GNUPGHOME=/path/to/private/gpg script/release.sh samba-rc create
or later
GNUPGHOME=/path/to/private/gpg script/release.sh samba-stable create
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
(cherry picked from commit 71128e0a3ceaec43824bc72e0c64d5ce415869a2)
commit c55e72ecb05f69529e429ed31d4488b7b2b9e5c6
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 15:11:10 2015 +0200
WHATSNEW: fix version numbers
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
WHATSNEW.txt | 4 +-
script/librelease.sh | 110 -
script/release.sh| 615 +++
3 files changed, 617 insertions(+), 112 deletions(-)
delete mode 100755 script/librelease.sh
create mode 100755 script/release.sh
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 87da653..33b2766 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -210,11 +210,11 @@ KNOWN ISSUES
Currently none.
-CHANGES SINCE 4.2.0rc2
+CHANGES SINCE 4.3.0rc2
==
-CHANGES SINCE 4.2.0rc1
+CHANGES SINCE 4.3.0rc1
==
o Jeremy Allison j...@samba.org
diff --git a/script/librelease.sh b/script/librelease.sh
deleted file mode 100755
index e705cea..000
--- a/script/librelease.sh
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/bin/bash
-# make a release of a Samba library
-
-if [ ! -d .git ]; then
- echo Run this script from the top-level directory in the
- echo repository
- exit 1
-fi
-
-if [ $# -lt 1 ]; then
-echo Usage: librelease.sh LIBNAMES
-exit 1
-fi
-
-umask 0022
-
-release_lib() {
-lib=$1
-srcdir=$2
-ftpdir=$3
-
-pushd $srcdir
-
-echo Releasing library $lib
-
-echo building release tarball
-tgzname=$(make dist 21 | grep ^Created | cut -d' ' -f2)
-[ -f $tgzname ] || {
- echo Failed to create tarball
- exit 1
-}
-tarname=$(basename $tgzname .gz)
-echo Tarball: $tarname
-gunzip -f $tgzname || exit 1
-[ -f $tarname ] || {
- echo Failed to decompress tarball $tarname
- exit 1
-}
-
-tagname=$(basename $tarname .tar)
-echo tagging as $tagname
-git tag -u $GPG_KEYID -s $tagname -m $lib: tag release $tagname || {
- exit 1
-}
-
-echo signing
-rm -f $tarname.asc
-gpg -u $GPG_USER --detach-sign --armor $tarname || {
- exit 1
-}
-[ -f $tarname.asc ] || {
- echo Failed to create signature $tarname.asc
- exit 1
-}
-echo compressing
-gzip -f -9 $tarname
-[ -f $tgzname ] || {
- echo Failed to compress $tgzname
- exit 1
-}
-
-[ -z $ftpdir ] {
-popd
-return 0
-}
-
-echo Push git tag $tagname
-git push ssh://git.samba.org/data/git/samba.git
refs/tags/$tagname:refs/tags/$tagname || {
- exit 1
-}
-
-echo Transferring for FTP
-rsync -Pav $tarname.asc $tgzname
download-master.samba.org:~ftp/pub/$ftpdir/ || {
- exit 1
-}
-rsync download-master.samba.org:~ftp/pub/$ftpdir/$tarname.*
-
-popd
-}
-
-for lib in $*; do
-case $lib in
- talloc | tdb | ntdb | tevent | ldb)
- [ -z $GPG_USER
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via d3ac3da s4:rpc_server/netlogon: Fix for NetApp from 42f38fe dns: always add authority records https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit d3ac3da98611e665dc0f4e825faa5f12f6c848ef Author: Arvid Requate requ...@univention.de Date: Thu Aug 6 15:00:25 2015 +0200 s4:rpc_server/netlogon: Fix for NetApp This patch fixes an issue where NetApp filers joined to a Samba/ADDC cannot resolve SIDs. Without this patch the issue can only be avoided by setting allow nt4 crypto = yes in smb.conf. The issue is triggered by NetApp filers in three steps: 1. The client calls netr_ServerReqChallenge to set up challenge tokens 2. Next it calls netr_ServerAuthenticate2 with NETLOGON_NEG_STRONG_KEYS set to 0. Native AD and Samba respond to this with NT_STATUS_DOWNGRADE_DETECTED. At this point Samba throws away the challenge token negotiated in the first step. 3. Next the client calls netr_ServerAuthenticate2 again, this time with NETLOGON_NEG_STRONG_KEYS set to 1. Samba returns NT_STATUS_ACCESS_DENIED as it has lost track of the challenge and denies logon with the message No challenge requested by client [CLNT1/CLNT1$], cannot authenticate Git commit 321ebc99b5a00f82265aee741a48aa84b214d6e8 introduced a workaround for a different but related issue. This patch makes a minor adjustment to that commit to delay flushing the cached challenge until it's clear that we are not in a NT_STATUS_DOWNGRADE_DETECTED situation. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11291 Signed-off-by: Arvid Requate requ...@univention.de Reviewed-by: Jeremy Allison j...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Aug 6 20:29:04 CEST 2015 on sn-devel-104 --- Summary of changes: source4/rpc_server/netlogon/dcerpc_netlogon.c | 22 +++--- 1 file changed, 11 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index b47ccf4..49b5b2f 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -172,17 +172,6 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca } } - /* -* At this point we can cleanup the cache entry, -* if we fail the client needs to call netr_ServerReqChallenge -* again. -* -* Note: this handles global_challenge_table == NULL -* and also a non existing record just fine. -*/ - memcache_delete(global_challenge_table, - SINGLETON_CACHE, challenge_key); - server_flags = NETLOGON_NEG_ACCOUNT_LOCKOUT | NETLOGON_NEG_PERSISTENT_SAMREPL | NETLOGON_NEG_ARCFOUR | @@ -229,6 +218,17 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca } /* +* At this point we can cleanup the cache entry, +* if we fail the client needs to call netr_ServerReqChallenge +* again. +* +* Note: this handles global_challenge_table == NULL +* and also a non existing record just fine. +*/ + memcache_delete(global_challenge_table, + SINGLETON_CACHE, challenge_key); + + /* * According to Microsoft (see bugid #6099) * Windows 7 looks at the negotiate_flags * returned in this structure *even if the -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 1f4365e commit the result of ./generated_news.sh via 136a370 generated_news.sh: rewrite in order to use the files from posted_news/ via d200775 ./import_oldnews.sh generated_news/latest_10_headlines.html generated_news/latest_10_bodies.html via c9f87ff add import_oldnews.sh helper script from 4986f61 Announce Samba 4.3.0rc2. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 1f4365ef10de9fd033ec972c74a47df10473693c Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 5 13:14:16 2015 +0200 commit the result of ./generated_news.sh In future this will be done by a cron job on the web server every 5 mins. Signed-off-by: Stefan Metzmacher me...@samba.org commit 136a370e9804f7f4968de2ff2c4ec9f8cfcb9fc7 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 5 13:13:28 2015 +0200 generated_news.sh: rewrite in order to use the files from posted_news/ Signed-off-by: Stefan Metzmacher me...@samba.org commit d2007754ebc7cfa55163653b4d284ea8e9cf083e Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 5 13:09:24 2015 +0200 ./import_oldnews.sh generated_news/latest_10_headlines.html generated_news/latest_10_bodies.html TODO: we may want to do the same for generated_news/latest_1_*.html and also import the older manual added news of generated_news/latest_10_*.html Signed-off-by: Stefan Metzmacher me...@samba.org commit c9f87ffacfb0daf011d8808a557c21f2c89a3e91 Author: Stefan Metzmacher me...@samba.org Date: Wed Aug 5 13:06:22 2015 +0200 add import_oldnews.sh helper script This can be used like this: ./import_oldnews.sh generated_news/latest_10_headlines.html generated_news/latest_10_bodies.html Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: generated_news.sh | 42 ++- generated_news/latest_10_bodies.html | 126 ++--- generated_news/latest_10_headlines.html| 31 ++--- generated_news/latest_2_bodies.html| 27 + import_oldnews.sh | 61 ++ latest_news.html | 2 + posted_news/20150304-00.4.2.0.body.html| 1 + posted_news/20150304-00.4.2.0.headline.html| 3 + ...0306-00.2015-03-06_vmware_lawsuit.body.html | 9 ++ ...-00.2015-03-06_vmware_lawsuit.headline.html | 3 + posted_news/20150415-00.4.2.1.body.html| 15 +++ posted_news/20150415-00.4.2.1.headline.html| 3 + posted_news/20150506-00.4.0.26.body.html | 14 +++ posted_news/20150506-00.4.0.26.headline.html | 3 + posted_news/20150512-00.4.1.18.body.html | 14 +++ posted_news/20150512-00.4.1.18.headline.html | 3 + posted_news/20150527-00.4.2.2.body.html| 15 +++ posted_news/20150527-00.4.2.2.headline.html| 3 + posted_news/20150623-00.4.1.19.body.html | 15 +++ posted_news/20150623-00.4.1.19.headline.html | 3 + posted_news/20150714-00.4.2.3.body.html| 15 +++ posted_news/20150714-00.4.2.3.headline.html| 3 + posted_news/20150721-00.4.3.0rc1.body.html | 14 +++ posted_news/20150721-00.4.3.0rc1.headline.html | 3 + posted_news/20150804-00.4.3.0rc2.body.html | 14 +++ posted_news/20150804-00.4.3.0rc2.headline.html | 3 + 26 files changed, 278 insertions(+), 167 deletions(-) create mode 100755 import_oldnews.sh create mode 100644 posted_news/20150304-00.4.2.0.body.html create mode 100644 posted_news/20150304-00.4.2.0.headline.html create mode 100644 posted_news/20150306-00.2015-03-06_vmware_lawsuit.body.html create mode 100644 posted_news/20150306-00.2015-03-06_vmware_lawsuit.headline.html create mode 100644 posted_news/20150415-00.4.2.1.body.html create mode 100644 posted_news/20150415-00.4.2.1.headline.html create mode 100644 posted_news/20150506-00.4.0.26.body.html create mode 100644 posted_news/20150506-00.4.0.26.headline.html create mode 100644 posted_news/20150512-00.4.1.18.body.html create mode 100644 posted_news/20150512-00.4.1.18.headline.html create mode 100644 posted_news/20150527-00.4.2.2.body.html create mode 100644 posted_news/20150527-00.4.2.2.headline.html create mode 100644 posted_news/20150623-00.4.1.19.body.html create mode 100644 posted_news/20150623-00.4.1.19.headline.html create mode 100644 posted_news/20150714-00.4.2.3.body.html create mode 100644 posted_news/20150714-00.4.2.3.headline.html create mode 100644 posted_news/20150721-00.4.3.0rc1.body.html create mode 100644 posted_news/20150721-00.4.3.0rc1.headline.html
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated
via fae49ea NEWS[sambaXP-2015-recordings]: sambaXP: Listen to the 2015
recordings - and save the date for 2016
via 24b3b73 prepare_news.sh: add helper script to create new posted
news entries
via 79bc06e remove generated
generated_news/latest_{2,10}_{headlines,bodies}.html
from 1f4365e commit the result of ./generated_news.sh
https://git.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -
commit fae49eaedcc23c64bb95a353b2c357869620132b
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 14:17:51 2015 +0200
NEWS[sambaXP-2015-recordings]: sambaXP: Listen to the 2015 recordings - and
save the date for 2016
Signed-off-by: Stefan Metzmacher me...@samba.org
commit 24b3b7368325279d8f93a2bdafd8ee7447759339
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 13:15:38 2015 +0200
prepare_news.sh: add helper script to create new posted news entries
This can be used like this:
./prepare_news.sh NAME HEADLINE
It opens ${EDITOR} in order to fill the body content.
This will be the first example:
./prepare_news.sh sambaXP-2015-recordings sambaXP: Listen to the 2015
recordings - and save the date for 2016
Signed-off-by: Stefan Metzmacher me...@samba.org
commit 79bc06e51141c4580dfd9473616f9cfa6bcd3830
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 14:25:52 2015 +0200
remove generated generated_news/latest_{2,10}_{headlines,bodies}.html
./generated_news.sh renerates them on the web server every 5 mins.
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
.gitignore | 3 +
generated_news/latest_10_bodies.html | 10 --
generated_news/latest_10_headlines.html| 10 --
generated_news/latest_2_bodies.html| 2 -
...150805-121714.sambaXP-2015-recordings.body.html | 14 +++
...05-121714.sambaXP-2015-recordings.headline.html | 3 +
prepare_news.sh| 135 +
7 files changed, 155 insertions(+), 22 deletions(-)
delete mode 100644 generated_news/latest_10_bodies.html
delete mode 100644 generated_news/latest_10_headlines.html
delete mode 100644 generated_news/latest_2_bodies.html
create mode 100644
posted_news/20150805-121714.sambaXP-2015-recordings.body.html
create mode 100644
posted_news/20150805-121714.sambaXP-2015-recordings.headline.html
create mode 100755 prepare_news.sh
Changeset truncated at 500 lines:
diff --git a/.gitignore b/.gitignore
index 4e69724..139d1bf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,5 @@
.svn
*~
+generated_news/latest_10_headlines.html
+generated_news/latest_10_bodies.html
+generated_news/latest_2_bodies.html
diff --git a/generated_news/latest_10_bodies.html
b/generated_news/latest_10_bodies.html
deleted file mode 100644
index 547e00c..000
--- a/generated_news/latest_10_bodies.html
+++ /dev/null
@@ -1,10 +0,0 @@
-!--#include virtual=/samba/posted_news/20150804-00.4.3.0rc2.body.html
--
-!--#include virtual=/samba/posted_news/20150721-00.4.3.0rc1.body.html
--
-!--#include virtual=/samba/posted_news/20150714-00.4.2.3.body.html --
-!--#include virtual=/samba/posted_news/20150623-00.4.1.19.body.html --
-!--#include virtual=/samba/posted_news/20150527-00.4.2.2.body.html --
-!--#include virtual=/samba/posted_news/20150512-00.4.1.18.body.html --
-!--#include virtual=/samba/posted_news/20150506-00.4.0.26.body.html --
-!--#include virtual=/samba/posted_news/20150415-00.4.2.1.body.html --
-!--#include
virtual=/samba/posted_news/20150306-00.2015-03-06_vmware_lawsuit.body.html
--
-!--#include virtual=/samba/posted_news/20150304-00.4.2.0.body.html --
diff --git a/generated_news/latest_10_headlines.html
b/generated_news/latest_10_headlines.html
deleted file mode 100644
index 30af6f8..000
--- a/generated_news/latest_10_headlines.html
+++ /dev/null
@@ -1,10 +0,0 @@
-!--#include
virtual=/samba/posted_news/20150804-00.4.3.0rc2.headline.html --
-!--#include
virtual=/samba/posted_news/20150721-00.4.3.0rc1.headline.html --
-!--#include virtual=/samba/posted_news/20150714-00.4.2.3.headline.html
--
-!--#include virtual=/samba/posted_news/20150623-00.4.1.19.headline.html
--
-!--#include virtual=/samba/posted_news/20150527-00.4.2.2.headline.html
--
-!--#include virtual=/samba/posted_news/20150512-00.4.1.18.headline.html
--
-!--#include virtual=/samba/posted_news/20150506-00.4.0.26.headline.html
--
-!--#include virtual=/samba/posted_news/20150415-00.4.2.1.headline.html
--
-!--#include
virtual=/samba/posted_news/20150306-00.2015-03-06_vmware_lawsuit.headline.html
--
-!--#include virtual=/samba/posted_news/20150304
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated
via 817d77e sambaXP-2015-recordings: fix typo in headline html
via 4c1c6df prepare_news.sh: fix a typo in the headline generation
from fae49ea NEWS[sambaXP-2015-recordings]: sambaXP: Listen to the 2015
recordings - and save the date for 2016
https://git.samba.org/?p=samba-web.git;a=shortlog;h=master
- Log -
commit 817d77e8e00ee5b29c5a8fdce56704270a6546aa
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 14:32:04 2015 +0200
sambaXP-2015-recordings: fix typo in headline html
Signed-off-by: Stefan Metzmacher me...@samba.org
commit 4c1c6dffede09f5f48596480a69b14cf95c8f459
Author: Stefan Metzmacher me...@samba.org
Date: Wed Aug 5 14:31:36 2015 +0200
prepare_news.sh: fix a typo in the headline generation
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
posted_news/20150805-121714.sambaXP-2015-recordings.body.html | 2 +-
prepare_news.sh | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/posted_news/20150805-121714.sambaXP-2015-recordings.body.html
b/posted_news/20150805-121714.sambaXP-2015-recordings.body.html
index 3095606..641923a 100644
--- a/posted_news/20150805-121714.sambaXP-2015-recordings.body.html
+++ b/posted_news/20150805-121714.sambaXP-2015-recordings.body.html
@@ -1,6 +1,6 @@
!-- BEGIN: posted_news/20150805-121714.sambaXP-2015-recordings.body.html --
h5a name=sambaXP-2015-recordings05 August 2015/a/h5
-p class=headlinesambaXP: Listen to the 2015 recordings - and save the date
for 2016/p
+p class=headlinesambaXP: Listen to the 2015 recordings - and save the date
for 2016/p
p
Recordings and slides of the sambaXP 2015 talks are now available at
a href=www.sambaxp.orgwww.sambaxp.org/a.
diff --git a/prepare_news.sh b/prepare_news.sh
index a4e37f1..797bca2 100755
--- a/prepare_news.sh
+++ b/prepare_news.sh
@@ -101,7 +101,7 @@ CLEANUP_FILES=${CLEANUP_FILES} ${bodyfile}
{
echo !-- BEGIN: ${bodyfile} --
echo h5a name=\${NAME}\${utcdate}/a/h5
- echo p class=headline${HEADLINE}/p
+ echo p class=headline${HEADLINE}/p
echo p
echo !-- TODO: add your context here --
echo /p
--
Samba Website Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated
via 98ac8fc s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
via f90c55b lib: replace: Add strsep function (missing on Solaris).
from 20fba40 s3-auth: Fix a possible null pointer dereference
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -
commit 98ac8fc3d968e392a2b330846aed74baad08fb43
Author: Justin Maggard jmagg...@netgear.com
Date: Tue Jul 21 15:17:30 2015 -0700
s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
Somewhere along the line, a config line like valid users = @foo
broke when foo also exists as a user.
user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP
flag; but lookup_name() was not respecting that flag, and went ahead and
looked
for users anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320
Signed-off-by: Justin Maggard jmagg...@netgear.com
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Marc Muehlfeld mmuehlf...@samba.org
Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104
(cherry picked from commit dc99d451bf23668d73878847219682fced547622)
Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-2-test): Tue Aug 4 16:07:21 CEST 2015 on sn-devel-104
commit f90c55b3ce4a1e2055be8731be677975d595dbe5
Author: Jeremy Allison j...@samba.org
Date: Wed Jul 15 10:43:56 2015 -0700
lib: replace: Add strsep function (missing on Solaris).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Ira Cooper i...@wakeful.net
Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104
(cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9)
---
Summary of changes:
lib/replace/replace.c | 20
lib/replace/replace.h | 5 +
lib/replace/wscript | 4 ++--
source3/passdb/lookup_sid.c | 4 ++--
source3/passdb/lookup_sid.h | 2 +-
5 files changed, 30 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 2a9ca3e..604ecfb 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -467,6 +467,26 @@ char *rep_strcasestr(const char *haystack, const char
*needle)
}
#endif
+#ifndef HAVE_STRSEP
+char *rep_strsep(char **pps, const char *delim)
+{
+ char *ret = *pps;
+ char *p = *pps;
+
+ if (p == NULL) {
+ return NULL;
+ }
+ p += strcspn(p, delim);
+ if (*p == '\0') {
+ *pps = NULL;
+ } else {
+ *p = '\0';
+ *pps = p + 1;
+ }
+ return ret;
+}
+#endif
+
#ifndef HAVE_STRTOK_R
/* based on GLIBC version, copyright Free Software Foundation */
char *rep_strtok_r(char *s, const char *delim, char **save_ptr)
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 3ff4e36..c764d06 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -349,6 +349,11 @@ void rep_setlinebuf(FILE *);
char *rep_strcasestr(const char *haystack, const char *needle);
#endif
+#ifndef HAVE_STRSEP
+#define strsep rep_strsep
+char *rep_strsep(char **pps, const char *delim);
+#endif
+
#ifndef HAVE_STRTOK_R
#define strtok_r rep_strtok_r
char *rep_strtok_r(char *s, const char *delim, char **save_ptr);
diff --git a/lib/replace/wscript b/lib/replace/wscript
index a8182e3..7014642 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -239,7 +239,7 @@ def configure(conf):
conf.CHECK_FUNCS('lstat getpgrp utime utimes setuid seteuid setreuid
setresuid setgid setegid')
conf.CHECK_FUNCS('setregid setresgid chroot strerror vsyslog setlinebuf
mktime')
conf.CHECK_FUNCS('ftruncate chsize rename waitpid wait4')
-conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr')
+conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr strsep')
conf.CHECK_FUNCS('strtok_r mkdtemp dup2 dprintf vdprintf isatty chown
lchown')
conf.CHECK_FUNCS('link readlink symlink realpath snprintf vsnprintf')
conf.CHECK_FUNCS('asprintf vasprintf setenv unsetenv strnlen strtoull
__strtoull')
@@ -629,7 +629,7 @@ REPLACEMENT_FUNCTIONS = {
'memmove', 'strdup', 'setlinebuf', 'vsyslog', 'strnlen',
'strndup', 'waitpid', 'seteuid', 'setegid', 'chroot',
'mkstemp', 'mkdtemp', 'pread', 'pwrite', 'strcasestr',
- 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv',
+ 'strsep', 'strtok_r', 'strtoll', 'strtoull', 'setenv',
'unsetenv
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 3f010b5 WHATSNEW: Prepare release notes for Samba 4.3.0rc3 via 47f47d9 VERSION: Bump version up to 4.3.0rc3... via dd3c69d VERSION: Release Samba 4.3.0rc2 from 19e089b WHATSNEW: Prepare release notes for Samba 4.3.0rc2 https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit 3f010b51a1c6ea5e79f9ba2d43d1ff8bae18a6d0 Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 4 10:27:18 2015 +0200 WHATSNEW: Prepare release notes for Samba 4.3.0rc3 Signed-off-by: Stefan Metzmacher me...@samba.org commit 47f47d9f0a2aede0e0b8c12f7ad25a91df1b463d Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 4 10:21:20 2015 +0200 VERSION: Bump version up to 4.3.0rc3... ...and re-enable git snapshots. Signed-off-by: Stefan Metzmacher me...@samba.org commit dd3c69d1d3f3fa5d15d950939c51510d429ff47f Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 4 10:20:43 2015 +0200 VERSION: Release Samba 4.3.0rc2 Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 6 +- 2 files changed, 6 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 5fcf509..32bb725 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # - 3.0.0rc1 # -SAMBA_VERSION_RC_RELEASE=2 +SAMBA_VERSION_RC_RELEASE=3 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f2ff8d4..87da653 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the second release candidate of Samba 4.3. This is *not* +This is the third release candidate of Samba 4.3. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -210,6 +210,10 @@ KNOWN ISSUES Currently none. +CHANGES SINCE 4.2.0rc2 +== + + CHANGES SINCE 4.2.0rc1 == -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-3-stable updated
The branch, v4-3-stable has been updated via dd3c69d VERSION: Release Samba 4.3.0rc2 via 19e089b WHATSNEW: Prepare release notes for Samba 4.3.0rc2 via 5066377 tdb: Fix broken build with --disable-python via aee0165 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. via 466abc3 lib: replace: Add strsep function (missing on Solaris). via eac2f53 s3:wscript: fix indentation via 894784b build: fix build with gpfs support - add missing dependency to samba-debug via ab824a3 configure: add --with-gpfs option for selecting directory with gpfs headers via eb55fd0 WHATSNEW: a note about TLS protocol support via c111970 WHATSNEW: add a section about samba_kcc via 8e669b5 VERSION: Bump version up to 4.3.0rc2... from 8c8cbd9 VERSION: Release Samba 4.3.0rc1 https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-stable - Log - --- Summary of changes: VERSION | 2 +- WHATSNEW.txt| 45 +++-- lib/replace/replace.c | 20 lib/replace/replace.h | 5 + lib/replace/wscript | 4 ++-- lib/tdb/wscript | 11 ++- lib/util/wscript| 4 lib/util/wscript_build | 3 +++ lib/util/wscript_configure | 2 +- source3/passdb/lookup_sid.c | 4 ++-- source3/passdb/lookup_sid.h | 2 +- source3/wscript | 2 +- 12 files changed, 89 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 4264b43..cf10465 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # - 3.0.0rc1 # -SAMBA_VERSION_RC_RELEASE=1 +SAMBA_VERSION_RC_RELEASE=2 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 89a03b5..f2ff8d4 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the first release candidate of Samba 4.3. This is *not* +This is the second release candidate of Samba 4.3. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -14,6 +14,7 @@ UPGRADING Nothing special. + NEW FEATURES @@ -155,6 +156,28 @@ New modules vfs_unityed_media- see 'man 8 vfs_unityed_media' vfs_shell_snap - see 'man 8 vfs_shell_snap' +New sparsely connected replia graph (Improved KCC) +-- + +The Knowledge Consistency Checker (KCC) maintains a replication graph +for DCs across an AD network. The existing Samba KCC uses a fully +connected graph, so that each DC replicates from all the others, which +does not scale well with large networks. In 4.3 there is an +experimental new KCC that creates a sparsely connected replication +graph and closely follows Microsoft's specification. It is turned off +by default. To use the new KCC, set kccsrv:samba_kcc=true in +smb.conf and let us know how it goes. You should consider doing this +if you are making a large new network. For small networks there is +little benefit and you can always switch over at a later date. + +Configurable TLS protocol support, with better defaults +--- + +The tls priority option can be used to change the supported TLS +protocols. The default is to disable SSLv3, which is no longer +considered secure. + + ## Changes ### @@ -180,11 +203,29 @@ Removed modules vfs_notify_fam - see section 'New FileChangeNotify subsystem'. + KNOWN ISSUES Currently none. + +CHANGES SINCE 4.2.0rc1 +== + +o Jeremy Allison j...@samba.org +* BUG 11359: strsep is not available on Solaris + +o Björn Baumbach b...@sernet.de +* BUG 11421: Build with GPFS support is broken + +o Justin Maggard jmagg...@netgear.com +* BUG 11320: force group with local group not working + +o Martin Schwenke mar...@meltin.net +* BUG 11424: Build broken with --disable-python + + ### Reporting bugs Development Discussion ### @@ -195,7 +236,7 @@ joining the #samba-technical IRC channel on irc.freenode.net. If you do report problems then please try to send high quality feedback. If you don't provide vital information to help us track down the problem then you will probably be
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated via 19e089b WHATSNEW: Prepare release notes for Samba 4.3.0rc2 via 5066377 tdb: Fix broken build with --disable-python via aee0165 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. via 466abc3 lib: replace: Add strsep function (missing on Solaris). via eac2f53 s3:wscript: fix indentation via 894784b build: fix build with gpfs support - add missing dependency to samba-debug via ab824a3 configure: add --with-gpfs option for selecting directory with gpfs headers via eb55fd0 WHATSNEW: a note about TLS protocol support via c111970 WHATSNEW: add a section about samba_kcc from 8e669b5 VERSION: Bump version up to 4.3.0rc2... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test - Log - commit 19e089b798bf47381dbb0d0fb61cd6f0d2e6dba9 Author: Stefan Metzmacher me...@samba.org Date: Mon Aug 3 14:14:40 2015 +0200 WHATSNEW: Prepare release notes for Samba 4.3.0rc2 Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(v4-3-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-3-test): Tue Aug 4 10:38:56 CEST 2015 on sn-devel-104 commit 50663772fef3b23130f2fff6210ff532164288ad Author: Martin Schwenke mar...@meltin.net Date: Thu Jul 23 09:47:24 2015 +1000 tdb: Fix broken build with --disable-python With --disable-python, we should not install any python files. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11424 Signed-off-by: Martin Schwenke mar...@meltin.net Reviewed-by: Amitay Isaacs ami...@gmail.com Autobuild-User(master): Amitay Isaacs ami...@samba.org Autobuild-Date(master): Thu Jul 23 18:50:25 CEST 2015 on sn-devel-104 (cherry picked from commit 509c37da1300b843e089dfcd6657e68fa8c8c746) commit aee0165f692abdcb8347b7933e0b658e00e5b451 Author: Justin Maggard jmagg...@netgear.com Date: Tue Jul 21 15:17:30 2015 -0700 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. Somewhere along the line, a config line like valid users = @foo broke when foo also exists as a user. user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP flag; but lookup_name() was not respecting that flag, and went ahead and looked for users anyway. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320 Signed-off-by: Justin Maggard jmagg...@netgear.com Reviewed-by: Jeremy Allison j...@samba.org Reviewed-by: Marc Muehlfeld mmuehlf...@samba.org Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104 (cherry picked from commit dc99d451bf23668d73878847219682fced547622) commit 466abc316218bcaa538d7feb8a353fc8284e87ba Author: Jeremy Allison j...@samba.org Date: Wed Jul 15 10:43:56 2015 -0700 lib: replace: Add strsep function (missing on Solaris). BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359 Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Ira Cooper i...@wakeful.net Autobuild-User(master): Jeremy Allison j...@samba.org Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104 (cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9) commit eac2f538bf2b8d4f483232dcc0539d29a88b4529 Author: Björn Baumbach b...@sernet.de Date: Mon Jul 27 13:20:43 2015 +0200 s3:wscript: fix indentation Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Alexander Bokovoy a...@samba.org Reviewed-by: Martin Schwenke mar...@meltin.net (cherry picked from commit cef8897f45f1b231d26342688542560bbe695276) commit 894784ba192cca7840827cedad73fe04f2dc7bdd Author: Björn Baumbach b...@sernet.de Date: Mon Jul 27 15:15:07 2015 +0200 build: fix build with gpfs support - add missing dependency to samba-debug Fix for bug #11421 part 2. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11421 Pair-programmed-with: Stefan Metzmacher me...@samba.org Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Alexander Bokovoy a...@samba.org Reviewed-by: Martin Schwenke mar...@meltin.net Autobuild-User(master): Martin Schwenke mart...@samba.org Autobuild-Date(master): Wed Jul 29 13:38:59 CEST 2015 on sn-devel-104 (cherry picked from commit d57e4ac3de5f53346a8d7c3f96825c1345b58f6a) commit ab824a3b978663d85aaf585b4441ff6cc82e510a Author: Björn Baumbach b...@sernet.de Date: Mon Jul 27 12:14:37 2015 +0200 configure: add --with-gpfs option for selecting directory with gpfs headers Fix for bug #11421 part 1. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11421 Signed-off-by: Björn Baumbach b...@sernet.de Reviewed-by: Alexander Bokovoy a...@samba.org Reviewed-by: Martin Schwenke mar...@meltin.net
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 4986f61 Announce Samba 4.3.0rc2. from 0985686 rip obsoletes footer https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 4986f61dbe2504a96ed0c6a6d315afcf861556bd Author: Stefan Metzmacher me...@samba.org Date: Tue Aug 4 22:48:38 2015 +0200 Announce Samba 4.3.0rc2. Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: generated_news/latest_10_bodies.html| 25 ++--- generated_news/latest_10_headlines.html | 5 ++--- generated_news/latest_2_bodies.html | 24 +--- 3 files changed, 29 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 9730d65..1fc939f 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,16 @@ +!-- BEGIN: announce samba-4.3.0rc2 -- +h5a name=4.3.0rc204 August 2015/a/h5 +p class=headlineSamba 4.3.0rc2 Available for Download/p +p +This is the second release candidate of the upcoming Samba 4.3 release series. +/p +p +The uncompressed tarball has been signed using GnuPG (ID 6568B7EA). +The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc2.tar.gz;downloaded now/a. +See a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc2.WHATSNEW.txt;the release notes for more info/a. +/p +!-- END: announce samba-4.3.0rc2 -- + h5a name=4.3.0rc121 July 2015/a/h5 p class=headlineSamba 4.3.0rc1 Available for Download/p pThis is the first release candidate of the upcoming Samba 4.3 release @@ -6,7 +19,7 @@ pThe uncompressed tarballs and patch files have been signed using GnuPG (ID 6568B7EA). The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc1.tar.gz;downloaded -now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.3.0rc1.txt; +now/a. See a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc1.WHATSNEW.txt; the release notes for more info/a./p @@ -101,13 +114,3 @@ more info/a./p legal actions in defense of the GPL. Read our full a href=https://www.samba.org/samba/news/announcements/2015-03-06_vmware_lawsuit.html;lawsuit statement/a./p - - h5a name=4.2.004 March 2015/a/h5 - p class=headlineSamba 4.2.0 Available for Download/p - pThis is the first stable release of the Samba 4.2 series./p - -pThe uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-4.2.0.tar.gz;downloaded -now/a. See a href=http://samba.org/samba/history/samba-4.2.0.html; - the release notes for more info/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 482af7c..d640c7f 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 04 August 2015 a href=#4.3.0rc2Samba 4.3.0rc2 Available for Download/a/li + li 21 July 2015 a href=#4.3.0rc1Samba 4.3.0rc1 Available for Download/a/li li 14 July 2015 a href=#4.2.3Samba 4.2.3 Available for Download/a/li @@ -16,7 +18,4 @@ li 06 March 2015 a href=#2015-03-06_vmware_lawsuitSamba - VMware lawsuit to defend the GPL/a/li li 04 March 2015 a href=#4.2.0Samba 4.2.0 Available for Download/a/li - - li 02 March 2015 a href=#survey2015Calling all Samba Users: 2015 - User Survey/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index ed1a3aa..13a00cd 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,3 +1,16 @@ +!-- BEGIN: announce samba-4.3.0rc2 -- +h5a name=4.3.0rc204 August 2015/a/h5 +p class=headlineSamba 4.3.0rc2 Available for Download/p +p +This is the second release candidate of the upcoming Samba 4.3 release series. +/p +p +The uncompressed tarball has been signed using GnuPG (ID 6568B7EA). +The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc2.tar.gz;downloaded now/a. +See a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc2.WHATSNEW.txt;the release notes for more info/a. +/p +!-- END: announce samba-4.3.0rc2 -- + h5a name=4.3.0rc121 July 2015/a/h5 p class=headlineSamba 4.3.0rc1 Available for Download/p pThis is the first release candidate of the upcoming Samba 4.3 release @@ -10,14 +23,3 @@ now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.3.0rc1. the release notes for more info/a./p - h5a name=4.2.314 July 2015/a/h5 - p class=headlineSamba 4.2.3 Available for Download/p - pThis is the latest stable release of the Samba 4.2
[SCM] Samba Shared Repository - annotated tag samba-4.3.0rc2 created
The annotated tag, samba-4.3.0rc2 has been created at 6c10e8e101cd0596892458fb9e0d31eeb68efff5 (tag) tagging dd3c69d1d3f3fa5d15d950939c51510d429ff47f (commit) replaces samba-4.3.0rc1 tagged by Stefan Metzmacher on Tue Aug 4 22:32:59 2015 +0200 - Log - samba-rc: tag release samba-4.3.0rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iD8DBQBVwSF7bzORW2Vot+oRAliyAJ4v2lpKZkY3SkXM3+7iPyhGltkp+wCeIby3 8mj8ByGcnIQShbd7FUGsEKs= =yiaE -END PGP SIGNATURE- Björn Baumbach (3): configure: add --with-gpfs option for selecting directory with gpfs headers build: fix build with gpfs support - add missing dependency to samba-debug s3:wscript: fix indentation Douglas Bagnall (2): WHATSNEW: add a section about samba_kcc WHATSNEW: a note about TLS protocol support Jeremy Allison (1): lib: replace: Add strsep function (missing on Solaris). Justin Maggard (1): s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup. Martin Schwenke (1): tdb: Fix broken build with --disable-python Stefan Metzmacher (3): VERSION: Bump version up to 4.3.0rc2... WHATSNEW: Prepare release notes for Samba 4.3.0rc2 VERSION: Release Samba 4.3.0rc2 --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via 49e39b0 s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
via 516f518 lib: replace: Add strsep function (missing on Solaris).
from e889ea3 s3-auth: Fix a possible null pointer dereference
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit 49e39b05ca637cce4621ac60ed3bb536c0ac544a
Author: Justin Maggard jmagg...@netgear.com
Date: Tue Jul 21 15:17:30 2015 -0700
s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
Somewhere along the line, a config line like valid users = @foo
broke when foo also exists as a user.
user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP
flag; but lookup_name() was not respecting that flag, and went ahead and
looked
for users anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320
Signed-off-by: Justin Maggard jmagg...@netgear.com
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Marc Muehlfeld mmuehlf...@samba.org
Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104
(cherry picked from commit dc99d451bf23668d73878847219682fced547622)
Autobuild-User(v4-1-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-1-test): Mon Aug 3 20:03:05 CEST 2015 on sn-devel-104
commit 516f518aa736d1f53c2e35c421f16f5090d51796
Author: Jeremy Allison j...@samba.org
Date: Wed Jul 15 10:43:56 2015 -0700
lib: replace: Add strsep function (missing on Solaris).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: Ira Cooper i...@wakeful.net
Autobuild-User(master): Jeremy Allison j...@samba.org
Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104
(cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9)
---
Summary of changes:
lib/replace/replace.c | 20
lib/replace/replace.h | 5 +
lib/replace/wscript | 4 ++--
source3/passdb/lookup_sid.c | 4 ++--
source3/passdb/lookup_sid.h | 2 +-
5 files changed, 30 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 37edb31..488da0a 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -467,6 +467,26 @@ char *rep_strcasestr(const char *haystack, const char
*needle)
}
#endif
+#ifndef HAVE_STRSEP
+char *rep_strsep(char **pps, const char *delim)
+{
+ char *ret = *pps;
+ char *p = *pps;
+
+ if (p == NULL) {
+ return NULL;
+ }
+ p += strcspn(p, delim);
+ if (*p == '\0') {
+ *pps = NULL;
+ } else {
+ *p = '\0';
+ *pps = p + 1;
+ }
+ return ret;
+}
+#endif
+
#ifndef HAVE_STRTOK_R
/* based on GLIBC version, copyright Free Software Foundation */
char *rep_strtok_r(char *s, const char *delim, char **save_ptr)
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index cd0c25e..57163a9 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -345,6 +345,11 @@ void rep_setlinebuf(FILE *);
char *rep_strcasestr(const char *haystack, const char *needle);
#endif
+#ifndef HAVE_STRSEP
+#define strsep rep_strsep
+char *rep_strsep(char **pps, const char *delim);
+#endif
+
#ifndef HAVE_STRTOK_R
#define strtok_r rep_strtok_r
char *rep_strtok_r(char *s, const char *delim, char **save_ptr);
diff --git a/lib/replace/wscript b/lib/replace/wscript
index f0040b1..27a8138 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -271,7 +271,7 @@ struct foo bar = { .y = 'X', .x = 1 };
conf.CHECK_FUNCS('lstat getpgrp utime utimes setuid seteuid setreuid
setresuid setgid setegid')
conf.CHECK_FUNCS('setregid setresgid chroot strerror vsyslog setlinebuf
mktime')
conf.CHECK_FUNCS('ftruncate chsize rename waitpid wait4')
-conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr')
+conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr strsep')
conf.CHECK_FUNCS('strtok_r mkdtemp dup2 dprintf vdprintf isatty chown
lchown')
conf.CHECK_FUNCS('link readlink symlink realpath snprintf vsnprintf')
conf.CHECK_FUNCS('asprintf vasprintf setenv unsetenv strnlen strtoull
__strtoull')
@@ -605,7 +605,7 @@ REPLACEMENT_FUNCTIONS = {
'memmove', 'strdup', 'setlinebuf', 'vsyslog', 'strnlen',
'strndup', 'waitpid', 'seteuid', 'setegid', 'chroot',
'mkstemp', 'mkdtemp', 'pread', 'pwrite', 'strcasestr',
- 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv',
+ 'strsep', 'strtok_r', 'strtoll', 'strtoull', 'setenv',
'unsetenv
[SCM] Samba Shared Repository - annotated tag samba-4.3.0rc1 created
The annotated tag, samba-4.3.0rc1 has been created at 486af99cfc1e2f81dda0847aded5c5570b01ccc1 (tag) tagging 8c8cbd984f8d1f30c7f2dfe3a4d3b472e3245aee (commit) replaces ldb-1.1.21 tagged by Stefan Metzmacher on Tue Jul 21 22:39:16 2015 +0200 - Log - samba: tag release samba-4.3.0rc1 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iD8DBQBVrq30bzORW2Vot+oRAsO1AKC0tu2P1PXWP+EePGsQ065c/8T4nACdFD2e 6SgyOf3iy5zHeyy4+hPl65U= =scQG -END PGP SIGNATURE- Stefan Metzmacher (2): WHATSNEW: Start release notes for Samba 4.3.0rc1. VERSION: Release Samba 4.3.0rc1 --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-3-stable updated
The branch, v4-3-stable has been updated
via 8c8cbd9 VERSION: Release Samba 4.3.0rc1
via 4d5914b WHATSNEW: Start release notes for Samba 4.3.0rc1.
via b2a5949 ldb: version 1.1.21
via c7207e7 tdb: version 1.3.7
via e05cb33 talloc: version 2.1.3
via 54ea6ff testsuite/headers: remove unused checks for ntdb.h
via b86df6e tdb python binding: raise KeyError(key) when the key
doesn't exist
via 075799a pytdb: Add tests for text interface
via d8c1343 pyldb: Add a text-based interface for Python 3
via 1853a74 pytdb: Use new dict API on Python 3
via 13c24b3 pytdb: Build for two versions of Python at once
via 11eb2e4 pytdb: Port to Python 3
via d255231 pytdb: Allow nextkey() to be called
via 5090d49 buildtools: Fix crash on invalid --extra-python option
via 5a4e5d7 buildtools: Don't configure Python more than once
via 584adc4 s4-auth: Make sure error_string is correctly initialized
via ae607c0 s4-kdc_kpasswd: split out some code to a KPASSWD_GLUE
subsystem.
via a7705ad s4-kdc: move kdc_check_pac() to a new subsystem KDC-GLUE.
via 1e64e72 s4-kdc: only use a void* in samba_kdc_entry instead of
hdb_entry_ex.
via 38e5d8d s4-kdc/pac_glue: remove old samba_kdc_build_edata_reply().
via 893963c s4-kdc/mit_samba: add a copy of samba_kdc_build_edata_reply
for MIT.
via 402b0da s4-kdc/wdc-samba4: add a copy of
samba_kdc_build_edata_reply for Heimdal.
via 52e6d91 waf: Make mit_samba a subsystem and do not build with
Heimdal
via 8147156 s4-kdc: Fix a casting warning
via 17c8b1a s4-kdc: Fix a typo
via da3df2e pdb_tdb: Use fstr_sprintf
from 6551591 ctdb-daemon: Ignore SIGUSR1
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-stable
- Log -
---
Summary of changes:
VERSION| 6 +-
WHATSNEW.txt | 148 -
buildtools/wafsamba/samba_python.py| 6 +-
lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.21.sigs} | 0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.21.sigs} | 0
lib/ldb/wscript| 2 +-
...oc-util-2.0.6.sigs = pytalloc-util-2.1.3.sigs} | 0
.../ABI/{talloc-2.1.0.sigs = talloc-2.1.3.sigs} | 0
lib/talloc/wscript | 2 +-
lib/tdb/ABI/{tdb-1.3.5.sigs = tdb-1.3.7.sigs} | 0
lib/tdb/_tdb_text.py | 138
lib/tdb/pytdb.c| 234 ++--
lib/tdb/python/tests/simple.py | 240 -
lib/tdb/wscript| 30 ++-
source3/passdb/pdb_tdb.c | 17 +-
source4/auth/kerberos/srv_keytab.c | 50 +++--
source4/kdc/db-glue.c | 4 +-
source4/kdc/kdc-glue.c | 69 ++
source4/kdc/kdc-glue.h | 5 +
source4/kdc/kpasswd_glue.c | 112 ++
.../cldap_server.h = kdc/kpasswd_glue.h} | 35 ++-
source4/kdc/kpasswdd.c | 81 ++-
source4/kdc/mit_samba.c| 47
source4/kdc/pac-glue.c | 73 ---
source4/kdc/pac-glue.h | 6 -
source4/kdc/samba_kdc.h| 2 +-
source4/kdc/wdc-samba4.c | 41
source4/kdc/wscript_build | 63 --
testsuite/headers/wscript_build| 4 -
29 files changed, 1053 insertions(+), 362 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.21.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.21.sigs} (100%)
copy lib/talloc/ABI/{pytalloc-util-2.0.6.sigs = pytalloc-util-2.1.3.sigs}
(100%)
copy lib/talloc/ABI/{talloc-2.1.0.sigs = talloc-2.1.3.sigs} (100%)
copy lib/tdb/ABI/{tdb-1.3.5.sigs = tdb-1.3.7.sigs} (100%)
create mode 100644 lib/tdb/_tdb_text.py
create mode 100644 source4/kdc/kdc-glue.c
create mode 100644 source4/kdc/kpasswd_glue.c
copy source4/{cldap_server/cldap_server.h = kdc/kpasswd_glue.h} (57%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index df4a2f1..4264b43 100644
--- a/VERSION
+++ b/VERSION
@@ -77,7 +77,7 @@ SAMBA_VERSION_BETA_RELEASE=
# e.g. SAMBA_VERSION_PRE_RELEASE=1 #
# - 2.2.9pre1 #
-SAMBA_VERSION_PRE_RELEASE=1
+SAMBA_VERSION_PRE_RELEASE=
# For 'rc' releases the version will be#
@@ -87,7 +87,7
[SCM] Samba Shared Repository - annotated tag tdb-1.3.7 created
The annotated tag, tdb-1.3.7 has been created at 99f92a4253daad849d79b77fc4a34c429f3a01e0 (tag) tagging c7207e73b116b76f6dd681e0c5a872ae2e702616 (commit) replaces talloc-2.1.3 tagged by Stefan Metzmacher on Tue Jul 21 22:35:24 2015 +0200 - Log - tdb: tag release tdb-1.3.7 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJVrq0MAAoJEEeTkWETCEAltPIH+gOsX/hxaW4zyU5doDSlba+Y 079D13lIbKVrlxAlgT4AYecCQ60yv700ra863NnySXv99kl1mNMni6qNDkCf5TvI z1QMUA7XqY5CyhNEbqFVC1KAjHspdKjLKaB4xk47F+oJQb/q8ExJptTuGCbB+5O/ kTqjrCU8ef7TPpgrbeCCk87gxLbwt0wGkqr7CJGo7QKaAtSR7UOoJdFNrfUhL6oY lhGJ1fAQEQh34DFj4YtfPS/GdqdRKS5pJl0M2nb2ZFlrIYEvpoAVNrd1kz/lOBXP 9Ieo1KY1A4FvMUaJciPxKNyTR42TlXEuP7gG8BGLC0hsCUGYawJwlhqoExzI2WE= =cmDu -END PGP SIGNATURE- Stefan Metzmacher (1): tdb: version 1.3.7 --- -- Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag ldb-1.1.21 created
The annotated tag, ldb-1.1.21 has been created at 42883eded04707dc1179a9e869b73a865334c477 (tag) tagging b2a594926c5bff8b4a60a6ec27524e8e5741d427 (commit) replaces tdb-1.3.7 tagged by Stefan Metzmacher on Tue Jul 21 22:36:01 2015 +0200 - Log - ldb: tag release ldb-1.1.21 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJVrq0xAAoJEEeTkWETCEAlMZAH/j/IdSJaP75AKQjZ2D0Lo+GH wca0GBdJs+2kKms3mKjOivCxhd3pw/HIZ9RzhvRkQMhs7LMBRgJtGChoHy/Q38oF 0Zm1JHrShU0i9rNym7Oia+GgqxSsCdCC4S8e82O/JLfixcZSum73YCKy//sLEZmV SBgdKZ312hVv89+l3gb8XBZtOr8cyiOjVaxn5fbXQQDUIqylSoL85Kr05b1RszDh HmYnAi1BCUy7EiYdmzD/EYRQtHHEWraH7+Q98JlPWiTmLH2zWpkn/PPxMYSutGQJ dJ3PfwjExyhfCyU3rdPjYHrD33KyLZQjd2kZ2OCoxznVpvlWJNlHssibrG2Xbv0= =UAkW -END PGP SIGNATURE- Stefan Metzmacher (1): ldb: version 1.1.21 --- -- Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via ebb693c Announce Samba 4.3.0rc1. from 870f22c Remove science+computing from support/germany.html https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit ebb693c822a5947642d7a55e2640b9bf2adcf71b Author: Karolin Seeger ksee...@samba.org Date: Tue Jul 21 16:01:01 2015 +0200 Announce Samba 4.3.0rc1. Signed-off-by: Karolin Seeger ksee...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: generated_news/latest_10_bodies.html| 21 - generated_news/latest_10_headlines.html | 5 ++--- generated_news/latest_2_bodies.html | 25 - 3 files changed, 26 insertions(+), 25 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 0de0019..9730d65 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,15 @@ + h5a name=4.3.0rc121 July 2015/a/h5 + p class=headlineSamba 4.3.0rc1 Available for Download/p + pThis is the first release candidate of the upcoming Samba 4.3 release + series./p + +pThe uncompressed tarballs and patch files have been signed +using GnuPG (ID 6568B7EA). The source code can be +a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc1.tar.gz;downloaded +now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.3.0rc1.txt; +the release notes for more info/a./p + + h5a name=4.2.314 July 2015/a/h5 p class=headlineSamba 4.2.3 Available for Download/p pThis is the latest stable release of the Samba 4.2 series./p @@ -99,12 +111,3 @@ using GnuPG (ID 6568B7EA). The source code can be a href=http://samba.org/samba/ftp/stable/samba-4.2.0.tar.gz;downloaded now/a. See a href=http://samba.org/samba/history/samba-4.2.0.html; the release notes for more info/a./p - - -h5a name=survey201502 March 2015/a/h5 - p class=headlineCalling all Samba Users: 2015 User Survey/p - pWhat Samba features do you care about most? Do you have problems or - ideas to tell the Samba Team? Which parts of the documentation are - most important to you?/p - pThe Samba Team invites all users to participate in the - a href=https://www.surveygizmo.com/s3/2020369/Samba-User-Survey-2015;Samba Survey/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 109ad26..482af7c 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 21 July 2015 a href=#4.3.0rc1Samba 4.3.0rc1 Available for Download/a/li + li 14 July 2015 a href=#4.2.3Samba 4.2.3 Available for Download/a/li li 23 June 2015 a href=#4.1.19Samba 4.1.19 Available for Download/a/li @@ -17,7 +19,4 @@ li 02 March 2015 a href=#survey2015Calling all Samba Users: 2015 User Survey/a/li - - li 24 February 2015 a href=#4.2.0rc5Samba 4.2.0rc5 Available for - Download (incl. fix for CVE-2015-0240)/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index 9619175..ed1a3aa 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,3 +1,15 @@ + h5a name=4.3.0rc121 July 2015/a/h5 + p class=headlineSamba 4.3.0rc1 Available for Download/p + pThis is the first release candidate of the upcoming Samba 4.3 release + series./p + +pThe uncompressed tarballs and patch files have been signed +using GnuPG (ID 6568B7EA). The source code can be +a href=https://download.samba.org/pub/samba/rc/samba-4.3.0rc1.tar.gz;downloaded +now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.3.0rc1.txt; +the release notes for more info/a./p + + h5a name=4.2.314 July 2015/a/h5 p class=headlineSamba 4.2.3 Available for Download/p pThis is the latest stable release of the Samba 4.2 series./p @@ -9,16 +21,3 @@ now/a. A a href=http://samba.org/samba/ftp/patches/patch-4.2.2-4.2.3.diffs.g patch against Samba 4.2.2/a is also available. See a href=http://samba.org/samba/history/samba-4.2.3.html;the release notes for more info/a./p - - - h5a name=4.1.1923 June 2015/a/h5 - p class=headlineSamba 4.1.19 Available for Download/p - pThis is the last stable release of the Samba 4.1 series./p - -pThe uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-4.1.19.tar.gz;downloaded -now/a. A a href=http://samba.org/samba/ftp/patches/patch-4.1.18-4.1.19.diffs.gz; -patch against Samba 4.1.18/a is also available. See -a href=http://samba.org
[SCM] Samba Shared Repository - branch v4-3-test updated
The branch, v4-3-test has been updated
via 8e669b5 VERSION: Bump version up to 4.3.0rc2...
via 8c8cbd9 VERSION: Release Samba 4.3.0rc1
via 4d5914b WHATSNEW: Start release notes for Samba 4.3.0rc1.
via b2a5949 ldb: version 1.1.21
via c7207e7 tdb: version 1.3.7
via e05cb33 talloc: version 2.1.3
via 54ea6ff testsuite/headers: remove unused checks for ntdb.h
via b86df6e tdb python binding: raise KeyError(key) when the key
doesn't exist
via 075799a pytdb: Add tests for text interface
via d8c1343 pyldb: Add a text-based interface for Python 3
via 1853a74 pytdb: Use new dict API on Python 3
via 13c24b3 pytdb: Build for two versions of Python at once
via 11eb2e4 pytdb: Port to Python 3
via d255231 pytdb: Allow nextkey() to be called
via 5090d49 buildtools: Fix crash on invalid --extra-python option
via 5a4e5d7 buildtools: Don't configure Python more than once
via 584adc4 s4-auth: Make sure error_string is correctly initialized
via ae607c0 s4-kdc_kpasswd: split out some code to a KPASSWD_GLUE
subsystem.
via a7705ad s4-kdc: move kdc_check_pac() to a new subsystem KDC-GLUE.
via 1e64e72 s4-kdc: only use a void* in samba_kdc_entry instead of
hdb_entry_ex.
via 38e5d8d s4-kdc/pac_glue: remove old samba_kdc_build_edata_reply().
via 893963c s4-kdc/mit_samba: add a copy of samba_kdc_build_edata_reply
for MIT.
via 402b0da s4-kdc/wdc-samba4: add a copy of
samba_kdc_build_edata_reply for Heimdal.
via 52e6d91 waf: Make mit_samba a subsystem and do not build with
Heimdal
via 8147156 s4-kdc: Fix a casting warning
via 17c8b1a s4-kdc: Fix a typo
via da3df2e pdb_tdb: Use fstr_sprintf
from 6551591 ctdb-daemon: Ignore SIGUSR1
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-test
- Log -
commit 8e669b5383cc79ea2d0df3d946394c2909ba81e5
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jul 21 13:56:42 2015 +0200
VERSION: Bump version up to 4.3.0rc2...
...and re-enable git snapshots.
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
VERSION| 4 +-
WHATSNEW.txt | 148 -
buildtools/wafsamba/samba_python.py| 6 +-
lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.21.sigs} | 0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.21.sigs} | 0
lib/ldb/wscript| 2 +-
...oc-util-2.0.6.sigs = pytalloc-util-2.1.3.sigs} | 0
.../ABI/{talloc-2.1.0.sigs = talloc-2.1.3.sigs} | 0
lib/talloc/wscript | 2 +-
lib/tdb/ABI/{tdb-1.3.5.sigs = tdb-1.3.7.sigs} | 0
lib/tdb/_tdb_text.py | 138
lib/tdb/pytdb.c| 234 ++--
lib/tdb/python/tests/simple.py | 240 -
lib/tdb/wscript| 30 ++-
source3/passdb/pdb_tdb.c | 17 +-
source4/auth/kerberos/srv_keytab.c | 50 +++--
source4/kdc/db-glue.c | 4 +-
source4/kdc/kdc-glue.c | 69 ++
source4/kdc/kdc-glue.h | 5 +
source4/kdc/kpasswd_glue.c | 112 ++
.../cldap_server.h = kdc/kpasswd_glue.h} | 35 ++-
source4/kdc/kpasswdd.c | 81 ++-
source4/kdc/mit_samba.c| 47
source4/kdc/pac-glue.c | 73 ---
source4/kdc/pac-glue.h | 6 -
source4/kdc/samba_kdc.h| 2 +-
source4/kdc/wdc-samba4.c | 41
source4/kdc/wscript_build | 63 --
testsuite/headers/wscript_build| 4 -
29 files changed, 1052 insertions(+), 361 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.21.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.21.sigs} (100%)
copy lib/talloc/ABI/{pytalloc-util-2.0.6.sigs = pytalloc-util-2.1.3.sigs}
(100%)
copy lib/talloc/ABI/{talloc-2.1.0.sigs = talloc-2.1.3.sigs} (100%)
copy lib/tdb/ABI/{tdb-1.3.5.sigs = tdb-1.3.7.sigs} (100%)
create mode 100644 lib/tdb/_tdb_text.py
create mode 100644 source4/kdc/kdc-glue.c
create mode 100644 source4/kdc/kpasswd_glue.c
copy source4/{cldap_server/cldap_server.h = kdc/kpasswd_glue.h} (57%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index df4a2f1..5fcf509 100644
--- a/VERSION
+++ b/VERSION
@@ -77,7 +77,7 @@ SAMBA_VERSION_BETA_RELEASE=
# e.g
[SCM] Samba Shared Repository - annotated tag talloc-2.1.3 created
The annotated tag, talloc-2.1.3 has been created at 39f95f7944ba37461ab4f29172549306959436b1 (tag) tagging e05cb33511da81a2916b7504308552bcb4cbd587 (commit) replaces tdb-1.3.6 tagged by Stefan Metzmacher on Tue Jul 21 22:34:23 2015 +0200 - Log - talloc: tag release talloc-2.1.3 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJVrqzPAAoJEEeTkWETCEAlChoIAIuWpVLIaVxgBfc7ughln6Ne +QFKxW8syzb8c+qMls9ypn96WIk98VWfxBqZwxNP1xv9G7UZlD4N4FteRtfGAgYM DuFEB1BuFzs9xvaHj1B0GhI84jR19wXke8yXD0pxAyKrmeZzO1kNtI42B5+p3fk4 0VOr1tHgCGGwqGV6KH+6o9RxhZvu4aQFdjfr0J2KiyshEmh/QhWjT/e+mUJspW4g Dee7um7e8dUtjrqHVy0znuWtb1bz8urTQuVg2DxoI4DeHlazw5WSQ3gVYwkL8C0C MaVTQAFudlbvKjHb8/Xxpqxp3d6UgInEkiiMlJxLhryIk0iOKEPEMTO7fOu3VoQ= =ZWZD -END PGP SIGNATURE- Alexander Bokovoy (1): auth/credentials: if credentials have principal set, they are not anonymous anymore Amitay Isaacs (12): wafsamba: Cache final_libs for each target ctdb-packaging: Pass extra arguments to rpmbuild from commandline ctdb-packaging: Package private libraries ctdb-tests: Add simple test harnesses for running unit tests ctdb-tests: Remove extra_header and extra_footer variables ctdb-tests: Remove unsed code ctdb-tests: Add test cleanup hooks ctdb-tests: Refactor code using simple test harness functions ctdb-daemon: Fix valgrind invalid read error in db_statistics control ctdb-daemon: Remove control CTDB_CONTROL_SET_CALL ctdb-daemon: Avoid double-free during monitor cancellation ctdb-daemon: Return correct sequence number for CONTROL_GET_DB_SEQNUM Andreas Schneider (27): wafsamba: Also build libraries with RELRO protection auth: Explain why GSS_KRB5_CRED_NO_CI_FLAGS_X is needed tests: Add test_preserve_case.sh selftest: Plan samba3.blackbox.preserve_case testcase CID 1311763: Fix incorrect return value CID 1311764: Fix logical compare in if clause CID 1311767: Cast enum type to avoid compiler warnings CID 1311771: Fix a null pointer dereference CID 1311772: Fix null pointer check docs: Documents length limitations for NetBIOS name s4-samdb: Correctly cast data pointer s4-auth: Add smb_krb5_create_principals_array() s4-auth: Add smb_krb5_remove_obsolete_keytab_entries() s4-auth: Use kerberos util functions in srv_keytab s4-auth: Always pass down the salt principal s4-waf: Reformat torture_rpc s4-torture: Make the backupkey test as a noop with MIT Kerberos. selftest: Do not lookup the realm with Kerberos s4-kerberos: Make sure we handle kvno's in keytabs correctly s3-auth: Fix a possible null pointer dereference s3-smbd: Leave sys_disk_free() if dfree command is used s3-smbd: Remove the global dfree_broken variable selftest: Add test for the dfree command s4-kdc: Fix a typo s4-kdc: Fix a casting warning waf: Make mit_samba a subsystem and do not build with Heimdal s4-auth: Make sure error_string is correctly initialized Andrew Bartlett (10): selftest: Run winbind tests in chgdcpass environment winbindd: Use pdb_get_domain_info() to get exactly the local domain info when we are an AD DC winbindd: Sync secrets.ldb into secrets.tdb on startup selftest: Change chgdcpass environment to use winbindd Allow winbind removal by matching delays to Samba3.pm s4-winbindd: Remove the winbind rewrite from the samba4 effort Remove support for OpenPGP certificates in our TLS client and server lib/tls: Add new 'tls priority' option lib/tls: Change default supported TLS versions. selftest: Add knownfail entry required to disable tombstone_reanimation Anoop C S (4): source3/registry: Fix CID 1273421 Useless call source3/registry: Fix CID 1273100 Stray semicolon source/libsmb: Fix CID 1272955 Logically dead code lib/sysquota_linux: Handle the quota flags properly Anubhav Rakshit (2): s3:libsmb: Fix a bug in conversion of ea list to ea array. s3:client: Add scopy cmd to perform Server Side copy using smbclient. Aurelien Aptel (1): tdb python binding: raise KeyError(key) when the key doesn't exist Christof Schmitt (19): sharesec: Use non-numerical output for sharesec selftest: Add test for sharesec command docs-xml: Update sharesec manpage to reflect current output selftest: Add callout scripts for RPC SRVSVC share modifications selftest: Add blackbox test for srvsvc calls from rpcclient sharesec: Remove error message for unmarshall_sec_desc failure ctdb: Accept the key in hex format for the pstore command ctdb: Create helper function for optional hex input ctdb: Accept hex format for pdelete and ptrans commands vfs_gpfs: Use ACL defines from GPFS 3.5 header files vfs_gpfs
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 323e4f8 s3:winbindd: initialize dst-primary_gid with (gid_t)-1
via a7d5829 s3:winbindd: initialize acct_desc fields in
rpc_enum_{dom,local}_groups()
via e5d309d s3:winbindd: initialize an [in,out] variable in
rpc_try_lookup_sids3()
from 109ff38 s3-auth: Fix a possible null pointer dereference
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 323e4f89fca2f4f0e017a36a27427be32b42fc54
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jul 16 07:12:07 2015 +0200
s3:winbindd: initialize dst-primary_gid with (gid_t)-1
We should not leave this uninitialized.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Volker Lendecke v...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Jul 17 19:06:08 CEST 2015 on sn-devel-104
commit a7d582954d0de6bae0288a239eb42c23a053f495
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jul 16 07:00:08 2015 +0200
s3:winbindd: initialize acct_desc fields in rpc_enum_{dom,local}_groups()
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Volker Lendecke v...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
commit e5d309d4328a1391ebd39dd487c100abdb9cb091
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jul 16 06:57:50 2015 +0200
s3:winbindd: initialize an [in,out] variable in rpc_try_lookup_sids3()
The input value of count is ignored by the server,
but we should not send an uninitialized value.
Found by valgrind.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Volker Lendecke v...@samba.org
Reviewed-by: Michael Adam ob...@samba.org
---
Summary of changes:
source3/winbindd/winbindd_rpc.c | 19 ---
1 file changed, 12 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 03bc9b5..386396a 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -120,7 +120,7 @@ NTSTATUS rpc_query_user_list(TALLOC_CTX *mem_ctx,
dst-homedir = NULL;
dst-shell = NULL;
-
+ dst-primary_gid = (gid_t)-1;
sid_compose(dst-user_sid, domain_sid, rid);
/* For the moment we set the primary group for
@@ -190,10 +190,12 @@ NTSTATUS rpc_enum_dom_groups(TALLOC_CTX *mem_ctx,
}
for (g = 0; g count; g++) {
- fstrcpy(info[num_info + g].acct_name,
- sam_array-entries[g].name.string);
+ struct wb_acct_info *i = info[num_info + g];
- info[num_info + g].rid = sam_array-entries[g].idx;
+ fstrcpy(i-acct_name,
+ sam_array-entries[g].name.string);
+ fstrcpy(i-acct_desc, );
+ i-rid = sam_array-entries[g].idx;
}
num_info += count;
@@ -250,9 +252,12 @@ NTSTATUS rpc_enum_local_groups(TALLOC_CTX *mem_ctx,
}
for (g = 0; g count; g++) {
- fstrcpy(info[num_info + g].acct_name,
+ struct wb_acct_info *i = info[num_info + g];
+
+ fstrcpy(i-acct_name,
sam_array-entries[g].name.string);
- info[num_info + g].rid = sam_array-entries[g].idx;
+ fstrcpy(i-acct_desc, );
+ i-rid = sam_array-entries[g].idx;
}
num_info += count;
@@ -1081,7 +1086,7 @@ static NTSTATUS rpc_try_lookup_sids3(TALLOC_CTX *mem_ctx,
{
struct lsa_TransNameArray2 lsa_names2;
struct lsa_TransNameArray *names = *pnames;
- uint32_t i, count;
+ uint32_t i, count = 0;
NTSTATUS status, result;
ZERO_STRUCT(lsa_names2);
--
Samba Shared Repository
[SCM] build.samba.org - branch master updated
The branch, master has been updated
via bbaa8f3 use download.samba.org::ftp/unpacked/
from 6ccf7e2 Use cksum(1) instead of sum(1). Some operating systems such
as OpenBSD do not have sum(1). POSIX OS's have cksum(1).
https://git.samba.org/?p=build-farm.git;a=shortlog;h=master
- Log -
commit bbaa8f3bf3a38c7c1d5f7d02a90a8bcc7b440c7a
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jul 10 11:02:46 2015 +0200
use download.samba.org::ftp/unpacked/
Signed-off-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
build_test.fns | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/build_test.fns b/build_test.fns
index 6fa841d..7fad7f1 100644
--- a/build_test.fns
+++ b/build_test.fns
@@ -118,7 +118,7 @@ fetch_tree() {
fetchtree=$1
if rsync --exclude=autom4te.cache/ --exclude=.svn/
--exclude=.git/ \
--delete-excluded -q --partial --timeout=200 -ctrlpz
--delete --ignore-errors \
- samba.org::ftp/unpacked/$fetchtree/
$test_root/$fetchtree; then
+ download.samba.org::ftp/unpacked/$fetchtree/
$test_root/$fetchtree; then
echo transferred $fetchtree OK
else
echo transfer of $fetchtree failed code $?
--
build.samba.org
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a12c2d0 script/librelease.sh: use
download-master.samba.org:~ftp/pub/ for uploading
from 8a58a48 libsmb: Implement smbc_notify
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a12c2d0762c2a97820131fc74ec0e0f9f2abcc5f
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jul 10 11:47:31 2015 +0200
script/librelease.sh: use download-master.samba.org:~ftp/pub/ for uploading
master.samba.org might be removed in future.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Björn Jacke b...@sernet.de
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Jul 10 16:38:20 CEST 2015 on sn-devel-104
---
Summary of changes:
script/librelease.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/script/librelease.sh b/script/librelease.sh
index 7584e48..e705cea 100755
--- a/script/librelease.sh
+++ b/script/librelease.sh
@@ -70,10 +70,10 @@ release_lib() {
}
echo Transferring for FTP
-rsync -Pav $tarname.asc $tgzname master.samba.org:~ftp/pub/$ftpdir/ || {
+rsync -Pav $tarname.asc $tgzname
download-master.samba.org:~ftp/pub/$ftpdir/ || {
exit 1
}
-rsync master.samba.org:~ftp/pub/$ftpdir/$tarname.*
+rsync download-master.samba.org:~ftp/pub/$ftpdir/$tarname.*
popd
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
- commit 7447abc44c325751aa7010dedc3553038a5cfdb5 Author: Stefan Metzmacher me...@samba.org Date: Wed May 20 00:05:00 2015 +0200 s4:torture/rpc: extend and improve rpc.lsa.trusted.domains This adds a lot more validation arround trust credentials and krb5 interaction. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed Jul 8 21:41:17 CEST 2015 on sn-devel-104 commit d9d670713b5ced151454961642cf4c494bc883e1 Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 30 12:08:22 2015 +0200 s4:torture/rpc: add missing \n in comments Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 84b0d1f96730410c9169f9a09f4a67aea1b5b9a8 Author: Stefan Metzmacher me...@samba.org Date: Tue Jun 30 12:06:11 2015 +0200 s4:torture/rpc: handle NT_STATUS_NO_SUCH_DOMAIN in test_query_each_TrustDom() lsa_EnumTrusts() may also return non direct trusted domains in the forest. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 80be365e629cd0d02efdb17d72447e0f89dc77d3 Author: Stefan Metzmacher me...@samba.org Date: Mon May 11 13:35:17 2015 +0200 testprogs/blackbox: add test_trust_utils.sh This tests 'samba-tool domain trust *' commands. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 03fc85e39b65b746c47195b3d1582dfacd87d577 Author: Stefan Metzmacher me...@samba.org Date: Thu Jun 11 18:58:42 2015 +0200 testprogs/blackbox: let test_kinit_trusts.sh verify that setpassword (via LDAP) is rejected Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit b2ad31ac0d28ce31b7c05fc79068a3e715d404d3 Author: Stefan Metzmacher me...@samba.org Date: Mon May 11 15:07:49 2015 +0200 testprogs/blackbox: let test_kinit_trusts.sh test a enterprise upn from the other foreset Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 7605c5d6e8fd68576d096b18a69a458e2888c30a Author: Stefan Metzmacher me...@samba.org Date: Mon May 11 13:45:59 2015 +0200 selftest/Samba4: setup forest UPN and SPN namespaces for ad_dc and fl2008r2dc Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 7ee4f23821eb63699c4a67ff18003e3b955e0765 Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 11 15:07:40 2015 +0100 testprogs/blackbox: add test_kinit_trusts.sh That verifies kinit and smbclient work across trusts. It also tests a trust password change and a following access. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 90956d608814cd83c0edee6521bc11a29c76826f Author: Stefan Metzmacher me...@samba.org Date: Wed Feb 11 09:58:07 2015 +0100 selftest/Samba4: setup trusts between forest:fl2008r2dc/ad_dc and externl:fl2003dc/ad_dc Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit cab82ebda706bbad258e218e90fe3d70ebf5ea21 Author: Stefan Metzmacher me...@samba.org Date: Wed Jan 21 14:44:44 2015 +0100 samba-tool: add 'domain trust *' commands Available subcommands: create - Create a domain or forest trust. delete - Delete a domain trust. list- List domain trusts. namespaces - Manage forest trust namespaces. show- Show trusted domain details. validate- Validate a domain trust. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org commit 41f08b19642780a49f14b547b7a775a3f0904166 Author: Stefan Metzmacher me...@samba.org Date: Tue Jan 27 21:45:47 2015 + python/samba: add on optional 'special_name' argument to CredentialsOptions() This way we have have two sets or credentials on the command line, while at least one uses some prefix (special_name) for the arguments. The default options without special_name are: Credentials Options: --simple-bind-dn=DN DN to use for a simple bind --password=PASSWORD Password -U USERNAME, --username=USERNAME Username -W WORKGROUP, --workgroup=WORKGROUP Workgroup -N, --no-pass Don't ask for a password -k KERBEROS, --kerberos=KERBEROS Use Kerberos --ipaddress=IPADDRESS IP address of server -P, --machine-pass
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 6dd117b s4:selftest: also run rpc.winreg with kerberos and all
possible auth options
via 5b917fd s4:selftest: run rpc.echo tests also with krb5 krb5,sign
krb5,seal
via 69c1b4b s4:rpc_server: fix padding caclucation in
dcesrv_auth_response()
via 1bf7ab4 s4:rpc_server: let dcesrv_auth_response() handle sig_size
== 0 with auth_info as error
via 16f3837 s4:rpc_server: let dcesrv_reply() use a sig_size for a
padded payload
via 3fbdb25 s4:rpc_server: let dcesrv_reply() use
DCERPC_AUTH_PAD_ALIGNMENT define
via 114c52e s4:librpc/rpc: fix padding caclucation in
ncacn_push_request_sign()
via 48f2c38 s4:librpc/rpc: let ncacn_push_request_sign() handle
sig_size == 0 with auth_info as internal error
via fc249d5 s4:librpc/rpc: let dcerpc_ship_next_request() use a
sig_size for a padded payload
via ef801ba s4:librpc/rpc: let dcerpc_ship_next_request() use
DCERPC_AUTH_PAD_ALIGNMENT define
via c726dd7 s3:include: remove used unused
{CLIENT,SERVER}_NDR_PADDING_SIZE
via a6a6795 s3:rpc_server: remove pad handling from
api_pipe_alter_context()
via b2e042a s3:librpc/rpc: fix padding calculation in
dcerpc_guess_sizes()
via 3e6e9e3 s3:librpc/rpc: allow up to DCERPC_AUTH_PAD_ALIGNMENT
padding bytes in dcerpc_add_auth_footer()
via f1e3ad2 librpc/rpc: add DCERPC_AUTH_PAD_LENGTH(stub_length) helper
macro
via 2cb3ec5 dcerpc.idl: add DCERPC_AUTH_PAD_ALIGNMENT (=16)
via 756508c auth/gensec: make sure gensec_start_mech_by_authtype()
resets SIGN/SEAL before starting
via 3542d33 auth/gensec: gensec_[un]seal_packet() should only work with
GENSEC_FEATURE_DCE_STYLE
via 5757945 auth/credentials: use HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X
instead of SAMBA4_USES_HEIMDAL
via 0149961 s4:heimdal_build: define HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X
from 408c965 s4:torture:vfs_fruit: copyfile
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 6dd117b21ef06da68af67051f2822f71193d193a
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jun 23 10:27:27 2015 +0200
s4:selftest: also run rpc.winreg with kerberos and all possible auth options
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jun 23 17:31:08 CEST 2015 on sn-devel-104
commit 5b917fd6226952a1f792d1ad921d2ae54ab6ab42
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jun 19 00:35:29 2015 +0200
s4:selftest: run rpc.echo tests also with krb5 krb5,sign krb5,seal
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit 69c1b4b7c10dd5fd9cacaa3a76c47bc854ee3fed
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jun 20 17:49:02 2015 +0200
s4:rpc_server: fix padding caclucation in dcesrv_auth_response()
This is simplified by using DCERPC_AUTH_PAD_LENGTH() and changes the
behaviour
so that we will use no padding if the stub_length is already aligned
to DCERPC_AUTH_PAD_ALIGNMENT (16 bytes).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 1bf7ab49b4459e81ab2b82d9668b3d7cb76372f4
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jun 20 17:47:14 2015 +0200
s4:rpc_server: let dcesrv_auth_response() handle sig_size == 0 with
auth_info as error
Don't send plaintext on the wire because of an internal error...
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11061
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 16f3837e026e4cae135bbdddf09b44a02af25b05
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jun 19 22:35:44 2015 +0200
s4:rpc_server: let dcesrv_reply() use a sig_size for a padded payload
The sig_size could differ depending on the aligment/padding.
So should use the same alignment as we use for the payload.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 3fbdb255e3ac7ad5261c5fa3836e4a38a0d59221
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jun 19 22:35:44 2015 +0200
s4:rpc_server: let dcesrv_reply() use
[SCM] Samba Shared Repository - annotated tag tevent-0.9.25 created
The annotated tag, tevent-0.9.25 has been created at bb74c4e83964d148752606e12aa3f3c7e4e7aa89 (tag) tagging d7bdb30cc1731dc84831e323332a85be2bccf6a7 (commit) replaces tdb-1.3.5 tagged by Stefan Metzmacher on Sat Jun 13 03:00:53 2015 +0200 - Log - tevent: tag release tevent-0.9.25 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJVe4DFAAoJEEeTkWETCEAlfPcIAJcvoPC614A4I3XD2yXjtysU MhuWJcidDXQbAtgVPE7om/3VBjAXizqw1+MgplbUDZxwIvGWww6/42ysQCG/zcrw +li7svRoCndZQ3L/TKJhlhRpnqOvbqnbNQmQQ2sId0oZmfnNr0YenxPgVOyxzOkd chV3gIut971y5Sue0LmpIaZ1GxInSz36QvFXk1aJmBo3TKk3f4xZWrSBXyK3Z7sw YuCxVOGF+rpUja6aOcOKvCfzmmMp+IjiRwGAY+fyYYKo0AOG7US9ferC+AFeDsvM TTgAxOQunhF+KpfE9E/Y9uGP9NjmuJsWcN3qB99caQCfVB2Q912TUvCdGXlTzrg= =iFhC -END PGP SIGNATURE- Adrian Cochrane (2): selftest: Apply rename filepath arguments so binary mapping doesn't have to. selftest: Remove binary mappings from the build system. Alexander Bokovoy (1): s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used Amitay Isaacs (10): ctdb-scripts: Add new configuration variable CTDB_MAX_OPEN_FILES ctdb-scripts: Run tdb checker under timeout command ctdb-daemon: Remove older data structure that supports only IPv4 addresses ctdb-daemon: Remove obsolete IPv4 only controls ctdb-recoverd/vacuum: Remove vacuum_info structure ctdb-recovered: Drop unused variable ctdb-locking: Set destructor when lock_context is created ctdb-locking: Avoid memory leak in the failure case ctdb-locking: Avoid resetting talloc destructor ctdb-locking: Add a comment to explain auto_mark usage Andreas Schneider (2): auth: Make sure error_string is not used uninitialized testparm: Add warning if the netbios name is too long Andrew Bartlett (15): s4-winbind: Correctly reject the unsupported WBFLAG_PAM_AUTH_PAC flag torture-winbind: Assert that the list of trusted domains is not NULL selftest: Run more winbind tests against more environments winbindd4: Force home directory in internal winbind to use a lower-case username selftest: Add tests for expected output of wbinfo -i and wbinfo --uid-info kcc: Wait until the samba_kcc script runs to declare success to the caller dsdb: Relax the check for the RID set DN samba_kcc: Do not catch all exceptions, we need the backtrace samba_kcc: Fix compile failures and correctly implement MS-ADTS 6.2.2.3.1 ISTG selection samba_kcc: Do not attempt to modify connections on a RODC, replicated attributes are read only samba_kcc: Fix use-before assignment samba_kcc: Ensure we bail out if s_dsa is None selftest: Force the KCC to run and another replication at rodc startup KCC: add --forced-local-dsa option for changing local dsa kcc: reduce brokenness of --import-lidf Christian Ambach (1): s3:param/loadparm fix testparm --show-all-parameters Christof Schmitt (11): idmap_rfc2307: Fix wbinfo --gid-to-sid query nsswitch: Extend idmap_rfc2307 testcase for reverse lookup docs: Reference ldap ssl options in idmap_rfc2307 manpage debug: Add definitions and macros for log levels debug: Change syslog priority mapping to match new log level macros smbd: Use new debug macros in kill-client-ip rpcclient: Add netshareadd command rpcclient: Add netsharedel command rpcclient: Add info level 1005 for netsharegetinfo rpcclient: Add netsharesetdfsflags command docs: Add missing SRVSVC entries in rpcclient manpage David Disseldorp (1): s3-libsmbclient: change vnum to 0.2.2 David Holder (3): Add IPv6 support to ADS client side LDAP connects. Corrected format for IPv6 LDAP URI. Signed-off-by: David Holder david.hol...@erion.co.uk Add IPv6 support for determining FQDN during ADS join. s3: IPv6 enabled DNS connections for ADS client Douglas Bagnall (264): s4-rpc_server/drsuapi: Fix timeouts on forwarded DsExecuteKCC IRPC call KCC: correct the comparison for lost link timeout KCC: Create Graphviz dot files showing network topology samba_kcc: add an option to set assumed current time KCC: highlight our deviation from the spec in color_vertices kcc: add labels to dot files kcc: Reduce code verbosity in dumpstr_* functions KCC: use more pythonic construct for get_current_replica samba_kcc: try to implement rep deletion in translate_ntdsconn() KCC: helper function to find config NC replica for a DSA KCC: improve log legibility with colour; make more dot graphs KCC: add comments, idiomatic changes to intrasite_graph code KCC: Add comments regarding time handling KCC: Comment noting verbose nature of construct_intrasite_graph() KCC: Write out more DOT files and debug KCC: more
[SCM] Samba Shared Repository - annotated tag tdb-1.3.6 created
The annotated tag, tdb-1.3.6 has been created
at d5301cbb0509b94552e66ad364271d9ed71c2e40 (tag)
tagging 4ddf78a282c85e84b6201a79b707fad9487f3ccd (commit)
replaces tevent-0.9.25
tagged by Stefan Metzmacher
on Sat Jun 13 03:01:41 2015 +0200
- Log -
tdb: tag release tdb-1.3.6
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAABAgAGBQJVe4D1AAoJEEeTkWETCEAl/K4H/0I79FcoOtmEZ4bRpR6gzBH2
ryYqN8+ucg+/k4p/lDTGvPcQybb3lvPxeRwfcvEfmDG5ySWAX6lptTfxw1sIHaHh
yFiusnqHJ5UiY5NFrAAcwyqgYpCaDWx7hYUyTS4z8A1yvl+8uBjHX27Ue2dxacap
JirS0P+VPTeSNt9QIsj9zSMS+xy+04JFMLLLcssgutyo76fWq+hV4ERbYSzSpljK
G/+V4b95VWy4/jcAfbcODO4fub8M56DX5WgxFHWsnZEYakqIDQgyCvxzkb6Mmk90
1nl8CHnvoXy85NPDXjj/0mNljm+GpuyyfKXCReoqm/bswMeY+6DsWyFwInE5Hko=
=mDlQ
-END PGP SIGNATURE-
Stefan Metzmacher (11):
s4:ntvfs/pyposix_eadb: fix initposix_eadb() prototype
pidl:Python: use discard_const() to pass a possible const pointer to
talloc_unlink()
pidl:Python: protect for loops against $length being an expression
instead of a scalar variable
pidl:NDR/Parser: protect for loops against $length being an expression
instead of a scalar variable
pidl:NDR/Parser: check [ref] pointers before pushing anything else
s3:pysmbd: #include Python.h must be the first include in order to
avoid compiler warnings
wafsamba: remove unused allow_warnings=True from SAMBA_PYTHON()
wafsamba: let CHECK_DECLS() find enum values
lib/replace: fix PTHREAD_MUTEX_ROBUST fallback to PTHREAD_MUTEX_ROBUST_NP
on solaris 11
lib/replace: remove unused
HAVE_DECL_PTHREAD_{MUTEXATTR_SETROBUST,MUTEX_CONSISTENT}_NP checks
tdb: version 1.3.6
---
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4ddf78a tdb: version 1.3.6
via 89dcfbf lib/replace: remove unused
HAVE_DECL_PTHREAD_{MUTEXATTR_SETROBUST,MUTEX_CONSISTENT}_NP checks
via 34cf1d2 lib/replace: fix PTHREAD_MUTEX_ROBUST fallback to
PTHREAD_MUTEX_ROBUST_NP on solaris 11
via ff072a6 wafsamba: let CHECK_DECLS() find enum values
via 86671db wafsamba: remove unused allow_warnings=True from
SAMBA_PYTHON()
via 70737dd s3:pysmbd: #include Python.h must be the first include in
order to avoid compiler warnings
via cf7e1c7 pidl:NDR/Parser: check [ref] pointers before pushing
anything else
via 3c97bfe pidl:NDR/Parser: protect for loops against $length being an
expression instead of a scalar variable
via 781cc3d pidl:Python: protect for loops against $length being an
expression instead of a scalar variable
via ad7148f pidl:Python: use discard_const() to pass a possible const
pointer to talloc_unlink()
via 3d7ce9d s4:ntvfs/pyposix_eadb: fix initposix_eadb() prototype
via d7bdb30 tevent: version 0.9.25
via 93ee074 pytevent: add a TeventTimer_Object_ref helper structure to
make the code clearer
via fb04f0f pytevent: remove const warnings using discard_const_p()
via 1a8a5ba pytevent: remove dead code TEVENT_DEPRECATED is never
defined
via 2216141 talloc:guide: fix documented signature of talloc_unlink().
via 66e96d9 talloc:manpage: fix documented signature of talloc_unlink().
via f5d74c2 talloc: sync the talloc_reference() description between
talloc_guide and manpage
via 1898200 ctdb-vacuum: revert Do not delete VACUUM MIGRATED records
immediately
via 53ff3e4 ctdb-ib: make sure the tevent_fd is removed before the fd
is closed
via 006042a libcli/smb: make sure we remove the writev_send() request
when a request is destroyed
via f3982eb libcli/smb: add smb1 requests to the pending array before
writev_send()
via 5933843 libcli/smb: make sure the writev_send of
smbXcli_conn_samba_suicide() is removed before closing the socket
via 8f42df2 libcli/smb: remove unused split of read_fd and write_fd
via 46e1aa2 libcli/smb: close the socket fd at the end of
smbXcli_conn_disconnect()
via 26c4b3f libcli/smb: use tevent_req_received(req) in read_smb_recv()
via 64640cc lib/async_req: remove the tevent_fd as early as possible
via a wait_for_read_cleanup() hook
via a2a7cbc lib/async_req: remove the tevent_fd as early as possible
via a read_packet_cleanup() hook
via 9a116b2 lib/async_req: use tevent_req_nomem/tevent_req_post in
read_packet_send()
via 4f05f68 lib/async_req: s/result/req/ in read_packet_send()
via 0c11096 lib/async_req: remove the tevent_fd as early as possible
via a writev_cleanup() hook
via d5a4b30 lib/async_req: simplify async_connect_* using a _cleanup()
hook
via be8c2ff lib/async_req: s/result/req/ in async_connect_send()
via ccd038e lib/async_req: remove unused sendto_{send,recv} and
recvfrom_{send,recv}
via a328291 s3:libsmb: convert nb_trans_send/recv internals to tdgram
via ecb4d04 s3:libsmb: convert nb_packet_reader to tstream_* functions
via 3ecf4ec s3:libsmb: convert nb_packet_client to tstream_* functions
via 9ccf8e6 s3:libsmb: let nb_packet_server_destructor() explicitly
destroy the tevent_fd
via 058d847 s3:libsmb: remove pending requests as early as possible via
a smbsock_any_connect_cleanup() hook
via 04f89d4 s3:libsmb: remove subreqs as early as possible via a
smbsock_connect_cleanup() hook
via 992be06 s3:libsmb: remove the cli_session_request as early as
possible via a nb_connect_cleanup() hook
via 0d161e4 s3:lib/addrchange: make use of tdgram_* in addrchange_*()
via 257bc58 s3:lib/addrchange: look at the correct nl_pid in
addrchange_done()
via 9d3444a s3:lib/background: make sure we destroy a pending
read_packet_send() before closing the pipe fd
via 0c108f5 s3:wscript: move lib/util_tsock.c from 'TLDAP' to
'samba3util'
via dd037b0 s4:libcli/raw: make sure smbcli_transport_connect_send/recv
correctly cleanup on error
via 36b97d0 lib/tsocket: add tdgram_inet_udp_broadcast_socket()
via 3a8b7b0 lib/tsocket: add tdgram_bsd_existing_socket() helper
function
via 44584f8 tevent.h: propose tstream_ versions of
read_packet_send/recv and writev_send/recv
via 88971d4 tevent/testsuite: make sure we cleanup tevent_fd structures
in the correct order
from b3a18d6 ctdb-locking: move all auto_mark logic into
process_callbacks()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4ddf78a282c85e84b6201a79b707fad9487f3ccd
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jun 12 09:10:39 2015 +0200
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 435ddd8 s3:winbindd: make sure we remove pending io requests before closing client sockets via 33ca017 tevent: add a note to tevent_add_fd() via eb029b3 s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used via 47a3f9c heimdal:lib/krb5: verify_logonname() to handle multi component principal from 88d1b44 autobuild: Add test for cross-compilation infrastructure https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 435ddd8223eaa6fafb62cead0399bdd042d998e8 Author: Stefan Metzmacher me...@samba.org Date: Mon May 18 13:17:40 2015 +0200 s3:winbindd: make sure we remove pending io requests before closing client sockets This avoids a crash inside the tevent epoll backend. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11141 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Wed May 20 22:16:54 CEST 2015 on sn-devel-104 commit 33ca0179ac091c8bb1c2b3fa7999cc5047d09a80 Author: Stefan Metzmacher me...@samba.org Date: Mon May 18 13:25:33 2015 +0200 tevent: add a note to tevent_add_fd() BUG: https://bugzilla.samba.org/show_bug.cgi?id=11141 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Jeremy Allison j...@samba.org commit eb029b32e95c9e7382488f3a1b033cdbe3237c1c Author: Alexander Bokovoy a...@samba.org Date: Wed May 20 11:17:38 2015 +0300 s4: libcli/finddcs_cldap: continue processing CLDAP until all addresses are used This is a subtle bug that causes CLDAP pings to fail if SRV records discovered cannot be resolved or connection to them cannot be established. The code that fires up CLDAP ping will silently cancel the whole tevent request without going to the next server in the queue. This may happen, for example, when connection to IPv6 addresses couldn't be established, or when IPv4 address is not online or blocked by firewall. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11284 Signed-off-by: Alexander Bokovoy a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 47a3f9cc5a1e3de5b7eadeae5c001863c2adca2b Author: Stefan Metzmacher me...@samba.org Date: Wed May 20 13:40:58 2015 + heimdal:lib/krb5: verify_logonname() to handle multi component principal FreeIPA can generate tickets with a client principal of 'host/hostname.example.com'. verify_logonname() should just verify the principal name in the PAC_LOGON_NAME is the same as the principal of the client principal (without realm) of the ticket. Samba commit b7cc8c1187ff967e44587cd0d09185330378f366 break this. We try to compare ['host']['hostname.example.com'] with ['host/hostname.example.com]' (as we interpret it as enterprise principal) this fail if we don't compare them as strings. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11142 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org --- Summary of changes: lib/tevent/tevent.h| 5 + source3/winbindd/winbindd.c| 26 ++ source3/winbindd/winbindd.h| 1 + source4/heimdal/lib/krb5/pac.c | 34 -- source4/libcli/finddcs_cldap.c | 42 -- 5 files changed, 84 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h index c54cbe2..6861ffb 100644 --- a/lib/tevent/tevent.h +++ b/lib/tevent/tevent.h @@ -176,6 +176,11 @@ void tevent_set_default_backend(const char *backend); * * @note To cancel the monitoring of a file descriptor, call talloc_free() * on the object returned by this function. + * + * @note The caller should avoid closing the file descriptor before + * calling talloc_free()! Otherwise the behaviour is undefined which + * might result in crashes. See https://bugzilla.samba.org/show_bug.cgi?id=11141 + * for an example. */ struct tevent_fd *tevent_add_fd(struct tevent_context *ev, TALLOC_CTX *mem_ctx, diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c index 87bc532..4ffe79c 100644 --- a/source3/winbindd/winbindd.c +++ b/source3/winbindd/winbindd.c @@ -824,6 +824,7 @@ static void request_finished(struct winbindd_cli_state *state) return; } tevent_req_set_callback(req, winbind_client_response_written, state); + state-io_req = req; } static void winbind_client_response_written(struct tevent_req *req) @@ -833,6 +834,8 @@ static void
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 4e1cc54 s3:tevent_wait: simplify the code by using tevent_req_defer_callback() via 9ee3422 s3:modules: remove unused allow_warnings=True for vfs_nfs4acl_xattr via dacc86e s3:vfs_nfs4acl_xattr: fix compiler warnings via 15d9374 s3:modules: remove unused allow_undefined_symbols=False from vfs_glusterfs via dfd245d s3:modules: remove unused allow_undefined_symbols=True from vfs_aio_* via 54f7672 s3:modules: remove unused allow_warnings=True for vfs_aio_fork via 54a80b3 s3:vfs_aio_fork: avoid -Wcast-qual warnings via 542a6d9 s3:modules: remove unused allow_warnings=True for vfs_preopen via 362288a s3:vfs_preopen: avoid compiler warnings via a2ead17 s3:modules: remove unused allow_warnings=True for vfs_unityed_media via 60bacae s3:wscript: remove unused uint[16,32] rpc.h checks from ffacfc1 auth: Make sure error_string is not used uninitialized https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 4e1cc54c222f6274f28fec39579655b62ab73f2c Author: Stefan Metzmacher me...@samba.org Date: Thu Sep 18 22:54:23 2014 +0200 s3:tevent_wait: simplify the code by using tevent_req_defer_callback() This way a user of this could also use tevent_req_error() or wrappers. Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Tue May 19 16:37:52 CEST 2015 on sn-devel-104 commit 9ee3422a7097b060592794e8953d1c59f2b6c3c2 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_warnings=True for vfs_nfs4acl_xattr Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit dacc86effb13bde19295860f6cf3ae411183e4db Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:29:59 2015 +0200 s3:vfs_nfs4acl_xattr: fix compiler warnings Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 15d937255ccda370a98b2fe23fa5be4eed28 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_undefined_symbols=False from vfs_glusterfs This is the default... Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit dfd245dc382279b9137925f5930dabf195f41310 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_undefined_symbols=True from vfs_aio_* Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 54f7672d72b278f3f019632676d116aa8ffcd51b Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_warnings=True for vfs_aio_fork Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 54a80b396c550eca19278c1ed557c0fd65115190 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:10:27 2015 +0200 s3:vfs_aio_fork: avoid -Wcast-qual warnings Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 542a6d9d0c36805f55d62316d0bfccddf2d287c2 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_warnings=True for vfs_preopen Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 362288a0a4d4ddc2cd8b0f4a5361778b6424027b Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:31:31 2015 +0200 s3:vfs_preopen: avoid compiler warnings Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit a2ead174b4ecd399c7dfd62be82a37ea2d0db5d1 Author: Stefan Metzmacher me...@samba.org Date: Fri Apr 10 11:12:04 2015 +0200 s3:modules: remove unused allow_warnings=True for vfs_unityed_media Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Ralph Boehme s...@samba.org Reviewed-by: Michael Adam ob...@samba.org commit 60bacae681d85fedb61c9cb08c65cc0b42487a6f Author: Stefan Metzmacher me...@samba.org Date: Mon May 18 15:00:14 2015 +0200 s3:wscript: remove unused uint[16,32] rpc.h checks Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Michael Adam ob...@samba.org --- Summary of changes: source3/lib/tevent_wait.c | 27 +++ source3/modules/vfs_aio_fork.c | 6 +++--- source3/modules/vfs_nfs4acl_xattr.c | 22 -- source3
[SCM] Samba Shared Repository - annotated tag tdb-1.3.5 created
The annotated tag, tdb-1.3.5 has been created at 897c98bc484c2d22e365b650e7f52fa830dba864 (tag) tagging 3f35c1d52ee77f7cabd52dd503565cec360f1de2 (commit) replaces talloc-2.1.2 tagged by Stefan Metzmacher on Wed Apr 29 11:25:51 2015 +0200 - Log - tdb: tag release tdb-1.3.5 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJVQKOfAAoJEEeTkWETCEAlLv8H/2Fz7gvazdeDLrm6fXNLdVoB eVMA0BXEa73Y+PXmWjABi4tt6/8p3ynZMtlXsK4WZcUuVKBZnneLEvC+VJJuceIq bKFMOFN6iw3KdXYDF6SgQjLzPT1nBngcuT2Pha7M8PLEtAtb8Cc09mGm9d5YVCSo +xKL+gsH1FEj7P+kuGu0VFe0BbYxH3EnfxVnRZnCnbgzCcNiJZ3P5OZC4cxMX28C lEIVf0gxV+ciA/hmI0SrwC75GodYLS2tSHjYLJVQ8isZ/Lob5aPDz3cOUVF26J20 JwZmV+n82ZONeLkF23fD6GamQY8ibqBjGfNsjW5HpQ3RhaZlt9jmLq3RI1NFPOk= =nrXn -END PGP SIGNATURE- Alexander Drozdov (2): tdb: introduce tdb_chainlock_read_nonblock(), a nonblock variant of tdb_chainlock_read() tdb: version 1.3.5 Amitay Isaacs (7): ctdb-scripts: Simplify 00.ctdb event script ctdb-tests: Avoid early exits in scripts that appear on tail of a pipe ctdb-recoverd: Fix typo in comment ctdb-daemon: Drop tunable that is no longer in use ctdb-scripts: Use tcp connection for checking RPC services ctdb-tests: Switch to tcp check in rpcinfo stub tdb: Do not build test binaries if it's not a standalone build Andreas Schneider (21): replace: Remove superfluous check for gcrypt header. selftest: Add missing variable to @exported_envvars YouCompleteMe: Add missing path. dlz_bind9: Fix keytab location. s3-winbind: Correct debug message for starting winbind. kdc-db-glue: Fix a NULL pointer dereference. kdc-db-glue: Fix function format of samba_kdc_message2entry() kdc-db-glue: Fix memory cleanup to avoid crashes. kdc-db-glue: Do not allocate memory for the principal kdc-db-glue: Remove unused code. torture: Fix the usage of the MEMORY credential cache. Revert lib: tdb: Use sigaction when testing for robust mutexes. s4-gensec: Check if we have delegated credentials. s4-process_model: Do not close random fds while forking. s4-process_model: Panic if the standard init function fails s3-passdb: Fix 'force user' with winbind default domain waf: Fix systemd detection rpcclient: Fix the timeout command torture: Correctly invalidate the memory ccache. torture: Free the temporary memory context s4-setup: Add saltPrincipal to secrets_dns.ldif Andrew Bartlett (34): kdc: Fix S4U2Self handling with KRB5_NT_ENTERPRISE_PRINCIPAL containing a UPN torture-krb5: Add an initial test for s4u2self behaviour auth/kerberos: Do a string comparison in kerberos_decode_pac() not a principal comparison auth/kerberos: Use KRB5_PRINCIPAL_UNPARSE_DISPLAY in kerberos_create_pac() torture-krb5: Test accepting the ticket to ensure PAC is well-formed dsdb: Allow spaces in userPrincipalName values selftest: Change testsuite to use a UPN with a space in it dsdb: Ensure we cope with a samAccountName with a space in it in DsCrackName() kdc: Ensure we cope with a samAccountName with a space in it selftest: Change testsuite to use a samAccountName with a space in it lib/tls: Fix behaviour of --disable-gnutls and remove link to gcrypt backupkey: Explicitly link to gnutls and gcrypt pygensec: Add bindings for gensec_set_target_service and gensec_set_target_hostname selftest: Fix comments in provision_promoted_dc s4-process_model: Remove prefork and onefork dsdb-repl: Always set DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING when we are an RODC selftest: Run LOCAL-WBCLIENT against a test environment, not none torture3: Rename LOCAL-WBCLIENT to WBCLIENT-MULTI-PING samba-tool drs: Ensure we do not replicate all secrets to an RODC, even with --local smb.conf.5: Mark dgram port and nbt port as deprecated param: Use IDL-based constants for NBT and NBT dgram ports Do not use popt_common.h in dlz_bind9 s4-process_standard: Remove signal(SIGCHLD, SIG_IGN) lib/util: Make ECHILD in samba_runcmd_io_handler an error build: Add talloc and samba-debug dep for gensec_external module dsdb-tests: Give more helpful information about attribute differences backupkey: Use ndr_pull_struct_blob_all() torture-lsa: Allow rpc.lsa.trusted.domains to run successfully torture: Run lsa.trusted.domains auth tests against samba4 autobuild: Do not wait when running just one target .gitignore: Ignore pidl/MYMETA.json Improve output of check-clean-tree.sh script autobuild: Do not consider IDL.pm and Expr.pm changes to make a build bad autobuild: Add options to set mail host and send e-mail with logs Anoop C S (5): libnetapi: Fix CID 1272947 Fix logically dead code
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 0c6c081 s4:torture/winbind: add
torture:winbindd_domain_without_prefix option
via 86f29d6 s4:torture/local: add more torture_assert() checks
via 85827c5 selftest/Samba4: use 'testallowed account' instead of 'test
allowed'
via ff5f466 selftest/knownfail: remove unused
^samba4.winbind.struct.show_sequence\(ad_dc\) line
from 2bca4cd rpcclient: Fix the timeout command
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 0c6c081dc4e743c142a59d90c9e7f5b6e4cf5bd1
Author: Stefan Metzmacher me...@samba.org
Date: Sat Mar 28 10:04:30 2015 +0100
s4:torture/winbind: add torture:winbindd_domain_without_prefix option
We should not assume that names in the domain
specified by 'torture:winbindd_netbios_domain' have no DOMAIN\ prefix.
On an AD DC we prefix all principals.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11183
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Apr 9 19:35:38 CEST 2015 on sn-devel-104
commit 86f29d62a6ebb6c0245c07a9d8e7524ac0b93940
Author: Stefan Metzmacher me...@samba.org
Date: Sun Mar 29 11:21:16 2015 +0200
s4:torture/local: add more torture_assert() checks
We need to make sure we return when torture_assert_passwd_equal()
or torture_assert_group_equal() fails.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11183
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit 85827c5292fca0eef565b0361948405aa662c59b
Author: Stefan Metzmacher me...@samba.org
Date: Sun Mar 29 11:15:29 2015 +0200
selftest/Samba4: use 'testallowed account' instead of 'test allowed'
local.nss test might print lines starting with 'test allowed:...'
and that confused the subunit parser.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
commit ff5f46682566452dc28123e052bb32216ebf1e14
Author: Stefan Metzmacher me...@samba.org
Date: Sat Mar 28 10:07:41 2015 +0100
selftest/knownfail: remove unused
^samba4.winbind.struct.show_sequence\(ad_dc\) line
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
---
Summary of changes:
selftest/knownfail | 1 -
selftest/target/Samba4.pm | 17 ++-
source4/selftest/tests.py | 6 +-
source4/torture/local/nss_tests.c | 255 +++--
source4/torture/winbind/struct_based.c | 8 +-
5 files changed, 164 insertions(+), 123 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index c16e916..d4a6923 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -241,7 +241,6 @@
#
# The Samba4 winbind does not cover the full winbind protocol, so these are
expected
#
-^samba4.winbind.struct.show_sequence\(ad_dc\)
^samba.blackbox.wbinfo\(ad_dc_ntvfs:local\).wbinfo -N against ad_dc_ntvfs
^samba.blackbox.wbinfo\(ad_dc_ntvfs:local\).wbinfo -I against ad_dc_ntvfs
^samba.blackbox.wbinfo\(ad_dc_ntvfs:local\).wbinfo --trusted-domains against
ad_dc_ntvfs
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 9d765c4..26f6dda 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -816,8 +816,9 @@ sub provision_raw_step2($$$)
return undef;
}
+ my $testallowed_account = testallowed;
my $samba_tool_cmd = Samba::bindir_path($self, samba-tool)
- . user add --configfile=$ctx-{smb_conf} testallowed
$ctx-{password};
+ . user add --configfile=$ctx-{smb_conf} $testallowed_account
$ctx-{password};
unless (system($samba_tool_cmd) == 0) {
warn(Unable to add testallowed user: \n$samba_tool_cmd\n);
return undef;
@@ -830,12 +831,13 @@ sub provision_raw_step2($$$)
$base_dn = DC=$ctx-{netbiosname};
}
- my $user_dn = cn=testallowed,cn=users,$base_dn;
+ my $user_dn = cn=$testallowed_account,cn=users,$base_dn;
+ $testallowed_account = testallowed account;
open(LDIF, |$ldbmodify -H $ctx-{privatedir}/sam.ldb);
print LDIF dn: $user_dn
changetype: modify
replace: samAccountName
-samAccountName: test allowed
+samAccountName: $testallowed_account
-
;
close(LDIF);
@@ -869,9 +871,9 @@ userPrincipalName: testdenied_upn\@$ctx-{realm}.upn
close(LDIF);
$samba_tool_cmd = Samba::bindir_path($self, samba-tool)
- . group addmembers --configfile=$ctx-{smb_conf} 'Allowed RODC
Password Replication Group' 'test allowed
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via c07a54b torture: Fix the usage of the MEMORY credential cache. via a9bcc86 kdc-db-glue: Remove unused code. via b21b2d5 kdc-db-glue: Do not allocate memory for the principal via aa1431e kdc-db-glue: Fix memory cleanup to avoid crashes. via 6ada266 kdc-db-glue: Fix function format of samba_kdc_message2entry() via b9072d9 kdc-db-glue: Fix a NULL pointer dereference. via 13cd1d5 s4-kdc/db_glue: bad idea to free parent mem_ctx when sub function got a failure. via 6d6712f s4-kdc/pac_glue: only include required headers. via c5965c4 s4-kdc/pac_glue: use ENCTYPE_ARCFOUR_HMAC just like in db_glue. via e49802a s4-kdc/db-glue: use krb5_copy_data_contents in samba_kdc_message2entry_keys(). via 51191bd s4-kdc/pac_glue: use krb5_copy_data_contents in samba_make_krb5_pac(). via c5eb9b3 s4-kdc/db_glue: use KRB5_PW_SALT instead of hdb type. via 683ba8a s4-kdc/db_glue: use smb_krb5_principal_get_type() to access private members via 3ee26c4 s4-kdc/db_glue: use KRB5_KEY_TYPE to access private key members. via 0163c94 s4-kdc/db_glue: use time_t directly instead of KerberosTime. via 668f1e9 s4-kdc/db_glue: use krb5_principal_get_comp_string() to access members of private structs. via 75602bf s4-kdc/db_glue: use krb5_princ_size() instead of inspecting private structs. via 10a06fc s4-kdc/db_glue: use smb_krb5_principal_get_realm(). via 8b2cada s4:kdc/db-glue: pass a valid principal from samba_kdc_seq() to samba_kdc_message2entry() via 463be9f s4-kdc/db_glue: use smb_krb5_principal_set_realm(). via b705ec9 s4-kdc/db_glue: use krb5_copy_principal(). via 7296f1b s4-kdc/db_glue: use smb_krb5_make_principal(). via 2b29bfe s4-kdc/db_glue: use smb_krb5_keyblock_init_contents(). via 07edd10 s4-kdc/db_glue: no need to include kdc/kdc-glue.h header here. via 2f6cdbb s4-kdc/db_glue: no need to NULL entry_ex-entry.generation. via b74413b s4-kdc/db_glue: remove unused hdb_entry_ex from samba_kdc_seq(). via d823885 s4-kdc/db_glue: fix Debug messages. via 9713734 s4-kdc/pac-glue: use kerberos_free_data_contents(). via 1e9e40e s4-libnet: only build python_dckeytab when heimdal is available. via ad0fd58 s4-rpc_server: only build backup_key rpc service when Heimdal is available. via 2ad3dcc s4-dsdb/samdb: use abstract functions for MIT compatibility. via d86f7b9 s3-winbind: Correct debug message for starting winbind. via 8a5db7d dlz_bind9: Fix keytab location. via 10a135a YouCompleteMe: Add missing path. from 1fc1dfe s4:torture/libnetapi: remove allow_warnings=True https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c07a54b2941c0d5dc69eb435405daddac1b994bf Author: Andreas Schneider a...@samba.org Date: Thu Feb 26 17:03:44 2015 +0100 torture: Fix the usage of the MEMORY credential cache. Pair-Programmed-With: Guenther Deschner g...@samba.org Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Andreas Schneider a...@samba.org Signed-off-by: Guenther Deschner g...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Mar 21 02:03:34 CET 2015 on sn-devel-104 commit a9bcc86504971e6c30d782364f912e95eff2e93f Author: Andreas Schneider a...@samba.org Date: Wed Feb 25 11:57:23 2015 +0100 kdc-db-glue: Remove unused code. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit b21b2d596ebc0a11b3f8c19de0498cc8c0783655 Author: Andreas Schneider a...@samba.org Date: Wed Feb 25 11:56:34 2015 +0100 kdc-db-glue: Do not allocate memory for the principal The function we are calling already allocate memory. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit aa1431e53febdeb80d2c93f6e330fbaedb607ba3 Author: Andreas Schneider a...@samba.org Date: Wed Feb 25 11:55:43 2015 +0100 kdc-db-glue: Fix memory cleanup to avoid crashes. Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 6ada266dcf8e6e33a5f58afc0568db540b7430cc Author: Andreas Schneider a...@samba.org Date: Wed Feb 25 11:54:52 2015 +0100 kdc-db-glue: Fix function format of samba_kdc_message2entry() Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit b9072d974131de613949e368ada5e5d754375007 Author: Andreas Schneider a...@samba.org Date: Wed Feb 25 11:52:45 2015 +0100 kdc-db-glue: Fix a NULL pointer dereference. Signed-off-by: Andreas Schneider
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8421c40 s4:kdc: fix realm for outgoing trusts in
samba_kdc_trust_message2entry()
from 9d0f7e1 selftest: the drs.delete_object is currently flakey.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8421c403e206a8eb1b55ce512e6d2d4174bed0ac
Author: Stefan Metzmacher me...@samba.org
Date: Sun Mar 15 22:25:49 2015 +0100
s4:kdc: fix realm for outgoing trusts in samba_kdc_trust_message2entry()
This is a regression introduced in commit
8dd37327b02eaea33915a9cd206667981b8df872.
Now we change 'realm' before calling
ret = krb5_principal_set_realm(context, entry_ex-entry.principal, realm);
as before commit 8dd37327b02eaea33915a9cd206667981b8df872.
Without this we'd set entry_ex-entry.principal to
krbtgt/doma.example@doma.example.com instead
of krbtgt/doma.example@domb.example.com,
while we use krbtgt/doma.example@domb.example.com as
salt for the keys.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Mar 18 18:56:51 CET 2015 on sn-devel-104
---
Summary of changes:
source4/kdc/db-glue.c | 53 +--
1 file changed, 26 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 8f2b361..bc82482 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -965,6 +965,32 @@ static krb5_error_code
samba_kdc_trust_message2entry(krb5_context context,
supported_enctypes);
}
+ trust_direction_flags = ldb_msg_find_attr_as_int(msg, trustDirection,
0);
+
+ if (direction == INBOUND) {
+ password_val = ldb_msg_find_ldb_val(msg, trustAuthIncoming);
+
+ } else { /* OUTBOUND */
+ dnsdomain = ldb_msg_find_attr_as_string(msg, trustPartner,
NULL);
+ /* replace realm */
+ realm = strupper_talloc(mem_ctx, dnsdomain);
+ password_val = ldb_msg_find_ldb_val(msg, trustAuthOutgoing);
+ }
+
+ if (!password_val || !(trust_direction_flags direction)) {
+ krb5_clear_error_message(context);
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ ndr_err = ndr_pull_struct_blob(password_val, mem_ctx, password_blob,
+
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ krb5_clear_error_message(context);
+ ret = EINVAL;
+ goto out;
+ }
+
p = talloc(mem_ctx, struct samba_kdc_entry);
if (!p) {
ret = ENOMEM;
@@ -1023,33 +1049,6 @@ static krb5_error_code
samba_kdc_trust_message2entry(krb5_context context,
entry_ex-entry.valid_start = NULL;
- trust_direction_flags = ldb_msg_find_attr_as_int(msg, trustDirection,
0);
-
- if (direction == INBOUND) {
- password_val = ldb_msg_find_ldb_val(msg, trustAuthIncoming);
-
- } else { /* OUTBOUND */
- dnsdomain = ldb_msg_find_attr_as_string(msg, trustPartner,
NULL);
- /* replace realm */
- realm = strupper_talloc(mem_ctx, dnsdomain);
- password_val = ldb_msg_find_ldb_val(msg, trustAuthOutgoing);
- }
-
- if (!password_val || !(trust_direction_flags direction)) {
- krb5_clear_error_message(context);
- ret = HDB_ERR_NOENTRY;
- goto out;
- }
-
- ndr_err = ndr_pull_struct_blob(password_val, mem_ctx, password_blob,
-
(ndr_pull_flags_fn_t)ndr_pull_trustAuthInOutBlob);
- if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- krb5_clear_error_message(context);
- ret = EINVAL;
- goto out;
- }
-
-
/* we need to work out if we are going to use the current or
* the previous password hash.
* We base this on the kvno the client passes in. If the kvno
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 908b1f9 passdb: Fix the O3 developer build
from 143e7d3 lib/util: Make ECHILD in samba_runcmd_io_handler an error
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 908b1f9634353e0989c91abc7de11ffc5732552b
Author: Volker Lendecke v...@samba.org
Date: Mon Mar 16 07:45:28 2015 +0100
passdb: Fix the O3 developer build
Signed-off-by: Volker Lendecke v...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Mar 17 11:29:38 CET 2015 on sn-devel-104
---
Summary of changes:
source3/passdb/pdb_interface.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index b8247f2..3a3fe2e 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1505,8 +1505,8 @@ static bool pdb_default_sid_to_id(struct pdb_methods
*methods,
if (sid_peek_check_rid(get_global_sam_sid(), sid, rid)) {
const char *name;
enum lsa_SidType type;
- uid_t uid;
- gid_t gid;
+ uid_t uid = (uid_t)-1;
+ gid_t gid = (gid_t)-1;
/* Here we might have users as well as groups and aliases */
ret = lookup_global_sam_rid(mem_ctx, rid, name, type, uid,
gid);
if (ret) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag talloc-2.1.2 created
The annotated tag, talloc-2.1.2 has been created at 05721cae0d9a1ea0ef13834e92389da7a14e8dcc (tag) tagging 7bef5e4f0e5ff4a4187f3d63e51a1725ff32b771 (commit) replaces tevent-0.9.24 tagged by Stefan Metzmacher on Tue Mar 10 13:29:09 2015 +0100 - Log - talloc: tag release talloc-2.1.2 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJU/uOVAAoJEEeTkWETCEAl65EH/3yjGs8TOle2MrA/wC2cFJZH HCa+nCKQ9RrYwZRfrjahhOSbNRkRwIXJuxTXzTrTZx7L36kUkZFPFOk/lH5YiJFg FHvLQBudgNABR+JPmH181NkZGfO2Xwu3sMbCnt06k1rIwMfyUAPtKY3DOBaglebq 40iD62JZ6ywZuSkyNWcNu0X4z54oyLwHmymEJDujJjon5T1bA/YG0N7tvN2pOWQm yvC68LCcEqru618iWyMfNcvNnl4ZIczbl3+ty2nVlS9kzgGwkjMomgMjfO7WRCA/ R0grCSkxY/1fcQiyTIegxZucSVvKf9VB5zrb1CugTB+52JiI5ETn+BHaXzVhNYY= =1zAl -END PGP SIGNATURE- Amitay Isaacs (4): ctdb-build: Specify absolute path to libsocket-wrapper.so ctdb-scripts: Add a 'rm' stub so statd-callout tests work correctly ctdb-tests: Correctly cascade test failures from the end of pipes ctdb-locking: Back-off from logging every 10 seconds Andrew Bartlett (4): samba-tool: Add -P to options.CredentialsOptions s4-lib/cmdline: Fix help for -P / --machine-pass: this no longer implies -k selftest: Improve renamedcs test provision: Give a more helpful message when find_provision_key_parameters() fails Björn Jacke (1): printing: increse log level for unreachable cups servers David Disseldorp (1): torture/fsrvp: remove verification trailer magic field Jelmer Vernooij (50): Add simple subunit runner outputting subunit v1. selftest/tests/*.py: remove use of testtools. subunitrun: Use new samba.subunit.run module. subunitrun: Update instructions for running subunit tests. Use samba.subunit.run to run subunit tests. Fix copyright headers for python/samba/subunit. Use Samba-only subunit module in selftest/tests/. Use samba.subunit in selftest/selftest.py. Add RemoteTestCase and RemoteError to samba.subunit. Use samba.subunit in selftest.subunithelper, except for iso8601. Fix handling of unexpected failures in subunithelper. Inline outputting of subunit in libtorture. Add basic tap2subunit converter, rather than relying on the one from subunit-tools. Set default testRunner rather than requiring the user pass it in. test_duplicate_symbol: Use Samba subunit emitter. test_samba3dump: Use Samba subunit emitter. show_test_time: Use system subunit. tests/sam: Remove unnecessary calls for third party module imports. filter-subunit: Remove import of unnecessary third party modules testtools and subunit. format-subunit: Remove import of unnecessary third party modules testtools and subunit. Use iso8601 from the system, rather than the one bundled with subunit. Avoid importing TestCase and TestSkipped from testtools. Rename TestSkipped to Skiptest, consistent with Python 2.7. subunithelper: Fix progress support. Import UTC definition from utc8601 module. Bundle pyiso8601 for iso8601 time/date manipulation. Support using third party iso8601 module if system doesn't provide one. Remove unnecessary python path updates for bundled subunit/testtools. Remove bundled subunit. Remove bundled testtools. Remove unused bundled python-extras module. Remove bundled but unused mimeparse. Remove 'external' python module support code - use the third_party directory instead. Set failfast property for test reporters that need it. Fix use of iso8601.Utc. Drop support for failfast mode, rather than adding support for it everywhere. Build python-ntdb bindings if ntdb was found but python-ntdb was not. Fix use of TestCase.skipTest on python2.6 now that we no longer use testtools. Add custom implementations of TestCase.assertIs and TestCase.assertIsNot, for Python2.6. Add replacement addCleanup. Use Samba TestCase class, as the python 2.6 one doesn't have assertIs, assertIsInstance or addCleanup. Provide TestCase.assertIsInstance for python 2.7. Use samba TestCase so we get all compatibility functions on Python 2.7. TestCase.addUnexpectedSuccess doesn't take an error. Run cleanup after tearDown, for consistency with Python = 2.7. Remove another call to addUnexpectedSuccess with too many arguments. Handle skips when running on python2.6. Implement assertIsNone for Python 2.7. Implement TestCase.assertIn for older versions of Python. Implement TestCase.assertIsNotNone for python 2.7. Jeremy Allison (3): lib: talloc: Fix bug when calling a destructor. lib: talloc: Allow destructors to reparent the object they're called on. lib: talloc: Test suite for the new destructor reparent logic. Martin Schwenke (11
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 02f6cfd torture-krb5: Add an initial test for s4u2self behaviour
via a1ddee8 kdc: Fix S4U2Self handling with
KRB5_NT_ENTERPRISE_PRINCIPAL containing a UPN
via 7bef5e4 talloc: version 2.1.2
via 3929abf talloc: fix _talloc_total_limit_size prototype
from 6b0cece lib: talloc: Test suite for the new destructor reparent
logic.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 02f6cfd14c8ac15b5d8a55783bb98a87557394d5
Author: Andrew Bartlett abart...@samba.org
Date: Mon Mar 9 11:12:01 2015 +1300
torture-krb5: Add an initial test for s4u2self behaviour
This test only checks for S4U2Self of the same user, but shows
that a user account is not a valid service for this purpose.
Andrew Bartlett
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Mar 9 12:10:09 CET 2015 on sn-devel-104
commit a1ddee8d2f9e58e04f3203db9afa576354dd2079
Author: Andrew Bartlett abart...@samba.org
Date: Mon Mar 9 16:00:56 2015 +1300
kdc: Fix S4U2Self handling with KRB5_NT_ENTERPRISE_PRINCIPAL containing a
UPN
This is now handled properly by samba_kdc_lookup_server() and this wrapper
actually
breaks things.
Andrew Bartlett
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 7bef5e4f0e5ff4a4187f3d63e51a1725ff32b771
Author: Stefan Metzmacher me...@samba.org
Date: Mon Mar 9 09:07:24 2015 +0100
talloc: version 2.1.2
Changes:
- Allow destructors to reparent the object
- Allow destructors to remove itself
- Build improvements
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 3929abfc6b5a3ae8a27da57d4dbee9524e3585e3
Author: Stefan Metzmacher me...@samba.org
Date: Tue Jan 27 13:07:34 2015 +0100
talloc: fix _talloc_total_limit_size prototype
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
---
Summary of changes:
...loc-util-2.0.6.sigs = pytalloc-util-2.1.2.sigs} | 0
.../ABI/{talloc-2.1.0.sigs = talloc-2.1.2.sigs}| 0
lib/talloc/talloc.c | 2 +-
lib/talloc/wscript | 2 +-
source4/kdc/db-glue.c | 21 -
source4/torture/krb5/kdc-canon.c| 18 +++---
6 files changed, 17 insertions(+), 26 deletions(-)
copy lib/talloc/ABI/{pytalloc-util-2.0.6.sigs = pytalloc-util-2.1.2.sigs}
(100%)
copy lib/talloc/ABI/{talloc-2.1.0.sigs = talloc-2.1.2.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/talloc/ABI/pytalloc-util-2.0.6.sigs
b/lib/talloc/ABI/pytalloc-util-2.1.2.sigs
similarity index 100%
copy from lib/talloc/ABI/pytalloc-util-2.0.6.sigs
copy to lib/talloc/ABI/pytalloc-util-2.1.2.sigs
diff --git a/lib/talloc/ABI/talloc-2.1.0.sigs b/lib/talloc/ABI/talloc-2.1.2.sigs
similarity index 100%
copy from lib/talloc/ABI/talloc-2.1.0.sigs
copy to lib/talloc/ABI/talloc-2.1.2.sigs
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index 46f10f4..c10fd53 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -1064,7 +1064,7 @@ static inline int _talloc_free_internal(void *ptr, const
char *location)
return 0;
}
-static size_t _talloc_total_limit_size(const void *ptr,
+static inline size_t _talloc_total_limit_size(const void *ptr,
struct talloc_memlimit *old_limit,
struct talloc_memlimit *new_limit);
diff --git a/lib/talloc/wscript b/lib/talloc/wscript
index 986492c..97c52c3 100644
--- a/lib/talloc/wscript
+++ b/lib/talloc/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'talloc'
-VERSION = '2.1.1'
+VERSION = '2.1.2'
blddir = 'bin'
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index aa73641..0bc907e 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -1839,7 +1839,6 @@ samba_kdc_check_s4u2self(krb5_context context,
krb5_const_principal target_principal)
{
krb5_error_code ret;
- krb5_principal enterprise_prinicpal = NULL;
struct ldb_dn *realm_dn;
struct ldb_message *msg;
struct dom_sid *orig_sid;
@@ -1857,30 +1856,10 @@ samba_kdc_check_s4u2self(krb5_context context,
return ret;
}
- if (target_principal-name.name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
- /* Need to reparse the enterprise principal to find the real
target */
- if (target_principal-name.name_string.len != 1
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5b3c71c provision: Give a more helpful message when find_provision_key_parameters() fails via 6fe8cd2 selftest: Improve renamedcs test via 477fce1 s4-lib/cmdline: Fix help for -P / --machine-pass: this no longer implies -k via 63dbf43 samba-tool: Add -P to options.CredentialsOptions from 90d03a6 heimdal: Fix CID 1273430 Double free https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5b3c71cd9c4d20a04f7505ad904f95d0ecf5ac2e Author: Andrew Bartlett abart...@samba.org Date: Mon Mar 2 13:22:37 2015 +1300 provision: Give a more helpful message when find_provision_key_parameters() fails Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Fri Mar 6 20:11:52 CET 2015 on sn-devel-104 commit 6fe8cd2fdfa770ceaa4ad87002db9cdc029dd532 Author: Andrew Bartlett abart...@samba.org Date: Fri Feb 27 15:56:22 2015 +1300 selftest: Improve renamedcs test Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 477fce1f395917616cd2eb144da8571e994382e7 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 26 12:24:21 2015 +1300 s4-lib/cmdline: Fix help for -P / --machine-pass: this no longer implies -k Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 63dbf4388a53016a110bd02a31c46e0210eda463 Author: Andrew Bartlett abart...@samba.org Date: Thu Feb 26 12:23:55 2015 +1300 samba-tool: Add -P to options.CredentialsOptions This matches our other binaries, and allows samba-tool commands to run with the machine account. Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org --- Summary of changes: python/samba/getopt.py | 26 +- python/samba/provision/__init__.py | 7 +-- source4/lib/cmdline/popt_credentials.c | 2 +- testprogs/blackbox/renamedc.sh | 10 ++ 4 files changed, 37 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/getopt.py b/python/samba/getopt.py index c3c0800..0f97658 100644 --- a/python/samba/getopt.py +++ b/python/samba/getopt.py @@ -126,8 +126,9 @@ class CredentialsOptions(optparse.OptionGroup): Command line options for specifying credentials. def __init__(self, parser): -self.no_pass = True +self.ask_for_password = True self.ipaddress = None +self.machine_pass = False optparse.OptionGroup.__init__(self, parser, Credentials Options) self.add_option(--simple-bind-dn, metavar=DN, action=callback, callback=self._set_simple_bind_dn, type=str, @@ -140,8 +141,9 @@ class CredentialsOptions(optparse.OptionGroup): self.add_option(-W, --workgroup, metavar=WORKGROUP, action=callback, type=str, help=Workgroup, callback=self._parse_workgroup) -self.add_option(-N, --no-pass, action=store_true, -help=Don't ask for a password) +self.add_option(-N, --no-pass, action=callback, +help=Don't ask for a password, +callback=self._set_no_password) self.add_option(-k, --kerberos, metavar=KERBEROS, action=callback, type=str, help=Use Kerberos, callback=self._set_kerberos) @@ -149,17 +151,29 @@ class CredentialsOptions(optparse.OptionGroup): action=callback, type=str, help=IP address of server, callback=self._set_ipaddress) +self.add_option(-P, --machine-pass, +action=callback, +help=Use stored machine account password, +callback=self._set_machine_pass) self.creds = Credentials() def _parse_username(self, option, opt_str, arg, parser): self.creds.parse_string(arg) +self.machine_pass = False def _parse_workgroup(self, option, opt_str, arg, parser): self.creds.set_domain(arg) def _set_password(self, option, opt_str, arg, parser): self.creds.set_password(arg) -self.no_pass = False +self.ask_for_password = False +self.machine_pass = False + +def _set_no_password(self, option, opt_str, arg, parser): +self.ask_for_password = False + +def _set_machine_pass(self, option, opt_str, arg, parser): +self.machine_pass = True def _set_ipaddress(self, option, opt_str, arg, parser
[SCM] Samba Shared Repository - annotated tag tevent-0.9.24 created
The annotated tag, tevent-0.9.24 has been created at 8a71af2eecea3a3d3d9bcb3844db105c2db337c5 (tag) tagging 89788dd3193633f5e88ff194219ad838dcdfab96 (commit) replaces tevent-0.9.23 tagged by Stefan Metzmacher on Wed Mar 4 10:41:03 2015 +0100 - Log - tevent: tag release tevent-0.9.24 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJU9tMvAAoJEEeTkWETCEAlNGEH/2ow6aW97k+vL7BeeYphze5z /XoOiYbYbSXNhPX52oLcjm6nuyKv9493+5FcaLdRl2LIZhG2pKlXUqoYN7DIW21o 9hWGxq/rELyYfPIRSmFhf6Cqh3Pu8mENY3GljseSVSk+nshdcY4BkUQcQwyabbpD VJeUJnzqwzsgduTPmGQldi0DyMOhsIO5Ev207Mr7TM2FnIRaJjX78Q5cMCEC73I1 jJIxi5PqpJlDbkTGbJsQlzeCOAoxJeJOJcvE5VSskfv4J3u4MFTafowuwxi1dNkz C7a8Hz2qUxixsgTi0DiIc9jGLWAWT1vGnkZ646NmhRf/lHUsGtpF8h4iXSCkqG8= =wqVj -END PGP SIGNATURE- Amitay Isaacs (1): lib/util: Build iov_buf library only when building samba Andreas Schneider (1): doc-xml: Add 'sharesec' reference to 'access based share enum' Christof Schmitt (31): gpfs: Always use gpfs_fcntl.h headerfile gpfs: Look for gpfs header files also in /usr/lpp/mmfs/include/ gpfs: Remove search for libgpfs_gpl.so gpfs: Simplify initialization for gpfs library wrapper gpfs: Introduce wrapper for gpfs_set_share gpfs: Introduce wrapper for gpfs_set_lease gpfs: Rename wrapper for gpfs_getacl gpfs: Rename wrapper for gpfs_putacl gpfs: Rename wrapper for gpfs_get_realfilename_path gpfs: Rename wrapper for gpfs_set_winattrs_path gpfs: Rename wrapper for gpfs_get_winattrs_path gpfs: Rename wrapper for gpfs_get_winattrs gpfs: Rename wrapper for gpfs_prealloc gpfs: Rename wrapper for gpfs_ftruncate gpfs: Rename wrapper for gpfs_lib_init gpfs: Introduce wrapper for gpfs_set_times_path gpfs: Introduce wrapper for gpfs_quotactl gpfs: Introduce wrapper for gpfs_fcntl gpfs: Introduce wrapper for gpfs_getfilesetid gpfs: Move set_gpfs_sharemode to vfs_gpfs.c gpfs: Move set_gpfs_lease to vfs_gpfs.c gpfs: Move get_gpfs_quota to vfs_gpfs.c gpfs: Move get_gpfs_fset_id to vfs_gpfs.c gpfs: Move smbd_gpfs_set_times_path to vfs_gpfs.c gpfs: Move definition of GPFS_GETACL_NATIVE to vfs_gpfs.c gpfs: Include gpfs_fcntl.h only from vfs_gpfs header file gpfs: Move DBGC_CLASS definition below includes gpfs: Remove unncessary includes from gpfs.c gpfs: Update file headers gpfs: Rename library wrapper to gpfswrap gpfs: Add include guard to gpfswrap.h David Disseldorp (2): selftest: shuffle msdfs-share DFS referral responses tevent: version 0.9.24 Günther Deschner (2): s4-torture: re-add nss-wrapper torture testsuite. s4-torture: cleanup nsswrapper test a little by removing nwrap references. Jeremy Allison (1): tevent: Ignore unexpected signal events in the same way the epoll backend does. Michael Adam (1): selftest: re-enable nsswrapper integration testing for dc and member environments. Petr Viktorin (9): pyldb: Correct reference counting when returning bools pyldb: Use the Py_TYPE macro pyldb: Properly preallocate result control list pyldb: Remove use of staticforward macro pyldb: Fix reference leaks pyldb: Type-check arguments parsed with PyArg_ParseTuple* pyldb: Better error reporting pyldb: Report errors converting controls list to char** pyldb: Add tests for type errors Robin McCorkell (1): MSDFS referral shuffling Volker Lendecke (11): libsmb: Make ip_service_compare static lib: Fix talloc hierarchy in init_lsa_ref_domain_list winbind: Slightly simplify wb_sids2xids waf: Fix the build on openbsd smbd: Make SMB3 clients use encryption with smb encrypt = auto Fix the O3 developer build aio_fork: Fix CID 1273291 Uninitialized scalar variable smbd: Fix CID 1273088 Resource leak lib: Fix CID 1273073 Assign instead of compare pam: Fix CID 1034870 Resource leak pam: Fix CID 1034871 Resource leak --- -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated
via 1309af4 tevent: version 0.9.24
via 5db8d19 tevent: Ignore unexpected signal events in the same way the
epoll backend does.
from 7ad61f9 backupkey: Explain more why we use GnuTLS here
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -
commit 1309af4880eb00cf127aa3c1fc7b590c7000a4ec
Author: David Disseldorp dd...@samba.org
Date: Tue Mar 3 23:58:09 2015 +0100
tevent: version 0.9.24
* Ignore unsolicited signal wakeup in tevent_port event loop.
Signed-off-by: David Disseldorp dd...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Mar 4 08:33:06 CET 2015 on sn-devel-104
(cherry picked from commit 89788dd3193633f5e88ff194219ad838dcdfab96)
Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-2-test): Wed Mar 4 15:07:48 CET 2015 on sn-devel-104
commit 5db8d198ad7045d6bcb8e41701d045e92405c108
Author: Jeremy Allison j...@samba.org
Date: Mon Mar 2 16:17:54 2015 -0800
tevent: Ignore unexpected signal events in the same way the epoll backend
does.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8
Signed-off-by: Jeremy Allison j...@samba.org
Reviewed-by: David Disseldorp dd...@samba.org
Autobuild-User(master): David Disseldorp dd...@samba.org
Autobuild-Date(master): Tue Mar 3 17:33:06 CET 2015 on sn-devel-104
(cherry picked from commit 7be3a5f92ddbb378a3c80e455cb7403f7861efa1)
---
Summary of changes:
lib/tevent/ABI/{tevent-0.9.21.sigs = tevent-0.9.24.sigs} | 0
lib/tevent/tevent_port.c | 12 +---
lib/tevent/wscript| 2 +-
3 files changed, 10 insertions(+), 4 deletions(-)
copy lib/tevent/ABI/{tevent-0.9.21.sigs = tevent-0.9.24.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/ABI/tevent-0.9.21.sigs
b/lib/tevent/ABI/tevent-0.9.24.sigs
similarity index 100%
copy from lib/tevent/ABI/tevent-0.9.21.sigs
copy to lib/tevent/ABI/tevent-0.9.24.sigs
diff --git a/lib/tevent/tevent_port.c b/lib/tevent/tevent_port.c
index 93e94b2..dd4958e 100644
--- a/lib/tevent/tevent_port.c
+++ b/lib/tevent/tevent_port.c
@@ -483,10 +483,16 @@ static int port_event_loop(struct port_event_context
*port_ev, struct timeval *t
port_errno = errno;
tevent_trace_point_callback(ev, TEVENT_TRACE_AFTER_WAIT);
- if (ret == -1 port_errno == EINTR ev-signal_events) {
- if (tevent_common_check_signal(ev)) {
- return 0;
+ if (ret == -1 port_errno == EINTR) {
+ if (ev-signal_events) {
+ tevent_common_check_signal(ev);
}
+ /*
+* If no signal handlers we got an unsolicited
+* signal wakeup. This can happen with epoll
+* too. Just return and ignore.
+*/
+ return 0;
}
if (ret == -1 port_errno == ETIME tvalp) {
diff --git a/lib/tevent/wscript b/lib/tevent/wscript
index 489ce31..0da8232 100755
--- a/lib/tevent/wscript
+++ b/lib/tevent/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tevent'
-VERSION = '0.9.23'
+VERSION = '0.9.24'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 89788dd tevent: version 0.9.24
from c05b0a3 pyldb: Add tests for type errors
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 89788dd3193633f5e88ff194219ad838dcdfab96
Author: David Disseldorp dd...@samba.org
Date: Tue Mar 3 23:58:09 2015 +0100
tevent: version 0.9.24
* Ignore unsolicited signal wakeup in tevent_port event loop.
Signed-off-by: David Disseldorp dd...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Wed Mar 4 08:33:06 CET 2015 on sn-devel-104
---
Summary of changes:
lib/tevent/ABI/{tevent-0.9.21.sigs = tevent-0.9.24.sigs} | 0
lib/tevent/wscript| 2 +-
2 files changed, 1 insertion(+), 1 deletion(-)
copy lib/tevent/ABI/{tevent-0.9.21.sigs = tevent-0.9.24.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tevent/ABI/tevent-0.9.21.sigs
b/lib/tevent/ABI/tevent-0.9.24.sigs
similarity index 100%
copy from lib/tevent/ABI/tevent-0.9.21.sigs
copy to lib/tevent/ABI/tevent-0.9.24.sigs
diff --git a/lib/tevent/wscript b/lib/tevent/wscript
index 489ce31..0da8232 100755
--- a/lib/tevent/wscript
+++ b/lib/tevent/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'tevent'
-VERSION = '0.9.23'
+VERSION = '0.9.24'
blddir = 'bin'
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tevent-0.9.23 created
The annotated tag, tevent-0.9.23 has been created at d14fdb68fcbaa5dc0a1307ef32e4a256827806f2 (tag) tagging 04b8e19e1708c5670d180f5cd86d8ed139e9e5a4 (commit) replaces ldb-1.1.20 tagged by Stefan Metzmacher on Fri Feb 27 09:40:58 2015 +0100 - Log - tevent: tag release tevent-0.9.23 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJU8C2aAAoJEEeTkWETCEAl/7YH/iVF+a6baxH86ORJPnlpbsl6 A+9hdGESl+N343ngQRJD7VJ8QkfFNAjHdQ90sz3rQcFHErvO87uuU4fbMpYNMjIg z6DgImkoPzhrlzw4HY2bxHi76tqa2IkhWIN2RdcJq/6MO3dOcqRVinf7FZu2fRrr cxxN5SE4PYtrAWMEp/RqhTOrmwlfxZMkoZpBnFf4sOy1UwSOaSQeBwsdwukD9eJW 2MwtjNbrUUO9tvVJ7YDziKD8wxE7tC3ikji4giSznIh+KTzU21VbynfTbsrB7yqK RNZyGh+mya6kfUlpmBUiXv+w3l83rn3+/f4xSTuQpQ2q6p4lAGfMHnlodR1S9sA= =KL2m -END PGP SIGNATURE- Alexander Bokovoy (1): wafsamba: make sure build fails when uninitialized variable is detected Amitay Isaacs (1): ctdb-io: Do not use sys_write to write to client sockets Andreas Schneider (19): waf: Add address sanitizer configure option. uwrap: Fix the handle loop for older gcc versions. uwrap: Add support for running with address sanitizer. uwrap: Make sure we leave if the id is NULL. uwrap: Bump version to 1.1.0. printing: rework nt_printer_guid_store to return errors spoolss: retrieve published printer GUID if not in registry s3-netlogon: Make sure we do not deference a NULL pointer. torture: Add netr_setPassword(2) schannel test. swrap: Fix the loop for older gcc versions. src: Add support for running with address sanitizer. swrap: Do not leak the socket_info we just removed. swrap: If we remove the socket_info also unlink the unix socket swrap: Bump version to 1.1.3 waf: Only build the wrappers if we enable selftest libsmb: Do not lookup invalid netbios names. nss-wins: Do not lookup invalid netbios names nmblookup: Warn user if netbios name is too long. s3-pam_smbpass: Add a deprecation warning. Andrew Bartlett (42): dsdb: Do not use _ prefix in tombstone_reanimate module torture-krb5: Do not do post-recv checks if the packet recv failed kdc: fixup KDC to use functions portable to MIT krb5 kdc: make Samba KDC pass new TGS-REQ and AS-REQ (to self) testing torture-krb5: add TGS-REQ testing to krb5.kdc.canon testsuite torture-krb5: Add tests for the canonicalise TGS-REQ case torture-krb5: Reformat and re-work test to be easier to follow torture-krb5: Improve the assertions in our KDC tests to be more explicit torture-krb5: Add tests for AS-REQ to our own name selftest: Run krb5.kdc with an account that has a UPN and an SPN torture-krb5: Further test improvements to cover KRB5_GC_CANONICALIZE on krbtgt/ torture-krb5: Add additional assertions for non-canon TGS-REP torture-krb5: Split out TEST_AS_REQ_SELF recv testing routine torture-krb5: Add test in for normal TGS-REQ torture-krb5: Add test for TGS-REQ with type KRB5_NT_PRINCIPAL, KRB5_NT_SRV_INST, KRB5_NT_SRV_HST auth/kerberos: Use talloc_stackframe to avoid memory and FD leak of event context torture-krb5: Provide a generic handler to catch and print unexpected KRB_ERROR packets Remove obsolete SGI packaging Update mailing list references to point at lists.samba.org debug: Set close-on-exec for the main log file FD s4-messaging: Remove unused struct imessaging_rec librpc: Move messaging.idl to the top level s4-messaging: Unify list of possible messages into messaging.idl lib/crypto: Document what crypto code is used for, and if GnuTLS supports it torture-backupkey: Add consistent assertions that createRestoreGUIDStruct() suceeds torture-backupkey: Assert dcerpc_bkrp_BackupKey_r call was successful backupkey: Move SID comparison to inside get_and_verify_access_check() backupkey: Improve function names and comments for clarity backupkey: Implement ServerWrap Encrypt protocol backupkey: Use the name lsa_secret rather than just secret backupkey: Improve variable names to make clear this is client-provided data backupkey: Handle more clearly the case where we find the secret, but it has no value backupkey: Implement ServerWrap Decrypt backupkey: Change expected error codes to match Windows 2008R2 and Windows 2012R2 backupkey: Add tests for ServerWrap protocol backupkey: Better handling for different wrap version headers torture-backupkey: Add tests that read the secret from the server, and validate backupkey: Explain more why we use GnuTLS here s4/scripting/bin/renamedc: Fix up rename DC script selftest: Improve renamedc tests to confirm more than just the exit code testprogs-test_chgdcpass.sh: Improve comments to explain why we check about
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via d2c9373 Merge tag 'samba-4.1.17' into v4-1-test via 492c673 VERSION: Disable git snapshots for the 4.1.17 release. via 8f38d4b WHATSNEW: Add release notes for Samba 4.1.17. via a9a513c s3-netlogon: Make sure we do not deference a NULL pointer. via 1996b18 CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer. via 5a59b1a VERSION: Re-enable git snapshots. via e001101 VERSION: Bump version up to 4.1.17. from 3bc159d doc:man:vfs_glusterfs: improve the configuration section. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit d2c9373cd1d211935650d46175feeb156ea71523 Merge: 3bc159d 492c673 Author: Stefan Metzmacher me...@samba.org Date: Thu Feb 26 11:27:33 2015 +0100 Merge tag 'samba-4.1.17' into v4-1-test samba: tag release samba-4.1.17 --- Summary of changes: Changeset truncated at 500 lines: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-0-test updated
The branch, v4-0-test has been updated via 2722ad6 Merge tag 'samba-4.0.25' into v4-0-test via 4395552 VERSION: Disable git snapshots for the 3.0.25 release. via 28babc0 WHATSNEW: Add release notes for Samba 3.0.25. via 5b833f0 auth: Make sure that creds_out is initialized with NULL. via 1981e7a s3-netlogon: Make sure we do not deference a NULL pointer. via 6ae0a8a CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer. via 4060da4 VERSION: Re-enable git snapshots. via 3865c60 VERSION: Bump version up to 4.0.25. from 1a13242 VERSION: Bump version up to 4.0.26. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log - commit 2722ad6ccbba52d0ea0a556017eba09a719797ff Merge: 1a13242 4395552 Author: Stefan Metzmacher me...@samba.org Date: Thu Feb 26 11:18:38 2015 +0100 Merge tag 'samba-4.0.25' into v4-0-test samba: tag release samba-4.0.25 --- Summary of changes: Changeset truncated at 500 lines: -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 6f41a78 messaging4: Enable POOL_USAGE via 8bc5b73 lib: Use talloc_report_str via 35189ec lib: Add talloc_report_str() via 08ff9e8 messaging4: Use messages_dgm via 5681cca messaging3: Use message_hdr_[put|get] via d80193c messaging: Define a binary format for message headers via b47db91 lib: Add server_id marshalling via 975b9b0 ctdb: server_id_get-server_id_fetch via f4cd1eb messaging3: Use messaging_dgm_ref via 0108c29 lib: Add messages_dgm_ref.[ch] via a15a429 messages_dgm: Make it an independent lib via bc986ff messages_dgm: Add a few #includes via 69f9ff7 unix_msg: remove cookie from unix_msg_init via a3efb70 messages_dgm: Move directory handling up via 293a602 messages_dgm: Only pass unique to messaging_dgm_init via 5f66ddf messaging4: Use server_id_db from 9077fc7 Remove an unused function call. https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 6f41a78c0ec9b5c0e0df18d8dd63facf0e457c05 Author: Volker Lendecke v...@samba.org Date: Wed Feb 11 15:31:26 2015 + messaging4: Enable POOL_USAGE With this you can watch samba's talloc hierarchy live using smbcontrol pid pool-usage Enjoy :-) Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Sat Feb 14 01:59:19 CET 2015 on sn-devel-104 commit 8bc5b7369d2a2106ca9e0774cf9c95068968602b Author: Volker Lendecke v...@samba.org Date: Tue Feb 10 22:17:44 2015 +0100 lib: Use talloc_report_str Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 35189ec68174cbf14218ca90d4bec0f6598b5f32 Author: Volker Lendecke v...@samba.org Date: Wed Feb 11 12:19:05 2015 + lib: Add talloc_report_str() This creates a talloc report into a string and will replace the code used in source3/lib/tallocmsg.c Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 08ff9e80dee211dc1c25e10c7584e98f2e766f5e Author: Volker Lendecke v...@samba.org Date: Sun Feb 8 15:33:39 2015 +0100 messaging4: Use messages_dgm This replaces the transport mechanism in source4 with calls to the messages_dgm code. It is supposed to enable smbcontrol samba pool-usage as an example without having to rewrite smbcontrol using the source4 based messaging subsystem. This moves the source3 based names.tdb (which is unused so far) to the lock directory, source4 does not have a cache directory. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 5681cca42c1c5151212eb2f9a208116ceabdd8b1 Author: Volker Lendecke v...@samba.org Date: Wed Feb 11 15:28:55 2015 + messaging3: Use message_hdr_[put|get] Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit d80193ca36f9ca516fbb1ee3a55c7eece3a6c90c Author: Volker Lendecke v...@samba.org Date: Tue Sep 16 14:09:35 2014 +0200 messaging: Define a binary format for message headers Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit b47db91bafeee07b1671354dfde96b6513822521 Author: Volker Lendecke v...@samba.org Date: Tue Sep 16 02:11:19 2014 +0200 lib: Add server_id marshalling Will be used soon to make source3 and source4 messaging-protocol compatible. Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 975b9b03045eaf2654a77ecdf4a0c391999d7f67 Author: Volker Lendecke v...@samba.org Date: Fri Oct 10 08:35:08 2014 +0200 ctdb: server_id_get-server_id_fetch server_id_get with the next patch will be a global parsing function. I've decided to rename this here in ctdb, as it's only a static function in ctdb_client.c and apparently not intended for wider use. Please speak up if you don't like this :-) Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f4cd1eb42487efde580de74e975a9e7cc67e03ea Author: Volker Lendecke v...@samba.org Date: Sat Oct 4 11:21:18 2014 +0200 messaging3: Use messaging_dgm_ref Signed-off-by: Volker Lendecke v...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit 0108c2921d5b604da42ba70b1f38cda16fd071f7 Author: Volker Lendecke v...@samba.org Date: Sat Oct 4 11:15:12 2014 +0200 lib: Add messages_dgm_ref.[ch] We only have one messaging_dgm context per process. But we will use this from two completely independent messaging subsystems
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated
via fe52bd4 s3:smb2_server: protect against integer wrap with smb2 max
credits = 65535
via df2ec47 s3:smb2_server: always try to grant the credits the client
just consumed
from b8a38af dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups,
tokenGroupsNoGCAcceptable
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-1-test
- Log -
commit fe52bd48a18e1f52d79ec0edfabbb6719412ba55
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 29 10:12:30 2015 +0100
s3:smb2_server: protect against integer wrap with smb2 max credits = 65535
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
(similar to commit 8aed0fc38ae28cce7fd1a443844a865265fc719c)
Autobuild-User(v4-1-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-1-test): Tue Feb 3 00:04:10 CET 2015 on sn-devel-104
commit df2ec473a6a3a01c2faec01c5a97ed90669a1c9d
Author: Stefan Metzmacher me...@samba.org
Date: Wed Jan 28 15:22:30 2015 +0100
s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.
This means the client is not able to reduce the amount of credits
itself.
Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
(similar to commit 1944c857e59922a2ebfc88a6a824a6ed9396f2d5)
---
Summary of changes:
source3/smbd/smb2_server.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index f7798fa..4f3fa15 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -777,6 +777,7 @@ static void smb2_set_operation_credit(struct
smbd_server_connection *sconn,
cmd = SVAL(inhdr, SMB2_HDR_OPCODE);
credits_requested = SVAL(inhdr, SMB2_HDR_CREDIT);
+ credits_requested = MAX(credits_requested, 1);
out_flags = IVAL(outhdr, SMB2_HDR_FLAGS);
out_status = NT_STATUS(IVAL(outhdr, SMB2_HDR_STATUS));
@@ -795,7 +796,9 @@ static void smb2_set_operation_credit(struct
smbd_server_connection *sconn,
* credits on the final response.
*/
credits_granted = 0;
- } else if (credits_requested 0) {
+ } else {
+ uint16_t additional_possible =
+ sconn-smb2.max_credits - credit_charge;
uint16_t additional_max = 0;
uint16_t additional_credits = credits_requested - 1;
@@ -821,14 +824,10 @@ static void smb2_set_operation_credit(struct
smbd_server_connection *sconn,
break;
}
+ additional_max = MIN(additional_max, additional_possible);
additional_credits = MIN(additional_credits, additional_max);
credits_granted = credit_charge + additional_credits;
- } else if (sconn-smb2.credits_granted == 0) {
- /*
-* Make sure the client has always at least one credit
-*/
- credits_granted = 1;
}
/*
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated
via 26f58b7 s3:smb2_server: protect against integer wrap with smb2 max
credits = 65535
via fc8cab8 s3:smb2_server: always try to grant the credits the client
just consumed
from a4fdd14 wafsamba: create unique names when building shared modules
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -
commit 26f58b7fc6f0bef8c6bcd51d937e8d2f3a7264ca
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 29 10:12:30 2015 +0100
s3:smb2_server: protect against integer wrap with smb2 max credits = 65535
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
(cherry picked from commit 8aed0fc38ae28cce7fd1a443844a865265fc719c)
Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org
Autobuild-Date(v4-2-test): Sun Feb 1 12:39:51 CET 2015 on sn-devel-104
commit fc8cab8b59d3ccb1ade663e1ad0d238c0cb2e67d
Author: Stefan Metzmacher me...@samba.org
Date: Wed Jan 28 15:22:30 2015 +0100
s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.
This means the client is not able to reduce the amount of credits
itself.
Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
(cherry picked from commit 1944c857e59922a2ebfc88a6a824a6ed9396f2d5)
---
Summary of changes:
source3/smbd/smb2_server.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 39155b8..ea2ce7f 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -802,6 +802,7 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
cmd = SVAL(inhdr, SMB2_HDR_OPCODE);
credits_requested = SVAL(inhdr, SMB2_HDR_CREDIT);
+ credits_requested = MAX(credits_requested, 1);
out_flags = IVAL(outhdr, SMB2_HDR_FLAGS);
out_status = NT_STATUS(IVAL(outhdr, SMB2_HDR_STATUS));
@@ -820,7 +821,9 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
* credits on the final response.
*/
credits_granted = 0;
- } else if (credits_requested 0) {
+ } else {
+ uint16_t additional_possible =
+ xconn-smb2.credits.max - credit_charge;
uint16_t additional_max = 0;
uint16_t additional_credits = credits_requested - 1;
@@ -846,14 +849,10 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
break;
}
+ additional_max = MIN(additional_max, additional_possible);
additional_credits = MIN(additional_credits, additional_max);
credits_granted = credit_charge + additional_credits;
- } else if (xconn-smb2.credits.granted == 0) {
- /*
-* Make sure the client has always at least one credit
-*/
- credits_granted = 1;
}
/*
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bba753b selftest: fix check for RODC and RID Set allocation
via 0e37189 python/samba/tests: don't lower case path names in
connect_samdb()
from 3b48274 selftest: Fix typo namerserver - nameserver.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bba753b53c32d95ee3663f4e83adfb7d71554dae
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 26 11:53:12 2015 +0100
selftest: fix check for RODC and RID Set allocation
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Feb 2 01:10:18 CET 2015 on sn-devel-104
commit 0e37189dab01a80c10143a54b80859229e181e9b
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 26 08:31:10 2015 +0100
python/samba/tests: don't lower case path names in connect_samdb()
We should not lower case file names, because we may get a path to sam.ldb.
Now we only lower case ldap urls.
For a long time I got failing private autobuild like this:
[1623(9233)/1718 at 1h28m9s] samba4.urgent_replication.python(dc)(dc:local)
Failed to connect to ldap URL
'ldap:///memdisk/metze/w/b12985/samba/bin/ab/dc/private/sam.ldb' - LDAP
client
internal error: NT_STATUS_NO_MEMORY
Failed to connect to
'ldap:///memdisk/metze/w/b12985/samba/bin/ab/dc/private/sam.ldb' with
backend
'ldap': (null)
UNEXPECTED(error):
samba4.urgent_replication.python(dc).__main__.UrgentReplicationTests.test_attributeSchema_object(dc:local)
REASON: _StringException: _StringException: Content-Type:
text/x-traceback;charset=utf8,language=python
traceback
322
The problem is that /memdisk/metze/W/ is my test directory instead
of /memdisk/metze/w/.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
---
Summary of changes:
python/samba/tests/__init__.py | 1 -
selftest/target/Samba4.pm | 2 +-
2 files changed, 1 insertion(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/__init__.py b/python/samba/tests/__init__.py
index cca82bb..bda4adf 100644
--- a/python/samba/tests/__init__.py
+++ b/python/samba/tests/__init__.py
@@ -185,7 +185,6 @@ def connect_samdb(samdb_url, lp=None, session_info=None,
credentials=None,
to make proper URL for ldb.connect() while using default
parameters for connection based on test environment
-samdb_url = samdb_url.lower()
if not :// in samdb_url:
if not ldap_only and os.path.isfile(samdb_url):
samdb_url = tdb://%s % samdb_url
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 91db4f8..c85b4a7 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -182,7 +182,7 @@ sub wait_for_start($$)
system($nmblookup $testenv_vars-{CONFIGURATION} -U
$testenv_vars-{SERVER_IP} $testenv_vars-{NETBIOSNAME});
# Ensure we have the first RID Set before we start tests. This makes
the tests more reliable.
- if ($testenv_vars-{SERVER_ROLE} eq domain controller and not
($testenv_vars-{NETBIOS_NAME} eq rodc)) {
+ if ($testenv_vars-{SERVER_ROLE} eq domain controller and not
($testenv_vars-{NETBIOSNAME} eq RODC)) {
# Add hosts file for name lookups
$ENV{NSS_WRAPPER_HOSTS} = $testenv_vars-{NSS_WRAPPER_HOSTS};
if (defined($testenv_vars-{RESOLV_WRAPPER_CONF})) {
--
Samba Shared Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via 279656e Fix year in SambaXP announcement from b7e38cf Announce Call for Papers SambaXP 2015. https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit 279656ec1684a7d63f1563ab9ca27bafad36a18a Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 29 14:50:38 2015 +0100 Fix year in SambaXP announcement metze --- Summary of changes: generated_news/latest_10_bodies.html | 2 +- generated_news/latest_2_bodies.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 7501b98..b23c8f2 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -4,7 +4,7 @@ Goettingen, Germany at the 14th international SAMBA conference, the samba eXPerience 2015./p pThe call for papers and early bird registration are open until February - 28th 2013. Please find all necessary information at the + 28th 2015. Please find all necessary information at the a href=http://sambaXP.org;conference site/a./p h5a name=4.2.0rc416 January 2015/a/h5 diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index a1361ec..b311860 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -4,7 +4,7 @@ Goettingen, Germany at the 14th international SAMBA conference, the samba eXPerience 2015./p pThe call for papers and early bird registration are open until February - 28th 2013. Please find all necessary information at the + 28th 2015. Please find all necessary information at the a href=http://sambaXP.org;conference site/a./p h5a name=4.2.0rc416 January 2015/a/h5 -- Samba Website Repository
[SCM] Samba Website Repository - branch master updated
The branch, master has been updated via b7e38cf Announce Call for Papers SambaXP 2015. from 9604034 Move Paul to the alumini section https://git.samba.org/?p=samba-web.git;a=shortlog;h=master - Log - commit b7e38cf5d23436e970d233eb66af4da6c08ef453 Author: Stefan Metzmacher me...@samba.org Date: Thu Jan 29 14:43:54 2015 +0100 Announce Call for Papers SambaXP 2015. metze --- Summary of changes: generated_news/latest_10_bodies.html| 22 +- generated_news/latest_10_headlines.html | 4 ++-- generated_news/latest_2_bodies.html | 28 +--- 3 files changed, 20 insertions(+), 34 deletions(-) Changeset truncated at 500 lines: diff --git a/generated_news/latest_10_bodies.html b/generated_news/latest_10_bodies.html index 8d4b20b..7501b98 100644 --- a/generated_news/latest_10_bodies.html +++ b/generated_news/latest_10_bodies.html @@ -1,3 +1,12 @@ +h5a name=CfP201529 January 2015/a/h5 + p class=headlineCall for Papers SambaXP 2015/p + pFrom May 19th to 21st 2015 developers and users will meet again in + Goettingen, Germany at the 14th international SAMBA conference, the + samba eXPerience 2015./p + pThe call for papers and early bird registration are open until February + 28th 2013. Please find all necessary information at the + a href=http://sambaXP.org;conference site/a./p + h5a name=4.2.0rc416 January 2015/a/h5 p class=headlineSamba 4.2.0rc4 Available for Download/p pThis is the fourth release candidate of the upcoming Samba 4.2 release @@ -115,16 +124,3 @@ using GnuPG (ID 6568B7EA). The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.2.0rc1.tar.gz;downloaded now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.2.0rc1.txt; the release notes for more info/a./p - - - h5a name=4.0.2215 September 2014/a/h5 - p class=headlineSamba 4.0.22 Available for Download/p - pThis is the latest stable release of the Samba 4.0 series./p - -pThe uncompressed tarballs and patch files have been signed -using GnuPG (ID 6568B7EA). The source code can be -a href=http://samba.org/samba/ftp/stable/samba-4.0.22.tar.gz;downloaded -now/a. A a href=http://samba.org/samba/ftp/patches/patch-4.0.21-4.0.22.diffs.gz; -patch against Samba 4.0.21/a is also available. See -a href=http://samba.org/samba/history/samba-4.0.22.html; the release notes - for more info/a./p diff --git a/generated_news/latest_10_headlines.html b/generated_news/latest_10_headlines.html index 38dd160..b8c2c93 100644 --- a/generated_news/latest_10_headlines.html +++ b/generated_news/latest_10_headlines.html @@ -1,4 +1,6 @@ ul + li 29 January 2015 a href=#CfP2015Call for Papers SambaXP 2015/a/li + li 16 January 2015 a href=#4.2.0rc4Samba 4.2.0rc4 Available for Download (incl. fix for CVE-2014-8143)/a/li @@ -18,6 +20,4 @@ li 15 October 2014 a href=#4.2.0rc2Samba 4.2.0rc2 Available for Download/a/li li 01 October 2014 a href=#4.2.0rc1Samba 4.2.0rc1 Available for Download/a/li - - li 15 September 2014 a href=#4.0.22Samba 4.0.22 Available for Download/a/li /ul diff --git a/generated_news/latest_2_bodies.html b/generated_news/latest_2_bodies.html index b5b1684..a1361ec 100644 --- a/generated_news/latest_2_bodies.html +++ b/generated_news/latest_2_bodies.html @@ -1,3 +1,12 @@ +h5a name=CfP201529 January 2015/a/h5 + p class=headlineCall for Papers SambaXP 2015/p + pFrom May 19th to 21st 2015 developers and users will meet again in + Goettingen, Germany at the 14th international SAMBA conference, the + samba eXPerience 2015./p + pThe call for papers and early bird registration are open until February + 28th 2013. Please find all necessary information at the + a href=http://sambaXP.org;conference site/a./p + h5a name=4.2.0rc416 January 2015/a/h5 p class=headlineSamba 4.2.0rc4 Available for Download/p pThis is the fourth release candidate of the upcoming Samba 4.2 release @@ -8,22 +17,3 @@ using GnuPG (ID 6568B7EA). The source code can be a href=https://download.samba.org/pub/samba/rc/samba-4.2.0rc4.tar.gz;downloaded now/a. See a href=https://download.samba.org/pub/samba/rc/WHATSNEW-4.2.0rc4.txt; the release notes for more info/a./p - - - h5a name=4.1.1615 January 2015/a/h5 - p class=headlineSamba 4.1.16 and 4.0.24 bSecurity - Releases/b Available for Download/p - pThese are security releases in order to address - a href=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143;CVE-2014-8143/a - (bElevation of privilege to Active Directory Domain Controller/b). - /p - - pThe uncompressed tarballs and patch files have been signed - using GnuPG
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8aed0fc s3:smb2_server: protect against integer wrap with smb2 max
credits = 65535
via 1944c85 s3:smb2_server: always try to grant the credits the client
just consumed
from ce909f2 loadparm: Simplify set_variable
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8aed0fc38ae28cce7fd1a443844a865265fc719c
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 29 10:12:30 2015 +0100
s3:smb2_server: protect against integer wrap with smb2 max credits = 65535
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 29 14:58:40 CET 2015 on sn-devel-104
commit 1944c857e59922a2ebfc88a6a824a6ed9396f2d5
Author: Stefan Metzmacher me...@samba.org
Date: Wed Jan 28 15:22:30 2015 +0100
s3:smb2_server: always try to grant the credits the client just consumed
It turns out that the effective credits_requested is always at least 1,
even if the client sends credits_requested == 0.
This means the client is not able to reduce the amount of credits
itself.
Without this fix a client (e.g. Windows7) would reach the case
where it has been granted all credits it asked for.
When copying a large file with a lot of parallel requests,
all these requests have credits_requested == 0.
This means the amount of granted credits where reduced by each
request and only when the granted credits reached 0,
the server granted one credit to allow the client to go on.
The client might require more than one credit ([MS-SMB2] says
Windows clients require at least 4 credits) and freezes
with just 1 credit.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9702
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
---
Summary of changes:
source3/smbd/smb2_server.c | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 46bf6f9..25d11b1 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -803,6 +803,7 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
cmd = SVAL(inhdr, SMB2_HDR_OPCODE);
credits_requested = SVAL(inhdr, SMB2_HDR_CREDIT);
+ credits_requested = MAX(credits_requested, 1);
out_flags = IVAL(outhdr, SMB2_HDR_FLAGS);
out_status = NT_STATUS(IVAL(outhdr, SMB2_HDR_STATUS));
@@ -821,7 +822,9 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
* credits on the final response.
*/
credits_granted = 0;
- } else if (credits_requested 0) {
+ } else {
+ uint16_t additional_possible =
+ xconn-smb2.credits.max - credit_charge;
uint16_t additional_max = 0;
uint16_t additional_credits = credits_requested - 1;
@@ -847,14 +850,10 @@ static void smb2_set_operation_credit(struct
smbXsrv_connection *xconn,
break;
}
+ additional_max = MIN(additional_max, additional_possible);
additional_credits = MIN(additional_credits, additional_max);
credits_granted = credit_charge + additional_credits;
- } else if (xconn-smb2.credits.granted == 0) {
- /*
-* Make sure the client has always at least one credit
-*/
- credits_granted = 1;
}
/*
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 9ee5887 s4:rpc_server: add support for
DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM
via efebf3c s4:rpc_server: pass the remote address to
gensec_set_remote_address()
via 12a6c32 s4:rpc_server/lsa: add dcesrv_lsa_OpenTrustedDomain_common()
via 459d1d3 s4:rpc_server/netlogon: fix bugs in
dcesrv_netr_DsRGetDCNameEx2()
from b66e4be Fix a couple of DEBUG statements that were copied from
elsewhere. Removed the misleading function name since the DEBUG message will
print out the function name anyway.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 9ee5887a36fd77b389049bf1465388e4f5a1faaf
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 22 11:24:31 2015 +
s4:rpc_server: add support for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Jan 26 14:23:50 CET 2015 on sn-devel-104
commit efebf3c80c9d89d012942d99ce955225c218790a
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 22 13:05:15 2015 +
s4:rpc_server: pass the remote address to gensec_set_remote_address()
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 12a6c325c85a37e208e93d85c65e119eaa293742
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 22 14:57:15 2015 +
s4:rpc_server/lsa: add dcesrv_lsa_OpenTrustedDomain_common()
dcesrv_lsa_OpenTrustedDomain() and dcesrv_lsa_OpenTrustedDomainByName()
need to use the same logic and make sure trusted_domain_user_dn is valid.
Otherwise dcesrv_lsa_OpenTrustedDomainByName() followed by
dcesrv_lsa_DeleteObject() will leave the trust domain account
in the database.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 459d1d3fb9a5282d19121eaacba9d611896b37ff
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 22 11:22:25 2015 +
s4:rpc_server/netlogon: fix bugs in dcesrv_netr_DsRGetDCNameEx2()
We should return the our ip address the client is connected too.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
---
Summary of changes:
source4/rpc_server/dcerpc_server.c| 32 +
source4/rpc_server/dcerpc_server.h| 7 +
source4/rpc_server/dcesrv_auth.c | 16 ++-
source4/rpc_server/lsa/dcesrv_lsa.c | 176 +++---
source4/rpc_server/netlogon/dcerpc_netlogon.c | 22 ++--
5 files changed, 169 insertions(+), 84 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/dcerpc_server.c
b/source4/rpc_server/dcerpc_server.c
index 4d5e166..5eac9ee 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -1198,6 +1198,7 @@ _PUBLIC_ NTSTATUS dcesrv_init_context(TALLOC_CTX *mem_ctx,
dce_ctx = talloc(mem_ctx, struct dcesrv_context);
NT_STATUS_HAVE_NO_MEMORY(dce_ctx);
+ dce_ctx-initial_euid = geteuid();
dce_ctx-endpoint_list = NULL;
dce_ctx-lp_ctx = lp_ctx;
dce_ctx-assoc_groups_idr = idr_init(dce_ctx);
@@ -1547,6 +1548,37 @@ static void dcesrv_sock_accept(struct stream_connection
*srv_conn)
dcesrv_conn-local_address = srv_conn-local_address;
dcesrv_conn-remote_address = srv_conn-remote_address;
+ if (transport == NCALRPC) {
+ uid_t uid;
+ gid_t gid;
+
+ ret = getpeereid(socket_get_fd(srv_conn-socket), uid, gid);
+ if (ret == -1) {
+ status = map_nt_error_from_unix_common(errno);
+ DEBUG(0, (dcesrv_sock_accept:
+ getpeereid() failed for NCALRPC: %s\n,
+ nt_errstr(status)));
+ stream_terminate_connection(srv_conn,
nt_errstr(status));
+ return;
+ }
+ if (uid == dcesrv_conn-dce_ctx-initial_euid) {
+ struct tsocket_address *r = NULL;
+
+ ret = tsocket_address_unix_from_path(dcesrv_conn,
+
/root/ncalrpc_as_system,
+r);
+ if (ret == -1) {
+ status = map_nt_error_from_unix_common(errno
[SCM] Samba Shared Repository - annotated tag ldb-1.1.20 created
The annotated tag, ldb-1.1.20 has been created at fbd4fa6f26b222f9d2093ee59252b565f5832148 (tag) tagging c7af8ae9d2aa19db2533e69b8a4d7c1b6f8e2d9f (commit) replaces ldb-1.1.19 tagged by Stefan Metzmacher on Sun Jan 25 17:00:47 2015 +0100 - Log - ldb: tag release ldb-1.1.20 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJUxRMvAAoJEEeTkWETCEAl0nYIALWqeDoLKA5EBxrV5CfO1EHi 9gO8XmCbSPiHOyhrGkuMq+k7oIAYHFf6A9zUE6E4iogI+3ond3C0SkbYJ9/XHOuH TrfUcuVwoEBN9qZtjXYC1q+uG6DtaMeXptRB3FtmpaSQ8siYLyHRbP1VOTf9x5rw exo5FdCqkMlDNS4b5SfDDadFea/p+o36Ur0+3bCQOF83bHPU9QMlVD6PdJXDFdO3 w4fxe03PM9Nta31JpYLnBgpDKSUzEEOSQeZevQUR2sS95shAauSFy2cHt3QKS9LE 16U2Ssp+uGPdhuM94XDuryl9xX+a7ypPxyUmKbHiv9zn9zIfiV+u/8RrzxyHp68= =1/8y -END PGP SIGNATURE- Andreas Schneider (18): s3-libads: Fix a possible segfault in kerberos_fetch_pac(). lib/util: Avoid collision which alread defined consumer DEBUG macro. s3-util: Fix authentication with long hostnames. rwrap: If we do not have ns_name_compress() use dn_comp(). rwrap: Fix a possible NULL dereference. rwrap: Bump version to 1.1.1. rwrap: Fix ns_name_compress detection. rwrap: Bump version to 1.1.2. utils: Fix 'net time' segfault. CodingStyle: Update example to use our coding practice. s3-pam_smbpass: Fix memory leak in pam_sm_authenticate(). s3-smbspool: Use strtol() instead of atoi(). s3-pam_smbpass: Make sure variables are initialized. s3-pam_smbpass: Fix set_ctrl() return value. s3-pam_smbpass: Check the return code of secrets_init(). s3-pam_smbpass: Make sure PAM_MAXTRIES can be returned. s3-pam_smbpass: Remove superfluous NULL check for pam functions. s3-pam_smbpass: Correctly initialize variables. Andrew Bartlett (42): dsdb: Only parse SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL as a DN lib/ldb-samba: Add comment dicouraging use of schemaUpgradeInProgress selftest: Run samba.tests.dns in :local environment so it can access credentials dsdb: Use ldb_attr_cmp() for comparing objectclass names dsdb: Use a fixed set of attributes in search in dns_notify module dsdb: Ignore errors from search in dns_notify module dns.py: Always remove the test zone in tearDown() CVE-2014-8143:auth: Force talloc type of session_info pointer to match CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl dsdb-tests: Align sam.py with Windows 2012R2 and uncomment userAccountControl tests libds: UF_PARTIAL_SECRETS_ACCOUNT is a flag, not an account type dsdb: Default to UF_NORMAL_ACCOUNT when no account type is specified dsdb-tests: Add new test samba4.user_account_control.python dsdb: Improve userAccountControl handling dsdb-tests: Show that we can not change the primaryGroupID of a DC dsdb-samldb: Only allow known and settable userAccountControl bits to be set dsdb-samldb: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set dsdb-samldb: Clarify userAccountControl manipulation code by always using UF_ flags dsdb-tests: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set torture: Start a new testsuite for krb5 and KDC behaviour torture: Run new testsuite for krb5 and KDC behaviour with machine account also torture: Additionally run testsuite for krb5 and KDC behaviour with unprivileged accounts torture: Additionally run testsuite for krb5 and KDC behaviour against all the DC envs torture: Decode expected packets and test KDC behaviour for wrong passwords torture: Extend KDC test to cover more options and modes heimdal: Ensure that HDB_ERR_NOT_FOUND_HERE, critical for the RODC, is not overwritten kdc: Fix enterpise principal name handling sefltest: Add test for enterprise UPN in a different domain torture: Extend krb5.kdc test to confirm correct RODC proxy behaviour torture-krb5: Add tests for combinations of enterprise, cannon, and different input principals kdc: Fix Samba's KDC to only change the principal in the right cases kdc: Add TODO to remind us where we need to hook for RODC to get secrets torture-krb5: Add comments torture-kdc: Skip the request-pac behaviour for now against an RODC torture-krb5: Split the expected behaviour of the RODC up torture-krb5: Move test of krb5_get_init_creds_opt_set_win2k to krb5.kdc.canon torture-krb5: Move checking of server and client names to krb5.kdc.canon kdc: Correctly return the krbtgt/realm@REALM principal from our KDC torture-krb5: Check for UPN hanlding in krb5
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via dc2f910 s4:dsdb/tests: add test_timevalues1() to verify timestamp
values
via c7af8ae ldb: version 1.1.20
via d1b5155 lib/ldb: fix logic in ldb_val_to_time()
from 6a56bdf Update the tevent_data.dox tutrial stuff to fix some
errors, including white space problems.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit dc2f91020e3b52942f8aab60fd1db70d2afadd51
Author: Stefan Metzmacher me...@samba.org
Date: Fri Jan 9 08:56:59 2015 +0100
s4:dsdb/tests: add test_timevalues1() to verify timestamp values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Sat Jan 24 20:17:20 CET 2015 on sn-devel-104
commit c7af8ae9d2aa19db2533e69b8a4d7c1b6f8e2d9f
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 19 17:17:13 2015 +0100
ldb: version 1.1.20
- Bug 9810 - validate_ldb of String(Generalized-Time) does not accept
millisecond format .000Z
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit d1b515535da46591d3a646a848c7427b6ff951a7
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 19 15:47:58 2015 +0100
lib/ldb: fix logic in ldb_val_to_time()
040408072012Z should represent 20040408072012.0Z
as well as 20040408072012.000Z or
20040408072012.RandomIgnoredCharaters...Z
Bug: https://bugzilla.samba.org/show_bug.cgi?id=9810
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andreas Schneider a...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
---
Summary of changes:
lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.20.sigs} | 0
...ldb-util-1.1.10.sigs = pyldb-util-1.1.20.sigs} | 0
lib/ldb/common/ldb_msg.c | 38
lib/ldb/wscript| 2 +-
source4/dsdb/tests/python/ldap.py | 40 ++
5 files changed, 73 insertions(+), 7 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.19.sigs = ldb-1.1.20.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs = pyldb-util-1.1.20.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ABI/ldb-1.1.19.sigs b/lib/ldb/ABI/ldb-1.1.20.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-1.1.19.sigs
copy to lib/ldb/ABI/ldb-1.1.20.sigs
diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs
b/lib/ldb/ABI/pyldb-util-1.1.20.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs
copy to lib/ldb/ABI/pyldb-util-1.1.20.sigs
diff --git a/lib/ldb/common/ldb_msg.c b/lib/ldb/common/ldb_msg.c
index 809e3af..3f65351 100644
--- a/lib/ldb/common/ldb_msg.c
+++ b/lib/ldb/common/ldb_msg.c
@@ -1090,28 +1090,54 @@ time_t ldb_string_to_time(const char *s)
*/
int ldb_val_to_time(const struct ldb_val *v, time_t *t)
{
- struct tm tm;
+ char val[15] = {};
+ struct tm tm = {};
- if (v == NULL || !v-data || (v-length != 17 v-length != 13)) {
+ if (v == NULL) {
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
- memset(tm, 0, sizeof(tm));
+ if (v-data == NULL) {
+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
+ }
+
+ if (v-length 16 v-length != 13) {
+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
+ }
+
+ if (v-data[v-length - 1] != 'Z') {
+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
+ }
if (v-length == 13) {
- if (sscanf((char *)v-data, %02u%02u%02u%02u%02u%02uZ,
+ memcpy(val, v-data, 12);
+
+ if (sscanf(val, %02u%02u%02u%02u%02u%02u,
tm.tm_year, tm.tm_mon, tm.tm_mday,
tm.tm_hour, tm.tm_min, tm.tm_sec) != 6) {
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
}
+ if (tm.tm_year 50) {
+ tm.tm_year += 100;
+ }
} else {
- if (sscanf((char *)v-data, %04u%02u%02u%02u%02u%02u.0Z,
+
+ /*
+* anything between '.' and 'Z' is silently ignored.
+*/
+ if (v-data[14] != '.') {
+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
+ }
+
+ memcpy(val, v-data, 14);
+
+ if (sscanf(val, %04u%02u%02u%02u%02u%02u,
tm.tm_year, tm.tm_mon, tm.tm_mday,
tm.tm_hour, tm.tm_min, tm.tm_sec) != 6) {
return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via 837c146 s3: auth - tests: Add test for force user being a unix-only user, not in passdb. via c789398 s3: auth: Add previously missing allocation fail check. via a9e58a2 s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3(). via d8b2eee s3: auth: Convert samu_to_SamInfo3() to use the new utility function. via 31b2dad s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle Unix Users and Unix Groups. via a52c6cb nsswitch: fix soname of linux nss_*.so.2 modules via 5de1063 selftest: use shared/libnss_wrapper_winbind.so.2 via e9d45f6 wafsamba: add optional keep_underscore=True to SAMBA_LIBRARY() via 74ee2f7 dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable from 77d8786 VERSION: Re-enable git snapshots... https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log - commit 837c146271ecd96ccde927dbeb389330361fca93 Author: Jeremy Allison j...@samba.org Date: Tue Jan 13 13:49:58 2015 -0800 s3: auth - tests: Add test for force user being a unix-only user, not in passdb. https://bugzilla.samba.org/show_bug.cgi?id=11044 Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org Autobuild-User(master): Volker Lendecke v...@samba.org Autobuild-Date(master): Wed Jan 14 08:46:08 CET 2015 on sn-devel-104 (cherry picked from commit d098b6c877629af0f23070481deaccdf65acd249) Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-2-test): Fri Jan 23 11:04:50 CET 2015 on sn-devel-104 commit c78939859714e09309d8101f1ef962fc12c0c565 Author: Jeremy Allison j...@samba.org Date: Tue Jan 13 13:49:36 2015 -0800 s3: auth: Add previously missing allocation fail check. Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit 83066ed539658a9fa6deb897b15b20a0624227fe) commit a9e58a2ef220bbbd868a7c5851a882ec774a4971 Author: Jeremy Allison j...@samba.org Date: Tue Jan 13 13:45:16 2015 -0800 s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3(). Core fix for: https://bugzilla.samba.org/show_bug.cgi?id=11044 Based on code from Michael Zeis mzeis.quan...@gmail.com Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit 60895e62fe21e41cf4a09ec8a92239b8f015b450) commit d8b2eee9fc26cbf317fde8b08f559ea3a7bf0e6a Author: Jeremy Allison j...@samba.org Date: Tue Jan 13 13:39:21 2015 -0800 s3: auth: Convert samu_to_SamInfo3() to use the new utility function. Based on code from Michael Zeis mzeis.quan...@gmail.com https://bugzilla.samba.org/show_bug.cgi?id=11044 Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit d20b2d397205c1ab85a43f54bc95360a732265f3) commit 31b2dadc60217f3658071aa57e1ffc39b9209ae4 Author: Jeremy Allison j...@samba.org Date: Tue Jan 13 13:35:56 2015 -0800 s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle Unix Users and Unix Groups. Based on code from Michael Zeis mzeis.quan...@gmail.com https://bugzilla.samba.org/show_bug.cgi?id=11044 Signed-off-by: Jeremy Allison j...@samba.org Reviewed-by: Volker Lendecke v...@samba.org (cherry picked from commit 9395243890aff5bb2166e18e33492afb28850097) commit a52c6cbf2e7bcb6f288a44ecb753bb4ff5b2ae60 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 18 10:33:34 2014 +0100 nsswitch: fix soname of linux nss_*.so.2 modules Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org (cherry picked from commit 575b093dac3c509b1bfaab0b4ad29b9b4214e487) commit 5de1063947db3e749b70275867f8daefe98cb70a Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 18 20:13:44 2014 +0100 selftest: use shared/libnss_wrapper_winbind.so.2 This library is always available in make test. nss-wrapper strictly requires the linux nss api. Bug: https://bugzilla.samba.org/show_bug.cgi?id=9299 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andreas Schneider a...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org (cherry picked from commit 4eb24fa545234be506eb1330ccbbfd5c2b9e0d82) commit e9d45f6cff280857c4d54b0d6b0fa7666b001f7d Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 18 10:21:30 2014 +0100 wafsamba: add optional keep_underscore=True to SAMBA_LIBRARY() Bug: https
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4715564 wafsamba: create unique names when building shared modules
via 4da20e2 wafsamba: remove unused variable in SAMBA_MODULE()
via 85a30cc wafsamba: passing 'subsystem' to SAMBA_MODULE() is not
optional
via 7668e45 wafsamba: make it possible to pass bundled_name to
SAMBA_LIBRARY()
from 691f353 lib/util: add missing commas to statfs_types
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 47155641cb48d39d3ee7d8b8962f5ed6b23617d4
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jan 17 00:24:53 2015 +0100
wafsamba: create unique names when building shared modules
After commit 76fdcf5c15bd904c3686f0c2dd93d27486c61ca4, we could endup
with bin/default/source3/auth/libauth-samba4.so being created two times.
Once by SAMBA3_LIBRARY('auth',...) and once again by
SAMBA3_MODULE('auth_samba4', ...).
As a result bin/default/source3/auth/libauth-samba4.so gets randomly
overwritten.
SAMBA3_MODULE('auth_samba4', ...) results in
bin/default/source3/auth/libauth_module_samba4.so now.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Jan 19 04:43:53 CET 2015 on sn-devel-104
commit 4da20e2e31790ca54f17b4a6039c24b7b502ac5f
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jan 17 00:24:53 2015 +0100
wafsamba: remove unused variable in SAMBA_MODULE()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
commit 85a30cc44070b09de963961ccfa3d7c40144317b
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jan 17 00:24:53 2015 +0100
wafsamba: passing 'subsystem' to SAMBA_MODULE() is not optional
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
commit 7668e457a6463fb2c1d7499659f37d10ca322190
Author: Stefan Metzmacher me...@samba.org
Date: Sat Jan 17 00:24:53 2015 +0100
wafsamba: make it possible to pass bundled_name to SAMBA_LIBRARY()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10112
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Jelmer Vernooij jel...@samba.org
---
Summary of changes:
buildtools/wafsamba/wafsamba.py | 27 ---
1 file changed, 16 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py
index 82a9d6f..c054315 100644
--- a/buildtools/wafsamba/wafsamba.py
+++ b/buildtools/wafsamba/wafsamba.py
@@ -130,6 +130,7 @@ def SAMBA_LIBRARY(bld, libname, source,
pyext=False,
target_type='LIBRARY',
bundled_extension=False,
+ bundled_name=None,
link_name=None,
abi_directory=None,
abi_match=None,
@@ -223,7 +224,9 @@ def SAMBA_LIBRARY(bld, libname, source,
raise Utils.WafError(public library '%s' must have header files %
libname)
-if target_type == 'PYTHON' or realname or not private_library:
+if bundled_name is not None:
+pass
+elif target_type == 'PYTHON' or realname or not private_library:
if keep_underscore:
bundled_name = libname
else:
@@ -442,13 +445,15 @@ def SAMBA_MODULE(bld, modname, source,
):
'''define a Samba module.'''
+bld.ASSERT(subsystem, You must specify a subsystem for SAMBA_MODULE(%s)
% modname)
+
source = bld.EXPAND_VARIABLES(source, vars=vars)
if subdir:
source = bld.SUBDIR(subdir, source)
if internal_module or BUILTIN_LIBRARY(bld, modname):
# Do not create modules for disabled subsystems
-if subsystem and GET_TARGET_TYPE(bld, subsystem) == 'DISABLED':
+if GET_TARGET_TYPE(bld, subsystem) == 'DISABLED':
return
bld.SAMBA_SUBSYSTEM(modname, source,
deps=deps,
@@ -469,18 +474,17 @@ def SAMBA_MODULE(bld, modname, source,
return
# Do not create modules for disabled subsystems
-if subsystem and GET_TARGET_TYPE(bld, subsystem) == 'DISABLED':
+if GET_TARGET_TYPE(bld, subsystem) == 'DISABLED':
return
-obj_target = modname + '.objlist'
-
realname = modname
-if subsystem is not None:
-deps += ' ' + subsystem
-while realname.startswith(lib+subsystem+_):
-realname = realname[len(lib+subsystem
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 57300bb s4:rpc_server/lsa: remove msDS-TrustForestTrustInfo if
FOREST_TRANSITIVE is cleared
via cfe6377 s4:rpc_server/lsa: allow
LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be changed.
from a2670f1 winbind: Retry after SESSION_EXPIRED error in ping-dc
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 57300bbf5e5fcb9cb32bd3462e8ed86400b68920
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 5 16:01:16 2015 +0100
s4:rpc_server/lsa: remove msDS-TrustForestTrustInfo if FOREST_TRANSITIVE is
cleared
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Simo Sorce i...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Jan 6 22:50:23 CET 2015 on sn-devel-104
commit cfe6377173ef093cb90b167000b86e6626568b61
Author: Stefan Metzmacher me...@samba.org
Date: Mon Jan 5 15:59:31 2015 +0100
s4:rpc_server/lsa: allow LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be
changed.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Simo Sorce i...@samba.org
---
Summary of changes:
source4/rpc_server/lsa/dcesrv_lsa.c | 45 -
1 file changed, 39 insertions(+), 6 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c
b/source4/rpc_server/lsa/dcesrv_lsa.c
index 020360d..cc2048d 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1366,7 +1366,10 @@ static NTSTATUS get_tdo(struct ldb_context *sam,
TALLOC_CTX *mem_ctx,
securityIdentifier, trustDirection,
trustType, trustAttributes,
trustPosixOffset,
- msDs-supportedEncryptionTypes, NULL };
+ msDs-supportedEncryptionTypes,
+ msDS-TrustForestTrustInfo,
+ NULL
+ };
char *dns = NULL;
char *nbn = NULL;
char *sidstr = NULL;
@@ -1621,6 +1624,7 @@ static NTSTATUS setInfoTrustedDomain_base(struct
dcesrv_call_state *dce_call,
bool add_incoming = false;
bool del_outgoing = false;
bool del_incoming = false;
+ bool del_forest_info = false;
bool in_transaction = false;
int ret;
bool am_rodc;
@@ -1766,6 +1770,7 @@ static NTSTATUS setInfoTrustedDomain_base(struct
dcesrv_call_state *dce_call,
if (info_ex) {
uint32_t origattrs;
+ uint32_t changed_attrs;
uint32_t origdir;
int origtype;
@@ -1815,13 +1820,34 @@ static NTSTATUS setInfoTrustedDomain_base(struct
dcesrv_call_state *dce_call,
}
/* TODO: check forestFunctionality from ldb opaque */
/* TODO: check what is set makes sense */
- /* for now refuse changes */
- if (origattrs == -1 ||
- origattrs != info_ex-trust_attributes) {
- DEBUG(1, (Attempted to change trust attributes!
- Operation not handled\n));
+
+ changed_attrs = origattrs ^ info_ex-trust_attributes;
+ if (changed_attrs ~LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
+ /*
+* For now we only allow
+* LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be changed.
+*
+* TODO: we may need to support more attribute changes
+*/
+ DEBUG(1, (Attempted to change trust attributes
+ (0x%08x != 0x%08x)!
+ Operation not handled yet...\n,
+ (unsigned)origattrs,
+ (unsigned)info_ex-trust_attributes));
return NT_STATUS_INVALID_PARAMETER;
}
+
+ if (!(info_ex-trust_attributes
+ LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE))
+ {
+ struct ldb_message_element *orig_forest_el = NULL;
+
+ orig_forest_el = ldb_msg_find_element(dom_msg,
+ msDS-TrustForestTrustInfo);
+ if (orig_forest_el != NULL) {
+ del_forest_info = true;
+ }
+ }
}
if (enc_types) {
@@ -1862,6 +1888,13 @@ static NTSTATUS setInfoTrustedDomain_base(struct
dcesrv_call_state *dce_call,
}
}
}
+ if (del_forest_info) {
+ ret = ldb_msg_add_empty
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via eda9742 Happy New Year 2015!
from 0f9b35d torture: NULL out after talloc_free
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit eda9742e3f10e2a296b00f42cf5b00d06e464d22
Author: Stefan Metzmacher me...@samba.org
Date: Thu Jan 1 00:23:35 2015 +0100
Happy New Year 2015!
Signed-off-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Jan 1 02:47:59 CET 2015 on sn-devel-104
---
Summary of changes:
source3/include/smb.h | 2 +-
source4/smbd/server.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 46e05c0..9c5e1ac 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -30,7 +30,7 @@
#include libds/common/roles.h
/* logged when starting the various Samba daemons */
-#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the
Samba Team 1992-2014
+#define COPYRIGHT_STARTUP_MESSAGE Copyright Andrew Tridgell and the
Samba Team 1992-2015
#define SAFETY_MARGIN 1024
#define LARGE_WRITEX_HDR_SIZE 65
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 55fd38c..1c80934 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -368,7 +368,7 @@ static int binary_smbd_main(const char *binary_name, int
argc, const char *argv[
umask(0);
DEBUG(0,(%s version %s started.\n, binary_name,
SAMBA_VERSION_STRING));
- DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team
1992-2014\n));
+ DEBUGADD(0,(Copyright Andrew Tridgell and the Samba Team
1992-2015\n));
if (sizeof(uint16_t) 2 || sizeof(uint32_t) 4 || sizeof(uint64_t)
8) {
DEBUG(0,(ERROR: Samba is not configured correctly for the word
size on your machine\n));
--
Samba Shared Repository
[SCM] Samba Shared Repository - annotated tag tdb-1.3.4 created
The annotated tag, tdb-1.3.4 has been created at b9ad6af85394c0febfe162e3e1e5a251926d64cc (tag) tagging a1a90f74eb10a10ac9d508028ed998f8c843f88a (commit) replaces tdb-1.3.3 tagged by Stefan Metzmacher on Mon Dec 22 09:15:11 2014 +0100 - Log - tdb: tag release tdb-1.3.4 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAABAgAGBQJUl9MPAAoJEEeTkWETCEAl+RoH/jbN88KByVzPYsW4zTnuKc5K 0Kt4u9rpdTDUGVQ1mvHTXVld3WVMeVG7ZaaXJTJJZirntnt12AYDn300YMPjWJTs XSToh7fFefJChDWGnDPUfTsAd+BBh1F8bf0kGxutAWG1F5whtAvoNlyYH7nqtHRl TXpqKuT0aHdeETZiMo5xeUBVuguRNORcUycymtWZFfwW9y4nhnK9HEfpHhjUUnPi 4deCvDQBQ9ILx9NdqTNvOHYQT9abNcLXLp0Kh6w8CawsPcVDTNY6Lu6yKX+EGzGh MPkfgEmMkxbceUO73wdAR33tPPkS5Z/Pu0j9EZSKDgrwRaVbcpQCkExe2sPaT8E= =2dcZ -END PGP SIGNATURE- Amitay Isaacs (11): ctdb-vacuum: Track time for vacuuming in database statistics ctdb-vacuum: Stagger vacuuming child processes ctdb-vacuum: Use non-blocking lock when traversing delete queue ctdb-vacuum: Use non-blocking lock when traversing delete tree ctdb-vacuum: Do not delete VACUUM MIGRATED records immediately ctdb-recoverd: Process all the records for vacuum fetch in a loop ctdb-eventscripts: Specify broadcast optionally to ip addr add ctdb-daemon: Fix IP address comparisons for IPv6 addresses ctdb-build: Fix the indentation ctdb-build: Fix the installation of config files for top-level build packaging: Include CTDB man pages in the tarball Andreas Schneider (29): s3-lib: Do not require a password with --use-ccache. s3-libsmb: Set the netbios_name in use_ccache case too. s3-libsmb: Duplicate the memory before we free it. testprogs: Set functional domain level to 2003. selftest: Add the normal dns name as an alias for the main DC. lib: Add resolv_wrapper version 1.0.0. rwrap: Handle trailing dot in dns names. rwrap: Correctly calculate the response size and return it. rwrap: Bump version to 1.1.0. socket_wrapper: Add missing prototype check for eventfd. smbd: Add missing include for iov_buflen(). vfs: Add missing include for sys_pread() in cacheprime module. selftest: Add 'net dom join' test which fails cause we are a DC smbstatus: Tell the user that smbstatus can only be run as root. selftest: Preload resolv_wrapper in selftest. selftest: Also pass the IPv6 address for the KDC around. selftest: Print better DC provisioning info. nmblookup: Return if the lookup was successful or not. selftest: Wait for the logon server to register to join the member. samba_dnsupdate: Always fill out the nameservers of a dns object. samba_dnsupdate: Allow the tool to work in 'make test'. selftest: Define if we should fake dns resolving. selftest: Always enable dns fakeing. selftest: Use resolv_wrapper in the samba4 target. selftest: Use resolv_wrapper in the samba3 targets to join AD. addns: Remove support for dns_host_file. s4-libcli: Remove obsolete support for file resolving. s3-libsmb: Remove obsolete support for dns_host_file. libcli-dns: Remove obsolete dns_host_file subsystem. Andrew Bartlett (7): netapi: Move DC check to NetJoinDomain() where it is needed. auth: Allow domain join to itself when we are a PDC libsmb: Allow change of BDC trust account password selftest: Add test for joining a Samba classic DC as a BDC gensec_krb5: Match behaviour of gensec_gssapi for password-based keytabs torture: Improve winbindd.pac test to check multiple GENSEC mechanims torture: improve rpc.remote_pac test so we check if LogonSamLogon actually succeeds Björn Baumbach (1): ctdb-build: fix build without xsltproc Christian Ambach (3): s3:registry/regfio read SD from the correct location s3:registry/regfio fix some valgrind warnings s3:utils/profiles fix a use after free Garming Sam (5): idmap: unify passdb *id_to_sid methods idmap: return the correct id type to *id_to_sid methods pdb: Increase version number to fix ABI test: improve kinit kerberos tests pdb: fix build issues with shared modules Günther Deschner (1): pam_winbind: fix warn_pwd_expire implementation. Jakub Hrozek (9): rwrap: Compare dns names case insensitive. rwrap: Add data structures and functions to represent and manipulate RRs. rwrap: Use the rwrap_fake_rr structure instead of raw uint8_t pointers. rwrap: SRV record can recurse into A or . rwrap: CNAME record can recurse into A, or CNAME rwrap: Make the rwrap_fake_* functions only fake RRs. rwrap: Recursively add additional data rwrap: Support asking for A via CNAME rwrap: Don't dereference NULL when skipping broken records. Jeremy Allison (22): s4:torture:smb2: Add test
[SCM] Samba Shared Repository - annotated tag ldb-1.1.19 created
The annotated tag, ldb-1.1.19 has been created
at 800ac1be2df946db4b6a0892f665db54deee9e4e (tag)
tagging 02f6ab85a0dcec59c12384a8738eecf7d322071f (commit)
replaces tdb-1.3.4
tagged by Stefan Metzmacher
on Mon Dec 22 09:17:19 2014 +0100
- Log -
ldb: tag release ldb-1.1.19
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQEcBAABAgAGBQJUl9OPAAoJEEeTkWETCEAltCQIAL8//H7tUfvBgxS+JD/fTJ43
z5Xvc3bL9E519wJCDD5rUcyV6uJ8ecehRouZiBaPci4m3GIqhIyE7tufWq4RlUzA
XO/1KiR/hQz95l4OWBNKuOpOtJqNAyhq1SGx2AKuUVKyYwC3Q3fjpRU17Fs6h3jz
MCZp6eOPAJYBAAvBWw8+AhqO/O9rWgtI4pRbbvSoel9pOd9TB4AnVstZ7VKJKtmQ
ER1r8wh5A1DhwnjfBg9d2Zdu6vczCftypfRuuBszIxBm56epcEefZauq1vy1/3c4
T/2ZS84bIGWNOP9SPhQJ6oEwWnWXB3sgG1KLYADhUnxdzYaiOcalTfmFbTfo5Q4=
=n7pG
-END PGP SIGNATURE-
Amitay Isaacs (1):
ctdb-daemon: Use correct tdb flags when enabling robust mutex support
Andrew Bartlett (2):
dsdb: Improve code clarity for ldb_extended_dn_in_openldap mode
ldb: bump to version 1.1.19
David Disseldorp (7):
spoolss: clear JobInfo on GetJob error
spoolss: clear DriverInfo on GetPrinterDriver2 error
spoolss: clear FormInfo on GetForm error
spoolss: clear info on GetPrintProcessorDirectory error
spoolss: clear info on GetPrinterDriverDirectory error
spoolss: clear PrinterInfo on GetPrinter error
torture/spoolss: issue GetJob after StartDocPrinter
Ralph Boehme (1):
wafsamba: check for rpath compiler/linker flags
Samuel Cabrero (2):
s4:dsdb/extended_dn_in: Fix DNs and filter expressions in extended match
ops
ldb: Allow to register extended match rules
Stefan Metzmacher (24):
wafsamba: add optional keep_underscore=True to SAMBA_LIBRARY()
selftest: use shared/libnss_wrapper_winbind.so.2
nsswitch: fix soname of linux nss_*.so.2 modules
wafsamba: fill PRIVATE_NAME() logic again
s3:winbindd: report our own name for PING_DC and internal domains
s3:winbindd: use find_domain_from_name_noinit() in winbindd_ping_dc_send()
nsswitch: allow passing the domain name to wbcPingDC[2]()
nsswitch/wbinfo: allow 'wbinfo --ping-dc --domain=SOMEDOMAIN'
auth/gensec: make sure we keep a DCERPC_AUTH_TYPE_SCHANNEL backend if
required
auth/gensec: add support for SEC_CHAN_DNS_DOMAIN to schannel_update()
auth/credentials: add cli_credentials_set_utf16_password()
s3:cli_netlogon: add rpccli_{create,setup}_netlogon_creds_with_creds()
helper functions
s3:rpc_client: add cli_rpc_pipe_open_schannel_with_creds() helper function
s3:winbindd: make sure we try to use NCACN_IP_TCP in cm_connect_netlogon
s3:winbindd: we only need a an netlogon connection to a rwdc if we're a
rodc ourself
s3:winbindd: make use of rpccli_{create,setup}_netlogon_creds_with_creds()
s3:winbindd: make use of cli_rpc_pipe_open_schannel_with_creds()
s3:pdb_samba_dsdb: add pdb_samba_dsdb_get_trusteddom_creds
s3:pdb_samba_dsdb: use SEC_CHAN_DNS_DOMAIN in
pdb_samba_dsdb_get_trusteddom_creds()
s4:rpc_server/lsa: pass the correct variable to
setInfoTrustedDomain_base()
s4:rpc_server/lsa: remove trustAuthIncoming/trustAuthOutgoing when the
related flag is removed.
s4:rpc_server/lsa: remove unused allow_warnings=True
s4:rpc_server/lsa: fix segfault in check_ft_info()
s4:kdc: add aes key support for trusted domains
---
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via e421351 dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups,
tokenGroupsNoGCAcceptable
from ad07479 dns.py: Always remove the test zone in tearDown()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit e4213512d0a967e87a74a1ae816c903fb38dd8b9
Author: Garming Sam garm...@catalyst.net.nz
Date: Thu Dec 4 11:53:12 2014 +1300
dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups,
tokenGroupsNoGCAcceptable
This includes additional tests based directly on the docs, rather than
simply testing our internal implementation in client and server contexts,
that create a user and groups.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11022
Pair-programmed-with: Garming Sam garm...@catalyst.net.nz
Signed-off-by: Garming-Sam garm...@catalyst.net.nz
Signed-off-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Dec 22 17:17:02 CET 2014 on sn-devel-104
---
Summary of changes:
source4/dsdb/samdb/ldb_modules/operational.c | 66 -
source4/dsdb/tests/python/token_group.py | 348 ++-
2 files changed, 399 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/operational.c
b/source4/dsdb/samdb/ldb_modules/operational.c
index ad9863e..f77474f 100644
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -84,6 +84,12 @@ struct operational_data {
struct ldb_dn *aggregate_dn;
};
+enum search_type {
+ TOKEN_GROUPS,
+ TOKEN_GROUPS_GLOBAL_AND_UNIVERSAL,
+ TOKEN_GROUPS_NO_GC_ACCEPTABLE
+};
+
/*
construct a canonical name from a message
*/
@@ -127,9 +133,11 @@ static int construct_primary_group_token(struct ldb_module
*module,
/*
construct the token groups for SAM objects from a message
*/
-static int construct_token_groups(struct ldb_module *module,
- struct ldb_message *msg, enum ldb_scope scope,
- struct ldb_request *parent)
+static int construct_generic_token_groups(struct ldb_module *module,
+ struct ldb_message *msg, enum
ldb_scope scope,
+ struct ldb_request *parent,
+ const char *attribute_string,
+ enum search_type type)
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
TALLOC_CTX *tmp_ctx = talloc_new(msg);
@@ -189,8 +197,18 @@ static int construct_token_groups(struct ldb_module
*module,
}
/* only return security groups */
- filter = talloc_asprintf(tmp_ctx,
((objectClass=group)(groupType:1.2.840.113556.1.4.803:=%u)),
-GROUP_TYPE_SECURITY_ENABLED);
+ switch(type) {
+ case TOKEN_GROUPS_GLOBAL_AND_UNIVERSAL:
+ filter = talloc_asprintf(tmp_ctx,
((objectClass=group)(groupType:1.2.840.113556.1.4.803:=%u)(|(groupType:1.2.840.113556.1.4.803:=%u)(groupType:1.2.840.113556.1.4.803:=%u))),
+GROUP_TYPE_SECURITY_ENABLED,
GROUP_TYPE_ACCOUNT_GROUP, GROUP_TYPE_UNIVERSAL_GROUP);
+ break;
+ case TOKEN_GROUPS_NO_GC_ACCEPTABLE:
+ case TOKEN_GROUPS:
+ filter = talloc_asprintf(tmp_ctx,
((objectClass=group)(groupType:1.2.840.113556.1.4.803:=%u)),
+GROUP_TYPE_SECURITY_ENABLED);
+ break;
+ }
+
if (!filter) {
talloc_free(tmp_ctx);
return ldb_oom(ldb);
@@ -253,7 +271,7 @@ static int construct_token_groups(struct ldb_module *module,
}
for (i=0; i num_groupSIDs; i++) {
- ret = samdb_msg_add_dom_sid(ldb, msg, msg, tokenGroups,
groupSIDs[i]);
+ ret = samdb_msg_add_dom_sid(ldb, msg, msg, attribute_string,
groupSIDs[i]);
if (ret) {
talloc_free(tmp_ctx);
return ret;
@@ -263,6 +281,40 @@ static int construct_token_groups(struct ldb_module
*module,
return LDB_SUCCESS;
}
+static int construct_token_groups(struct ldb_module *module,
+ struct ldb_message *msg, enum ldb_scope scope,
+ struct ldb_request *parent)
+{
+ /**
+* TODO: Add in a limiting domain when we start to support
+* trusted domains.
+*/
+ return construct_generic_token_groups(module, msg, scope, parent,
+ tokenGroups
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8dd3732 s4:kdc: add aes key support for trusted domains
via ec73511 s4:rpc_server/lsa: fix segfault in check_ft_info()
via 1e74ab3 s4:rpc_server/lsa: remove unused allow_warnings=True
via 2c92545 s4:rpc_server/lsa: remove
trustAuthIncoming/trustAuthOutgoing when the related flag is removed.
via 1d6e9e5 s4:rpc_server/lsa: pass the correct variable to
setInfoTrustedDomain_base()
via 05eb7b5 s3:pdb_samba_dsdb: use SEC_CHAN_DNS_DOMAIN in
pdb_samba_dsdb_get_trusteddom_creds()
via 7387678 s3:pdb_samba_dsdb: add pdb_samba_dsdb_get_trusteddom_creds
via c5e966d s3:winbindd: make use of
cli_rpc_pipe_open_schannel_with_creds()
via a601c08 s3:winbindd: make use of
rpccli_{create,setup}_netlogon_creds_with_creds()
via 6f718ba s3:winbindd: we only need a an netlogon connection to a
rwdc if we're a rodc ourself
via 29816c5 s3:winbindd: make sure we try to use NCACN_IP_TCP in
cm_connect_netlogon
via fb42b02 s3:rpc_client: add cli_rpc_pipe_open_schannel_with_creds()
helper function
via 995cf54 s3:cli_netlogon: add
rpccli_{create,setup}_netlogon_creds_with_creds() helper functions
via 826b0f7 auth/credentials: add cli_credentials_set_utf16_password()
via 153938a auth/gensec: add support for SEC_CHAN_DNS_DOMAIN to
schannel_update()
via 6ec32d7 auth/gensec: make sure we keep a DCERPC_AUTH_TYPE_SCHANNEL
backend if required
via c257b14 nsswitch/wbinfo: allow 'wbinfo --ping-dc
--domain=SOMEDOMAIN'
via f80f585 nsswitch: allow passing the domain name to wbcPingDC[2]()
via a44e8a3 s3:winbindd: use find_domain_from_name_noinit() in
winbindd_ping_dc_send()
via 8a40669 s3:winbindd: report our own name for PING_DC and internal
domains
via 89cc31f wafsamba: check for rpath compiler/linker flags
via 76fdcf5 wafsamba: fill PRIVATE_NAME() logic again
via 575b093 nsswitch: fix soname of linux nss_*.so.2 modules
via 4eb24fa selftest: use shared/libnss_wrapper_winbind.so.2
via 82e583b wafsamba: add optional keep_underscore=True to
SAMBA_LIBRARY()
via e0bf5dd ctdb-daemon: Use correct tdb flags when enabling robust
mutex support
from a1a90f7 tdb: version 1.3.4
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8dd37327b02eaea33915a9cd206667981b8df872
Author: Stefan Metzmacher me...@samba.org
Date: Mon Dec 15 16:48:27 2014 +0100
s4:kdc: add aes key support for trusted domains
We have a look at msDS-SupportedEncryptionTypes and =
DS_DOMAIN_FUNCTION_2008
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Fri Dec 19 15:39:40 CET 2014 on sn-devel-104
commit ec7351184f136990e96e10da98f0298c81699beb
Author: Stefan Metzmacher me...@samba.org
Date: Mon Dec 15 16:47:50 2014 +0100
s4:rpc_server/lsa: fix segfault in check_ft_info()
This is triggered by lsa_lsaRSetForestTrustInformation()
with ForestTrustInfo elements using FOREST_TRUST_TOP_LEVEL_NAME.
The nb_name variable was uninitialized and dereferenced without checking.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 1e74ab337ccfe2fb8b456d070a6583d4cb67aa18
Author: Stefan Metzmacher me...@samba.org
Date: Mon Dec 15 16:37:17 2014 +0100
s4:rpc_server/lsa: remove unused allow_warnings=True
We compile without warnings now.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 2c9254545224bec3ace135603388f19f1e02ea71
Author: Stefan Metzmacher me...@samba.org
Date: Mon Dec 15 16:33:38 2014 +0100
s4:rpc_server/lsa: remove trustAuthIncoming/trustAuthOutgoing when the
related flag is removed.
When LSA_TRUST_DIRECTION_INBOUND or LSA_TRUST_DIRECTION_OUTBOUND flags is
cleared
we should also remove the related credentials.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Reviewed-by: Günther Deschner g...@samba.org
commit 1d6e9e5e5879f0da5831fea7637be507b01b09de
Author: Stefan Metzmacher me...@samba.org
Date: Mon Dec 15 16:03:49 2014 +0100
s4:rpc_server/lsa: pass the correct variable to setInfoTrustedDomain_base()
This requires 'struct lsa_policy_state', we now pass this directly
instead of a instead of an opaque 'struct dcesrv_handle'.
dcesrv_lsa_SetInformationTrustedDomain() passes in a 'struct dcesrv_handle'
with 'struct lsa_trusted_domain_state' before
[SCM] Samba Shared Repository - branch v4-2-test updated
The branch, v4-2-test has been updated via 60748d1 s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() first via 26c011d s3:passdb: add optional get_trusteddom_creds() hooks via 611e95e pdb: fix build issues with shared modules via ddc2bba s3:idmap_cache: remove unused idmap_cache_set_sid2[u|g]id() via dac59a2 pdb: Increase version number to fix ABI via 1a91c09 idmap: return the correct id type to *id_to_sid methods via d655b56 idmap: unify passdb *id_to_sid methods via 0c32df4 s3:passdb: avoid invalid pointer type warnings in pdb_wbc_sam.c via f87e9b1 s3:passdb: always copy the history in pdb_set_plaintext_passwd() via f1f0ca3 pdb_tdb: Avoid a nasty error message with ctdb via a681688 pdb_tdb: don't leak state_path onto talloc tos via 741ac3b account_pol: don't leak state_path onto talloc tos via b14bed4 passdb: Use common code in cli_credentials_set_machine_account_db_ctx() via d26278a auth/credentials: Ensure that we set the realm when reading secrets.tdb via e3b6d3b credentials: Allow the secret.tdb handle to be passed in to cli_credentials_set_machine_account() via a81b814 credentials: Improve error message on failure to set machine account password via a13c21b credentials: Set secure_channel_type from secrets.tdb in cli_credentials_set_machine_account via f80a108 s3:locking: fix uninitialiazed variable in brl_get_locks_readonly_parser() from 5d3a3c8b ctdb-build: fix build without xsltproc https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log - commit 60748d1153491cccbcaa354b88cc4d7203c8223b Author: Stefan Metzmacher me...@samba.org Date: Tue Dec 16 15:05:17 2014 + s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() first NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2() code. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Stefan Metzmacher me...@samba.org Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104 (cherry picked from commit 12aaafd2971ac71823ccbebda7b2afd689239770) Autobuild-User(v4-2-test): Stefan Metzmacher me...@samba.org Autobuild-Date(v4-2-test): Thu Dec 18 13:06:40 CET 2014 on sn-devel-104 commit 26c011d33c561fac1c6c8ab4ac32a706ac535312 Author: Stefan Metzmacher me...@samba.org Date: Thu Dec 11 10:52:53 2014 + s3:passdb: add optional get_trusteddom_creds() hooks Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org (cherry picked from commit 8e90b93ddceabd582cb28e40882036e7772608aa) commit 611e95e02085ff75a7e76c78e38700431a83d000 Author: Garming Sam garm...@catalyst.net.nz Date: Thu Dec 4 10:44:26 2014 +1300 pdb: fix build issues with shared modules Bug: https://bugzilla.samba.org/show_bug.cgi?id=10355 Change-Id: I26e78b56ead0c66afcda6b3fb8b1fd09130b24a5 Signed-off-by: Garming Sam garm...@catalyst.net.nz Reviewed-by: Stefan Metzmacher me...@samba.org Reviewed-by: Alexander Bokovoy a...@samba.org (cherry picked from commit 7a9147dab593a495c5ed5e1157ec8eb8a2809586) commit ddc2bba9e1f0339dceae60189717ae1c6716b7a7 Author: Stefan Metzmacher me...@samba.org Date: Sat Nov 29 10:52:05 2014 +0100 s3:idmap_cache: remove unused idmap_cache_set_sid2[u|g]id() Change-Id: I40bcfacb812b0dac7917533c9baf82a79f598efd Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Garming Sam garm...@catalyst.net.nz Autobuild-User(master): Garming Sam garm...@samba.org Autobuild-Date(master): Wed Dec 3 06:44:29 CET 2014 on sn-devel-104 (cherry picked from commit 816751a3a8ed564f2cf880fd1ca3b1e8f9c85471) commit dac59a2b62bda35c075c61a943fc03dfc0f3c93c Author: Garming Sam garm...@catalyst.net.nz Date: Tue Nov 25 14:56:45 2014 +1300 pdb: Increase version number to fix ABI In the process, we can also rename pdb to avoid conflicts with libpdb. We don't depend directly on pdb to avoid duplicate symbols. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10355 Change-Id: I4df6ba2f4ce35d3718dc4198b527cca46a139efe Pair-programmed-with: Andrew Bartlett abart...@samba.org Signed-off-by: Garming Sam garm...@catalyst.net.nz Reviewed-by: Andrew Bartlett abart...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org (cherry picked from commit 3b76b705f03b8f639ece2308afdc0962d230c42a) commit 1a91c09bbd42dddb7f65983aa93b70cd5b93cbf0 Author: Garming Sam garm...@catalyst.net.nz Date: Wed Nov 26 15:33:35 2014 +1300
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 12aaafd s3:passdb: let pdb_get_trust_credentials() try
pdb_get_trusteddom_creds() first
via 8e90b93 s3:passdb: add optional get_trusteddom_creds() hooks
via 7a9147d pdb: fix build issues with shared modules
via 6bc41c4 s3:locking: fix uninitialiazed variable in
brl_get_locks_readonly_parser()
from 53fb00e torture: improve rpc.remote_pac test so we check if
LogonSamLogon actually succeeds
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 12aaafd2971ac71823ccbebda7b2afd689239770
Author: Stefan Metzmacher me...@samba.org
Date: Tue Dec 16 15:05:17 2014 +
s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds()
first
NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2()
code.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104
commit 8e90b93ddceabd582cb28e40882036e7772608aa
Author: Stefan Metzmacher me...@samba.org
Date: Thu Dec 11 10:52:53 2014 +
s3:passdb: add optional get_trusteddom_creds() hooks
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
commit 7a9147dab593a495c5ed5e1157ec8eb8a2809586
Author: Garming Sam garm...@catalyst.net.nz
Date: Thu Dec 4 10:44:26 2014 +1300
pdb: fix build issues with shared modules
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10355
Change-Id: I26e78b56ead0c66afcda6b3fb8b1fd09130b24a5
Signed-off-by: Garming Sam garm...@catalyst.net.nz
Reviewed-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Alexander Bokovoy a...@samba.org
commit 6bc41c459f6da7de62d2113590bc7d0c2d04e136
Author: Stefan Metzmacher me...@samba.org
Date: Wed Dec 17 10:43:33 2014 +0100
s3:locking: fix uninitialiazed variable in brl_get_locks_readonly_parser()
In a cluster this can be called with an empty record, while
brl_parse_data() relies on an initialized structure.
This is a regression in commit 837e29035c911f3509135252c3f423d0f56b606d.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10911
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Ralph Boehme s...@samba.org
Reviewed-by: Jeremy Allison j...@samba.org
---
Summary of changes:
source3/include/passdb.h | 8 +++
source3/locking/brlock.c | 1 +
...-passdb-0.2.0.sigs = samba-passdb-0.24.1.sigs} | 1 +
source3/passdb/passdb.c| 65 +++---
source3/passdb/pdb_interface.c | 17 ++
source3/wscript_build | 3 +-
6 files changed, 73 insertions(+), 22 deletions(-)
copy source3/passdb/ABI/{samba-passdb-0.2.0.sigs = samba-passdb-0.24.1.sigs}
(99%)
Changeset truncated at 500 lines:
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 16e3bef..893d0d0 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -34,6 +34,7 @@
#include ../librpc/gen_ndr/lsa.h
#include tevent.h
struct unixid;
+struct cli_credentials;
/* group mapping headers */
@@ -416,6 +417,7 @@ enum pdb_policy_type {
* Changed to 22, idmap control functions
* Changed to 23, new idmap control functions
* Changed to 24, removed uid_to_sid and gid_to_sid, replaced with id_to_sid
+ * Leave at 24, add optional get_trusteddom_creds()
*/
#define PASSDB_INTERFACE_VERSION 24
@@ -581,6 +583,10 @@ struct pdb_methods
bool (*get_trusteddom_pw)(struct pdb_methods *methods,
const char *domain, char** pwd,
struct dom_sid *sid, time_t
*pass_last_set_time);
+ NTSTATUS (*get_trusteddom_creds)(struct pdb_methods *methods,
+const char *domain,
+TALLOC_CTX *mem_ctx,
+struct cli_credentials **creds);
bool (*set_trusteddom_pw)(struct pdb_methods *methods,
const char* domain, const char* pwd,
const struct dom_sid *sid);
@@ -919,6 +925,8 @@ uint32_t pdb_search_entries(struct pdb_search *search,
struct samr_displayentry **result);
bool pdb_get_trusteddom_pw(const char *domain, char** pwd, struct dom_sid *sid,
time_t *pass_last_set_time);
+NTSTATUS pdb_get_trusteddom_creds(const char *domain, TALLOC_CTX
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via af570c2 Revert script/autobuild.py: build the samba target with
--with-profiling-data
from 4958fcd script/autobuild.py: build the samba target with
--with-profiling-data
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit af570c294b03035f022bcb53b81b2ef9025de516
Author: Stefan Metzmacher me...@samba.org
Date: Tue Dec 16 08:52:54 2014 +0100
Revert script/autobuild.py: build the samba target with
--with-profiling-data
This reverts commit 4958fcdfa30fd9d8dc51ceafaab35721e61e72c7.
This only works for a single user on a system, as only one can create
the sysv shared memory segment.
In future we'll use a tdb instead of sysv shared memory,
then we can readd this.
Signed-off-by: Stefan Metzmacher me...@samba.org
Reviewed-by: Andrew Bartlett abart...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Tue Dec 16 11:25:47 CET 2014 on sn-devel-104
---
Summary of changes:
script/autobuild.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/script/autobuild.py b/script/autobuild.py
index 1097316..ba08e52 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -44,7 +44,7 @@ tasks = {
(clean, make clean, text/plain) ],
# We have 'test' before 'install' because, 'test' should work without
'install'
-samba : [ (configure, ./configure.developer --picky-developer
${PREFIX} --with-selftest-prefix=./bin/ab --with-profiling-data,
text/plain),
+samba : [ (configure, ./configure.developer --picky-developer
${PREFIX} --with-selftest-prefix=./bin/ab, text/plain),
(make, make -j, text/plain),
(test, make test FAIL_IMMEDIATELY=1, text/plain),
(install, make install, text/plain),
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 4acf171 vfs: Add missing include for sys_pread() in cacheprime
module.
via 266323d smbd: Add missing include for iov_buflen().
via 78e8baf socket_wrapper: Add missing prototype check for eventfd.
from 29732b0 s4-tests/env_loadparm: Throw KeyError in case SMB_CONF_PATH
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 4acf171ab9480dbf23d95bd9624e2e4ec6723316
Author: Andreas Schneider a...@samba.org
Date: Mon Dec 8 10:09:29 2014 +0100
vfs: Add missing include for sys_pread() in cacheprime module.
Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
Autobuild-User(master): Stefan Metzmacher me...@samba.org
Autobuild-Date(master): Mon Dec 8 16:54:51 CET 2014 on sn-devel-104
commit 266323dac64977c236ff19679aaf90f69a1ec245
Author: Andreas Schneider a...@samba.org
Date: Mon Dec 8 10:07:42 2014 +0100
smbd: Add missing include for iov_buflen().
Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
commit 78e8bafb322ec69c5ff4b32a5e1c5679c9dea6bf
Author: Andreas Schneider a...@samba.org
Date: Wed Nov 26 10:18:34 2014 +0100
socket_wrapper: Add missing prototype check for eventfd.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10965
Newer glibc versions use and unsinged integer for the count instead of
an integer.
Signed-off-by: Andreas Schneider a...@samba.org
Reviewed-by: Stefan Metzmacher me...@samba.org
---
Summary of changes:
lib/socket_wrapper/wscript | 5 +
source3/modules/vfs_cacheprime.c | 1 +
source3/smbd/smb2_server.c | 1 +
3 files changed, 7 insertions(+)
Changeset truncated at 500 lines:
diff --git a/lib/socket_wrapper/wscript b/lib/socket_wrapper/wscript
index 279f577..91d23d1 100644
--- a/lib/socket_wrapper/wscript
+++ b/lib/socket_wrapper/wscript
@@ -88,6 +88,11 @@ def configure(conf):
'int ioctl(int s, int r, ...)',
define='HAVE_IOCTL_INT', headers='unistd.h
sys/ioctl.h')
+if conf.CONFIG_SET(HAVE_EVENTFD):
+conf.CHECK_C_PROTOTYPE('eventfd',
+ 'int eventfd(unsigned int count, int
flags)',
+ define='HAVE_EVENTFD_UNSIGNED_INT',
headers='sys/eventfd.h')
+
# Create full path to socket_wrapper
srcdir = os.path.realpath(conf.srcdir)
libsocket_wrapper_so_path = srcdir +
'/bin/default/lib/socket_wrapper/libsocket-wrapper.so'
diff --git a/source3/modules/vfs_cacheprime.c b/source3/modules/vfs_cacheprime.c
index 65e63e2..e90e09a 100644
--- a/source3/modules/vfs_cacheprime.c
+++ b/source3/modules/vfs_cacheprime.c
@@ -17,6 +17,7 @@
#include includes.h
#include smbd/smbd.h
+#include lib/sys_rw.h
/* Cache priming module.
*
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 3f23e2a..4a2c875 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -28,6 +28,7 @@
#include smbprofile.h
#include ../lib/util/bitmap.h
#include ../librpc/gen_ndr/krb5pac.h
+#include lib/iov_buf.h
#include auth.h
static void smbd_smb2_connection_handler(struct tevent_context *ev,
--
Samba Shared Repository
