[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 569d541c9bb VERSION: Disable GIT_SNAPSHOT for the 4.20.2 release. via 55cd97dfef1 WHATSNEW: Add release notes for Samba 4.20.2. via 3dd39600da3 BUG 15569 ldb: Release LDB 2.9.1 via fc318c63e55 auth/credentials: don't ignore "client use kerberos" and --use-kerberos for machine accounts via 212b014679f auth/credentials: add tests for cli_credentials_get_kerberos_state[_obtained]() via 46ebf66fe96 auth/credentials: add cli_credentials_get_kerberos_state_obtained() helper via cccd9c95c8b testprogs/blackbox: add test_ldap_token.sh to test "client use kerberos" and --use-kerberos via 694605f52a4 testprogs/blackbox: let test_trust_token.sh check for S-1-18-1 with kerberos via 7d69ec93e31 vfs_recycle: remember resolved config->repository in vfs_recycle_connect() via f464a85c129 Revert "TMP-REPRODUCE: vfs_recycle: demonstrate memory corruption in recycle_unlink_internal()" via 64d7108cddb vfs_recycle: fix memory hierarchy via 4bb5f8a92aa vfs_recycle: use the correct return in SMB_VFS_HANDLE_GET_DATA() via a5d5d83c492 vfs_recycle: use a talloc_stackframe() in recycle_unlink_internal() via 69b9c140527 vfs_recycle: directly allocate smb_fname_final->base_name via db098ff1aad vfs_recycle: don't unlink on allocation failure via cf22968a8a1 TMP-REPRODUCE: vfs_recycle: demonstrate memory corruption in recycle_unlink_internal() via 7d277c424fc test_recycle.sh: make sure we don't see panics on the log files via b3ce5a86489 vfs_default: also call vfs_offload_token_ctx_init in vfswrap_offload_write_send via d7e0b5933fa s4:torture/smb2: add smb2.ioctl.copy_chunk_bug15644 via 5b90acbef15 s3/smbd: fix nested chdir into msdfs links on (widelinks = yes) share via 4b4b0152fd7 selftest: Add a python blackbox test for some misc (widelink) DFS tests via dceb2e56b63 script/autobuild.py: Add test for --vendor-name and --vendor-patch-revision via 5d593a735d3 build: Add --vendor-name --vendor-patch-revision options to ./configure via f46faceae1f ctdb/docs: Include ceph rados namespace support in man page via 9110627bc24 ctdb/ceph: Add optional namespace support for mutex helper via df54d3fdda9 s4:dns_server: no-op dns updates with ACCESS_DENIED should be ignored via 89817ed2165 s4:dns_server: correctly sign dns update responses with gss-tsig like Windows via fdd61d60caa s4:dns_server: dns_verify_tsig should return REFUSED on error via f663b386156 s4:dns_server: also search DNS_QTYPE_TKEY in the answers section if it's the last section via 3b36f447040 s4:dns_server: use tkey->algorithm if available in dns_sign_tsig() via 299818567ea s4:dns_server: use the client provided algorithm for the fake TSIG structure via 7ddd758da50 s4:dns_server: only allow gss-tsig and gss.microsoft.com for TSIG via 6e395cabf38 s4:dns_server: only allow gss-tsig and gss.microsoft.com for TKEY via ed8ef00c297 s4:dns_server: failed dns updates should result in REFUSED for ACCESS_DENIED via a7f3293ddf7 python:tests/dns_tkey: add test_update_tsig_record_access_denied() via 9137bb66ab4 s4:selftest/tests: pass USERNAME_UNPRIV=$DOMAIN_USER to samba.tests.dns_tkey via 5a98bc50263 python:tests/dns_base: add get_unpriv_creds() helper via ff0afdd1b05 python:tests/dns_tkey: let test_update_tsig_windows() actually pass against windows 2022 via bda80382eb5 python:tests/dns_base: let verify_packet() work against Windows via fdfd4e8adce python:tests/dns_tkey: test bad and changing tsig algorithms via 7dabac46b5a python:tests/dns_tkey: add gss.microsoft.com tsig updates via 6438249cf1e python:tests/dns_tkey: let us have test_update_gss_tsig_tkey_req_{additional,answers}() via 501a25a1f07 python:tests/dns_tkey: test TKEY with gss-tsig, gss.microsoft.com and invalid algorithms via c7a936ecd27 python:tests/dns_base: maintain a dict with tkey related state via da7c313740d python:tests/dns_base: let dns_transaction_udp() take allow_{remaining,truncated}=True via 85784854629 python:tests/dns_base: pass tkey_trans(expected_rcode) via e58fe908371 python:tests/dns_base: let tkey_trans() take tkey_req_in_answers via 12d4e452410 python:tests/dns_base: let tkey_trans() and sign_packet() take algorithm_name as argument via 9cfc2e24331 python:tests/dns_tkey: make use of self.assert_echoed_dns_error() via f7f0518b46a python:tests/dns_base: add self.assert_echoed_dns_error() via c00749edb35 python:tests/dns_base: let dns_transaction_tcp() handle short receives via 3bd80a2545a python:tests/dns_base: use ndr_deepcopy() and ndr_pack() in verify_packet() via 19fc5bb6b9d python:tests/dns_base:
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 0ba948cba0b VERSION: Disable GIT_SNAPSHOT for the 4.20.1 release. via d01b50ec4f3 WHATSNEW: Add release notes for Samba 4.20.1. via db658c40f5d s3:utils: Fix Inherit-Only flag being automatically propagated to children via d28a889aed2 python/samba/tests/blackbox: Add tests for Inherit-only flag propagation via 83da49f3489 tests: Add a test for "all_groups=no" to test_idmap_ad.sh via 84f82a09ffd selftest: Add "winbind expand groups = 1" to setup_ad_member_idmap_ad via 83701298384 s3:winbindd: Improve performance of lookup_groupmem() in idmap_ad via 8857cf29979 docs-xml: Add parameter all_groupmem to idmap_ad via 215bb9bd48e Do not fail checksums for RFC8009 types via db60a1947b8 s4:dns_server: less noisy, more informative debug messages via 9155d89a2ae packaging: Provide a systemd service file for samba-bgqd via 077f39baf7c libcli/http: Detect unsupported Transfer-encoding type via 2fb1bf0205f selftest: Add new test for testing non-chunk transfer encoding via 30bf3d1430f selftest: fix potential reference before assigned error via a70e3a36c82 libcli/http: Handle http chunked transfer encoding via 7e17e4809d5 tests: add test for chunked encoding with http cli library via 26206392153 libcli/http: Optimise reading for content-length via 71eac5a065f selftest: Add basic content-lenght http tests via 19250e13ab6 Add simple http_client for use in black box tests (in following commits) via eaefe50327d VERSION: Bump version up to Samba 4.20.1... from 8fdd82c8b9c VERSION: Disable GIT_SNAPSHOT for the 4.20.0 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 55 +++ auth/kerberos/kerberos_pac.c | 47 ++- docs-xml/manpages/idmap_ad.8.xml | 10 + lib/krb5_wrap/krb5_samba.h | 28 ++ libcli/http/http.c | 309 +++- libcli/http/http_internal.h| 4 + nsswitch/tests/test_idmap_ad.sh| 22 ++ .../{samba.service.in => samba-bgqd.service.in}| 9 +- packaging/wscript_build| 3 +- python/samba/tests/blackbox/http_chunk.py | 129 +++ python/samba/tests/blackbox/http_content.py| 95 + .../blackbox/smbcacls_propagate_inhertance.py | 108 ++ selftest/target/Samba3.pm | 1 + selftest/tests.py | 2 + source3/utils/smbcacls.c | 4 + source3/winbindd/winbindd_ads.c| 11 +- source4/client/http_test.c | 401 + source4/dns_server/dnsserver_common.c | 9 +- source4/wscript_build | 5 + 20 files changed, 1200 insertions(+), 54 deletions(-) copy packaging/systemd/{samba.service.in => samba-bgqd.service.in} (50%) create mode 100644 python/samba/tests/blackbox/http_chunk.py create mode 100644 python/samba/tests/blackbox/http_content.py create mode 100644 source4/client/http_test.c Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 482360b7d68..cfa7539380b 100644 --- a/VERSION +++ b/VERSION @@ -27,7 +27,7 @@ SAMBA_COPYRIGHT_STRING="Copyright Andrew Tridgell and the Samba Team 1992-2024" SAMBA_VERSION_MAJOR=4 SAMBA_VERSION_MINOR=20 -SAMBA_VERSION_RELEASE=0 +SAMBA_VERSION_RELEASE=1 # If a official release has a serious bug # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 5c97836d36f..8249e9326f9 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,3 +1,58 @@ + == + Release Notes for Samba 4.20.1 +May 08, 2024 + == + + +This is the latest stable release of the Samba 4.20 release series. + + +Changes since 4.20.0 + + +o Douglas Bagnall + * BUG 15630: dns update debug message is too noisy. + +o Alexander Bokovoy + * BUG 15635: Do not fail PAC validation for RFC8009 checksums types. + +o Pavel Filipenský + * BUG 15605: Improve performance of lookup_groupmem() in idmap_ad. + +o Anna Popova + * BUG 15636: Smbcacls incorrectly propagates inheritance with Inherit-Only + flag. + +o Noel Power + * BUG 15611: http library doesn't support 'chunked transfer encoding'. + +o Andreas Schneider
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 8fdd82c8b9c VERSION: Disable GIT_SNAPSHOT for the 4.20.0 release. via 797464b7624 WHATSNEW: Add release notes for Samba 4.20.0. via 5cedf3b5eb0 Revert "token_util.c: prefer capabilities over become_root" via f7491b29941 Revert "dosmode.c: prefer use of capabilities at two places over become_root" via 6ca9461a1db Revert "nfs4_acls.c: prefer capabilities over become_root" via 52b1d9d7cb8 Revert "vfs_acl_common.c: prefer capabilities over become_root" via 6e0986b2c30 Revert "vfs_default.c: prefer capabilities over become_root" via f6d549de47c Revert "vfs_posix_eadb.c: prefer capabilities over become_root" via d0c295e5344 Revert "vfs_recycle.c: prefer capabilities over become_root" via 4f38859f5d8 Revert "open.c: prefer capabilities over become_root" via dc161626303 Revert "posix_acls.c: prefer capabilities over become_root" via bb68b730290 Revert "dosmode: prefer capabilities over become_root" via aee05f11670 s3/smbd: If we fail to close file_handle ensure we should reset the fd via 72f70868257 smbd: simplify handling of failing fstat() after unlinking file via 3be368ff2bc ndr: always attempt ACE coda pull if ACE type suggests a coda via 1273cb7e10b tests/krb5: Add tests for AllowedToAuthenticateTo with an AS-REQ via 28fc1850e5c libcli/security: check again for NULL values via ce78896e262 libcli/security: claims_conversions: check for NULL in claims array via 99b6feac932 WHATSNEW: announce Service Witness Protocol [MS-SWN] and related options via 69b69bb2085 libgpo: Do not segfault if we don't have a valid security descriptor via 72bd247c97d libgpo: Fix trailing spaces in pygpo.c via 4d1536f86b9 VERSION: Bump version up to Samba 4.20.0rc5... from 964c0e97e7a VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc4 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 112 +++- libcli/security/claims-conversions.c | 13 + libgpo/pygpo.c| 7 +- librpc/ndr/ndr_sec_helper.c | 5 +- python/samba/tests/krb5/authn_policy_tests.py | 372 ++ selftest/knownfail_mit_kdc| 8 + source3/auth/token_util.c | 4 +- source3/modules/nfs4_acls.c | 4 +- source3/modules/vfs_acl_common.c | 8 +- source3/modules/vfs_default.c | 4 +- source3/modules/vfs_posix_eadb.c | 4 +- source3/modules/vfs_recycle.c | 4 +- source3/smbd/close.c | 1 + source3/smbd/dosmode.c| 16 +- source3/smbd/open.c | 39 +-- source3/smbd/posix_acls.c | 40 +-- 17 files changed, 559 insertions(+), 84 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index fcee8581107..482360b7d68 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=4 +SAMBA_VERSION_RC_RELEASE= # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index dd80f116a10..5c97836d36f 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,16 +1,11 @@ -Release Announcements -= + == + Release Notes for Samba 4.20.0 + March 27, 2024 + == -This is the fourth release candidate of Samba 4.20. This is *not* -intended for production environments and is designed for testing -purposes only. Please report any defects via the Samba bug reporting -system at https://bugzilla.samba.org/. -Samba 4.20 will be the next version of the Samba suite. - - -UPGRADING -= +This is the first stable release of the Samba 4.20 release series. +Please read the release notes carefully before upgrading. NEW FEATURES/CHANGES @@ -191,6 +186,68 @@ The Security Descriptor Definition Language has extensions for conditional ACEs and resource attribute ACEs; these are now supported by Samba. +Service Witness Protocol [MS-SWN] +- + +In a ctdb cluster it is now possible to provide +the SMB witness service that allows clients to +monitor their current
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 964c0e97e7a VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc4 release. via f485def8104 WHATSNEW: Add release notes for Samba 4.20.0rc4. via 03b6dae6630 python:gp: Implement client site lookup in site_dn_for_machine() via e51e72dd14a librpc:idl: Make netlogon_samlogon_response public via a09d0ba6eb2 VERSION: Bump version up to Samba 4.20.0rc4... from 17bab5c0774 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION| 2 +- WHATSNEW.txt | 9 +- librpc/idl/nbt.idl | 2 +- librpc/ndr/ndr_nbt.c | 2 +- librpc/ndr/ndr_nbt.h | 2 +- python/samba/gp/gpclass.py | 68 ++ 6 files changed, 57 insertions(+), 28 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index efcf3f379e6..fcee8581107 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=3 +SAMBA_VERSION_RC_RELEASE=4 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f540dc555c0..dd80f116a10 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the third release candidate of Samba 4.20. This is *not* +This is the fourth release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -214,6 +214,13 @@ smb.conf changes acl claims evaluation new AD DC only +CHANGES SINCE 4.20.0rc3 +=== + +o Andreas Schneider + * BUG 15588: samba-gpupdate: Correctly implement site support. + + CHANGES SINCE 4.20.0rc2 === diff --git a/librpc/idl/nbt.idl b/librpc/idl/nbt.idl index 11814e7970e..46be2eae7e2 100644 --- a/librpc/idl/nbt.idl +++ b/librpc/idl/nbt.idl @@ -490,7 +490,7 @@ interface nbt [case(NETLOGON_NT_VERSION_5EX)] NETLOGON_SAM_LOGON_RESPONSE_EX nt5_ex; } netlogon_samlogon_response_union; - typedef [nopush,nopull] struct { + typedef [nopush,nopull,noprint,public] struct { uint32 ntver; [switch_is(ntver)] netlogon_samlogon_response_union data; } netlogon_samlogon_response; diff --git a/librpc/ndr/ndr_nbt.c b/librpc/ndr/ndr_nbt.c index eb186810785..6f54198ffbc 100644 --- a/librpc/ndr/ndr_nbt.c +++ b/librpc/ndr/ndr_nbt.c @@ -392,7 +392,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netlogon_samlogon_response(struct ndr_pull * return NDR_ERR_SUCCESS; } -_PUBLIC_ void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, struct netlogon_samlogon_response *r) +_PUBLIC_ void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, const struct netlogon_samlogon_response *r) { ndr_print_struct(ndr, name, "netlogon_samlogon_response"); if (r == NULL) { ndr_print_null(ndr); return; } diff --git a/librpc/ndr/ndr_nbt.h b/librpc/ndr/ndr_nbt.h index c38422fff6b..00ee8a17364 100644 --- a/librpc/ndr/ndr_nbt.h +++ b/librpc/ndr/ndr_nbt.h @@ -37,6 +37,6 @@ enum ndr_err_code ndr_pull_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags(struct ndr_ uint32_t nt_version_flags); enum ndr_err_code ndr_push_netlogon_samlogon_response(struct ndr_push *ndr, ndr_flags_type ndr_flags, const struct netlogon_samlogon_response *r); enum ndr_err_code ndr_pull_netlogon_samlogon_response(struct ndr_pull *ndr, ndr_flags_type ndr_flags, struct netlogon_samlogon_response *r); -void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, struct netlogon_samlogon_response *r); +void ndr_print_netlogon_samlogon_response(struct ndr_print *ndr, const char *name, const struct netlogon_samlogon_response *r); #endif /* _LIBRPC_NDR_NDR_NBT_H */ diff --git a/python/samba/gp/gpclass.py b/python/samba/gp/gpclass.py index 26c2386847e..08be472e707 100644 --- a/python/samba/gp/gpclass.py +++ b/python/samba/gp/gpclass.py @@ -49,7 +49,7 @@ from samba.dsdb import UF_WORKSTATION_TRUST_ACCOUNT, UF_SERVER_TRUST_ACCOUNT, GP from samba.auth import AUTH_SESSION_INFO_DEFAULT_GROUPS, AUTH_SESSION_INFO_AUTHENTICATED, AUTH_SESSION_INFO_SIMPLE_PRIVILEGES from samba.dcerpc import security import
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 17bab5c0774 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc3 release. via f3da62a2bba WHATSNEW: Add release notes for Samba 4.20.0rc3. via 253c5585c91 s3/rpc_client: Fix array offset check via 1ab3de6f46e s3/rpc_client: Ensure max possible row buffer size is not exceeded via 3e226dd1cd5 idl: Add constant for max rows buffer size via c1016224041 s3/rpc_client: cleanup unmarshalling of variant types from row columns via 77cbdf342ca s3/utils: use full 64 bit address for getrows (with 64bit offsets) via ec239d16a97 s3/rpc_client: Remove stray unnecessary comment via 3d47cae71d9 s3/rpc_client: change type of offset to uint64_t via 7107b233346 ctdb-protocol: Add missing push support for new controls via 22e56d9ea2d python: Remove ‘typing.Final’ via 9366f554862 python: do not make use of typing.Final for python 3.6 via 858090913e3 docs-xml: document "smb3 share cap:{CONTINUOUS AVAILABILITY,SCALE OUT,CLUSTER,ASYMMETRIC}" via d8e056d8b0d smb2_tcon: only announce SMB3 related share capabilities if SMB3 is used via 3a8a86adc66 smb2_tcon: only announce SMB2_SHARE_CAP_CLUSTER if rpcd_witness can run via 87e56ada0db docs-xml: add details for 'net witness' via c4e4d41f0ac s3:utils: fix help string for 'net witness force-response' via f9c0968743d ctdb/events: add 47.samba-dcerpcd.script via bc89a069b3c ctdb/events: use 'service "$CTDB_SERVICE_NMB" status' in 48.netbios.script via d998b68af68 VERSION: Bump version up to Samba 4.20.0rc3... from 0167b75a5b2 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc2 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 23 +- ctdb/config/events/legacy/47.samba-dcerpcd.script | 66 +++ ctdb/config/events/legacy/48.netbios.script | 11 + ctdb/protocol/protocol_control.c | 8 + ctdb/tests/src/protocol_common_ctdb.c | 33 ++ ctdb/tests/src/protocol_ctdb_test.c | 2 +- docs-xml/manpages/net.8.xml | 567 ++ docs-xml/smbdotconf/protocol/smb3sharecaps.xml| 202 librpc/idl/wsp_data.idl | 5 + python/samba/gkdi.py | 16 +- python/samba/nt_time.py | 8 +- python/samba/tests/gkdi.py| 4 +- source3/rpc_client/wsp_cli.c | 127 +++-- source3/smbd/smb2_tcon.c | 20 +- source3/utils/net_witness.c | 2 +- source3/utils/wspsearch.c | 22 +- 17 files changed, 1059 insertions(+), 59 deletions(-) create mode 100755 ctdb/config/events/legacy/47.samba-dcerpcd.script create mode 100644 docs-xml/smbdotconf/protocol/smb3sharecaps.xml Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 12917e08428..efcf3f379e6 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=2 +SAMBA_VERSION_RC_RELEASE=3 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index de3b0f03d49..f540dc555c0 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the second release candidate of Samba 4.20. This is *not* +This is the third release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -214,6 +214,27 @@ smb.conf changes acl claims evaluation new AD DC only +CHANGES SINCE 4.20.0rc2 +=== + +o Rob van der Linde + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + +o Stefan Metzmacher + * BUG 15577: Additional witness backports for 4.20.0. + +o Noel Power + * BUG 15579: Error output with wspsearch. + +o Martin Schwenke + * BUG 15580: Packet marshalling push support missing for + CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and + CTDB_CONTROL_TCP_CLIENT_PASSED. + +o Jo Sutton + * BUG 15575: Remove unsupported "Final" keyword missing from Python 3.6. + + CHANGES SINCE 4.20.0rc1 === diff --git
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via 0167b75a5b2 VERSION: Disable GIT_SNAPSHOT for the 4.20.0rc2 release. via f06a06b7132 WHATSNEW: Add release notes for Samba 4.20.0rc2. via f8dfce94822 WHATSNEW: Explain new AD DC Claims, authentication policies and Silos via 4872b0abf6b WHATSNEW: Add some information about new conditional aces feature via 8e8b8fc0548 WHATSNEW: note "acl_claims evaluation" smb.conf option via 7f338d6119a ndr: ignore trailing bytes in ndr_pull_security_ace() via 0f81aec9a19 ndr: ndr_push_security_ace: calculate coda size once via 4808478685c ndr: avoid object ACE push overhead for non-object ACE via 276e67fe174 ndr: avoid object ACE pull overhead for non-object ACE via 5c0f6a20745 ndr: do not push ACE->coda.ignored blob via d4547daf5ee ndr: mark invalid pull ndr_flags as unlikely via 5d0d17a92db ndr: skip talloc when pulling empty DATA_BLOB via e61d447690f ndr: ACE push avoids no-op coda pushes via e4cf11b1b39 ndr: make security_ace push manual via c9974e622bf ndr: short-circuit ace coda if no bytes left via 8787185a6ca ndr: shift ndr_pull_security_ace to manual code via f8014cae2eb pidl: calculate subcontext_size only once per pull via b5289d66e9e perftest: ndr_pack runs in none environment via fb49ce47609 perftest:ndr_pack: spin in do_nothing for a while via 14edd0fd1ef perftest:ndr_pack: use a valid dummy SID via 1287f182167 perftest:ndr_pack_performance: remove irrelevant imports, options via 7f0bdf2b99e perftest:ndr_pack: slightly reduce python overhead via 66fa6885551 perftest: ndr_pack_performance gets more SD types via daf5b5f5eb2 perftest:ndr_pack: rename SD tests with object ACEs via 59365287486 docs-xml: Build and install man page for wspsearch via 9e946a8ddd3 python:gp: Fix logging with gp via 7908c00dec2 VERSION: Bump version up to Samba 4.20.0rc2... from d05af785057 VERSION: Disable GIT_SNAPSHOT for the Samba 4.20.0rc1 release. https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 100 +- docs-xml/wscript_build| 1 + librpc/idl/security.idl | 2 +- librpc/ndr/libndr.h | 2 +- librpc/ndr/ndr_basic.c| 6 ++ librpc/ndr/ndr_sec_helper.c | 107 ++- pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 5 +- python/samba/gp/util/logging.py | 5 +- selftest/perf_tests.py| 4 +- source4/dsdb/tests/python/ndr_pack_performance.py | 121 ++ 11 files changed, 280 insertions(+), 75 deletions(-) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index 3fe7a037533..12917e08428 100644 --- a/VERSION +++ b/VERSION @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE=1 +SAMBA_VERSION_RC_RELEASE=2 # To mark SVN snapshots this should be set to 'yes'# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 8158a80288c..de3b0f03d49 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the first release candidate of Samba 4.20. This is *not* +This is the second release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -108,6 +108,90 @@ New options added are: and all files/directories below. - '--restore savefile' Restores the stored DACLS to files in directory +Samba-tool extensions for AD Claims, Authentication Policies and Silos +-- + +samba-tool now allows users to be associated with claims. In the +Samba AD DC, claims derive from Active Directory attributes mapped +into specific names. These claims can be used in rules, which are +conditional ACEs in a security descriptor, that decide if a user is +restricted by an authentication policy. + +samba-tool also allows the creation and management of authentication +policies, which are rules about where a user may authenticate from, +if NTLM is permitted, and what services a user may authenticate to. +
[SCM] Samba Shared Repository - branch v4-20-stable updated
The branch, v4-20-stable has been updated via d05af785057 VERSION: Disable GIT_SNAPSHOT for the Samba 4.20.0rc1 release. via 8e31cb2007a WHATSNEW: Up to Samba 4.20.0rc1. via ec91204387b ldb: release 2.9.0 for use in Samba 4.20.x via 0ba05d5bbb1 tevent: release 0.16.1 via 5032ab712c6 tdb: release 1.4.10 via f28966c1638 talloc: release 2.4.2 from 1f823424418 python:gp: Improve working of log messages to avoid confusion https://git.samba.org/?p=samba.git;a=shortlog;h=v4-20-stable - Log - --- Summary of changes: VERSION | 6 +++--- WHATSNEW.txt| 2 +- lib/ldb/wscript | 2 +- .../ABI/{pytalloc-util-2.3.0.sigs => pytalloc-util-2.4.2.sigs} | 0 lib/talloc/ABI/{talloc-2.3.5.sigs => talloc-2.4.2.sigs} | 0 lib/talloc/wscript | 2 +- lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.10.sigs}| 0 lib/tdb/wscript | 2 +- lib/tevent/ABI/{tevent-0.15.0.sigs => tevent-0.16.1.sigs} | 0 lib/tevent/wscript | 2 +- 10 files changed, 8 insertions(+), 8 deletions(-) copy lib/talloc/ABI/{pytalloc-util-2.3.0.sigs => pytalloc-util-2.4.2.sigs} (100%) copy lib/talloc/ABI/{talloc-2.3.5.sigs => talloc-2.4.2.sigs} (100%) copy lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.10.sigs} (100%) copy lib/tevent/ABI/{tevent-0.15.0.sigs => tevent-0.16.1.sigs} (100%) Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index bde2e90dffc..3fe7a037533 100644 --- a/VERSION +++ b/VERSION @@ -79,7 +79,7 @@ SAMBA_VERSION_BETA_RELEASE= # e.g. SAMBA_VERSION_PRE_RELEASE=1 # # -> "2.2.9pre1" # -SAMBA_VERSION_PRE_RELEASE=1 +SAMBA_VERSION_PRE_RELEASE= # For 'rc' releases the version will be# @@ -89,7 +89,7 @@ SAMBA_VERSION_PRE_RELEASE=1 # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # -SAMBA_VERSION_RC_RELEASE= +SAMBA_VERSION_RC_RELEASE=1 # To mark SVN snapshots this should be set to 'yes'# @@ -101,7 +101,7 @@ SAMBA_VERSION_RC_RELEASE= # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes # # -> "3.0.0-SVN-build-199" # -SAMBA_VERSION_IS_GIT_SNAPSHOT=yes +SAMBA_VERSION_IS_GIT_SNAPSHOT=no # This is for specifying a release nickname# diff --git a/WHATSNEW.txt b/WHATSNEW.txt index e2bd54a1d01..8158a80288c 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements = -This is the first pre release of Samba 4.20. This is *not* +This is the first release candidate of Samba 4.20. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. diff --git a/lib/ldb/wscript b/lib/ldb/wscript index bb49e95382c..c249a826071 100644 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'ldb' -# For Samba 4.20.x +# For Samba 4.20.x ! VERSION = '2.9.0' import sys, os diff --git a/lib/talloc/ABI/pytalloc-util-2.3.0.sigs b/lib/talloc/ABI/pytalloc-util-2.4.2.sigs similarity index 100% copy from lib/talloc/ABI/pytalloc-util-2.3.0.sigs copy to lib/talloc/ABI/pytalloc-util-2.4.2.sigs diff --git a/lib/talloc/ABI/talloc-2.3.5.sigs b/lib/talloc/ABI/talloc-2.4.2.sigs similarity index 100% copy from lib/talloc/ABI/talloc-2.3.5.sigs copy to lib/talloc/ABI/talloc-2.4.2.sigs diff --git a/lib/talloc/wscript b/lib/talloc/wscript index 075f1ec4417..8b5e02d36c5 100644 --- a/lib/talloc/wscript +++ b/lib/talloc/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'talloc' -VERSION = '2.4.1' +VERSION = '2.4.2' import os import sys diff --git a/lib/tdb/ABI/tdb-1.3.17.sigs b/lib/tdb/ABI/tdb-1.4.10.sigs similarity index 100% copy from lib/tdb/ABI/tdb-1.3.17.sigs copy to lib/tdb/ABI/tdb-1.4.10.sigs diff --git a/lib/tdb/wscript b/lib/tdb/wscript index 5e6a928d5bc..2c587fbee44 100644 --- a/lib/tdb/wscript +++ b/lib/tdb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'tdb' -VERSION = '1.4.9' +VERSION = '1.4.10' import sys, os diff --git