The annotated tag, samba-4.0.0beta7 has been created at 1f3d4c321be9547e04a8895073fce2366add7fc3 (tag) tagging c41894c7dd512eeddacb6810405b64ad180af6e0 (commit) replaces tevent-0.9.17 tagged by Andrew Bartlett on Tue Aug 28 10:18:12 2012 +1000
- Log ----------------------------------------------------------------- samba4: tag release samba-4.0.0beta7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAUDwORGjGT3QfUnJfAQIkFhAAoec0rA/3rkPjTqg+t2xqHi2DZYL0NOCp RyrkbtIZHZjUCRD7T2eNtsM/7Q1t58xMyis18CGu7+coQFeAUuiH2Vx+JAegmccj 952uACW59GBZgpg0V6KrmpsI8tyWe8qpDFoxuAuaFjLXxH+E8mEOimmQBQjzsryH 2Malo3bbziA/sumhynFVgZ8BMPCz/QSgu2dVI12o16Dji27lqsOFRDh01c9+Eq8Y Y20qAmIkiWtiO0YhRfH5AzDceD34WGuZsgrtsyxLbW4M87Nz0b+p5UcRBKJyv1yk FMt7JwZPiVedNJnOe0c19A8nf5OfwsepuRplAgZ5I17+TqcfrF1TK0NMY9xtWejT Uu72VEG1XCUjqqnS6KnbdHFki8HrKR0uG7Q/xUYwuLY+dXIEgzgL3GVIEdXMYWeC sx29CbwMDSKQvXNv+QJQDMO0PcwgaACkzxJgv2B5LGFQmWtJczhQ1LgKe4lQg5Ja zONqc/59m6UNmXL1sgfwrDAU6bcGFEYphKM3LA636flja3gf8PjKVM8jJZBwyEZl 3159fyIOUHkREYJqZMaAczktRBTR8GP5ZuToV0KawoyZxSTxQ0tM1pKcmcC0gNoP cWYxvBPFLpxymIgPVBAwNMTDjyGIdaSeMhkEaC5vXJT1j9ZoBdzkWzZq4JEsFX4y kzvTHBho4kA= =aDj6 -----END PGP SIGNATURE----- Andrew Bartlett (89): s3-torture: Allow vfstest to set ACLs on a directory s4-dsdb: Ensure we always free tmp_ctx in schema refresh check build: Ensure -Werror=format works with -Wformat=2 on NULL format strings s4-kcc: Avoid use-after-free of dn and add tmp_ctx s4-dsdb: Use tmp_ctx in kccsrv_check_deleted to avoid leaking memory onto part->dn s3-vfs: Allow vfs_xattr_tdb to work without a connected share s4-ntvfs: Ensure we do not attempt to write EAs on streams s4-ntvfs: Add TODO on ea_size s3-smbd: Push smb_fname into estimate_ea_size s3-smbd: Do not look for EA information on a stream s3-smbd: ensure we give appropriate errors for EA requests on streams s3-vfs: Use the system. namespace for fake ACLs s3-vfs: Correct the implementation of fake_acls_sys_acl_delete_def_file() s3-vfs: Add lstat and lchown hooks to the vfs_fake_acls module s3-build: Enable vfs_fake_acls when in developer mode or on the build farm build: Do not put a .distversion file into the GIT tree WHATSNEW: Remove over-caution on s3fs and explain browsing better doc-BUILD_SYSTEMS.txt: The grand rename is complete s4-torture: Improve raw.streams test to cover EAs and to use torture_assert() s4-torture: Show that we cannot have extended attributes on streams s4-torture: Show that we cannot list extended attributes on streams selftest: Use new fake_acls module s4-torture: Use torture_fail() in the unix.unix_info2 test build: Remove accidentily added line in samba_version.py build: Remove special case for the build farm s3-pysmbd: Add hook for a VFS chown() s3-passdb: Allow pdb_sid_to_id to work on any SID s3-pysmbd: Correct comments in python VFS bindings s3-pysmbd: Add get/set functions for the posix ACL layer build: Create bin/ when doing 'waf dist' from a fresh checkout s3-vfs: Make vfs_aio_fork erratic timing behaviour a run-time option selftest: Add tests for vfs_aio_fork s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire s4-classicupgrade: Add --use-ntvfs option selftest: Specify --use-ntvfs to provision in test scripts selftest: Pass --use-ntvfs to provison in renamedc test s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA s4-python: complete python bindigns for smb_acls.idl s3-pysmbd: Correct the python type for smb_acl_t s4-python: Complete python bindings for idmap.idl selftest: Specify --use-ntvfs for the chdcpass environment selftest: Specify --use-ntvfs when testing the LDAP backend init code selftest: Specify --use-ntvfs when testing the newuser code selftest: Specify --use-ntvfs when testing the group code selftest: Set --use-ntvfs for rodc, vampire_dc, promoted_vampire_dc and subdom_dc s4-upgradeprovision: Use ntvfs in reference provision s4-dsdb: Do not use a possibly-old loadparm context in schema reload s4-dsdb: Remove unused variables file_server: Move default VFS module settings to loadparm.c s4-provision: set POSIX ACLs to for use with the smbd file server (s3fs) s4-scripting: Redefine getntacl() as accessing via the smbd VFS or directly selftest: Add a test of the NT ACL -> posix ACL mapping layer selftest: Extend posixacl test to check the actual ACL selftest: Cope with the multiple possible representations of -1 in posixacl.py selftest: Add a test of the NT ACL -> posix ACL mapping layer to selftest s4-samba-tool: Add 'samba-tool ntacl sysvolreset' tool s3-pysmbd: Allow a mode to be specified for the simple ACL s4-provision: Fix internal documentation s3-pysmbd: Fix error message param: Add startup checks for valid server role/binary combinations s4-selftest: Add testing of samba-tool ntacl sysvolreset s3-smbd: Add talloc_stackframe() to get_nt_acl_no_snum() s3-pysmbd: Fix return type of smbd.get_nt_acl s3-smbd: Add security_info_wanted argument to get_nt_acl_no_snum s4-samba-tool: Add samba-tool ntacl sysvolcheck command s4-selftest: Add test for samba-tool ntacl sysvolcheck s4-selftest: Always set vfs objects in selftest smb.conf s3-param: Avoid assert on use of talloc_tos() without stackframe examples: Remove security=share and security=server from example smb.conf s4-libnet: Ensure termination of enctype array in libnet_export_keytab() lib/krb5_wrap: Bring list of all enc types into krb5_wrap lib/krb5_wrap: Move kerberos_enctype_to_bitmap() into krb5_wrap s4-classicupgrade: Use s3param.get_context() instead of result.lp s4-classicupgrade: Do all the queries of data before the provision() s4-classicupgrade: Read WINS DB before the provision lib/krb5_wrap: Move enctype conversion functions into a simple helper file s3-secrets: Add helper function to set machine account password from secrets_tdb_sync s3-secrets: Handle all valid ROLE_ values in get_default_sec_channel() s3-secrets: Use talloc_stackframe() in secrets_init_path() s4-dsdb: Add secrets_tdb_sync - an ldb module to keep secrets.tdb in sync s4-dsdb: Remove double-free in update_keytab module auth/credentials: Expand secrets.tdb fetch of secrets to preserve workstation and realm selftest: Add test of smbclient --machine-pass against and using both s3 and s4 auth/credentials: Rework credentials handling to try and find the most recent machine pw s3-passdb: Allow reload of the static passdb from python s4-classicupgrade: Do the setting of the sysvol ACLs last, after idmap is configured selftest: Fix comment in blackbox_s3upgrade.sh WHATSNEW: prepare for 4.0 beta7 VERSION: Mark as the beta7 release Björn Jacke (4): libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE s3/registry: fix compile warning on openindiana crypto/aes_ccm_128: fix compile warning on openindiana s3: fix compile warning on openindiana Christian Ambach (1): s3:vfs_tsmsm only send notifications when file was offline before Daniel Liberman (1): Extending space for fqdn in wbinfo --trusted-domains in verbose mode Herb Lewis (1): Fix bug #9104 - winbindd can mis-identify idle clients - can cause crashes and NDR parsing errors. Jeremy Allison (6): Fix bug #9098 - winbind does not refresh kerberos tickets. Fix bug in SMB_FIND_INFO_STANDARD parsing found by Volker. Remove align_string(). No longer used. Move uppercasing the domain out of smb_pwd_check_ntlmv2() Remove useless bool "upper_case_domain" parameter. Remove useless bool "upper_case_domain" parameter from ntv2_owf_gen(). Matthias Dieter Wallnöfer (8): s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values s4:dsdb_sort_objectClass_attr - simplify memory context handling LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<=" s4:dsdb - always fail if a search filter could not be parsed LDB:ldbsearch - search filters do not only contain "=" LDB:ldbsearch - add search filter tests LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets s4:samldb LDB module - remove unused "member" attribute from search filter Michael Adam (3): lib/util: add server_id_set_disconnected() and server_id_is_disconnected() s3: add a debug message for failed execv in sys_popen() s4:torture:basic: add more delete test - variants of deltest16 and deltest17 S Hargagan (1): Fix bug #9085 - NMB registration for a duplicate workstation fails with registration refuse Stefan Metzmacher (47): s4:cldap_server: set DS_SERVER_SELECT_SECRET_DOMAIN_6 if we're a RODC s4:cldap_server: only return DS_SERVER_*TIMESERV if "ntp_signd" is used s3:smb2_server: add some const to print_req_vectors() s3:smb2_server: verify the signature before the session_status s3:smb2_server: try to sign an error response if we have a signing key s4:libcli/smb2: reset trsnport->compound.related when a compound chain is finished libcli/smb: make sure the SMB2_TRANSFORM pdu is complete s3:smbd: make use of ENCRYPTION_REQUIRED() s3:smbd: lp_smb_encrypt() returns SMB_SIGNING_* values s3:smbd: don't disconnect the client when a share has "smb encrypt = required" s3:smb2_server: add SMB3 encryption support s3:smb2_negprot: annouce/negotiate SMB3 encryption support s3:selftest: add some tests against a share the requires encryption lib/util: add server_id_equal() s3:lib: implement serverid_equal() as macro of server_id_equal() lib/util: add server_id_from_string() s3:lib: implement interpret_pid() as wrapper of server_id_from_string() lib/util: let server_id_str() skip the task_id if 0 in the cluster case too s3:smb2_server: remove dump_data() from smbd_smb2_request_pending_timer() smbXsrv.idl: add nonce_* to smbsrv_session s3:smb2_server: use smbXsrv_session->nonce_* s3:smb2_break: encrypt OPLOCK BREAK notifications lib/param: fix usage of 'write list = +Group' s3:lib: remove CTDB_CONTROL_CHECK_SRVIDS optimization in serverids_exist() for now s3:lib: implement serverid_exists() as wrapper of serverids_exist() s3:g_lock: use serverid_exists() with SERVERID_UNIQUE_ID_NOT_TO_VERIFY s3:lib: implement process_exists() as wrapper of serverid_exists() lib/util: don't SMB_ASSERT() in process_exists_by_pid() s3:lib: SERVERID_UNIQUE_ID_NOT_TO_VERIFY only means not to verify the 'unique_id' part s3:lib: inline processes_exist() into serverids_exist() s3:lib: use server_id_is_disconnected() in serverids_exist() s3:lib: only loop over the server_ids we need to verify in serverids_exist() s3:lib: readd the CTDB_CONTROL_CHECK_SRVIDS optimization to serverids_exist() s3:lib: remove unused processes_exist() s3:lib: make sure we don't try to send messages to server_id's marked as disconnected libcli/smb: wscript_build => wscript libcli/smb: split out a smb_transport private library s4:librpc/rpc: use talloc_zero for 'struct rpc_request' s4:librpc/rpc: use dcerpc_req_dequeue() in dcerpc_request_recv_data() s4:librpc/rpc: also call dcerpc_schedule_io_trigger() after bind and alter_context responses s4:librpc/rpc: don't do async requests if gensec doesn't support async replies (bug #9097) s4:winbind: convert wb_sid2domain to tevent_req internally s4:winbind: convert wb_sam_logon_send/recv to tevent_req s4:winbind: convert wb_update_rodc_dns_send/recv to tevent_req s4:winbind: add a netlogon_queue (tevent_queue) s4:winbind: let wb_sam_logon_send/recv() use the netlogon_queue (bug #9097) s4:winbind: let wb_update_rodc_dns_send/recv use netlogon_queue (bug #9097) Volker Lendecke (8): s3-libsmb: Add a python wrapper s3-libsmb: Add a simple test for python bindings s4: Fix returns in py_check_dcerpc_type s3: Merge vfs_gpfs_hsm_notify into vfs_gpfs.c s3: Remove the gpfs_hsm_notify module s3-vfs: Fix calls of lp_parm_talloc_string s3: Adapt the tsmsm module to the new aio routines s4-torture: Test for #9058 ----------------------------------------------------------------------- -- Samba Shared Repository