[SCM] Samba Shared Repository - annotated tag release-4-0-0alpha11 created
Andrew Bartlett
abartlet at samba.org
Sun Jan 10 23:07:55 MST 2010
The annotated tag, release-4-0-0alpha11 has been created
at bd851a98184b02a057bbd9869ab037b1d5746a02 (tag)
tagging c41fb54cb7a1f647e239e4479e8603633685781e (commit)
replaces release-4-0-0alpha10
tagged by Andrew Bartlett
on Mon Jan 11 17:02:47 2010 +1100
- Log -----------------------------------------------------------------
This is Samba4 alpha11
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQBLSr8Tz4A8Wyi0NrsRAoixAJ94tITzoVSTx4GebM/5rgUV+ZEPhgCeIvFT
adnEIy3S5tCcMNt9iEd4Q6o=
=UnvL
-----END PGP SIGNATURE-----
Andreas Schneider (12):
tsocket: Fixed typo in LGPL header.
tsocket: Fixed documentation for tsocket_address_bsd_sockaddr().
tsocket: Fixed tsocket_guide.txt asciidoc syntax.
s4-kdc: Migrate to tsocket_address.
s4: Fixed the programming guide to reflect the current tree.
s4-gensec: Added remote and local setter/getter using tsocket.
s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.
s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.
s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.
s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.
s4-gensec: Remove obsolete socket_address vars and fns.
s4-kdc: Migrate tcp connections to tsocket.
Andrew Bartlett (15):
s4: On the way to alpha11
Merge commit 'origin/master' into abartlet-devel
s4:provision Give a more useful error message in guess_names
Samba4 and LDB requires talloc 2.0.1
s4:auth generate the prototype file in the right place
s4:auth Change 'get_challenge' API to be more like Samba3
s4:gensec Don't give a warning when Windows client connects with NTLM
libcli/auth Make gd's NDR NTLMSSP parsers helpers common
s3:ntlmssp: rename enum NTLMSSP_ROLE into enum ntlmssp_role
s3:ntlmssp: move to C99 integer types in ntlmssp.h
s3:ntlmssp: remove the typedef NTLMSSP_STATE
s3:ntlmssp: only include ntlmssp.h where actually needed
release notes for Samba4 alpha11 (to be released this week)
This is Samba4 alpha11!
more WHATSNEW4
Andrew Tridgell (276):
s4-dsdb: fixed steal of parentGUID for empty msg
s4-dsdb: use dsdb_module_search_dn in repl_meta_data
s4-ldb: added a missing ltdb_unlock_read()
s4-ldb: fixed nested searches inside ldb modules
s4-drs: use parentGUID attribute in getncchanges
s4-drs: ensure we fill in ncRoot_dn in getncchanges
s4-dsdb: added dsdb_functional_level() helper function
librpc: split out a separate GUID_from_ndr_blob() function
s4-dsdb: use GUID_from_ndr_blob() to create dsdb_get_extended_dn_guid()
s4-libcli: use new GUID functions in libcli
s4-smb2: use new GUID function in smb2 negprot
s4-dsdb: simplify schema code using new GUID functions
s4-dsdb: simplify linked attributes code using GUID functions
s4-dsdb: simplify samdb_result_guid()
s4-ldb: simplify ldif handlers using new GUID functions
libndr: added a GUID_to_ndr_blob() helper function
s3-ldb: use GUID_to_ndr_blob()
libcli: use GUID_to_ndr_blob()
s4-server: use GUID_to_ndr_blob() in cldap and smb servers
s4-libcli: use GUID_to_ndr_blob()
s4-libnet: use GUID_to_ndr_blob()
s4-ldb: use GUID_to_ndr_blob()
s4-dsdb: use GUID_to_ndr_blob()
util: added binsearch.h for binary array searches
s4-schema: use binsearch.h
s4-schema: use GUID_to_ndr_blob()
s4-libcli: GUID_from_ndr_blob() is strict about the blob size
s4-ldb: fixed 2 bugs in ldb_dn_set_extended_component()
s4-ldb: sort the linearized extended DN by component name
s4-ldb: added a new "reveal" control
s4-ldb: added a function to filter extended components of a ldb_dn
s4-ldb: added new ldb_dn extended components for linked attributes
s4-dsdb: use the reveal control to hide/show extended DN components
heimdal: work around differences between GNU and XSI strerror_r()
s4-dsdb: return a zero guid on error in samdb_result_guid()
s4-loadparm: call reload_charcnv() also for a missing smb.conf
s4-devel: support vampire_ad.sh with no initial smb.conf
s4-dsdb: added REVEAL_INTERNALS flag to dsdb_module_search_handle_flags()
s4-ntvfs: try to fix bug 6989
s4-dsdb: added dsdb_dn_is_deleted_val()
s4-dsdb: use dsdb_dn_is_deleted_val()
s4-dsdb: added dsdb_module_dn_by_guid()
s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls
s4-dsdb: dsdb_flags should be unsigned
s4-dsdb: fixed dsdb_module_dn_by_guid()
s4-dsdb: added dsdb_module_modify()
s4-dsdb: added a dsdb_module_rename() call
libds: added GUIDs for wellknown AD objects
s4-dsdb: added dsdb_wellknown_dn()
s4-dsdb: added dsdb_find_nc_root()
s4-dsdb: added dsdb_get_deleted_objects_dn()
ldap: give a debug error when we don't know a control
s4-ldb: added --show-deactivated-link command line option
s4-ldb: fixed a transaction error on prepare_commit
s4-ldb: show the OID of any unhandled critical controls
s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical
s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor
s4-dsdb: it is a better pattern to mark a control as done than remove it
s4-dsdb: also mark the relax control non-critical when done
s4-ldb: canonicalise the message on ldb_add
s4-scripts: add a enablerecyclebin script
s4-ldb: display msDS-OptionalFeatureGUID as a GUID
s4-dsdb: fixed the sort in dsdb_find_nc_root()
s4-dsdb: added ldb_dn_update_components()
s4-dsdb: declare ldb_dn_update_components()
s4-dsdb: greatly simplify the subtree_delete module
s4-ldb: fixed a valgrind error in ldbtest
s4-dsdb: stop warnings about unknown struct GUID in prototypes
s4-dsdb: give us an invocationID when in standalone mode
s4-provision: added a note about where invocationIDs come from
s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions
s4-dsdb: use varargs expression in dsdb_module_search()
s4-dsdb: added dsdb_get_extended_dn_uint64()
s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls
s4-dsdb: don't use a non-constant format string for a printf format
s4-repl: lower debug level of a common message
librpc: fixed the GUID_compare() function
s4-drs: another two unsigned comparison bugs
s4-schema: a unsigned comparison bug in the schema code
s4-torture: another unsigned comparison bug
s4-repl: only try to replicate for NCs that we are a master for
s4-kcc: don't crash with a NULL ntds connection list
s4-repl: give a reason why the prepare commit failed
s4-torture: update uuid_compare test for new behaviour
s4-schema: fixed the sorting of schema attributes
s4-net: fixed pwsettings command
s4-testpasswords: fixed CONFIG and quoting
s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)
s4-dsdb: add support for storing linked attribute meta data in extended DNs
s4-dsdb: add a TODO item for linked attributes in extended_dn_out
s4-dsdb: implemeneted replmd_modify_la_replace()
s4-dsdb: added support for backlinks in repl_meta_data
s4-dsdb: linked_attributes_modify no longer handles modifies
s4-dsdb: add a comment on the use of ldb_rename()
s4-dsdb: repl_meta_data now replaces objectguid in all cases
s4-dsdb: the linked_attributes module no longer handles deletes
s4-dsdb: added replmd_delete, based on Eduardos work
s4-dsdb: add linked attributes meta_data handling to replmd_add
s4-dsdb: remove linked_attributes_add
s4-dsdb: some backlinks can be processed immediately
s4-dsdb: do the rename after the modify in replmd_delete
s4-dsdb: simplify the linked_attributes module
s4-dsdb: handle links with no backlinks in replmd_delete
s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN
s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()
s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes
s4-dsdb: store full meta data from DRS for linked attributes
s4-dsdb: minor cleanup in DRS replicated objects code
s4-dsdb: ask for REVEAL_INTERNALS in getncchanges
s4-drs: added linked attribute replication to getncchanges
s4-dsdb: auto-upgrade w2k formatted linked attributes when modified
s4-ldb: use the RELAX control to disable single value checking on replace
s4-dsdb: added dsdb_dn_is_upgraded_link_val()
s4-drs: handle mixtures of old and new style links in getncchanges
s4-dsdb: added dsdb_check_single_valued_link()
s4-dsdb: move checking for single valued links to samba modules
s4-dsdb: fill in the correct version number of links that come over DRS
s4-drs: some useful debugging options for getncchanges
s4-drs: fixed the UDV return in getncchanges
s4-dsdb: use a common method for finding a link pair
s4-ldb: added ldb_module_get_ops()
s4-dsdb: added DSDB_FLAG_OWN_MODULE
sd-schema: order DRS classes on the wire in reverse order
s4-schema: don't fill in the extended DN with a zero GUID
s4-drs: give a reason when an AddEntry commit fails
s4-drs: we are doing the sorting for getncchanges in the app code now
s4-drs: implemented sorting functions based on replication flags
s4-drs: use the extended linearized form for DRS replication
s4-drs: send all linked attributes at the end of a replication cycle
s4-drs: update highwatermark after successfully encoding the object
s4-drs: treat a zero GUID as not present in replmd_add_fix_la
s4-drs: give an error message in repl_meta_data if we don't get a partition control
s4-drs: cope better with NULL GUIDS from DRS
s4-drs: use dsdb_module_guid_by_dn()
s4-drs: fixed typo for uSNCreated
s4-drs: update comment to refect only forward link in this fn
s4-drs: use DSDB_FLAG_OWN_MODULE
s4-drs: isRecycled only exists in FL W2K8-R2
s4-drs: don't try to remove backlinks directly
s4-dsdb: fixed valgrind error in replmd modify
s4-ldb: show the error code as well as errstr
s4-drs: set flag to indicate that we do support linked attributes
s4-dsdb: added parse functions for DRS linked attribute blobs
s4-drs: use dsdb linked attribute parse functions
s4-drs: use dsdb_module_rename()
s4-drs: re-resolve the DN in linked attribute processing
s4-drs: sort linked attributes
s4-ldb: added ldb_val_to_time()
s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()
s4-dsdb: use safe length limiting in string->integer conversion
s4-ldb: use safe length limited conversions for int64 and time
s4-ldb: declate ldb_val_to_time()
s4-ldbmodify: show the error code as well as error string
s4-ldb: allow modules to override error return values
s4-ldbtest: fixed message element in modify
s4-dsdb: added dsdb_set_extended_dn_guid()
s4-drs: make sure the DNs we put in the db have a extended GUID
s4-ldb: show an error string, as well as error message
s4-ldaptest: need to use MessageElement for modify messages
s4-dsdb: allow system to remove deleted objects
s4-dsdb: added dsdb_tombstone_lifetime()
s4-dsdb: make sure 'whenChanged' is set on modify
s4-ldb: fixed valgrind error: ares can be freed by callback
s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID
s4-dsdb: fixed several memory leaks
s4-kcc: added a preiodic task to remove deleted objects
s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs
libreplace: some systems don't have memmem()
s4-sddl: DRS replication needs REVISION_ADS for SDs
s4-drs: don't give an error on repsTo delete if add is also specified
s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
s4-dsdb: added samdb_reference_dn()
s4-ldb: added nice ldif display of 64 bit ranges for RIDs
s4-provision: added an initial RID Set
s4-dsdb: added samdb_rid_set_dn()
s4-provision: the DC object itself needs a fixed objectSID
s4-samldb: use RID Set to allocate user/group RIDs
s4-dsdb: move the RID allocation logic into ridalloc.c
s4-provision: allow provision modifies to add records
s4-dsdb: added dsdb_module_add()
s4-dsdb: added dsdb_module_reference_dn()
s4-dsdb: added dsdb_module_constrainted_update_integer()
s4-dsdb: added dsdb_next_callback()
s4-dsdb: use dsdb_next_callback()
s4-dsdb: implement creation of the RID Set object
s4-provision: don't hard wire the creation of the RID Set object
s4-dsdb: implement refresh of RID Set pool for a local RID Manager
s4-dsdb: fixed usage of rIDAllocationPool and rIDPreviousAllocationPool
s4-dsdb: clarify who is responsible for each attribute
s4-dsdb: added dsdb_module_set_integer()
s4-ridalloc: copy with missing rIDNextRid and rIDAllocationPool
s4-dsdb: added dsdb_find_guid_attr_by_dn()
s4-repl: added request for RID allocation in drepl task
s4-messaging: added a new msg type MSG_DREPL_ALLOCATE_RID
s4-dsdb: send a message to the drepl task when we need another RID pool
s4-dsdb: the dsdb ldb modules now need messagiing
s4-repl: allow for callbacks when a repl operation completes
s4-repl: implement MSG_DREPL_ALLOCATE_RID
s4-dsdb: added an extended operation for allocating a new RID pool
s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOC
s4-event: added s4_event_context_set_default()
s4-drs: added some debug messages
s4-dsdb: improve error messages in schema and pdc_fsmo modules
s4-ldb: improve error handling in indexing code
s4-provision: RID 1000 is consumed by the machine account
s4-provision: re-open sam.ldb after creating the schema
s4-devel: a useful script to setup bin/ and st/ as tmpfs filesystems
s4-partition: don't ignore errors from other modules
s4-libnet: better error messages in libnet_vampire.c
s4-idl: added some more wellknown attributeIDs
s4-idl: regenerate DRS IDL
s4-schema: make ldb_val to string comparison safer with nul termination
s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
s4-schema: added generic attributeID conversion functions
s4-provision: do a self join for all server types
s4-dsdb: no longer need special invocationID handling for standalone servers
s4-dsdb: added DSDB_FLAG_TOP_MODULE
s4-dsdb: ensure we will in all the attributes for RID Set
s4-dsdb: poke the RID Manager when completely out of RIDs too
s4-drs: we need to wrap extended operations in transactions
s4-smbd: setup the default event contexts for other process models
s4-scripting: we need to use a base search for the NTDS GUID
s4-partition: fixed selection of partitions on exact match
s4-dsdb: squash some unknown structure warnings
s4-dsdb: added dsdb_module_am_system()
s4-dsdb: allow specification of a SID if we are system
s4-dsdb: use dsdb_module_am_system() in acl module
s4-dsdb: fixed const misuse in acl module
s4-samba3samtest: use system credentials for creating users
s4-secdesc: fixed the sec_descriptor.py test
s4-acl: fixed acl.py test to use correct ldif
s4-dsdb: added a samba3sid module
s4-samba3sam: use samba3sid module
s4-samba3sid: the sambaNextRid attribute is actually the previous RID
s4-samba3samtest: force workgroup so the domain is right
s4-samba3sid: fixed error returns when res->count != 1 and oom
s4-samba3samtest: we need to force netbios name as well
s4-provision: added W2K8-R2 schema as provided by WSPP
s4-schema: added some debug for bad attributes
s4-schema: added adminDisplayName and adminDescription
s4-schema: switch to W2K8-R2 schema
s4-schema: fixed attributes of aggregate schema
s4-schema: added msDS-NcType to schema container
s4-schema: fixes for W2K8-R2 schema
s4-drs: added two more SPNs in addentry
s4-ldb: validate the type of the ldb argument to ldb_dn_new()
s4-drs: fixed usage of ldb_dn_new()
s4-messaging: fixed a memory leak in messaging_path()
s4-messaging: remove only usage of debug_ctx()
s4-debug: removed debug_ctx(). It didn't catch on :-)
s4-drs: fixed the NC in the getncchanges RID alloc reply
s4-idl: give a enum for attribute cn and a 'NONE' attribute
s4-drs: added filtering by udv in getncchanges
s4-drs: be less verbose when we filter objects by UDV
s4-drs: calculate and send a uptodateness_vector with replication requests
s4-drs: need to set the getncchanges extended_ret on success too
s4-libnet: dsdb_wellknown_dn() in vampire code
s4-drs: moved the DsWriteAccountSpn call to its own file
s4-dsdb: added samdb_ldb_val_case_cmp()
s4-drs: fixed writespn to ignore add/delete errors
s4-drs: having no SPNs to change is not an error
s4-drs: base is_nc_prefix on instanceType
s4-drs: give DN of failed replication partition
s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
s4-schema: fixed the SDDL for the schema root security descriptor
s4-samldb: fixed primaryGroupID when promoting a machine to a DC
s4-debug: lower the verbosity of a couple of common log messages
s4-drs: instanceType is always sent, regardless of UDV values
s4-dsdb: added samdb_domain_sid_cache_only()
s4-ldb: display security descriptors with correct SDL for known SIDs
s4-test: fixed make test without having done make install
s4-selftest: when a command fails show both normal and expanded command
Revert "s4:provision_users.ldif - Add objects for IIS"
Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group"
Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now"
Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode"
André Hentschel (1):
net: Add some German translation
Aravind Srinivasan (2):
s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server
s4 torture: Add new RAW-SEARCH test to explore strange max count behavior
Björn Jacke (15):
s3: make sys_posix_fallocate more generic
s3:doc: make dos filetimes description less contradictory
s3:configure: check for lutimes, futimes and futimens
s3: keep subsecond times on cross-filesystem moves and don't follow links
s3: add LDAP Alias Dereferencing support
s3: make own defines for ldap deref types
s3: add prototype to fix the build
s3:docs: document ldap deref
vfs_commit: print warning when no fsync support is there
Ñ3:configure: use gettimeofday check from lib/util/
s3:lib/time: remove unused nt_time_equals
s3:lib/time: remoce null_mtime() - use null_time()
Ñ3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/
lib/util: move TIME_T_MIN/MAX defines into header file
s3:lib/time: remove TIME_T_MIN/MAX defines
Bo Yang (6):
s3: Give the user a chance to change password when password will expire soon.
s3: Fix build on non-linux platform.
s3: check for PAM_RADIO_TYPE.
s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
s3: Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query.
s3: List trusted domains from wcache when domain is offline.
Brendan Powers (6):
Return NULL in strlower_talloc if src is NULL
s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message
s4-dsdb: Move get_last_structural class from descriptor.c to util.c
s4-dsdb: return an error if samAccountName is not specified when creating a user.
s4-dsdb: fix handling of AUX classes in objectclass_sort
s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user
Brian Lu (5):
librpc/ndr: avoid comparison_fn_t to fix the openchange build on solaris
s4:tls: fix the build on Solaris
tevent: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
talloc: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
tdb: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
Endi Sukma Dewata (1):
s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's.
Günther Deschner (45):
spoolss: add more spoolss architectures to IDL.
s3-spoolss: use SPOOLSS_ARCHITECTURE_ALL in driver enum server code.
s4-smbtorture: enhance spoolss_EnumPrinterKey torture test.
spoolss: add spoolss_KeyNames union.
spoolss: use spoolss_KeyNames in spoolss_EnumPrinterKey.
s3: re-run make samba3-idl.
s3-spoolss: fix enumprinter key client and server.
s4-smbtorture: fix and extend enum printerkey test.
spoolss: remove unused spoolss_StringArray2.
s4-smbtorture: add more spoolss_EnumPrinterKey tests for local NDR test.
s3-rpcclient: allow to set offered size for enumkey command.
s3-selftest: enable RPC-SAMBA3-WINREG.
s4-smbtorture: check whether a returned buffer size is a multiple of 4 in RPC-SPOOLSS.
spoolss: trivial fix for spoolss_FormInfo2 IDL.
spoolss: fix spoolss_PrinterData size calculation.
s4-smbtorture: run GetPrinterDriver2 tests against each printer's driver.
s3-pdbedit: allow to call "pdbedit -N description -u user" without specifiyng "-r".
spoolss: add spoolss_DriverInfo7.
spoolss: more mork on SetPrinterInfo() levels.
s3-spoolss: fix rpcclient after setprinter IDL fixes.
s4-smbtorture: fix smbtorture after setprinter IDL fixes.
tdbtool: avoid using c++ reserved words.
s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR.
s4-smbtorture: skip GetAliasMembership against s4.
s3-docs: add new pam_winbind.conf(5) manpage.
s3-docs: mention pam_winbind.conf(5) manpage in pam_winbind(8) manpage.
s3-docs: not working for SuSE anymore...
s3-docs: mention all long option names in samba.entities file.
s3-docs: mention long and undocumented option names in pdbedit manpage.
s3-docs: mention long option names in smbtree manpage.
s3-docs: mention -O, --stdout in smbget manpage.
s3-docs: mention long and undocumented option names in smbclient manpage.
s3-docs: mention long and undocumented option names in smbcacls manpage.
s3-docs: mention long and undocumented option names in rpcclient manpage.
s3-docs: mention -M option and remove nonexisting -G option in pdbedit manpage.
s3-net: use generated krb5.conf in 'net ads testjoin'
s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.
s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.
s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.
s3-docs: fix eventlogadm manpage typo.
testprogs: add win32 spoolss testsuite.
testprogs: pass down architecture in spoolss test.
testprogs: add support for "print" option in win32 spoolss torture test.
s3-docs: mention -K option in pdbedit manpage.
s3-time: fix build warnings after we moved to shared time functions.
Jelmer Vernooij (37):
Fix initialisation of TypeObject samba.param.LoadparmService.
tdb: Fix formatting of API check file.
tdb: Also build and install tdb manpages from standalone tdb.
ldb_wrap: Fix compilation when using system ldb.
provision/pyldb: Avoid linking in static python ldb module.
param: Fix build on systems without ldb installed.
py_net/libnet: Remove C++-style comments, add more error checking, move
python: Remove sys.path line rather than updating it when installing to python system path.
net: Support implementing subcommands in python.
net: Support usage/help of subcommands implemented in Python.
s4/net: Support parsing arguments in Python commands.
netcmd: Add some basic tests.
s4/net: Make pwsettings a net subcommand.
Use CommandError exception to deal with problems during net commands.
s4/net: Use d_printf consistently when reporting errors.
s4/net: Add domainlevel subcommand.
s4/net: Pass all arguments through to the Python commands.
s4/net: Allow options before arguments for Python commands.
python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py.
net: Make arguments available to python commands as sys.argv.
dsdb: Fix dependencies when building against system ldb.
net: Allow python subcommands to provide commands that are not recognized by
Fix commands in password tests.
blackbox.passwords: Use convenience variable for net.
net: Allow Python commands to return None instead of 0.
net: Move 'setpassword' to 'net setpassword'.
net: Move setexpiry to 'net setexpiry'
net: Fix tests and documentation of setexpiry.
net: Move 'newuser' to 'net newuser'
net: Support 'super' commands implemented in Python.
pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
samba: Fix whitespace, remove pointless 'pass' statement.
py/security: Add test for dom_sid.split.
s4/build: Indicate whether Samba4 is being built against the system
heimdal_build: Explicitly specify 'YES' when enabling external
ldb: Fix the standalone ldb build.
linked_attributes: Fix missing dependency on util.
Jeremy Allison (20):
Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level.
Add helpful debug of DACL for errors on ACL access.
Final part of the fix for 6837 - "Too many open files" when trying to access large number of files
Fix bug #6939 - mangling method = hash breaks long filenames.
Update default with correct value. Add a note about Win7 behavior
Vector correctly through reply_openerror() (which uses the same logic).
Always map EMFILE to ERRDOS, ERRnofids, *NOT* NT_STATUS_TOO_MANY_OPENED_FILES.
reply_force_nterror() is not used anywhere. Remove it.
reply_doserror() doesn't force DOS errors on the wire.
Actually explain the twisty paths of tortured logic behind
Rename 282 -> ERReasnotsupported.
Remove all calls to reply_doserror - turn them into
Rename reply_doserror() -> reply_force_doserror().
Fix bug reported in mangle_hash code (no bugid yet).
The posix acl version of set_nt_acl() could set the stat_ex
Attempt to fix one of the last two bugs with the full Windows ACL support.
Fix the merged build. Probably not strictly correct but allows us to "make test".
Fix bug #7020 - smbd using 2G memory.
Second part of the fix for bug #7020 - smbd using 2G memory.
Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
Jim McDonough (1):
Prevent NULL dereference if group has no members
Jonas Gorski (1):
s3: Fix bug 6992, make test for getgrouplist cacheable
Kai Blin (2):
s3 net: Add a few missing gettext calls.
s3 net: Fix up a share type translation and translate some more strings
Kamen Mazdrashki (23):
s4-drstest: Don't remove temp LDB so it can be reviewed if necessary
s4-drs: Fix bug - prefixMap is not updated when adding new OIDs.
s4-tort: Move Schema tests from ldap.py into separate module
s4-tort: Tests for "msDS-IntId" attribute implemented
Revert "s4-drs: cope with bogus empty attributes from w2k8-r2"
s4-schema: Set ATTID in schema cache from "msDS-IntId"
s4-schema: Constraints on msDS-IntId attribute
s4-schema: Implement msDS-IntId attribute generation
s4-dsdb-util: Utility function to process ldb_request in transaction
s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM
s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control
s4-tort: Test handling of different ATTID values in prefixMap interface.
s4-drs: Implement constraints on ATTID values in prefixMap
s4-net: Fix 'talloc_free with references ...' error
s4-libnet: Python binding for libnet_SetPassword()
s4-libnet: Simple test for net.SetPassword() python binding
s4: Fix result check for getaddrinfo()
s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
s4/dsdb_schema: use msDS-IntId value for attribute look-up
s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB
Karolin Seeger (6):
WHATSNEW4: Samba 3.0 is not up-to-date.
s3:packaging: Fix typo in comment.
s3:packaging: Fix source dir.
s3:packaging: Fix version detection.
s3:loadparm: Change the "ldap deref" value "defualt" to "auto".
s3:docs: Fix 'make manpages3'.
Matthias Dieter Wallnöfer (22):
s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
s4:utils/oLschema2ldif.c - remove (now) unused variables
s4:operational LDB module - cosmetic - reorder an attribute list
s4:"samdb_set_password_sid" - clean up created objects correctly
s4:drsuapi/getncchanges.c - Update the list of operational attributes
s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message
s4:"samdb_set_password" - remove delete instructions
s4:lib/registry/util.c - Reintroduce "FIXME"s
s4:ldap_schema.py - Move generated attributes check
s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory"
s4:schema_load.c - Typo
s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes
s4:SAMLDB LDB module - Fix trailing whitespaces
s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group
s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
s4:provision_users.ldif - Add objects for IIS
s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
s4:upgradeprovision - Reformat comments
s4:upgradeprovision - fix up the script regarding linked attributes
Matthieu Patou (11):
librpc/ndr: add support for relative_short pointers
pidl: Introduce new dirrective: relative_short
idl: introduce new file: dfsblobs.idl
torture: add new tests for dfsblobs
add ignore for autogenrated files as they are not used by s3
s4: reorder action to permit old provision to be correctly upgraded
s4: upgradeprovision rename also when there is a mismatch on the case of name attribute
s4: upgradeprovision handle renaming and knownobjects
s4: rename res/res2 to something more explicit
s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch
s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify
Michael Adam (15):
s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check
s3:pdb_set_pw_history: free the old history before setting the new.
s3:check_sam_security: untangle assignment from statement
s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers
s3:auth:sam_password_ok: fix allocation of a data blob.
s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()
s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass
s3:auth:check_sam_security: null out sampass after it has been stolen.
s3:auth:check_sam_security: create (and use) a common exit point
s3:auth:check_sam_security: fix a leading tab/ws mixup
s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account
s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash
s3:passdb: store the plain nt passwords hashes in history, not salted md5
s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation
s3:auth: don't update the bad pw count if pw is among last 2 history entries
Nadezhda Ivanova (7):
Implementation of sDRightsEffective, allowedAttributesEffective and allowedChildClassesEffective.
Fixed a problem with duplicate values of allowedAttributesEffective.
Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.
Fixed incorrect checking of PRINCIPAL_SELF permissions.
Added oid for AS_SYSTEM control, used to bypass access checks for system operations.
Added freeing a successful req so it doesnt croud the ldb context
Adapted acl module to skip checks if as_system control is provided.
Peter Rosin (1):
Output %p as unsigned in snprintf replacement.
Simo Sorce (6):
Fix release script to work with recent git versions
s4: Fix the build
s4:ldb Fix declaration in the middle of the code
s4:cleanups remove trailing spaces and tabs
s4:cleanups More trailing spaces and tabs
Fix comment
Stefan Metzmacher (46):
librpc/ndr: add missing prototypes for relative_short functions
tsocket: add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr()
s4:prog_guide4.txt: remove obsolete comments
s4:gensec: allow clearing local and remote address by passing NULL
s4:kdc: convert UDP based communication to tdgram_context
s4:kdc: setup the local and remote tsocket_address at accept time
tevent: prefix types and defined with tevent_ and TEVENT_
tsocket: allow AF_UNIX sockaddrs smaller than sizeof(sockaddr_un)
tsocket: only copy the specific part of sockaddr*
s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address
s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address
s4:smb_server: fix mixing socket_address and tsocket_address
s4:smbd: hold tsocket_addresses on the stream_connection
s4:kdc: use the remote and local address from the stream_connection struct
s4:gensec: change gensec_update_send/recv to tevent_req
s4:auth: change auth_check_password_send/recv to tevent_req
s4:ntlmssp: fix whitespaces in ntlmssp.h
s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
s3:ntlmssp: fix spelling
s3:ntlmssp: fix whitespace in ntlmssp.h
s3:ntlmssp: remove unused ref_count from ntlmssp_state
s3:ntlmssp: remove unused ntlmssp_stored_response()
s3:ntlmssp: move some indentation in ntlmssp_sign.c
s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
s4:auth: remove autogenerated auth/ntlm/auth_proto.h
s4:auth: make auth_challenge_may_be_modified() public
s4:auth: add auth_get_server_info_principal() prototype to auth.h
s3:ntlmssp: change get_challange() to return NTSTATUS
s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
s4:ntlmssp_server: remove unused variable
s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()
s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()
s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()
s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()
s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop
s4:ntlmssp: remove mem_ctx from check_password() callback to match s3
s3: Happy New Year 2010
s4: Happy New Year 2010
blackbox/test_export_keytab.sh: use VALGRIND for samba4kinit
blackbox/test_export_keytab.sh: correctly remove temporary files
s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req
tdb: fix standalone 'make installdocs'
s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
libcli/util: add tstream_read_pdu_blob_send/recv
s4:kdc: the ->process function returns "bool"
s4:kdc: use LIBSAMBA_TSOCKET
Steven Danneman (2):
s4/torture: add more lock cancellation tests
s4/torture: fix small bug in lock test
Suresh Jayaraman (1):
doc: update mount.cifs man page with nounix option
Tim Prouty (13):
s4 torture: Add SHARE_DELETE to create_directory_handle
s4 torture: close handle instead of using exit
s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode
s4 torture: Parameterize streams delete behavior rather than commenting out the check.
s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle
s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file
s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3
s4 torture: Do a better job of closing open files in RAW-OPLOCK.
s4 torture: Be more permissive with share modes for oplock testing
s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior
s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19
s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share
s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files
Volker Lendecke (103):
s3: Fix a very embarrassing build failure
s3: Allow up to 20480 entries in LookupSids, as mandated by the official IDL
s3: Fix _samr_GetAliasMembership for results with 0 rids
smbtorture4: Add rpc-samba3-getaliasmembership-0
s3: Run RPC-SAMBA3-GETALIASMEMBERSHIP-0 in make test
s3: Fix an error case in cli_negprot
s3: Remove unused winbindd_lookupsid_async
s3: Remove unused winbindd_lookupname_async
s3: Remove unused winbindd_getsidaliases_async
s3: Remove unused query_user_async
s3: Remove unused do_async_domain
s3: Remove unused winbindd_sid2uid_async
s3: Remove unused winbindd_sid2gid_async
s3: Remove unused winbindd_uid2sid_async
s3: Remove unused winbindd_gid2sid_async
s3: Remove unused do_async
s3: Remove some unused dual functions
s3: Remove unused winbindd_dual_userinfo
s3: Remove unused winbindd_dual_lookupsid
s3: Remove unused winbindd_dual_lookupname
s3: Remove unused winbindd_dual_getdcname
s3: Remove unused winbindd_dual_getuserdomgroups
s3: Remove an unused struct definition
s3: Remove unused winbindd_dual_getsidaliases
s3: Remove unused get_sam_group_entries
s3: Fix some nonempty blank lines
s3: Shrink winbindd_proto.h a bit
s3:winbindd: Fix a brown paper bag bug in wbinfo -t ...
s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc
s3: Move smb_splice_chain to smbd/process.c, its only user
s3: Remove a pointless else branch
s3: Restore correct timeouts for SMB requests
s3: Remove unused sendto_child()
s3: Remove some unused code
s3: wbinfo --ping-dc is not cacheable
s3: Remove some pointless casts
s3: Remove some pointless SMB_ASSERTs
s3: Fix a 64-bit error
s3: Fix a comment in conn_cache.c
s3: Remove some unnecessary variables from libsmb/conn_cache.c
s3: Remove unused flush_negative_conn_cache()
s3: Remove unused delete_negative_conn_cache()
s3: getgrent_state has been replaced by grent_state
s3: winbindd_cli_state->getgrent_state is no longer used
s3: Fix some nonempty blank lines
s3: Replace IS_DOMAIN_OFFLINE by a function
s3: Fix a bogus uninitialized variable warning
s3: Fix a typo found by Matthias Dieter Wallnöfer <mdw at samba.org> -- thanks :-)
s3:winbind Make the normal client exit message a bit more understandable
s3: Simplify "setup_domain_child" slightly
s3: Simplify winbindd_list_trusted_domains() slightly
s3: Remove some unused code
s3: Simplify winbindd_ads.c:trusted_domains()
s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains)
s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid()
s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
s3: Introduce domain_is_forest_root() helper function
s3: Adapt sid_dup_talloc to README.Coding
s3: Make free_domain_list() static
s3: Avoid adding a domain twice
s3: Use global_sid_Builtin in find_builtin_domain
s3: simplify find_root_domain, find_our_domain() never fails
s3: Fix a typo
s3: Convert cli_session_setup_kerberos to the async API
s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value
s3: Convert cli_sesssetup_ntlmssp to the async API
s3: Remove some unused code
libwbclient: Remove a pointless check
s3: Fix some nonempty blank lines
s3: Slightly simplify winbindd_dual_ccache_ntlm_auth
s3: Convert cli_tdis to the async API
s3: Convert cli_ulogoff to the async API
s3: Fix an uninitialized variable warning
s3: Fix a shadowed variable warning
s3: Trim down smbcontrol a bit
s3: Avoid a memset(, 0, ) call
s3: Fix a typo
s3: Simplify pdb_set_plaintext_passwd() slightly
s3: Simplify pdb_set_plaintext_passwd() a bit
s3: Make use of talloc_array in pdb_set_plaintext_passwd()
s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array
s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes
s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition
s3: Add a paranoia check to pdb_set_plaintext_passwd()
s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above
s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore
Simplify E_md5hash a bit
s3: Factor password_in_history() out of check_passwd_history()
s3: Lock down some srvsvc calls according to what w2k3 seems to do
s3: Remove some code that has become unnecessary
s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()
s3: Slightly simplify winbindd_store_creds
s3: Remove a pointless "else" branch from add_ccache_to_list()
s3: Trim down some utilities a bit
s3: Trim libnss_wins.so
s3: Remove the typedef for "auth_usersupplied_info"
s3: Remove the typedef for "auth_serversupplied_info"
s3: Remove unused samr_make_sam_obj_sd
s3: Replace most calls to sid_append_rid() by sid_compose()
s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid
s3: Use sid_check_is_domain instead of a direct sid_equal
s3: Fix some nonempty blank lines
s3: Remove some unused variables
Zach Loafman (1):
s4 torture: Convert RAW-OPEN to suite form
Zachary Loafman (1):
s4 torture: Add test to show archive bit behavior with directories
brendan powers (1):
s4-ntvfs: check if pvfs is NULL in pvfs_logoff
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list