[SCM] Samba Shared Repository - annotated tag release-4-0-0alpha11 created

Andrew Bartlett abartlet at samba.org
Sun Jan 10 23:07:55 MST 2010

The annotated tag, release-4-0-0alpha11 has been created
        at  bd851a98184b02a057bbd9869ab037b1d5746a02 (tag)
   tagging  c41fb54cb7a1f647e239e4479e8603633685781e (commit)
  replaces  release-4-0-0alpha10
 tagged by  Andrew Bartlett
        on  Mon Jan 11 17:02:47 2010 +1100

- Log -----------------------------------------------------------------
This is Samba4 alpha11
Version: GnuPG v1.4.10 (GNU/Linux)


Andreas Schneider (12):
      tsocket: Fixed typo in LGPL header.
      tsocket: Fixed documentation for tsocket_address_bsd_sockaddr().
      tsocket: Fixed tsocket_guide.txt asciidoc syntax.
      s4-kdc: Migrate to tsocket_address.
      s4: Fixed the programming guide to reflect the current tree.
      s4-gensec: Added remote and local setter/getter using tsocket.
      s4-gensec: Replace gensec_set_my_addr() with new tsocket based fn.
      s4-gensec: Replace gensec_get_my_addr with new tsocket based fn.
      s4-gensec: Replace gensec_set_peer_addr with new tsocket based fn.
      s4-gensec: Replace gensec_get_peer_addr with new tsocket based fn.
      s4-gensec: Remove obsolete socket_address vars and fns.
      s4-kdc: Migrate tcp connections to tsocket.

Andrew Bartlett (15):
      s4: On the way to alpha11
      Merge commit 'origin/master' into abartlet-devel
      s4:provision Give a more useful error message in guess_names
      Samba4 and LDB requires talloc 2.0.1
      s4:auth generate the prototype file in the right place
      s4:auth Change 'get_challenge' API to be more like Samba3
      s4:gensec Don't give a warning when Windows client connects with NTLM
      libcli/auth Make gd's NDR NTLMSSP parsers helpers common
      s3:ntlmssp: rename enum NTLMSSP_ROLE into enum ntlmssp_role
      s3:ntlmssp: move to C99 integer types in ntlmssp.h
      s3:ntlmssp: remove the typedef NTLMSSP_STATE
      s3:ntlmssp: only include ntlmssp.h where actually needed
      release notes for Samba4 alpha11 (to be released this week)
      This is Samba4 alpha11!
      more WHATSNEW4

Andrew Tridgell (276):
      s4-dsdb: fixed steal of parentGUID for empty msg
      s4-dsdb: use dsdb_module_search_dn in repl_meta_data
      s4-ldb: added a missing ltdb_unlock_read()
      s4-ldb: fixed nested searches inside ldb modules
      s4-drs: use parentGUID attribute in getncchanges
      s4-drs: ensure we fill in ncRoot_dn in getncchanges
      s4-dsdb: added dsdb_functional_level() helper function
      librpc: split out a separate GUID_from_ndr_blob() function
      s4-dsdb: use GUID_from_ndr_blob() to create dsdb_get_extended_dn_guid()
      s4-libcli: use new GUID functions in libcli
      s4-smb2: use new GUID function in smb2 negprot
      s4-dsdb: simplify schema code using new GUID functions
      s4-dsdb: simplify linked attributes code using GUID functions
      s4-dsdb: simplify samdb_result_guid()
      s4-ldb: simplify ldif handlers using new GUID functions
      libndr: added a GUID_to_ndr_blob() helper function
      s3-ldb: use GUID_to_ndr_blob()
      libcli: use GUID_to_ndr_blob()
      s4-server: use GUID_to_ndr_blob() in cldap and smb servers
      s4-libcli: use GUID_to_ndr_blob()
      s4-libnet: use GUID_to_ndr_blob()
      s4-ldb: use GUID_to_ndr_blob()
      s4-dsdb: use GUID_to_ndr_blob()
      util: added binsearch.h for binary array searches
      s4-schema: use binsearch.h
      s4-schema: use GUID_to_ndr_blob()
      s4-libcli: GUID_from_ndr_blob() is strict about the blob size
      s4-ldb: fixed 2 bugs in ldb_dn_set_extended_component()
      s4-ldb: sort the linearized extended DN by component name
      s4-ldb: added a new "reveal" control
      s4-ldb: added a function to filter extended components of a ldb_dn
      s4-ldb: added new ldb_dn extended components for linked attributes
      s4-dsdb: use the reveal control to hide/show extended DN components
      heimdal: work around differences between GNU and XSI strerror_r()
      s4-dsdb: return a zero guid on error in samdb_result_guid()
      s4-loadparm: call reload_charcnv() also for a missing smb.conf
      s4-devel: support vampire_ad.sh with no initial smb.conf
      s4-dsdb: added REVEAL_INTERNALS flag to dsdb_module_search_handle_flags()
      s4-ntvfs: try to fix bug 6989
      s4-dsdb: added dsdb_dn_is_deleted_val()
      s4-dsdb: use dsdb_dn_is_deleted_val()
      s4-dsdb: added dsdb_module_dn_by_guid()
      s4-dsdb: rename dsdb_module_search_handle_flags to dsdb_request_add_controls
      s4-dsdb: dsdb_flags should be unsigned
      s4-dsdb: fixed dsdb_module_dn_by_guid()
      s4-dsdb: added dsdb_module_modify()
      s4-dsdb: added a dsdb_module_rename() call
      libds: added GUIDs for wellknown AD objects
      s4-dsdb: added dsdb_wellknown_dn()
      s4-dsdb: added dsdb_find_nc_root()
      s4-dsdb: added dsdb_get_deleted_objects_dn()
      ldap: give a debug error when we don't know a control
      s4-ldb: added --show-deactivated-link command line option
      s4-ldb: fixed a transaction error on prepare_commit
      s4-ldb: show the OID of any unhandled critical controls
      s4-dsdb: don't actually remove the sd_flags control, just mark it non-critical
      s4-dsdb: when the SD_FLAGS control is set, don't remove nTSecurityDescriptor
      s4-dsdb: it is a better pattern to mark a control as done than remove it
      s4-dsdb: also mark the relax control non-critical when done
      s4-ldb: canonicalise the message on ldb_add
      s4-scripts: add a enablerecyclebin script
      s4-ldb: display msDS-OptionalFeatureGUID as a GUID
      s4-dsdb: fixed the sort in dsdb_find_nc_root()
      s4-dsdb: added ldb_dn_update_components()
      s4-dsdb: declare ldb_dn_update_components()
      s4-dsdb: greatly simplify the subtree_delete module
      s4-ldb: fixed a valgrind error in ldbtest
      s4-dsdb: stop warnings about unknown struct GUID in prototypes
      s4-dsdb: give us an invocationID when in standalone mode
      s4-provision: added a note about where invocationIDs come from
      s4-dsdb: added two new dsdb_get_extended_dn_*() helper functions
      s4-dsdb: use varargs expression in dsdb_module_search()
      s4-dsdb: added dsdb_get_extended_dn_uint64()
      s4-dsdb: added DSDB_MODIFY_RELAX flag to the dsdb_module_*() calls
      s4-dsdb: don't use a non-constant format string for a printf format
      s4-repl: lower debug level of a common message
      librpc: fixed the GUID_compare() function
      s4-drs: another two unsigned comparison bugs
      s4-schema: a unsigned comparison bug in the schema code
      s4-torture: another unsigned comparison bug
      s4-repl: only try to replicate for NCs that we are a master for
      s4-kcc: don't crash with a NULL ntds connection list
      s4-repl: give a reason why the prepare commit failed
      s4-torture: update uuid_compare test for new behaviour
      s4-schema: fixed the sorting of schema attributes
      s4-net: fixed pwsettings command
      s4-testpasswords: fixed CONFIG and quoting
      s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error)
      s4-dsdb: add support for storing linked attribute meta data in extended DNs
      s4-dsdb: add a TODO item for linked attributes in extended_dn_out
      s4-dsdb: implemeneted replmd_modify_la_replace()
      s4-dsdb: added support for backlinks in repl_meta_data
      s4-dsdb: linked_attributes_modify no longer handles modifies
      s4-dsdb: add a comment on the use of ldb_rename()
      s4-dsdb: repl_meta_data now replaces objectguid in all cases
      s4-dsdb: the linked_attributes module no longer handles deletes
      s4-dsdb: added replmd_delete, based on Eduardos work
      s4-dsdb: add linked attributes meta_data handling to replmd_add
      s4-dsdb: remove linked_attributes_add
      s4-dsdb: some backlinks can be processed immediately
      s4-dsdb: do the rename after the modify in replmd_delete
      s4-dsdb: simplify the linked_attributes module
      s4-dsdb: handle links with no backlinks in replmd_delete
      s4-dsdb: split RMD_USN into RMD_LOCAL_USN and RMD_ORIGINATING_USN
      s4-dsdb: allow the component name to be specified in dsdb_get_extended_dn_guid()
      s4-dsdb: add REVEAL_INTERNALS in the search for linked_attributes
      s4-dsdb: store full meta data from DRS for linked attributes
      s4-dsdb: minor cleanup in DRS replicated objects code
      s4-dsdb: ask for REVEAL_INTERNALS in getncchanges
      s4-drs: added linked attribute replication to getncchanges
      s4-dsdb: auto-upgrade w2k formatted linked attributes when modified
      s4-ldb: use the RELAX control to disable single value checking on replace
      s4-dsdb: added dsdb_dn_is_upgraded_link_val()
      s4-drs: handle mixtures of old and new style links in getncchanges
      s4-dsdb: added dsdb_check_single_valued_link()
      s4-dsdb: move checking for single valued links to samba modules
      s4-dsdb: fill in the correct version number of links that come over DRS
      s4-drs: some useful debugging options for getncchanges
      s4-drs: fixed the UDV return in getncchanges
      s4-dsdb: use a common method for finding a link pair
      s4-ldb: added ldb_module_get_ops()
      s4-dsdb: added DSDB_FLAG_OWN_MODULE
      sd-schema: order DRS classes on the wire in reverse order
      s4-schema: don't fill in the extended DN with a zero GUID
      s4-drs: give a reason when an AddEntry commit fails
      s4-drs: we are doing the sorting for getncchanges in the app code now
      s4-drs: implemented sorting functions based on replication flags
      s4-drs: use the extended linearized form for DRS replication
      s4-drs: send all linked attributes at the end of a replication cycle
      s4-drs: update highwatermark after successfully encoding the object
      s4-drs: treat a zero GUID as not present in replmd_add_fix_la
      s4-drs: give an error message in repl_meta_data if we don't get a partition control
      s4-drs: cope better with NULL GUIDS from DRS
      s4-drs: use dsdb_module_guid_by_dn()
      s4-drs: fixed typo for uSNCreated
      s4-drs: update comment to refect only forward link in this fn
      s4-drs: use DSDB_FLAG_OWN_MODULE
      s4-drs: isRecycled only exists in FL W2K8-R2
      s4-drs: don't try to remove backlinks directly
      s4-dsdb: fixed valgrind error in replmd modify
      s4-ldb: show the error code as well as errstr
      s4-drs: set flag to indicate that we do support linked attributes
      s4-dsdb: added parse functions for DRS linked attribute blobs
      s4-drs: use dsdb linked attribute parse functions
      s4-drs: use dsdb_module_rename()
      s4-drs: re-resolve the DN in linked attribute processing
      s4-drs: sort linked attributes
      s4-ldb: added ldb_val_to_time()
      s4-dsdb: use ldb_val_to_time() instead of ldb_string_to_time()
      s4-dsdb: use safe length limiting in string->integer conversion
      s4-ldb: use safe length limited conversions for int64 and time
      s4-ldb: declate ldb_val_to_time()
      s4-ldbmodify: show the error code as well as error string
      s4-ldb: allow modules to override error return values
      s4-ldbtest: fixed message element in modify
      s4-dsdb: added dsdb_set_extended_dn_guid()
      s4-drs: make sure the DNs we put in the db have a extended GUID
      s4-ldb: show an error string, as well as error message
      s4-ldaptest: need to use MessageElement for modify messages
      s4-dsdb: allow system to remove deleted objects
      s4-dsdb: added dsdb_tombstone_lifetime()
      s4-dsdb: make sure 'whenChanged' is set on modify
      s4-ldb: fixed valgrind error: ares can be freed by callback
      s4-dsdb: fixed samdb_create_foreign_security_principal() to use the wellknown GUID
      s4-dsdb: fixed several memory leaks
      s4-kcc: added a preiodic task to remove deleted objects
      s4-dsdb: switched to using RMD_FLAGS instead of DELETED in extended DNs
      libreplace: some systems don't have memmem()
      s4-sddl: DRS replication needs REVISION_ADS for SDs
      s4-drs: don't give an error on repsTo delete if add is also specified
      s4-dsdb: force REVISION_ADS for new and updated ACLs in dsdb
      s4-dsdb: added samdb_reference_dn()
      s4-ldb: added nice ldif display of 64 bit ranges for RIDs
      s4-provision: added an initial RID Set
      s4-dsdb: added samdb_rid_set_dn()
      s4-provision: the DC object itself needs a fixed objectSID
      s4-samldb: use RID Set to allocate user/group RIDs
      s4-dsdb: move the RID allocation logic into ridalloc.c
      s4-provision: allow provision modifies to add records
      s4-dsdb: added dsdb_module_add()
      s4-dsdb: added dsdb_module_reference_dn()
      s4-dsdb: added dsdb_module_constrainted_update_integer()
      s4-dsdb: added dsdb_next_callback()
      s4-dsdb: use dsdb_next_callback()
      s4-dsdb: implement creation of the RID Set object
      s4-provision: don't hard wire the creation of the RID Set object
      s4-dsdb: implement refresh of RID Set pool for a local RID Manager
      s4-dsdb: fixed usage of rIDAllocationPool and rIDPreviousAllocationPool
      s4-dsdb: clarify who is responsible for each attribute
      s4-dsdb: added dsdb_module_set_integer()
      s4-ridalloc: copy with missing rIDNextRid and rIDAllocationPool
      s4-dsdb: added dsdb_find_guid_attr_by_dn()
      s4-repl: added request for RID allocation in drepl task
      s4-messaging: added a new msg type MSG_DREPL_ALLOCATE_RID
      s4-dsdb: send a message to the drepl task when we need another RID pool
      s4-dsdb: the dsdb ldb modules now need messagiing
      s4-repl: allow for callbacks when a repl operation completes
      s4-repl: implement MSG_DREPL_ALLOCATE_RID
      s4-dsdb: added an extended operation for allocating a new RID pool
      s4-dsdb: added support for DRSUAPI_EXOP_FSMO_RID_ALLOC
      s4-event: added s4_event_context_set_default()
      s4-drs: added some debug messages
      s4-dsdb: improve error messages in schema and pdc_fsmo modules
      s4-ldb: improve error handling in indexing code
      s4-provision: RID 1000 is consumed by the machine account
      s4-provision: re-open sam.ldb after creating the schema
      s4-devel: a useful script to setup bin/ and st/ as tmpfs filesystems
      s4-partition: don't ignore errors from other modules
      s4-libnet: better error messages in libnet_vampire.c
      s4-idl: added some more wellknown attributeIDs
      s4-idl: regenerate DRS IDL
      s4-schema: make ldb_val to string comparison safer with nul termination
      s4-schema: added dsdb_attribute_by_lDAPDisplayName_ldb_val
      s4-schema: added generic attributeID conversion functions
      s4-provision: do a self join for all server types
      s4-dsdb: no longer need special invocationID handling for standalone servers
      s4-dsdb: added DSDB_FLAG_TOP_MODULE
      s4-dsdb: ensure we will in all the attributes for RID Set
      s4-dsdb: poke the RID Manager when completely out of RIDs too
      s4-drs: we need to wrap extended operations in transactions
      s4-smbd: setup the default event contexts for other process models
      s4-scripting: we need to use a base search for the NTDS GUID
      s4-partition: fixed selection of partitions on exact match
      s4-dsdb: squash some unknown structure warnings
      s4-dsdb: added dsdb_module_am_system()
      s4-dsdb: allow specification of a SID if we are system
      s4-dsdb: use dsdb_module_am_system() in acl module
      s4-dsdb: fixed const misuse in acl module
      s4-samba3samtest: use system credentials for creating users
      s4-secdesc: fixed the sec_descriptor.py test
      s4-acl: fixed acl.py test to use correct ldif
      s4-dsdb: added a samba3sid module
      s4-samba3sam: use samba3sid module
      s4-samba3sid: the sambaNextRid attribute is actually the previous RID
      s4-samba3samtest: force workgroup so the domain is right
      s4-samba3sid: fixed error returns when res->count != 1 and oom
      s4-samba3samtest: we need to force netbios name as well
      s4-provision: added W2K8-R2 schema as provided by WSPP
      s4-schema: added some debug for bad attributes
      s4-schema: added adminDisplayName and adminDescription
      s4-schema: switch to W2K8-R2 schema
      s4-schema: fixed attributes of aggregate schema
      s4-schema: added msDS-NcType to schema container
      s4-schema: fixes for W2K8-R2 schema
      s4-drs: added two more SPNs in addentry
      s4-ldb: validate the type of the ldb argument to ldb_dn_new()
      s4-drs: fixed usage of ldb_dn_new()
      s4-messaging: fixed a memory leak in messaging_path()
      s4-messaging: remove only usage of debug_ctx()
      s4-debug: removed debug_ctx(). It didn't catch on :-)
      s4-drs: fixed the NC in the getncchanges RID alloc reply
      s4-idl: give a enum for attribute cn and a 'NONE' attribute
      s4-drs: added filtering by udv in getncchanges
      s4-drs: be less verbose when we filter objects by UDV
      s4-drs: calculate and send a uptodateness_vector with replication requests
      s4-drs: need to set the getncchanges extended_ret on success too
      s4-libnet: dsdb_wellknown_dn() in vampire code
      s4-drs: moved the DsWriteAccountSpn call to its own file
      s4-dsdb: added samdb_ldb_val_case_cmp()
      s4-drs: fixed writespn to ignore add/delete errors
      s4-drs: having no SPNs to change is not an error
      s4-drs: base is_nc_prefix on instanceType
      s4-drs: give DN of failed replication partition
      s4-drs: add a local UDV entry even when no replUpToDateVector present on NC
      s4-schema: fixed the SDDL for the schema root security descriptor
      s4-samldb: fixed primaryGroupID when promoting a machine to a DC
      s4-debug: lower the verbosity of a couple of common log messages
      s4-drs: instanceType is always sent, regardless of UDV values
      s4-dsdb: added samdb_domain_sid_cache_only()
      s4-ldb: display security descriptors with correct SDL for known SIDs
      s4-test: fixed make test without having done make install
      s4-selftest: when a command fails show both normal and expanded command
      Revert "s4:provision_users.ldif - Add objects for IIS"
      Revert "s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group"
      Revert "s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now"
      Revert "s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode"

André Hentschel (1):
      net: Add some German translation

Aravind Srinivasan (2):
      s4 torture: Update RAW-QFILEINFO to only test info levels that are supported by the server
      s4 torture: Add new RAW-SEARCH test to explore strange max count behavior

Björn Jacke (15):
      s3: make sys_posix_fallocate more generic
      s3:doc: make dos filetimes description less contradictory
      s3:configure: check for lutimes, futimes and futimens
      s3: keep subsecond times on cross-filesystem moves and don't follow links
      s3: add LDAP Alias Dereferencing support
      s3: make own defines for ldap deref types
      s3: add prototype to fix the build
      s3:docs: document ldap deref
      vfs_commit: print warning when no fsync support is there
      Ñ•3:configure: use gettimeofday check from lib/util/
      s3:lib/time: remove unused nt_time_equals
      s3:lib/time: remoce null_mtime() - use null_time()
      Ñ•3:lib/time: replace make_dos_ and put_dos_ functions with those from lib/util/
      lib/util: move TIME_T_MIN/MAX defines into header file
      s3:lib/time: remove TIME_T_MIN/MAX defines

Bo Yang (6):
      s3: Give the user a chance to change password when password will expire soon.
      s3: Fix build on non-linux platform.
      s3: check for PAM_RADIO_TYPE.
      s3: Fix infinite loop in NCACN_IP_TCP asa there is no timeout. Assume lsa_pipe_tcp is ok but network is down, then send request is ok, but select() on writeable fds loops forever since there is no response.
      s3: Make winbindd_cache.c aware of domain offline to avoid unnecessary backend query.
      s3: List trusted domains from wcache when domain is offline.

Brendan Powers (6):
      Return NULL in strlower_talloc if src is NULL
      s4-dsdb: Add a check to prevent acl_modify from debuging a NULL message
      s4-dsdb: Move get_last_structural class from descriptor.c to util.c
      s4-dsdb: return an error if samAccountName is not specified when creating a user.
      s4-dsdb: fix handling of AUX classes in objectclass_sort
      s4-dsdb: Add a test for adding, deleting, and appending a posixAccount objectClass to a user

Brian Lu (5):
      librpc/ndr: avoid comparison_fn_t to fix the openchange build on solaris
      s4:tls: fix the build on Solaris
      tevent: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
      talloc: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details
      tdb: create symbol links to shared libraries see https://bugzilla.samba.org/show_bug.cgi?id=6991 for details

Endi Sukma Dewata (1):
      s4:provision - Remap conflicting thumbnailPhoto and thumbnailLogo OID's.

Günther Deschner (45):
      spoolss: add more spoolss architectures to IDL.
      s3-spoolss: use SPOOLSS_ARCHITECTURE_ALL in driver enum server code.
      s4-smbtorture: enhance spoolss_EnumPrinterKey torture test.
      spoolss: add spoolss_KeyNames union.
      spoolss: use spoolss_KeyNames in spoolss_EnumPrinterKey.
      s3: re-run make samba3-idl.
      s3-spoolss: fix enumprinter key client and server.
      s4-smbtorture: fix and extend enum printerkey test.
      spoolss: remove unused spoolss_StringArray2.
      s4-smbtorture: add more spoolss_EnumPrinterKey tests for local NDR test.
      s3-rpcclient: allow to set offered size for enumkey command.
      s3-selftest: enable RPC-SAMBA3-WINREG.
      s4-smbtorture: check whether a returned buffer size is a multiple of 4 in RPC-SPOOLSS.
      spoolss: trivial fix for spoolss_FormInfo2 IDL.
      spoolss: fix spoolss_PrinterData size calculation.
      s4-smbtorture: run GetPrinterDriver2 tests against each printer's driver.
      s3-pdbedit: allow to call "pdbedit -N description -u user" without specifiyng "-r".
      spoolss: add spoolss_DriverInfo7.
      spoolss: more mork on SetPrinterInfo() levels.
      s3-spoolss: fix rpcclient after setprinter IDL fixes.
      s4-smbtorture: fix smbtorture after setprinter IDL fixes.
      tdbtool: avoid using c++ reserved words.
      s4-smbtorture: add a samr_GetAliasMembership test to RPC-SAMR.
      s4-smbtorture: skip GetAliasMembership against s4.
      s3-docs: add new pam_winbind.conf(5) manpage.
      s3-docs: mention pam_winbind.conf(5) manpage in pam_winbind(8) manpage.
      s3-docs: not working for SuSE anymore...
      s3-docs: mention all long option names in samba.entities file.
      s3-docs: mention long and undocumented option names in pdbedit manpage.
      s3-docs: mention long option names in smbtree manpage.
      s3-docs: mention -O, --stdout in smbget manpage.
      s3-docs: mention long and undocumented option names in smbclient manpage.
      s3-docs: mention long and undocumented option names in smbcacls manpage.
      s3-docs: mention long and undocumented option names in rpcclient manpage.
      s3-docs: mention -M option and remove nonexisting -G option in pdbedit manpage.
      s3-net: use generated krb5.conf in 'net ads testjoin'
      s4-smbtorture: refactor test_GetPrinter in RPC-SPOOLSS.
      s4-smbtorture: add test_SetPrinter to RPC-SPOOLSS.
      s4-smbtorture: add test_ChangeID to RPC-SPOOLSS.
      s3-docs: fix eventlogadm manpage typo.
      testprogs: add win32 spoolss testsuite.
      testprogs: pass down architecture in spoolss test.
      testprogs: add support for "print" option in win32 spoolss torture test.
      s3-docs: mention -K option in pdbedit manpage.
      s3-time: fix build warnings after we moved to shared time functions.

Jelmer Vernooij (37):
      Fix initialisation of TypeObject samba.param.LoadparmService.
      tdb: Fix formatting of API check file.
      tdb: Also build and install tdb manpages from standalone tdb.
      ldb_wrap: Fix compilation when using system ldb.
      provision/pyldb: Avoid linking in static python ldb module.
      param: Fix build on systems without ldb installed.
      py_net/libnet: Remove C++-style comments, add more error checking, move
      python: Remove sys.path line rather than updating it when installing to python system path.
      net: Support implementing subcommands in python.
      net: Support usage/help of subcommands implemented in Python.
      s4/net: Support parsing arguments in Python commands.
      netcmd: Add some basic tests.
      s4/net: Make pwsettings a net subcommand.
      Use CommandError exception to deal with problems during net commands.
      s4/net: Use d_printf consistently when reporting errors.
      s4/net: Add domainlevel subcommand.
      s4/net: Pass all arguments through to the Python commands.
      s4/net: Allow options before arguments for Python commands.
      python: When updating sys.path to include the Samba python path, avoid throwing away the changes made by site.py.
      net: Make arguments available to python commands as sys.argv.
      dsdb: Fix dependencies when building against system ldb.
      net: Allow python subcommands to provide commands that are not recognized by
      Fix commands in password tests.
      blackbox.passwords: Use convenience variable for net.
      net: Allow Python commands to return None instead of 0.
      net: Move 'setpassword' to 'net setpassword'.
      net: Move setexpiry to 'net setexpiry'
      net: Fix tests and documentation of setexpiry.
      net: Move 'newuser' to 'net newuser'
      net: Support 'super' commands implemented in Python.
      pyldb: Add dom_sid.split in favor of less powerful dom_sid_to_rid().
      samba: Fix whitespace, remove pointless 'pass' statement.
      py/security: Add test for dom_sid.split.
      s4/build: Indicate whether Samba4 is being built against the system
      heimdal_build: Explicitly specify 'YES' when enabling external
      ldb: Fix the standalone ldb build.
      linked_attributes: Fix missing dependency on util.

Jeremy Allison (20):
      Ensure dos_mode can return FILE_ATTRIBUTE_NORMAL, then filter the returned attributes by protocol level.
      Add helpful debug of DACL for errors on ACL access.
      Final part of the fix for 6837 - "Too many open files" when trying to access large number of files
      Fix bug #6939 - mangling method = hash breaks long filenames.
      Update default with correct value. Add a note about Win7 behavior
      Vector correctly through reply_openerror() (which uses the same logic).
      reply_force_nterror() is not used anywhere. Remove it.
      reply_doserror() doesn't force DOS errors on the wire.
      Actually explain the twisty paths of tortured logic behind
      Rename 282 -> ERReasnotsupported.
      Remove all calls to reply_doserror - turn them into
      Rename reply_doserror() -> reply_force_doserror().
      Fix bug reported in mangle_hash code (no bugid yet).
      The posix acl version of set_nt_acl() could set the stat_ex
      Attempt to fix one of the last two bugs with the full Windows ACL support.
      Fix the merged build. Probably not strictly correct but allows us to "make test".
      Fix bug #7020 - smbd using 2G memory.
      Second part of the fix for bug #7020 - smbd using 2G memory.
      Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"

Jim McDonough (1):
      Prevent NULL dereference if group has no members

Jonas Gorski (1):
      s3: Fix bug 6992, make test for getgrouplist cacheable

Kai Blin (2):
      s3 net: Add a few missing gettext calls.
      s3 net: Fix up a share type translation and translate some more strings

Kamen Mazdrashki (23):
      s4-drstest: Don't remove temp LDB so it can be reviewed if necessary
      s4-drs: Fix bug - prefixMap is not updated when adding new OIDs.
      s4-tort: Move Schema tests from ldap.py into separate module
      s4-tort: Tests for "msDS-IntId" attribute implemented
      Revert "s4-drs: cope with bogus empty attributes from w2k8-r2"
      s4-schema: Set ATTID in schema cache from "msDS-IntId"
      s4-schema: Constraints on msDS-IntId attribute
      s4-schema: Implement msDS-IntId attribute generation
      s4-dsdb-util: Utility function to process ldb_request in transaction
      s4-dsdb-util: Execute ldb_request using LDB_CONTROL_AS_SYSTEM
      s4-drs: Save prefix map using LDB_CONTROL_AS_SYSTEM control
      s4-tort: Test handling of different ATTID values in prefixMap interface.
      s4-drs: Implement constraints on ATTID values in prefixMap
      s4-net: Fix 'talloc_free with references ...' error
      s4-libnet: Python binding for libnet_SetPassword()
      s4-libnet: Simple test for net.SetPassword() python binding
      s4: Fix result check for getaddrinfo()
      s4/dsdb_schema: GET_UINT32_DS() macro to use supplied default value instead of 0
      s4/dsdb_schema: fetch msDS-IntId value during SCHEMA replication
      s4/dsdb_schema: use msDS-IntId value for attribute look-up
      s4/schema: Do not assign msDS-IntId value if LDB_CONTROL_RELAX_OID is passed
      Revert "s4-schema: Set ATTID in schema cache from "msDS-IntId""
      s4/dsdb_schema: Load msDS-IntId value separately when loading from LDB

Karolin Seeger (6):
      WHATSNEW4: Samba 3.0 is not up-to-date.
      s3:packaging: Fix typo in comment.
      s3:packaging: Fix source dir.
      s3:packaging: Fix version detection.
      s3:loadparm:  Change the "ldap deref" value "defualt" to "auto".
      s3:docs: Fix 'make manpages3'.

Matthias Dieter Wallnöfer (22):
      s4:libnet/libnet_become_dc - Fix a small glitch in "becomeDC_drsuapi1_add_entry_send"
      s4:utils/oLschema2ldif.c - remove (now) unused variables
      s4:operational LDB module - cosmetic - reorder an attribute list
      s4:"samdb_set_password_sid" - clean up created objects correctly
      s4:drsuapi/getncchanges.c - Update the list of operational attributes
      s4:dsdb/common/util - make NTTIME attribute wrappers use a "const" message
      s4:"samdb_set_password" - remove delete instructions
      s4:lib/registry/util.c - Reintroduce "FIXME"s
      s4:ldap_schema.py - Move generated attributes check
      s4:ldap_schema.py - add an additional check for validity of "defaultObjectCategory"
      s4:schema_load.c - Typo
      s4:SAMLDB LDB module - Rework to allow checks for wrong "defaultObjectCategory" attributes
      s4:SAMLDB LDB module - Fix trailing whitespaces
      s4:provision_self_join.ldif - Adapt comment after implementation of distributed RIDs
      s4:provision_users.ldif - Import all essential groups for Windows Server 2008 mode
      s4:provision_users.ldif - Remove foreign security principal S-1-5-17 for now
      s4:provision_users.ldif - Fix memberships regarding the denied password RODC replication group
      s4:provision_self_join_modify.ldif - Point out that account "dns" is s4 specific
      s4:provision_users.ldif - Add objects for IIS
      s4:repl_meta_data - Transform a "1" into a "true" on a boolean variable
      s4:upgradeprovision - Reformat comments
      s4:upgradeprovision - fix up the script regarding linked attributes

Matthieu Patou (11):
      librpc/ndr: add support for relative_short pointers
      pidl: Introduce new dirrective: relative_short
      idl: introduce new file: dfsblobs.idl
      torture: add new tests for dfsblobs
      add ignore for autogenrated files as they are not used by s3
      s4: reorder action to permit old provision to be correctly upgraded
      s4: upgradeprovision rename also when there is a mismatch on the case of name attribute
      s4: upgradeprovision handle renaming and knownobjects
      s4: rename res/res2 to something more explicit
      s4: make ldbadd/ldbmodify/ldbdelete really use the --controls switch
      s4: tests controls parsing and using for ldbadd/ldbedit/ldbmodify

Michael Adam (15):
      s3:pdb_ldap:init_sam_from_ldap: untangle an assignment from the check
      s3:pdb_set_pw_history: free the old history before setting the new.
      s3:check_sam_security: untangle assignment from statement
      s3:auth:sam_password_ok: enhance readability (imho) by adding some pointers
      s3:auth:sam_password_ok: fix allocation of a data blob.
      s3:auth: use data_blob_null instead of data_blob(NULL, 0) in sam_password_ok()
      s3:auth:sam_password_ok: take username, acct_ctrl and nt/lm hashes, not sampass
      s3:auth:check_sam_security: null out sampass after it has been stolen.
      s3:auth:check_sam_security: create (and use) a common exit point
      s3:auth:check_sam_security: fix a leading tab/ws mixup
      s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account
      s3:smbd:password_in_history: treat entry with 0 salt as 0 + plain nt hash
      s3:passdb: store the plain nt passwords hashes in history, not salted md5
      s3:auth:check_sam_security: introduce a bool var to control pad_pw_count incrementation
      s3:auth: don't update the bad pw count if pw is among last 2 history entries

Nadezhda Ivanova (7):
      Implementation of sDRightsEffective, allowedAttributesEffective and allowedChildClassesEffective.
      Fixed a problem with duplicate values of allowedAttributesEffective.
      Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.
      Fixed incorrect checking of PRINCIPAL_SELF permissions.
      Added oid for AS_SYSTEM control, used to bypass access checks for system operations.
      Added freeing a successful req so it doesnt croud the ldb context
      Adapted acl module to skip checks if as_system control is provided.

Peter Rosin (1):
      Output %p as unsigned in snprintf replacement.

Simo Sorce (6):
      Fix release script to work with recent git versions
      s4: Fix the build
      s4:ldb Fix declaration in the middle of the code
      s4:cleanups remove trailing spaces and tabs
      s4:cleanups More trailing spaces and tabs
      Fix comment

Stefan Metzmacher (46):
      librpc/ndr: add missing prototypes for relative_short functions
      tsocket: add tsocket_address_bsd_sockaddr() and tsocket_address_bsd_from_sockaddr()
      s4:prog_guide4.txt: remove obsolete comments
      s4:gensec: allow clearing local and remote address by passing NULL
      s4:kdc: convert UDP based communication to tdgram_context
      s4:kdc: setup the local and remote tsocket_address at accept time
      tevent: prefix types and defined with tevent_ and TEVENT_
      tsocket: allow AF_UNIX sockaddrs smaller than sizeof(sockaddr_un)
      tsocket: only copy the specific part of sockaddr*
      s4:lib/socket: add helpers functions to convert between socket_address and tsocket_address
      s4:lib/socket: add socket_get_{remote|local}_addr() to get a tsocket_address instead of a socket_address
      s4:smb_server: fix mixing socket_address and tsocket_address
      s4:smbd: hold tsocket_addresses on the stream_connection
      s4:kdc: use the remote and local address from the stream_connection struct
      s4:gensec: change gensec_update_send/recv to tevent_req
      s4:auth: change auth_check_password_send/recv to tevent_req
      s4:ntlmssp: fix whitespaces in ntlmssp.h
      s3:ntlmssp: rename NTLM_MESSAGE_TYPE into ntlmssp_message_type
      s3:ntlmssp: fix spelling
      s3:ntlmssp: fix whitespace in ntlmssp.h
      s3:ntlmssp: remove unused ref_count from ntlmssp_state
      s3:ntlmssp: remove unused ntlmssp_stored_response()
      s3:ntlmssp: move some indentation in ntlmssp_sign.c
      s3:ntlmssp: remove unused p24 variable from ntlmssp_sign_init()
      s4:auth: remove autogenerated auth/ntlm/auth_proto.h
      s4:auth: make auth_challenge_may_be_modified() public
      s4:auth: add auth_get_server_info_principal() prototype to auth.h
      s3:ntlmssp: change get_challange() to return NTSTATUS
      s4:auth/ntlmssp: let get_challenge() return a NTSTATUS and fill a stack buffer
      s4:ntlmssp_server: remove unused variable
      s4:ntlmssp: use data_blob_null in ntlmssp_server_auth()
      s4:ntlmssp_server: clear session key in ntlmssp_server_preauth()
      s4:ntlmssp_server: don't use mem_ctx in auth_ntlmssp_check_password()
      s4:ntlmssp_server: don't use a mem_ctx for ntlmssp_server_auth()
      s4:ntlmssp_server: always call ntlmssp_server_postauth() and decide there if it's a noop
      s4:ntlmssp: remove mem_ctx from check_password() callback to match s3
      s3: Happy New Year 2010
      s4: Happy New Year 2010
      blackbox/test_export_keytab.sh: use VALGRIND for samba4kinit
      blackbox/test_export_keytab.sh: correctly remove temporary files
      s4:dsdb/repl: convert dreplsrv_out_drsuapi_send/recv to tevent_req
      tdb: fix standalone 'make installdocs'
      s4:dsdb/repl: convert dreplsrv_op_pull_source_send/recv to tevent_req
      libcli/util: add tstream_read_pdu_blob_send/recv
      s4:kdc: the ->process function returns "bool"
      s4:kdc: use LIBSAMBA_TSOCKET

Steven Danneman (2):
      s4/torture: add more lock cancellation tests
      s4/torture: fix small bug in lock test

Suresh Jayaraman (1):
      doc: update mount.cifs man page with nounix option

Tim Prouty (13):
      s4 torture: Add SHARE_DELETE to create_directory_handle
      s4 torture: close handle instead of using exit
      s4 torture: RAW-STREAMS-CREATEDISP Use a normal deny mode
      s4 torture: Parameterize streams delete behavior rather than commenting out the check.
      s4 torture: Add RAW-STREAMS-RENAME3 to show error when trying to overwrite a stream with an open handle
      s4 torture: RAW-STREAMS-NAMES Make sure the create time of the streams are different from the base file
      s4 torture: Fix RAW-STREAMS-DELETE to pass against samba3
      s4 torture: Do a better job of closing open files in RAW-OPLOCK.
      s4 torture: Be more permissive with share modes for oplock testing
      s4 torture: Update raw oplock to use win7 as the baseline for rename oplock break behavior
      s4 torture: Add RAW-OPLOCK-EXCLUSIVE7 which is similar to BATCH19
      s3 torture: Prevent smbcli segfault when running smbtorture3 against an smbd with security=share
      s4 torture: Add RAW-OPEN-NTCREATEDIR to test error checking for open directories as files

Volker Lendecke (103):
      s3: Fix a very embarrassing build failure
      s3: Allow up to 20480 entries in LookupSids, as mandated by the official IDL
      s3: Fix _samr_GetAliasMembership for results with 0 rids
      smbtorture4: Add rpc-samba3-getaliasmembership-0
      s3: Run RPC-SAMBA3-GETALIASMEMBERSHIP-0 in make test
      s3: Fix an error case in cli_negprot
      s3: Remove unused winbindd_lookupsid_async
      s3: Remove unused winbindd_lookupname_async
      s3: Remove unused winbindd_getsidaliases_async
      s3: Remove unused query_user_async
      s3: Remove unused do_async_domain
      s3: Remove unused winbindd_sid2uid_async
      s3: Remove unused winbindd_sid2gid_async
      s3: Remove unused winbindd_uid2sid_async
      s3: Remove unused winbindd_gid2sid_async
      s3: Remove unused do_async
      s3: Remove some unused dual functions
      s3: Remove unused winbindd_dual_userinfo
      s3: Remove unused winbindd_dual_lookupsid
      s3: Remove unused winbindd_dual_lookupname
      s3: Remove unused winbindd_dual_getdcname
      s3: Remove unused winbindd_dual_getuserdomgroups
      s3: Remove an unused struct definition
      s3: Remove unused winbindd_dual_getsidaliases
      s3: Remove unused get_sam_group_entries
      s3: Fix some nonempty blank lines
      s3: Shrink winbindd_proto.h a bit
      s3:winbindd: Fix a brown paper bag bug in wbinfo -t ...
      s3:winbind: Add a lower-cost alternative to wbinfo -t: wbinfo --ping-dc
      s3: Move smb_splice_chain to smbd/process.c, its only user
      s3: Remove a pointless else branch
      s3: Restore correct timeouts for SMB requests
      s3: Remove unused sendto_child()
      s3: Remove some unused code
      s3: wbinfo --ping-dc is not cacheable
      s3: Remove some pointless casts
      s3: Remove some pointless SMB_ASSERTs
      s3: Fix a 64-bit error
      s3: Fix a comment in conn_cache.c
      s3: Remove some unnecessary variables from libsmb/conn_cache.c
      s3: Remove unused flush_negative_conn_cache()
      s3: Remove unused delete_negative_conn_cache()
      s3: getgrent_state has been replaced by grent_state
      s3: winbindd_cli_state->getgrent_state is no longer used
      s3: Fix some nonempty blank lines
      s3: Replace IS_DOMAIN_OFFLINE by a function
      s3: Fix a bogus uninitialized variable warning
      s3: Fix a typo found by Matthias Dieter Wallnöfer <mdw at samba.org> -- thanks :-)
      s3:winbind Make the normal client exit message a bit more understandable
      s3: Simplify "setup_domain_child" slightly
      s3: Simplify winbindd_list_trusted_domains() slightly
      s3: Remove some unused code
      s3: Simplify winbindd_ads.c:trusted_domains()
      s3: Pass netr_DomainTrustList instead of names and sids through (*trusted_domains)
      s3: Move a lp_winbind_trusted_domains_only() check to wb_getgrsid()
      s3: Check for lp_winbind_trusted_domains_only in wb_gettoken()
      s3: Introduce domain_is_forest_root() helper function
      s3: Adapt sid_dup_talloc to README.Coding
      s3: Make free_domain_list() static
      s3: Avoid adding a domain twice
      s3: Use global_sid_Builtin in find_builtin_domain
      s3: simplify find_root_domain, find_our_domain() never fails
      s3: Fix a typo
      s3: Convert cli_session_setup_kerberos to the async API
      s3: NT_STATUS_MORE_PROCESSING_REQUIRED is a valid sesssetup return value
      s3: Convert cli_sesssetup_ntlmssp to the async API
      s3: Remove some unused code
      libwbclient: Remove a pointless check
      s3: Fix some nonempty blank lines
      s3: Slightly simplify winbindd_dual_ccache_ntlm_auth
      s3: Convert cli_tdis to the async API
      s3: Convert cli_ulogoff to the async API
      s3: Fix an uninitialized variable warning
      s3: Fix a shadowed variable warning
      s3: Trim down smbcontrol a bit
      s3: Avoid a memset(, 0, ) call
      s3: Fix a typo
      s3: Simplify pdb_set_plaintext_passwd() slightly
      s3: Simplify pdb_set_plaintext_passwd() a bit
      s3: Make use of talloc_array in pdb_set_plaintext_passwd()
      s3: Simplify pdb_set_plaintext_passwd by using talloc_zero_array
      s3: Simplify pdb_set_plaintext_passwd: memcpy deals fine with 0 bytes
      s3: Simplify pdb_set_plaintext_passwd() by removing a redundant condition
      s3: Add a paranoia check to pdb_set_plaintext_passwd()
      s3: Simplify pdb_set_plaintext_passwd: pwHistLen==0 was checked above
      s3: Simplify pdb_set_plaintext_passwd: pwhistory==NULL can not happen anymore
      Simplify E_md5hash a bit
      s3: Factor password_in_history() out of check_passwd_history()
      s3: Lock down some srvsvc calls according to what w2k3 seems to do
      s3: Remove some code that has become unnecessary
      s3: Fix a segfault in winbindd_dual_ccache_ntlm_auth()
      s3: Slightly simplify winbindd_store_creds
      s3: Remove a pointless "else" branch from add_ccache_to_list()
      s3: Trim down some utilities a bit
      s3: Trim libnss_wins.so
      s3: Remove the typedef for "auth_usersupplied_info"
      s3: Remove the typedef for "auth_serversupplied_info"
      s3: Remove unused samr_make_sam_obj_sd
      s3: Replace most calls to sid_append_rid() by sid_compose()
      s3: Use sid_check_is_in_our_domain instead of a direct sid_peek_check_rid
      s3: Use sid_check_is_domain instead of a direct sid_equal
      s3: Fix some nonempty blank lines
      s3: Remove some unused variables

Zach Loafman (1):
      s4 torture: Convert RAW-OPEN to suite form

Zachary Loafman (1):
      s4 torture: Add test to show archive bit behavior with directories

brendan powers (1):
      s4-ntvfs: check if pvfs is NULL in pvfs_logoff


Samba Shared Repository

More information about the samba-cvs mailing list