[SCM] Samba Shared Repository - annotated tag tevent-0.9.15 created

Stefan Metzmacher metze at samba.org
Thu Feb 9 05:23:12 MST 2012

The annotated tag, tevent-0.9.15 has been created
        at  df2bff0235aa57f6f49fadc0f9fe7f29e3b7f495 (tag)
   tagging  de53fcd8de5b751efb97adb43663a73059dc8ed3 (commit)
  replaces  ldb-1.1.4
 tagged by  Stefan Metzmacher
        on  Thu Feb 9 13:22:18 2012 +0100

- Log -----------------------------------------------------------------
tevent: tag release tevent-0.9.15
Version: GnuPG v1.4.11 (GNU/Linux)


Amitay Isaacs (58):
      dlz_bind9: For creating a child entry, use only SEC_ADS_CREATE_CHILD
      dlz_bind9: Use client supplied credentials for DNS record update
      dlz_bind9: Set debugging output to stderr
      dlz_bind9: Add command line options for URL and debug
      s4-cldap: Set DS_DNS_CONTROLLER bit if we are running RPC dnsserver
      s4-provision: CN=MicrosoftDNS,CN=System container is in forest and not domain
      tdb: Fix python documentation for tdb module
      s4-provision: Extract common utility routines in separate file
      s4-param: Added bin_dir(),sbin_dir() methods to get compiled in dirs
      s4-provision: Do not guess partition file names, use @PARTITION record
      setup: Fix phpldapadmin configuration for version 1.2.x
      samba-tool: Remove duplicate code of dsacl to fsacl conversion
      samba-tool: gpo: fix a typo
      samba-tool: Fix DN for GPO entries
      tdb2: Fix python documentation for tdb.Tdb object
      s4-netlogon: Revert patch f02e4ebfafa6e5911e3fe744b1780527ab12c970
      s3-net: Fix the return codes. 0 on success, -1 on failure
      samba-tool: Add transaction wrapper for creating GPO
      param: Fix the data type for bAvailable
      param: domain_logons and domain_master are of type enum_bool_auto
      s4-provision: Set dNSProperty attribute for dns zones
      samba-tool:dns: Add support for reverse names (PTR records)
      s4:rpc-dnsserver: For PTR records, use dns_name_equal instead of strcmp to compare
      s4:rpc-dnsserver: If a zone is reverse zone, set the fReverse flag
      s4:rpc-dnsserver: Cache DNS partition information
      s4:rpc-dnsserver: Implement EnumDirectoryPartition operation
      idl:dnsserver: Add DNS_DP_STATE enumeration for diretory partition state
      s4:rpc-dnsserver: Use cached zone information to get rootservers
      s4:rpc-dnsserver: Fix the enumeration of DNS records
      s4:rpc-dnsserver: Implement DirectoryPartitionInfo RPC operation
      s4:rpc-dnsserver: Use handy macros for error checking
      s4:rpc-dnsserver: Add multiple DNS records in a single operation
      s4:rpc-dnsserver: Implement zone management RPC operations
      s4:rpc-dnsserver: Make sure that zone information is filled in
      s4:rpc-dnsserver: Add comments
      ldif-handler: Fix the case for attribute dnsproperty
      samba-tool:dns: Add zone create/delete commands
      samba-tool:dns: Fix a typo
      test:dnsserver: Add zone creation and deletion test
      s4:rpc-dnsserver: Set the rank for the new DNS record correctly
      s4-provision: Fix the problem of DnsProperty values not being set correctly
      dlz_bind9: create session info from PAC using auth context
      s4-rpc:dnsserver: Do not replace @ with zone_name in update operation
      samba-tool:dns: Check through all the DNS records for a match
      s4-rpc:dnsserver: DNS names are case insensitive
      samba-tool:dns: DNS names are case insensitive
      selftest: Do not run symbol check if setting up testenv
      autobuild.py: Catch only true exceptions in except statement
      python: Change except: statement to except Exception:
      dlz_bind9: for authenticated user, set the AUTHENTICATED USERS sid in token
      s4-torture: For authenticated users, add AUTHENTICATED USERS sid
      build: Add missing dependencies on popt
      s4-s3-upgrade: Use lowercase hostname as hostname for provision
      s4-s3-upgrade: Check if there are duplicate sids for users and groups
      tevent: Fix python documentation strings
      selftest: Fix the exit code of make test when run in buildfarm
      samba-tool dns: Re-add support for option groups
      samba-tool sites: Re-add support for option groups

Andreas Schneider (90):
      s3-winbind: Remove unused keys from list.
      s3-winbind: Add an update function for winbind cache.
      s4-librpc: Fix NETLOGON credential chain with Windows 2008.
      s4-torture: Fix schannel test against win2k8.
      s4-torture: LookupSids3 is only available over NCACN_IP_TCP.
      s3-libsmb: Don't duplicate kerberos service tickets.
      s4-librpc: Fix netlogon schannel client connect.
      s4-provision: Fix tdbdump path lookup in make test.
      s3-winbind: Move finding the domain to it's own function.
      s3-winbind: Fix segfault if we can't map the last user.
      s3-waf: Create a smaller samba3util subsystem.
      s3-waf: link SECRETS3 only against samba3util.
      s3-waf: auth_netlogond depends on tldap.
      lib: Remove dead mszip code.
      s3-waf: Link netapi only against needed subsystems.
      s3-waf: Link smbclient only against needed subsystems.
      s3-waf: Link nss_wins only against needed subsystems.
      s3-waf: Replace LIBMSRPC_GEN just with ndr-standard.
      s3-waf: Remove unneeded PARAM_UTIL dependency.
      s3-waf: Add missing depcendencies to smbconf.
      s3-waf: Link param only against needed subsystems.
      s3-waf: Don't link param_service against USER_UTIL twice.
      s3-waf: Link samba3core against needed subsystems.
      s3-waf: Remove LIBSMB_ERR completely.
      s3-waf: Link LIBNTLMSSP only against needed subsystems.
      s3-waf: Link libsmb only against needed subsystems.
      s3-waf: Link smbd_base only against needed subsystems.
      s3-waf: Link LIBNET only against needed subsystems.
      s3-waf: Link LIBNET_DSSYNC only against needed subsystems.
      s3-waf: Remove dead subsystem LIBNBT.
      s3-waf: Link trusts_util only against needed subsystems.
      s3-waf: Link tdb-wrap3 only against needed subsystems.
      s3-waf: Link errors3 only against needed subsystems.
      s3-waf: Link libcli_lsa3 only against needed subsystems.
      s3-waf: Link nmbd only against needed subsystems.
      s3-waf: Link winbindd only against needed subsystems.
      s3-waf: Add missing dependencies to LOCKING.
      s3-waf: Add missing dependencies to PASSCHANGE.
      s3-waf: Link swat only against needed subsystems.
      s3-waf: Link rpcclient only against needed subsystems.
      s3-rpcclient: Remove debug_dsdcinfo_flags() call.
      s3-waf: Link smbclient only against needed subsystems.
      s3-waf: Link net only against needed subsystems.
      s3-waf: Link profiles only against needed subsystems.
      s3-waf: Link smbspool only against needed subsystems.
      s3-waf: Link testparm only against needed subsystems.
      s3-waf: Link smbta-util only against needed subsystems.
      s3-waf: Link smbstatus only against needed subsystems.
      s3-waf: Link smbstatus only against needed subsystems.
      s3-waf: Link smbtree only against needed subsystems.
      s3-waf: Link smbpasswd only against needed subsystems.
      s3-waf: Link pdbedit only against needed subsystems.
      s3-waf: Link smbget only against needed subsystems.
      s3-waf: Link nmblookup only against needed subsystems.
      s3-waf: Link nmblookup only against needed subsystems.
      s3-waf: Link smbconftort only against needed subsystems.
      s3-waf: Link maketest only against needed subsystems.
      s3-waf: Link msgtest only against needed subsystems.
      s3-waf: Link smbcacls only against needed subsystems.
      s3-waf: Link smbcquotas only against needed subsystems.
      s3-waf: Link eventlogadm only against needed subsystems.
      s3-waf: Link sharesec only against needed subsystems.
      s3-waf: Link locktest only against needed subsystems.
      s3-waf: Link pdbtest only against needed subsystems.
      s3-waf: Link vfstest only against needed subsystems.
      s3-waf: Link locktest2 only against needed subsystems.
      s3-waf: Link smbfilter only against needed subsystems.
      s3-waf: Link versiontest only against needed subsystems.
      s3-waf: Link ntlm_auth only against needed subsystems.
      s3-waf: Link rpc_open_tcp only against needed subsystems.
      s3-waf: Link test_lp_load only against needed subsystems.
      s3-waf: Link dbwrap_tool only against needed subsystems.
      s3-waf: Link dbwrap_torture only against needed subsystems.
      s3-waf: Link split_tokens only against needed subsystems.
      s3-waf: Link vlp only against needed subsystems.
      s3-waf: Reduce libnetapi dependencies.
      s3-waf: Reduce libsmbclient dependencies.
      s3-waf: Add missing dependency to RPC_WINREG.
      s3-waf: Add missing dependency to LIBNET.
      s3-waf: Fix cups dependency in PRINTING.
      s3-waf: Reduce dependencies of smbd_base.
      s3-waf: Reduce dependencies of winbindd.
      s3-waf: Add missing dependency of pdb_wbc_sam to wbclient.
      s3-waf: Add missing dependency of ntlmssp to wbclient.
      s3-waf: Create a subsystem for SERVER_MUTEX.
      s3-lib: Fix util_cmdline which doesn't use popt.
      s3-libsmb: Remove dead gssapi code.
      s3-libsmb: Remove dead prototype.
      s3-waf: Link against tdb_compat instead of tdb.
      s3-waf: Link tdbsam against needed libraries.

Andrew Bartlett (193):
      auth: Allow a NULL principal to be obtained from the credentials
      s4-dns Use match-by-key in GSSAPI server if principal is not specified
      pydsdb: provide a am_pdc hook like am_rodc to python scripts
      s4-dnsupdate: Do not attempt to add the PDC names if we are not a PDC
      Remove outdated information from the README
      clarify Roadmap, as the shape of Samba 4.0 is much clearer now
      s4-kdc: only build hdb plugin if we build against system Heimdal
      s4-selftest re-enable nsstest on libnss_winbind.so
      selftest: samba4.samba-tool.domopen now passes, so do not skip
      s4-lsarpc Fix segfaults found by the samba4.rpc.lsa.forest test
      torture: do not reuse bindings between pipes
      s4-lsarpc handle more info levels in SetInfoTrustedDomain calls
      testsuite: Remove unused and unlikely to be revived DejaGNU tests
      s4-torture: Fix comment
      s4-torture Modify rpc.lsa.forest.trust test to progress further FL Win2003 R2
      s4-torture cope with servers earlier than Windows 2008
      s4-torture Do not use a fixed password for forest trust tests
      HEIMDAL: Supply krb5_context to _krb5_internal_hmac to allow logging
      s4-selftest Give local.resolve a real name to look up
      s4-selftest: Add test of RPC to a netbios alias
      s4-resolv: fix dns_ex so as to fail correctly when a name does not exist
      lib/param: Set s4 "host msdfs = true" by default
      s3-rpc_server: Remove old comment
      s3-rpc_server: Add my copyright for my previous work here
      s3-auth Restore shortcut for guest security token
      s3-rpc_server request the DCE_STYLE feature in ntlmssp_server_auth_start
      s3-auth rename auth_ntlmssp_state -> auth_generic_state
      s3-auth rename auth_ntlmssp_prepare() -> auth_generic_prepare()
      s3-auth remove auth_ntlmssp_start(), call auth_generic_start() directly
      s3-rpc_server request both sign and seal for clarity
      s3-auth split the auth_generic functions into a seperate file
      s3-rpc_server remove unused header
      s3-rpc_server rename ntlmssp_server_auth_start() -> auth_generic_server_start()
      s3-rpc_server rename NTLMSSP functions to auth_generic..()
      s3-rpc_server: Rename dcesrv_ntlmssp.[ch] to dcesrv_auth_generic.[ch]
      s3-rpc_server: rename pipe_ntlmssp_verify_final() to pipe_auth_generic_verify_final()
      s3-rpc_server: Allow gensec mechanisms to return NT_STATUS_OK
      s3-rpc_server: Rework pipe_ntlmssp_auth_bind() to be generic
      s3-librpc Use gensec_sig_size() instead of a fixed NTLMSSP_SIG_SIZE
      gensec: Allow an alternate set of modules to be specified
      s3-auth: Remove protype for already-removed auth_ntlmssp_start
      s3-auth Fix talloc parent for s4 event context in auth_samba4
      s4-ntlmssp Do not allow LM key without a LM password
      credentials: Always honour the return value of E_deshash()
      auth/kerberos: Move gssapi_parse.c to the top level
      s4-gensec: Allow a PAC to be obtained from any GSS mech
      s4-auth Remove unused auth_context_create_from_ldb()
      auth/kerberos: Make pac_data_out in kerberos_decode_pac() optional
      s4-gensec: fix cyrus sasl module after update() protype change
      s4-gensec: Move parsing of the PAC blob and creating the session_info into auth
      s4-pyauth: Make sure event context allows nesting
      s4-gensec: Pass the auth context in during gensec test
      s4-torture: Demonstrate handling of the PAC in a custom auth_context
      s4-gensec Remove fallback for simple privileges
      s4-gensec remove auth_session dep from gensec_gssapi.c
      auth/kerberos: Rename memory contexts for greater clarity
      s4-auth: Rename memory contexts for greater clarity
      s4-gensec: Rename memory contexts in gensec_gssapi for greater clarity
      s4-gensec: Rename memory contexts in gensec_krb5 for greater clarity
      s4-gensec: Rename memory contexts in gensec_util for greater clarity
      s4-toture: Rename memory contexts in rpc.pac for greater clarity
      s3-librpc Use gsskrb5_get_subkey() where available to get the session key
      s3-libads Factor out a new routine kerberos_get_principal_from_service_hostname()
      s3-librpc store the sign/seal flags we got in the gssapi client
      s3-selftest: Add test for rpcclient, including kerberos authentication
      s3-auth supply s3 ntlmssp module via gensec_settings
      s3-auth Add TALLOC_CTX * to auth_generic_prepare()
      s3-auth re-create the auth context in the s3 ntlmssp server module
      s3-auth Set remote address for both AD and s3 gensec modes
      s3-auth use gensec directly rather than via auth_generic_state
      s3-auth Remove ntlmssp_wrap.h which is no longer required
      s3-auth remove unused ntlmssp.h
      s3-auth Remove more unused headers
      s3-librpc remove unused headers
      s3-auth remove outdated comment
      s3-auth Rename make_auth_ntlmssp() -> make_auth_gensec()
      s3-libsmb Use gensec_settings to set s3 ntlmssp client backend
      s3-libsmb Make auth_ntlmssp client more generic
      s3-libads Use NTLMSSP via auth_generic/gensec
      s3-torture convert smb2 test to use auth_generic/gensec for NTLMSSP
      s3-winbindd: convert cached credentials to use auth_generic/gensec for NTLMSSP
      ntlmssp: merge initial packet implementations
      s3-ntlmssp Remove unused ntlmssp_set_hashes() and do not set an invalid LM hash
      s3-selftest Hide smb4torture_possible inside plansmbtorturetestsuite()
      s3-selftest: remove smb4torture_possible and add have_ads_support
      s3-build: smbtorture4 can be built regardless of use_ads
      s3-build SAMBA4SHAREDIR is unused in make test
      s3-build SMBTORTRUE4 variable is unused in make test
      s3-selftest: Add test for smbclient kerberos support
      s3-libsmb: match the rest of Samba3 in kerberos name selection in smb sealing
      s3-selftst Add encrypted CIFS testing with kerberos
      s3-sefltest Make krb5 tests contain the word krb5
      s3-libsmb: Do not look up FQDN or use host/ for krb5 encrypted CIFS
      auth/credentials Remove debug that prints in normal operation
      s3-build: Remove unused hooks to set smbtorture4 and test args
      krb5: Require krb5_c_enctype_compare is available to build with krb5
      krb5: Require krb5_c_verify_checksum is available to build with krb5
      krb5: Require krb5_get_host_realm and krb5_free_host_realm be available to build with krb5
      krb5: Require krb5_fwd_tgt_creds to be available to build with krb5
      krb5: Require krb5_get_init_creds_opt_alloc/free for build with krb5
      krb5: Remove now unused checks for krb5_verify_checksum
      krb5: Require krb5_get_renewed_creds be available to build with krb5
      krb5: Require krb5_principal_compare_any_realm be available to build with krb5
      krb5: Require krb5_set_real_time is available to build with krb5
      krb5: Require krb5_string_to_key be available to build with krb5
      krb5: Require gss_get_name_attribute or Heimdal's PAC parsing to build with krb5
      s3-librpc Return user principal name on supplied mem_ctx
      auth/kerberos: Remove unused headers from gssapi_parse.c
      auth: make auth4_context common to provide access to generate_session_info_pac()
      gensec: move gensec_util.c to the top level
      s3-librpc Rename create_ntlmssp_auth_rpc_bind_req() to be more generic
      s3-librpc Rename and rework cli_rpc_pipe_open_ntlmssp() to be generic
      s3-librpc Set target service and server into gensec
      s3-librpc: rename get_ntlmssp_auth_footer to be more generic
      s3-libsmb: split out auth_generic client functions into auth_generic.c
      s3-librpc: Rename spnego_ntlmssp_init_client and make generic
      s3-librpc Supply target service and server to spnego_generic_init_client()
      gensec: make gensec_gssapi.h common
      gensec: Rename want_flags and got_flags in gensec_gssapi
      gensec: Make sure to check the optional auth_context hooks before using them
      s4:auth: Make sure to check the optional auth_context hooks before using them
      s4-kdc: use IDL constant NETLOGON_GENERIC_KRB5_PAC_VALIDATE
      s4-kdc Do the KDC PAC checksum validation in the Samba plugin
      auth/kerberos: Remove unused TALLOC_CTX argument to check_pac_checksum
      heimdal: remove checking of KDC PAC signature, delegate to wdc plugin
      use ETYPE_DES3_CBC_SHA1 for the verify step in verify_mic_des3
      make hmac-md5 the keyed checksum type for arcfour-hmac-md5
      Revert "make paranoia check less paranoid" - check that key types strictly match
      s3-selftest The krb5 encrypted CIFS test was wrong
      s3-auth Add auth hook for PAC parsing
      s3-auth Match session setup handling of krb5, store the PAC
      s3-gse: Add gensec wrapper for gse GSSAPI client
      s3-build: Rework object lists to allow gse gensec module
      s3-gse Make gse available as a gensec client module
      s3-libsmb Use the gse_krb5 gensec module as client
      s3-librpc Call GSSAPI via the auth_generic layer and gensec
      s3-librpc Allow spnego_generic_init_client to handle kerberos too
      s3-librpc Call SPENGO/GSSAPI via the auth_generic layer and gensec
      s3-librpc: Simplify SPNEGO code now that all mechs use a struct gensec_security
      s3-librpc Remove layer around struct gensec_security
      s3-librpc Remove unused dcesrv_gssapi.[ch] functions
      s3-gse Remove or make static unused/local-only GSE functions
      s3-gse Add const
      s3-gse Move GSS_C_DCE_STYLE backup definition to gse.c
      s3-librpc Remove special case for spnego dcerpc sign/seal
      s3-librpc Remove special case for spnego session key
      s3-gse Make seal parameter a boolean for clarity
      s3-librpc Make cli_rpc_pipe_open_spnego_ntlmssp() generic
      s3-rpcclient: pass struct ndr_interface_table down
      s3-utils/net: pass struct ndr_interface_table down
      s3-librpc: pass struct ndr_interface_table down to cli_pipe_open_generic/spnego()
      s3-gse Rename delegated_creds to match gensec_gssapi_context
      s3-gse Rename gss_ctx to match gensec_gssapi_context
      s3-gse Rename gss_c_flags and ret_flags in gse
      s3-gse remove special more_processing hook from gse
      s3-gse Remove authenticated flag from gse
      s3-gse: Make gensec_gse cope with non-DCE GSSAPI
      s3-gensec: Add hook to allow gensec to know if kerberos is permitted
      s3-gse: align common elements between gse_context and gensec_gssapi_state
      auth/gensec: align common elements between gse_context and gensec_gssapi_state
      build: Add -lz to wbinfo to fix build on some hosts
      s3-libcli Change krb5 smb sealing to call via gensec and gensec_gse
      s3-libsmb: use struct gensec_security directly
      s3-libsmb: Remove unused smb_tran_enc_state_gss and gssapi headers
      s3-libsmb: Always allow SMB_TRANS_ENC_GSS to be defined
      param: handle P_BYTES in more places
      dsdb: Allow DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET_OID to be specified as a flag
      s3-passdb: Use DSDB_PASSWORD_BYPASS_LAST_SET flags in pdb_samba4
      s3-passdb: Fix pdb_samba4 setting of plaintext passwords
      selftest: Add test for smbpasswd against pdb_samba4
      s3-build: Remove FIXME, bigballofmud is no more
      s4-rpc_server: Fix search for existing trust to actually look for the dns name
      s3-libsmb Do not limit read replies to NBT packet sizes
      s3-selftest: Add test for posix large reads and writes
      auth: provide private pointer and do not return original PAC signatures
      auth: Make check_password and generate_session_info hook generic
      s4-auth: Return NT_STATUS_NOT_IMPLEMENTED if the challenge cannot be obtained
      gensec: inline gensec_generate_session_info() into only caller
      s3-auth: Remove duplicate check for NT_STATUS_IS_OK(nt_status)
      s3-smbd: Use gensec_spnego in smb seal server
      s3-libsmb: Use gensec_spnego in smb seal client
      s3-libsmb: Remove unused enum smb_trans_enc_type
      libcli/smb: Convert struct smb_trans_enc_state to talloc
      selftest: Remove unused support for --exeext
      s3-auth Remove unused nt_status_squash from auth_context
      s3-build use common VERSION file for all builds
      s4-messaging: fix pymessaging docstring
      s3-auth Add const to make_user_info_map
      auth: rename ntlmssp.c to ntlmssp_util.c
      s3-docs: Remove references to long-gone smbmount utilities
      s3-passdb: Remove #if _SAMBA_BUILD_ == 4 from pdb_samba4
      s3-build: remove EXEEXT from Makefiles
      smbwrapper: Remove smbwrapper

Andrew Tridgell (18):
      s4-ntvfs: fixed a unix ACL mapping bug
      s4-ntvfs: added allow_override check based on use of NT ACL
      dbcheck: cope with objects disappearing during checking
      dynconfig: added SBINDIR and BINDIR as updated dynconfig variables
      lib/util: added set_close_on_exec()
      genrand: use set_close_on_exec()
      s4-socket: use set_close_on_exec()
      pidfile: use set_close_on_exec()
      loadparm: fixed service list handling
      s3-loadparm: mark a few parameters as having P_BYTES type
      s3-rpc: added "rpc_server:default" config option
      runcmd: use a pipe for stdin to child processes
      runcmd: use set_close_on_exec()
      s4-heimdal: the ASN1 compiler now depends on libreplace
      Revert "s4-drs: do not try to contact for replication servers that are not anymore in reps*"
      build: fixed a link order problem
      idl: wmi and dcom don't need python bindings
      pidl: add more mapped types

Björn Jacke (1):
      s3/doc: document the ignore system acls option of vfs_acl_xattr and vfs_acl_tdb

Christian Ambach (3):
      s3:vfs fix up vfs_gpfs after function pointer renames
      s3:dbwrap fix return value of db_tdb_parse
      s3:idmap_autorid: use less transactions

Christof Schmitt (2):
      smbtorture: Do not leak child processes when exiting
      s3-winbind: Remove unused bool "local"

Dave Craft (9):
      Add samba_kcc load parameter
      Add NTDSConnection schedule attr blob
      Add DRSUAPI_DRS_UPDATE_(x) flags
      Add subreq and status to kcc_service struct
      Invocation of samba_kcc from KCC task
      samba_kcc NTDSConnection translation
      Intersite KCC flags
      Intersite KCC flags for python
      KCC importldif/exportldif and intersite topology

David Disseldorp (19):
      s3-perfcount: fix build for example perfcount daemon
      s3-perfcount: fix incorrect array length calculations
      spoolss: fix DPD_DELETE_ALL_FILES error return
      s3-rpcclient: add deldriverex flags argument
      s4-smbtorture: tweak spoolss_OpenPrinterEx devmode
      idl: add parser for the to_null property
      ndr: add ndr_pull_charset_to_null()
      idl: add to_null attribute to the spoolss formname array
      idl: add to_null attribute to the spoolss devicename array
      idl: add to_null property
      s3-spoolss: prefix print$ path on driver file deletion
      s3-spoolss: fix printer driver version deletion
      torture: add spoolss del printer driver test
      torture: confirm printer driver file removal
      s3-spoolss: fix printer_driver_files_in_use() call ordering
      torture: add spoolss overlapping driver deletion tests
      s3-spoolss: fix incorrect error check type
      WERROR type variable being incorrectly checked with a NT_STATUS_IS_X
      lib: use differing NTSTATUS and WERROR struct members

Gregor Beck (4):
      s3:net: adapt idmap check to new dbwrap_fetch behavior not to return success if not found
      s3:registry: do not use regdb functions during db upgrade
      lib/util: factor out tdb_data_is_empty
      s3:registry: do not write empty value lists to registry.tdb

Günther Deschner (19):
      s3-ctdb: fix the build w/o HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL
      s4-smbtorture: remove trailing whitespace from schannel test.
      s4-smbtorture: avoid printf(); in schannel test.
      s4-smbtorture: fix some typos in schannel test.
      s4-smbtorture: make sure we can successfully run the schannel test against windows.
      s3-includes: remove PRIMARY_* SID_INDEX defines defined elsewhere already.
      s3-dns: prevent from potentially doing wrong SRV DNS lookups.
      s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().
      s3-pdbtest: only test trusted domains when pdb backends offers trusted domain support.
      s3-libads: pretty print a keytab list.
      s3-passdb: remove a forward declaration.
      s3-waf: rpcclient does not need libads.so.
      s4-kerberos: remove some unused prototypes.
      samba: check for AES encryption type defines.
      s3-waf: also check for gsskrb5_extract_authz_data_from_sec_context() during
      s3-waf: fix compile of pdb_ldap as shared module by moving ldap schema helpers to libpdb.so
      s3-autoconf: fix the build of the pdb_ldap shared module in autoconf build as well.
      s3-waf: check for KRB5_PDU_NONE as in the autoconf build.
      s3-passdb: trying to decouple passdb and secrets a little.

Horacio G. de Oro (2):
      Use named argument 'dir' instead of 'prefix' on NamedTemporaryFile for source4/setup/provision
      Use named argument 'dir' instead of 'prefix' on NamedTemporaryFile for domain.py

Ira Cooper (5):
      Fix compile when TDB_TRACE is enabled.
      Add "repack" command to tdbtool.
      Fix bug #8729 - getpass regressions on Solaris/Illumos - 3.6 and master.
      s3-popt: Fix configure.developer builds on Solairs.
      s3-nsswitch: Fix warnings on Solaris.

Jelmer Vernooij (71):
      selftest: Don't acquire target when --list was specified.
      selftest: Drop broken and unused Kvm target.
      selftest: Fix typo in socket wrapper test.
      tevent: Fix typo in build script.
      Revert making public of the samba-module library.
      selftest: Split out flapping tests into a separate file.
      selftest: Add --flapping argument to filter-subunit.
      selftest: Display unexpected successes and expected failures.
      filter-subunit: Fix default for flapping setting.
      s3-selftest: Don't mark samba3.blackbox.failure.success test as known failing.
      rap netsessiongetinfo apparently *is* provided by samba3, so don't list it in knownfail.
      GetForestTrustInformation is implemented, remove it from knownfail.
      selftest: 'samba4.rpc.netlogon on ncalrpc with seal,padcheck.netlogon.DsrEnumerateDomainTrusts' now succeeds, remove it from the knownfail list.
      Fix typo.
      wafsamba: Use final_libs list to determine if a target needs private libraries, rather than direct dependencies list.
      selftest: Don't mark drsuapi tests as knownfailing.
      wafsamba: Cope with not everything having a final_libs attribute.
      selftest: Re-mark some drsuapi tests as known failing.
      samba4: Remove rpc-handles mixed-shared tests from known failing list.
      knownfail: Ignore failures for drsuapi tests over other transports as well.
      knownfail: LogonControl2Ex works.
      knownfail: samba4.base.createx_access.createx_access works.
      knownfail: Match on end-of-file, not end-of-file-access.
      Remove samba4.raw.oplock.brl4. Bug 7928 has been fixed.
      knownfail: Remove smb2.compound tests, they pass now.
      knownfail: Exclude specific list of SMB2 oplock tests.
      knownfail: re-add createx test.
      knownfail: remove base.maximum_allowed test, as it appears to be passing now.
      knownfail: remove now succeeding local.iconv test.
      knownfail: The resolve async tests work now.
      knownfail: Remove working winbind tests.
      knownfail: Mark some ldap.acl search tests as no longer failing.
      Add stub python module for tevent.
      Install (platform-independent) python scripts to the PYTHONDIR rather than PYTHONARCHDIR.
      tevent: Install python tevent modules.
      Add version attribute for pytevent.
      selftest: Some extra assertions.
      Add tests for srvsvc python interface. Thanks Dhananjay Sathe
      samba.kcc_utils: Fix formatting to match PEP8, make pydoctor happy.
      samba.drs_utils: Use new style classes and exceptions, fix formatting of docstrings to make pydoctor happy.
      pyldb: Add more docstrings.
      testtools: Update to new upstream revision.
      Add pep8.
      Add test for PEP8 - currently all errors are ignored, but we warn about them - and can ratchet if we want to.
      Add 'make pep8' target.
      Revert "Install (platform-independent) python scripts to the PYTHONDIR rather than PYTHONARCHDIR."
      wafsamba: Fix undefined variable name in error message.
      Remove the 'dir' registry backend.
      pyregistry: Remove directory support.
      Include waf as an extracted source directory, rather than as a one-in-a-file script.
      waf: Use git repository.
      replace: use libbsd for strlcat/strlcpy when available.
      replace: Only include C files from which there are actually functions used.
      replace: Add include for bsd/string.h.
      source3/wscript: Expand tabs, to prevent confusion (whitespace is significant in python/waf).
      s3/wscript: Fix dependency on gssapi, necessary when there is no system Kerberos.
      replace: Only add bsd dependency when bsd library was found.
      crypto: Add prototype for main torture functions.
      pyxattr_tdb: Remove pointless check for blob.length < 0.
      torture/libnet: Include prototype headers.
      pysocketwrapper: fix behaviour to be consistent with 'socket.getsockopt'
      loadparm: handle P_SEP in switches (silences warning with clang).
      smb_server: Preserve signedness of string push return value.
      charset/tests: Add prototypes for test functions.
      Revert "samba-tool: moved takes_optiongroups definition to Command base class"
      crypto/md5: Change prototypes to match BSD.
      crypto: Use libbsd md5 header, if available.
      samba-tool: Add optiongroups, necessary for 'samba-tool domain ...'
      samba-tool user password: Re-add support for option groups.
      provision: Make sure target directory is created early.
      regshell: Fix a counter that can actually be non-zero.

Jeremy Allison (54):
      After a discussion with Volker, sdd a backup_intent state to the client struct.
      Add the "backup" toggle command to smbclient. In order for this to be
      Convert smbclient to using NtCreateX by preference, fall back to openX on
      Ensure we map our own Samba return of ERRSRV, ERRunknownsmb
      Fix bug #8644 - vfs_acl_xattr and vfs_acl_tdb modules can fail to add inheritable entries on a directory with no stored ACL.
      Update the waf build system to link with the new PIDL locking code.
      Rename cli_open -> cli_openx. Prelude to replacing generic cli_open()
      Add cli_open() back as a synchronous wrapper function the calls
      Move the callers that need to use the new cli_open() back to calling
      Revert fac5c654e2fe17c2c11d150b16088e8a51f6be20
      First part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
      Second part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
      Third part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share.
      Restrict UCF_UNIX_NAME_LOOKUP (symlink allowed) to restricted set of calls.
      Fix bug #8664 - Renaming a symlink fails if the symlink target is outside of the share.
      Ensure VALID_STAT before accessing fields.
      check_name() not needed in mkdir.
      Allow an object to be deleted from a directory if the caller has DELETE_CHILD access
      Change the signature of pthreadpool_finished_job() to return 0
      Fix bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write
      Second part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
      Third part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
      Final part of fix for bug #8679 - recvfile code path using splice() on Linux leaves data in the pipe on short write.
      Add S3 vfs_aio_pthread module to replace broken glibc aio code.
      Add some debug to vfs_aio_pthread so I can see when jobs start and stop.
      Fix bug #8687 - net memberships usage info is wrong
      Add a sys_get_number_of_cores() function that calls sysconf or sysctl
      Fix format warning message.
      Add "aio num threads" parameter to allow manual configuration of
      Comment out sys_get_number_of_cores() as we're no longer using this.
      Remove the commented out code.
      First part of fix for bug #8673 - NT ACL issue.
      Second part of fix for bug #8673 - NT ACL issue.
      Ensure we always free aio_ex on all error paths by moving the TALLOC_FREE
      Add comments to all functions (to help me understand it better).
      Fix bug 8710 - connections.tdb - major leak with SMB2.
      Now make_connection_snum() is a static function that takes a
      Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.
      s3: Fix bug #8674.
      Add man page for vfs_aio_pthread module.
      Use sys_pread/sys_pwrite to cope correctly with 64-bit sizes. As in the default VFS case fall back from pread -> read and pwrite -> write on an ESPIPE error in the worker thread.
      Update man page to fix typo vfs_aio_fork -> vfs_aio_pthread, add
      Fix a really slow memory leak (in master at least). Found by Ira Cooper <ira at wakeful.net>.
      Finally remove all malloc()'s from the substitute code. Now totally
      Fix bug #8139 - smbclient fails if server does not support Echo request.
      Allow a SACL to be sent in cli_set_secdesc().
      Only ask for specific permissions required when setting an ACL.
      Replace all malloc/free with talloc on tos.
      Fix bug #7933 - samba fails to honor SEC_STD_WRITE_OWNER bit with the acl_xattr module.
      Replace bool flags inside ensure_canon_entry_valid() with pointers.
      Fix mistaken assignment of gid to uid field.
      Ensure when setting a POSIX ACL, that the uid for a
      Remove unused get_file_size() function.
      Fix shadow variable name warning.

Joey Adams (1):
      lib/ccan/build_assert: Remove stale LGPL license comment.

Kai Blin (15):
      s4 dns: Test SOA queries
      s4 dns: Get rid of const qualifier for prereqs, we do need to allocate those
      s4 dns: More explicitly use the first question of an update packet only
      s4 dns: Add test to prove two updates in one packet are a FORMERR
      s4 dns: Update requests with QCLASS != IN or ALL trigger NOTIMPLEMENTED errors
      s4 dns: Fix some typos in comments and a whitespace
      s4 dns: Implement dns name equality check
      s4 dns: Implement dns record comparison function
      s4 dns: Move record lookup to dns_utils.c
      s4 dns: Give better test output on RCODE mismatch
      s4 dns: Update prerequisite checking conforming to RFC
      s4 dns: Implement RFC-compatible update prescan
      s4 dns: Actually handle the update request
      s4 dns: Add some debug output
      s4 dns: Allow updates based on smb.conf setting

Kelly Yeoh (1):
      ldbedit: prevent a transaction warning on failure

Martin Schwenke (1):
      lib/ccan: Fix some typos in libccan.m4

Masafumi Nakayama (1):
      s3-cli: fix bug 563, >8GB tar on BE machines

Matthias Dieter Wallnöfer (13):
      s4:dsdb/common/util.c - test LDB result against LDB_SUCCESS as we are always doing
      ldb:ldb_tdb.c - fix warnings in "ltdb_init_rootdse"
      s4:libcli/finddcs_nbt.c - free "req" consistently with "finddcs_cldap.c"
      s4:netlogon RPC server - dcesrv_netr_DsRGetSiteName - add a small explaination
      s4:torture/rpc/netlogon.c - factor out the computer name check in an own test
      ldb:ldb/common/ldb_controls.c - reference "err_string" variable correctly
      s4:torture/rpc/netlogon.c - enhance the "DsRGetDCName*" tests
      s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as UNC path
      s4:repl_meta_data LDB module - set "isRecycled" time correctly
      s4:python tests __init__.py - do not depend on "subprocess.CalledProcessError"
      s4:python tests __init__.py - do not depend on "subprocess.check_call()"
      s4:join python code - write the SAM account name correctly
      s4:join python code - perform a fallback password set operation over libnet

Matthieu Patou (25):
      s4-python: rename conflicting variable with the import option
      s4-python: externalize some function to the drs_utils module so that they can be reused
      s4-python: factorize the definition of get_dsServiceName
      samba-tool: add a function to cleanly demote a DC
      samba-tool: refuse to demote if the current DC has still roles
      s4: add blackbox test for the demote function
      s4-drs: mark WERR_DS_DRA_BUSY as a non error in DsReplicaUpdateRefs
      s4-resolver: do not use all the A and AAAA records, those after a NS are not the one we want to use
      s4-drs: do not try to contact for replication servers that are not anymore in reps*
      s4-join: replicate first with DRS_CRITICAL_ONLY and DRS_GET_ANC objects for the base dn partition
      s4-becomedc: replicate first with DRS_CRITICAL_ONLY and DRS_GET_ANC objects for the base dn partition
      s4-drs: avoid calling unecesserly ldb_msg_find_attr_as_* as this call in unefficient
      s4-drs: introduce a timeout in the getncchanges processing to always return something in less than x seconds
      s4-dsdb: Relax the conditions where we can't do a subtree delete
      s4-ldb: Add isRecycled when is defined in the schema
      s4-kcc: Remove also deleted objects that are not in the Deleted Object container
      s4-drsuapi: we store boolean in upppercase so we need to test them in uppercase
      upgradeprovision: treat provision without oem attribute as quite recent, it's provision that comes from Windows replication
      pyldb: raise an exception if we can't add the attribute
      upgradeprovision: do not hold references to messageElements
      s3: improve the code in the AES encryption.
      s3: check that a user in a bogus domain name is mapped to the localnetbios name of a domain member
      s3-winbind: don't try to do clever thing if the username is not found while authenticating through winbind
      s3-pid: Catch with pid filename's change when config file is not smb.conf
      s3-nmbd: don't discard DGRAM frames from local addresses when we are a DC

Michael Adam (36):
      s3:registry: replace use of rawmemchr by portable equivalent use of strchr.
      Revert "Remove rawmemchr calls - found by Ira Cooper. These are glibc-specific calls, makes us completely non-portable."
      s3:net registry check: replace rawmemchr by functionally equivalent portable strchr
      lib/util/util_tdb: adhere to coding style for tdb_data_is_empty()
      s4:provision: improve a message
      s4:provision: add the possibility to provision "server services" in smb.conf
      s4:provision: add a server services line to the smb.conf template for the dc
      s4:provision: add "+dns" to server services if the dns backend is SAMBA_INTERNAL
      s3:net registry: fix a copy and paste error in a help text
      s3:net ads join: untangle assignment from check.
      s3:net ads join: reduce indentation and improve logging in the dns update code block
      s3:net ads join: untangle assignment from check, fix return code and improve error logging
      s3:net ads join: check for success of fetching machine password in dns update block
      s3:net ads join: check for malloc success and react accordingly in dns update block
      s3:net ads join: interpret return code of ads_kinit_password() in dns update block
      s3:net ads join: improve status evaluation for call to net_update_dns()
      s3:net ads join: improve comment for dns update block
      s3:net ads join: move dns update code out to new function _net_ads_join_dns_updates()
      s3:net ads join: reduce indentation in _net_ads_join_dns_updates()
      s3:net ads join: add a comment for the call to _net_ads_join_dns_update()
      s3:net ads join: remove a useless empty comment block
      s3:smbd:smb2: fix an assignment-instead-of-check bug conn_snum_used()
      loadparm: fix a load of uninitialized memory errors found by valgrind.
      s4:torture:smb2: remove an unused variable from torture_smb2_setinfo()
      s4:torture:smb2:notify: remove an unused variable
      s4:torture:smb2:notify: remove an unused variable
      s4:torture:smb2: check for success of talloc in secondary_tcon()
      s4:torture:smb2: talloc_free the right tree structure in secondary_tcon()
      s4:libcli/torture:smb2: change smb2_tree_connect to take a smb2_session instead of smb2_tree arguement.
      s4:libcli:smb2: don't allocate the smb2_tree struct earlier than necessary in smb2_connect()
      s4:torture: add smb2.durable_open test reopen1
      s4:torture: add smb2.durable_open test reopen2
      s4:torture: add torture_smb2_tree_connect() utility function
      s4:torture: add smb2.durable_open test reopen3
      s4:torture: add a torture_smb2_session_setup() utility function
      s4:torture: add a smb2.durable_open.reopen4 test

Michael Wood (1):
      Log short_princ instead of uninitialised filter.

Richard Sharpe (2):
      vfs: Make function pointer names consistent. They all end in _fn
      Another fix for bug #8556 - ACL permissions ignored when SMBsetatr is requested.

Rusty Russell (41):
      lib/ccan/array_size: relicense under public domain.
      lib/ccan/htable: fix tools/speed.
      lib/ccan/typesafe_cb: fix example macro ordering in typesafe_cb_preargs documentation.
      lib/ccan/str: relicense to public domain.
      lib/ccan/str: fix warnings.
      lib/ccan/htable, strset: benchmarking tools.
      lib/ccan/htable: start empty.
      lib/ccan/htable: clean up interface, document htable_type better.
      lib/ccan/htable: HTABLE_INITIALIZER() for static initialization.
      lib/ccan/likely: use htable_type
      lib/ccan/htable: benchmark against hsearch(3)
      lib/ccan/asearch: fix example on 64 bit platforms.
      lib/ccan/compiler, ilog: IDEMPOTENT "idempotent does not mean what you think it means"
      lib/ccan/cast: fix warnings with -Wextra (specifically -Wmissing-field-initializers)
      tdb2: fix intermittant failure in run-50-multiple-freelists-fail.c
      tdb2: consolidate testing failtest suppression routines.
      tdb2: failtest: use a linked list for history, not an array.
      tdb2: simplify failtest helper.
      tdb2: suppress failtest more than once on mmap.
      tdb2: add an internal TDB_CANT_CHECK flag.
      tdb2: provide tdb_layout_write() rather than implying it by new_tdb_layout arg.
      tdb2: add a capability list from the header.
      tdb2: display capability information in tdb_summary()
      tdb2: tlist: remove type arg from tlist_top(), tlist_tail()
      tdb2: don't use TDB2 versions of test tdb files.
      lib/ccan: fix m4 tests for builtin_expect and compound literals.
      patch tdb-oob-fix.patch
      tdb: be more careful on 4G files.
      tdb: use same expansion factor logic when expanding for new recovery area.
      tdb: don't free old recovery area when expanding if already at EOF.
      tdb2: careful on wrap.
      tdb2: copy tdb1's changed expansion logic.
      ldb_wrap.c: fix TDB2-incompatible API usage.
      tdb_compat: only use hashsize attribute when O_CREAT
      samdb: use compat wrappers for tdb_fetch().
      tdb2: tools/tdb2backup
      tdb2: name tools the same as TDB1 tools.
      tdb2:tdbtorture: use TEST_DATA_PREFIX for files
      tdb2: add -1 and -2 options to tdbtorture
      tdb2: make --enable-tdb2 the default.
      tdb2: add --disable-tdb2

Simo Sorce (2):
      s3-pdb: Break SECRETS3 dependency on PDB.
      s3-pdb: Make ADS-type backends updates secrets.tdb.

Stefan Metzmacher (184):
      s4:libcli/raw: mark a request as error if we can't ship it
      s4:libcli/smb2: mark a request as error if we can't ship it
      s3:smbd: call sub_set_socket_ids() in smbd_process() again
      s3:smbd: remember the smbd_server_connection on pending_message_list
      s3:smbd: make struct pending_message_list private
      s3:smbd: remove references to the global smbd_server_conn
      s3:smbd: pass down smbd_server_connection via smbd_echo_state
      s3:smbd: remember the event context on smbd_server_connection
      s3:smbd/blocking: avoid usage of server_event_context()
      s3:smbd/close: avoid usage of server_event_context()
      s3:smbd/fileio: avoid usage of server_event_context()
      s3:smbd/ipc: pass 'state' as mem_ctx to np_read_send()
      s3:smbd/service: avoid using server_event_context() for notify_init()
      s3:smbd/oplock: avoid using server_event_context() in add_oplock_timeout_handler()
      s3:smbd/process: avoid using server_event_context() for smbd_deferred_open_timer events
      s3:smbd/process: avoid using server_event_context() for the forked echo handler
      s3:smbd/pipes: avoid passing server_event_context() as event context to np_{read,write}_send
      s3:smb2_lock: avoid using server_event_context()
      s3:smb2_server: use sconn->ev_ctx instead of sconn->smb2.event_ctx
      s4:python/samba/join: set msDS-Behavior-Version to '4' 2008_R2 on the nTDSA object
      s3:smb2_lock: pass smbd_server_connection as private_data to received_unlock_msg()
      s3:smbd/blocking: pass smbd_server_connection as private_data to received_unlock_msg()
      s3:smbd/clode: pass smbd_server_connection as private_data to msg_close_file()
      s3:smbd/close: pass smbd_server_connection to notify_deferred_opens()
      s4:pydsdb: remove unused variable from py_dsdb_am_pdc()
      s3:smbd/blocking: pass smbd_server_connection as private_data to process_blocking_lock_cancel_message()
      s3:smbd/conn_msg: pass smbd_server_connection as private_data to msg_force_tdis()
      s3:smbd: register MSG_SMB_FILE_RENAME after the fork
      s3:smbd/open: pass smbd_server_connection as private_data to msg_file_was_renamed()
      s3:smbd/server: remember the msg_ctx on the smbd_parent_context
      s3:smbd/server: remember the ev_ctx on the smbd_parent_context
      s3:smbd/server: create smbd_parent_context earlier
      s3:smbd/server: add parent specific SIGTERM and SIGHUP handlers
      s3:smbcontrol: remove unused "samsync" and "samrepl" commands
      s3:rpc_server/netlogon: remove unused send_sync_message()
      s3:smbd/server: remove unused msg_sam_sync()
      s3:messaging.idl: obsolete unused MSG_SMB_SAM_*
      s3:param: don't reference conn_snum_used directly in load_usershare_shares()
      s3:lib/dummyparam: remove unused conn_snum_used() dummy
      s3:smbd: add connections_snum_used()
      s3:smbd: use connections_snum_used() instead of conn_snum_used() for load_usershare_shares()
      s3:smbd/msdfs: enum_msdfs_links() doesn't need a smbd_server_connection anymore
      s3:smbd/oplock: pass smbd_server_connection to init_oplocks()
      s3:smbd/oplock: pass sconn as private_data to process_oplock_break_message()
      s3:smbd/oplock: pass sconn as private_data to process_oplock_async_level2_break_message()
      s3:smbd/oplock: pass sconn as private_data to process_oplock_break_response()
      s3:smbd/oplock: pass sconn as private_data to process_kernel_oplock_break()
      s3:smbd/oplock: pass sconn as private_data to process_open_retry_message()
      s3:smbd/oplock: pass smbd_server_connection to irix_init_kernel_oplocks()
      s3:smbd/oplock: pass smbd_server_connection to linux_init_kernel_oplocks()
      s3:smbd/oplock: pass smbd_server_connection to onefs_init_kernel_oplocks()
      s3:smbd: pass smbd_server_connection to smbd_setup_sig_term_handler()
      s3:smbd: pass smbd_server_connection to smbd_setup_sig_hup_handler()
      s3:vfstest: reload_services() doesn't need a messaging_context
      s3:smbd/oplock_onefs: pass smbd_server_connection to onefs_oplock_wait_record()
      s3:smbd/oplock_onefs: avoid using smbd_messaging_context()
      s3:smbd/server: move smbd_open_socket and smbd_parent_context to the top
      s3:smbd/globals: remove unused extern declarations
      s3:smbd/globals: change 'int am_parent' into 'struct smbd_parent_context *am_parent'
      s3:smbd/server: pass smbd_parent_context to smbd_setup_sig_chld_handler()
      s3:smbd/server: maintain the list of child processes under smbd_parent_context
      s3:smbd: remove unused smbd_messaging_context()
      s3:smbd/server: avoid msg_ctx_to_sconn() in smbd_accept_connection()
      s3:smbd: remove brl_register_msgs()
      s3:web/swat: use short term event and message contexts
      s3:smbd/blocking: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd/close: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd/conn_msg: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd/open: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd/oplock: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd/oplock: make process_oplock_async_level2_break_message() static
      s3:smb2_lock: use talloc_get_type_abort() as private_data can't be NULL
      s3:smbd: split ID_CACHE_* message handling into parent and child parts
      s3:smbd: split smb_conf_updated into parent and child versions
      s3:rpc_server/spoolss: remove reload_services check from delete_printer_hook()
      s3:printing/spoolssd: pass event and messaging context to check_updater_child()
      s3:smbd: pass smbd_server_connection and a snumused function pointer to reload_services()
      s3:smbd/globals: remove unused msg_ctx_to_sconn()
      s4:libcli/rap: initialize call->rcv_datalen
      s4:libcli/rap: remove unused members from struct rap_call
      s4:libcli/rap: use talloc_zero() and initialize everything
      s4:libcli/rap: call->ndr_push_{param,data} can be talloc childs of 'call'
      s4:libcli/rap: the caller should get talloc children from call->ndr_pull_{param,data}
      s3:lib/conn_tdb: avoid using sconn_server_id()
      s3:locking: avoid using sconn_server_id()
      s3:smbd: avoid using sconn_server_id()
      s3:smbd: remove unused sconn_server_id()
      s3:printing/spoolssd: avoid using server_messaging_context()
      s4:torture/rap/printing: check smbcli_rap_netprintqgetinfo() WERR status
      s4:drsuapi/getncchanges: return WERR_NOMEM if talloc_array() fails
      libcli/smb: add SMB2_DIALECT_REVISION_224
      libcli/smb: add PROTOCOL_SMB2_24 support
      s3:smb2_negprot: add support for PROTOCOL_SMB2_24
      lib/param: add support for "SMB2_24" in smb.conf options
      s3:torture/test_smb2: also try PROTOCOL_SMB2_24
      s3-netlogon: Add support for LogonGetCapabilities.
      s3-rpc_server: Pass in our flags to netlogon_creds_server_init().
      s4-torture: Test rpc schannel netr_LogonGetCapability.
      s4:drsuapi/getncchanges: the default for isRecycled is FALSE
      s3:lib/ctdbd_conn: try ctdbd_init_connection() as root
      s3: Happy New Year 2012
      s4: Happy New Year 2012
      s4:torture/nbt/dgram.c: NBT samlogon requests without _EX return the PDC name as UNC path
      LDAP-CLDAP: demonstrate that pdc name is an unc path
      s4:cldap_server/netlogon.c: it is wrong to specify "\\" in front of the hostname
      LDAP-CLDAP: demonstrate that pdc name is not an unc path
      s4:pygensec: add session_key() method
      s4:pygensec/tests: check that the client and server have the same session key
      s4:pyrpc: add 'user_session_key' getter to the connection object
      s3:gse: MIT krb5 1.8.1 has a bug in gss_wrap_iov()
      s3:SMB2-SESSION-RECONNECT: also expect NETWORK_NAME_DELETED is signing isn't used
      pidl:Samba4/Python: add an optional 'allow_remaining' argument to __ndr_unpack__() hooks
      s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()
      s4:scripting/devel: add repl_cleartext_pwd.py script
      talloc/testsuite: fix compiler warnings
      lib/param: avoid talloc_reference() in copy_service()
      s3:smbd: explicitly ask for GENSEC_FEATURE_UNIX_TOKEN
      auth/gensec: add gensec_*max_update_size()
      s4:pygensec: add set_max_update_size() and max_update_size() functions
      s4:auth/gensec/spnego: add support for fragmented spnego messages
      s4:pygensec/tests: add test for gensec_set_max_update_size()
      s4:repl_cleartext_pwd.py: correctly compare attids as uint32_t values
      s4:repl_cleartext_pwd.py: add 'attmode' parameter to convert the attname to utf8
      s4:repl_cleartext_pwd.py: add optional 'clear_utf16_name' parameter
      s4:auth/gensec: fix compiler warnings in spnego.c
      auth/gensec: make sure functions from gensec.c are in gensec.h
      auth/gensec: add some more functions from gensec_start.c to gensec.h
      s4:auth/gensec: inline packet_full_request_u32()
      auth/gensec: common helper functions should be in gensec_util.c
      auth/gensec: move spnego.c to the toplevel
      s3:build: add auth/gensec/spnego.o
      s3:selftest: rpcclient doesn't support smb2
      s4:dsdb/password_hash: require a "Primary:Kerberos" blob in supplementalCredentials
      s3:printing: avoid messaging_event_context() in print_queue_housekeeping()
      s3:smbcontrol: pass tevent_context down to subcommands
      s3:smbcontrol: pass tevent_context down to wait_replies()
      s3:smbcontrol: avoid using messaging_event_context()
      s3:lib/messages: remove unused messaging_event_context()
      dynconfig/config.m4: expand prefix, exec_prefix, sysconfdir, localstatedir and datarootdir in Makefile
      dynconfig: --with-modulesdir should be a Samba option
      dynconfig: overwrite --with-privatelibdir as a Samba option
      s3-gse gss_wrap_iov_length() only needs the type and length
      s3-gse: verify that we got GSS_C_DCE_STYLE when expected
      s3-gse: the server should not check for GSS_C_MUTUAL_FLAG
      dynconfig/wscript: correctly cleanup PRIVATELIBDIR and MODULESDIR defaults
      s3:configure.in: fix the shell logic in krb5 checks
      s3:build: for now do not require gsskrb5_extract_authz_data_from_sec_context
      s3:configure.in: move krb5_set_real_time check to other function checks
      s3:configure.in: require gssapi for ads support
      s3:configure.in: move gss_wrap_iov check to the other function checks
      s3:smbd/proto.h: remove unused do_map_to_guest() prototype
      s3:kerberos_verify: ads_dedicated_keytab_verify_ticket() only needs read access
      s3-gse: fix SECRETS_AND_KEYTAB fallback in gse_krb5_get_server_keytab()
      s3-gse: create memory keytab in gse_krb5_get_server_keytab()
      s3-gse: implement fill_mem_keytab_from_[system|dedicated]_keytab
      s3-gse: make sure GSS_C_CONF_FLAG implies GSS_C_INTEG_FLAG
      s4:auth/gensec: make sure GSS_C_CONF_FLAG implies GSS_C_INTEG_FLAG
      script/autobuild.py: cleanup on rebase failure
      Revert "build: Add -lz to wbinfo to fix build on some hosts"
      Revert "s3:build: for now do not require gsskrb5_extract_authz_data_from_sec_context"
      s3:smb2_sessetup: call set_current_user_info() and reload_services() on success
      s3:build: require gss_krb5_export_lucid_sec_context() for ads support
      s3-gse: add GENSEC_FEATURE_NEW_SPNEGO detection in gensec_gse_have_feature()
      auth/gensec_gssapi: sync gensec_gssapi_state with gse_context
      s3:auth/auth_generic: for now call sub_set_smb_name() and lp_load()
      libcli/smb: fix smbXcli_negprot(..., PROTOCOL_NT1, PROTOCOL_SMB2_02)
      libcli/util: fix typo in nt_errs[] for NT_STATUS_NETWORK_SESSION_EXPIRED
      s3:auth/auth_generic: make use of gensec_spnego in the server
      s3:libsmb/auth_generic: make use of gensec_spnego in the client
      s3:smbd: always use the gensec code path in smb2_sesssetup.c
      s3:smbd: rework smbd_smb2_*_ntlmssp_auth* to smbd_smb2_auth_generic*
      s3:smbd: always use the gensec code path in sesssetup.c
      s3:smbd: remove pending_auth_data logic
      s3:smbd: remove unused code from sesssetup.c
      s3:smbd: rework reply_spnego_ntlmssp to reply_spnego_generic
      s3:smbd: the spnego session setup don't need to copy the in blob
      s3:smbd: inline code in reply_sesssetup_and_X_spnego()
      Revert "Fix bug #8139 - smbclient fails if server does not support Echo request."
      s3:client: ignore SMBecho errors (the server may not support it) (bug #8139)
      s3:auth: fix potential gap creation in wbcsids_to_samr_RidWithAttributeArray()
      s3:auth: fill the sids array of the info3 in wbcAuthUserInfo_to_netr_SamInfo3() (bug #8739)
      tevent: change the version to 0.9.15

Sumit Bose (2):
      s3-netlogon: Add support to authenticate trusted domains.
      s3-netlogon: use dsgetdcname() instead of get_dc_name()

Volker Lendecke (163):
      s3: Remove unused dbwrap_record_get_private_data
      s3: Fix some nonblank line endings
      librpc: Add support for struct timespec
      librpc: Add support for struct timeval
      s3: Add open_files.idl
      s3: Move ndr_file_id to LIBNDR_OBJ
      s3: Use autogenerated open_files.idl
      s3: Fix typos
      s3: Fix some blank line endings
      s3: Fix some 64-bit warnings
      s3-dbwrap: Use simpler code for logging keys
      s3-dbwrap: use wrappers where appropriate
      s3-dbwrap: Make dbwrap_fallback_fetch private
      s3-dbwrap: Make dbwrap_fallback_parse_record private
      s3-dbwrap: Avoid an "else" by an early return
      s3-dbwrap: Make dbwrap_fallback_wipe private
      s3-dbwrap: & is not required when taking a function pointer
      s3-dbwrap: Fix a typo
      tevent: tevent_schedule_immediate never fails
      s3: Remove a bunch of calls to procid_self()
      libcli: Remove an unused variable
      s3: Remove a call to procid_self()
      s3: Remove a call to procid_self()
      s3: Remove a call to procid_self()
      s3: Remove a call to procid_self()
      s3: Fix some nonempty blank lines
      s3: Use pid_to_procid
      s3: Convert open_files.idl to tab indents
      s3: Use talloc_tos() in set_sticky_write_time()
      s3: Use talloc_tos() in set_write_time()
      s3-dbwrap: Simplify db_tdb_fetchlock_parse a bit
      s3: Remove an else{} in remove_deferred_open_entry
      s3: Move can_set_delete_on_close to smbd/
      s3: Move can_delete_directory to smbd/, remove shim
      s3: Fix examples/VFS build
      s3: Fix some nonempty blank lines
      s3: Centralize nmbd_messaging_context in nmbd.c
      s3: Make nmbd_messaging_context static
      s3: Pass messaging_context to nmbd/process()
      s3: Remove a call to procid_self()
      s3: Remove a call to procid_self()
      s3: Fix some pointless statics
      s3: Remove nmbd_messaging_context()
      s3: Remove a call to procid_self()
      s3: Slightly simplify the logic in defer_open
      s3: Fix raw.mux after UNUSED_SHARE_MODE_ENTRY was removed
      s3-dbwrap: Make dbwrap_parse_record return NTSTATUS
      s3-dbwrap: Implement db_ctdb_parse_record in terms of db_ctdb_fetch
      s3-dbwrap: Fix some blank line endings
      s3-dbwrap: For nostalgic reasons, make dbwrap_file.c compile at least
      s3-dbwrap: Rewrite dbwrap_fallback_parse_record based on dbwrap_fetch_locked
      s3-dbwrap: Rewrite dbwrap_fetch in terms of dbwrap_parse_record
      s3-dbwrap: Remove the "fetch" db_context callback
      s3-dbwrap: All relevant backends provide parse_record(). Remove the fallback.
      s3: Fix a typo
      s3: Slightly simplify delay_for_batch_oplocks
      s3: Slightly simplify delay_for_exclusive_oplocks
      Add support for TCP_DEFER_ACCEPT
      s3: Make open_file_ntcreate a bit easier to read
      s3: Make open_file_ntcreate a bit easier to read
      s3: Make open_file_ntcreate a bit easier to read
      s3: Add some const to find_oplock_types
      s3: Fix the clustering build
      tdb: Avoid a malloc/memcpy in _tdb_store
      tdb2: Avoid a malloc/memcpy in _tdb1_store
      s3: Fix some False/NULL hickups
      idl: Avoid c++ style comments
      s3: There's no reason not to at least build winbind on darwin
      lib: Fix NT_STATUS_ALL_SIDS_FILTERED definition
      libreplace: Don't check for standards.h on darwin (Lion)
      tdb: Use tdb_parse_record in tdb_update_hash
      tdb: Use tdb_parse_record in tdb_update_hash
      s3: Fix linking on Lion
      s3: Fix a 64-bit warning
      s3: Fix fn signatures in charset_macosx.c
      lib/charset: Remove an unused variable
      examples: malloc is declared in <stdlib.h>
      Fix the build without kerberos
      talloc: Fix a typo
      talloc: Slightly simplify talloc_unlink
      s3: Factor out smbd_calculate_maximum_allowed_access
      s3: Directly use *p_access_mask in smbd_calculate_maximum_allowed_access
      s3: Remove some else{} branches in smbd_calculate_maximum_allowed_access
      s3: Avoid "file_existed" in smbd_calculate_maximum_allowed_access
      s3: Remove the unused "file_existed" parameter from smbd_calculate_access_mask
      s3: Fix a typo
      s3: Fix a cut&paste error
      s3: Check for the packet size before accessing it
      s3: Fix some nonempty blank lines
      s3: Add a suicide mode to smbd
      s3: Move basic SMB checking to a much earlier point
      libcli/smb: Add smbXcli_conn_samba_suicide
      s3: Add a test excercising the share mode cleanup routine
      s3: Run the CLEANUP1 test
      s3: Remove some redundant code
      s3: Clarify what CLEANUP1 does
      s3: Add a test for proper brlock cleanup
      s3: Run the CLEANUP2 test
      Fix the local-memcache test for 64-bit
      s3: No value change, just use the correct enum value
      s3: Use DELETE_ON_CLOSE instead of unlink
      s3: Avoid a potential alignment requirement issue
      s3: Avoid a potential alignment requirement issue
      s3: Remove an unused label
      s3-aio_pthread: Make "pd_list" static
      s3-aio_pthread: Fix the build
      s3: Split a line with 1 statements
      s3: Replace fill_share_mode_lock()
      s3: Introduce get_share_mode_lock_fresh()
      s3: Put an indirection layer into share_mode_lock
      s3: Move the share_mode_lock handling to its own file
      s3: Fix nested get_share_mode_lock calls
      s3: Fix the talloc hierarchy in fetch_share_mode_unlocked
      s3: ADS support is needed for dns updates
      s3-install: Don't let MANDIR and SRCDIR be overwritten
      RHEL-CTDB: --with-mandir -> --mandir
      RHEL-CTDB: CP*so are no more
      RHEL-CTDB: *.dat files moved
      RHEL-CTDB: *.msg files moved
      s3: Fix bug 8695
      s3: Add a "lock_order" argument to db_open
      s3: Enforce a lock order in dbwrap
      s3: Change locking order between brlock and locking
      Revert "Fix bug #8175 - smbd deadlock."
      s3: Pass down lock_order to db_open_ctdb
      s3: Use lock_order for setting the db priority
      s3-aio-pthread: num threads should be int
      s3: Fix a typo
      s3: Fix the build on FreeBSD8
      s3: Add debug when a message is registered
      s3: Remove a typedef
      s3: Remove a typedef
      Introduce dump_data_file
      s3: Fix a panic in aio_pthread
      s3: Fix unused variable warnings
      s3: Fix "smbcontrol smbd close-share"
      s3: Re-indent an && sequence for better understanding
      s3: Unify stream testing in open_directory
      s3: Simplify an if-statement
      s3: Delete streams on directories
      s3: Add rmdir operation to streams_depot
      s3-vfstest: Fix some nonblank line endings
      s3-vfstest: Fix a typo
      s3-vfstest: Fix some pointless statics
      s3-vfstest: Fix some uninitialized vars
      s3-vfstest: Correctly initialize the connection path
      s3: Test for bug 8733
      s3-vfstest: Fix a double-free on closing a file
      s3-vfstest: Fix an uninitialized read in close
      s3: Simplify streams_depot a bit
      s3: Use ARRAY_SIZE in bsd_attr_list
      s3: Move stream_depot test to script/tests
      s3-vfstest: Add getxattr
      s3-vfstest: Add listxattr
      s3-vfstest: Add setxattr
      s3-vfstest: Add removexattr
      s3-xattr_tdb: Fix listxattr
      s3: Test for faulty xattr_tdb listxattr
      lib/util: Add hex_encode_buf
      s3: FreeBSD does not define sin6_addr.s_addr32
      s3: Increase debug level of basic ctdb packet handling
      tevent: Fix deleting signal events from within themselves


Samba Shared Repository

More information about the samba-cvs mailing list