[SCM] Samba Shared Repository - annotated tag tevent-0.9.23 created

Stefan Metzmacher metze at samba.org
Fri Feb 27 01:41:06 MST 2015

The annotated tag, tevent-0.9.23 has been created
        at  d14fdb68fcbaa5dc0a1307ef32e4a256827806f2 (tag)
   tagging  04b8e19e1708c5670d180f5cd86d8ed139e9e5a4 (commit)
  replaces  ldb-1.1.20
 tagged by  Stefan Metzmacher
        on  Fri Feb 27 09:40:58 2015 +0100

- Log -----------------------------------------------------------------
tevent: tag release tevent-0.9.23
Version: GnuPG v1


Alexander Bokovoy (1):
      wafsamba: make sure build fails when uninitialized variable is detected

Amitay Isaacs (1):
      ctdb-io: Do not use sys_write to write to client sockets

Andreas Schneider (19):
      waf: Add address sanitizer configure option.
      uwrap: Fix the handle loop for older gcc versions.
      uwrap: Add support for running with address sanitizer.
      uwrap: Make sure we leave if the id is NULL.
      uwrap: Bump version to 1.1.0.
      printing: rework nt_printer_guid_store to return errors
      spoolss: retrieve published printer GUID if not in registry
      s3-netlogon: Make sure we do not deference a NULL pointer.
      torture: Add netr_setPassword(2) schannel test.
      swrap: Fix the loop for older gcc versions.
      src: Add support for running with address sanitizer.
      swrap: Do not leak the socket_info we just removed.
      swrap: If we remove the socket_info also unlink the unix socket
      swrap: Bump version to 1.1.3
      waf: Only build the wrappers if we enable selftest
      libsmb: Do not lookup invalid netbios names.
      nss-wins: Do not lookup invalid netbios names
      nmblookup: Warn user if netbios name is too long.
      s3-pam_smbpass: Add a deprecation warning.

Andrew Bartlett (42):
      dsdb: Do not use _ prefix in tombstone_reanimate module
      torture-krb5: Do not do post-recv checks if the packet recv failed
      kdc: fixup KDC to use functions portable to MIT krb5
      kdc: make Samba KDC pass new TGS-REQ and AS-REQ (to self) testing
      torture-krb5: add TGS-REQ testing to krb5.kdc.canon testsuite
      torture-krb5: Add tests for the canonicalise TGS-REQ case
      torture-krb5: Reformat and re-work test to be easier to follow
      torture-krb5: Improve the assertions in our KDC tests to be more explicit
      torture-krb5: Add tests for AS-REQ to our own name
      selftest: Run krb5.kdc with an account that has a UPN and an SPN
      torture-krb5: Further test improvements to cover KRB5_GC_CANONICALIZE on krbtgt/
      torture-krb5: Add additional assertions for non-canon TGS-REP
      torture-krb5: Split out TEST_AS_REQ_SELF recv testing routine
      torture-krb5: Add test in for normal TGS-REQ
      torture-krb5: Add test for TGS-REQ with type KRB5_NT_PRINCIPAL, KRB5_NT_SRV_INST, KRB5_NT_SRV_HST
      auth/kerberos: Use talloc_stackframe to avoid memory and FD leak of event context
      torture-krb5: Provide a generic handler to catch and print unexpected KRB_ERROR packets
      Remove obsolete SGI packaging
      Update mailing list references to point at lists.samba.org
      debug: Set close-on-exec for the main log file FD
      s4-messaging: Remove unused struct imessaging_rec
      librpc: Move messaging.idl to the top level
      s4-messaging: Unify list of possible messages into messaging.idl
      lib/crypto: Document what crypto code is used for, and if GnuTLS supports it
      torture-backupkey: Add consistent assertions that createRestoreGUIDStruct() suceeds
      torture-backupkey: Assert dcerpc_bkrp_BackupKey_r call was successful
      backupkey: Move SID comparison to inside get_and_verify_access_check()
      backupkey: Improve function names and comments for clarity
      backupkey: Implement ServerWrap Encrypt protocol
      backupkey: Use the name lsa_secret rather than just secret
      backupkey: Improve variable names to make clear this is client-provided data
      backupkey: Handle more clearly the case where we find the secret, but it has no value
      backupkey: Implement ServerWrap Decrypt
      backupkey: Change expected error codes to match Windows 2008R2 and Windows 2012R2
      backupkey: Add tests for ServerWrap protocol
      backupkey: Better handling for different wrap version headers
      torture-backupkey: Add tests that read the secret from the server, and validate
      backupkey: Explain more why we use GnuTLS here
      s4/scripting/bin/renamedc: Fix up rename DC script
      selftest: Improve renamedc tests to confirm more than just the exit code
      testprogs-test_chgdcpass.sh: Improve comments to explain why we check about changing the password twice
      s4/scripting/devel: Add tool to roll over the krbtgt password

Arvid Requate (13):
      s4-backupkey: Ensure RSA modulus is 2048 bits
      s4-backupkey: Cert lifetime of 365 days, not secs
      s4-backupkey: check for talloc failure
      s4-backupkey: de-duplicate error handling
      s4-backupkey: Set defined cert serialnumber
      s4-backupkey: Comply with [MS-BKRP] 2.2.1
      s4-backupkey: Initialize ndr->switchlist for print
      s4-backupkey: fix ndr_pull error on empty input
      s4-backupkey: IDL for ServerWrap subprotocol
      s4-backupkey: typo fix
      s4-backupkey: improve variable name
      s4-backupkey: consistent naming of werr variable
      s4:torture/rpc/backupkey: Require 2048 bit RSA key

Christof Schmitt (2):
      vfs_prealloc: Remove call to gpfs_prealloc
      regedit: Rename variable to fix compile warning

David Disseldorp (12):
      printing/cups: pack requested-attributes with IPP_TAG_KEYWORD
      torture/ioctl: fix check_[zero/pattern]() for len=0
      torture/ioctl: add sparse_hole_dealloc test
      torture/ioctl: extend sparse_hole_dealloc test
      torture/ioctl: add sparse_compressed test
      torture/ioctl: add test_ioctl_sparse_copy_chunk test
      smbd/reply: convert free space to 16bit in dskattr handler
      s3/vfs: remove unused SMB_VFS_DISK_FREE() small_query parameter
      printing: split out printer DN and GUID retrieval
      printing: add nt_printer_guid_retrieve() helper
      s3/vfs: bump interface version number to 33
      ntdb: always return int from tdb_store_flag_to_ntdb()

Garming Sam (6):
      backupkey: begin by factoring out the server wrap functions
      backupkey: Improve IDL
      build: Require GnuTLS if building with Active Directory
      backupkey: replace heimdal rsa key generation with GnuTLS
      torture-backupkey: Check the dcerpc call return code before calling ndr pull
      build: amend typo for address sanitizer help

Günther Deschner (7):
      idl: fix IDL for netr_WorkstationInformation().
      s4-torture: the new krb5 kdc tests are heimdal, not dc specific.
      auth/credentials_krb5: fix memory leak in cli_credentials_failed_kerberos_login().
      s3-passdb: lift annoying debug message level.
      s4-selftest: push up the "users" gid to make gid collision more unlikely.
      selftest: re-enable nss_winbind via nss_wrapper in the test-envs.
      vfs: Add a brief vfs_ceph manpage.

Jelmer Vernooij (6):
      selftest: Fix typo namerserver -> nameserver.
      Update selftest README to point at upstream subunit repository for protocol description.
      Remove documentation for testsuite-count subunit extension, which is no longer used.
      rpc_talloc: Update instructions to use standard unittest runner.
      wscript: Expand tabs.
      Force rebuild of ldb if pyldb-util is not available.

Jeremy Allison (11):
      s3: smbclient: Allinfo leaves the file handle open.
      Add Solaris ports as a tevent backend.
      s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED.
      s3: smbd: leases - new torture test shows stat opens can get leases.
      s3: smbd: leases - losen paranoia check. Stat opens can grant leases.
      s4: smbtorture: leases - show stat opens grant leases and can be broken.
      s3: smbd: SMB2 close. Add utility function setup_close_full_information()
      s3: smbd: SMB2 close. Call utility function setup_close_full_information()
      s3: smbd: SMB2 close. If a file has delete on close, store the return info before deleting.
      CVE-2015-0240: s3: netlogon: Ensure we don't call talloc_free on an uninitialized pointer.
      Revert "s3: smbd: signing. Ensure we respond correctly to an SMB2 negprot with SMB2_NEGOTIATE_SIGNING_REQUIRED."

Kamen Mazdrashki (44):
      s4-dsdb: Initial implementation for Tombstone reanimation module
      s4-dsdb: Insert tombstone_reanimate module in ldb modules chain after objectclass
      s4-dsdb-tests: Remove trailing ';' in deletetest.py
      s4-dsdb-tests: Remove unused method get_ldap_connection()
      s4-dsdb-tests: Make unique object names to test with in deletetest
      s4-dsdb-tests: Fix whitespace in deletetest.py
      s4-dsdb: Return error codes as windows does for Tombstone reanimation
      s4-dsdb: Initialize module context only we are to handle Tombstone request
      s4-dsdb: Make most specific objectCategory for an object
      s4-dsdb: Make use dsdb_make_object_category() for objectCategory
      s4-dsdb: Define internal dsdb control to mark Tombstone reanimation requests
      s4-tests: Print out what the error is in delete_force()
      s4-dsdb: Add documentation link for Tombstone Reanimation
      s4-dsdb: Implement rename/modify requests as local for the module
      s4-dsdb: Mark request during Tombstone reanimation with custom LDAP control
      s4-dsdb-test: Implement samdb_connect_env() to rely solely on environment
      s4-dsdb-test: Initial implementation for Tombstone restore test suite
      s4-dsdb-test: Use case insensitive comparison for DNs in undelete test
      s4-dsdb-test: Fix Undelete tests after subunit upgrade work
      s4-dsdb-util: Mark attributes with ADD flag in samdb_find_or_add_attribute()
      s4-dsdb/reanimate: Implement attribute_restore function
      s4-dsdb/samldb: Fix type "omputer" -> "computer"
      s4-dsdb/samldb: Skip 'sAMAccountType' and 'primaryGroupID' during Tombstone reanimate
      s4-dsdb/reanimate: Use 'show deleted' control in modify operations too
      s4-dsdb/reanimate: Swap rename->modify operations to modify->rename sequence
      s4-dsdb/reanimate: Group objects reanimation implementation
      s4-dsdb-test: remove trailing ';' in ldap.py
      s4-dsdb/objectclass: remove duplicated declaration for objectclass_do_add
      s4-dsdb-test: Fix duplicated key in a dictionary in sam.py
      s4-dsdb-tests: Move base tests for Tombstone reanimation in tombstone_reanimation module
      s4-dsdb-test/reanimate: Fix whitespaces according to PEP8
      s4-dsdb/samdb: Don't relax contraint checking during rename for Deleted objects
      s4-dsdb/samldb: Relax a bit restrictions in Config partition while restoring deleted object
      s4-dsdb/test: Delete any leftover objects in the beginning of Cross-NC test
      s4-dsdb/samldb: Don't allow rename requests on Deleted object
      s4-dsdb-test: Use common base method for restoring Deleted objects
      s4-dsdb/tests: Do not pre-create LoadParm - connect_samdb_env() will handle it
      s4-tests: Add tombstone_reanimation test case to s4 test suite
      s4-dsdb: Move User object default attribute values in separate helper
      s4-dsdb: Common helper for setting "sAMAccountType" on User objects
      s4-dsdb: common helper to determine "primaryGroupID" attribute value
      s4-dsdb: Refactor user objects defaults setter to use attribute/value map
      s4-dsdb/tests: Assert on expected set of attributes for restored objects
      s4-samdb/tests: Assert on expected set of attributes for new User object

Marc Muehlfeld (2):
      samba-tool: Create NIS enabled users and unixHomeDirectory attribute
      group.py: Fix wrong example option, remove wrong comment line

Martin Schwenke (23):
      ctdb-scripts: Make 70.iscsi IPv6-aware
      ctdb-scripts: iSCSI eventscript should fail when PNN can't be determined
      ctdb-scripts: Error message, comment and whitespace cleanups
      ctdb-scripts: Call iptables/ip6tables directly from iptables_wrapper
      ctdb-daemon: Fix SET_RECLOCK_FILE regression
      ctdb-tests: Add new "ctdb setreclock" test
      ctdb-doc: Improve documentation of the recovery lock
      ctdb-daemon: Mark tunable VerifyRecoveryLock as obsolete
      ctdb-daemon: Log a warning when setting obsolete tunables
      ctdb-recoverd: New function ctdb_recovery_have_lock()
      ctdb-recoverd: New function ctdb_recovery_unlock()
      ctdb-recoverd: Improve logging when recovery lock file is changed
      ctdb-recoverd: Remove check_recovery_lock()
      ctdb-recoverd: Simplify ctdb_recovery_lock()
      ctdb-recoverd: Don't release and re-take the recovery lock
      ctdb-recoverd: Improve error messages on recovery lock coherence fail
      ctdb-recoverd: Abort when daemon can take recovery lock during recovery
      ctdb: Change default debug level to NOTICE (2)
      ctdb-scripts: Fix tunable setup code by making it shell-agnostic
      ctdb-tests: New tests for 00.ctdb "setup" event - set tunables from config
      ctdb-client: Return a value of 1 when setting obsolete tunable variable
      ctdb-tool: Print a warning when setting an obsolete tunable variable
      ctdb-scripts: Improve messages about invalid tunables during "setup"

Michael Adam (9):
      gencache: don't fail gencache_stabilize if there were records to delete.
      selftest/knownfail: add newline to end of file.
      selftest: run the samba.nss tests against :local environments
      s4:selftest: avoid creating two entries for UID 0 in provision
      s4:selftest: avoid creating two groups with GID 0 in provision
      doc:man:vfs_glusterfs: remove extra % signs.
      doc:man:vfs_glusterfs: improve and update description.
      doc:man:vfs_glusterfs: improve the configuration section.
      tevent: version 0.9.23

Michael Ledford (1):
      lib/crypto: Document nettle supported crypto

Nadezhda Ivanova (4):
      s4-dsdb-tests: Some tests for deleted objects undelete operation
      s4-dsdb: Tests for security checks on undelete operation
      s4-dsdb: Implementation of access checks on a undelete operation
      s4-dsdb: Some minor fixes in tombstone_reanimate, to make it work with acl

Petr Viktorin (1):
      buildtools: Use separate storage for each function in runonce

Richard Sharpe (2):
      Fix a couple of DEBUG statements that were copied from elsewhere. Removed the misleading function name since the DEBUG message will print out the function name anyway.
      Remove an unused function call.

Robin Hack (17):
      uwrap: Use UWRAP_LOCK/UNLOCK macros instead of pthread_mutex_lock/unlock calls.
      uwrap: Add library constructor and move pthread_atfork inside.
      uwrap: Fix race condition - glibc lookups.
      uid_wrapper: Fix race condition - uwrap_init.
      uwrap: Optimalization of uid_wrapper_enabled() function.
      uwrap: Small optimalization of uwrap_init().
      uwrap: Reflect changes of uid/gid in threads to main process.
      uwrap: Small uwrap_init optimalization.
      uwrap: Extend support for syscalls called from threads or main process.
      uwrap: Extend support for (set|get)groups libc functions and syscalls.
      uwrap: Add support for getresuid() and getresgid() glibc/syscall.
      uwrap: Fix wrong data types in syscalls switch.
      uwrap: Rewrite uwrap_libc_fns struct to pass strict aliasing rules.
      uwrap: Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL macros
      uwrap: Prepare for overload of libpthread functions.
      uwrap: Support scenario where threads fork or creates threads.
      rpcclient: Fix and enhance rpcclient output

Stefan Metzmacher (9):
      s4:dsdb/tests: add test_timevalues1() to verify timestamp values
      s4:rpc_server/netlogon: fix bugs in dcesrv_netr_DsRGetDCNameEx2()
      s4:rpc_server/lsa: add dcesrv_lsa_OpenTrustedDomain_common()
      s4:rpc_server: pass the remote address to gensec_set_remote_address()
      s4:rpc_server: add support for DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM
      s3:smb2_server: always try to grant the credits the client just consumed
      s3:smb2_server: protect against integer wrap with "smb2 max credits = 65535"
      python/samba/tests: don't lower case path names in connect_samdb()
      selftest: fix check for RODC and RID Set allocation

Tom Schulz (1):
      lib: texpect. Fix the build on Solaris.

Volker Lendecke (52):
      loadparm: Simplify "set_variable"
      nfs4: Fix a confusing debug message
      smbd: Make "check_veto_path" static
      smbd: Fix a typo
      smbd: Fix a typo
      lib: Fix a typo
      snprintf: Try to support %j
      docs: Fix vfs_shadow_copy(8)
      messaging4: Use server_id_db
      messages_dgm: Only pass "unique" to messaging_dgm_init
      messages_dgm: Move directory handling up
      unix_msg: remove cookie from unix_msg_init
      messages_dgm: Add a few #includes
      messages_dgm: Make it an independent lib
      lib: Add messages_dgm_ref.[ch]
      messaging3: Use messaging_dgm_ref
      ctdb: server_id_get->server_id_fetch
      lib: Add server_id marshalling
      messaging: Define a binary format for message headers
      messaging3: Use message_hdr_[put|get]
      messaging4: Use messages_dgm
      lib: Add talloc_report_str()
      lib: Use talloc_report_str
      messaging4: Enable POOL_USAGE
      rpc: Use tevent_req_poll_ntstatus
      lib: Move "iov_buf.[ch]" to lib/util
      tsocket: Fix a typo
      iov_buf: Add an explaining comment
      tsocket: Use iov_advance
      smb2_server: Add range checking to nbt_length
      smb2_server: Use iov_advance
      smbd: Fix a typo
      libcli: Use iov_buflen in smbXcli_iov_len
      lib: Use iov_buf in smbXcli_iov_concat
      lib: Use iov_buflen in smb1cli_req_create
      lib: Use iov_buflen in smb1cli_req_writev_submit
      lib: Use iov_buflen in smb1cli_req_chain_submit
      heimdal: Fix the developer O3 build
      Fix the developer O3 build
      smbd: Fix a typo
      registry: Fix an aligment increase warning
      Fix whitespace
      lib: Simplify pidfile.c
      libsmb: Use tevent_req_poll_ntstatus
      param: Remove lib/param/generic.c
      smbd: ZERO_STRUCTP -> talloc_zero()
      smbd: ZERO_STRUCT -> struct assignment
      smbd: ZERO_STRUCT -> struct assignment
      smbd: ZERO_STRUCT -> struct init
      smbd: Simplify ReadDirName
      vfs_catia: Simplify init_mappings()
      winbind: Simplify winbindd_dsgetdcname_recv

Yan, Zheng (1):
      vfs_ceph: fix disk_free_fn callback


Samba Shared Repository

More information about the samba-cvs mailing list