[SCM] Samba Shared Repository - annotated tag ldb-1.1.20 created

Stefan Metzmacher metze at samba.org
Sun Jan 25 09:00:55 MST 2015

The annotated tag, ldb-1.1.20 has been created
        at  fbd4fa6f26b222f9d2093ee59252b565f5832148 (tag)
   tagging  c7af8ae9d2aa19db2533e69b8a4d7c1b6f8e2d9f (commit)
  replaces  ldb-1.1.19
 tagged by  Stefan Metzmacher
        on  Sun Jan 25 17:00:47 2015 +0100

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.1.20
Version: GnuPG v1


Andreas Schneider (18):
      s3-libads: Fix a possible segfault in kerberos_fetch_pac().
      lib/util: Avoid collision which alread defined consumer DEBUG macro.
      s3-util: Fix authentication with long hostnames.
      rwrap: If we do not have ns_name_compress() use dn_comp().
      rwrap: Fix a possible NULL dereference.
      rwrap: Bump version to 1.1.1.
      rwrap: Fix ns_name_compress detection.
      rwrap: Bump version to 1.1.2.
      utils: Fix 'net time' segfault.
      CodingStyle: Update example to use our coding practice.
      s3-pam_smbpass: Fix memory leak in pam_sm_authenticate().
      s3-smbspool: Use strtol() instead of atoi().
      s3-pam_smbpass: Make sure variables are initialized.
      s3-pam_smbpass: Fix set_ctrl() return value.
      s3-pam_smbpass: Check the return code of secrets_init().
      s3-pam_smbpass: Make sure PAM_MAXTRIES can be returned.
      s3-pam_smbpass: Remove superfluous NULL check for pam functions.
      s3-pam_smbpass: Correctly initialize variables.

Andrew Bartlett (42):
      lib/ldb-samba: Add comment dicouraging use of schemaUpgradeInProgress
      selftest: Run samba.tests.dns in :local environment so it can access credentials
      dsdb: Use ldb_attr_cmp() for comparing objectclass names
      dsdb: Use a fixed set of attributes in search in dns_notify module
      dsdb: Ignore errors from search in dns_notify module
      dns.py: Always remove the test zone in tearDown()
      CVE-2014-8143:auth: Force talloc type of session_info pointer to match
      CVE-2014-8143:pydsdb: Pull in UF_USE_AES_KEYS flag
      CVE-2014-8143:dsdb: Allow use of dsdb_autotransaction_request outside util.c
      CVE-2014-8143:dsdb-samldb: Check for extended access rights before we allow changes to userAccountControl
      dsdb-tests: Align sam.py with Windows 2012R2 and uncomment userAccountControl tests
      libds: UF_PARTIAL_SECRETS_ACCOUNT is a flag, not an account type
      dsdb: Default to UF_NORMAL_ACCOUNT when no account type is specified
      dsdb-tests: Add new test samba4.user_account_control.python
      dsdb: Improve userAccountControl handling
      dsdb-tests: Show that we can not change the primaryGroupID of a DC
      dsdb-samldb: Only allow known and settable userAccountControl bits to be set
      dsdb-samldb: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set
      dsdb-samldb: Clarify userAccountControl manipulation code by always using UF_ flags
      dsdb-tests: Clarify that accounts really do fall back to UF_NORMAL_ACCOUNT if no account set
      torture: Start a new testsuite for krb5 and KDC behaviour
      torture: Run new testsuite for krb5 and KDC behaviour with machine account also
      torture: Additionally run testsuite for krb5 and KDC behaviour with unprivileged accounts
      torture: Additionally run testsuite for krb5 and KDC behaviour against all the DC envs
      torture: Decode expected packets and test KDC behaviour for wrong passwords
      torture: Extend KDC test to cover more options and modes
      heimdal: Ensure that HDB_ERR_NOT_FOUND_HERE, critical for the RODC, is not overwritten
      kdc: Fix enterpise principal name handling
      sefltest: Add test for enterprise UPN in a different domain
      torture: Extend krb5.kdc test to confirm correct RODC proxy behaviour
      torture-krb5: Add tests for combinations of enterprise, cannon, and different input principals
      kdc: Fix Samba's KDC to only change the principal in the right cases
      kdc: Add TODO to remind us where we need to hook for RODC to get secrets
      torture-krb5: Add comments
      torture-kdc: Skip the request-pac behaviour for now against an RODC
      torture-krb5: Split the expected behaviour of the RODC up
      torture-krb5: Move test of krb5_get_init_creds_opt_set_win2k to krb5.kdc.canon
      torture-krb5: Move checking of server and client names to krb5.kdc.canon
      kdc: Correctly return the krbtgt/realm at REALM principal from our KDC
      torture-krb5: Check for UPN hanlding in krb5.kdc.canon test
      selftest: Run krb5.kdc test against users with a UPN

Christof Schmitt (3):
      winbind: Retry LogonControl RPC in ping-dc after session expiration
      winbind: Retry after SESSION_EXPIRED error in ping-dc
      samba3.py: Correctly initialize cache directory for passdb test

David Disseldorp (8):
      leases_db: don't leak lock_path onto talloc tos
      libsmb: reuse connections derived from DFS referrals
      libsmb: provide authinfo domain for DFS referral auth
      docs/idmap_rid: remove deprecated base_rid from example
      libsmb: provide authinfo domain for encrypted session referrals
      vfs_snapper: free dbus req messages in error paths
      vfs_snapper: add DBus string encoding and decoding helpers
      vfs_snapper: encode and decode Snapper DBus strings

Garming Sam (3):
      dsdb: Add tokenGroupsGlobalAndUniversal, tokenGroups, tokenGroupsNoGCAcceptable
      torture: NULL out after talloc_free
      selftest: fix dns_host_file in samba3 target

Günther Deschner (2):
      vfs: Add glusterfs manpage.
      s3-vfs: Fix developer build of vfs_ceph module.

Ira Cooper (3):
      smbd: Stop using vfs_Chdir after SMB_VFS_DISCONNECT.
      vfs_glusterfs: Replace eventfd with pipes, for AIO use
      vfs_glusterfs: Add comments to the pipe(2) code.

Jeremy Allison (5):
      s3: auth: Add a utility function - SamInfo3_handle_sids() that factors out the code to handle "Unix Users" and "Unix Groups".
      s3: auth: Convert samu_to_SamInfo3() to use the new utility function.
      s3: auth: Plumb in the SamInfo3_handle_sids() utility function into passwd_to_SamInfo3().
      s3: auth: Add previously missing allocation fail check.
      s3: auth - tests: Add test for "force user" being a unix-only user, not in passdb.

Led (1):
      ctdb-scripts: Fix bashism in ctdbd_wrapper script

Martin Schwenke (4):
      ctdb-tests: Fix tickle sniffing for IPv4
      ctdb-scripts: Try to deal with Ubuntu having /usr/sbin/service
      ctdb-scripts: Don't use the GNU awk gensub() function
      ctdb-daemon: Handle out-of-memory when setting recovery lock file

Matthew Newton (1):
      Make sure response->extra_data.data is always cleared out

Michael Adam (7):
      wafsamba: fix ordering problems with lib-provided and internal RPATHs
      wafsamba: filter out standard library paths from RPATH and LIBPATH
      Revert "waf: added suncc_wrap"
      wafsamba: remove commented out code.
      ctdb: improve helpfulness of debug message when taking reclock fails
      cli_connect_nb_send: don't segfault on host == NULL.
      vfs:glusterfs: whitespace fix.

Nicolas Williams (2):
      heimdal: Fix bug in KDC handling of enterprise principals
      heimdal: Really bug in KDC handling of enterprise princs

Noel Power (1):
      allow net ads join accept new osServicePack parameter

Petr Viktorin (1):
      Remove use of the "staticforward" macro

Ralph Boehme (5):
      fixup: check for NULL pointers
      s4:torture:vfs_fruit: fix model name check
      wafsamba: flags from enviroment are put before our own internal versions
      vfs_unityed_media: VFS module for sharing AVID projects
      lib/util: add missing commas to statfs_types

Richard Sharpe (3):
      Fix a comment to indicate that TALLOC_FREE must be used to free an allocated array of strings.
      Add a script-only idmap module.
      Update the tevent_data.dox tutrial stuff to fix some errors, including white

Samuel Cabrero (6):
      dsdb: Define syntax access point oid string as a macro
      ldb-samba: Implement transitive extended matching
      ldb-samba-tests: Add tests for transitive matching rule
      s4:dsdb: Fix not freed temp memory context
      s4-dns: Reload DNS zones from dsdb when zones are modified through RPC or DRS
      dns.py: Test dns server reload zones from DSDB when are created or deleted

Stefan Metzmacher (28):
      Happy New Year 2015!
      s3:passdb: fix logic in pdb_set_pw_history()
      libcli/netlogon: We need to handle a bug in FreeIPA (at least <= 4.1.2).
      s3:winbindd: mark our primary as active_directory if possible
      s3:winbindd: improve logic to use CLDAP for a given domain.
      s4:rpc_server/lsa: allow LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE to be changed.
      s4:rpc_server/lsa: remove msDS-TrustForestTrustInfo if FOREST_TRANSITIVE is cleared
      wafsamba: let TO_LIST(mylist) return a copy of mylist
      wafsamba: move compiler / cflags related stuff from lib/replace to wafsamba
      wafsamba: move WERROR_CFLAGS checks from lib/replace to wafsamba
      wafsamba: move '-fstack-protector' checks from lib/replace to wafsamba
      wafsamba: move -fvisibility=hidden checks from lib/replace to wafsamba
      wafsamba: let CURRENT_CFLAGS() use bld.env.VISIBILITY_CFLAGS
      wafsamba: improve -fvisibility=hidden, we should check it together this WERROR_CFLAGS
      wafsamba: make it possible to specify ADDITIONAL_{CFLAGS,LDFLAGS} as env var to ./configure
      wafsamba: generate an empty.c file if a SAMBA_{LIBRARY,SUBSYSTEM} doesn't have any source files
      wafsamba: make it possible to pass bundled_name to SAMBA_LIBRARY()
      wafsamba: passing 'subsystem' to SAMBA_MODULE() is not optional
      wafsamba: remove unused variable in SAMBA_MODULE()
      wafsamba: create unique names when building shared modules
      selftest: use env.SELFTEST_PREFIX to define subunit_cache
      tdb_wrap: don't let tdb_wrap_open() segfault with name==NULL
      s4:kdc/db-glue: fix supported_enctypes samba_kdc_trust_message2entry()
      libcli/auth: add netlogon_creds_cli_ServerGetTrustInfo*()
      libcli/auth: add netlogon_creds_cli_GetForestTrustInformation*()
      s4:dsdb/samldb: let samldb_prim_group_change() protect DOMAIN_RID_{READONLY_,}DCS
      lib/ldb: fix logic in ldb_val_to_time()
      ldb: version 1.1.20

Thomas Nagy (1):
      wafadmin: backported the openbsd fixes from waf 1.7

Volker Lendecke (32):
      lib: Use talloc_zero_array instead of memset
      lib: Simplify check_log_size
      lib: Use talloc_memdup in messaging_rec_dup
      lib: iov_buf does not need talloc.h anymore
      lib: Add iov_advance
      lib: Use iov_advance in writev_handler
      lib: Use iov_advance in write_data_iov
      lib: Fix a comment
      torture3: Fix a typo
      lib: unix_dgram_msg does not need "num_fds"
      lib: Add msghdr.[ch]
      lib: Use msghdr in unix_msg
      smbd: Use msghdr_prep_fds in vfs_aio_fork
      lib: Add msghdr_extract_fds
      lib: Use msghdr_extract_fds in unix_msg
      lib: Add msghdr_prep_recv_fds
      lib: Use msghdr_prep_recv_fds in unix_msg
      smbd: Use msghdr.[ch] in vfs_aio_fork
      smbd: Properly handle EINTR in vfs_aio_fork
      passdb: Cache output from pdb_[ug]id_to_sid
      vfs_fruit: fix base_fsp name conversion
      vfs_fruit: mmap under FreeBSD needs PROT_READ
      test: Fix quoting
      unix_msg: Fix 80-line formatting
      lib: Simplify iov_buf
      smbd: Make talloc_report of smb_filename more readable
      smbd: Fix an uninitialized variable read
      smbd: Fix a small leak on talloc_tos()
      net: Fix sam addgroupmem
      README.Coding: Add hint for if-statments
      vfs: Fix a typo
      winbind: Fix idmap initialization


Samba Shared Repository

More information about the samba-cvs mailing list