[SCM] Samba Shared Repository - branch v4-3-stable updated
Stefan Metzmacher
metze at samba.org
Tue Jul 21 20:31:38 UTC 2015
The branch, v4-3-stable has been updated
via 8c8cbd9 VERSION: Release Samba 4.3.0rc1
via 4d5914b WHATSNEW: Start release notes for Samba 4.3.0rc1.
via b2a5949 ldb: version 1.1.21
via c7207e7 tdb: version 1.3.7
via e05cb33 talloc: version 2.1.3
via 54ea6ff testsuite/headers: remove unused checks for ntdb.h
via b86df6e tdb python binding: raise KeyError(key) when the key doesn't exist
via 075799a pytdb: Add tests for text interface
via d8c1343 pyldb: Add a text-based interface for Python 3
via 1853a74 pytdb: Use new dict API on Python 3
via 13c24b3 pytdb: Build for two versions of Python at once
via 11eb2e4 pytdb: Port to Python 3
via d255231 pytdb: Allow nextkey() to be called
via 5090d49 buildtools: Fix crash on invalid --extra-python option
via 5a4e5d7 buildtools: Don't configure Python more than once
via 584adc4 s4-auth: Make sure error_string is correctly initialized
via ae607c0 s4-kdc_kpasswd: split out some code to a KPASSWD_GLUE subsystem.
via a7705ad s4-kdc: move kdc_check_pac() to a new subsystem KDC-GLUE.
via 1e64e72 s4-kdc: only use a void* in samba_kdc_entry instead of hdb_entry_ex.
via 38e5d8d s4-kdc/pac_glue: remove old samba_kdc_build_edata_reply().
via 893963c s4-kdc/mit_samba: add a copy of samba_kdc_build_edata_reply for MIT.
via 402b0da s4-kdc/wdc-samba4: add a copy of samba_kdc_build_edata_reply for Heimdal.
via 52e6d91 waf: Make mit_samba a subsystem and do not build with Heimdal
via 8147156 s4-kdc: Fix a casting warning
via 17c8b1a s4-kdc: Fix a typo
via da3df2e pdb_tdb: Use fstr_sprintf
from 6551591 ctdb-daemon: Ignore SIGUSR1
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-3-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 6 +-
WHATSNEW.txt | 148 ++++++++++++-
buildtools/wafsamba/samba_python.py | 6 +-
lib/ldb/ABI/{ldb-1.1.19.sigs => ldb-1.1.21.sigs} | 0
...ldb-util-1.1.10.sigs => pyldb-util-1.1.21.sigs} | 0
lib/ldb/wscript | 2 +-
...oc-util-2.0.6.sigs => pytalloc-util-2.1.3.sigs} | 0
.../ABI/{talloc-2.1.0.sigs => talloc-2.1.3.sigs} | 0
lib/talloc/wscript | 2 +-
lib/tdb/ABI/{tdb-1.3.5.sigs => tdb-1.3.7.sigs} | 0
lib/tdb/_tdb_text.py | 138 ++++++++++++
lib/tdb/pytdb.c | 234 ++++++++++++++------
lib/tdb/python/tests/simple.py | 240 ++++++++++++++++-----
lib/tdb/wscript | 30 ++-
source3/passdb/pdb_tdb.c | 17 +-
source4/auth/kerberos/srv_keytab.c | 50 +++--
source4/kdc/db-glue.c | 4 +-
source4/kdc/kdc-glue.c | 69 ++++++
source4/kdc/kdc-glue.h | 5 +
source4/kdc/kpasswd_glue.c | 112 ++++++++++
.../cldap_server.h => kdc/kpasswd_glue.h} | 35 ++-
source4/kdc/kpasswdd.c | 81 ++-----
source4/kdc/mit_samba.c | 47 ++++
source4/kdc/pac-glue.c | 73 -------
source4/kdc/pac-glue.h | 6 -
source4/kdc/samba_kdc.h | 2 +-
source4/kdc/wdc-samba4.c | 41 ++++
source4/kdc/wscript_build | 63 ++++--
testsuite/headers/wscript_build | 4 -
29 files changed, 1053 insertions(+), 362 deletions(-)
copy lib/ldb/ABI/{ldb-1.1.19.sigs => ldb-1.1.21.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs => pyldb-util-1.1.21.sigs} (100%)
copy lib/talloc/ABI/{pytalloc-util-2.0.6.sigs => pytalloc-util-2.1.3.sigs} (100%)
copy lib/talloc/ABI/{talloc-2.1.0.sigs => talloc-2.1.3.sigs} (100%)
copy lib/tdb/ABI/{tdb-1.3.5.sigs => tdb-1.3.7.sigs} (100%)
create mode 100644 lib/tdb/_tdb_text.py
create mode 100644 source4/kdc/kdc-glue.c
create mode 100644 source4/kdc/kpasswd_glue.c
copy source4/{cldap_server/cldap_server.h => kdc/kpasswd_glue.h} (57%)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index df4a2f1..4264b43 100644
--- a/VERSION
+++ b/VERSION
@@ -77,7 +77,7 @@ SAMBA_VERSION_BETA_RELEASE=
# e.g. SAMBA_VERSION_PRE_RELEASE=1 #
# -> "2.2.9pre1" #
########################################################
-SAMBA_VERSION_PRE_RELEASE=1
+SAMBA_VERSION_PRE_RELEASE=
########################################################
# For 'rc' releases the version will be #
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=1
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
########################################################
-SAMBA_VERSION_RC_RELEASE=
+SAMBA_VERSION_RC_RELEASE=1
########################################################
# To mark SVN snapshots this should be set to 'yes' #
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=
# e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes #
# -> "3.0.0-SVN-build-199" #
########################################################
-SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
+SAMBA_VERSION_IS_GIT_SNAPSHOT=no
########################################################
# This is for specifying a release nickname #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cbf73b9..89a03b5 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=====================
-This is the first preview release of Samba 4.3. This is *not*
+This is the first release candidate of Samba 4.3. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -12,10 +12,14 @@ Samba 4.3 will be the next version of the Samba suite.
UPGRADING
=========
+Nothing special.
NEW FEATURES
============
+Logging
+-------
+
The logging code now supports logging to multiple backends. In
addition to the previously available syslog and file backends, the
backends for logging to the systemd-journal, lttng and gpfs have been
@@ -23,7 +27,7 @@ added. Please consult the section for the 'logging' parameter in the
smb.conf manpage for details.
Spotlight
-=========
+---------
Support for Apple's Spotlight has been added by integrating with Gnome
Tracker.
@@ -31,6 +35,126 @@ Tracker.
For detailed instructions how to build and setup Samba for Spotlight,
please see the Samba wiki: <https://wiki.samba.org/index.php/Spotlight>
+New FileChangeNotify subsystem
+------------------------------
+
+Samba now contains a new subsystem to do FileChangeNotify. The
+previous system used a central database, notify_index.tdb, to store
+all notification requests. In particular in a cluster this turned out
+to be a major bottleneck, because some hot records need to be bounced
+back and forth between nodes on every change event like a new created
+file.
+
+The new FileChangeNotify subsystem works with a central daemon per
+node. Every FileChangeNotify request and every event are handled by an
+asynchronous message from smbd to the notify daemon. The notify daemon
+maintains a database of all FileChangeNotify requests in memory and
+will distribute the notify events accordingly. This database is
+asynchronously distributed in the cluster by the notify daemons.
+
+The notify daemon is supposed to scale a lot better than the previous
+implementation. The functional advantage is cross-node kernel change
+notify: Files created via NFS will be seen by SMB clients on other
+nodes per FileChangeNotify, despite the fact that popular cluster file
+systems do not offer cross-node inotify.
+
+Two changes to the configuration were required for this new subsystem:
+The parameters "change notify" and "kernel change notify" are not
+per-share anymore but must be set globally. So it is no longer
+possible to enable or disable notify per share, the notify daemon has
+no notion of a share, it only works on absolute paths.
+
+New SMB profiling code
+----------------------
+
+The code for SMB (SMB1, SMB2 and SMB3) profiling uses a tdb instead
+of sysv IPC shared memory. This avoids performance problems and NUMA
+effects. The profile stats are a bit more detailed than before.
+
+Improved DCERPC man in the middle detection for kerberos
+--------------------------------------------------------
+
+The gssapi based kerberos backends for gensec have support for
+DCERPC header signing when using DCERPC_AUTH_LEVEL_PRIVACY.
+
+SMB signing required in winbindd by default
+-------------------------------------------
+
+The effective value for "client signing" is required
+by default for winbindd, if the primary domain uses active directory.
+
+Experimental NTDB was removed
+-----------------------------
+
+The experimental NTDB library introduced in Samba 4.0 has been
+removed again.
+
+Improved support for trusted domains (as AD DC)
+-----------------------------------------------
+
+The support for trusted domains/forests has improved a lot.
+
+samba-tool got "domain trust" subcommands to manage trusts:
+
+ create - Create a domain or forest trust.
+ delete - Delete a domain trust.
+ list - List domain trusts.
+ namespaces - Manage forest trust namespaces.
+ show - Show trusted domain details.
+ validate - Validate a domain trust.
+
+External trusts between individual domains work in both ways
+(inbound and outbound). The same applies to root domains of
+a forest trust. The transitive routing into the other forest
+is fully functional for kerberos, but not yet supported for NTLMSSP.
+
+While a lot of things are working fine, there are currently a few limitations:
+
+ - Both sides of the trust need to fully trust each other!
+ - No SID filtering rules are applied at all!
+ - This means DCs of domain A can grant domain admin rights
+ in domain B.
+ - It's not possible to add users/groups of a trusted domain
+ into domain groups.
+
+SMB 3.1.1 supported
+-------------------
+
+Both client and server have support for SMB 3.1.1 now.
+
+This is the dialect introduced with Windows 10, it improves the secure
+negotiation of SMB dialects and features.
+
+New smbclient subcommands
+-------------------------
+
+ - Query a directory for change notifications: notify <dir name>
+ - Server side copy: scopy <source filename> <destination filename>
+
+New rpcclient subcommands
+-------------------------
+
+ netshareenumall - Enumerate all shares
+ netsharegetinfo - Get Share Info
+ netsharesetinfo - Set Share Info
+ netsharesetdfsflags - Set DFS flags
+ netfileenum - Enumerate open files
+ netnamevalidate - Validate sharename
+ netfilegetsec - Get File security
+ netsessdel - Delete Session
+ netsessenum - Enumerate Sessions
+ netdiskenum - Enumerate Disks
+ netconnenum - Enumerate Connections
+ netshareadd - Add share
+ netsharedel - Delete share
+
+New modules
+-----------
+
+ idmap_script - see 'man 8 idmap_script'
+ vfs_unityed_media - see 'man 8 vfs_unityed_media'
+ vfs_shell_snap - see 'man 8 vfs_shell_snap'
+
######################################################################
Changes
#######
@@ -38,14 +162,28 @@ Changes
smb.conf changes
----------------
- Parameter Name Description Default
- -------------- ----------- -------
- logging New (empty)
+ Parameter Name Description Default
+ -------------- ----------- -------
+ logging New (empty)
+ msdfs shuffle referrals New no
+ smbd profiling level New off
+ spotlight New no
+ tls priority New NORMAL:-VERS-SSL3.0
+ use ntdb Removed
+ change notify Changed to [global]
+ kernel change notify Changed to [global]
+ client max protocol Changed default SMB3_11
+ server max protocol Changed default SMB3_11
+
+Removed modules
+---------------
+vfs_notify_fam - see section 'New FileChangeNotify subsystem'.
KNOWN ISSUES
============
+Currently none.
#######################################
Reporting bugs & Development Discussion
diff --git a/buildtools/wafsamba/samba_python.py b/buildtools/wafsamba/samba_python.py
index 7546bbd..a8f780f 100644
--- a/buildtools/wafsamba/samba_python.py
+++ b/buildtools/wafsamba/samba_python.py
@@ -9,6 +9,10 @@ from Configure import conf
@conf
def SAMBA_CHECK_PYTHON(conf, mandatory=True, version=(2,4,2)):
# enable tool to build python extensions
+ if conf.env.HAVE_PYTHON_H:
+ conf.check_python_version(version)
+ return
+
interpreters = []
if conf.env['EXTRA_PYTHON']:
@@ -21,7 +25,7 @@ def SAMBA_CHECK_PYTHON(conf, mandatory=True, version=(2,4,2)):
try:
conf.check_python_version((3, 3, 0))
except Exception:
- warn('extra-python needs to be Python 3.3 or later')
+ Logs.warn('extra-python needs to be Python 3.3 or later')
raise
interpreters.append(conf.env['PYTHON'])
conf.setenv('default')
diff --git a/lib/ldb/ABI/ldb-1.1.19.sigs b/lib/ldb/ABI/ldb-1.1.21.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-1.1.19.sigs
copy to lib/ldb/ABI/ldb-1.1.21.sigs
diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs b/lib/ldb/ABI/pyldb-util-1.1.21.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs
copy to lib/ldb/ABI/pyldb-util-1.1.21.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 65a6843..0e81932 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'ldb'
-VERSION = '1.1.20'
+VERSION = '1.1.21'
blddir = 'bin'
diff --git a/lib/talloc/ABI/pytalloc-util-2.0.6.sigs b/lib/talloc/ABI/pytalloc-util-2.1.3.sigs
similarity index 100%
copy from lib/talloc/ABI/pytalloc-util-2.0.6.sigs
copy to lib/talloc/ABI/pytalloc-util-2.1.3.sigs
diff --git a/lib/talloc/ABI/talloc-2.1.0.sigs b/lib/talloc/ABI/talloc-2.1.3.sigs
similarity index 100%
copy from lib/talloc/ABI/talloc-2.1.0.sigs
copy to lib/talloc/ABI/talloc-2.1.3.sigs
diff --git a/lib/talloc/wscript b/lib/talloc/wscript
index 8e61516..bbe0cb1 100644
--- a/lib/talloc/wscript
+++ b/lib/talloc/wscript
@@ -1,7 +1,7 @@
#!/usr/bin/env python
APPNAME = 'talloc'
-VERSION = '2.1.2'
+VERSION = '2.1.3'
blddir = 'bin'
diff --git a/lib/tdb/ABI/tdb-1.3.5.sigs b/lib/tdb/ABI/tdb-1.3.7.sigs
similarity index 100%
copy from lib/tdb/ABI/tdb-1.3.5.sigs
copy to lib/tdb/ABI/tdb-1.3.7.sigs
diff --git a/lib/tdb/_tdb_text.py b/lib/tdb/_tdb_text.py
new file mode 100644
index 0000000..c823bf8
--- /dev/null
+++ b/lib/tdb/_tdb_text.py
@@ -0,0 +1,138 @@
+# Text wrapper for tdb bindings
+#
+# Copyright (C) 2015 Petr Viktorin <pviktori at redhat.com>
+# Published under the GNU LGPLv3 or later
+
+import sys
+import functools
+
+import tdb
+
+
+class TdbTextWrapper(object):
+ """Text interface for a TDB file"""
+
+ def __init__(self, tdb):
+ self._tdb = tdb
+
+ @property
+ def raw(self):
+ return self._tdb
+
+ def get(self, key):
+ key = key.encode('utf-8')
+ result = self._tdb.get(key)
+ if result is not None:
+ return result.decode('utf-8')
+
+ def append(self, key, value):
+ key = key.encode('utf-8')
+ value = value.encode('utf-8')
+ self._tdb.append(key, value)
+
+ def firstkey(self):
+ result = self._tdb.firstkey()
+ if result:
+ return result.decode('utf-8')
+
+ def nextkey(self, key):
+ key = key.encode('utf-8')
+ result = self._tdb.nextkey(key)
+ if result is not None:
+ return result.decode('utf-8')
+
+ def delete(self, key):
+ key = key.encode('utf-8')
+ self._tdb.delete(key)
+
+ def store(self, key, value):
+ key = key.encode('utf-8')
+ value = value.encode('utf-8')
+ self._tdb.store(key, value)
+
+ def __iter__(self):
+ for key in iter(self._tdb):
+ yield key.decode('utf-8')
+
+ def __getitem__(self, key):
+ key = key.encode('utf-8')
+ result = self._tdb[key]
+ return result.decode('utf-8')
+
+ def __contains__(self, key):
+ key = key.encode('utf-8')
+ return key in self._tdb
+
+ def __repr__(self):
+ return '<TdbTextWrapper for %r>' % self._tdb
+
+ def __setitem__(self, key, value):
+ key = key.encode('utf-8')
+ value = value.encode('utf-8')
+ self._tdb[key] = value
+
+ def __delitem__(self, key):
+ key = key.encode('utf-8')
+ del self._tdb[key]
+
+ if sys.version_info > (3, 0):
+ keys = __iter__
+ else:
+ iterkeys = __iter__
+ has_key = __contains__
+
+
+## Add wrappers for functions and getters that don't deal with text
+
+def _add_wrapper(name):
+ orig = getattr(tdb.Tdb, name)
+
+ def wrapper(self, *args, **kwargs):
+ return orig(self._tdb, *args, **kwargs)
+ wrapper.__name__ = orig.__name__
+ wrapper.__doc__ = orig.__doc__
+
+ setattr(TdbTextWrapper, name, wrapper)
+
+for name in ("transaction_cancel",
+ "transaction_commit",
+ "transaction_prepare_commit",
+ "transaction_start",
+ "reopen",
+ "lock_all",
+ "unlock_all",
+ "read_lock_all",
+ "read_unlock_all",
+ "close",
+ "add_flags",
+ "remove_flags",
+ "clear",
+ "repack",
+ "enable_seqnum",
+ "increment_seqnum_nonblock",
+ ):
+ _add_wrapper(name)
+
+
+def _add_getter(name):
+ orig = getattr(tdb.Tdb, name)
+ doc = orig.__doc__
+
+ def getter(self):
+ return getattr(self._tdb, name)
+
+ def setter(self, value):
+ return setattr(self._tdb, name, value)
+
+ setattr(TdbTextWrapper, name, property(getter, setter, doc=doc))
+
+for name in ("hash_size",
+ "map_size",
+ "freelist_size",
+ "flags",
+ "max_dead",
+ "filename",
+ "seqnum",
+ "text",
+ ):
+ _add_getter(name)
diff --git a/lib/tdb/pytdb.c b/lib/tdb/pytdb.c
index 9320799..c9d3a76 100644
--- a/lib/tdb/pytdb.c
+++ b/lib/tdb/pytdb.c
@@ -31,13 +31,25 @@
/* Include tdb headers */
#include <tdb.h>
+#if PY_MAJOR_VERSION >= 3
+#define PyStr_FromString PyUnicode_FromString
+#define PyStr_FromFormat PyUnicode_FromFormat
+#define PyInt_FromLong PyLong_FromLong
+#define PyInt_Check PyLong_Check
+#define PyInt_AsLong PyLong_AsLong
+#define Py_TPFLAGS_HAVE_ITER 0
+#else
+#define PyStr_FromString PyString_FromString
+#define PyStr_FromFormat PyString_FromFormat
+#endif
+
typedef struct {
PyObject_HEAD
TDB_CONTEXT *ctx;
bool closed;
} PyTdbObject;
-staticforward PyTypeObject PyTdb;
+static PyTypeObject PyTdb;
static void PyErr_SetTDBError(TDB_CONTEXT *tdb)
{
@@ -45,21 +57,21 @@ static void PyErr_SetTDBError(TDB_CONTEXT *tdb)
Py_BuildValue("(i,s)", tdb_error(tdb), tdb_errorstr(tdb)));
}
-static TDB_DATA PyString_AsTDB_DATA(PyObject *data)
+static TDB_DATA PyBytes_AsTDB_DATA(PyObject *data)
{
TDB_DATA ret;
- ret.dptr = (unsigned char *)PyString_AsString(data);
- ret.dsize = PyString_Size(data);
+ ret.dptr = (unsigned char *)PyBytes_AsString(data);
+ ret.dsize = PyBytes_Size(data);
return ret;
}
-static PyObject *PyString_FromTDB_DATA(TDB_DATA data)
+static PyObject *PyBytes_FromTDB_DATA(TDB_DATA data)
{
if (data.dptr == NULL && data.dsize == 0) {
Py_RETURN_NONE;
} else {
- PyObject *ret = PyString_FromStringAndSize((const char *)data.dptr,
- data.dsize);
+ PyObject *ret = PyBytes_FromStringAndSize((const char *)data.dptr,
+ data.dsize);
free(data.dptr);
return ret;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list