[SCM] Samba Shared Repository - annotated tag talloc-2.1.3 created
Stefan Metzmacher
metze at samba.org
Tue Jul 21 20:34:39 UTC 2015
The annotated tag, talloc-2.1.3 has been created
at 39f95f7944ba37461ab4f29172549306959436b1 (tag)
tagging e05cb33511da81a2916b7504308552bcb4cbd587 (commit)
replaces tdb-1.3.6
tagged by Stefan Metzmacher
on Tue Jul 21 22:34:23 2015 +0200
- Log -----------------------------------------------------------------
talloc: tag release talloc-2.1.3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJVrqzPAAoJEEeTkWETCEAlChoIAIuWpVLIaVxgBfc7ughln6Ne
+QFKxW8syzb8c+qMls9ypn96WIk98VWfxBqZwxNP1xv9G7UZlD4N4FteRtfGAgYM
DuFEB1BuFzs9xvaHj1B0GhI84jR19wXke8yXD0pxAyKrmeZzO1kNtI42B5+p3fk4
0VOr1tHgCGGwqGV6KH+6o9RxhZvu4aQFdjfr0J2KiyshEmh/QhWjT/e+mUJspW4g
Dee7um7e8dUtjrqHVy0znuWtb1bz8urTQuVg2DxoI4DeHlazw5WSQ3gVYwkL8C0C
MaVTQAFudlbvKjHb8/Xxpqxp3d6UgInEkiiMlJxLhryIk0iOKEPEMTO7fOu3VoQ=
=ZWZD
-----END PGP SIGNATURE-----
Alexander Bokovoy (1):
auth/credentials: if credentials have principal set, they are not anonymous anymore
Amitay Isaacs (12):
wafsamba: Cache final_libs for each target
ctdb-packaging: Pass extra arguments to rpmbuild from commandline
ctdb-packaging: Package private libraries
ctdb-tests: Add simple test harnesses for running unit tests
ctdb-tests: Remove extra_header and extra_footer variables
ctdb-tests: Remove unsed code
ctdb-tests: Add test cleanup hooks
ctdb-tests: Refactor code using simple test harness functions
ctdb-daemon: Fix valgrind invalid read error in db_statistics control
ctdb-daemon: Remove control CTDB_CONTROL_SET_CALL
ctdb-daemon: Avoid double-free during monitor cancellation
ctdb-daemon: Return correct sequence number for CONTROL_GET_DB_SEQNUM
Andreas Schneider (27):
wafsamba: Also build libraries with RELRO protection
auth: Explain why GSS_KRB5_CRED_NO_CI_FLAGS_X is needed
tests: Add test_preserve_case.sh
selftest: Plan samba3.blackbox.preserve_case testcase
CID 1311763: Fix incorrect return value
CID 1311764: Fix logical compare in if clause
CID 1311767: Cast enum type to avoid compiler warnings
CID 1311771: Fix a null pointer dereference
CID 1311772: Fix null pointer check
docs: Documents length limitations for NetBIOS name
s4-samdb: Correctly cast data pointer
s4-auth: Add smb_krb5_create_principals_array()
s4-auth: Add smb_krb5_remove_obsolete_keytab_entries()
s4-auth: Use kerberos util functions in srv_keytab
s4-auth: Always pass down the salt principal
s4-waf: Reformat torture_rpc
s4-torture: Make the backupkey test as a noop with MIT Kerberos.
selftest: Do not lookup the realm with Kerberos
s4-kerberos: Make sure we handle kvno's in keytabs correctly
s3-auth: Fix a possible null pointer dereference
s3-smbd: Leave sys_disk_free() if dfree command is used
s3-smbd: Remove the global dfree_broken variable
selftest: Add test for the dfree command
s4-kdc: Fix a typo
s4-kdc: Fix a casting warning
waf: Make mit_samba a subsystem and do not build with Heimdal
s4-auth: Make sure error_string is correctly initialized
Andrew Bartlett (10):
selftest: Run winbind tests in chgdcpass environment
winbindd: Use pdb_get_domain_info() to get exactly the local domain info when we are an AD DC
winbindd: Sync secrets.ldb into secrets.tdb on startup
selftest: Change chgdcpass environment to use winbindd
Allow winbind removal by matching delays to Samba3.pm
s4-winbindd: Remove the winbind rewrite from the samba4 effort
Remove support for OpenPGP certificates in our TLS client and server
lib/tls: Add new 'tls priority' option
lib/tls: Change default supported TLS versions.
selftest: Add knownfail entry required to disable tombstone_reanimation
Anoop C S (4):
source3/registry: Fix CID 1273421 Useless call
source3/registry: Fix CID 1273100 Stray semicolon
source/libsmb: Fix CID 1272955 Logically dead code
lib/sysquota_linux: Handle the quota flags properly
Anubhav Rakshit (2):
s3:libsmb: Fix a bug in conversion of ea list to ea array.
s3:client: Add "scopy" cmd to perform Server Side copy using smbclient.
Aurelien Aptel (1):
tdb python binding: raise KeyError(key) when the key doesn't exist
Christof Schmitt (19):
sharesec: Use non-numerical output for sharesec
selftest: Add test for sharesec command
docs-xml: Update sharesec manpage to reflect current output
selftest: Add callout scripts for RPC SRVSVC share modifications
selftest: Add blackbox test for srvsvc calls from rpcclient
sharesec: Remove error message for unmarshall_sec_desc failure
ctdb: Accept the key in hex format for the pstore command
ctdb: Create helper function for optional hex input
ctdb: Accept hex format for pdelete and ptrans commands
vfs_gpfs: Use ACL defines from GPFS 3.5 header files
vfs_gpfs: Use C99 initializers instead of ZERO_STRUCT
gpfswrap: Remove unused wrapper for gpfs_fnctl
gpfswrap: Use gpfs.h instead of gpfs_fcntl.h
vfs: Make entry message for check_reduced_name a debug message
vfs: Change final message in check_reduce_name to "info"
dosmode: Change message of result to informational
rpcclient: Set internal log level to 0
smbstatus: Set internal log level to 0
smbcontrol: Set internal log level to 0
Douglas Bagnall (13):
Byte order reversal shouldn't assume size_t is 64 bit.
Treat unsigned 64 bit IDL values as unsigned long long in Python
remove trailing whitespace in Pidl/Samba4/Python.pm
Use large enough unsigned values in server_id IDL
Avoid casting pointer to unsigned long long for NULL check
correct sense of macro variable name in SMB2 durable open test
Avoid segfault in durable_open tests
Revert "lib: Fix deps for LIBCRYPTO"
Treat uid_t, git_t as 64 bit in Pidl Python bindings
Fix gensec_gssapi compilation for i386
Fix ldap_bind compilation for i386
Fix format size errors for i386 in source3/librpc/crypto/gse.c
Use uintptr_t for pointer int cast in SMBC_getdents_ctx()
Felix Janda (1):
replace: Replace BSD strtoll by wrapping strtoll instead of strtoq
Günther Deschner (46):
s3-smbd: reset protocol in smbXsrv_connection_init_tables failure paths.
ntlmssp: add NTLMSSP_WINDOWS_MINOR_VERSION_3 as seen from Windows 8.1 clients.
librpc: prevent invalid NULL pointer derref in dcerpc_binding_get_auth_info().
s4-torture: open a clusapi connection to get list of cluster nodes, etc.
s4-torture: minor cleanup in test_witness_Register().
s4-torture: make setup of the clusapi pipe non-critical in witness test.
s4-torture: add some more tests for witness_AsyncNotify and RegisterEx with different timeouts.
s3-rpcclient: add cmdline tools to toggle online/offline cluster resource state.
witness: add default case to witness_notifyResponse_message union.
witness: autogenerate the marshalling of the witness_notifyResponse_message.
s3-rpcclient: add clusapi_get_resource_state command.
libndr: better debug message in ndr_pull_subcontext_start().
s3-rpcclient: use witness defines in witness rpcclient.
s3-rpcclient: close policy handle in cmd_clusapi_open_resource().
s4-torture: make some clusapi torture tests public.
s4-torture: add clusapi resource online/offline toggle code to witness test.
s3-rpcclient: remove old extra hand marshalling from witness cmds.
s4-torture: finally enable witness_AsyncNotify ndr test.
s4-torture: move torture_assert_sid_equal() out of ndr headers.
lib/torture: be more verbose about ndr failures.
s4-torture: using async dcerpc for witness async notifications.
libndr: reformat libndr torture_suite macros to make differences more visible.
s4-torture: add torture_ndr_push_struct_blob_flags() in order to manipulate push flags.
s4-torture: add new torture_suite_add_ndr_pullpush_fn_test_flags().
s4-torture: pull, push and compare a witness Notify struct in ndr test.
s4-torture: use smb_krb5_make_principal() in lsa forest krb5 tests.
s4-torture: use smb_krb5_principal_get_type in lsa forest krb5 tests.
lib/krb5: add new KRB5_ERROR_CODE() abstraction macro.
s4-torture: use smb_krb5_free_error() in lsa forest krb5 tests.
s4-torture: use krb5_error in lsa forest trust tests.
s4-torture: use smb_krb5_principal_set_type() in lsa forest krb5 tests.
s4-torture: add test for ClusterControl to clusapi testsuite.
s4-torture: do some more inspection on expected witness_AsyncNotify replies.
s4-torture: make sure to always seal the clusapi connection in witness test.
s4-torture: add more tests for dcerpc_clusapi_CreateEnum.
clusapi: use winreg_AccessMask in clusapi.idl.
s4-torture: add test for clusapi_QueryValue.
s3-rpcclient: add cmd_clusapi_get_cluster_version2.
clusapi: add and use clusapi_ClusterControlCode to IDL.
s4-torture: add test for ClusterControl to clusapi testsuite.
s4-kdc/wdc-samba4: add a copy of samba_kdc_build_edata_reply for Heimdal.
s4-kdc/mit_samba: add a copy of samba_kdc_build_edata_reply for MIT.
s4-kdc/pac_glue: remove old samba_kdc_build_edata_reply().
s4-kdc: only use a void* in samba_kdc_entry instead of hdb_entry_ex.
s4-kdc: move kdc_check_pac() to a new subsystem KDC-GLUE.
s4-kdc_kpasswd: split out some code to a KPASSWD_GLUE subsystem.
Jeremy Allison (8):
lib: ldap: Properly check talloc error returns.
smbd: Fix clients connecting unencrypted with PROTOCOL_SMB2_24 or higher.
s3: smbd - Fix SMB3.11 protocol encryption selection.
dcerpc: NULL pointer deref crash in handling rpc request.
s3: smbd: Codenomicon crash in do_smb_load_module().
s3: smbd: Use separate flag to track become_root()/unbecome_root() state.
docs: Document new scopy command.
s3: tests: Add blackbox test for scopy.
Kamen Mazdrashki (1):
dsdb: Disable tombstone_reanimation module until we isolate what causes flaky tests
Karolin Seeger (1):
docs: Bump version up to 4.3.
Marc Muehlfeld (1):
Group creation: Add msSFU30Name only when --nis-domain was given
Martin Schwenke (52):
ctdb-tests: Run transaction tests with externally imposed timeout
ctdb-scripts: Create the directory containing the recovery lock
ctdb-recoverd: Add new function clear_ip_assignment_tree()
ctdb-recoverd: Clear IP assignment tree on election loss
ctdb-daemon: Promote debug messages about --start-as-* to NOTICE level
ctdb-scripts: Only write to /proc route flush files if they exist
ctdb-build: Fix building of PCP PMDA module
ctdb-scripts: Use an "if" statement instead of "&&"
ctdb-tests: Remove statd-callout when running NFS tests
ctdb-scripts: Fix regression in VLAN interface support
ctdb-scripts: Support monitoring of interestingly named VLANs on bonds
ctdb-tests: Interface number in "ip link show" stub defaults to 42
ctdb-tests: Add VLAN support to the "ip link" stub
ctdb-tests: Add some 10.interfaces VLAN tests
ctdb-tools: Avoiding printing "(null)" on "ctdb eventscript" error
ctdb-daemon: Improve error messages when eventscript control is cancelled
ctdb-daemon: Allow a new monitor event to cancel one already in progress
ctdb-tests: Factor out stack dumping and background marking code
ctdb-tests: Default fail count for rpc_set_service_failure_response() is 1
ctdb-tests: Don't flag failure when there are no rpcinfo check failures
ctdb-tests: rpc_set_service_failure_response() should take RPC service name
ctdb-tests: New function nfs_iterate_test()
ctdb-tests: Update NFS tests to use nfs_iterate_test()
ctdb-tests: Automate expected NFS test results instead of hard-coding
ctdb-tests: Allow 2nd argument of nfs_iterate_test() to be null
ctdb-tests: New NFS test with all services up and 10 iterations
ctdb-tests: Remove remaining uses of iterate_test()
ctdb-tests: Remove function iterate_test()
ctdb-tests: setup_nfs() should mark nfslock as started/stopped
ctdb-scripts: NFS RPC checks should be simple and consistent
ctdb-scripts: Clean up ctdb_check_rpc()
ctdb-scripts: Move "ERROR:" prefix out of ctdb_check_rpc()
ctdb-scripts: Factor out new function ctdb_counter_get()
ctdb-scripts: Add new NFS service checking infrastructure
ctdb-scripts: Switch NFS checks to new style
ctdb-scripts: Remove old NFS checking code
ctdb-scripts: Parameterise 60.nfs with $CTDB_NFS_CALLOUT
ctdb-scripts: Remove configuration variable CTDB_MONITOR_NFS_THREAD_COUNT
ctdb-scripts: Remove functions startstop_nfs() and startstop_nfslock()
ctdb-scripts: Extend NFS .check files with service_check_cmd variable
ctdb-scripts: Remove 60.ganesha, replace with callout for 60.nfs
ctdb-scripts: Remove unused function startstop_ganesha()
ctdb-scripts: Drop configuration variable CTDB_NFS_DUMP_STUCK_THREADS
ctdb-scripts: Move NFS support functions to 60.nfs
ctdb-scripts: Add portmapper NFS .check file
ctdb-tests: Add some simple tests for CTDB_NFS_CALLOUT
ctdb-scripts: Add registration for CTDB_NFS_CALLOUT operations
ctdb-scripts: Implement registration in nfs-linux-kernel-callout
doc: Fix documentation for "ctdb timeout" parameter
ctdb-scripts: Support RPC checks for tcp6 and udp6
ctdb-scripts: Move 60.nfs Ganesha callout to doc/examples/
ctdb-daemon: Ignore SIGUSR1
Mathieu Parent (1):
ctdb-build: Fix ctdb --with-socketpath configure option
Michael Adam (19):
ctdb: remove useless setting of variable domain_socket_name
ctdbd_conn: lower the debug level 0 for failing connection to ctdbd.
ctdbd_conn: use the right error code from ctdbd_connect for debug and return
ctdb: strip trailing spaces from nodes file.
net:conf:import: print error message when importing fails.
selftest: skip the ntvfs based base.defer_open tests
s3:libsmb: fix resolve_ads return if there were no answers
Introduce setting "desired" for 'smb encrypt' and 'client/server signing'
smbXsrv: add bools encryption_desired to session and tcon
smbd:smb2: separate between encryption required and enc desired
smbd:smb2: only enable encryption in session if desired
smbd:smb2: only enable encryption in tcon if desired
smbd:smb2: use encryption_desired in send_break
docs:smb.conf: explain effect of new setting 'desired' of smb encrypt
librpc:ndr:witness: fix CID 1311245: Memory - illegal accesses (UNINIT)
smbd:trans2: treat new SMB_SIGNING_DESIRED in case
librpc:ndr:witness: move variables into scope
librpc:ndr:witness: remove an unneeded block, reducing indentation.
docs:smb.conf: fix typo in 'smb encrypt' text.
Paul Wayper (2):
Spelling correction: exlusive -> exclusive
Spelling correction: exlusive -> exclusive and semantincs -> semantics
Petr Viktorin (8):
buildtools: Don't configure Python more than once
buildtools: Fix crash on invalid --extra-python option
pytdb: Allow nextkey() to be called
pytdb: Port to Python 3
pytdb: Build for two versions of Python at once
pytdb: Use new dict API on Python 3
pyldb: Add a text-based interface for Python 3
pytdb: Add tests for text interface
Ralph Boehme (26):
vfs_fruit: simplify lp_parm_bool check
smbd/smb2_ioctl: fix error handling
s3:util: use pread/pwrite in transfer_file
smb2:ioctl: support for OS X AAPL copyfile style copy_chunk
vfs:fruit: implement copyfile style copy_chunk
s4:torture:vfs_fruit: copyfile
debug: get rid of DBGC_MAX_FIXED
tevent: add and use debug class for tevent
s3:vfs: copy_chunk buffer size
vfs_fruit: check offset and length for AFP_AfpInfo read requests
s4:torture:vfs_fruit: check offset and length when reading AFP_AfpInfo stream
s3-mdssvc: add configure option --enable-spotlight
mdssvc: IDL file for new RPC service
s3-mdssvc: add Spotlight RPC stubs
s3-mdssvc: add new option 'spotlight'
s3-mdssvc: dalloc: dynamic object store based on talloc
s3-mdssvc: (un)marshalling Spotlight RPC blob
s3-mdssvc: Spotlight attribute mappings
s3-mdssvc: main Spotlight code
s3-mdssvc: lexer and parser for Spotlight queries
s3-mdssvc: add mdssd RPC service daemon for mdssvc
s3-mdssvc: add documentation for mdssvc and mdssd
WHATSNEW: Spotlight
lib/util/charset: reduce loglevel for push_ucs2_talloc error
vfs_shadow_copy2: change log level from 0 to 1 and log share path
s3:smbd: change a loglevel from 0 to 1 when SMB_VFS_CONNECT fails
Robin Hack (1):
selftest: Add setup_fileserver()
Robin McCorkell (4):
Replace random() and related calls with generate_random_buffer()
dfs_server: Fix whitespace
Fix MSDFS with POSIX paths in vfs_dfs_samba4
dfs_server: Use multi-byte string handling
Rowland Penny (1):
samba-tool: make 'samba-tool fsmo *' aware of all 7 fsmo roles
Stefan Metzmacher (147):
s3:smb2_setinfo: fix memory leak in the defer_rename case
s4:heimdal_build: define HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X
auth/credentials: use HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X instead of SAMBA4_USES_HEIMDAL
auth/gensec: gensec_[un]seal_packet() should only work with GENSEC_FEATURE_DCE_STYLE
auth/gensec: make sure gensec_start_mech_by_authtype() resets SIGN/SEAL before starting
dcerpc.idl: add DCERPC_AUTH_PAD_ALIGNMENT (=16)
librpc/rpc: add DCERPC_AUTH_PAD_LENGTH(stub_length) helper macro
s3:librpc/rpc: allow up to DCERPC_AUTH_PAD_ALIGNMENT padding bytes in dcerpc_add_auth_footer()
s3:librpc/rpc: fix padding calculation in dcerpc_guess_sizes()
s3:rpc_server: remove pad handling from api_pipe_alter_context()
s3:include: remove used unused {CLIENT,SERVER}_NDR_PADDING_SIZE
s4:librpc/rpc: let dcerpc_ship_next_request() use DCERPC_AUTH_PAD_ALIGNMENT define
s4:librpc/rpc: let dcerpc_ship_next_request() use a sig_size for a padded payload
s4:librpc/rpc: let ncacn_push_request_sign() handle sig_size == 0 with auth_info as internal error
s4:librpc/rpc: fix padding caclucation in ncacn_push_request_sign()
s4:rpc_server: let dcesrv_reply() use DCERPC_AUTH_PAD_ALIGNMENT define
s4:rpc_server: let dcesrv_reply() use a sig_size for a padded payload
s4:rpc_server: let dcesrv_auth_response() handle sig_size == 0 with auth_info as error
s4:rpc_server: fix padding caclucation in dcesrv_auth_response()
s4:selftest: run rpc.echo tests also with krb5 krb5,sign krb5,seal
s4:selftest: also run rpc.winreg with kerberos and all possible auth options
s4:gensec/gssapi: use gensec_gssapi_max_{input,wrapped}_size() for all backends
s4:gensec/gssapi: make calculation of gensec_gssapi_sig_size() for aes keys more clear
s3:libads/sasl: use gensec_max_{input,wrapped}_size() in ads_sasl_spnego_ntlmssp_bind
s4:lib/tls: fix tstream_tls_connect_send() define
s4:lib/tls: ignore non-existing ca and crl files in tstream_tls_params_client()
s4:libcli/ldap: conversion to tstream
s4:auth/gensec: remove unused and untested cyrus_sasl module
s4:auth/gensec: remove unused include of lib/socket/socket.h
s4:auth/gensec: remove unused gensec_socket_init()
auth/gensec: remove unused gensec_[un]wrap_packets() hooks
s3:ntlm_auth: don't start gensec backend twice
s4:kdc/db-glue: fix memory leak in samba_kdc_lookup_server()
s4:kdc/db-glue: allow principals in form of computer at EXAMPLE.COM
s4:selftest: run samba4.rpc.lsa.secrets with more principal combinations
s4:torture/krb5: add a --option=torture:run_removedollar_test=true option to kdc-conon
s4:selftest: add torture:run_removedollar_test=true to the machine account kdc tests
heimdal:lib/gssapi/krb5: make _gssapi_verify_pad() more robust
heimdal:lib/gssapi/krb5: fix indentation in _gk_wrap_iov()
heimdal:lib/gssapi/krb5: clear temporary buffer with cleartext data.
heimdal:lib/gssapi/krb5: add const to arcfour_mic_key()
heimdal:lib/gssapi/krb5: split out a arcfour_mic_cksum_iov() function
heimdal:lib/gssapi/krb5: implement gss_[un]wrap_iov[_length] with arcfour-hmac-md5
auth/kerberos: add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions
s3:librpc/gse: make use of add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions
s4:gensec/gssapi: make use of add gssapi_get_sig_size() and gssapi_{seal,unseal,sign,check}_packet() helper functions
s3:winbindd: remove unused argument 'server' from winbind_samlogon_retry_loop()
selftest: use server_maxtime = 10800 by default
s3:libads: improve debug levels/messages in ads_find_dc()
s4:ntvfs/ipc: fix ipc_close()
auth/credentials: anonymous should not try to use kerberos
midltests: add valid/midltests_DRS_EXTENSIONS.*
librpc/rpc: add faultcode to nt_status mappings
librpc/rpc: add dcerpc_fault_from_nt_status()
librpc/rpc: add dcerpc_[extract|construct]_bind_time_features()
s4:pyrpc: add base.bind_time_features_syntax(features)
lib/util: fix output format in dump_data*()
librpc/ndr: make use of dump_data_cb() in ndr_dump_data()
python/samba/tests: move hexdump() from DNSTest to TestCase
python/samba/tests: let the output of hexdump() match our C code in dump_data_cb()
python/samba/tests: add fallbacks for assert{Less,Greater}[Equal]()
s3:winbindd: use check dcerpc_binding_handle_is_connected() instead of a specific status
libcli/smb: let tstream_smbXcli_np report connection errors as EPIPE instead of EIO
s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED when a dcerpc connection is not connected
s4:torture/rpc: expect NT_STATUS_CONNECTION_DISCONNECTED in torture_rpc_alter_context()
python:samba/tests: don't use the x.alter_context() method in dcerpc/bare.py
s4:pyrpc: remove pointless alter_context() method
lib/util: add strlen_m_ext_term_null() helper function
lib/util: let strlen_m_term[_null]() use strlen_m_ext_term[_null]()
lib/util:charset/tests: improve strlen_m[_term[_null]]() testing
pidl:Samba3/ServerNDR: simplify CallWithStruct()
pidl:Samba3/ServerNDR: make CallWithStruct() more flexible
pidl:Samba3/ServerNDR: add pidl_reset() and pidl_return() helper functions
pidl:Samba4/NDR/Parser: always initialize _mem_save_ pointers to NULL
dcerpc.idl: fix calculatin of uint16 secondary_address_size;
s4:librpc/rpc: add dcerpc_secondary_auth_connection()
s4:libcli/clilsa: only remember the dcerpc_binding_handle
s4:libnet: make use of dcerpc_secondary_auth_connection_send/recv()
s4:torture/samba3rpc: move pipe_bind_smb() to the top
s4:torture/samba3rpc: use pipe_bind_smb() in more places
s4:torture/samba3rpc: add pipe_bind_smb2()
s4:torture/samba3rpc: use pipe_bind_smb2()
s4:torture/samba3rpc: add pipe_bind_smb_auth()
s4:torture/samba3rpc: use pipe_bind_smb_auth()
s4:torture/rpc: use dcerpc_secondary_auth_connection with anon creds
s4:torture/rpc: use dcerpc_secondary_auth_connection with creds
s3:wscript_build: fix the build using dmapi and fam together
s4:kdc/db-glue: allow invalid kvno numbers in samba_kdc_trust_message2entry()
s4:kdc/db-glue: preferr the previous password for trust accounts
s4:kdc/db-glue: let samba_kdc_trust_message2entry always generate the principal
heimdal:lib/krb5: correctly follow KRB5_KDC_ERR_WRONG_REALM client referrals
heimdal:lib/krb5: add krb5_mk_error_ext() helper function
heimdal:kdc: generic support for 3part servicePrincipalNames
heimdal:kdc: add support for HDB_ERR_WRONG_REALM
s4:dsdb/common: add helper functions for trusted domain objects (tdo)
s4:kdc/db-glue: implement cross forest routing by return HDB_ERR_WRONG_REALM
s4:dsdb/common: add dsdb_trust_search_tdo*() helper functions
s4:kdc/db-glue: make use of dsdb_trust_search_tdo()
s3:pdb_samba_dsdb: make use of dsdb_trust_search_tdo()
s4:auth/sam: remove unused sam_get_results_trust()
s4:dsdb/netlogon: add support for CLDAP requests with AAC=0x00000400(ACB_AUTOLOCK) and user="example.com."
s4:dsdb/common: pass optional new_version to samdb_set_password_sid()
s4:dsdb/common: make use of dsdb_search_one() in samdb_set_password_sid()
s4:dsdb/common: supported trusted domains in samdb_set_password_sid()
s4:dsdb/password_hash: reject interdomain trust password changes via LDAP
s4:rpc_server/netlogon: extract and pass down the password version in dcesrv_netr_ServerPasswordSet2()
s4:dsdb/common: add dsdb_trust_get_incoming_passwords() helper function
s4:rpc_server/netlogon: let dcesrv_netr_ServerAuthenticate3() fallback to the previous hash for trusts
s4:rpc_server/netlogon: implement dcesrv_netr_ServerGetTrustInfo()
s4:rpc_server/netlogon: implement dcesrv_netr_ServerTrustPasswordsGet()
s4:rpc_server/lsa: fix dcesrv_lsa_CreateTrustedDomain()
s4:rpc_server/lsa: improve dcesrv_lsa_CreateTrustedDomain_base()
s4:rpc_server/lsa: implement dcesrv_lsa_lsaRQueryForestTrustInformation()
s4:dsdb/common: add dsdb_trust_forest_info_from_lsa() helper function
s4:dsdb/common: add dsdb_trust_xref_tdo_info() helper function
s4:dsdb/common: dsdb_trust_normalize_forest_info_step[1,2]() and dsdb_trust_verify_forest_info()
s4:dsdb/common: add dsdb_trust_merge_forest_info() helper function
s4:rpc_server/lsa: use dsdb_trust_*() helper functions in dcesrv_lsa_lsaRSetForestTrustInformation()
s4:rpc_server/lsa: remove unused code
librpc/idl: add winbind_LogonControl()
s3:winbindd: implement _winbind_LogonControl*()
s3:winbindd: add wb_irpc_LogonControl()
s4:rpc_server/netlogon: implement NETLOGON_CONTROL_{QUERY,REDISCOVER,TC_QUERY,TC_VERIFY,CHANGE_PASSWORD}
librpc/idl: add winbind_GetForestTrustInformation()
s3:winbindd: implement winbind_GetForestTrustInformation()
s3:winbindd: add wb_irpc_GetForestTrustInformation()
s4:rpc_server/netlogon: implement netr_DsRGetForestTrustInformation with trusted domains
s4:rpc_server/netlogon: make use of dsdb_trust_xref_forest_info()
s4:rpc_server/netlogon: check domain state in netr_*GetForestTrustInformation()
python/samba: add current_unix_time()
python/samba: add on optional 'special_name' argument to CredentialsOptions()
samba-tool: add 'domain trust *' commands
selftest/Samba4: setup trusts between forest:fl2008r2dc/ad_dc and externl:fl2003dc/ad_dc
testprogs/blackbox: add test_kinit_trusts.sh
selftest/Samba4: setup forest UPN and SPN namespaces for ad_dc and fl2008r2dc
testprogs/blackbox: let test_kinit_trusts.sh test a enterprise upn from the other foreset
testprogs/blackbox: let test_kinit_trusts.sh verify that setpassword (via LDAP) is rejected
testprogs/blackbox: add test_trust_utils.sh
s4:torture/rpc: handle NT_STATUS_NO_SUCH_DOMAIN in test_query_each_TrustDom()
s4:torture/rpc: add missing \n in comments
s4:torture/rpc: extend and improve rpc.lsa.trusted.domains
script/librelease.sh: use download-master.samba.org:~ftp/pub/ for uploading
s3:winbindd: initialize an [in,out] variable in rpc_try_lookup_sids3()
s3:winbindd: initialize acct_desc fields in rpc_enum_{dom,local}_groups()
s3:winbindd: initialize dst->primary_gid with (gid_t)-1
testsuite/headers: remove unused checks for ntdb.h
talloc: version 2.1.3
Thomas Nagy (2):
Remove PYTHONDIR and PYTHONARCHDIR in a single place
Always use Samba's CHECK_CFG instead of waf check_cfg
Uri Simchoni (29):
libads: fix indentation in generated krb5.conf
namequery: fix get_kdc_list() to look for _kerberos records
kerberos: Move DEFAULT_KRB5_PORT to a header file
namequery: correctly merge kdc ip address list
libads: Keep 'good' server at the head of custom KDC list
namequery: remove dead code
libads: Fix fallback logic when finding a domain controller
libads: further split resolve_and_ping into dns and netbios implementations
heimdal: fix endless loop for specific KDC error code
winbindd: disconnect child process if request is cancelled at main process
docs: Correct list of supported socket options
util.c: fix order of inclusion to correctly consume config.h
net: fix the order of DC lookup methods when joining a domain
winbindd: set file descriptor limit according to configuration
winbindd: cleanup client connection if the client closes the connection
async_req: check for errors when monitoring socket for readability
winbindd: verify that client has closed the connection
winbind client: avoid vicious cycle created by client retry
winbindd: periodically remove timed out clients
doc: clarify "winbind max clients"
winbindd: add service routines to support a sorted client list
winbindd: keep client list sorted by access time
winbindd: shorten client list scan
libads: disable dns_lookup_realm in auto-generated krb5.conf files
tdbrestore: include config.h before any glibc headers
lib/util: include config.h before any glibc headers
source3/lib: include config.h before any glibc headers
fssd: include config.h before any glibc headers
torture: include config.h before any glibc headers
Volker Lendecke (85):
ctdbd_conn: Fix a leak on talloc_tos()
net: Fix messaging_init for clustering
lib: Fix CID 1306764 Unchecked return value
lib: Fix CID 1306765 Unchecked return value from library
Fix a typo
rpc: Simplify dcerpc_binding_handle_raw_call()
lib: Strip genrand.c a bit
lib: Fix whitespace
lib: Streamline genrand.c includes
lib: Simplify arcfour_crypt
lib: Fix deps for LIBCRYPTO
lib: Make time-basic a library
lib: Make genrand independent
lib: Fix CID 1272913 Calling risky function
lib: Fix CID 1034723 Explicit null dereferenced
lib: Fix CID 1273234 Untrusted value as argument
lib: Fix CID 710685 Unchecked return value from library
lib: Fix CID 1272858 Copy-paste error
lib: Fix CID 1128556 Dereference after null check
lib: Remove unused functions
smbd: Fix CID 1273096 Dereference before null check
dsdb: Fix CID 1034745 Dereference after null check
dsdb: Fix CID 1034804 Dereference null return value
dsdb: Fix CID 1034803 Dereference null return value
dsdb: Fix CID 1034743 Dereference after null check
dsdb: Fix CID 1034742 Dereference after null check
dsdb: Fix CID 1034802 Dereference null return value
dsdb: Fix CID 1034719 Evaluation order violation
dsdb: Fix CID 1034687 Logically dead code
dsdb: Fix CID 1034902 Dereference before null check
libsmb: Streamline smb1cli_trans a bit
libsmb: Use fstr_sprint in convert_sid_to_string
lib: Fix rundown of open_socket_out()
libldap: Fix CID 1308982 Unchecked return value from library
dsdb: Rename a parameter
lib: Trim blocking.c
docs: Document smbclient "notify" command
vfs_fruit: Fix CID 1311244 Out-of-bounds read
lib: Add tevent_req_poll_unix
lib: Add server_id_db_prune_name
lib: Add server_id_db_pid()
lib: Add server_id_db_set_exclusive
param: Make "change notify" global
param: Make "kernel change notify" global
smbd: Add direct notify_fam support
smbd: Add the notify daemon
smbd: Start the notify daemon
smbd: Don't start the notify cleanup anymore
smbd: Replace the tdb-based notify_internal with notify_msg
smbd: Kernel change notify is done by notifyd
smbd: Remove the notify_fam module
notifyd: Add notifyd_parse_db()
notify: Re-add notify_walk()
smbd: Remove SMB_VFS_NOTIFY_WATCH
notify: Remove two now unused stubs
utils: add net notify
notifyd: Add notifydd
Remove ctdb_conn.[ch]
librpc: Fix a "ignoring asprint return" warning
tdb: Fix bug 11381, deadlock
tdb: Reproducer for Bug 11381
dalloc: Fix a typo
dalloc: Fix CID 1097369 API usage errors (VARARGS)
smbd: Fix CID 1311337 Error handling issues (CHECKED_RETURN)
smbd: Fix CID 1311338 Error handling issues (CHECKED_RETURN)
rpc_server: Fix CID 1311339 Error handling issues (CHECKED_RETURN)
rpc_server: Fix CID 1311340 Null pointer dereferences (NULL_RETURNS)
rpc_server: Fix CID 1311341 Integer handling issues (OVERFLOW_BEFORE_WIDEN)
rpc_server: Fix CID 1311342 Null pointer dereferences (REVERSE_INULL)
libsmb: Implement smbc_notify
vfs_fruit: Fix the 32-bit build
torture-notify: Give nonrecursive updates 200ms
ctdbd_conn: Fix a memleak
ctdbd_conn: Rename "ret"->"ok"
ctdbd_conn: Make ctdb_read_packet return 0/errno
ctdbd_conn: Convert ctdb_handle_message to return 0/errno
ctdbd_conn: Convert ctdb_read_req to return 0/errno
ctdbd_conn: Make register_with_ctdbd use an int-returning callback
ctdbd_conn: Return early from ctdbd_msg_call_back
ctdbd_conn: Do an early return from ctdb_read_req
ctdbd_conn: Move release_ip handling into process.c
vfs: Fix CID 1035384 Unchecked return value from library
vfs: Consolidate failure paths in vfswrap_init_asys_ctx
dbwrap_rbt: Make "key" and "value" aligned to 16 byte
pdb_tdb: Use fstr_sprintf
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list