[SCM] Samba Shared Repository - annotated tag talloc-2.1.7 created
Stefan Metzmacher
metze at samba.org
Fri May 6 08:16:12 UTC 2016
The annotated tag, talloc-2.1.7 has been created
at 6a76633624545bac8bc635e3cedcb6a93d5975b4 (tag)
tagging 83b64ae64b315ccc37b9fce66f19ab0d342ad3ba (commit)
replaces tdb-1.3.9
tagged by Stefan Metzmacher
on Fri May 6 10:15:49 2016 +0200
- Log -----------------------------------------------------------------
talloc: tag release talloc-2.1.7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJXLFK1AAoJEEeTkWETCEAlis0IAMFKcpR1OlsZKwm7nSf0O1nG
WYp6/CBNbQy9TJFxH0LuW2oYs5/329tL2GTzmsm9MdpveAg/Hqt/gXwbC1sv6n+T
3Qbxm6E10SaNoTEDcLDaDU5LFfDnFcfUW3zO0txNLntHyU4GM/1bG8LLh4kRTPUH
81ov0EEhBOWHZ+O/5etlAavUAJ9tId03W5wn8k2z9BJzS4wDimkANWHjJ+cnG3Bm
0ky8j9Qt1cym3EKtvq/ETk0BuUYUocB2073nj6HgJmY5/TuWXK4G8tSz9Y6ONaD0
ADkDIKt7J4rdcwXTHezEj910e/V6ap6NTwQOXRQNaPAJJCkY5eEEg3ksbot36Ug=
=vk6R
-----END PGP SIGNATURE-----
Amitay Isaacs (31):
ctdb-doc: Add sample LVS configuration
ctdb-system: Fix typo in ctdb_get_peer_pid
ctdb-protocol: Remove unused CTDB_SRVID_PREFIX
ctdb-protocol: Define a range of SRVIDs used by the ctdb tool
ctdb-daemon: Avoid memory leak
ctdb-tests: Update tests to include new controls
ctdb-tests: Fix flakey test complex/18_ctdb_reloadips.sh
ctdb-tests: Improve code coverage in tests
ctdb-daemon: Remove unused controls related to server_id
ctdb-tool: Remove commands related to server_id
ctdb-client: Remove client functions related to server_id
ctdb-protocol: Remove data structures for obsolete server_id controls
ctdb-client: Set control opcode in reply for one-way controls
ctdb-protocol: Consistency check for opcode in the reply structure
ctdb-client: Use correct TDB flags for opening database
ctdb-protocol: Fix marshalling of ctdb_string
ctdb-protocol: Use ctdb_string marshalling
ctdb-protocol: Fix marshalling of TDB_DATA
ctdb-protocol: Use TDB_DATA marshalling
ctdb-protocol: Fix marshalling of ctdb_req_header
ctdb-protocol: Use ctdb_req_header marshalling
ctdb-protocol: Add length routines for protocol elements
ctdb-protocol: Use length routines for protocol elements
ctdb-protocol: Fix marshalling of ctdb_reply_control
ctdb-protocol: Expose function to allocate a packet
ctdb-protocol: Check arguments in ctdb_allocate_pkt
ctdb-tests: Make sure the packet length matches the allocated size
ctdb-protocol: Drop buffer allocation from protocol push functions
ctdb-protocol: Use consistent names for function arguments
ctdb-client: Drop unnecessary discard_const
ctdb-protocol: Return required buffer size in push functions
Andreas Schneider (4):
util: Add memcmp_const_time()
libcli:smb2: Use constant time memcmp() to verify the signature
s4:libcli:smb2: Use constant time memcmp() to verify the signature
s3-libads: Fix compilation with MIT Kerberos
Andrew Bartlett (3):
dsdb: Only re-query dSHeuristics for userPassword support on modifies
libndr: Add ndr_pull_struct_blob_all_noalloc
ldb-samba: Use ndr_pull_struct_blob_all_noalloc
Björn Jacke (1):
testsuit/manage-ca.sh: specify key size in CSRs
Christian Ambach (5):
s3:smbd/service disable case-sensitivity for SMB2/3 connections
s3:smbd/service apply some code formatting
s3:smbd/filename remove smelly code
selftest: test for case insensitivity over SMB2/SMB3
s3:smbd remove todo comments
Christof Schmitt (4):
winbindd: Remove unused prototypes for winbindd_group.c
gensec: Change log level of message when no PAC is found
smbcacls: Do not read old ACL for 'set' operation
ctdb/ltdbtool: Fix static declarations
David Disseldorp (2):
printing: use housekeeping period that matches cache time
printing: handle "printcap cache time" change on HUP
Douglas Bagnall (5):
VLV: initialise struct using names for clarity
VLV: handle empty results correctly
VLV: test using restrictive expressions
.gitignore: don;t accidentally ignore some files
Fix formatting issue on 32bit with _FILE_OFFSET_BITS == 64
Garming Sam (16):
rodc: Allow RODC preload to continue with invalid users
tests/rodc: Check that preload will skip broken users
tests/dsdb: Verify that only a new ldb affects reads of userPassword
tests/passwords: fix a typo
dbcheck: Avoid pathological behaviour in operational module
dns: remove double talloc for strings
dnsserver: Remove C++ style comment
selftest: Remove an early return in the fl2003dc provision
dns: modify dns forwarder param to be multi-valued
tests/dns_forwarder: Add testing for DNS forwarding
tests/dns: Add additional testing of CNAME handling
tests/dns_forwarder: remove statically defined IPs
tests/dns_forwarder: Add an extra test for inactive forwarders
tests/dns_forwarder: Add additional testing for no flag recursive
autobuild: Return the last 50 log lines
autobuild: fix typo in autobuild success subject line
Günther Deschner (5):
CVE-2016-2111: s3:rpc_server/netlogon: always go through netr_creds_server_step_check()
lib:krb5_wrap:krb5_samba: increase debug level for smb_krb5_get_default_realm_from_ccache().
s3:librpc:crypto:gse: increase debug level for gse_init_client().
libcli/smb: fix NULL pointer derreference in smbXcli_session_is_authenticated().
s3:client:smbspool_krb5_wrapper: fix the non clearenv build.
Hemanth Thummala (1):
Mask general purpose signals for notifyd.
Ivo De Decker (1):
Add build option for default smbpasswd location
Jeremy Allison (2):
CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec
lib: dns: Clean up allocated structure on error exit.
Jose A. Rivera (1):
ctdb-scripts: Avoid dividing by zero in memory calculation
Jérémie Courrèges-Anglas (2):
Fix CHECK_CODE usage in atomics builtin detection
Provide fallback code for non-portable clearenv(3)
Martin Schwenke (56):
ctdb-scripts: die() should output to stderr
ctdb-scripts: Drop hardcoded /sbin and /proc paths in LVS eventscript
ctdb-scripts: LVS eventscript error redirection improvements
ctdb-scripts: Drop "recovered" event from 91.lvs
ctdb-tests: Allow scope to be specified in "ip addr add" stub
ctdb-tests: Add loopback support for "ip link show" stub
ctdb-tests: Add 32-bit netmask support to "ip addr show" stub
ctdb-tests: Add ipvsadm test stub
ctdb-tests: LVS support for ctdb tool stub
ctdb-tests: Add unit tests for LVS eventscript
ctdb-scripts: LVS eventscript cleanups
ctdb-tools: Add new ctdb_lvs helper
ctdb-scripts: Move ctdb_get_ip_address() to functions file
ctdb-scripts: Call out to ctdb_lvs helper from 91.lvs
ctdb-scripts: Add monitoring of CTDB_LVS_PUBLIC_IFACE
ctdb-tool: Change ctdb lvs/lvsmaster CLI commands to use ctdb_lvs helper
ctdb-tools: Change ctdb CLI to have a single "lvs" command
ctdb-scripts: Simplify "ctdb lvs ..." output
ctdb-daemon: Drop --single-public-ip option and related code
ctdb-daemon: Drop --lvs option and support for CTDB_CAP_LVS
ctdb-daemon: Log a message when fork(2) fails
ctdb-scripts: Missing NFS thread count file should just produce warning
ctdb-scripts: Use ss instead of netstat for finding TCP connections
ctdb-tools: Remove simple uses of strcpy(3)
ctdb-tools: Fix a dangling reference to the LVS capability
ctdb-scripts: Improve error messages when using NFS service_check_cmd
ctdb-daemon: Move port filtering to server side when getting tickles
ctdb-ipalloc: Do ipreallocated even if no IP addresses can be allocated
ctdb-scripts: Fix incorrect comment
ctdb-scripts: Tweak NAT gateway list output format
ctdb-scripts: Drop node count from "ctdb natgw status" output
ctdb-tools: Add top-level "ctdb natgw" command
ctdb-tests: Make ctdb natgw tool tests cover all the desired outputs
ctdb-tools: Drop "ctdb natgwlist"
ctdb-tools: Drop onnode node specifications for recmaster/lvs/natgw
ctdb-build: ctdb-system depends on samba-util for debug
ctdb-recovery: Rename recovery lock functions and struct
ctdb-recovery: Use single char ASCII numbers for status from child
ctdb-recovery: Factor out new function set_recmode_handler()
ctdb-recovery: Use a configurable handler when testing cluster mutex
ctdb-recovery: Factor out reclock testing into ctdb_cluster_mutex()
ctdb-recovery: Add optional timeout argument to ctdb_cluster_mutex()
ctdb-tools: Simplify "ctdb getreclock" output
ctdb: Add new helper ctdb_mutex_fcntl_helper
ctdb-recovery: Switch ctdb_cluster_mutex() to use helper
ctdb-recovery: Kill cluster mutex helper with a signal that can be caught
ctdb-recovery: Reimplement ctdb_recovery_lock() using ctdb_cluster_mutex()
ctdb-recovery: Parse recovery lock setting
ctdb-recovery: Recovery lock setting can now include helper command
ctdb_recovery: ctdb_cluster_mutex() now takes an argstring argument
ctdb-recovery: Factor out setting of cluster mutex handler
ctdb-cluster-mutex: Factor out cluster mutex code
ctdb-recovery: Move recovery lock functions to recovery daemon code
ctdb-recovery: Move recovery lock latency updating to handler
ctdb-doc: Document cluster mutex helper API
ctdb-doc: Fix example NFS Ganesha recovery directory maintenance logic
Noel Power (34):
s3:libsmb: Fix illegal memory access after memory has been deleted.
s4:libnet: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:rpc: fix valgrind Syscall param writev(vector[...]) error
s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' error
s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' valgrind error
s4:lib:registry: fix 'Conditional jump or move' valgrind error.
s4:torture:basic fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error.
s4:libcli: fix 'Conditional jump or move' valgrind error
s4:torture:basic: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:basic: fix 'Conditional jump or move ' valgrind error
s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:raw: fix 'use of uninitialised value of size 8' valgrind errors
s4:torture:raw: fix 'Conditional jump or move' valgrind error.
s4:torture:raw: fix 'Invalid read of size 1 & Conditional jump or move' errors.
s4:torture:smb2: fix Use of 'uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
s4:torture:libnet: fix 'Conditional jump or move' valgrind error
s4:torture:libnet: fix 'Syscall param writev(vector[...])' valgrind error
s4:torture:vfs: fix Invalid read of size 8 valgrind valgrind error (and segv)
fix Invalid read of size 8
Partha Sarathi (1):
Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel
Petr Cech (1):
LDB: Redudant test on NULL context remove
Ralph Boehme (25):
CVE-2016-2114: libcli/smb: let mandatory signing imply allowed signing
CVE-2016-2114: s3:smbd: enforce "server signing = mandatory"
CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULT
CVE-2016-2115: net: use SMB_SIGNING_IPC_DEFAULT
CVE-2016-2115: s3:lib/netapi: use SMB_SIGNING_IPC_DEFAULT
CVE-2016-2115: s3:auth_domain: use SMB_SIGNING_IPC_DEFAULT
CVE-2016-2115: s3:libnet: use SMB_SIGNING_IPC_DEFAULT
CVE-2016-2115: s3:libsmb: use SMB_SIGNING_IPC_DEFAULT and lp_client_ipc_{min,max}_protocol()
cleanupd: restart as needed
krb5_wrap: add enctype arg to smb_krb5_kt_seek_and_delete_old_entries()
krb5_wrap: fix keep_old_entries logic in smb_krb5_kt_seek_and_delete_old_entries()
s4/libnet: fix exporting to keytab by SPN
s4: add a minimal ktutil for selftest
selftest/samba4.blackbox.export.keytab: use spn based on fqdn
selftest/samba4.blackbox.export.keytab: check exported keytabs
s4/heimdal: allow SPNs in AS-REQ
selftest/samba4.blackbox.export.keytab: check AS-REQ with SPN
s3/rpc_server: mdssvc: suppress compiler warnings from glib headers
winbindd: check if dcinfo from genache is expired
s3/lib: rework get_remote_arch_str() to use an array
s3/lib: add get_remote_arch_from_str()
s3/lib: add remote arch caching
smbd: use remote arch caching
s3:libnet:libnet_join: add netbios aliases as SPNs
vfs_fruit: add an option that allows disabling POSIX rename behaviour
Richard Sharpe (3):
Fixes an obvious copy-paste error in source3/utils/net_dns.c
Refactor the dns_open_connection code so that duplicate code is removed and ensure that EINTR is handled in the UDP path.
selfttest: add common_test_fns.inc
Robin Hack (6):
ctdb-tests: Fix CID 1358704 use of "=" where "==" may have been intended
talloc/testsuite: Fix CID 1291641 - Logically dead code
lib/http/http_auth: Fix CID 1273428 - Unchecked return value
dcesrv_backupkey_heimdal: Fix CID 1321647 - Unchecked return value
ldb-samba/ldb_matching_rules: Fix CID 1349424 - Uninitialized pointer read
winbindd/idmap_rfc2307: Fix CID 1273424 - Read from pointer after free
Robin McCorkell (1):
Correctly set cli->raw_status for libsmbclient in SMB2 code
Saji VR (1):
lib:talloc. Fix memory leak when destructors reparent children.
Stefan Metzmacher (224):
Revert "selftest: dbcheck should not be marked flapping"
CVE-2016-2110: auth/ntlmssp: let ntlmssp_handle_neg_flags() return NTSTATUS
CVE-2016-2110: auth/ntlmssp: maintain conf_flags and required_flags variables
CVE-2016-2110: auth/ntlmssp: split allow_lm_response from allow_lm_key
CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH
CVE-2016-2110: auth/ntlmssp: don't let ntlmssp_handle_neg_flags() change ntlmssp_state->use_ntlmv2
CVE-2016-2110: auth/ntlmssp: let gensec_ntlmssp_client_start require flags depending on the requested features
CVE-2016-2110: auth/ntlmssp: let gensec_ntlmssp_client_start require NTLM2 (EXTENDED_SESSIONSECURITY) when using ntlmv2
CVE-2016-2110: winbindd: add new_spnego to the WINBINDD_CCACHE_NTLMAUTH response
CVE-2016-2110: libcli/auth: use enum spnego_negResult instead of uint8_t
CVE-2016-2110: libcli/auth: add SPNEGO_REQUEST_MIC to enum spnego_negResult
CVE-2016-2110: auth/gensec: fix the client side of a new_spnego exchange
CVE-2016-2110: auth/gensec: fix the client side of a spnego downgrade
CVE-2016-2110: auth/gensec: require spnego mechListMIC exchange for new_spnego backends
CVE-2016-2110: auth/gensec: add gensec_may_reset_crypto() infrastructure
CVE-2016-2110: auth/ntlmssp: call ntlmssp_sign_init if we provide GENSEC_FEATURE_SIGN
CVE-2016-2110: auth/ntlmssp: implement gensec_ntlmssp_may_reset_crypto()
CVE-2016-2110: auth/credentials: clear the LMv2 key for NTLMv2 in cli_credentials_get_ntlm_response()
CVE-2016-2110: auth/credentials: pass server_timestamp to cli_credentials_get_ntlm_response()
CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()
CVE-2016-2110: ntlmssp.idl: add NTLMSSP_MIC_{OFFSET,SIZE}
CVE-2016-2110: auth/ntlmssp: implement new_spnego support including MIC checking (as server)
CVE-2016-2110: auth/ntlmssp: implement new_spnego support including MIC generation (as client)
CVE-2016-2111: auth/gensec: require DCERPC_AUTH_LEVEL_INTEGRITY or higher in schannel_update()
CVE-2016-2111: auth/gensec: correctly report GENSEC_FEATURE_{SIGN,SEAL} in schannel_have_feature()
CVE-2016-2111: s4:rpc_server: implement 'server schannel = yes' restriction
CVE-2016-2111: s4:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6
CVE-2016-2111: s3:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6
CVE-2016-2111: s4:torture/rpc: fix rpc.samba3.netlogon ntlmv2 test
CVE-2016-2111: s4:torture/rpc: fix rpc.pac ntlmv2 test
CVE-2016-2111: libcli/auth: add NTLMv2_RESPONSE_verify_netlogon_creds() helper function
CVE-2016-2111: s4:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
CVE-2016-2111: s3:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
CVE-2016-2111: s4:torture/raw: don't use ntlmv2 for dos connection in raw.samba3badpath
CVE-2016-2111: s4:torture/base: don't use ntlmv2 for dos connection in base.samba3error
CVE-2016-2111: s4:libcli: don't allow the LANMAN2 session setup without "client lanman auth = yes"
CVE-2016-2111: s4:param: use "client use spnego" to initialize options->use_spnego
CVE-2016-2111: s4:libcli: don't send a raw NTLMv2 response when we want to use spnego
CVE-2016-2111: s3:libsmb: don't send a raw NTLMv2 response when we want to use spnego
CVE-2016-2111: docs-xml: document the new "client NTLMv2 auth" and "client use spnego" interaction
CVE-2016-2111: docs-xml: add "raw NTLMv2 auth" defaulting to "yes"
CVE-2016-2111: s3:auth: implement "raw NTLMv2 auth" checks
CVE-2016-2111: s4:smb_server: implement "raw NTLMv2 auth" checks
CVE-2016-2111: selftest:Samba3: use "raw NTLMv2 auth = yes" for nt4_dc
CVE-2016-2111: docs-xml/smbdotconf: default "raw NTLMv2 auth" to "no"
CVE-2016-2112: s3:libads: make sure we detect downgrade attacks
CVE-2016-2112: s4:libcli/ldap: honour "client ldap sasl wrapping" option
CVE-2016-2112: s4:libcli/ldap: make sure we detect downgrade attacks
CVE-2016-2112: s4:libcli/ldap: auto upgrade to SIGN after STRONG_AUTH_REQUIRED
CVE-2016-2112: s4:selftest: use --option=clientldapsaslwrapping=plain for plain connections
CVE-2016-2112: s4:ldap_server: reduce scope of old_session_info variable
CVE-2016-2112: docs-xml: add "ldap server require strong auth" option
CVE-2016-2112: s4:ldap_server: implement "ldap server require strong auth" option
CVE-2016-2112: s4:selftest: run samba4.ldap.bind against fl2008r2dc
CVE-2016-2112: selftest: servers with explicit "ldap server require strong auth" options
CVE-2016-2112: s4:selftest: run some ldap test against ad_dc_ntvfs, fl2008r2dc and fl2003dc
CVE-2016-2112: docs-xml: change the default of "ldap server require strong auth" to "yes"
CVE-2016-2113: s4:lib/tls: create better certificates and sign the host cert with the ca cert
CVE-2016-2113: s4:lib/tls: implement infrastructure to do peer verification
CVE-2016-2113: docs-xml: add "tls verify peer" option defaulting to "no_check"
CVE-2016-2113: s4:selftest: explicitly use '--option="tlsverifypeer=no_check" for some ldaps tests
CVE-2016-2113: s4:libcli/ldap: verify the server certificate and hostname if configured
CVE-2016-2113: s4:librpc/rpc: verify the rpc_proxy certificate and hostname if configured
CVE-2016-2113: selftest: test all "tls verify peer" combinations with ldaps
CVE-2016-2113: selftest: use "tls verify peer = no_check"
CVE-2016-2113: docs-xml: let "tls verify peer" default to "as_strict_as_possible"
CVE-2016-2114: s4:smb2_server: fix session setup with required signing
CVE-2016-2114: s3:smbd: use the correct default values for "smb signing"
CVE-2016-2114: docs-xml: let the "smb signing" documentation reflect the reality
CVE-2016-2115: docs-xml: add "client ipc min protocol" and "client ipc max protocol" options
CVE-2016-2115: docs-xml: add "client ipc signing" option
CVE-2016-2115: s4:libcli/raw: add smbcli_options.min_protocol
CVE-2016-2115: s4:libcli/smb2: use the configured min_protocol
CVE-2016-2115: s4:libcli/raw: limit maxprotocol to NT1 in smb_raw_negotiate*()
CVE-2016-2115: s4:libcli/raw: pass the minprotocol to smb_raw_negotiate*()
CVE-2016-2115: s4:librpc/rpc: make use of "client ipc *" options for ncacn_np
CVE-2016-2115: s3:winbindd: use lp_client_ipc_{min,max}_protocol()
CVE-2016-2115: s3:winbindd: use lp_client_ipc_signing()
CVE-2016-2115: s3:libsmb: let SMB_SIGNING_IPC_DEFAULT use "client ipc min/max protocol"
CVE-2016-2115: docs-xml: always default "client ipc signing" to "mandatory"
CVE-2016-2118: s4:rpc_server: make it possible to define a min_auth_level on a presentation context
CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY
CVE-2016-2118: s4:rpc_server/backupkey: require DCERPC_AUTH_LEVEL_PRIVACY
CVE-2016-2118: python:tests/dcerpc: use [sign] for dnsserver tests
CVE-2016-2118: s4:rpc_server/dnsserver: require at least DCERPC_AUTH_LEVEL_INTEGRITY
CVE-2016-2118: s3: rpcclient: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY
CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY
CVE-2016-2118: s4:librpc: use integrity by default for authenticated binds
CVE-2016-2118: docs-xml: add "allow dcerpc auth level connect" defaulting to "yes"
CVE-2016-2118: s4:rpc_server: make use of "allow dcerpc auth level connect"
CVE-2016-2118: s4:rpc_server/lsa: reject DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s4:rpc_server/samr: reject DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s4:rpc_server/netlogon: reject DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s4:rpc_server/epmapper: allow DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s4:rpc_server/mgmt: allow DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s4:rpc_server/rpcecho: allow DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s3:rpc_server: make use of "allow dcerpc auth level connect"
CVE-2016-2118: s3:rpc_server/{samr,lsa,netlogon}: reject DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: s3:rpc_server/{epmapper,echo}: allow DCERPC_AUTH_LEVEL_CONNECT by default
CVE-2016-2118: docs-xml: default "allow dcerpc auth level connect" to "no"
CVE-2016-2118: s4:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
CVE-2016-2118: s3:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
CVE-2015-5370: dcerpc.idl: add DCERPC_{NCACN_PAYLOAD,FRAG}_MAX_SIZE defines
CVE-2015-5370: librpc/rpc: simplify and harden dcerpc_pull_auth_trailer()
CVE-2015-5370: s3:librpc/rpc: don't call dcerpc_pull_auth_trailer() if auth_length is 0
CVE-2015-5370: s4:librpc/rpc: send a dcerpc_sec_verification_trailer if needed
CVE-2015-5370: s4:librpc/rpc: maintain dcecli_security->auth_{type,level,context_id}
CVE-2015-5370: s4:librpc/rpc: use auth_context_id = 1
CVE-2015-5370: s4:librpc/rpc: use a local auth_info variable in ncacn_push_request_sign()
CVE-2015-5370: s4:librpc/rpc: avoid using hs->p->conn->security_state.auth_info in dcerpc_bh_auth_info()
CVE-2015-5370: s4:librpc/rpc: avoid using c->security_state.auth_info in ncacn_pull_request_auth()
CVE-2015-5370: s4:librpc/rpc: always use ncacn_pull_request_auth() for DCERPC_PKT_RESPONSE pdus
CVE-2015-5370: s4:librpc/rpc: avoid dereferencing sec->auth_info in dcerpc_request_prepare_vt()
CVE-2015-5370: s4:librpc/rpc: simplify checks if gensec is used in dcerpc_ship_next_request()
CVE-2015-5370: s4:librpc/rpc: avoid using dcecli_security->auth_info and use per request values
CVE-2015-5370: s4:librpc/rpc: finally verify the server uses the expected auth_{type,level,context_id} values
CVE-2015-5370: librpc/rpc: add a dcerpc_verify_ncacn_packet_header() helper function
CVE-2015-5370: s3:rpc_client: move AS/U hack to the top of cli_pipe_validate_current_pdu()
CVE-2015-5370: s3:rpc_client: remove useless frag_length check in rpc_api_pipe_got_pdu()
CVE-2015-5370: s4:librpc/rpc: make use of dcerpc_map_ack_reason() in dcerpc_bind_recv_handler()
CVE-2015-5370: s4:librpc/rpc: handle DCERPC_PKT_FAULT before anything else in dcerpc_alter_context_recv_handler()
CVE-2015-5370: s4:librpc/rpc: use dcerpc_verify_ncacn_packet_header() to verify BIND_ACK,ALTER_RESP,RESPONSE pdus
CVE-2015-5370: s4:librpc/rpc: protect dcerpc_request_recv_data() against too large payloads
CVE-2015-5370: s4:rpc_server: make use of talloc_zero()
CVE-2015-5370: s4:rpc_server: no authentication is indicated by pkt->auth_length == 0
CVE-2015-5370: s4:rpc_server: check the result of dcerpc_pull_auth_trailer() in dcesrv_auth_bind()
CVE-2015-5370: s4:rpc_server: maintain dcesrv_auth->auth_{type,level,context_id}
CVE-2015-5370: s4:rpc_server: make use of dce_call->conn->auth_state.auth_* in dcesrv_request()
CVE-2015-5370: s4:rpc_server/lsa: make use of dce_call->conn->auth_state.auth_{level,type}
CVE-2015-5370: s4:rpc_server/samr: make use of dce_call->conn->auth_state.auth_level
CVE-2015-5370: s4:rpc_server/netlogon: make use of dce_call->conn->auth_state.auth_{level,type}
CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit}_frag
CVE-2015-5370: s4:rpc_server: avoid ZERO_STRUCT() in dcesrv_fault()
CVE-2015-5370: s4:rpc_server: set alloc_hint = 24 in dcesrv_fault()
CVE-2015-5370: s4:rpc_server: fill context_id in dcesrv_fault()
CVE-2015-5370: s4:rpc_server: split out a dcesrv_fault_with_flags() helper function
CVE-2015-5370: s4:rpc_server: add some padding to dcesrv_bind_nak() responses
CVE-2015-5370: s4:rpc_server: return the correct secondary_address in dcesrv_bind()
CVE-2015-5370: s4:rpc_server: make dcesrv_process_ncacn_packet() static
CVE-2015-5370: s4:rpc_server: add infrastructure to terminate a connection after a response
CVE-2015-5370: s4:rpc_server: verify the protocol headers before processing pdus
CVE-2015-5370: s4:rpc_server: ensure that the message ordering doesn't violate the spec
CVE-2015-5370: s4:rpc_server: maintain in and out struct dcerpc_auth per dcesrv_call_state
CVE-2015-5370: s4:rpc_server: make sure alter_context and auth3 can't change auth_{type,level,context_id}
CVE-2015-5370: s4:rpc_server: let invalid request fragments disconnect the connection with a protocol error
CVE-2015-5370: s4:rpc_server: remove pointless dcesrv_find_context() from dcesrv_bind()
CVE-2015-5370: s4:rpc_server: don't derefence an empty ctx_list array in dcesrv_alter()
CVE-2015-5370: s4:rpc_server: changing an existing presentation context via alter_context is a protocol error
CVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()
CVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PKG_ERROR
CVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as invalid
CVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()
CVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid auth_level values
CVE-2015-5370: s4:rpc_server: check frag_length for requests
CVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByte
CVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a time
CVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (association)
CVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCERPC_FAULT_NO_CALL_ACTIVE
CVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_auth_trailer()
CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_check_auth()
CVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} against the expected values.
CVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()
CVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header() in cli_pipe_validate_current_pdu()
CVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too large payloads
CVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_one_done()
CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_{bind_req,alter_context,bind_auth3}()
CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connection as broken
CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req()
CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet()
CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already finished
CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid
CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3
CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context()
CVE-2015-5370: s3:rpc_server: verify presentation context arrays
CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus
CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu
CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken
CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors
CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()
CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first
CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req()
CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_auth3,alter_context}()
CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_data
CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_id
CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id
CVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add_auth_footer()
CVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()
CVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_one_done()
CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context}
CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destructor()
CVE-2015-5370: s3:rpc_client: disconnect connection on protocol errors
CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors
CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol tests for DCERPC
CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol tests
CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc
s3:libads: sasl wrapped LDAP connections against with kerberos and arcfour-hmac-md5
s4:gensec_tstream: allow wrapped messages up to a size of 0xfffffff
s3:libads/sasl: allow wrapped messages up to a size of 0xfffffff
auth/spnego: change log level for 'Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR'
auth/spnego: handle broken mechListMIC response from Windows 2000
auth/ntlmssp: don't require any flags in the ccache_resume code
auth/ntlmssp: don't require NTLMSSP_SIGN for smb connections
s3:libsmb: use password = NULL for anonymous connections
libcli/smb: add smb1cli_session_set_action() helper function
libcli/smb: add SMB1 session setup action flags
libcli/smb: add smbXcli_session_is_guest() helper function
s3:libsmb: record the session setup action flags
s3:libsmb: don't finish the gensec handshake for guest logins
s3:libsmb: use anonymous authentication via spnego if possible
auth/spnego: only try to verify the mechListMic if signing was negotiated.
s4:auth_anonymous: anonymous authentication doesn't allow a password
s3:auth_builtin: anonymous authentication doesn't allow a password
libcli/security: implement SECURITY_GUEST
s3:smbd: make use SMB_SETUP_GUEST constant
s3:smbd: only mark real guest sessions with the GUEST flag
auth/ntlmssp: do map to guest checking after the authentication
auth/spnego: add spnego:simulate_w2k option for testing
auth/ntlmssp: add ntlmssp_{client,server}:force_old_spnego option for testing
selftest:Samba4: provide DC_* variables for fl2000dc and fl2008r2dc
s3:test_smbclient_auth.sh: this script reqiures 5 arguments
selftest:Samba4: let fl2000dc use Windows2000 supported_enctypes
selftest:Samba4: let fl2000dc use Windows2000 style SPNEGO/NTLMSSP
s3:selftest: add smbclient_ntlm tests
talloc: version 2.1.7
Tom Mortensen (2):
nss_wins: ip_pton expects the raw IP address
nss_wins: Fix the hostent setup
Uri Simchoni (3):
libads: record session expiry for spnego sasl binds
nt-quotas: fixup failure case for TRANSACT_GET_USER_QUOTA_FOR_SID
xfs quotas - fix case of no quota for user
Volker Lendecke (31):
tdb mutex check: Fix CID 1358473 Uninitialized scalar variable
idmap_ad: Separate out the nss functions
tldap: Add tldap_get/set_stream
tldap: Add tldap_gensec_bind
winbind: Add wb_dsgetdcname_gencache_[gs]et
winbind: handle DC_NOT_FOUND in wb_sids2xids
winbind: handle DC_NOT_FOUND in wb_xids2sids
winbind: Base idmap_ad on tldap
pdb_ldap: Don't use autofree if "mods" still changes
ctdbd_conn: Adapt loop counter's type to the loop limit
ctdbd_conn: Use sys_poll_intr
ctdbd_conn: Use ctdbd_init_connection in ctdbd_probe
ctdbd_conn: Make ctdbd_init_connection public
lib: Use ctdbd_init_connection in messaging_ctdbd_init
ctdbd_conn: Remove unused ctdbd_messaging_connection
lib: Move ctdbd_init_connection out of ctdbd_traverse()
lib: serverid.h references struct server_id
ctdbd_conn: Avoid "includes.h"
ctdbd_conn: Use ctdbd_control_local where possible
ctdbd: Use talloc_memdup where appropriate
ctdbd_conn: Add some more debug info
ctdbd_conn: Make "cstatus" int32_t
dbwrap_ctdb: Fix ENOENT->NT_STATUS_NOT_FOUND
smbd: Avoid large reads beyond EOF
docs: Fix an outdated remark, tdbsam is default
lib: The base64 chars are by definition single-byte :-)
lib: =0 and |= is equivalent to =
lib: Make callers of base64_encode_data_blob check for success
lib: Remove SMB_ASSERT from base64_encode_data_blob
lib: Give base64.c its own .h
lib: Avoid includes.h in base64.c
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list