[SCM] Samba Shared Repository - annotated tag samba-4.6.3 created
Karolin Seeger
kseeger at samba.org
Tue Apr 25 06:52:10 UTC 2017
The annotated tag, samba-4.6.3 has been created
at cf65634964f5d33fb46c38b0e27d523d5ee9285b (tag)
tagging bbdd5850b1d5fa44bbedcee8be60e4066ae0d680 (commit)
replaces samba-4.6.2
tagged by Karolin Seeger
on Mon Apr 24 12:15:08 2017 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.6.3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQBY/dAsbzORW2Vot+oRAg+kAJ9Gj4aLql6uW4rk2szaPOuLiVAANQCbB+vA
UTv7Wfvy+YEfshv7NQkw78Q=
=Dnnp
-----END PGP SIGNATURE-----
Alexander Bokovoy (7):
gssapi: check for gss_acquire_cred_from
lib/krb5_wrap: add smb_gss_krb5_import_cred wrapper
credentials_krb5: convert to use smb_gss_krb5_import_cred
libads: convert to use smb_gss_krb5_import_cred
s3-gse: convert to use smb_gss_krb5_import_cred
s3-gse: move krb5 fallback to smb_gss_krb5_import_cred wrapper
lib/crypto: implement samba.crypto Python module for RC4
Amitay Isaacs (3):
ctdb-readonly: Avoid a tight loop waiting for revoke to complete
ctdb-tools: Avoid deferencing argv[0] if argc == 0
ctdb-docs: Fix documentation of -n option to ctdb tool
Andreas Schneider (29):
replace: Include sysmacros.h
testprogs: Use smbclient by default in test_kinit_trusts
testprogs: Add kinit_trusts tests with smbclient4
krb5_wrap: Do not return an empty realm from smb_krb5_get_realm_from_hostname()
krb5_wrap: Try to guess the correct realm from the service hostname
krb5_wrap: pass client_realm to smb_krb5_get_realm_from_hostname()
krb5_wrap: Make smb_krb5_get_realm_from_hostname() public
s4:gensec-gssapi: Create a helper function to setup server_principal
s4:gensec_gssapi: Move setup of service_principal to update function
s4:gensec_gssapi: Use smb_krb5_get_realm_from_hostname()
s4:gensec_gssapi: Correctly handle external trusts with MIT
s3:gse: Use smb_krb5_get_realm_from_hostname()
krb5_wrap: Remove obsolete smb_krb5_get_principal_from_service_hostname()
s3:gse: Pass down the gensec_security pointer
s3:gse: Move setup of service_principal to update function
s3:gse: Check if we have a target_princpal set we should use
s3:gse: Correctly handle external trusts with MIT
auth/credentials: Always set the the realm if we set the principal from the ccache
testprogs: Correctly expand shell parameters
krb5_wrap: Print a warning for an invalid keytab name
s3:libads: Correctly handle the keytab kerberos methods
param: Allow to specify kerberos method on the commandline
testprogs: Test 'net ads join' with a dedicated keytab
s3:vfs_expand_msdfs: Do not open the remote address as a file
s3:libsmb: Only print error message if kerberos use is forced
s3:libads: Remove obsolete smb_krb5_get_ntstatus_from_init_creds()
nsswtich: Add negative tests for authentication with wbinfo
s3:tests: Add a subsitution test for %D %u %g
selftest: Define template homedir for 'ad_member' env
Christof Schmitt (1):
winbindd: Fix password policy for pam authentication
Hanno Böck (1):
cleanupdb: Fix a memory read error
Jeremy Allison (14):
s3: libgpo: Allow skipping GPO objects that don't have the expected LDAP attributes.
Fix for Solaris C compiler.
Changes to make the Solaris C compiler happy.
s3: locking: Move two leases functions into a new file.
s3: locking: Update oplock optimization for the leases era !
s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496 (CVE-2017-2619).
s3: Test for CVE-2017-2619 regression with "follow symlinks = no".
s3: Fixup test for CVE-2017-2619 regression with "follow symlinks = no"
s3: smbd: Fix "follow symlink = no" regression part 2.
s3: smbd: Fix "follow symlink = no" regression part 2.
s3: Test for CVE-2017-2619 regression with "follow symlinks = no" - part 2
lib: debug: Avoid negative array access.
s3:lib: Fix incorrect logic in sys_broken_getgroups()
s3:smbd: Fix incorrect use of sys_getgroups()
Karolin Seeger (7):
VERSION: Bump version up to 4.6.1...
Merge tag 'samba-4.6.1' into v4-6-test
VERSION: Bump version up to 4.6.2.
Merge tag 'samba-4.6.2' into v4-6-test
VERSION: Bump version up to 4.6.3.
WHATSNEW: Add release notes for Samba 4.6.3.
VERSION: Disable GIT_SNAPSHOTS for the 4.6.3 release.
Martin Schwenke (1):
autobuild: Stop waf uninstall from removing test_tmpdir
Michael Adam (3):
s3:vfs:shadow_copy2: fix quoting in debug messages
s3:vfs:shadow_copy2: fix the corner case if cwd=/ in make_relative_path
s3:vfs:shadow_copy2: fix corner case of "/@GMT-token" in shadow_copy2_strip_snapshot
Ralph Boehme (30):
lib/pthreadpool: fix a memory leak
s3/wscript: fix Linux kernel oplock detection
s3/smbd: add const to get_lease_type() args
s3/smbd: add comments and some reformatting to open_file_ntcreate()
s3/smbd: req is already validated at the beginning of open_file_ntcreate()
s3/smbd: simplify defer_open()
s3/smbd: add and use retry_open() instead of defer_open() in two places
s3/smbd: fix schedule_async_open() timer
s3/smbd: remove async_open arg from defer_open()
s3/smbd: all callers of defer_open() pass a lck
s3/smbd: fix deferred open with streams and kernel oplocks
s3/selftest: adopt config.h check from source4
s4/torture: some tests for kernel oplocks
manpages/vfs_fruit: document global options
vfs_fruit: resource fork open request with flags=O_CREAT|O_RDONLY
s4/torture: vfs_fruit: test for bug 12565
winbindd: use correct domain name for failed lookupsids
winbindd: remove unused single_domains array
selftest: new environment "ad_member_idmap_rid"
selftest: tests idmap mapping with idmap_rid
winbindd: use passdb backend for well-known SIDs
selftest: wbinfo -s tests for wellknown SIDs
selftest: wbinfo --sids-to-unix-ids tests for wellknown SIDs
winbindd: explicit check for well-known SIDs in wb_lookupsids_bulk()
selftest: fix for wbinfo -s tests for wellknown SIDs
s3/include: add NT_STATUS_LOOKUP_ERR
s3/rpc_client: use NT_STATUS_LOOKUP_ERR
s3/rpc_client: lookupsids error handling of NT_STATUS_NONE_MAPPED
winbindd: error handling in rpc_lookup_sids()
winbindd: trigger possible passdb_dsdb initialisation
Stefan Metzmacher (13):
idmap_autorid: allocate new domain range if the callers knows the sid is valid
s4:gensec_gssapi: the value gensec_get_target_principal() should overwrite gensec_get_target_hostname()
s4:gensec_gssapi: require a realm in gensec_gssapi_client_start()
HEIMDAL:kdc: make it possible to disable the principal based referral detection
s4:kdc: disable principal based autodetected referral detection
wafsamba: move -L/some/path from LINKFLAGS_PYEMBED to LIBPATH_PYEMBED
script/autobuild.py: cleanup the task subdirs when they're done.
script/autobuild.py: export PYTHONUNBUFFERED=1
script/autobuild.py: add a do_print() wrapper function that flushes after each message
script/autobuild.py: try to make TMPDIR handling more verbose
script/autobuild.py: ignore missing test_tmpdir
rpcclient: allow -U'OTHERDOMAIN\user' again
pam_winbind: no longer use wbcUserPasswordPolicyInfo when authenticating
Uri Simchoni (9):
smbd: add zero_file_id flag
vfs_fruit: enable zero file id
vfs_fruit: document added zero_file_id parameter
torture: add torture_assert_mem_not_equal_goto()
selftest: tests for vfs_fruite file-id behavior
selftest: test fetching a large ACL from vfs_acl_xattr
vfs_xattr_tdb: handle case of zero size.
vfs_acl_xattr: factor out fetching of an extended attribute
vfs_acl_xattr: avoid needlessly supplying a large buffer to getxattr()
Volker Lendecke (5):
smbd: Do an early exit on negprot failure
torture3: Add test for smbd crash
s3:winbind: Use the correct talloc context for user information
smbd: Fix smb1 findfirst with DFS
selftest: Test for bug 12558
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list