[SCM] Samba Shared Repository - annotated tag samba-4.5.13 created

Karolin Seeger kseeger at samba.org
Thu Aug 31 06:58:49 UTC 2017 

The annotated tag, samba-4.5.13 has been created
        at  79f7ddd8e8d36b99e4d92baf679b1612d78c88c6 (tag)
   tagging  3c9bc040e234bfe3a645a06630ee2258572f3f56 (commit)
  replaces  samba-4.5.12
 tagged by  Karolin Seeger
        on  Thu Aug 31 08:58:25 2017 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.5.13
-----BEGIN PGP SIGNATURE-----

iEYEABECAAYFAlmns5EACgkQbzORW2Vot+pgYQCdGQLGVfSsUQCpdNf01MJ334En
7NcAmgJmUYiwTumQvTC/ITDhmT7GnCJP
=xC2y
-----END PGP SIGNATURE-----

David Disseldorp (1):
      vfs_ceph: fix cephwrap_chdir()

Günther Deschner (2):
      werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in source3/libnet/libnet_join.c
      vfs_fruit: add fruit:model = <modelname> parametric option

Jeremy Allison (6):
      s3: smbd: Fix a read after free if a chained SMB1 call goes async.
      s3: libsmb: Reverse sense of 'clear all attributes', ignore attribute change in SMB2 to match SMB1.
      s3: libsmbclient: Fix cli_setpathinfo_basic() to treat mode == -1 as no change.
      s3: libsmb: Add cli_smb2_setpathinfo(), to be called by cli_setpathinfo_basic().
      s3: libsmb: Implement cli_smb2_setatr() by calling cli_smb2_setpathinfo().
      s3: torture: Add a test for cli_setpathinfo_basic() to smbtorture3.

Karolin Seeger (2):
      WHATSNEW: Add release notes for Samba 4.5.13.
      VERSION: Disable GIT_SNAPSHOTS for the 4.5.13 release.

Ralph Boehme (19):
      s3/smbd: let non_widelink_open() chdir() to directories directly
      selftest: add a test for accessing previous version of directories with snapdirseverywhere
      vfs_fruit: don't use MS NFS ACEs with Windows clients
      s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init
      s3/smbd: handling of failed DOS attributes reading
      s3/smbd: handle EACCES when fetching DOS attributes from xattr
      vfs_gpfs: handle EACCES when fetching DOS attributes from xattr
      vfs_streams_xattr: invalidate stat info if xattr was not found
      vfs_streams_xattr: remove all uses of fd, use name based functions
      vfs_streams_xattr: remove fsp argument from get_xattr_size()
      vfs_streams_xattr: always pass NULL as fsp arg to get_ea_value()
      vfs_streams_xattr: implement all missing handle based VFS functions
      vfs_streams_xattr: return a fake fd in streams_xattr_open()
      s4/torture: reproducer for kernel oplocks issue with streams
      s4/torture: additional tests for kernel-oplocks
      vfs_fruit: use path based setxattr call in ad_fset()
      vfs_fruit: don't open basefile in ad_open() and simplify API
      vfs_fruit: return fake pipe fd in fruit_open_meta_netatalk()
      vfs_fruit: factor out common code from ad_get() and ad_fget()

Stefan Metzmacher (59):
      VERSION: Bump version up to 4.5.13...
      s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface()
      krb5_wrap: add smb_krb5_free_data_contents() compat define (for v4-5)
      pidl:NDR/Parser: add missing {start,end}_flags() to ParseElementPrint()
      librpc/ndr: align the definition of LIBNDR_STRING_FLAGS with currently defined flags
      librpc/ndr: add LIBNDR_FLAG_IS_SECRET handling
      idl_types.h: add NDR_SECRET shortcut
      s3:librpc: let NDR_SECRETS depend on NDR_SECURITY
      s3:libads: remove unused kerberos_secrets_store_salting_principal()
      krb5_wrap: add smb_krb5_salt_principal()
      krb5_wrap: add smb_krb5_salt_principal2data()
      s3:libnet_join: remove dead code from libnet_join_connect_ads()
      s3:libnet_join: calculate r->out.account_name in libnet_join_pre_processing()
      s3:libnet_join.idl: return the domain_guid in libnet_JoinCtx
      s3:libnet_join: remember the domain_guid for AD domains
      s3:libnet_join.idl: add krb5_salt to libnet_JoinCtx
      s3:libnet_join: remember r->out.krb5_salt in libnet_join_derive_salting_principal()
      s3:libnet_join: move kerberos_secrets_store_des_salt() out of libnet_join_derive_salting_principal()
      s3:libnet_join: split libnet_join_post_processing_ads() into modify/sync
      s3:libnet_join: call do_JoinConfig() after we did remote changes on the server
      s3:libnet_join: move libnet_join_joindomain_store_secrets() to libnet_join_post_processing()
      s3:libnet_join: move kerberos_secrets_store_des_salt() to libnet_join_joindomain_store_secrets()
      s3:libads: remove kerberos_secrets_fetch_salting_principal() fallback
      s3:libads: provide a simpler kerberos_fetch_salt_princ() function
      s3:gse_krb5: simplify fill_keytab_from_password() by using kerberos_fetch_salt_princ()
      s3:libnet: make use of kerberos_secrets_fetch_salt_princ()
      s3:libads: make use of kerberos_secrets_fetch_salt_princ() in ads_keytab_add_entry()
      s3:libads: remove unused kerberos_fetch_salt_princ_for_host_princ()
      s3:secrets: move kerberos_secrets_*salt related functions to machine_account_secrets.c
      s3:secrets: rework des_salt_key() to take the realm as argument
      s3:secrets: split out a domain_guid_keystr() function
      s3:secrets: add some const to secrets_store_domain_guid()
      s3:secrets: make use of des_salt_key() in secrets_store_machine_pw_sync()
      s3:secrets: rename secrets_delete() to secrets_delete_entry()
      s3:secrets: re-add secrets_delete() helper to simplify deleting optional keys
      s3:secrets: make use of secrets_delete() in secrets_store_machine_pw_sync()
      s3:secrets: let secrets_store_machine_pw_sync() delete the des_salt_key when there's no value
      s3:secrets: replace secrets_delete_prev_machine_password() by secrets_delete()
      s3:secrets: rewrite secrets_delete_machine_password_ex() using helper variables
      s3:secrets: let secrets_delete_machine_password_ex() remove SID and GUID too
      s3:secrets: let secrets_delete_machine_password_ex() also remove the des_salt key
      s3:secrets: use secrets_delete for all keys in secrets_delete_machine_password_ex()
      s3:trusts_util: pass dcname to trust_pw_change()
      libcli/auth: pass an array of nt_hashes to netlogon_creds_cli_auth*()
      libcli/auth: add const to set_pw_in_buffer()
      libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()
      s3:trusts_util: also pass the previous_nt_hash to netlogon_creds_cli_auth()
      lsa.idl: make lsa_DnsDomainInfo [public]
      netlogon.idl: make netr_TrustFlags [public]
      netlogon.idl: use lsa_TrustType and lsa_TrustAttributes in netr_trust_extension
      secrets.idl: add secrets_domain_info that will be used in secrets.tdb for machine account trusts
      s3:secrets: add infrastructure to use secrets_domain_infoB to store credentials
      net: add "net primarytrust dumpinfo" command that dumps the details of the workstation trust
      s3:libnet: make use of secrets_store_JoinCtx()
      s3:trusts_util: make use the workstation password change more robust
      net: make use of secrets_*_password_change() for "net changesecretpw"
      s3:libads: make use of secrets_*_password_change() in ads_change_trust_account_password()
      s3:secrets: remove unused secrets_store_[prev_]machine_password()
      selftest:Samba3: call "net primarytrust dumpinfo" setup_nt4_member() after the join

Thomas Jarosch (1):
      s3: libsmb: Fix use-after-free when accessing pointer *p.

-----------------------------------------------------------------------


-- 
Samba Shared Repository

More information about the samba-cvs mailing list