[SCM] Samba Shared Repository - annotated tag tdb-1.3.14 created

Stefan Metzmacher metze at samba.org
Sun Jul 2 20:22:39 UTC 2017

The annotated tag, tdb-1.3.14 has been created
        at  fd0fc0effe9803faea43749f0f9cd97cdca2926c (tag)
   tagging  49c45fbb41f30c6a4d532039c811b43c7284e0f6 (commit)
  replaces  tevent-0.9.32
 tagged by  Stefan Metzmacher
        on  Sun Jul 2 22:22:31 2017 +0200

- Log -----------------------------------------------------------------
tdb: tag release tdb-1.3.14
Version: GnuPG v1


Amitay Isaacs (47):
      ctdb-recovery: Assign banning credits if database fails to freeze
      ctdb-recovery: Setting up of recmode should be idempotent
      ctdb-recovery: Simplify logging of recovery mode setting
      ctdb-recovery: Finish processing for recovery mode ACTIVE first
      ctdb-recovery: Get recmode unconditionally in the main_loop
      ctdb-recovery: Do not run local ip verification when in recovery
      ctdb-scripts: Don't send empty argument string to logger
      ctdb-daemon: Once database is attached, do not modify tdb flags
      ctdb-daemon: Store tdb flags just after tdb is opened in ctdb_local_attach()
      ctdb-locking: Get tdb open flags from tdb instead of re-calculating
      ctdb-daemon: Refactor calculation of tdb open flags based on database type
      ctdb-daemon: Ignore tdb open flags passed to DB attach controls
      ctdb-client: Stop sending tdb_flags with DB_ATTACH controls
      ctdb-client: Drop tdb_flags argument to ctdb_attach()
      ctdb-daemon: Drop extra boolean arguments to ctdb_local_attach()
      ctdb-protocol: Add new control to get database open flags
      ctdb-daemon: Implement DB_OPEN_FLAGS control
      ctdb-protocol: Add protocol marshalling for control DB_OPEN_FLAGS
      ctdb-client: Add sync api for control DB_OPEN_FLAGS
      ctdb-client: Add a function to get db open flags
      ctdb-client: Ask daemon for db open flags
      ctdb-client: Ask daemon for db open flags
      ctdb-client: Remove calaculation of tdb flags
      ctdb-client: Do not pass tdb open flags to db attach api
      ctdb-protocol: Do not pass tdb open flags to DB attach controls
      ctdb-tests: Fix control reply data for DB_ATTACH_PERSISTENT control
      ctdb-protocol: Add DB_OPEN_FLAGS control to debug
      ctdb-daemon: Add accessors for CTDB_DB_FLAGS_PERSISTENT flag
      ctdb-daemon: Add accessors for CTDB_DB_FLAGS_READONLY flag
      ctdb-daemon: Add accessors for CTDB_DB_FLAGS_STICKY flag
      ctdb-daemon: Store db_flags instead of individual boolean flags
      ctdb-daemon: Pass db_flags instead of passing persistent flag
      ctdb-recovery: Use db_flags instead of a boolean persistent flag
      ctdb-client: Store db_flags instead of a boolean persistent flag
      ctdb-protocol: Add CTDB_DB_FLAGS_REPLICATED for new type of database
      ctdb-daemon: Calculate tdb flags for replicated databases
      ctdb-daemon: Add accessors for CTDB_DB_FLAGS_REPLICATED flag
      ctdb-protocol: Add new control CTDB_CONTROL_DB_ATTACH_REPLICATED
      ctdb-daemon: Add implementation for CTDB_CONTROL_DB_ATTACH_REPLICATED control
      ctdb-protocol: Add marshalling for CTDB_CONTROL_DB_ATTACH_REPLICATED control
      ctdb-client: Add sync api for DB_ATTACH_REPLICATED control
      ctdb-client: Add db support for CTDB_DB_FLAGS_REPLICATED
      ctdb-tools: Allow attach for replicated databases
      ctdb-tests: Add database type option for tests
      ctdb-tests: Support replicated db in tool tests
      ctdb-tests: Generalize transaction_loop test
      ctdb-tests: Add transaction/recovery test for replicated database

Andreas Schneider (8):
      s4:torture: Do not segfault in torture_rpc_spoolss_printer_teardown_common()
      s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test
      s3:param: Allow to add usershare if uid_wrapper is loaded
      s3:tests: Add blackbox test for 'net usershare'
      selftest: Do *NOT* flush the complete gencache!
      s3:tests: Do *NOT* flush the complete gencache!
      s3:winbind: Move debug statement into the error handling
      nsswitch: Add ad_member tests for wbinfo --domain-info and --dc-info

Andrew Bartlett (12):
      smbtorture: Add more tests around NETLOGON challenge reuse
      s4-netlogon: Provide logs for machine account success and failures
      s4-netlogon: Escape user-supplied computer name in Bad credentials log line
      debug: new debug class for kerberos
      selftest: Allow selftest.pl to run just some environments
      autobuild: Use new selftest.pl feature to run only some environments
      travis-ci: Also build samba-systemkrb5
      dsdb: Add a dummy module to replace show_deleted
      drsuapi: Improve debugging in DsAddEntry()
      tdb: Remove locking from tdb_traverse_read()
      tdb: Improve documentation for tdb_transaction_start()
      tdb: Add new function tdb_transaction_active()

Bernhard M. Wiedemann via samba-technical (1):
      docs-xml: Sort input file list

Björn Baumbach (2):
      waf:lib/replace: Fix building with older GCC versions
      build: fix build of vfs_posix_eadb module

Daniel Kobras (1):
      s3: smbd: fix regression with non-wide symlinks to directories over SMB3.

Douglas Bagnall (8):
      perftest: add a new medley test
      add provision performance tests
      python/getopt: -d/--debuglevel saves value in options for scripts
      waf/wafadmin/3rdparty: fix paranoid.py variable names
      samba_kcc: avoid crash on odd networks with --dot-file-dir
      third_party/dnspython: fix variable name in dnssec
      samba_kcc: comment typo
      samba_kcc: drop all connections from non-existent DSAs

Garming Sam (5):
      samba_kcc: debugging: say intrasite when we mean intrasite
      show-deleted: Do not indicate an error if an object is missing.
      show-deleted: Remove an unnecessary search during connect
      show-deleted: Simplify the code to require as little logic as needed
      show-deleted: Rename attr_filter to exclude_filter for clarity

Gary Lockyer (1):
      tests py_credentials: Fix encrypt_netr_crypt_password test

Jeremy Allison (7):
      s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3.
      s3: VFS: Change SMB_VFS_CHDIR to use const struct smb_filename * instead of const char *.
      s3: VFS: Change SMB_VFS_GETWD to return struct smb_filename * instead of char *.
      s3: VFS: Change SMB_VFS_REALPATH to take and return struct smb_filename * instead of char *.
      s3: smbd: Add missing out of memory check.
      S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack.
      s3: VFS: Change SMB_VFS_CONNECTPATH to take const struct smb_filename * instead of const char *.

Karolin Seeger (1):
      WHATSNEW: Fix typo...

Michael Saxl (1):
      s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()

Ralph Boehme (1):
      s4:auth_winbind: remove a block nesting level and fix indentation

Richard Sharpe (1):
      Bug 15852. There are valid paths where conn->lsa_pipe_tcp->transport is NULL. Protect against this.

Stefan Metzmacher (121):
      pidl:NDR/Parser: fix "skip" for pointers
      pidl:NDR/Parser: add "skip_noinit" element
      ntprinting.idl: make use of [skip_noinit] for string_flags
      pidl:NDR/Parser: initialize [skip] values in ndr_pull_*
      s3:smbd: only set user_info->auth_description on success
      s3:smbd: inline check_guest_password() into reply_sesssetup_and_X()
      s3:smbd: introduce a reply_sesssetup_and_X_state
      s3:smbd: call auth_check_password_session_info() only in one central place
      s4:auth/unix_token: remove unused tevent_context from security_token_to_unix_token()
      s4:auth/unix_token: remove unused tevent_context from auth_session_info_fill_unix()
      s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_name_to_nt4_name()
      s4:dsdb/samdb: pass an existing 'struct ldb_context' to crack_auto_name_to_nt4_name()
      auth/ntlmssp: remove useless talloc_steal calls in ntlmssp_server_check_password()
      auth/ntlmssp: make ntlmssp_server_check_password() shorter
      auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case
      s3:test_smbclient_basic.sh: make use of $ADDARGS
      s3:test_smbclient_basic.sh: make use of $incdir/common_test_fns.inc
      s3:selftest: run test_smbclient_basic.sh against nt4_dc_schannel with various protocols
      selftest: run nt4_dc_schannel with 'server max protocol = SMB2_02'
      s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"
      pidl:NDR/Parser: add missing {start,end}_flags() to ParseElementPrint()
      librpc/ndr: align the definition of LIBNDR_STRING_FLAGS with currently defined flags
      librpc/ndr: add LIBNDR_FLAG_IS_SECRET handling
      idl_types.h: add NDR_SECRET shortcut
      s3:librpc: let NDR_SECRETS depend on NDR_SECURITY
      s3:libads: remove unused kerberos_secrets_store_salting_principal()
      krb5_wrap: add smb_krb5_salt_principal()
      krb5_wrap: add smb_krb5_salt_principal2data()
      s3:libnet_join: remove dead code from libnet_join_connect_ads()
      s3:libnet_join: calculate r->out.account_name in libnet_join_pre_processing()
      s3:libnet_join.idl: return the domain_guid in libnet_JoinCtx
      s3:libnet_join: remember the domain_guid for AD domains
      s3:libnet_join.idl: add krb5_salt to libnet_JoinCtx
      s3:libnet_join: remember r->out.krb5_salt in libnet_join_derive_salting_principal()
      s3:libnet_join: move kerberos_secrets_store_des_salt() out of libnet_join_derive_salting_principal()
      s3:libnet_join: split libnet_join_post_processing_ads() into modify/sync
      s3:libnet_join: call do_JoinConfig() after we did remote changes on the server
      s3:libnet_join: move libnet_join_joindomain_store_secrets() to libnet_join_post_processing()
      s3:libnet_join: move kerberos_secrets_store_des_salt() to libnet_join_joindomain_store_secrets()
      s3:libads: remove kerberos_secrets_fetch_salting_principal() fallback
      s3:libads: provide a simpler kerberos_fetch_salt_princ() function
      s3:gse_krb5: simplify fill_keytab_from_password() by using kerberos_fetch_salt_princ()
      s3:libnet: make use of kerberos_secrets_fetch_salt_princ()
      s3:libads: make use of kerberos_secrets_fetch_salt_princ() in ads_keytab_add_entry()
      s3:libads: remove unused kerberos_fetch_salt_princ_for_host_princ()
      s3:secrets: move kerberos_secrets_*salt related functions to machine_account_secrets.c
      s3:secrets: rework des_salt_key() to take the realm as argument
      s3:secrets: split out a domain_guid_keystr() function
      s3:secrets: add some const to secrets_store_domain_guid()
      s3:secrets: make use of des_salt_key() in secrets_store_machine_pw_sync()
      s3:secrets: rename secrets_delete() to secrets_delete_entry()
      s3:secrets: re-add secrets_delete() helper to simplify deleting optional keys
      s3:secrets: make use of secrets_delete() in secrets_store_machine_pw_sync()
      s3:secrets: let secrets_store_machine_pw_sync() delete the des_salt_key when there's no value
      s3:secrets: replace secrets_delete_prev_machine_password() by secrets_delete()
      s3:secrets: rewrite secrets_delete_machine_password_ex() using helper variables
      s3:secrets: let secrets_delete_machine_password_ex() remove SID and GUID too
      s3:secrets: let secrets_delete_machine_password_ex() also remove the des_salt key
      s3:secrets: use secrets_delete for all keys in secrets_delete_machine_password_ex()
      s3:trusts_util: pass dcname to trust_pw_change()
      libcli/auth: pass an array of nt_hashes to netlogon_creds_cli_auth*()
      libcli/auth: add const to set_pw_in_buffer()
      libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()
      s3:trusts_util: also pass the previous_nt_hash to netlogon_creds_cli_auth()
      lsa.idl: make lsa_DnsDomainInfo [public]
      netlogon.idl: make netr_TrustFlags [public]
      netlogon.idl: use lsa_TrustType and lsa_TrustAttributes in netr_trust_extension
      secrets.idl: add secrets_domain_info that will be used in secrets.tdb for machine account trusts
      s3:secrets: add infrastructure to use secrets_domain_infoB to store credentials
      net: add "net primarytrust dumpinfo" command that dumps the details of the workstation trust
      s3:libnet: make use of secrets_store_JoinCtx()
      s3:trusts_util: make use the workstation password change more robust
      net: make use of secrets_*_password_change() for "net changesecretpw"
      s3:libads: make use of secrets_*_password_change() in ads_change_trust_account_password()
      s3:secrets: remove unused secrets_store_[prev_]machine_password()
      selftest:Samba3: call "net primarytrust dumpinfo" setup_nt4_member() after the join
      s4:password_hash: make use of smb_krb5_salt_principal() and smb_krb5_salt_principal2data()
      auth/credentials: make use of smb_krb5_salt_principal() in cli_credentials_get_keytab()
      auth/credentials: remove unused smb_krb5_create_salt_principal()
      s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()
      s3:smb2_create: remove unused timer pointer from smbd_smb2_create_state
      s3:test_smbclient_s3.sh: improve the error handling
      s3:smbclient: remove unreliable Domain=[...] OS=[Windows 6.1] Server=[...] banner
      s3:libsmb: remove unused show_sessetup handling from do_connect()
      s3:libsmb: remove unused 'bool show_hdr' from cli_cm_connect()
      s3:libsmb: remove unused 'bool show_hdr' from cli_cm_open()
      WHATSNEW: document the new smbclient banner
      s3:selftest: also run test_smbclient_s3.sh with PROTO=SMB3
      s3:test_acl_xattr.sh: allow passing additional arguments for smbclient and smbcacls
      Revert "s3:test_acl_xattr.sh: use -mNT1 for the 'getfacl' commands"
      s3:test_acl_xattr.sh: add more assertion about the expected output.
      s3:selftest: run samba3.blackbox.acl_xattr with NT1 and SMB3
      s3:selftest: run samba3.blackbox.inherit_owner tests with NT1 and SMB3
      s3:selftest: run samba3.blackbox.large_acl tests with NT1 and SMB3
      s3:selftest: run samba3.blackbox.smbclient_tar* tests with NT1 and SMB3
      s3:selftest: also run samba3.blackbox.smbclient_krb5 with the new ccache
      s3:test_smbclient_posix_large.sh: there's no posix test to rename to test_smbclient_large_file.sh
      s3:selftest: run samba3.blackbox.smbclient_large_file (NTLM) with NT1 and SMB3
      param: change the effective default for "client max protocol" to the latest supported protocol
      WHATSNEW: document "client max protocol" change to SMB3_11
      s4:auth_winbind: fix error checking in winbind_check_password()
      s4:auth_winbind: rename 's' to 'state' in winbind_check_password()
      s4:auth/ntlm: move auth_check_password_wrapper() further down
      s4:auth/ntlm: introduce auth_check_password_next()
      s4:auth/ntlm: allow auth_operations to specify check_password_send/recv()
      auth/spnego: make use of data_blob_null instead of using data_blob(NULL, 0)
      auth/spnego: move gensec_spnego_update_wrapper() into gensec_spnego_update_send()
      auth/spnego: set state_position = SPNEGO_DONE in gensec_spnego_update_cleanup()
      auth/spnego: move gensec_spnego_update_in() after gensec_spnego_update_send()
      auth/spnego: move some more logic to gensec_spnego_update_in()
      auth/spnego: move gensec_spnego_update_out() behind gensec_spnego_update_in()
      auth/spnego: rename spnego_state->no_response_expected to ->sub_sec_ready
      auth/spnego: consitently set spnego_state->sub_sec_ready = true after gensec_update_ev()
      auth/spnego: remove useless spnego_state->sub_sec_ready check
      auth/spnego: add gensec_spnego_update_sub_abort() helper function
      auth/spnego: remove unused out_mem_ctx = spnego_state fallback in gensec_spnego_update()
      auth/spnego: split out gensec_spnego_update_{client,server}() functions
      auth/spnego: move gensec_spnego_update() into gensec_spnego_update_send()
      auth/spnego: do basic state_position checking in gensec_spnego_update_in()
      wafsamba: add maxversion and version_blacklist to CHECK_BUNDLED_SYSTEM[_PKG]()
      tdb: version 1.3.14

Volker Lendecke (3):
      net: Dump data for net_g_lock dump
      lib: Give util_paths.c its own header
      lib: Use ctdb_protocol instead of ctdb_private


Samba Shared Repository

More information about the samba-cvs mailing list