[SCM] Samba Shared Repository - annotated tag ldb-1.1.30 created

Stefan Metzmacher metze at samba.org
Fri Jun 2 10:30:43 UTC 2017


The annotated tag, ldb-1.1.30 has been created
        at  762f316aa8eda21e01e4da306338a2278ae4c1a7 (tag)
   tagging  13e09c72cd41cd5cd44bd9e4e27df8e0e1d47379 (commit)
  replaces  tdb-1.3.13
 tagged by  Stefan Metzmacher
        on  Fri Jun 2 12:30:31 2017 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.1.30
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAABAgAGBQJZMT5HAAoJEEeTkWETCEAludAIAI6RC63NCOtfYpQiT7VEi/J4
0VVQ2aHiDlYNK8Lva3IDVqwSjnh8lCkTJgYs47weeYSmPO5f1PMeC4F/3+BijvOV
vsmfHIULW3JDr3fi73UivwtXf1LsN+/mJWEIIzetQHyz/ZA5F2EFz9dnID1U2a9b
DSt5VPfEVBpkb9BqXQJXdA1LaH65wcJmSIqqUl9ejJT6K34+p1mwnlx4602qctf4
MdoV2JfILi23uQS+OoEUlA3F5/T3Coh4spiwhiu2P1ePZ03gD1Y64pU4RmW4JjCK
nEON2crrP81O8rR4UuEMu3fypqlFOzIlK2CGsxDz2BQHgnGcZyJHC8XM33NQmJE=
=sTW1
-----END PGP SIGNATURE-----

Alexander Bokovoy (2):
      systemd: fix detection of libsystemd
      libads: abstract out SASL wrapping code

Amitay Isaacs (16):
      ctdb-logging: Initialize DEBUGLEVEL before changing the value
      ctdb-tests: Explicitly search for the specific log entry
      ctdb-tests: Use tighter pattern for matching expected output
      Revert "ctdb-readonly: Avoid a tight loop waiting for revoke to complete"
      ctdb-readonly: Avoid a tight loop waiting for revoke to complete
      wafsamba: Allow to specify VERSION file path
      ctdb-build: Simplify generation of version header files
      ctdb-packaging: Remove mkversion.sh script
      ctdb-keepalive: Move ctdb_send_keepalive() to ctdb_keepalive.c
      ctdb-daemon: Do not allow mixed ctdb versions in a cluster
      ctdb-daemon: Add AllowMixedVersions tunable
      ctdb-common: Update run_proc api to re-assign stdin
      ctdb-common: Add run_event abstraction
      ctdb-eventd: Use run_event abstraction
      ctdb-eventd: Avoid passing NULL pointer to printf( %s )
      ctdb-tools: Always exit with positive return value

Andreas Schneider (73):
      s4:selftest: Only run auth_log tests with Heimdal
      s4:torture: Fix the remote_pac test
      testprogs: Add common kinit function
      s3-tests: Use common functions in test_smbclient_netbios_aliases.sh
      samba_dnsupdate: Do not rewrite krb5.conf in selftest
      mit-kdb: Zero the db principal when we allocate it
      waf: Require MIT Kerberos 1.15.1 for Samba AD
      mit-kdb: Update KDB vtable for DAL version 6
      waf: Check for MIT KDC binary
      param: Add 'mit kdc command' to change the default.
      s4-kdc: Add a MIT Kerberos KDC service
      s4-kdc: Add MIT KRB5 based irpc service for PAC validation
      s4-kdc: Register the MIT irpc PAC validation service
      param: Add 'mit kdc config' option to smb.conf
      waf: Do not disable the ntvfs fileserver when we have MIT DC build
      selftest: Start MIT KDC if Kerberos is from MIT
      selftest: Disable RODC tests with MIT KDC
      selftest: Setup configs for MIT KDC
      selftest: Set clockskew grace time to 5 seconds
      testprogs: Fix test_chgdcpass blackbox test with MIT
      testprogs: Fix usage printout of bogus blackbox test
      s4-torture: Fix kinit of samba4.blackbox.locktest
      testprogs: Add test_kinit_mit.sh test
      testprogs: Add a kinit trust test for MIT KDC
      testprogs: Add test with exported keytab from samba-tool
      waf: Only build KRB5 KDC tests when AD_DC build is enabled
      s4-torture: Add KDC test harness and first test
      s4-torture: Add TORTURE_KRB5_TEST_PAC_REQUEST test
      s4-torture: Add TORTURE_KRB5_TEST_BREAK_PW test
      s4-torture: Add TORTURE_KRB5_TEST_CLOCK_SKEW test
      s4-torture: Add AES and RC4 enctype checks
      s4-kdc: Add MIT Kerberos specific kpasswd code
      waf: Search for MIT kadm-server library
      s4-kdc: Start the kpasswd service with MIT KDC
      testprogs: Add MIT Kerberos specific kpasswd blackbox test
      selftest: Skip s4u2proxy tests, no support yet
      waf: Create kerberos_implementation.py for provisioning
      selftest: Add a variable to indicate that selftest is running
      python: Add py_is_heimdal_built() to pyglue
      python: Add provisioning support for MIT KDC in samba-tool
      waf: Move python build instructions to wscript
      s4-torture: Fix reauth tests with smaller clockskew grace time
      s4-kdc: Fix logging with the KDB driver
      s4-kdc: Implement mit_samba_get_pac()
      s4-kdc: Use mit_samba_get_pac() in ks_get_pac()
      mit-samba: Remove unused mit_samba_get_pac_data()
      s4-pac-glue: Do not add an empty PAC_TYPE_LOGON_NAME with MIT
      s4-kdc: Implement mit_samba_reget_pac()
      s4-kdc: Use mit_samba_reget_pac() in ks_verify_pac()
      mit-samba: Remove obsolete mit_samba_update_pac_data()
      mit_samba: Fix principal lookup for cross domain referral
      WHATSNEW: Give the 'strict sync' change a header line
      WHATSNEW: Add Samba AD with MIT Kerberos
      s3:printing: Change to GUID dir if we deal with COPY_FROM_DIRECTORY
      smbtorture:spoolss: Rename the copy_from_directory test for 64bit
      smbtorture:spoolss: Add a 32bit test for copy_from_directory
      samba-tool: Rename Samba4 to Samba AD
      s4:tls: Do not use deprecated GnuTLS types
      packaging: Remove setup script for SWAT
      packaging: Remove LSB packaging
      packaging: Remove SWAT references from RHEL-CTDB
      packaging: Remove SWAT references from RHEL
      packaging: Remove SWAT references from Solaris
      testprogs: Add 'net rpc user' test against AD DC
      librpc:ndr: Set the length to 1 if we assign and empty string
      s3:winbind: Use a talloc stackframe for rpc_query_user_list
      ldb-samba: Fix a possible NULL pointer dereference
      lib: Update pam_wrapper to 1.0.4
      python: Do not use the glue code directly
      python: Create the kdc.conf in the Samba private directory
      Revert "param: Add 'mit kdc config' option to smb.conf"
      s3:smbd: Pass down remote and local address to get_referred_path()
      s3:smbd: Set up local and remote address for fake connection

Andrew Bartlett (35):
      ldb: Add some tests to clarify the current iterator behaviour
      ldb: Add test for transaction deadlock detected when waiting for a search
      ldb: Do not use mktemp() nor leak files into /tmp during api.py test
      selftest: Actually run python3 tests during the selftest
      tdb: Improve debugging when the allrecord lock fails to upgrade
      ldb_tdb: Provide better debugging on prepare_commit failures
      ldb_tdb: Provide better debugging on end_trans failures
      ldb_tdb: Call talloc_free(options_dn) as soon as we are done with options_dn
      dsdb: Take out the transaction and prepare_commit locks in the same order
      dsdb: Do not write the @INDEXLIST or @ATTRIBUTES records during schema refresh
      dsdb: Do not search the sam.ldb file when trying to search all partitions
      pynet: Add a hook to decrypt one attribute
      ldb_tdb: Split index load out into a sub-funciton: ltdb_index_load
      ldb_tdb: change the arguments to ldb_is_indexed() to provide the ltdb_private
      ldb_tdb: consistently use ltdb->cache->attribute_indexes to determine if we have indexes
      ldb: Allow a caller (in particular Samba) to handle the list of attributes with an index
      ldb_tdb: Avoid reading the index list from the DB if we are already set to override it
      ldb: Move test_ldb_attrs_case_insensitive closer to setup/teardown functions
      ldb: Add tests for the schema and index override hooks
      ldb: Add ldb_build_req_common() helper function
      ldb: Add ldb_handle_get_event_context()
      ldb: Add ldb_set_require_private_event_context()
      ldb: Create private event contexts in top level requests, chain to children
      ldb: Force use of a private event context in ldb_tdb
      ldb: Use the private event context in ldb_tdb and ldb_wait()
      ldb: Add ldb_handle_use_global_event_context()
      ldb: Add tests for new ldb handle and event context behaviour
      ldb: Add test for ldb_build_search_req()
      ldb: Add Doxygen comments for ldb_req_*trusted() functions
      ldb: Add Doxygen docs for ldb_schema_attribute_set_override_handler
      ldb: Add Doxygen docs for ldb_schema_set_override_indexlist()
      ldb: Add Doxygen docs for ldb_handle_get_event_context()
      ldb: Add Doxygen docs for ldb_set_require_private_event_context()
      ldb: Add Doxygen documentation for ldb_handle_use_global_event_context()
      ldb: Version 1.1.30

Aurelien Aptel (3):
      vfs: add parameter to copy chunk VFS function to handle dup_extents
      smbd/smb2_ioctl: add support for FSCTL_DUPLICATE_EXTENTS_TO_FILE
      vfs_btrfs: report FILE_SUPPORTS_BLOCK_REFCOUNTING capability

Christian Ambach (3):
      waf: Improve log errors for MIT build
      s3:winbindd:idmap_autorid remove a stray comment
      s3:smbcacls add prompt for password

Christof Schmitt (7):
      testprogs: Ignore escape characters when printing test name
      ctdb: Print key as hex string instead of just the hash in hot record message
      net: Add net tdb command to print information from tdb records
      docs-xml: Document net tdb command
      selftest: Make lockdir available in test environment
      selftest: Add test for 'net tdb' command
      WHATSNEW: Add new 'net tdb locking' command

David Disseldorp (9):
      packaging: Remove Mandrake
      torture/ioctl: fix dup_extents destination truncate
      torture/ioctl: expect dup_extents(dest=compressed) to pass
      smbd/smb2_ioctl: check for for overlap of dup extent ranges
      smbd/smb2_ioctl: check sparseness for dup extents
      smbd/smb2_ioctl: validate dup_extent request lengths
      vfs: add VFS_COPY_CHUNK_FL_IGNORE_LOCKS for dup extents
      smbd/smb2_ioctl: instruct VFS to ignore locks for dup extents
      selftest: enable alternate streams for fs_specific share

David Disseldorp via samba-technical (1):
      smbd/smb2_ioctl: check for NULL dst_fsp before use

Doug Nazar (1):
      s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array.

Garming Sam (26):
      samba-tool/spn: Add a missing newline to error message
      tests/password_lockout: Remove unused users from base
      libads: Check cldap flags in libads/ldap
      winbindd_cm: Add new parameter for dcip_to_name
      winbindd_cm: Add new parameter to getdc and find_new_dc calls
      winbindd_cm: Rename dcip_to_name to the more accurate dcip_check_name
      winbindd_cm: Call dcip_check_name even when fetching from cache
      winbindd_cm: Pass cm_open_connection the need_rw_dc flag
      libads: Decide to have no fallback option
      auth4: Add authoritative flag to check_password
      winbindd: Do not run SAM auth stack in winbind SamLogon
      auth_winbind: Allow badPwdCount to be set to 0 with this auth method
      tests/rodc: Test for NTLM wrong password forwarding
      rodc: Set non-authoritative for RODC bad passwords
      auth_sam: Make auth_sam_trigger_repl_secret more generic
      hdb: Dupe a copy of repl secrets into the KDC
      kdc: Send bad password via NETLOGON in RODC
      netlogon_creds_cli: Do not corrupt authenticator state on application level errors
      netlogon: Implement SendToSam along with its winbind forwarding
      selftest: Ensure rodc environment uses localdc as winbind partner
      tests/rodc: Add password lockout tests with RODC-auth, RWDC-check
      tests/rodc: Check SID restriction for SendToSam
      netlogon: Add necessary security checks for SendToSam
      rpc_server: Move SID helpers into common
      getncchanges: Do not filter EXOPs using highwatermark
      tests/rodc: Check that new passwords trigger wiping on RODC

Gary Lockyer (23):
      source3 smbd: tests for null pointer dereference
      source3 smdb: fix null pointer dereference
      samba-tool user: Tests for virtualWDigest attributes
      samba-tool user: Support for virtualWDigest attributes
      samba-tool tests: Tests for virtualCryptSHAxxx rounds
      samba-tool user: add rounds option to virtualCryptSHAxxx
      idl drsblobs: add the blobs required for Primary:userPassword
      tests password_hash: remove unused import
      tests password_hash: fix white space issues
      docs: configuration options for extra password hashes
      tests password_hash: add tests for Primary:userPassword
      password_hash: generate and store Primary:userPassword
      samba-tool tests: add tests for userPassword
      samba-tool add support for userPassword
      tests password_hash: update array indexes for readabliity
      tests password_hash: Add ldap based tests for WDigest
      auth_log: Add test that execises the SamLogon python bindings
      auth pycredentials: correct docstring of get_ntlm_response method
      auth pycredentials: incorrect PyArg_ParseTupleAndKeywords call
      source4 rpc: binding.c enable DCERPC_SCHANNEL_AUTO for schannel connections
      tests net_join: use private secrets database.
      source4/provision: fix talloc_steal on unallocated memory
      libnet join: Fix error handling on provision_store_self_join failure

G√ľnther Deschner (29):
      s4-torture: disable s4u2self/proxy remote pac tests for MIT build for now.
      s3-rpcclient: Fix enumdata spoolss display of REG_DWORD
      s3-gpo: Fix build of scripts CSE
      s3-gpo: Build scripts, security and registry CSE with --enable-developer
      s3-rpc_cli: add winreg_get_core_driver()
      s3-spoolss: add winreg_get_core_driver_internal()
      s3-rpc_cli: add winreg_add_core_driver()
      s3-spoolss: add winreg_add_core_driver_internal()
      s3-rpc_cli: add winreg_add_driver_package()
      s3-spoolss: add winreg_add_driver_package_internal()
      s3-rpc_cli: add winreg_get_driver_package()
      s3-spoolss: add winreg_get_driver_package_internal()
      s3-rpc_cli: add winreg_del_driver_package()
      s3-spoolss: add winreg_del_driver_package_internal()
      s3-gpo: Fix CID #1405972 Resource leak
      s3-auth: remove some dead prototypes
      s3-passdb: remove some dead prototypes
      lib/krb5_samba: remove some dead prototypes
      s3-smbd: remove some dead prototypes
      s3-winbindd: remove some dead prototypes
      s3-lib: remove some dead prototypes
      s3-libsmb: remove some dead prototype
      s3-proto: remove some dead prototypes
      s3-rpc_server: remove some dead prototypes
      s4-rpc_server: remove some dead prototypes
      s4-auth: remove some dead prototypes
      s4-libcli: remove some dead prototypes
      s4-lib/policy: remove some dead prototypes
      s3-lib/idmap_cache: remove some dead prototypes

Jeremy Allison (71):
      s4: torture: samr: Add test for dcesrc_lsa_valid_AccountRight change.
      s4: torture: Create a top level talloc contxt.
      s4: torture: Add a TALLOC_CTX * to torture_parse_target().
      s4: torture: Pass the new talloc context into torture_init().
      s4: torture: Change torture_register_suite() to add a TALLOC_CTX *.
      s4: torture: Pass TALLOC_CTX * to torture_delay_write().
      s4: torture: Add TALLOC_CTX * to torture_winbind_init().
      s4: torture: Add TALLOC_CTX * to torture_smb2_acls_init().
      s4: torture: Add TALLOC_CTX * to torture_smb2_compound_find_init() and torture_smb2_compound_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_create_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_crediting_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_doc_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_dir_init().
      s4: torture: Add TALLOC_CTX * to torture_smb2_durable_open_disconnect_init(), torture_smb2_durable_open_init()
      s4: torture: Add TALLOC_CTX * to torture_smb2_durable_v2_open_init().
      s4: tortute: Add a TALLOC_CTX * to torture_smb2_ioctl_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_lease_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_lock_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_notify_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_notify_disabled_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_oplocks_init(), torture_smb2_kernel_oplocks_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_read_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_rename_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_replay_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_scan_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_session_init().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_streams_init().
      s4: torture: Add a TALLOC_CTX * to torture_acl_xattr().
      s4: torture: Add a TALLOC_CTX * to torture_vfs_fruit(), torture_vfs_fruit_netatalk(), torture_vfs_fruit_file_id()
      s4: torture: Add a TALLOC_CTX * to torture_winbind_struct_init().
      s4: torture: Add a TALLOC_CTX * to torture_test_delete().
      s4: torture: Add a TALLOC_CTX * to torture_smb2_getinfo_init().
      s4: torture: Use a named TALLOC_CTX in masktest instead of talloc_autofree_context().
      s4: torture: Remove talloc_autofree_context() from locktest.
      s4: torture: Remove talloc_autofree_context() from gentest.
      s4: torture: Remove the last talloc_autofree_context() from source4/torture/*.c
      pidl: Fix Coverity warnings from duplicate NULL checks.
      s3: popt: When using a global variable, don't hide it by helper locals.
      s3: popt: Add utility functions popt_get_cmdline_auth_info(), popt_free_cmdline_auth_info().
      s3: client tools. Remove direct access to struct user_auth_info *cmdline_auth_info.
      s3: client tools: Call popt_free_cmdline_auth_info() on all normal exits.
      s3: popt: Change to NULL from talloc_autofree_context() now we correctly free on exit.
      s4: auth: Add TALLOC_CTX * to auth_register()
      s4: auth: Remove a talloc_autofree_context() use.
      s4: Add TALLOC_CTX * to register_server_service().
      s4: popt: Add set/get/free functions for cmdline_credentials.
      s4: popt: Global replace of cmdline_credentials -> popt_get_cmdline_credentials().
      s4: popt: Make cmdline_credentials static.
      s4: popt: Change from talloc_autofree_context() to NULL context.
      s4: torture: Remove use of local variables that are simply mirroring popt_get_cmdline_credentials().
      s4: ntvfs: Add a TALLOC_CTX * paramter to pvfs_acl_register()
      s4: ntvfs: Add a TALLOC_CTX * to sys_lease_register().
      s4: ntvfs: Add a TALLOC_CTX * to sys_notify_register().
      gensec: Add a TALLOC_CTX * to gensec_register().
      s4: client: Allocate event context off struct smbclient_context *, not talloc_autofree_context().
      s4: cifsdd: Allocate the event context off NULL, not talloc_autofree_context().
      s4: nmblookup: Allocate event context off NULL instead of talloc_autofree_context().
      s3: smbd: Fix open_files.idl to correctly ignore share_mode_lease *lease in share_mode_entry.
      s3: smbd: Remove bool dfs_pathnames paramter from resolve_dfspath_wcard().
      s3: smbd: Remove ugly use of discard_const that previously was hidden in resolve_dfspath_wcard().
      s3: smbd: Make it clear we only overwrite *ppath_contains_wcard if resolve_dfspath_wcard() detected a wildcard.
      s3: smbd: Split out ucf_flags_from_smb_request() from filename_create_ucf_flags().
      s3: smbd: Always use ucf_flags_from_smb_request() in place of checking by hand (in most cases).
      s3: smbd: In ntrename OR in ucf_flags, don't overwrite.
      s3: smbd: Add UCF_DFS_PATHNAME which tracks the flags2 FLAGS2_DFS_PATHNAMES bit.
      s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert().
      s3: smbd: Fix up the ucf_flags correctly in smb_file_rename_information().
      s3: smbd: Add UCF_GMT_PATHNAME, which represents FLAGS2_REPARSE_PATH.
      s3: smbd: Correctly identify a snapshot path using UCF_GMT_PATHNAME.
      s3: VFS: Catia: Ensure path name is also converted.
      s3: VFS: Fruit. Move to using struct smb_filename instead of char * paths.

Karolin Seeger (2):
      docs: Rename Samba3-Developers-Guide to Samba-Developers-Guide
      docs: Remove old docs.

Martin Schwenke (3):
      ctdb-tools: Stop "ctdb nodestatus" from always showing all nodes
      ctdb-tools: "ctdb nodestatus" should only display header for "all"
      ctdb-tests: Add some extra tests for "ctdb nodestatus"

Peter Somogyi (1):
      SMB_INFO_ALLOCATION: return with UINT32_MAX rather than cutting at 4 bytes

Petr Viktorin (2):
      python3: Use "y#" instead of "s#" for binary data in PyArg_ParseTuple
      python3:tests: Fix Python 3 test issues

Ralph Boehme (18):
      Revert "lib/util: make use of tfork in samba_runcmd_send()"
      s3/locking: add const to fsp_lease_type
      s3/locking: helper functions for lease types
      s3/smbd: update exclusive oplock optimisation to the lease area
      s3/smbd: update exclusive oplock optimisation to the lease area
      s3/dbwrap_ctdb: set async_ctx to initialized
      s3/dbwrap_ctdb: free resources in an error code path
      vfs_streams_xattr: add pread_send/recv and pwrite_send/recv
      vfs_fruit: add pread_send/recv and pwrite_send/recv
      lib/torture: add two more ndr assert macros
      s4/torture: smb2.ioctl: add src and dst path args to test_setup_copy_chunk
      s4/torture: smb2.ioctl: add copy-chunk test with stream to smb2.ioctl
      s4/torture: vfs_fruit: add src and dst path args to test_setup_copy_chunk
      s4/torture: vfs_fruit: test copy-chunk on streams
      s3/locking: make find_share_mode_entry public
      s3/smbd: fix exclusive lease optimisation
      s4/torture: test for bug 12798
      s4/torture: add a leases test with stat open

Stefan Metzmacher (69):
      samba-tool: let 'samba-tool user syncpasswords' report deletions immediately
      samba-tool: fix log message of 'samba-tool user syncpasswords'
      auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case
      auth/gensec: call gensec_verify_features() also after update_recv() in gensec_update_ev()
      s3:libsmb: don't rely on gensec_session_key() to work on an unfinished authentication
      s4:smb_server: avoid using gensec_update_ev() for the negotiate blob
      selftest: let fl2003dc use "dcesrv:header signing = no"
      s3:gse: always announce GENSEC_FEATURE_SIGN_PKT_HEADER support.
      s4:gensec_gssapi: always announce GENSEC_FEATURE_SIGN_PKT_HEADER
      auth/spnego: always announce GENSEC_FEATURE_SIGN_PKT_HEADER support.
      auth/gensec: add some basic doxygen comments for gensec_{want,have}_feature()
      s3:cli_pipe: ask for GENSEC_FEATURE_SIGN_PKT_HEADER after the gensec_update() dance
      s3:rpc_server: move gensec_update() out of auth_generic_server_authtype_start*()
      s4:librpc: ask for GENSEC_FEATURE_SIGN_PKT_HEADER after the gensec_update() dance
      s4:rpc_server: simplify the GENSEC_FEATURE_SIGN_PKT_HEADER logic
      auth/gensec: make gensec_start_mech() static
      auth/gensec: reset existing context on gensec_start_mech()
      auth/gensec: add gensec_child_* helper functions
      auth/spnego: let spnego.c use the new gensec_child_* helper functions
      auth/spnego: make sure a fatal error or the final success make the state as SPNEGO_DONE
      s4:gensec/http_ntlm: add implement gensec_http_ntlm_update_send/recv()
      s4:gensec/http_basic: add simple gensec_http_basic_update_send/recv() wrapper functions
      s3:gse: add simple gensec_gse_update_send/recv() wrapper functions
      s4:gensec_gssapi: add simple gensec_gssapi_update_send/recv() wrapper functions
      s4:gensec_krb5: add simple gensec_krb5_update_send/recv() wrapper functions
      auth/ntlmssp: remove mem_ctx=NULL handling from gensec_ntlmssp_update()
      auth/ntlmssp: avoid using NT_STATUS_NOT_OK_RETURN() in gensec_ntlmssp_update()
      auth/ntlmssp: remove unused variable from gensec_ntlmssp_update()
      auth/ntlmssp: rename 'input' to 'in' in gensec_ntlmssp_update()
      auth/ntlmssp: make gensec_ntlmssp_update() static
      auth/ntlmssp: add implement gensec_ntlmssp_update_send/recv()
      auth/spnego: add simple gensec_spnego_update_send/recv() wrapper functions
      auth/gensec: remove the sync update() hook from gensec_security_ops
      auth/gensec: avoid using a state->subreq pointer
      auth/gensec: improve NT_STATUS_MORE_PROCESSING_REQUIRED logic in gensec_update_*()
      auth/gensec: make sure there's only one pending gensec_update_send() per context
      s4:auth: split out a samba_server_gensec_start_settings() helper function
      s4:auth: add samba_server_gensec_krb5_start()
      s4:dns_server: use samba_server_gensec_krb5_start() and gensec_update() in dns_query.c
      s4:dlz_bind9: assert SPNEGO/KRB5 and use gensec_update()
      s4:kdc: make use of gensec_update() in kpasswd_process()
      s4:rpc_server: introduce call->ack_pkt and avoid pkt variable for the response on the stack
      s4:rpc_server: add wait_send/recv infrastructure
      s4:rpc_server: split out dcesrv_auth_complete() from dcesrv_auth_bind_ack()
      s4:rpc_server: make use of dcesrv_auth_complete() in dcesrv_auth_alter_ack()
      s4:rpc_server: prepare dcesrv_auth_complete() for AUTH3
      s4:rpc_server: make use of dcesrv_auth_complete() in dcesrv_auth_auth3()
      s4:rpc_server: split out dcesrv_auth_prepare_bind_ack()
      s4:rpc_server: split out dcesrv_auth_prepare_auth3()
      s4:rpc_server: split out dcesrv_auth_prepare_alter_ack()
      s4:rpc_server: remove useless TALLOC_FREE(call->context) from dcesrv_bind()
      s4:rpc_server: split out dcesrv_auth_reply() from dcesrv_bind()
      s4:rpc_server: make use of dcesrv_auth_reply() in dcesrv_alter()
      s4:rpc_server: make use of dcesrv_auth_prepare_bind_ack() in dcesrv_bind()
      s4:rpc_server: make use of dcesrv_auth_prepare_alter_ack() in dcesrv_alter()
      s4:rpc_server: make use of dcesrv_auth_prepare_auth3() in dcesrv_auth3()
      s4:rpc_server: remove unused dcesrv_auth_{bind_ack,auth3,alter_ack}()
      s4:rpc_server: implement async BIND using gensec_update_send/recv
      s4:rpc_server: implement async ALTER_CONTEXT using gensec_update_send/recv
      s4:rpc_server: implement async AUTH3 using gensec_update_send/recv
      s4:librpc: use gensec_update_send() in dcerpc_bind_auth_send()
      s4:librpc: make use of gensec_update_send() in bind_auth_next_step()
      s4:librpc: simplify dcerpc_connect_timeout_handler() logic
      s4:libcli/smb2: make smb2_session_setup_spnego_* completely async
      s4:libcli/ldap: just use gensec_update() in ldap_bind_sasl()
      s4:auth: use talloc_reparent() in samba_server_gensec_krb5_start()
      Revert "s4:librpc: simplify dcerpc_connect_timeout_handler() logic"
      s4:librpc: restore inhibit_timeout_processing = true during gensec_update_send/recv()
      s4:lib/com: remove unused pycom binding

Volker Lendecke (27):
      lsa4_srv: Factor out dcesrc_lsa_valid_AccountRight()
      torture3: In LOCAL-DBWRAP-WATCH1, open tdb with CLEAR_IF_FIRST
      selftest: Make sure that LOCAL-DBWRAP-WATCH1 is run in make test
      dbwrap_watch: Protect against corrupt records
      torture3: Make sure dbwrap_parse_record returns NOT_FOUND for invalid watchers data
      smbd: Fix a 32-bit problem
      lib: FreeBSD needs sys/wait.h for WIFEXITED
      lib: Fix whitespace
      lib: Fix a comment
      pam_wrapper: Add PAM_STRERROR_CONST configure check
      vfs_fruit: Fix the 32-bit build
      idmap_rfc2307: Don't stop after 30 entries
      idmap_rfc2307: "ldap_next_entry" needs the previous entry, not the start
      test_idmap_rfc2307: Remove the correct file
      test_idmap_rfc2307: Avoid a tmpfile
      test_idmap_rfc2307: Correct usage
      test_idmap_rfc2307: Do a recursive delete in ou=idmap
      test_idmap_rfc2307: Test wbinfo -r for 35 supplementary group memberships
      idmap_rfc2307: Don't stop after 30 entries
      idmap_rfc2307: "ldap_next_entry" needs the previous entry, not the start
      selftest: Avoid idmap caching when testing idmap_rfc2307
      idmap_rfc2307: Test unix-ids-to-sids with 35 groups
      dbwrap_ctdb: Fix a typo
      libsmb: proto.h does not need ads.h
      winbindd: Give winbindd_ads.c its own header
      CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
      lib: Remove use of MSG_NOSIGNAL

-----------------------------------------------------------------------


-- 
Samba Shared Repository



More information about the samba-cvs mailing list