[SCM] Samba Shared Repository - annotated tag ldb-1.3.0 created
Stefan Metzmacher
metze at samba.org
Tue Oct 10 07:10:55 UTC 2017
The annotated tag, ldb-1.3.0 has been created
at ab3270a1b1a26a8362f08f12621e73dee9d7fc98 (tag)
tagging c40531d9b964588f96d2ab5545b328f8dc787ad9 (commit)
replaces ldb-1.2.2
tagged by Stefan Metzmacher
on Tue Oct 10 09:10:42 2017 +0200
- Log -----------------------------------------------------------------
ldb: tag release ldb-1.3.0
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJZ3HJyAAoJEEeTkWETCEAlUDsH/1whA9Pc05HL9YrWlPJkJQaX
os7hSkxRULTccxtYyOPx6Y70BQi/EHjNNp2tao0yww2cXQPjB+jonU+e2kP/Daa0
qOP8qFr5MLvZeRVW+NFu3XkBD+i8UnVpYt6qX6P/f6Gdtb8eDbwx9jBySXRtckZL
Q5ABty6zIhlTckL6tsfTpx66aMd+Kc+OyTjbJdcAR7ZYb+3dB+4N9hgT74z3dXPl
dolIHHIDvnuH+QcQGXEB6Uxpep4/rF90RqX4xRC76eMiNVRyl4jEmwLHSVkVXumm
1WIJWx5APJ4LXQQy5lXZlvuYk6rcpEt61BOLrt4WbMKpOqTBd1vxhW0f3pJpeRE=
=Eaas
-----END PGP SIGNATURE-----
Alexander Bokovoy (1):
Install dcerpc/__init__.py for all Python environments
Amitay Isaacs (26):
ctdb-tools: Use ssize_t instead of int for checking the status of read()
ctdb-tools: Fix CID 1414746
ctdb-daemon: Fix implementation of process_exists control
ctdb-tests: Fix the implementation of process-exists in fake daemon
ctdb-tests: Add a dummy ctdb client for testing
ctdb-tests: Fix ctdb process-exist tests
ctdb-tests: Fix ctdb test binary name in path testing
ctdb-daemon: Add a function to check if db access is allowed
ctdb-daemon: GET_DB_SEQNUM should read database conditionally
ctdb-recoverd: Abort recovery/takeover if recmaster changes
ctdb-daemon: Free up record data if a call request is deferred
ctdb-client: Initialize ctdb_ltdb_header completely for empty record
ctdb-common: Extend srvid_exists() check to support optional private_data
ctdb-protocol: Add new control CTDB_CONTROL_CHECK_PID_SRVID
ctdb-protocol: Add marshalling for struct ctdb_pid_srvid
ctdb-protocol: Add marshalling for control CHECK_PID_SRVID
ctdb-daemon: Add implementation of control CHECK_PID_SRVID
ctdb-client: Add client code for control CHECK_PID_SRVID
ctdb-tool: Update process-exists command to pass optional srvid
ctdb-tests: Reimplement message handlers using srvid abstraction
ctdb-tests: Implement control CHECK_PID_SRVID in fake daemon
ctdb-tests: Add tests for PID with srvid
ctdb-daemon: Check all connections from a process in CHECK_PID_SRVID control
ctdb-tests: Check all connections from a process in CHECK_PID_SRVID control
ctdb-tests: Add support for multiple ctdb connections in dummy_client
ctdb-tests: Add tests for client with multiple connections
Andreas Schneider (10):
wafsamba: Do not chmod already existing dirs on install
samba:provision: Give a hint to copy the krb5.conf and not symlink it
dynconfig: Fix location of the default 'binddns dir'
s4:bind_dlz: Try the 'binddns dir' first
python:provision: Change the group of the 'binddns dir' too
python:provision: Do not change the owner of the sam.ldb.d dir
samba_upgradedns: Change the group of the 'binddns dir' too
samba_upgradedns: Print better hints after we migrated the config
samba_upgradedns: When we setup the internal dns cleanup bind-dns dir
wafsamba: We need to honor DESTDIR in INSTALL_DIR
Andrew Bartlett (107):
repl_meta_data: Use ldb_ldif_message_redacted_string() to avoid printing secrets in logs
linked_attributes: Use ldb_ldif_message_redacted_string() for consistency
repl_meta_data: Re-work printing of replicated entries
Use the rpc_parse debug class for PIDL genrated code
debug: Add new debug class "drs_repl" for DRS replication processing
drs repl: Only print raw DRS replication traffic at level 9
dsdb: Add missing \n to debug
libcli/security: Move debug message to DBG_DEBUG()
librpc/dceprc_util.c: Move debug message to DBG_DEBUG()
python: Allow debug classes to be specified on the command line for python tools
selftest: Check re-opening sam.ldb corrects the @ATTRIBUTES and @INDEXLIST
schema: Rework dsdb_schema_set_indices_and_attributes() db operations
selftest: reindex in dbcheck-oldrelease after modifying the backend DB
repl_meta_data: Show failing replicated entry in error code
s4-provision: Ensure the dummy main-domain DB used for DLZ has an @INDEXLIST
ldb_tdb: Map TDB error codes into LDB error codes in ltdb_lock_read()
ldb_tdb: Give a debug message as well as setting the error string if prepare_commit() fails
ldb_tdb: Change ltdb_connect() NOT to request a kernel-level read only TDB
ldb: Release 1.2.3
samdb: Rework samdb_connect_url() to return LDB error code and an error string
ldap_server: Plumb ldb error string from a failed connect to ldapsrv_terminate_connection()
s4-dnsserver: Always encode user-supplied names when looking up DNS records
s4-dnsserver: Check for too many DNS results
selftest: sort dbcheck output to avoid sort order impacting results
dsdb: Only trigger a re-index once per @INDEXLIST modification
ldb_tdb: Make ldb_match_message() available to ldb_tdb
ldb_tdb: Add helper function ltdb_search_and_return_base()
ldb_tdb: provide ldb_key_dn() and ldb_key_msg()
ldb_tdb: Use ltdb_key_msg() in re_index()
ldb_tdb: Add ltdb_search_key()
ldb_tdb: Use a more complete error mapping in ltdb_search_key()
ldb_tdb: Provide struct ltdb_private to index routines
ldb_tdb: Add GUID_index_attribute to ltdb_private
ldb_tdb: Do not allow a modification of the GUID_index_attribute (objectGUID)
ldb_tdb: replace strange dn_list_cmp() in index code
ldb_tdb: Move constants into ldb_tdb.h
ldb_tdb: Store GUID index values in one packed ldb attribute
ldb_tdb: Read GUID index values as one packed LDB attribute
ldb_tdb: Refuse to load a GUID index that is not a multiple of 16 bytes
ldb_tdb: Write GUID index values as version 3
ldb_tdb: modify ltdb_delete_noindex() to take a struct ldb_message
ldb_tdb: Delete a successful tdb_store on index add fail in ltdb_add_internal()
ldb_tdb: Pass the full ldb_message to ldb index funtions
ldb_tdb: Optionally use a GUID index key in ltdb_dn_list_find_msg()
ldb_tdb: Optionally store a GUID as the index record
ldb_tdb: Implement ltdb_search_base() for a GUID index
ldb_tdb: Prepare to handle rename with GUID index by using ltdb_search_base()
ldb_tdb: Split ltdb_index_onelevel() into a helper function
ldb_tdb: Add/remove a GUID index of the DN during ltdb_index_add_all()/ltdb_index_delete()
ldb_tdb: Give LDB_ERR_ENTRY_ALREADY_EXISTS when a duplicate DN index is detected
ldb_tdb: Give LDB_ERR_CONSTRAINT_VIOLATION when a duplicate GUID index is detected
ldb_tdb: Pass ltdb_private to ltdb_dn_list_load()
ldb_tdb: Do not directly assign DN into the index result list
ldb_tdb: add control points for the new GUID index mode
ldb_tdb: Load the syntax of the GUID index attr during ltdb_cache_load()
ldb_tdb: Add a function to take a GUID and make the TDB_DATA key
ldb_tdb: Add a function to get the GUID key for a DN
ldb_tdb: Add an index shortcut for a <GUID= DN
ldb_tdb: Check version number on index
ldb_tdb: Add mem_ctx to ltdb_key_dn() and ltdb_key_msg()
ldb_tdb: Use ltdb_key_msg() in ltdb_delete_noindex()
ldb_tdb: Use the objectGUID (or similar) as the TDB key in ltdb_key_msg()
ldb_tdb: Optionally use GUID index in ltdb_search_dn1()
ldb_tdb: Do not query an index on the GUID_index_attribute
ldb_tdb: Do not add an index for GUID_index_attribute
ldb_tdb: Add ltdb_idx_to_key() and use it in ltdb_index_filter()
ldb_tdb: Trust the BASE and ONELEVEL index
ldb_tdb: Optionally use GUID index values a direct TDB keys
ldb_tdb: Read from @INDEXLIST or an override if we are using a GUID index
ldb_tdb: Add improved error strings on ltdb_key_dn_from_idx() failure
ldb_tdb: Improve debugging in ltdb_modify_index_dn() on casefold failure
ldb_tdb: Add unique index checking for @IDXDN
ldb_tdb: Re-add of both existing DN and GUID must gives LDB_ERR_ENTRY_ALREADY_EXISTS
ldb_tdb: Change error code on unique index violation
binsearch.h: Re-licence under LGPLv3 per agreement of the copyright holders
ldb_tdb: sort GUID index list at add time by inserting in sorted order
ldb_tdb: Sort inputs to list_union()
ldb_tdb: Rework list_union to not return duplicates, and keep sort order
ldb_tdb: Use a binary search to speed up ltdb_dn_list_find_val()
ldb_tdb: Use the binary search more efficiently in list_intersect()
ldb_tdb: Reduce memory consumption in list_intersect()
ldb_tdb: Duplicate values are no longer permitted in the index
ldb: Add an unused objectGUID to each record in SearchTests
ldb: Also test the new GUID index mode
ldb_tdb: Add tests for add/modify with the GUID index
ldb_tdb: Use the DN extracted from the DB to filter the message later
ldb: Add tests for base DN of a different case
ldb_tdb: Optimise ltdb_search_and_return_base() to re-use casefolding
ldb_tdb: Move constants into ldb_tdb.h
ldb_tdb: Avoid allocation of a DN between the GUID index and the DB lookup
ldb_tdb: Clean up list in after use in ltdb_key_dn_from_idx()
ldb_tdb: Avoid canonicalise and base64 work for DN values, these are already OK
ldb_tdb: Give a good error message on add without an objectGUID
ldb_tdb: Describe index format and control points
ldb_tdb: Clean up index records on ltdb_index_add_new() failure.
ldb_tdb: Remove LTDB_FLAG_HIDDEN and ignore "HIDDEN" in @ATTRIBUTES
ldb_tdb: Add UNIQUE_INDEX as a possible flag
ldb: Add more tests covering in-transaction GUID index and unique index behaviour
ldb_tdb: Remove incorrect early return from re-index
ldb_tdb: Print progress messages on re-index
ldb_tdb: Update comments for the delete_index() pass of ltdb_reindex()
ldb_tdb: Also ban a (indexed) search against like @IDXDN=foo
ldb: Add test showing a search against the index is not possible
ldb: Do not make an ldb file for API tests
ldb: Ensure we do not run out of File descriptors in autobuild
ldb_tdb: Treat distinguishedName and objectGUID (in Samba) as unique
ldb: Release ldb 1.3.0
Christof Schmitt (5):
vfs_streams_xattr: Fix segfault when running with log level 10
smbd: Move check for SMB2 compound request to new function
smbd/aio: Do not go async for SMB2 compound requests
torture: Add testcase for compound CREATE-WRITE-CLOSE request
selftest: Also run smbtorture smb2.compound with aio enabled
Garming Sam (2):
getncchanges.c: Refactor to track more state using repl_chunk
kcc: Remove unused, untested KCC code
Gary Lockyer (5):
tests util/tfork: Tests for status and event fd
util/tfork: Write to the status pipe
util_runcmd: Free the fde in event handler.
s4/smbd: set the process group.
ldb: Add tests for read only behaviour
Günther Deschner (1):
s4-torture: move lease break handler outside the lease testsuite.
Jeremy Allison (5):
s3: VFS: streams_xattr: Compression is only set/get on base filenames.
s3: vfs: catia: compression get/set must act only on base file, and must cope with fsp==NULL.
libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag.
lib: tevent: Remove select backend.
CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server memory to file.
Justin Maggard via samba-technical (1):
smbd: add missing newline to debug message in daemon_status()
Martin Schwenke (47):
ctdb-tests: Wait up to 30 seconds for process to be registered in ctdbd
ctdb-daemon: Don't release all IPs before "startup" event
ctdb-scripts: Clean up ctdb_check_unix_socket()
ctdb-scripts: Switch ctdb_check_unix_socket() to use ss
ctdb-tests: Enhance ss stub to check for listening Unix domain sockets
ctdb-tests: Add 31.clamd eventscript unit tests
ctdb-tests: Drop unused monitoring status support
ctdb-daemon: Skip monitoring when node is inactive
ctdb-daemon: Skip monitoring when not in RUNNING runstate
ctdb-daemon: Don't explicitly disable monitoring when stopping a node
ctdb-daemon: Don't explicitly disable monitoring around recovery
ctdb-daemon: Don't explicitly stop monitoring during shutdown
ctdb-tools: Drop monitoring-related ctdb commands
ctdb-docs: Drop mention of unimplemented commands
ctdb-daemon: Mark monitoring controls obsolete
ctdb-daemon: Drop implementation of monitor controls
ctdb-tests: Drop implementation of monitor controls
ctdb-daemon: Drop monitoring mode
ctdb-daemon: Remove unused function ctdb_stop_monitoring()
ctdb-client: Drop old client code for monitor controls
ctdb-client: Drop client code for monitor controls
ctdb-protocol: Drop marshalling for monitor controls
Revert "ctdb-daemon: Remove unused function ctdb_stop_monitoring()"
Revert "ctdb-daemon: Don't explicitly stop monitoring during shutdown"
selftest: Avoid a build started just before midnight failing
ctdb-build: Fix dependency for ctdbd
ctdb-build: Split protocol-util as a separate subsystem
ctdb-common: Initialise socket addresses before reading into them
ctdb-protocol: Add server and client aliases in ctdb_connection
ctdb-protocol: Add ctdb_sock_addr_port() and sock_addr_set_port()
ctdb-protocol: Add utility function ctdb_sock_addr_to_buf()
ctdb-protocol: Optionally print port for address printing functions
ctdb-protocol: Add ctdb_sock_addr_from_string()
ctdb-protocol: Factor out static function ctdb_sock_addr_cmp_family()
ctdb-protocol: Add ctdb_connection utilities
ctdb-protocol: Add new data structure ctdb_connection_list
ctdb-protocol: Add marshalling for ctdb_connection_list
ctdb-protocol: Add ctdb_connection_list utilities
ctdb-tools: Use ctdb_connection and ctdb_connection_list structs
ctdb-tools: Use db_hash in ctdb_killtcp
ctdb-tools: Drop global variable prog
ctdb-tools: Improve error handling
ctdb-tools: New function ctdb_kill_tcp_init()
ctdb-tools: Rework killtcp logic into a tevent_req-based computation
ctdb-tools: Move special case of 0 connections into computation
ctdb-tools: Add debug to ctdb_killtcp
ctdb-tools: Fix a typo for a talloc context
Ralph Boehme (6):
vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl
vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common
vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info
s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl
s3/smbd: sticky write time offset miscalculation causes broken timestamps
lib/util: only close the event_fd in tfork if the caller didn't call tfork_event_fd()
Richard Sharpe (2):
Make sure smbtorture tests can run if someone has set their min protocol above NT1.
s3: Fix a small spelling mistake in smbcacls.
Rowland Penny (3):
packaging: Remove RHEL-CTDB directory and contents
packaging: Remove RHEL directory and contents
packaging: Remove Solaris directory and contents
Sachin Prabhu via samba-technical (1):
s3-lib: Fix error mapping for EROFS
Stefan Metzmacher (13):
charset/tests: assert the exact values of str[n]casecmp_m()
charset/tests: add more str[n]casecmp_m() tests to demonstrate the bug
charset/tests: also tests the system str[n]casecmp()
charset: fix str[n]casecmp_m() by comparing lower case values
CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper function
CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
CVE-2017-12150: s3:popt_common: don't turn a guessed username into a specified one
CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_REQUIRED
CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for 'samba.samba3.libsmb_samba_internal'
CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
CVE-2017-12150: auth/credentials: cli_credentials_authentication_requested() should check for NTLM_CCACHE/SIGN/SEAL
CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()
CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was not requested
Tim Beale (28):
getncchanges.c: Rename anc_cache to obj_cache
getncchanges.c: Split sorting linked attributes into separate function
getncchanges.c: Split GET_ANC block out into its own function
getncchanges.c: Add ancestor links when the object normally gets sent
getncchanges.c: Refactor how we add ancestor links
getncchanges.c: Refactor how objects get added to the response
getncchanges.c: Replace hard-coded numbers with a define
getncchanges.c: Remove a really old TODO
getncchanges.c: Remove unused ncRoot_dn parameter
getncchanges.c: Reduce the parameters to get_nc_changes_build_object()
getncchanges.c: Split out code to get an object for a response
getnchanges.c: Avoid unnecessary continue
getncchanges.c: Send linked attributes in each chunk
getnc_exop.py: Fix GET_TGT behaviour in DRS tests
getncchanges.py: Add some GET_TGT test cases
getncchanges.py: Add test for adding links during replication
getncchanges.py: Add test for GET_ANC and GET_TGT combined
getnc_exop.py: Extend EXOP_REPL_OBJ test case to use GET_TGT
getncchanges.py: Add tests for object deletion during replication
drs: Add basic GET_TGT support
getncchanges.py: Add test for replicating reanimated objects
getncchanges.py: Add a test for dropped cross-partition links
getncchanges.py: Add a multi-valued linked attribute test
getncchanges.c: Support GET_TGT better with large numbers of links
replmd: Allow missing targets if GET_TGT has already been set
replmd: Avoid duplicated debug/warnings
getncchanges.c: max_links calculation didn't work well in some cases
selftest: Add some tests for linked attribute conflicts
Volker Lendecke (33):
lib: util_tdb.h needs tdb.h
s3: Avoid netlogon_creds_cli.h in includes.h
netlogon_creds_cli: Add "dns_domain" to netlogon_creds_cli_context
netlogon_creds_cli: Pass "server_dns_domain" through netlogon_creds_cli_context_global
cli_netlogon: Pass server_dns_domain through rpccli_create_netlogon_creds
libnet: Use rpccli_create_netlogon_creds_with_creds in join_unsecure
cli_netlogon: Make rpccli_create_netlogon_creds static
libnet: Use rpccli_setup_netlogon_creds_with_creds in join_unsecure
cli_netlogon: Make rpccli_setup_netlogon_creds static
cli_netlogon: Rename rpccli_create_netlogon_creds_with_creds
cli_netlogon: Eliminate rpccli_setup_netlogon_creds_with_creds
netlogon_creds_cli: Avoid a static const struct
netlogon_creds_cli: Remove an obsolete comment
netlogon_creds_cli: A netlogon_creds_cli_context needs a msg_ctx
rpc_client3: Fix a debug message
netlogon_creds_cli: Simplify netlogon_creds_cli_context_common
netlogon_creds_cli: Simplify netlogon_creds_cli_context_common
netlogon_creds_cli: Simplify netlogon_creds_cli_context_global
netlogon_creds_cli: Use data_blob_cmp in netlogon_creds_cli_validate
notifyd: Clarify a comment
libcli: Apply some const
cli_credentials: Apply some const
winbindd: Remove an obsolete comment
rpcclient: Remove sam_sync related commands
net: Remove rpc samdump
net: Remove rpc vampire from NT4 domains
net: Remove NT4-based rpc vampire ldif
net: Remove NT4-based vampire keytab
net: Don't depend on libnet_samsync anymore
libnet: Remove libnet_samsync
WHATSNEW: Mention code removal from "net" and "rpcclient"
testsuite: Fix the 32-bit test build
auth3: Remove auth_domain
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list