[SCM] Samba Shared Repository - annotated tag ldb-1.3.0 created

Stefan Metzmacher metze at samba.org
Tue Oct 10 07:10:55 UTC 2017

The annotated tag, ldb-1.3.0 has been created
        at  ab3270a1b1a26a8362f08f12621e73dee9d7fc98 (tag)
   tagging  c40531d9b964588f96d2ab5545b328f8dc787ad9 (commit)
  replaces  ldb-1.2.2
 tagged by  Stefan Metzmacher
        on  Tue Oct 10 09:10:42 2017 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.3.0
Version: GnuPG v1


Alexander Bokovoy (1):
      Install dcerpc/__init__.py for all Python environments

Amitay Isaacs (26):
      ctdb-tools: Use ssize_t instead of int for checking the status of read()
      ctdb-tools: Fix CID 1414746
      ctdb-daemon: Fix implementation of process_exists control
      ctdb-tests: Fix the implementation of process-exists in fake daemon
      ctdb-tests: Add a dummy ctdb client for testing
      ctdb-tests: Fix ctdb process-exist tests
      ctdb-tests: Fix ctdb test binary name in path testing
      ctdb-daemon: Add a function to check if db access is allowed
      ctdb-daemon: GET_DB_SEQNUM should read database conditionally
      ctdb-recoverd: Abort recovery/takeover if recmaster changes
      ctdb-daemon: Free up record data if a call request is deferred
      ctdb-client: Initialize ctdb_ltdb_header completely for empty record
      ctdb-common: Extend srvid_exists() check to support optional private_data
      ctdb-protocol: Add new control CTDB_CONTROL_CHECK_PID_SRVID
      ctdb-protocol: Add marshalling for struct ctdb_pid_srvid
      ctdb-protocol: Add marshalling for control CHECK_PID_SRVID
      ctdb-daemon: Add implementation of control CHECK_PID_SRVID
      ctdb-client: Add client code for control CHECK_PID_SRVID
      ctdb-tool: Update process-exists command to pass optional srvid
      ctdb-tests: Reimplement message handlers using srvid abstraction
      ctdb-tests: Implement control CHECK_PID_SRVID in fake daemon
      ctdb-tests: Add tests for PID with srvid
      ctdb-daemon: Check all connections from a process in CHECK_PID_SRVID control
      ctdb-tests: Check all connections from a process in CHECK_PID_SRVID control
      ctdb-tests: Add support for multiple ctdb connections in dummy_client
      ctdb-tests: Add tests for client with multiple connections

Andreas Schneider (10):
      wafsamba: Do not chmod already existing dirs on install
      samba:provision: Give a hint to copy the krb5.conf and not symlink it
      dynconfig: Fix location of the default 'binddns dir'
      s4:bind_dlz: Try the 'binddns dir' first
      python:provision: Change the group of the 'binddns dir' too
      python:provision: Do not change the owner of the sam.ldb.d dir
      samba_upgradedns: Change the group of the 'binddns dir' too
      samba_upgradedns: Print better hints after we migrated the config
      samba_upgradedns: When we setup the internal dns cleanup bind-dns dir
      wafsamba: We need to honor DESTDIR in INSTALL_DIR

Andrew Bartlett (107):
      repl_meta_data: Use ldb_ldif_message_redacted_string() to avoid printing secrets in logs
      linked_attributes: Use ldb_ldif_message_redacted_string() for consistency
      repl_meta_data: Re-work printing of replicated entries
      Use the rpc_parse debug class for PIDL genrated code
      debug: Add new debug class "drs_repl" for DRS replication processing
      drs repl: Only print raw DRS replication traffic at level 9
      dsdb: Add missing \n to debug
      libcli/security: Move debug message to DBG_DEBUG()
      librpc/dceprc_util.c: Move debug message to DBG_DEBUG()
      python: Allow debug classes to be specified on the command line for python tools
      selftest: Check re-opening sam.ldb corrects the @ATTRIBUTES and @INDEXLIST
      schema: Rework dsdb_schema_set_indices_and_attributes() db operations
      selftest: reindex in dbcheck-oldrelease after modifying the backend DB
      repl_meta_data: Show failing replicated entry in error code
      s4-provision: Ensure the dummy main-domain DB used for DLZ has an @INDEXLIST
      ldb_tdb: Map TDB error codes into LDB error codes in ltdb_lock_read()
      ldb_tdb: Give a debug message as well as setting the error string if prepare_commit() fails
      ldb_tdb: Change ltdb_connect() NOT to request a kernel-level read only TDB
      ldb: Release 1.2.3
      samdb: Rework samdb_connect_url() to return LDB error code and an error string
      ldap_server: Plumb ldb error string from a failed connect to ldapsrv_terminate_connection()
      s4-dnsserver: Always encode user-supplied names when looking up DNS records
      s4-dnsserver: Check for too many DNS results
      selftest: sort dbcheck output to avoid sort order impacting results
      dsdb: Only trigger a re-index once per @INDEXLIST modification
      ldb_tdb: Make ldb_match_message() available to ldb_tdb
      ldb_tdb: Add helper function ltdb_search_and_return_base()
      ldb_tdb: provide ldb_key_dn() and ldb_key_msg()
      ldb_tdb: Use ltdb_key_msg() in re_index()
      ldb_tdb: Add ltdb_search_key()
      ldb_tdb: Use a more complete error mapping in ltdb_search_key()
      ldb_tdb: Provide struct ltdb_private to index routines
      ldb_tdb: Add GUID_index_attribute to ltdb_private
      ldb_tdb: Do not allow a modification of the GUID_index_attribute (objectGUID)
      ldb_tdb: replace strange dn_list_cmp() in index code
      ldb_tdb: Move constants into ldb_tdb.h
      ldb_tdb: Store GUID index values in one packed ldb attribute
      ldb_tdb: Read GUID index values as one packed LDB attribute
      ldb_tdb: Refuse to load a GUID index that is not a multiple of 16 bytes
      ldb_tdb: Write GUID index values as version 3
      ldb_tdb: modify ltdb_delete_noindex() to take a struct ldb_message
      ldb_tdb: Delete a successful tdb_store on index add fail in ltdb_add_internal()
      ldb_tdb: Pass the full ldb_message to ldb index funtions
      ldb_tdb: Optionally use a GUID index key in ltdb_dn_list_find_msg()
      ldb_tdb: Optionally store a GUID as the index record
      ldb_tdb: Implement ltdb_search_base() for a GUID index
      ldb_tdb: Prepare to handle rename with GUID index by using ltdb_search_base()
      ldb_tdb: Split ltdb_index_onelevel() into a helper function
      ldb_tdb: Add/remove a GUID index of the DN during ltdb_index_add_all()/ltdb_index_delete()
      ldb_tdb: Give LDB_ERR_ENTRY_ALREADY_EXISTS when a duplicate DN index is detected
      ldb_tdb: Give LDB_ERR_CONSTRAINT_VIOLATION when a duplicate GUID index is detected
      ldb_tdb: Pass ltdb_private to ltdb_dn_list_load()
      ldb_tdb: Do not directly assign DN into the index result list
      ldb_tdb: add control points for the new GUID index mode
      ldb_tdb: Load the syntax of the GUID index attr during ltdb_cache_load()
      ldb_tdb: Add a function to take a GUID and make the TDB_DATA key
      ldb_tdb: Add a function to get the GUID key for a DN
      ldb_tdb: Add an index shortcut for a <GUID= DN
      ldb_tdb: Check version number on index
      ldb_tdb: Add mem_ctx to ltdb_key_dn() and ltdb_key_msg()
      ldb_tdb: Use ltdb_key_msg() in ltdb_delete_noindex()
      ldb_tdb: Use the objectGUID (or similar) as the TDB key in ltdb_key_msg()
      ldb_tdb: Optionally use GUID index in ltdb_search_dn1()
      ldb_tdb: Do not query an index on the GUID_index_attribute
      ldb_tdb: Do not add an index for GUID_index_attribute
      ldb_tdb: Add ltdb_idx_to_key() and use it in ltdb_index_filter()
      ldb_tdb: Trust the BASE and ONELEVEL index
      ldb_tdb: Optionally use GUID index values a direct TDB keys
      ldb_tdb: Read from @INDEXLIST or an override if we are using a GUID index
      ldb_tdb: Add improved error strings on ltdb_key_dn_from_idx() failure
      ldb_tdb: Improve debugging in ltdb_modify_index_dn() on casefold failure
      ldb_tdb: Add unique index checking for @IDXDN
      ldb_tdb: Re-add of both existing DN and GUID must gives LDB_ERR_ENTRY_ALREADY_EXISTS
      ldb_tdb: Change error code on unique index violation
      binsearch.h: Re-licence under LGPLv3 per agreement of the copyright holders
      ldb_tdb: sort GUID index list at add time by inserting in sorted order
      ldb_tdb: Sort inputs to list_union()
      ldb_tdb: Rework list_union to not return duplicates, and keep sort order
      ldb_tdb: Use a binary search to speed up ltdb_dn_list_find_val()
      ldb_tdb: Use the binary search more efficiently in list_intersect()
      ldb_tdb: Reduce memory consumption in list_intersect()
      ldb_tdb: Duplicate values are no longer permitted in the index
      ldb: Add an unused objectGUID to each record in SearchTests
      ldb: Also test the new GUID index mode
      ldb_tdb: Add tests for add/modify with the GUID index
      ldb_tdb: Use the DN extracted from the DB to filter the message later
      ldb: Add tests for base DN of a different case
      ldb_tdb: Optimise ltdb_search_and_return_base() to re-use casefolding
      ldb_tdb: Move constants into ldb_tdb.h
      ldb_tdb: Avoid allocation of a DN between the GUID index and the DB lookup
      ldb_tdb: Clean up list in after use in ltdb_key_dn_from_idx()
      ldb_tdb: Avoid canonicalise and base64 work for DN values, these are already OK
      ldb_tdb: Give a good error message on add without an objectGUID
      ldb_tdb: Describe index format and control points
      ldb_tdb: Clean up index records on ltdb_index_add_new() failure.
      ldb_tdb: Remove LTDB_FLAG_HIDDEN and ignore "HIDDEN" in @ATTRIBUTES
      ldb_tdb: Add UNIQUE_INDEX as a possible flag
      ldb: Add more tests covering in-transaction GUID index and unique index behaviour
      ldb_tdb: Remove incorrect early return from re-index
      ldb_tdb: Print progress messages on re-index
      ldb_tdb: Update comments for the delete_index() pass of ltdb_reindex()
      ldb_tdb: Also ban a (indexed) search against like @IDXDN=foo
      ldb: Add test showing a search against the index is not possible
      ldb: Do not make an ldb file for API tests
      ldb: Ensure we do not run out of File descriptors in autobuild
      ldb_tdb: Treat distinguishedName and objectGUID (in Samba) as unique
      ldb: Release ldb 1.3.0

Christof Schmitt (5):
      vfs_streams_xattr: Fix segfault when running with log level 10
      smbd: Move check for SMB2 compound request to new function
      smbd/aio: Do not go async for SMB2 compound requests
      torture: Add testcase for compound CREATE-WRITE-CLOSE request
      selftest: Also run smbtorture smb2.compound with aio enabled

Garming Sam (2):
      getncchanges.c: Refactor to track more state using repl_chunk
      kcc: Remove unused, untested KCC code

Gary Lockyer (5):
      tests util/tfork: Tests for status and event fd
      util/tfork: Write to the status pipe
      util_runcmd: Free the fde in event handler.
      s4/smbd: set the process group.
      ldb: Add tests for read only behaviour

G√ľnther Deschner (1):
      s4-torture: move lease break handler outside the lease testsuite.

Jeremy Allison (5):
      s3: VFS: streams_xattr: Compression is only set/get on base filenames.
      s3: vfs: catia: compression get/set must act only on base file, and must cope with fsp==NULL.
      libcli: SMB2: NetApps negotiate SMB3_11 but also set the SMB2_CAP_ENCRYPTION flag.
      lib: tevent: Remove select backend.
      CVE-2017-12163: s3:smbd: Prevent client short SMB1 write from writing server memory to file.

Justin Maggard via samba-technical (1):
      smbd: add missing newline to debug message in daemon_status()

Martin Schwenke (47):
      ctdb-tests: Wait up to 30 seconds for process to be registered in ctdbd
      ctdb-daemon: Don't release all IPs before "startup" event
      ctdb-scripts: Clean up ctdb_check_unix_socket()
      ctdb-scripts: Switch ctdb_check_unix_socket() to use ss
      ctdb-tests: Enhance ss stub to check for listening Unix domain sockets
      ctdb-tests: Add 31.clamd eventscript unit tests
      ctdb-tests: Drop unused monitoring status support
      ctdb-daemon: Skip monitoring when node is inactive
      ctdb-daemon: Skip monitoring when not in RUNNING runstate
      ctdb-daemon: Don't explicitly disable monitoring when stopping a node
      ctdb-daemon: Don't explicitly disable monitoring around recovery
      ctdb-daemon: Don't explicitly stop monitoring during shutdown
      ctdb-tools: Drop monitoring-related ctdb commands
      ctdb-docs: Drop mention of unimplemented commands
      ctdb-daemon: Mark monitoring controls obsolete
      ctdb-daemon: Drop implementation of monitor controls
      ctdb-tests: Drop implementation of monitor controls
      ctdb-daemon: Drop monitoring mode
      ctdb-daemon: Remove unused function ctdb_stop_monitoring()
      ctdb-client: Drop old client code for monitor controls
      ctdb-client: Drop client code for monitor controls
      ctdb-protocol: Drop marshalling for monitor controls
      Revert "ctdb-daemon: Remove unused function ctdb_stop_monitoring()"
      Revert "ctdb-daemon: Don't explicitly stop monitoring during shutdown"
      selftest: Avoid a build started just before midnight failing
      ctdb-build: Fix dependency for ctdbd
      ctdb-build: Split protocol-util as a separate subsystem
      ctdb-common: Initialise socket addresses before reading into them
      ctdb-protocol: Add server and client aliases in ctdb_connection
      ctdb-protocol: Add ctdb_sock_addr_port() and sock_addr_set_port()
      ctdb-protocol: Add utility function ctdb_sock_addr_to_buf()
      ctdb-protocol: Optionally print port for address printing functions
      ctdb-protocol: Add ctdb_sock_addr_from_string()
      ctdb-protocol: Factor out static function ctdb_sock_addr_cmp_family()
      ctdb-protocol: Add ctdb_connection utilities
      ctdb-protocol: Add new data structure ctdb_connection_list
      ctdb-protocol: Add marshalling for ctdb_connection_list
      ctdb-protocol: Add ctdb_connection_list utilities
      ctdb-tools: Use ctdb_connection and ctdb_connection_list structs
      ctdb-tools: Use db_hash in ctdb_killtcp
      ctdb-tools: Drop global variable prog
      ctdb-tools: Improve error handling
      ctdb-tools: New function ctdb_kill_tcp_init()
      ctdb-tools: Rework killtcp logic into a tevent_req-based computation
      ctdb-tools: Move special case of 0 connections into computation
      ctdb-tools: Add debug to ctdb_killtcp
      ctdb-tools: Fix a typo for a talloc context

Ralph Boehme (6):
      vfs/nfs4_acls: move special handling of SMB_ACE4_SYNCHRONIZE to vfs_zfsacl
      vfs_zfsacl: pass smb_fname to zfs_get_nt_acl_common
      vfs_zfsacl: ensure zfs_get_nt_acl_common() has access to stat info
      s3/vfs: move ACE4_ADD_FILE/ACE4_DELETE_CHILD mapping from NFSv4 framework to vfs_zfsacl
      s3/smbd: sticky write time offset miscalculation causes broken timestamps
      lib/util: only close the event_fd in tfork if the caller didn't call tfork_event_fd()

Richard Sharpe (2):
      Make sure smbtorture tests can run if someone has set their min protocol above NT1.
      s3: Fix a small spelling mistake in smbcacls.

Rowland Penny (3):
      packaging: Remove RHEL-CTDB directory and contents
      packaging: Remove RHEL directory and contents
      packaging: Remove Solaris directory and contents

Sachin Prabhu via samba-technical (1):
      s3-lib: Fix error mapping for EROFS

Stefan Metzmacher (13):
      charset/tests: assert the exact values of str[n]casecmp_m()
      charset/tests: add more str[n]casecmp_m() tests to demonstrate the bug
      charset/tests: also tests the system str[n]casecmp()
      charset: fix str[n]casecmp_m() by comparing lower case values
      CVE-2017-12151: s3:libsmb: add cli_state_is_encryption_on() helper function
      CVE-2017-12151: s3:libsmb: make use of cli_state_is_encryption_on()
      CVE-2017-12150: s3:popt_common: don't turn a guessed username into a specified one
      CVE-2017-12150: s3:lib: get_cmdline_auth_info_signing_state smb_encrypt SMB_SIGNING_REQUIRED
      CVE-2017-12150: s3:pylibsmb: make use of SMB_SIGNING_DEFAULT for 'samba.samba3.libsmb_samba_internal'
      CVE-2017-12150: libgpo: make use of SMB_SIGNING_REQUIRED in gpo_connect_server()
      CVE-2017-12150: auth/credentials: cli_credentials_authentication_requested() should check for NTLM_CCACHE/SIGN/SEAL
      CVE-2017-12150: libcli/smb: add smbXcli_conn_signing_mandatory()
      CVE-2017-12150: s3:libsmb: only fallback to anonymous if authentication was not requested

Tim Beale (28):
      getncchanges.c: Rename anc_cache to obj_cache
      getncchanges.c: Split sorting linked attributes into separate function
      getncchanges.c: Split GET_ANC block out into its own function
      getncchanges.c: Add ancestor links when the object normally gets sent
      getncchanges.c: Refactor how we add ancestor links
      getncchanges.c: Refactor how objects get added to the response
      getncchanges.c: Replace hard-coded numbers with a define
      getncchanges.c: Remove a really old TODO
      getncchanges.c: Remove unused ncRoot_dn parameter
      getncchanges.c: Reduce the parameters to get_nc_changes_build_object()
      getncchanges.c: Split out code to get an object for a response
      getnchanges.c: Avoid unnecessary continue
      getncchanges.c: Send linked attributes in each chunk
      getnc_exop.py: Fix GET_TGT behaviour in DRS tests
      getncchanges.py: Add some GET_TGT test cases
      getncchanges.py: Add test for adding links during replication
      getncchanges.py: Add test for GET_ANC and GET_TGT combined
      getnc_exop.py: Extend EXOP_REPL_OBJ test case to use GET_TGT
      getncchanges.py: Add tests for object deletion during replication
      drs: Add basic GET_TGT support
      getncchanges.py: Add test for replicating reanimated objects
      getncchanges.py: Add a test for dropped cross-partition links
      getncchanges.py: Add a multi-valued linked attribute test
      getncchanges.c: Support GET_TGT better with large numbers of links
      replmd: Allow missing targets if GET_TGT has already been set
      replmd: Avoid duplicated debug/warnings
      getncchanges.c: max_links calculation didn't work well in some cases
      selftest: Add some tests for linked attribute conflicts

Volker Lendecke (33):
      lib: util_tdb.h needs tdb.h
      s3: Avoid netlogon_creds_cli.h in includes.h
      netlogon_creds_cli: Add "dns_domain" to netlogon_creds_cli_context
      netlogon_creds_cli: Pass "server_dns_domain" through netlogon_creds_cli_context_global
      cli_netlogon: Pass server_dns_domain through rpccli_create_netlogon_creds
      libnet: Use rpccli_create_netlogon_creds_with_creds in join_unsecure
      cli_netlogon: Make rpccli_create_netlogon_creds static
      libnet: Use rpccli_setup_netlogon_creds_with_creds in join_unsecure
      cli_netlogon: Make rpccli_setup_netlogon_creds static
      cli_netlogon: Rename rpccli_create_netlogon_creds_with_creds
      cli_netlogon: Eliminate rpccli_setup_netlogon_creds_with_creds
      netlogon_creds_cli: Avoid a static const struct
      netlogon_creds_cli: Remove an obsolete comment
      netlogon_creds_cli: A netlogon_creds_cli_context needs a msg_ctx
      rpc_client3: Fix a debug message
      netlogon_creds_cli: Simplify netlogon_creds_cli_context_common
      netlogon_creds_cli: Simplify netlogon_creds_cli_context_common
      netlogon_creds_cli: Simplify netlogon_creds_cli_context_global
      netlogon_creds_cli: Use data_blob_cmp in netlogon_creds_cli_validate
      notifyd: Clarify a comment
      libcli: Apply some const
      cli_credentials: Apply some const
      winbindd: Remove an obsolete comment
      rpcclient: Remove sam_sync related commands
      net: Remove rpc samdump
      net: Remove rpc vampire from NT4 domains
      net: Remove NT4-based rpc vampire ldif
      net: Remove NT4-based vampire keytab
      net: Don't depend on libnet_samsync anymore
      libnet: Remove libnet_samsync
      WHATSNEW: Mention code removal from "net" and "rpcclient"
      testsuite: Fix the 32-bit test build
      auth3: Remove auth_domain


Samba Shared Repository

More information about the samba-cvs mailing list