[SCM] Samba Shared Repository - annotated tag ldb-1.5.0 created

Stefan Metzmacher metze at samba.org
Tue Aug 14 15:34:59 UTC 2018

The annotated tag, ldb-1.5.0 has been created
        at  505c6917218418b34bff8567126552e58e0c2e49 (tag)
   tagging  b7f0ee93f58e663bb8fc0b39985aa49b254582d9 (commit)
  replaces  samba-4.9.0rc1
 tagged by  Stefan Metzmacher
        on  Tue Aug 14 17:34:50 2018 +0200

- Log -----------------------------------------------------------------
ldb: tag release ldb-1.5.0


Aaron Haslett (5):
      tdb: adding readonly locks mode to tdbbackup tool
      tdb: test for readonly locks mode on tdbbackup command
      netcmd: domain backup offline command
      netcmd: domain backup offline command - offline test with ldapcmp
      selftest: offline backup restore target

Alexander Bokovoy (6):
      wafsamba/samba_abi: always hide ABI symbols which must be local
      s4-dns_server: Only build dns server Python code for AD DC
      s4-dsdb: only build dsdb Python modules for AD DC
      python/samba/tests: make sure samba.tests can be imported without SamDB
      tests/auth_log: Permit SMB2 service description if empty binding is used for kerberos authentication
      samba-tool trust: support discovery via netr_GetDcName

Amitay Isaacs (27):
      popt: Check for headers only if building in-tree version
      popt: Add check for iconv library
      ctdb-tests: Add errno matching utility
      ctdb-tests: Add required_error() to match on error codes
      ctdb-common: Switch to ETIMEDOUT from ETIME
      ctdb-event: Switch to ETIMEDOUT instead of ETIME
      ctdb-daemon: Switch to using ETIMEDOUT instead of ETIME
      ctdb-client: Switch to ETIMEDOUT instead of ETIME
      ctdb-tests: Add ps output filter for freebsd
      ctdb-tests: Add signal code matching utility
      ctdb-tests: Use sigcode to match signals
      ctdb-tests: Porting tests should ignore unsupported features
      ctdb-common: Add line based I/O
      ctdb-protocol: Avoid fgets in ctdb_connection_list_read
      ctdb-common: Add fd argument to ctdb_connection_list_read()
      ctdb-tests: Do not try to match pstree output in eventd tests
      ctdb-tests: Simplify pattern matching for ctime output
      ctdb-scripts: date "+%N" is non-portable
      ctdb-tests: Use portable wc -c instead of stat -c "%s"
      ctdb-tests: Replace md5sum with posix cksum
      ctdb-tests: Use errcode to translate ETIMEDOUT
      ctdb-tests: Fix a typo
      ctdb-tests: Strip all spaces from od output
      ctdb-common: Fix the TCP packet length check
      ctdb-eventd: Fix CID 1438155
      dlz-bind: Add support for BIND 9.12.x
      provision: Add support for BIND 9.12.x

Andreas Schneider (11):
      s3:waf: Install eventlogadm to /usr/sbin
      lib: Add support to parse MS Catalog files
      wbinfo: Free memory when we leave wbinfo_dsgetdcname()
      s3:passdb: Don't leak memory on error in fetch_ldap_pw()
      s3:utils: Do not overflow the destination buffer in net_idmap_restore()
      s3:utils: Do not leak memory in new_user()
      s4:lib: Fix a possible fd leak in gp_get_file()
      s3:client: Avoid a possible fd leak in do_get()
      s3:libads: Fix memory leaks in ads_krb5_chg_password()
      s3:registry: Fix possible memory leak in _reg_perfcount_multi_sz_from_tdb()
      s3:winbind: Fix memory leak in nss_init()

Andrej Gessel (1):
      CVE-2018-1140 Add NULL check for ldb_dn_get_casefold() in ltdb_index_dn_attr()

Andrew Bartlett (7):
      autobuild: Test with and without building bundled popt
      CVE-2018-1139 libcli/auth: Add initial tests for ntlm_password_check()
      CVE-2018-1140 ldb: Check for ldb_dn_get_casefold() failure in ldb_sqlite
      CVE-2018-1140 ldb_tdb: Ensure the dn in distinguishedName= is valid before use
      CVE-2018-1140 ldb_tdb: Check for DN validity in add, rename and search
      CVE-2018-1140 ldb: Add tests for search add and rename with a bad dn= DN
      Release LDB 1.5.0 for CVE-2018-1140

Anoop C S (4):
      s3/locking: Fix assertion check on lock reference count
      s3/locking: Corrections and improvements to inline comments
      s3/libsmb: Explicitly set delete_on_close token for rmdir
      s4/torture: Add new test for DELETE_ON_CLOSE on non-empty directories

Björn Jacke (1):
      docs: mention that the echo handler is for SMB1 only

Christof Schmitt (1):
      selftest: Load time_audit and full_audit modules for all tests

David Disseldorp (8):
      s3: torture: adjust SMB1 cli_splice() test sizes
      dbwrap: determine basename once instead of three times
      docs/kerneloplocks: drop Irix references
      ctdb/build: link ctdb_mutex_ceph_rados_helper against ceph-common
      ctdb_mutex_ceph_rados_helper: use talloc destructor for cleanup
      ctdb_mutex_ceph_rados_helper: rename timer_ev to ppid_timer_ev
      ctdb_mutex_ceph_rados_helper: fix deadlock via lock renewals
      ctdb: add expiry test for ctdb_mutex_ceph_rados_helper

David Mulder (14):
      gpo: Fix asserts in gpo testing
      gpo: Disable python3 testing
      python: Allow forced signing via smb.SMB()
      gpo: Read GPO versions locally, not from sysvol
      gpo: Offline policy application via cache
      param: Add python binding for lpcfg_state_path
      gpo: add register_gp_extension for registering gp extensions
      gpo: add unregister_gp_extension for unregistering gp extensions
      gpo: add list_gp_extensions for listing registered gp extensions
      gpo: Tests for gp_ext register/unregister
      gpo: Dynamically load gp_exts
      gpo: Add user policy extensions
      gpo: Don't duplicate guids in the apply log
      gpo: Specify samba module when importing from gpclass

Douglas Bagnall (1):
      samba-tool drs showrepl tests: improve debugging for mystery error

Gary Lockyer (26):
      dns wildcards: tests to confirm BUG 13536
      dns wildcards: fix BUG 13536
      json: Modify API to use return codes
      json: Add unit tests for error handling
      dsdb audit logging: remove HAVE_JANSSON from audit_log
      dsdb group auditing: remove HAVE_JANSSON from group_audit
      dsdb group_audit_test: Remove redundant mocking code
      lib audit_logging: add _WARN_UNUSED_RESULT_
      lib ldb: Rename functions to ldb_kv
      lib ldb: fix formatting of ldb_kv rename.
      lib ldb: rename struct ltdb_reindex_context
      lib ldb: reformat ltdb_reindex_context rename
      lib ldb: rename ltdb_context to ldb_kv_context
      lib ldb: rename ltdb_req_spy to ldb_kv_req_spy
      lib ldb: format rename of ltdb_req_spy
      lib ldb: rename ltdb_private to ldb_kv_private
      lib ldb: format rename ldb_kv_private
      lib ldb: rename ltdb_cache to ldb_kv_cache
      lib ldb: rename tdb_key_ctx to key_ctx
      lib ldb: rename ltdb_idxptr to ldb_kv_idxptr
      lib ldb: remove unused function prototypes
      lib ldb: rename ltdb_parse_data_unpack_ctx
      lib ldb: move key value code to lib/ldb/ldb_key_value
      lib ldb: rename LTDB_* constants to LDB_KV_*
      lib ldb key value: convert TDB_DATA structs to ldb_val
      dns scavenging: Add extra tests for custom filter

Günther Deschner (5):
      s3-tldap: do not install test_tldap
      CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
      CVE-2018-1139 s3-utils: use enum ntlm_auth_level in ntlm_password_check().
      CVE-2018-1139 selftest: verify whether ntlmv1 can be used via SMB1 when it is disabled.
      CVE-2018-1139 libcli/auth: Do not allow ntlmv1 over SMB1 when it is disabled via "ntlm auth".

Jeremy Allison (9):
      s3: torture: Test SMB1 cli_splice() fallback path when doing a non-full file splice.
      s3: libsmbclient: Fix cli_splice() fallback when reading less than a complete file.
      s3: smbd: Fix Linux sendfile() for SMB2. Ensure we don't spin on EAGAIN.
      s3: smbd: Fix Solaris sendfile() for SMB2. Ensure we don't spin on EAGAIN.
      s3: smbd: Fix HPUX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
      s3: smbd: Fix FreeBSD sendfile() for SMB2. Ensure we don't spin on EAGAIN.
      s3: smbd: Fix AIX sendfile() for SMB2. Ensure we don't spin on EAGAIN.
      s3: smbd: SGI IRIX is officially dead. Remove the kernel oplock code for IRIX.
      s3: tests: smbclient. Regression test to ensure we get NT_STATUS_DIRECTORY_NOT_EMPTY on rmdir.

Joe Guo (1):
      samdb: use int for get and set methods instead of digit str

Justin Stephenson (4):
      s3:libads: Add net ads leave keep-account option
      s3:libads: Add net ads keep-account test
      Add net lookup options
      Shorten description in vfs_linux_xfs_sgid manual

Karolin Seeger (2):
      VERSION: Bump version up to 4.10.0pre1...
      WHATSNEW: Start release notes for Samba 4.10.

Martin Schwenke (24):
      ctdb-tests: Simplify pstree output in eventd unit tests
      ctdb-tests: Loosen match against pstree output in simple test
      ctdb-common: Fix compilation issue with strncpy()
      ctdb-protocol: Fix compilation issue with strncpy()
      ctdb-protocol: Add function ctdb_sock_addr_mask_from_string()
      ctdb-tools: Switch to using ctdb_sock_addr_mask_from_string()
      ctdb-daemon: Switch to using ctdb_sock_addr_mask_from_string()
      ctdb-common: Drop function parse_ip_mask() and supporting functions
      ctdb-common: Drop unused function mkdir_p_or_die()
      ctdb-tools: Improve portability by not using /bin/bash directly
      ctdb-tests: Improve portability by not using /bin/bash directly
      ctdb-tools: Avoid use of non-portable getopt in onnode
      ctdb-tests: Avoid use of non-portable getopt in run_tests.sh
      ctdb-tests: Avoid use of non-portable getopt in stubs
      ctdb-tests: Improve portability by not using mktemp --tmpdir option
      ctdb-tests: Switch some test stubs to use /bin/sh
      ctdb-docs: Replace obsolete reference to CTDB_DEBUG_HUNG_SCRIPT option
      ctdb-event: Fix "ctdb event status" usage message
      ctdb-common: Factor out basic script abstraction
      ctdb-common: Use script abstraction in run_event
      ctdb-event: Change event-tool script enable/disable to chmod file directly
      ctdb-event: Implement event tool "script list" command
      ctdb-docs: Update documentation for "ctdb event" command
      ctdb-doc: Provide an example script for migrating old configuration

Noel Power (35):
      python/samba/tests: Py2/Py3 allow import of ndr_(un)pack to work
      python/samba/tests: Py2/Py3 port for hexdump
      python/samba/emulate: Fix some more missed exception tuple assignments
      python/samba/tests: remove Py2 specific imports.
      lib/ldb: Implement a bytes derived object for attributes py2/py3
      s4/torture/drs/python: Py2/Py2 fix tab/space also incorrect unicode usage
      python/samba/netcmd: fix py2/py3 bytes usage for replace
      python/samba/netcmd: Protect variable that can be None
      python/samba/netcmd: Fix relative module import
      s4/librpc/ndr: allow GUID to accept unicode also
      s4/dsdb/tests/python: base64.b64encode returns bytes
      s4/torture/drs: ndr_upack needs bytes in py3 (samba4.drs.repl_move)
      s4/torture/drs/python: py2/py3 port map / ord usage
      python/samba: Add cmp_fn and cmp_to_key_fn functions for py2/py3
      s4/torture/drs/python: use cmp_fn and key=cmp_to_key_fn for py2/py3
      s4/torture/drs/python: use cmp_fn for cmp (for py2/py3 compat)
      s4/torture/drs/python: long is not used in py3
      s4/torture/drs/python: xrange -> range for py2/py3 compat
      s4/torure/drs/python: Fix incorrect use of unicode which doesn't exist in py3
      python/samba/tests: various py3 porting for ord/chr
      python/samba/kcc: md5 needs to be passed bytes in py3
      python/samba/netcmd: Fix wrong exception referenced in code
      s3/lib: Fix misleading typo in debug message
      s3/libsmb: Avoid potential smbpanic calling parse_user_quota_list.
      s3/smbd: Don't stat when doing a quota operation (as it's a fake file)
      librpc/idl Add some query [getset]info quota related structures
      s3/libsmb: adjust smb1 cli code to use idl structs and ndr push/pull funcs.
      s3/libsmb: adjust smb2 code for new idl structs & generated ndr push/pull funcs.
      s3/smbd: adjust smb1 server to use idl structs and generated ndr push/pull funcs
      s3/smbd: smb2 server implementation for query get/set info.
      s3/script/test: modify existing smbcquota test to use SMB2 in addition to SMB1.
      s3/script/tests: Add simple (smb1 & smb2) get/set/list tests for smbcquotas
      s3/smbd: allow set quota for non root user (when built with --enable-selftest)
      s3/utils: fix regression where specifying -Unetbios/root works
      s3/smbd: Ensure quota code is only called when quota support detected

Oleksandr Natalenko (1):
      systemd: Only start smb when network interfaces are up

Ralph Boehme (52):
      smbd: remove unused change_to_root_user() from brl_timeout_fn()
      tevent: fix CID 1437976 dereference before null check
      tevent: fix CID 1437974 dereference after null check
      s4: torture: run test_durable_v2_open_reopen2_lease() in a subdirectory
      s3: smbd: fix path check in smbd_smb2_create_durable_lease_check()
      pthreadpool: test cancelling and freeing pending pthreadpool_tevent jobs/pools
      configure: check for Linux specific unshare() with CLONE_FS
      pthreadpool: call unshare(CLONE_FS) if available
      pthreadpool: test cancelling and freeing jobs of a wrapped pthreadpool_tevent
      autobuild: add some basic tests for the all static build
      examples/VFS/skel_opaque: add missing audit_file_fn
      examples/VFS/skel_opaque: add missing durable handle functions
      examples/VFS/skel_transparent: add missing audit_file_fn
      examples/VFS/skel_transparent: add missing durable handle functions
      s3: lib/xattr_tdb: fix listing xattrs
      s4: libcli/smb2: calculate correct credit charge for finds
      s3: libsmb: use smb2cli_conn_max_trans_size() in cli_smb2_list()
      vfs_default: fix async fsync idle/busy time profiling
      s3: vfs: add missing tevent_req_received() to SMB_VFS_PREAD_RECV()
      s3: vfs: add missing tevent_req_received() to SMB_VFS_PWRITE_RECV()
      s3: vfs: add missing tevent_req_received() to SMB_VFS_FSYNC_RECV()
      s3: vfs: bump to version 39, Samba 4.9 will ship with that
      s3: vfs: bump to version 40, Samba 4.10 will ship with that
      pthreadpool: add a missing include
      smbd: rename sconn->pool to sconn->raw_thread_pool
      s3: vfs: add smb_vfs_ev_glue
      s3: vfs: add user_vfs_evg to connection_struct
      vfs_aio_pthread: use event context and threadpool from user_vfs_evg
      examples/VFS/skel_opaque: fix a likely a copy/paste error
      examples/VFS/skel_opaque: make vfs_fn_pointers static
      smbd: don't client->connections without checking client != NULL first in exit_server_common()
      vfs_default: implement SMB_VFS_GETXATTRAT_SEND/RECV
      vfs_xattr_tdb: implement SMB_VFS_GETXATTRAT_SEND/RECV
      smbd: split out public parse_dos_attribute_blob() from get_ea_dos_attribute()
      vfs_default: implement SMB_VFS_GET_DOS_ATTRIBUTES_SEND/RECV
      smbd: factor out dosmode post processing
      smbd: add dos_mode_at_send/recv()
      smbd: add "get_dosmode" argument to smbd_dirptr_lanman2_entry()
      smbd: pass get_dosmode to smbd_dirptr_get_entry()
      smbd: pass get_dosmode to mode_fn in smbd_dirptr_get_entry()
      smbd: rework error exit in smbd_dirptr_lanman2_entry()
      smbd: factor out smb2_query_directory_next_entry() from smbd_smb2_query_directory_send()
      smbd: fix a long line in smb2_query_directory_next_entry()
      smbd: deal with fsp->aio_requests in close_directory()
      smbd: let smbd_dirptr_lanman2_entry return smb_fname
      smbd: use async dos_mode_at_send in smbd_smb2_query_directory_send()
      s4: torture: test closing dir handle with in-flight find
      selftest: set "smbd:async dosmode = no" in the vfs_aio_pthread share
      selftest: run smbtorture3 SMB2-BASIC tests against additional shares

Ralph Wuerthner (1):
      s3: vfs: time_audit: fix handling of token_blob in smb_time_audit_offload_read_recv()

Richard Sharpe (1):
      Minor, really small, documentation fix.

Samuel Cabrero (1):
      ctdb_mutex_ceph_rados_helper: Set SIGINT signal handler

Stefan Metzmacher (74):
      smbd: add [un]become_guest() helper functions
      smbd: add smbd_impersonate_debug_create() helper
      smbd: add simple noop smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
      smbd: make use of smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
      smbd: implement smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers
      smbd: avoid explicit change_to_user() in defer_rename_done() already done by impersonation
      smbd: remove unused change_to_root_user() from smbd_sig_hup_handler()
      pthreadpool: correctly handle pthreadpool_tevent_register_ev() failures
      pthreadpool: use unsigned for num_idle, num_threads and max_threads
      pthreadpool: explicitly use max_thread=unlimited for pthreadpool_tevent_init() tests
      s3:messages: explicitly use max_thread=unlimited for pthreadpool_tevent_init() in messaging_dgm_init()
      pthreadpool: consitently use unlock_res for pthread_mutex_unlock() in pthreadpool_add_job()
      pthreadpool: use strict sync processing only with max_threads=0
      pthreadpool: use talloc_zero() in tests_cmocka.c setup_pthreadpool_tevent()
      pthreadpool: fix helgrind error in pthreadpool_free()
      pthreadpool: expand test_create() to check unlimited, sync and one thread pool
      pthreadpool: add pthreadpool_max_threads() and pthreadpool_queued_jobs() helpers
      pthreadpool: add pthreadpool_tevent_max_threads() and pthreadpool_tevent_queued_jobs()
      pthreadpool: add pthreadpool_cancel_job()
      pthreadpool: don't process further jobs when shutting down
      pthreadpool: split out a pthreadpool_stop() from pthreadpool_destroy()
      pthreadpool: let pthreadpool_tevent_job_send() fail with an invalid pool
      pthreadpool: split out pthreadpool_tevent_job from pthreadpool_tevent_job_state
      pthreadpool: add pthreadpool_tevent_job_cancel()
      pthreadpool: make use of pthreadpool_stop() in pthreadpool_tevent_destructor()
      pthreadpool: maintain a global list of orphaned pthreadpool_tevent_jobs
      pthreadpool: allocate glue->tctx on glue as memory context.
      librpc: add binding handle support for [smb1]
      s4:libcli: split out smb_raw_negotiate_fill_transport()
      s4:libcli: add smbcli_transport_raw_init()
      s4:libcli: use talloc_zero() for struct smb_composite_connect in fetchfile.c
      s4:libcli: allow passing an already negotiated connection to smb_composite_connect()
      s4:libcli: add smb2_transport_raw_init()
      s4:libcli: split out smb2_connect_session_start()
      s4:libcli: allow passing an already negotiated connection to smb2_connect_send()
      s4:libcli: add fallback_to_anonymous to smb2_connect_send()
      s4:libcli: allow a fallback to NTLMSSP if SPNEGO is not supported locally
      s4:libcli: add smb_connect_nego_{send,recv}()
      python/tests: use explicit "client ipc max protocol = NT1" for samba.tests.net_join_no_spnego
      s4:librpc: autonegotiate SMB1/2/3
      s3:selftest: run rpc.lsa.lookupsids also with explicit [smb1] and [smb2]
      tevent: use talloc_zero_size() for the private state in tevent_context_wrapper_create()
      pthreadpool: make sure a pthreadpool is marked as stopped in child processes
      pthreadpool: test pthreadpool_tevent_max_threads() returns the expected result
      pthreadpool: replace assert_return_code(ret, 0); with assert_int_equal(ret, 0);
      lib/replace: check for __thread support
      third_party/*_wrapper/wscript: remove redundant configure checks
      replace: add checks for atomic_thread_fence(memory_order_seq_cst) and add possible fallbacks
      pthreadpool: add some lockless coordination between the main and job threads
      s3:wscript: don't check for valgrind related headers twice
      lib/replace: also check for valgrind/helgrind.h
      pthreadpool: add helgrind magic to PTHREAD_TEVENT_JOB_THREAD_FENCE_*()
      pthreadpool: maintain a list of job_states on each pthreadpool_tevent_glue
      pthreadpool: add a comment about a further optimization in pthreadpool_tevent_job_destructor()
      pthreadpool: add pthreadpool_tevent_[current_job_]per_thread_cwd()
      pthreadpool: add tests for pthreadpool_tevent_[current_job_]per_thread_cwd()
      pthreadpool: add pthreadpool_restart_check[_monitor_{fd,drain}]()
      pthreadpool: implement pthreadpool_tevent_wrapper_create() infrastructure
      s3:util_sec: add a cache to set_thread_credentials()
      examples/VFS/skel_opaque: call smb_vfs_assert_all_fns()
      examples/VFS/skel_transparent: call smb_vfs_assert_all_fns()
      vfs_default: call smb_vfs_assert_all_fns()
      smbd: only pass struct smbXsrv_client to smb1srv_tcon_disconnect_all()
      smbd: only pass struct smbXsrv_client to smbXsrv_session_logoff_all()
      smbd: disconnect/destroy all connections before calling smbXsrv_session_logoff_all()
      smbd: add missing DO_PROFILE_INC(disconnect) to smbd_server_connection_terminate_ex()
      smbd: introduce sconn->sync_thread_pool
      s3:modules: add vfs_not_implemented module
      examples/VFS/skel_transparent: make vfs_fn_pointers static
      ldb_mdb: #ifdef EBADE as it is not portable
      pthreadpool: we need to use pthreadpool_tevent_per_thread_cwd() on the callers pool
      pthreadpool: ignore the return value of poll(NULL, 0UL, 1)
      pthreadpool: reset monitor_fd after calling tevent_fd_set_auto_close()
      smb2_query_directory: make 'return true' explicit in smb2_query_directory_next_entry()

Swen Schillig (1):
      ctdb: remove queue destructor as it isn't needed anymore

Tim Beale (2):
      netcmd: Improve domain backup targetdir checks
      tests: New offline backup tests with tweaks to old online classes

Volker Lendecke (23):
      kcc: Fix the 32-bit build
      dsdb: Fix the 32-bit build
      lib: Remove an #include "includes.h"
      lib: Remove an #include "includes.h"
      lib: Fix prototype of srprs_str
      nsswitch: Remove IRIX support
      nsswitch: Make two functions static
      nsswitch: Correct users of "ctx->is_privileged"
      winbind: Align integer types
      winbind: Move variable declarations close to their use
      idmap: Make pointer initialization explicit
      popt: popt 1.16 needs -liconv
      smbd: Pass "share_mode_data" to share_entry_forall callback
      smbstatus: Use share_mode_data->leases
      smbd: Remove "share_mode_entry->lease"
      ctdb: Fix a cut&paste error
      smbd: Align integer types
      smbd: Fix CID 1438246 Unchecked return value
      smbd: Fix CID 1438245 Dereference before null check
      libsmb: Fix CID 1438244 Unsigned compared against 0
      libsmb: Fix CID 1438243 Unchecked return value
      g_lock: Avoid a double call to serverid_exist
      g_lock: Simplify g_lock_trylock


Samba Shared Repository

More information about the samba-cvs mailing list