[SCM] Samba Shared Repository - branch v4-9-stable updated
Karolin Seeger
kseeger at samba.org
Tue Jul 2 10:11:27 UTC 2019
The branch, v4-9-stable has been updated
via 4cea44ba0a2 VERSION: Disable GIT_SNAPSHOT for the 4.9.10 release.
via 75872ddde11 WHATSNEW: Add release notes for Samba 4.9.10.
via 38d6dd6ae9f python/ntacls: use correct "state directory" smb.conf option instead of "state dir"
via da0d67b29bf docs: Document DCEPRC binding string for rpcclient
via 3cd4642014b s3:mdssvc: fix flex compilation error
via 44b5168845e ctdb-scripts: Fix tcp_tw_recycle existence check
via 575739df9fd docs: Improve documentation of "lanman auth" and "ntlm auth" connection
via 684d772e0e1 vfs_fruit: remove a now unnecessary include
via 7ae1667bda9 vfs_fruit: use VFS functions in ad_read_rsrc_adouble()
via 1a8dffceff4 vfs_fruit: use fsp and remove syscalls from ad_convert_blank_rfork()
via afc88153675 vfs_fruit: use VFS function in ad_convert_truncate()
via 14048aaf176 vfs_fruit: add VFS handle to ad_convert_truncate()
via 015586a4227 vfs_fruit: use fsp and remove mmap in ad_convert_xattr()
via 42e6d4d4b5e vfs_fruit: remove use of mmap() from ad_convert_move_reso()
via e21d880614c vfs_fruit: convert ad_open_rsrc() to open a proper fsp with SMB_VFS_CREATE_FILE()
via b10eabed24d vfs_fruit: only do cross protocol locking on non-internal opens
via 645836ff20a vfs_fruit: remove a layer of indirection
via 06bd78910ec vfs_fruit: pass VFS handle to ad_convert_move_reso()
via e8cecc86ab5 vfs_fruit: remove xattr code from the AppleDouble subsystem
via 76074dded7d vfs_fruit: remove now unused AppleDouble code for resource fork in xattr
via b24bac64570 vfs_fruit: use stream code for resource fork size calculation in readdir_attr_rfork_size()
via 561d52f89a6 vfs_fruit: use correct case FRUIT_RSRC_STREAM in readdir_attr_rfork_size()
via c2c6377ebf8 vfs_fruit: ignore AppleDouble files in fruit_unlink()
via 1542bb051be vfs_fruit: add a missing else
via 18c45bb3440 vfs_fruit: add and use is_adouble_file()
via c3676d8d42b vfs_fruit: finally, remove ad_handle from struct adouble
via 20e66673c39 vfs_fruit: pass handle to ad_convert_delete_adfile()
via fbc0501bed0 vfs_fruit: pass handle to ad_convert_finderinfo()
via b50f2ad9919 vfs_fruit: pass handle to ad_convert_blank_rfork()
via 1efc046ceff vfs_fruit: pass handle to ad_convert_xattr()
via b5275f407f6 vfs_fruit: indentation fix
via f30219176ae vfs_fruit: pass handle to ad_read_rsrc() and all the way down
via 5975a4a8dfd vfs_fruit: use proper VFS function in ad_read_meta()
via 9ae195e4bd8 vfs_fruit: indentation fix
via b4c6efa3ebd vfs_fruit: pass handle to ad_read_meta()
via c99c7f2a641 vfs_fruit: pass handle to ad_read()
via 7ece266411a vfs_fruit: pass handle to ad_set()
via f94d0095e8a vfs_fruit: pass handle to ad_fset()
via 79beb172cc6 s3:auth: explicitly add BUILTIN\Guests to the guest token
via 15fa6919b8a tests: add a test for guest authentication
via 36641f70d05 selftest: allow guest login in the ad_member_idmap_rid env
via 1cc8068e196 s3:smbd: call reinit_guest_session_info() in the conf updated handler
via 71c33811c82 s3:auth: add reinit_guest_session_info()
via 29e402f583b dsdb:audit_log: avoid printing "... remote host [Unknown] SID [(NULL SID)] ..."
via 11b1f405ee9 ldap server: generate correct referral schemes
via 670b864e908 ldap tests: test scheme for referrals
via 2cde1306169 s4 dsdb: fix use after free in samldb_rename_search_base_callback
via 936a71bfe0e s3/vfs_glusterfs_fuse: Avoid using NAME_MAX directly
via 3136b31e957 s3/vfs_glusterfs: Avoid using NAME_MAX directly
via dba38ed369b Revert "s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX"
via 3b1ccbfc0ce Revert "s3/vfs_glusterfs: Dynamically determine NAME_MAX"
via 2a7e6eb8b1d dsdb/repl: we need to replicate the whole schema before we can apply it
via 414261f3785 VERSION: Bump version up to 4.9.10.
via 01f22365af9 Merge tag 'samba-4.9.9' into v4-9-test
via 8b1dfd9b172 vfs_fruit: change trigger points of AppleDouble conversion
via 267e70cb0d0 vfs_fruit: add a forward declaration for ad_get()
via 77655c65737 selftest: run vfs.fruit test against a share that deletes empty resource forks
via 45de537de14 s4:torture/vfs/fruit: ensure test_adouble_conversion_wo_xattr() uses a non-emtpy resourcefork
via 22170e79bc4 s4:torture/vfs/fruit: ensure test_adouble_conversion() uses a non-emtpy resourcefork
via 341fcacfc01 registry: add a missing include
via dada63ccaee docs: dfree command. Correct usage of dfree scripts.
via fce8502f381 lib: util: Finally remove possibilities of using sys_popen() unsafely.
via eb7091a23b8 s3: lib: Rename all uses of file_pload_XXX -> file_ploadv_XXX.
via 5887de472e5 s3: lib: Remove file_pload_send().
via 0dfd513f988 s3: winbind: Convert idmap to use file_ploadv_send().
via 19583f44bb4 s3: lib: Add file_ploadv_send().
via 54085531b9f lib: util: Remove file_pload()
via cda1eaa2a79 s3: lib: Remove file_lines_pload().
via e6e29b35aea s3: smbd: Convert sysquotas.c code to use file_lines_ploadv().
via 7115964b888 s3: smbd: Convert print_svid code to use file_lines_ploadv().
via 0fc087b8560 s3: smbd: Convert dfree code to use file_lines_ploadv().
via f8655271e71 s3: lib: util: Add file_lines_ploadv().
via ce85a7b6ad2 lib: util: Add file_ploadv().
via 1ea4976a0a9 lib: popen: Prepare to remove sys_popen().
via ecd28164948 s3:util: Move static file_pload() function to lib/util
via fefd249619b s3:util: Move popen wrappers to lib/util
via bd5116558ff smbd: Fix a panic
via 42f881dd035 smbtorture: Add a test to make smbd panic
via 2b04a3c3e6f smbd: Enable "smbd:suicide mode" for smb2
via bb00dd66c3e s3: winbind: Fix crash when invoking winbind idmap scripts.
via fcf4e66b013 s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary
via 429a0c69d82 s4 dsdb/repl_meta_data: fix use after free in dsdb_audit_add_ldb_value
via 72e89a5d9df s4 dsdb/repl_meta_data: allocate new extended DNs during ADD on a better context
via 77de9567d92 python/ntacls: we only need security.SEC_STD_READ_CONTROL in order to get the ACL
via 5a96c91de86 dsdb:samdb: schemainfo update with relax control
via 2434353a69d python/provision: use provision and relax controls for schema provision
via cea297403d9 s4:provision: split out provision_self_join_modify_schema.ldif
via 54d9a475367 ldapcmp: ignore 'schemaInfo' if two domains are compared
via 57923ced055 drsuapi.idl: add DRSUAPI_ATTID_schemaInfo
via 8b523259855 ctdb-common: Fix memory leak in run_proc
via 54199785376 ctdb-common: Fix memory leak
via 76c7302105c ctdb-recoverd: Fix memory leak
via f81a971cc29 vfs_ceph: fix cephwrap_flistxattr() debug message
via e1522725b0f s3:smbspool: Fix regression printing with Kerberos credentials
via e3dd029dfad s3: SMB1: Don't allow recvfile on stream fsp's.
via 1e9e531a585 s3:smbd: don't use recvfile on streams
via f8eb314bcda s3:utils: If share is NULL in smbcacls, don't print it
via c98a190ff88 s3:utils: If share is NULL in smbcquotas, don't print it
via ca9e386a59e s3:winbindd: Do not free db_path in idmap_tdb2 before we printed it
via 925871f5808 ctdb:common: Do not print NULL if we don't get a sockpath
via f00cb3c1824 s4:torture: Do not free full_name before we printed it
via 637b3b1a3da lib:torture: Fix string comparison macros where we directly pass NULL
via 1f14d55f45e s4:torture: Do not print NULL strings we just checked before
via 9fda18d7707 s4:ntvfs: Do not free eadb before we printed an error
via 541a98bc843 s3:rpc_server: Do not free the tdbname before we printed it
via 2ec15697375 s4:auth: Fix debug statement in gensec_gssapi
via 1c2c081f439 ctdb-daemon: Never use 0 as a client ID
via 24d70220b28 ctdb-tests: Fix logic error in simple ctdb reloadips test
via 9f679ba14d5 ctdb-tests: Make ctdb reloadips tests more reliable
via 0ffba5145c8 ctdb-tests: Capture output in $out on failure as well
via 1eb5d2e4fc2 ctdb-tests: Don't clean up test var directory in autotest target
via 15e5d62b3d9 ctdb-tests: Fix usage message
via 814471f46e8 ctdb-tests: Wait to allow database attach/detach to take effect
via 3f104bd0db2 ctdb-tests: Avoid bulk output in $out, prefer $outfile
via b594f5161dd ctdb-tests: Make try_command_on_node less error-prone
via 7c97bc83284 ctdb-tests: Change sanity_check_output() to internally use $out
via 30b5d837d5d ctdb-tests: Extend test to cover ctdb rddumpmemory
via 08e229df43e ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL
via 7db0d1a7646 smbd: implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling
via ffb6fb90f69 s4:torture/smb2: add smb2.getinfo.normalized test
via d2c87ba602b s4:libcli/raw: add RAW_FILEINFO_NORMALIZED_NAME_INFORMATION support
via e8a1f4c233b smbd: allow case insensitive opens of named streams
via b23a436e0cc s4:torture/smb2: add smb2.stream.names3 test
via 9f4cc1ff94e s3: modules: ceph: use current working directory instead of share path
via 9348090b5e2 s3:debug: enable logging for early startup failures
via adc1277e392 s3:debug: adjust indention
via dea9042b2e2 s3:debug: use struct initializer
via 2e2b539d83a debug: add a call to debug_parse_levels() to reopen_logs()
via cd5fbcc9d4d debug: add an empty line
via e7b1794cefa winbind: Fix overlapping id ranges
via ac678f27dff selftest: Add trusted domain tests for idmap_ad
via c1b0fb91caf selftest: Pass trusted domain information to idmap_ad test
via 4cf06197d2a selftest: Add idmap configuration for trusted domain for idmap_ad
via f807c76db1e selftest: Make trusted domain information available for idmap_ad environment
via dcbffbb3084 selftest: Use fl2008r2dc for ad_member_idmap_ad
via 0861417bf9d selftest: Add gid-to-sid lookup to idmap_ad test
via d4d41f0d20d lib util debug: Increase format buffer to 4KiB
via bba9f065003 pytests/dns: use 2.6 compatible syntax
via 03a91bf0a15 winbind: Use domain name from lsa query for sid_to_name cache entry
via b3876c300b3 winbind: Return queried domain name from name_to_sid
via b5c442b76c4 winbind: Query domain from winbind sam_name_to_sid
via ef63526b322 winbind: Query domain from winbind rpc name_to_sid
via cc3ca17a7b9 winbind: Query domain from msrpc name_to_sid
via d012a7e875b nsswitch: Add testcase for checking output of wbinfo --sid-to-name
via a9f7f1f7433 VERSION: Bump version up to 4.9.9.
via d1c15c26703 Merge tag 'samba-4.9.8' into v4-9-test
via 86de3470b4c VERSION: Bump version up to 4.9.8...
from e6e7c8cada4 VERSION: Disable GIT_SNAPSHOT for the 4.9.9 release
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-9-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 129 +++-
ctdb/common/event_script.c | 3 +-
ctdb/common/run_proc.c | 7 +-
ctdb/common/sock_daemon.c | 2 +-
ctdb/config/nfs-linux-kernel-callout | 4 +-
ctdb/server/ctdb_daemon.c | 48 +-
ctdb/server/ctdb_recoverd.c | 2 +-
ctdb/tests/complex/11_ctdb_delip_removes_ip.sh | 10 +-
ctdb/tests/complex/18_ctdb_reloadips.sh | 43 +-
ctdb/tests/complex/32_cifs_tickle.sh | 8 -
ctdb/tests/complex/36_smb_reset_server.sh | 12 +-
ctdb/tests/complex/37_nfs_reset_server.sh | 4 +-
ctdb/tests/complex/60_rogueip_releaseip.sh | 2 +-
ctdb/tests/complex/scripts/local.bash | 5 +-
ctdb/tests/run_tests.sh | 2 +-
ctdb/tests/scripts/integration.bash | 71 +--
ctdb/tests/simple/02_ctdb_listvars.sh | 3 +-
ctdb/tests/simple/03_ctdb_getvar.sh | 3 +-
ctdb/tests/simple/05_ctdb_listnodes.sh | 5 +-
ctdb/tests/simple/08_ctdb_isnotrecmaster.sh | 10 +-
ctdb/tests/simple/09_ctdb_ping.sh | 6 +-
ctdb/tests/simple/11_ctdb_ip.sh | 27 +-
ctdb/tests/simple/12_ctdb_getdebug.sh | 3 +-
ctdb/tests/simple/14_ctdb_statistics.sh | 2 +-
ctdb/tests/simple/15_ctdb_statisticsreset.sh | 21 +-
ctdb/tests/simple/18_ctdb_reloadips.sh | 70 ++-
ctdb/tests/simple/19_ip_takeover_noop.sh | 4 +-
ctdb/tests/simple/20_delip_iface_gc.sh | 10 +-
ctdb/tests/simple/21_ctdb_attach.sh | 49 +-
ctdb/tests/simple/23_ctdb_moveip.sh | 25 +-
ctdb/tests/simple/24_ctdb_getdbmap.sh | 10 +-
ctdb/tests/simple/25_dumpmemory.sh | 9 +-
..._ctdb_config_check_error_on_unreachable_ctdb.sh | 6 +-
ctdb/tests/simple/27_ctdb_detach.sh | 71 ++-
ctdb/tests/simple/35_ctdb_getreclock.sh | 2 +-
ctdb/tests/simple/51_message_ring.sh | 14 +-
ctdb/tests/simple/52_fetch_ring.sh | 14 +-
ctdb/tests/simple/53_transaction_loop.sh | 4 +-
ctdb/tests/simple/54_transaction_loop_recovery.sh | 4 +-
ctdb/tests/simple/55_ctdb_ptrans.sh | 12 +-
.../simple/56_replicated_transaction_recovery.sh | 4 +-
ctdb/tests/simple/58_ctdb_restoredb.sh | 8 +-
ctdb/tests/simple/69_recovery_resurrect_deleted.sh | 10 +-
ctdb/tests/simple/70_recoverpdbbyseqnum.sh | 4 +-
ctdb/tests/simple/71_ctdb_wipedb.sh | 4 +-
ctdb/tests/simple/72_update_record_persistent.sh | 4 +-
ctdb/tests/simple/75_readonly_records_basic.sh | 24 +-
ctdb/tests/simple/77_ctdb_db_recovery.sh | 6 +-
ctdb/tests/simple/79_volatile_db_traverse.sh | 4 +-
ctdb/tests/simple/80_ctdb_traverse.sh | 2 +-
ctdb/tests/simple/81_tunnel_ring.sh | 14 +-
ctdb/tests/simple/90_debug_hung_script.sh | 6 +-
ctdb/tools/ctdb.c | 10 +-
ctdb/wscript | 2 +-
docs-xml/manpages/rpcclient.1.xml | 74 ++-
docs-xml/smbdotconf/misc/dfreecommand.xml | 6 +-
docs-xml/smbdotconf/security/lanmanauth.xml | 14 +-
docs-xml/smbdotconf/security/ntlmauth.xml | 9 +-
lib/ldb/include/ldb_module.h | 5 +
lib/torture/torture.h | 8 +-
lib/util/debug.c | 2 +-
lib/util/debug_s3.c | 46 +-
lib/util/samba_util.h | 5 +
{source3/lib => lib/util}/sys_popen.c | 106 +---
{source3/lib => lib/util}/sys_popen.h | 2 +-
lib/util/util_file.c | 48 ++
lib/util/wscript_build | 4 +-
librpc/binding-strings.txt | 53 +-
librpc/idl/drsuapi.idl | 1 +
nsswitch/tests/test_idmap_ad.sh | 137 +++-
nsswitch/tests/test_wbinfo_name_lookup.sh | 15 +
python/samba/netcmd/ldapcmp.py | 2 +-
python/samba/ntacls.py | 6 +-
python/samba/provision/__init__.py | 24 +-
python/samba/tests/dns.py | 2 +-
python/samba/tests/ldap_referrals.py | 91 +++
selftest/knownfail | 1 +
selftest/target/Samba3.pm | 12 +-
source3/auth/auth_util.c | 26 +
source3/auth/proto.h | 1 +
source3/client/smbspool.c | 2 +-
source3/lib/sysquotas.c | 126 +++-
source3/lib/util_file.c | 94 +--
source3/lib/util_file.h | 10 +-
source3/modules/vfs_ceph.c | 9 +-
source3/modules/vfs_fruit.c | 550 ++++++++--------
source3/modules/vfs_glusterfs.c | 41 +-
source3/modules/vfs_glusterfs_fuse.c | 34 +-
source3/param/loadparm.c | 38 +-
source3/printing/print_svid.c | 29 +-
source3/registry/tests/test_regfio.c | 1 +
source3/rpc_server/eventlog/srv_eventlog_nt.c | 4 +-
source3/rpc_server/mdssvc/sparql_lexer.l | 12 +-
source3/script/tests/test_guest_auth.sh | 103 +++
source3/selftest/tests.py | 8 +-
source3/smbd/dfree.c | 35 +-
source3/smbd/filename.c | 72 ++-
source3/smbd/open.c | 13 +-
source3/smbd/reply.c | 4 +
source3/smbd/server.c | 6 +
source3/smbd/smb2_getinfo.c | 9 +
source3/smbd/smb2_server.c | 15 +
source3/smbd/trans2.c | 57 ++
source3/utils/smbcacls.c | 4 +-
source3/utils/smbcquotas.c | 4 +-
source3/winbindd/idmap_script.c | 77 ++-
source3/winbindd/idmap_tdb2.c | 26 +-
source3/winbindd/wb_xids2sids.c | 12 +-
source3/winbindd/winbindd.h | 1 +
source3/winbindd/winbindd_ads.c | 3 +-
source3/winbindd/winbindd_cache.c | 5 +-
source3/winbindd/winbindd_msrpc.c | 15 +-
source3/winbindd/winbindd_reconnect.c | 5 +-
source3/winbindd/winbindd_reconnect_ads.c | 5 +-
source3/winbindd/winbindd_rpc.c | 15 +-
source3/winbindd/winbindd_rpc.h | 1 +
source3/winbindd/winbindd_samr.c | 11 +
source3/wscript_build | 1 -
source4/auth/gensec/gensec_gssapi.c | 9 +-
source4/dsdb/repl/drepl_out_helpers.c | 174 +++++-
source4/dsdb/samdb/ldb_modules/audit_log.c | 4 +-
source4/dsdb/samdb/ldb_modules/partition.c | 16 +-
source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 38 +-
source4/dsdb/samdb/ldb_modules/samldb.c | 3 +-
source4/ldap_server/ldap_backend.c | 18 +
source4/ldap_server/ldap_server.c | 1 +
source4/ldap_server/ldap_server.h | 6 +
source4/libcli/raw/interfaces.h | 16 +-
source4/libcli/raw/rawfileinfo.c | 11 +
source4/libcli/raw/trans2.h | 1 +
source4/ntvfs/ntvfs_generic.c | 2 +
source4/ntvfs/posix/pvfs_qfileinfo.c | 2 +
source4/ntvfs/posix/vfs_posix.c | 2 +-
source4/selftest/tests.py | 9 +
.../setup/provision_self_join_modify_config.ldif | 5 -
.../setup/provision_self_join_modify_schema.ldif | 4 +
source4/torture/gentest.c | 4 +
source4/torture/rpc/drsuapi_cracknames.c | 8 +-
source4/torture/smb2/getinfo.c | 311 ++++++++++
source4/torture/smb2/oplock.c | 75 +++
source4/torture/smb2/streams.c | 115 ++++
source4/torture/vfs/fruit.c | 688 ++++++++++++++++++++-
143 files changed, 3472 insertions(+), 1047 deletions(-)
rename {source3/lib => lib/util}/sys_popen.c (64%)
rename {source3/lib => lib/util}/sys_popen.h (95%)
create mode 100644 python/samba/tests/ldap_referrals.py
create mode 100755 source3/script/tests/test_guest_auth.sh
create mode 100644 source4/setup/provision_self_join_modify_schema.ldif
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 62d75c7cb9a..e6177d7a239 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=9
-SAMBA_VERSION_RELEASE=9
+SAMBA_VERSION_RELEASE=10
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a053735f6e9..b313ef80b35 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,128 @@
+ ==============================
+ Release Notes for Samba 4.9.10
+ July 02, 2019
+ ==============================
+
+
+This is the latest stable release of the Samba 4.9 release series.
+
+
+Changes since 4.9.9:
+--------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 13938: s3: SMB1: Don't allow recvfile on stream fsp's.
+ * BUG 13956: s3: winbind: Fix crash when invoking winbind idmap scripts.
+ * BUG 13964: smbd does not correctly parse arguments passed to dfree and
+ quota scripts.
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 13981: docs: Improve documentation of "lanman auth" and "ntlm auth"
+ connection.
+
+o Björn Baumbach <bb at sernet.de>
+ * BUG 14002: python/ntacls: Use correct "state directory" smb.conf option
+ instead of "state dir".
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 13840: registry: Add a missing include.
+ * BUG 13938: s3:smbd: Don't use recvfile on streams.
+ * BUG 13944: SMB guest authentication may fail.
+ * BUG 13958: AppleDouble conversion breaks Resourceforks.
+ * BUG 13964: s3: lib: Rename all uses of file_pload_XXX -> file_ploadv_XXX.
+ * BUG 13968: vfs_fruit makes direct use of syscalls like mmap() and pread().
+ * BUG 13987: s3:mdssvc: Fix flex compilation error.
+
+o Günther Deschner <gd at samba.org>
+ * BUG 13872: s3/vfs_glusterfs[_fuse]: Avoid using NAME_MAX directly.
+
+o David Disseldorp <ddiss at samba.org>
+ * BUG 13940: vfs_ceph: Fix cephwrap_flistxattr() debug message.
+
+o Aaron Haslett <aaronhaslett at catalyst.net.nz>
+ * BUG 13799: dsdb:samdb: Schemainfo update with relax control.
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 13943: ctdb-common: Fix memory leak in run_proc.
+
+o Aliaksei Karaliou <akaraliou at panasas.com>
+ * BUG 13964: smbd does not correctly parse arguments passed to dfree and
+ quota scripts.
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 13903: winbind: Fix overlapping id ranges.
+ * BUG 13957: smbd: Fix a panic.
+
+o Gary Lockyer <gary at catalyst.net.nz>
+ * BUG 12478: ldap server: Generate correct referral schemes.
+ * BUG 13902: lib util debug: Increase format buffer to 4KiB.
+ * BUG 13941: Fix use after free detected by AddressSanitizer.
+ * BUG 13942: s4 dsdb: Fix use after free in
+ samldb_rename_search_base_callback.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 12204: Samba fails to replicate schema 69.
+ * BUG 13713: Schema replication fails if link crosses chunk boundary
+ backwards.
+ * BUG 13799: 'samba-tool domain schemaupgrade' uses relax control and skips
+ the schemaInfo update.
+ * BUG 13916: dsdb:audit_log: avoid printing "... remote host [Unknown] SID
+ [(NULL SID)] ...".
+ * BUG 13917: python/ntacls: We only need security.SEC_STD_READ_CONTROL in
+ order to get the ACL.
+ * BUG 13919: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
+
+o Shyamsunder Rathi <shyam.rathi at nutanix.com>
+ * BUG 13947: s3:loadparm: Ensure to truncate FS Volume Label at multibyte
+ boundary.
+
+o Robert Sander <r.sander at heinlein-support.de>
+ * BUG 13918: s3: modules: ceph: Use current working directory instead of
+ share path.
+
+o Christof Schmitt <cs at samba.org>
+ * BUG 13831: Fix inconsistent output from wbinfo --sid-to-name depending on
+ cache state.
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 13937: Fix several issues detected by GCC 9.
+ * BUG 13939: s3:smbspool: Fix regression printing with Kerberos credentials.
+
+o Martin Schwenke <martin at meltin.net>
+ * BUG 13923: ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL.
+ * BUG 13930: ctdb-daemon: Never use 0 as a client ID.
+ * BUG 13943: ctdb-common: Fix memory leak.
+
+o Rafael David Tinoco <rafaeldtinoco at ubuntu.com>
+ * BUG 13984: ctdb-scripts: Fix tcp_tw_recycle existence check.
+
+o Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
+ * BUG 13904: Log early startup failures.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
=============================
Release Notes for Samba 4.9.9
June 19, 2019
@@ -48,8 +173,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.9.8
diff --git a/ctdb/common/event_script.c b/ctdb/common/event_script.c
index 8978d1452c0..8bdfdd0b5ca 100644
--- a/ctdb/common/event_script.c
+++ b/ctdb/common/event_script.c
@@ -117,7 +117,8 @@ int event_script_get_list(TALLOC_CTX *mem_ctx,
}
*out = script_list;
- return 0;
+ ret = 0;
+ goto done;
nomem:
ret = ENOMEM;
diff --git a/ctdb/common/run_proc.c b/ctdb/common/run_proc.c
index 037b6d9651d..0c3c1de72fe 100644
--- a/ctdb/common/run_proc.c
+++ b/ctdb/common/run_proc.c
@@ -302,13 +302,15 @@ again:
proc->fd = -1;
}
+ DLIST_REMOVE(run_ctx->plist, proc);
+
/* Active run_proc request */
if (proc->req != NULL) {
run_proc_done(proc->req);
+ } else {
+ talloc_free(proc);
}
- DLIST_REMOVE(run_ctx->plist, proc);
-
goto again;
}
@@ -426,6 +428,7 @@ static void run_proc_done(struct tevent_req *req)
if (state->proc->output != NULL) {
state->output = talloc_steal(state, state->proc->output);
}
+ talloc_steal(state, state->proc);
tevent_req_done(req);
}
diff --git a/ctdb/common/sock_daemon.c b/ctdb/common/sock_daemon.c
index e5e16f8af12..6298653f4ec 100644
--- a/ctdb/common/sock_daemon.c
+++ b/ctdb/common/sock_daemon.c
@@ -893,7 +893,7 @@ static void sock_daemon_run_socket_fail(struct tevent_req *subreq)
subreq, struct tevent_req);
struct sock_daemon_run_state *state = tevent_req_data(
req, struct sock_daemon_run_state);
- const char *sockpath = NULL;
+ const char *sockpath = "INVALID";
int ret = 0;
bool status;
diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout
index 3d1dc63c590..12ed17c6d9e 100755
--- a/ctdb/config/nfs-linux-kernel-callout
+++ b/ctdb/config/nfs-linux-kernel-callout
@@ -281,8 +281,8 @@ nfs_startup ()
basic_stop "nfs" || true
basic_start "nfs"
_f="${PROCFS_PATH}/sys/net/ipv4/tcp_tw_recycle"
- if [ "$_f" ] ; then
- echo 1 >"$_f"
+ if [ -f "$_f" ] ; then
+ echo 1 >"$_f"
fi
}
diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c
index 8247859f9b5..ca98be6a100 100644
--- a/ctdb/server/ctdb_daemon.c
+++ b/ctdb/server/ctdb_daemon.c
@@ -928,6 +928,44 @@ static int ctdb_clientpid_destructor(struct ctdb_client_pid_list *client_pid)
return 0;
}
+static int get_new_client_id(struct reqid_context *idr,
+ struct ctdb_client *client,
+ uint32_t *out)
+{
+ uint32_t client_id;
+
+ client_id = reqid_new(idr, client);
+ /*
+ * Some places in the code (e.g. ctdb_control_db_attach(),
+ * ctdb_control_db_detach()) assign a special meaning to
+ * client_id 0. The assumption is that if client_id is 0 then
+ * the control has come from another daemon. Therefore, we
+ * should never return client_id == 0.
+ */
+ if (client_id == 0) {
+ /*
+ * Don't leak ID 0. This is safe because the ID keeps
+ * increasing. A test will be added to ensure that
+ * this doesn't change.
+ */
+ reqid_remove(idr, 0);
+
+ client_id = reqid_new(idr, client);
+ }
+
+ if (client_id == REQID_INVALID) {
+ return EINVAL;
+ }
+
+ if (client_id == 0) {
+ /* Every other ID must have been used and we can't use 0 */
+ reqid_remove(idr, 0);
+ return EINVAL;
+ }
+
+ *out = client_id;
+ return 0;
+}
static void ctdb_accept_client(struct tevent_context *ev,
struct tevent_fd *fde, uint16_t flags,
@@ -971,7 +1009,15 @@ static void ctdb_accept_client(struct tevent_context *ev,
client->ctdb = ctdb;
client->fd = fd;
- client->client_id = reqid_new(ctdb->idr, client);
+
+ ret = get_new_client_id(ctdb->idr, client, &client->client_id);
+ if (ret != 0) {
+ DBG_ERR("Unable to get client ID (%d)\n", ret);
+ close(fd);
+ talloc_free(client);
+ return;
+ }
+
client->pid = peer_pid;
client_pid = talloc(client, struct ctdb_client_pid_list);
diff --git a/ctdb/server/ctdb_recoverd.c b/ctdb/server/ctdb_recoverd.c
index 469fd21b463..88ef3b1c5a0 100644
--- a/ctdb/server/ctdb_recoverd.c
+++ b/ctdb/server/ctdb_recoverd.c
@@ -1135,7 +1135,7 @@ static int helper_run(struct ctdb_recoverd *rec, TALLOC_CTX *mem_ctx,
state->done = false;
- fde = tevent_add_fd(rec->ctdb->ev, rec->ctdb, state->fd[0],
+ fde = tevent_add_fd(rec->ctdb->ev, state, state->fd[0],
TEVENT_FD_READ, helper_handler, state);
if (fde == NULL) {
goto fail;
diff --git a/ctdb/tests/complex/11_ctdb_delip_removes_ip.sh b/ctdb/tests/complex/11_ctdb_delip_removes_ip.sh
index d6a3b3c04ff..a41be09eab1 100755
--- a/ctdb/tests/complex/11_ctdb_delip_removes_ip.sh
+++ b/ctdb/tests/complex/11_ctdb_delip_removes_ip.sh
@@ -25,8 +25,8 @@ ctdb_restart_when_done
select_test_node_and_ips
get_test_ip_mask_and_iface
-echo "Checking that node ${test_node} hosts ${test_ip} on interface ${iface}..."
-try_command_on_node $test_node "ip addr show dev $iface | grep -E 'inet6?[[:space:]]*${test_ip}/'"
+echo "Checking that node ${test_node} hosts ${test_ip}..."
+try_command_on_node $test_node "ip addr show to ${test_ip} | grep -q ."
echo "Attempting to remove ${test_ip} from node ${test_node}."
try_command_on_node $test_node $CTDB delip $test_ip
@@ -36,10 +36,10 @@ wait_until_ips_are_on_node '!' $test_node $test_ip
timeout=60
increment=5
count=0
-echo "Waiting for ${test_ip} to disappear from ${iface}..."
+echo "Waiting for ${test_ip} to disappear from node ${test_node}..."
while : ; do
- try_command_on_node -v $test_node "ip addr show dev $iface"
- if echo "$out" | grep -E 'inet6?[[:space:]]*${test_ip}/'; then
+ try_command_on_node -v $test_node "ip addr show to ${test_node}"
+ if -n "$out" ; then
echo "Still there..."
if [ $(($count * $increment)) -ge $timeout ] ; then
echo "BAD: Timed out waiting..."
diff --git a/ctdb/tests/complex/18_ctdb_reloadips.sh b/ctdb/tests/complex/18_ctdb_reloadips.sh
index e0632f30564..d6efc6bf631 100755
--- a/ctdb/tests/complex/18_ctdb_reloadips.sh
+++ b/ctdb/tests/complex/18_ctdb_reloadips.sh
@@ -51,12 +51,12 @@ select_test_node_and_ips
echo "Getting public IP information from CTDB..."
try_command_on_node any "$CTDB ip -X -v all"
-ctdb_ip_info=$(echo "$out" | awk -F'|' 'NR > 1 { print $2, $3, $5 }')
+ctdb_ip_info=$(awk -F'|' 'NR > 1 { print $2, $3, $5 }' "$outfile")
echo "Getting IP information from interfaces..."
try_command_on_node all "ip addr show"
-ip_addr_info=$(echo "$out" | \
- awk '$1 == "inet" { ip = $2; sub(/\/.*/, "", ip); print ip }')
+ip_addr_info=$(awk '$1 == "inet" { ip = $2; sub(/\/.*/, "", ip); print ip }' \
+ "$outfile")
prefix=""
for b in $(seq 0 255) ; do
@@ -171,7 +171,7 @@ check_ips ()
try_command_on_node $test_node "ip addr show dev ${iface}"
local ip_addrs_file=$(mktemp)
- echo "$out" | \
+ cat "$outfile" | \
sed -n -e "s at .*inet * \(${prefix//./\.}\.[0-9]*\)/.*@\1 at p" | \
sort >"$ip_addrs_file"
@@ -187,6 +187,33 @@ check_ips ()
fi
}
+# ctdb reloadips will fail if it can't disable takover runs. The most
+# likely reason for this is that there is already a takeover run in
+# progress. We can't predict when this will happen, so retry if this
+# occurs.
+do_ctdb_reloadips ()
+{
+ local retry_max=10
+ local retry_count=0
+ while : ; do
+ if try_command_on_node "$test_node" "$CTDB reloadips" ; then
+ return 0
+ fi
+
+ if [ "$out" != "Failed to disable takeover runs" ] ; then
+ return 1
+ fi
+
+ if [ $retry_count -ge $retry_max ] ; then
+ return 1
+ fi
+
+ retry_count=$((retry_count + 1))
+ echo "Retrying..."
+ sleep_for 1
+ done
+}
+
####################
new_ip_max=100
@@ -196,7 +223,7 @@ new_ip_max=100
add_ips_to_original_config \
$test_node "$addresses" "$iface" "$prefix" 1 $new_ip_max
-try_command_on_node $test_node "$CTDB reloadips"
+do_ctdb_reloadips
check_ips $test_node "$iface" "$prefix" 1 $new_ip_max
@@ -210,7 +237,7 @@ echo "Using 'ctdb reloadips' to remove the 1st address just added..."
add_ips_to_original_config \
$test_node "$addresses" "$iface" "$prefix" 2 $new_ip_max
-try_command_on_node $test_node "$CTDB reloadips"
+do_ctdb_reloadips
check_ips $test_node "$iface" "$prefix" 2 $new_ip_max
@@ -225,7 +252,7 @@ echo "Updating to include only about 1/2 of the new IPs..."
add_ips_to_original_config \
$test_node "$addresses" "$iface" "$prefix" $start $new_ip_max
-try_command_on_node $test_node "$CTDB reloadips"
+do_ctdb_reloadips
check_ips $test_node "$iface" "$prefix" $start $new_ip_max
@@ -237,6 +264,6 @@ try_command_on_node any $CTDB sync
echo "Restoring original IP configuration..."
restore_public_addresses
-try_command_on_node $test_node "$CTDB reloadips"
+do_ctdb_reloadips
check_ips $test_node "$iface" "$prefix" 0
diff --git a/ctdb/tests/complex/32_cifs_tickle.sh b/ctdb/tests/complex/32_cifs_tickle.sh
index 366824501da..ac00d449293 100755
--- a/ctdb/tests/complex/32_cifs_tickle.sh
+++ b/ctdb/tests/complex/32_cifs_tickle.sh
@@ -64,14 +64,6 @@ echo "Source socket is $src_socket"
# we sometimes beat the registration.
echo "Checking if CIFS connection is tracked by CTDB on test node..."
wait_until 10 check_tickles $test_node $test_ip $test_port $src_socket
-echo "$out"
-
-if [ "${out/SRC: ${src_socket} /}" != "$out" ] ; then
- echo "GOOD: CIFS connection tracked OK by CTDB."
-else
- echo "BAD: Socket not tracked by CTDB."
- testfailures=1
-fi
# This is almost immediate. However, it is sent between nodes
# asynchonously, so it is worth checking...
diff --git a/ctdb/tests/complex/36_smb_reset_server.sh b/ctdb/tests/complex/36_smb_reset_server.sh
index beff1a22014..c55cb9f251e 100755
--- a/ctdb/tests/complex/36_smb_reset_server.sh
+++ b/ctdb/tests/complex/36_smb_reset_server.sh
@@ -62,16 +62,8 @@ echo "Source socket is $src_socket"
# This should happen as soon as connection is up... but unless we wait
# we sometimes beat the registration.
-echo "Checking if CIFS connection is tracked by CTDB on test node..."
+echo "Waiting until SMB connection is tracked by CTDB on test node..."
wait_until 10 check_tickles $test_node $test_ip $test_port $src_socket
-echo "$out"
-
-if [ "${out/SRC: ${src_socket} /}" != "$out" ] ; then
- echo "GOOD: CIFS connection tracked OK by CTDB."
-else
- echo "BAD: Socket not tracked by CTDB."
- exit 1
-fi
# It would be nice if ss consistently used local/peer instead of src/dst
ss_filter="src ${test_ip}:${test_port} dst ${src_socket}"
@@ -83,7 +75,7 @@ if [ -z "$out" ] ; then
exit 1
fi
echo "GOOD: ss lists the socket:"
-echo "$out"
+cat "$outfile"
echo "Disabling node $test_node"
try_command_on_node 1 $CTDB disable -n $test_node
diff --git a/ctdb/tests/complex/37_nfs_reset_server.sh b/ctdb/tests/complex/37_nfs_reset_server.sh
index 07bd034d6c7..e38d4510d49 100755
--- a/ctdb/tests/complex/37_nfs_reset_server.sh
+++ b/ctdb/tests/complex/37_nfs_reset_server.sh
@@ -63,7 +63,7 @@ echo "Source socket is $src_socket"
echo "Wait until NFS connection is tracked by CTDB on test node ..."
wait_until $((monitor_interval * 2)) \
check_tickles $test_node $test_ip $test_port $src_socket
-echo "$out"
+cat "$outfile"
# It would be nice if ss consistently used local/peer instead of src/dst
ss_filter="src ${test_ip}:${test_port} dst ${src_socket}"
@@ -75,7 +75,7 @@ if [ -z "$out" ] ; then
exit 1
--
Samba Shared Repository
More information about the samba-cvs
mailing list