[SCM] Samba Shared Repository - branch v4-10-stable updated
Karolin Seeger
kseeger at samba.org
Wed May 22 10:27:38 UTC 2019
The branch, v4-10-stable has been updated
via 8e479542e28 VERSION: Disable GIT_SNAPSHOT for the 4.10.4 release.
via def2c7dabc9 Merge 'origin/v4-10-stable' into the real 4.10.4 release
via fa9de54681b WHATSNEW: Add release notes for Samba 4.10.4.
via d6243acb3ac ctdb-common: Fix memory leak in run_proc
via 0d4280abf98 ctdb-common: Fix memory leak
via 32065a0772e ctdb-recoverd: Fix memory leak
via 417a4d2c3cc vfs_ceph: fix cephwrap_flistxattr() debug message
via 4c02823ab51 s3:smbspool: Fix regression printing with Kerberos credentials
via 5c9489ba557 s3: SMB1: Don't allow recvfile on stream fsp's.
via 198cb5b0550 s3:smbd: don't use recvfile on streams
via f7ffa7a007f s3:utils: If share is NULL in smbcacls, don't print it
via b0e862a64a7 s3:utils: If share is NULL in smbcquotas, don't print it
via 601cb1d5726 s3:winbindd: Do not free db_path in idmap_tdb2 before we printed it
via 5b6adbb0f05 ctdb:common: Do not print NULL if we don't get a sockpath
via b578a2df99f s4:torture: Do not free full_name before we printed it
via 4113054a7ce lib:torture: Fix string comparison macros where we directly pass NULL
via a81f78ce4e4 s4:torture: Do not print NULL strings we just checked before
via b522ed38de1 s4:ntvfs: Do not free eadb before we printed an error
via 405872948fa s3:rpc_server: Do not free the tdbname before we printed it
via 4f0a4fac3de s4:auth: Fix debug statement in gensec_gssapi
via 8542379bde8 s3 rpc_client: Fix Asan stack use after scope
via 8a320aad332 ctdb-daemon: Never use 0 as a client ID
via 6aa0fd8b7cd s4 lib socket: Ensure address string owned by parent struct
via 385a36b7e7c nsswitch pam_winbind: Fix Asan use after free
via 52ba5136f2f ctdb-tests: Fix logic error in simple ctdb reloadips test
via 63a59de4f0f ctdb-tests: Make ctdb reloadips tests more reliable
via efb35a1a695 ctdb-tests: Capture output in $out on failure as well
via 65bf14afd83 ctdb-tests: Remove old socket wrapper state directory during setup
via 33739d55569 ctdb-tests: Actually restart if cluster doesn't become healthy
via 0cdf5c6b5ce ctdb-tests: Don't clean up test var directory in autotest target
via 3582e306606 ctdb-tests: Fix usage message
via b8cf1594a73 ctdb-tests: Wait to allow database attach/detach to take effect
via 221da170256 ctdb-tests: Avoid bulk output in $out, prefer $outfile
via 2044466dd3e ctdb-tests: Make try_command_on_node less error-prone
via 8bb1726f6a7 ctdb-tests: Change sanity_check_output() to internally use $out
via c054f19fb37 ctdb-tests: Extend test to cover ctdb rddumpmemory
via 8c9abb2749f ctdb-tools: Fix ctdb dumpmemory to avoid printing trailing NUL
via 42b32da4160 smbd: implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling
via 5308f042e67 s4:torture/smb2: add smb2.getinfo.normalized test
via 3205d032781 s4:libcli/raw: add RAW_FILEINFO_NORMALIZED_NAME_INFORMATION support
via 07382f0765a smbd: allow case insensitive opens of named streams
via 649dd7bce86 s4:torture/smb2: add smb2.stream.names3 test
via f4a603a9f32 s3: modules: ceph: use current working directory instead of share path
via de505618e60 s3:debug: enable logging for early startup failures
via c584a4b4dfb s3:debug: adjust indention
via c7f25b25d3a s3:debug: use struct initializer
via 1fa6a46fa53 winbind: Fix overlapping id ranges
via 24d39db5c37 selftest: Add trusted domain tests for idmap_ad
via 3a46730f12e selftest: Pass trusted domain information to idmap_ad test
via c3c2f3707a0 selftest: Add idmap configuration for trusted domain for idmap_ad
via 79c04524c38 selftest: Make trusted domain information available for idmap_ad environment
via 28b5ff2ccf7 selftest: Use fl2008r2dc for ad_member_idmap_ad
via 38746ec0a3e selftest: Add gid-to-sid lookup to idmap_ad test
via 9c167fa8628 lib util debug: Increase format buffer to 4KiB
via 2cc3b4c42c5 lib: Initialize getline() arguments
via d1962a5f527 pytests/dns: use 2.6 compatible syntax
via 893ac2a6b20 netcmd: Fix passwordsettings --max-pwd-age command
via afc2243b478 netcmd: Add some timestamp conversion helper functions
via 36da4c095de netcmd: Use python constant for -0x8000000000000000
via 1efa1e01194 tests: Add test for setting min/maxPwdAge
via ea74b0eb2ef dbcheck: fix the err_empty_attribute() check
via b01e1e3376b winbind: Use domain name from lsa query for sid_to_name cache entry
via 9034980420d winbind: Return queried domain name from name_to_sid
via b519cd2156d winbind: Query domain from winbind sam_name_to_sid
via af48878005a winbind: Query domain from winbind rpc name_to_sid
via 2670fe83374 winbind: Query domain from msrpc name_to_sid
via b7f79137dcd nsswitch: Add testcase for checking output of wbinfo --sid-to-name
via 2ad7a4a6477 VERSION: Bump version up to 4.10.4.
via c0a8bd3d66e Merge tag 'samba-4.10.3' into v4-10-test
via c7b67d3cb37 s3/vfs_glusterfs: Dynamically determine NAME_MAX
via 3c027df87fe s3/vfs_glusterfs_fuse: Dynamically determine NAME_MAX
via faa61e3c878 docs/vfs_ceph: describe new ACL behaviour
via bd3c73e0861 vfs_ceph: explicitly enable libcephfs POSIX ACL support
via 822df5a6dc1 smb2_server: grant all 8192 credits to clients
via d508ec61012 vfs_default: fix vfswrap_offload_write_send() NT_STATUS_INVALID_VIEW_SIZE check
via cfdec9a8563 vfs_default: fix DEBUG messages in vfswrap_offload_write_*_done()
via 5d418910795 vfs_snapper: drop unneeded fstat handler
via 94b7fcba46e smb2_tcon: avoid STATUS_PENDING completely on tdis
via 0acd5de3532 smb2_sesssetup: avoid STATUS_PENDING completely on session logoff
via 3e4d622e296 smb2_tcon: avoid STATUS_PENDING responses for tree connect
via 914d7c53f4d smb2_sesssetup: avoid STATUS_PENDING responses for session setup
via d0f5c69b11a smb2_server: allow smbd_smb2_request_pending_queue(0) to avoid STATUS_PENDING
via 690ba5dc876 s3:smbd: handle IO_REPARSE_TAG_DFS in SMB_FIND_FILE_FULL_DIRECTORY_INFO
via e23fdfe6730 ctdb-common: Avoid race between fd and signal events
via 8f43d725d36 ctdb-daemon: Revert "We can not assume that just because we could complete a TCP handshake"
via 182f329f541 torture: Add test for talloc size accounting in memcache
via 1a82c4b9532 memcache: Increase size of default memcache to 512k
via 43f3544e83f memcache: Properly track the size of talloc objects
via d4ea61f5615 memcache: Introduce struct for storing talloc pointer
via 6baf1529a81 ctdb-scripts: Update statd-callout to try several configuration files
via 12f6eae2c9a ctdb-scripts: Allow load_system_config() to take multiple alternatives
via 53e76ab4a8c ctdb-tests: Update NFS test infrastructure to support systemd services
via 80c6b7d3914 ctdb-scripts: Add systemd services to NFS call-out
via 002beda318b ctdb-scripts: Start NFS quota service if defined
via ee78bddd083 ctdb-scripts: Stop/start mount/rquotad/status via NFS call-out
via aaf8b6a66c0 ctdb-scripts: Factor out nfs_load_config()
via b2aa818e4d8 ctdb-scripts: Add test variable CTDB_NFS_DISTRO_STYLE
via a1275fedd21 ctdb-scripts: Rename variable nfslock_service to nfs_lock_service
via 63453eb3fb6 ctdb-scripts: Reindent some functions prior to making changes
via dda1c48a47c py/provision: fix for Python 2.6
via bdf59b416d2 s3-libnet_join: allow fallback to NTLMSSP auth in libnet_join
via f85efe206f9 s3-libnet_join: setup libnet join error string when AD connect fails
via 05709dbaf2d s3-libnet_join: always pass down admin domain to ads layer
via 837a141a4d9 s3:ldap: Leave add machine code early for pre-existing accounts
via 78f308084f5 s3:libads: Make sure we can lookup KDCs which are not configured
via bd573b37c60 s3:libnet: Use more secure name for the JOIN krb5.conf
via 936594d66b7 auth:creds: Prefer the principal over DOMAIN/username when using NTLM
via 0b00c7a2d0a auth:ntlmssp: Add back CRAP ndr debug output
via 2e96408eac8 s3:libnet: Fix debug message in libnet_DomainJoin()
via 461090e0a12 s3:libsmb: Add some useful debug output to cliconnect
via ada3417c5cb s3:libads: Print more information when LDAP fails
via 54571d3325f docs: Update smbclient manpage for --max-protocol
via cf323d769f0 VERSION: Bump version up to 4.10.3.
via ebf34098fa3 Merge tag 'samba-4.10.2' into v4-10-test
via 61c4d715a73 VERSION: Bump version up to 4.10.2...
from 8eb462bf914 Merge tag 'samba-4.10.3' into v4-10-stable
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-10-stable
- Log -----------------------------------------------------------------
commit 8e479542e28d3b52a940fc12c9e72d782d953d00
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed May 22 11:49:22 2019 +0200
VERSION: Disable GIT_SNAPSHOT for the 4.10.4 release.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit def2c7dabc9d538587a39a3bf75605d8fd89b974
Merge: fa9de54681b 8eb462bf914
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed May 22 12:14:55 2019 +0200
Merge 'origin/v4-10-stable' into the real 4.10.4 release
Signed-off-by: Karolin Seeger <kseeger at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 120 +++++++-
auth/credentials/credentials.c | 2 +-
auth/ntlmssp/ntlmssp_client.c | 32 +++
ctdb/common/event_script.c | 3 +-
ctdb/common/run_proc.c | 14 +-
ctdb/common/sock_daemon.c | 2 +-
ctdb/config/functions | 19 +-
ctdb/config/nfs-checks.d/10.status.check | 4 +-
ctdb/config/nfs-checks.d/40.mountd.check | 4 +-
ctdb/config/nfs-checks.d/50.rquotad.check | 4 +-
ctdb/config/nfs-linux-kernel-callout | 259 +++++++++++++----
ctdb/config/statd-callout | 3 +-
ctdb/server/ctdb_daemon.c | 48 +++-
ctdb/server/ctdb_recoverd.c | 2 +-
ctdb/tcp/tcp_connect.c | 3 +
ctdb/tests/complex/11_ctdb_delip_removes_ip.sh | 10 +-
ctdb/tests/complex/18_ctdb_reloadips.sh | 43 ++-
ctdb/tests/complex/32_cifs_tickle.sh | 7 -
ctdb/tests/complex/36_smb_reset_server.sh | 12 +-
ctdb/tests/complex/37_nfs_reset_server.sh | 4 +-
ctdb/tests/complex/60_rogueip_releaseip.sh | 2 +-
ctdb/tests/complex/scripts/local.bash | 5 +-
ctdb/tests/eventscripts/scripts/60.nfs.sh | 99 ++++++-
ctdb/tests/local_daemons.sh | 1 +
ctdb/tests/run_tests.sh | 2 +-
ctdb/tests/scripts/integration.bash | 72 +++--
ctdb/tests/simple/02_ctdb_tunables.sh | 6 +-
ctdb/tests/simple/05_ctdb_listnodes.sh | 5 +-
ctdb/tests/simple/08_ctdb_isnotrecmaster.sh | 10 +-
ctdb/tests/simple/09_ctdb_ping.sh | 6 +-
ctdb/tests/simple/11_ctdb_ip.sh | 14 +-
ctdb/tests/simple/12_ctdb_getdebug.sh | 3 +-
ctdb/tests/simple/14_ctdb_statistics.sh | 2 +-
ctdb/tests/simple/15_ctdb_statisticsreset.sh | 21 +-
ctdb/tests/simple/18_ctdb_reloadips.sh | 70 +++--
ctdb/tests/simple/19_ip_takeover_noop.sh | 4 +-
ctdb/tests/simple/20_delip_iface_gc.sh | 10 +-
ctdb/tests/simple/21_ctdb_attach.sh | 49 ++--
ctdb/tests/simple/23_ctdb_moveip.sh | 25 +-
ctdb/tests/simple/24_ctdb_getdbmap.sh | 10 +-
ctdb/tests/simple/25_dumpmemory.sh | 9 +-
..._ctdb_config_check_error_on_unreachable_ctdb.sh | 6 +-
ctdb/tests/simple/27_ctdb_detach.sh | 71 +++--
ctdb/tests/simple/35_ctdb_getreclock.sh | 2 +-
ctdb/tests/simple/51_message_ring.sh | 14 +-
ctdb/tests/simple/52_fetch_ring.sh | 14 +-
ctdb/tests/simple/53_transaction_loop.sh | 4 +-
ctdb/tests/simple/54_transaction_loop_recovery.sh | 4 +-
ctdb/tests/simple/55_ctdb_ptrans.sh | 12 +-
.../simple/56_replicated_transaction_recovery.sh | 4 +-
ctdb/tests/simple/58_ctdb_restoredb.sh | 8 +-
ctdb/tests/simple/69_recovery_resurrect_deleted.sh | 10 +-
ctdb/tests/simple/70_recoverpdbbyseqnum.sh | 4 +-
ctdb/tests/simple/71_ctdb_wipedb.sh | 4 +-
ctdb/tests/simple/72_update_record_persistent.sh | 4 +-
ctdb/tests/simple/75_readonly_records_basic.sh | 24 +-
ctdb/tests/simple/77_ctdb_db_recovery.sh | 6 +-
ctdb/tests/simple/79_volatile_db_traverse.sh | 4 +-
ctdb/tests/simple/80_ctdb_traverse.sh | 2 +-
ctdb/tests/simple/81_tunnel_ring.sh | 14 +-
ctdb/tests/simple/90_debug_hung_script.sh | 6 +-
ctdb/tools/ctdb.c | 10 +-
ctdb/wscript | 2 +-
docs-xml/manpages/smbclient.1.xml | 6 +-
docs-xml/manpages/vfs_ceph.8.xml | 11 +
docs-xml/smbdotconf/filename/maxstatcachesize.xml | 2 +-
lib/param/loadparm.c | 2 +-
lib/torture/torture.h | 8 +-
lib/util/debug.c | 2 +-
lib/util/debug_s3.c | 44 ++-
lib/util/memcache.c | 54 +++-
libcli/dns/resolvconf.c | 2 +-
nsswitch/pam_winbind.c | 5 +
nsswitch/tests/test_idmap_ad.sh | 137 ++++++++-
nsswitch/tests/test_wbinfo_name_lookup.sh | 15 +
python/samba/dbchecker.py | 2 +-
python/samba/netcmd/domain.py | 56 +++-
python/samba/provision/__init__.py | 2 +-
python/samba/tests/dns.py | 2 +-
python/samba/tests/samba_tool/passwordsettings.py | 38 +++
selftest/knownfail | 3 -
selftest/target/Samba3.pm | 11 +-
source3/client/smbspool.c | 2 +-
source3/libads/kerberos.c | 12 +-
source3/libads/ldap.c | 22 +-
source3/libnet/libnet_join.c | 29 +-
source3/libsmb/cliconnect.c | 13 +
source3/modules/vfs_ceph.c | 20 +-
source3/modules/vfs_default.c | 47 +++-
source3/modules/vfs_glusterfs.c | 37 ++-
source3/modules/vfs_glusterfs_fuse.c | 32 ++-
source3/modules/vfs_snapper.c | 19 --
source3/param/loadparm.c | 2 +-
source3/rpc_client/cli_netlogon.c | 13 +-
source3/rpc_server/eventlog/srv_eventlog_nt.c | 4 +-
source3/selftest/tests.py | 2 +-
source3/smbd/filename.c | 72 ++++-
source3/smbd/reply.c | 4 +
source3/smbd/smb2_getinfo.c | 9 +
source3/smbd/smb2_server.c | 22 +-
source3/smbd/smb2_sesssetup.c | 17 +-
source3/smbd/smb2_tcon.c | 12 +-
source3/smbd/trans2.c | 63 ++++-
source3/torture/torture.c | 70 ++++-
source3/utils/smbcacls.c | 4 +-
source3/utils/smbcquotas.c | 4 +-
source3/winbindd/idmap_tdb2.c | 4 +-
source3/winbindd/wb_xids2sids.c | 12 +-
source3/winbindd/winbindd.h | 1 +
source3/winbindd/winbindd_ads.c | 3 +-
source3/winbindd/winbindd_cache.c | 5 +-
source3/winbindd/winbindd_msrpc.c | 15 +-
source3/winbindd/winbindd_reconnect.c | 5 +-
source3/winbindd/winbindd_reconnect_ads.c | 5 +-
source3/winbindd/winbindd_rpc.c | 15 +-
source3/winbindd/winbindd_rpc.h | 1 +
source3/winbindd/winbindd_samr.c | 11 +
source4/auth/gensec/gensec_gssapi.c | 9 +-
source4/lib/socket/socket_ip.c | 2 +-
source4/libcli/raw/interfaces.h | 16 +-
source4/libcli/raw/rawfileinfo.c | 11 +
source4/libcli/raw/trans2.h | 1 +
source4/ntvfs/ntvfs_generic.c | 2 +
source4/ntvfs/posix/pvfs_qfileinfo.c | 2 +
source4/ntvfs/posix/vfs_posix.c | 2 +-
source4/torture/gentest.c | 4 +
source4/torture/rpc/drsuapi_cracknames.c | 8 +-
source4/torture/smb2/getinfo.c | 311 +++++++++++++++++++++
source4/torture/smb2/streams.c | 115 ++++++++
source4/torture/vfs/fruit.c | 2 +-
131 files changed, 2192 insertions(+), 554 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 2b49166b9c6..cddf98545d9 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=10
-SAMBA_VERSION_RELEASE=3
+SAMBA_VERSION_RELEASE=4
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8472caa032c..21aef0c4960 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,119 @@
+ ==============================
+ Release Notes for Samba 4.10.4
+ May 22, 2019
+ ==============================
+
+
+This is the latest stable release of the Samba 4.10 release series.
+
+
+Changes since 4.10.3:
+---------------------
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 13938: s3: SMB1: Don't allow recvfile on stream fsp's.
+
+o Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+ * BUG 13882: py/provision: Fix for Python 2.6.
+
+o Tim Beale <timbeale at catalyst.net.nz>
+ * BUG 13873: netcmd: Fix 'passwordsettings --max-pwd-age' command.
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 13938: s3:smbd: Don't use recvfile on streams.
+
+o Günther Deschner <gd at samba.org>
+ * BUG 13861: s3-libnet_join: 'net ads join' to child domain fails when using
+ "-U admin at forestroot".
+
+o David Disseldorp <ddiss at samba.org>
+ * BUG 13896: vfs_ceph: Explicitly enable libcephfs POSIX ACL support.
+ * BUG 13940: vfs_ceph: Fix cephwrap_flistxattr() debug message.
+
+o Amitay Isaacs <amitay at gmail.com>
+ * BUG 13895: ctdb-common: Avoid race between fd and signal events.
+ * BUG 13943: ctdb-common: Fix memory leak in run_proc.
+
+o Volker Lendecke <vl at samba.org>
+ * BUG 13892: lib: Initialize getline() arguments.
+ * BUG 13903: winbind: Fix overlapping id ranges.
+
+o Gary Lockyer <gary at catalyst.net.nz>
+ * BUG 13902: lib util debug: Increase format buffer to 4KiB.
+ * BUG 13927: nsswitch pam_winbind: Fix Asan use after free.
+ * BUG 13929: s4 lib socket: Ensure address string owned by parent struct.
+ * BUG 13936: s3 rpc_client: Fix Asan stack use after scope.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 10097: s3:smbd: Handle IO_REPARSE_TAG_DFS in
+ SMB_FIND_FILE_FULL_DIRECTORY_INFO.
+ * BUG 10344: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
+ * BUG 12845: smb2_sesssetup: avoid STATUS_PENDING responses for session
+ setup.
+ * BUG 13698: smb2_tcon: Avoid STATUS_PENDING completely on tdis.
+ * BUG 13796: smb2_sesssetup: avoid STATUS_PENDING responses for session
+ setup.
+ * BUG 13843: dbcheck: Fix the err_empty_attribute() check.
+ * BUG 13858: vfs_snapper: Drop unneeded fstat handler.
+ * BUG 13862: vfs_default: Fix vfswrap_offload_write_send()
+ NT_STATUS_INVALID_VIEW_SIZE check.
+ * BUG 13863: smb2_server: Grant all 8192 credits to clients.
+ * BUG 13919: smbd: Implement SMB_FILE_NORMALIZED_NAME_INFORMATION handling.
+
+o Anoop C S <anoopcs at redhat.com>
+ * BUG 13872: s3/vfs_glusterfs: Dynamically determine NAME_MAX.
+
+o Robert Sander <r.sander at heinlein-support.de>
+ * BUG 13918: s3: modules: ceph: Use current working directory instead of
+ share path.
+
+o Christof Schmitt <cs at samba.org>
+ * BUG 13831: winbind: Use domain name from lsa query for sid_to_name cache
+ entry.
+ * BUG 13865: memcache: Increase size of default memcache to 512k.
+
+o Andreas Schneider <asn at samba.org>
+ * BUG 13857: docs: Update smbclient manpage for "--max-protocol".
+ * BUG 13861: 'net ads join' to child domain fails when using
+ "-U admin at forestroot".
+ * BUG 13937: s3:utils: If share is NULL in smbcacls, don't print it.
+ * BUG 13939: s3:smbspool: Fix regression printing with Kerberos credentials.
+
+o Martin Schwenke <martin at meltin.net>
+ * BUG 13860: ctdb-scripts: CTDB restarts failed NFS RPC services by hand,
+ which is incompatible with systemd.
+ * BUG 13888: ctdb-daemon: Revert "We can not assume that just because we
+ could complete a TCP handshake".
+ * BUG 13930: ctdb-daemon: Never use 0 as a client ID.
+ * BUG 13943: ctdb-common: Fix memory leak.
+
+o Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
+ * BUG 13904: s3:debug: Enable logging for early startup failures.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the "Samba 4.1 and newer" product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
==============================
Release Notes for Samba 4.10.3
May 14, 2019
@@ -49,8 +165,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
+
==============================
Release Notes for Samba 4.10.2
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index 4663185c979..7ef58d0752c 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -1115,7 +1115,7 @@ _PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *c
const char **username,
const char **domain)
{
- if (cred->principal_obtained > cred->username_obtained) {
+ if (cred->principal_obtained >= cred->username_obtained) {
*domain = talloc_strdup(mem_ctx, "");
*username = cli_credentials_get_principal(cred, mem_ctx);
} else {
diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c
index ab406a2c5be..8e49dcee5ea 100644
--- a/auth/ntlmssp/ntlmssp_client.c
+++ b/auth/ntlmssp/ntlmssp_client.c
@@ -342,6 +342,22 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
}
}
+ if (DEBUGLEVEL >= 10) {
+ struct CHALLENGE_MESSAGE *challenge =
+ talloc(ntlmssp_state, struct CHALLENGE_MESSAGE);
+ if (challenge != NULL) {
+ NTSTATUS status;
+ challenge->NegotiateFlags = chal_flags;
+ status = ntlmssp_pull_CHALLENGE_MESSAGE(
+ &in, challenge, challenge);
+ if (NT_STATUS_IS_OK(status)) {
+ NDR_PRINT_DEBUG(CHALLENGE_MESSAGE,
+ challenge);
+ }
+ TALLOC_FREE(challenge);
+ }
+ }
+
if (chal_flags & NTLMSSP_TARGET_TYPE_SERVER) {
ntlmssp_state->server.is_standalone = true;
} else {
@@ -702,6 +718,22 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
return nt_status;
}
+ if (DEBUGLEVEL >= 10) {
+ struct AUTHENTICATE_MESSAGE *authenticate =
+ talloc(ntlmssp_state, struct AUTHENTICATE_MESSAGE);
+ if (authenticate != NULL) {
+ NTSTATUS status;
+ authenticate->NegotiateFlags = ntlmssp_state->neg_flags;
+ status = ntlmssp_pull_AUTHENTICATE_MESSAGE(
+ out, authenticate, authenticate);
+ if (NT_STATUS_IS_OK(status)) {
+ NDR_PRINT_DEBUG(AUTHENTICATE_MESSAGE,
+ authenticate);
+ }
+ TALLOC_FREE(authenticate);
+ }
+ }
+
/*
* We always include the MIC, even without:
* av_flags->Value.AvFlags |= NTLMSSP_AVFLAG_MIC_IN_AUTHENTICATE_MESSAGE;
diff --git a/ctdb/common/event_script.c b/ctdb/common/event_script.c
index 8978d1452c0..8bdfdd0b5ca 100644
--- a/ctdb/common/event_script.c
+++ b/ctdb/common/event_script.c
@@ -117,7 +117,8 @@ int event_script_get_list(TALLOC_CTX *mem_ctx,
}
*out = script_list;
- return 0;
+ ret = 0;
+ goto done;
nomem:
ret = ENOMEM;
diff --git a/ctdb/common/run_proc.c b/ctdb/common/run_proc.c
index 97895b383b9..0c3c1de72fe 100644
--- a/ctdb/common/run_proc.c
+++ b/ctdb/common/run_proc.c
@@ -295,13 +295,22 @@ again:
proc->result.sig = WTERMSIG(status);
}
+ /* Confirm that all data has been read from the pipe */
+ if (proc->fd != -1) {
+ proc_read_handler(ev, proc->fde, 0, proc);
+ TALLOC_FREE(proc->fde);
+ proc->fd = -1;
+ }
+
+ DLIST_REMOVE(run_ctx->plist, proc);
+
/* Active run_proc request */
if (proc->req != NULL) {
run_proc_done(proc->req);
+ } else {
+ talloc_free(proc);
}
- DLIST_REMOVE(run_ctx->plist, proc);
-
goto again;
}
@@ -419,6 +428,7 @@ static void run_proc_done(struct tevent_req *req)
if (state->proc->output != NULL) {
state->output = talloc_steal(state, state->proc->output);
}
+ talloc_steal(state, state->proc);
tevent_req_done(req);
}
diff --git a/ctdb/common/sock_daemon.c b/ctdb/common/sock_daemon.c
index e5e16f8af12..6298653f4ec 100644
--- a/ctdb/common/sock_daemon.c
+++ b/ctdb/common/sock_daemon.c
@@ -893,7 +893,7 @@ static void sock_daemon_run_socket_fail(struct tevent_req *subreq)
subreq, struct tevent_req);
struct sock_daemon_run_state *state = tevent_req_data(
req, struct sock_daemon_run_state);
- const char *sockpath = NULL;
+ const char *sockpath = "INVALID";
int ret = 0;
bool status;
diff --git a/ctdb/config/functions b/ctdb/config/functions
index 7a47c9d8e79..1dc16532890 100755
--- a/ctdb/config/functions
+++ b/ctdb/config/functions
@@ -33,15 +33,16 @@ fi
load_system_config ()
{
- if [ -z "$1" ] ; then
- return
- fi
-
- if [ -f "${CTDB_SYS_ETCDIR}/sysconfig/$1" ]; then
- . "${CTDB_SYS_ETCDIR}/sysconfig/$1"
- elif [ -f "${CTDB_SYS_ETCDIR}/default/$1" ]; then
- . "${CTDB_SYS_ETCDIR}/default/$1"
- fi
+ for _i ; do
+
+ if [ -f "${CTDB_SYS_ETCDIR}/sysconfig/${_i}" ]; then
+ . "${CTDB_SYS_ETCDIR}/sysconfig/${_i}"
+ return
+ elif [ -f "${CTDB_SYS_ETCDIR}/default/${_i}" ]; then
+ . "${CTDB_SYS_ETCDIR}/default/${_i}"
+ return
+ fi
+ done
}
# load_script_options [ component script ]
diff --git a/ctdb/config/nfs-checks.d/10.status.check b/ctdb/config/nfs-checks.d/10.status.check
index dfa5c59117e..b8ce1e0ad0b 100644
--- a/ctdb/config/nfs-checks.d/10.status.check
+++ b/ctdb/config/nfs-checks.d/10.status.check
@@ -2,6 +2,6 @@
version="1"
restart_every=2
unhealthy_after=6
-service_stop_cmd="killall -q -9 rpc.statd"
-service_start_cmd="rpc.statd ${STATD_HA_CALLOUT:+-H} $STATD_HA_CALLOUT ${STATD_HOSTNAME:+-n} $STATD_HOSTNAME ${STATD_PORT:+-p} $STATD_PORT ${STATD_OUTGOING_PORT:+-o} $STATD_OUTGOING_PORT"
+service_stop_cmd="$CTDB_NFS_CALLOUT stop status"
+service_start_cmd="$CTDB_NFS_CALLOUT start status"
service_debug_cmd="program_stack_traces rpc.statd 5"
diff --git a/ctdb/config/nfs-checks.d/40.mountd.check b/ctdb/config/nfs-checks.d/40.mountd.check
index 56b3fd29512..bfe4c277ce9 100644
--- a/ctdb/config/nfs-checks.d/40.mountd.check
+++ b/ctdb/config/nfs-checks.d/40.mountd.check
@@ -2,6 +2,6 @@
version="1"
restart_every=2
unhealthy_after=6
-service_stop_cmd="killall -q -9 rpc.mountd"
-service_start_cmd="rpc.mountd $RPCMOUNTDOPTS ${MOUNTD_PORT:+-p} $MOUNTD_PORT"
+service_stop_cmd="$CTDB_NFS_CALLOUT stop mountd"
+service_start_cmd="$CTDB_NFS_CALLOUT start mountd"
service_debug_cmd="program_stack_traces rpc.mountd 5"
diff --git a/ctdb/config/nfs-checks.d/50.rquotad.check b/ctdb/config/nfs-checks.d/50.rquotad.check
index b7bd9d2c757..98bd8d98fce 100644
--- a/ctdb/config/nfs-checks.d/50.rquotad.check
+++ b/ctdb/config/nfs-checks.d/50.rquotad.check
@@ -2,6 +2,6 @@
version="1"
restart_every=2
unhealthy_after=6
-service_stop_cmd="killall -q -9 rpc.rquotad"
-service_start_cmd="rpc.rquotad ${RQUOTAD_PORT:+-p} $RQUOTAD_PORT"
+service_stop_cmd="$CTDB_NFS_CALLOUT stop rquotad"
+service_start_cmd="$CTDB_NFS_CALLOUT start rquotad"
service_debug_cmd="program_stack_traces rpc.rquotad 5"
diff --git a/ctdb/config/nfs-linux-kernel-callout b/ctdb/config/nfs-linux-kernel-callout
index 9b72446b44e..3d1dc63c590 100755
--- a/ctdb/config/nfs-linux-kernel-callout
+++ b/ctdb/config/nfs-linux-kernel-callout
@@ -12,20 +12,66 @@ set -e
# hook for testing.
nfs_exports_file="${CTDB_NFS_EXPORTS_FILE:-/var/lib/nfs/etab}"
-# Red Hat
-nfs_service="nfs"
-nfslock_service="nfslock"
-nfs_config="/etc/sysconfig/nfs"
+# As above, edit the default value below. CTDB_NFS_DISTRO_STYLE is a
+# test variable only.
+nfs_distro_style="${CTDB_NFS_DISTRO_STYLE:-sysvinit-redhat}"
+
+case "$nfs_distro_style" in
+systemd-*)
+ # Defaults
+ nfs_service="nfs-server"
+ nfs_lock_service="rpc-statd"
+ nfs_mountd_service="nfs-mountd"
+ nfs_status_service="rpc-statd"
+ nfs_rquotad_service="rpc-rquotad"
+ nfs_config="/etc/sysconfig/nfs"
+ nfs_rquotad_config="" # Not use with systemd, restart via service
+
+ case "$nfs_distro_style" in
+ *-redhat|*-suse)
+ : # Defaults only
+ ;;
+ *-debian)
+ nfs_rquotad_service="quotarpc"
+ ;;
+ *)
+ echo "Internal error"
+ exit 1
+ esac
+ ;;
-# SUSE
-#nfs_service="nfsserver"
-#nfslock_service=""
-#nfs_config="/etc/sysconfig/nfs"
+sysvinit-*)
+ # Defaults
+ nfs_service="nfs"
+ nfs_lock_service=""
+ nfs_mountd_service=""
+ nfs_status_service=""
+ nfs_rquotad_service=""
+ nfs_config="/etc/sysconfig/nfs"
+ nfs_rquotad_config="$nfs_config"
+
+ case "$nfs_distro_style" in
+ *-redhat)
+ nfs_lock_service="nfslock"
+ ;;
+ *-suse)
+ nfs_service="nfsserver"
+ ;;
+ *-debian)
+ nfs_service="nfs-kernel-server"
+ nfs_config="/etc/default/nfs-kernel-server"
+ nfs_rquotad_config="/etc/default/quota"
+ ;;
+ *)
+ echo "Internal error"
+ exit 1
+ esac
+ ;;
-# Debian
-#nfs_service="nfs-kernel-server"
-#nfslock_service=""
-#nfs_config="/etc/default/nfs-kernel-server"
+*)
+ echo "Internal error"
+ exit 1
+esac
# Override for unit testing
if [ -z "$PROCFS_PATH" ] ; then
@@ -46,50 +92,70 @@ EOF
exit 1
}
+##################################################
+
+nfs_load_config ()
+{
+ _config="${1:-${nfs_config}}"
+
+ if [ -r "$_config" ] ; then
+ . "$_config"
+ fi
+}
##################################################
# Basic service stop and start
basic_stop ()
{
- case "$1" in
+ case "$1" in
nfs)
- service "$nfs_service" stop
- if [ -n "$nfslock_service" ] ; then
- service "$nfslock_service" stop
- fi
- ;;
- nfslock)
- if [ -n "$nfslock_service" ] ; then
- service "$nfslock_service" stop
- else
+ if [ -n "$nfs_rquotad_service" ] ; then
+ service "$nfs_rquotad_service" stop
+ fi
+
service "$nfs_service" stop
- fi
- ;;
+
+ if [ -n "$nfs_lock_service" ] ; then
+ service "$nfs_lock_service" stop
+ fi
+ ;;
+ nfslock)
+ if [ -n "$nfs_lock_service" ] ; then
+ service "$nfs_lock_service" stop
+ else
+ service "$nfs_service" stop
+ fi
+ ;;
*)
- usage
- esac
+ usage
+ esac
}
basic_start ()
{
- case "$1" in
+ case "$1" in
nfs)
- if [ -n "$nfslock_service" ] ; then
- service "$nfslock_service" start
- fi
- service "$nfs_service" start
- ;;
- nfslock)
- if [ -n "$nfslock_service" ] ; then
- service "$nfslock_service" start
- else
+ if [ -n "$nfs_lock_service" ] ; then
--
Samba Shared Repository
More information about the samba-cvs
mailing list