[SCM] Samba Shared Repository - annotated tag samba-4.10.9 created
Karolin Seeger
kseeger at samba.org
Thu Oct 17 10:26:11 UTC 2019
The annotated tag, samba-4.10.9 has been created
at aec6286ad2a278853edf3b2503fafce01041b14b (tag)
tagging a1cdfe58b7009e9d9a7b542238566daf818d91c3 (commit)
replaces ldb-1.5.6
tagged by Karolin Seeger
on Thu Oct 17 12:25:42 2019 +0200
- Log -----------------------------------------------------------------
samba: tag release samba-4.10.9
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQRS+8C4bZVLCEMyTNxvM5FbZWi36gUCXahBpgAKCRBvM5FbZWi3
6teLAJ9ClkrPFSzK6bNOD7W4n/9/v4ExLQCgktPzHsgVXYOAXWWDyKlYrkGkC8A=
=kvVn
-----END PGP SIGNATURE-----
Aaron Haslett (1):
undoguidx: blackbox test
Amitay Isaacs (1):
ctdb-vacuum: Process all records not deleted on a remote node
Andreas Schneider (21):
s3:waf: Do not check for nanosleep() as we don't use it anywhere
replace: Only link against librt if really needed
pthreadpool: Only link pthreadpool against librt if we have to
third_party: Only link cmocka against librt if really needed
third_party: Link nss_wrapper against pthread
third_party: Link uid_wrapper against pthread
waf:replace: Do not link against libpthread if not necessary
testprogs: Fix failure count in test_net_ads.sh
s3:libads: Use ldap_add_ext_s() in ads_gen_add()
s3:libnet: Require sealed LDAP SASL connections for joining
s3:libads: Cleanup error code paths in ads_create_machine_acct()
s3:libads: Use a talloc_asprintf in ads_find_machine_acct()
s3:libads: Fix detection if acount already exists in ads_find_machine_count()
s3:libads: Don't set supported encryption types during account creation
s3:libads: Fix creating machine account using LDAP
s3:libnet: Improve debug messages
s3:libads: Just change the machine password if account already exists
testprogs: Add test for 'net ads join createcomputer='
s3:libsmb: Do not check the SPNEGO neg token for KRB5
lib:krb5_wrap: Do not create a temporary file for MEMORY keytabs
s3:libads: Do not turn on canonicalization flag for MIT Kerberos
Andrew Bartlett (3):
sambaundoguididx: Add flags=ldb.FLG_DONT_CREATE_DB and port to Python3
sambaundoguididx: fix for -s
undoduididx: Add "or later" to warning about using tools from Samba 4.8
Anoop C S (1):
vfs_glusterfs: Enable profiling for file system operations
Björn Jacke (2):
classicupgrade: fix a a bytes-like object is required, not 'str' error
fault.c: improve fault_report message text pointing to our wiki
Bryan Mason (1):
s3:client:Use DEVICE_URI, instead of argv[0],for Device URI
Christof Schmitt (1):
selftest: Test ID_TYPE_BOTH with idmap_rid module
Douglas Bagnall (1):
s4/scripting: MORE py3 compatible print functions
Evgeny Sinelnikov (1):
s3:ldap: Fix join with don't exists machine account
Günther Deschner (1):
s3-winbindd: fix forest trusts with additional trust attributes.
Isaac Boukris (8):
nsswitch: Link stress-nss-libwbclient against pthread
s3:libsmb: Link libsmb against pthread
spnego: ignore server mech_types list
selftest: s3: add a test for spnego downgrade from krb5 to ntlm
spnego: add client option to omit sending an optimistic token
selftest: add tests for no optimistic spnego exchange
python/tests/gensec: add spnego downgrade python tests
spnego: fix server handling of no optimistic exchange
Jeremy Allison (7):
CVE-2019-10197: smbd: separate out impersonation debug info into a new function.
s3: libsmbclient: Ensure SMBC_readdir_ctx() also updates the readdirplus pointers.
s3: libsmbclient: Ensure SMBC_readdirplus_ctx() also updates the readdir pointers.
s3: libsmbclient: Ensure SMBC_getdents_ctx() also updates the readdirplus pointers.
s3: libsmbclient: Fix smbc_lseekdir() to work with smbc_readdirplus().
s3/4: libsmbclient test. Test using smbc_telldir/smbc_lseekdir with smbc_readdir/smbc_readdirplus/smbc_getdents.
s3: smbclient: Stop an SMB2-connection from blundering into SMB1-specific calls.
Karolin Seeger (7):
VERSION: Bump version up to 4.10.8...
WHATSNEW: Add release notes for Samba 4.10.8.
VERSION: Disable GIT_SNAPSHOT for the 4.10.8 release.
Merge tag 'samba-4.10.8' into v4-10-test
VERSION: Bump version up to 4.10.9.
WHATSNEW: Add release notes for Samba 4.10.9.
VERSION: Disable GIT_SNAPSHOT for the 4.9.10 release.
Martin Schwenke (22):
ctdb-daemon: Replace function ctdb_ip_to_nodeid() with ctdb_ip_to_pnn()
ctdb-daemon: Add function ctdb_ip_to_node()
ctdb-tcp: Rename fd -> out_fd
ctdb-tcp: Move incoming fd and queue into struct ctdb_tcp_node
ctdb-tcp: Use TALLOC_FREE()
ctdb-tcp: Create outbound queue when the connection becomes writable
ctdb-tcp: Only mark a node connected if both directions are up
ctdb-tcp: Mark node as disconnected if incoming connection goes away
ctdb-daemon: Factor out new function ctdb_node_become_inactive()
ctdb-daemon: Switch banning code to use ctdb_node_become_inactive()
ctdb-daemon: Drop unused function ctdb_local_node_got_banned()
ctdb-daemon: Make node inactive in the NODE_STOP control
ctdb-tests: Reformat node_has_status()
ctdb-tests: Drop unused node statuses frozen/unfrozen
ctdb-tests: Inline handling of recovered and notlmaster statuses
ctdb-tests: Handle special cases first and return
ctdb-tests: Don't retrieve the VNN map from target node for notlmaster
ctdb-recoverd: Only check for LMASTER nodes in the VNN map
ctdb-tests: Strengthen volatile DB traverse test
ctdb-tests: Clear deleted record via recovery instead of vacuuming
ctdb-recoverd: Fix typo in previous fix
ctdb-tools: Stop deleted nodes from influencing ctdb nodestatus exit code
Michael Adam (1):
winbind: provide passwd struct for group sid with ID_TYPE_BOTH mapping (again)
Noel Power (1):
s3/libads: clang: Fix Value stored to 'canon_princ' is never read
Poornima G (1):
vfs_glusterfs: Use pthreadpool for scheduling aio operations
Ralph Boehme (1):
ctdb: fix compilation on systems with glibc robust mutexes
Stefan Metzmacher (27):
CVE-2019-10197: smbd: make sure that change_to_user_internal() always resets current_user.done_chdir
CVE-2019-10197: smbd: make sure we reset current_user.{need,done}_chdir in become_root()
CVE-2019-10197: selftest: make fsrvp_share its own independent subdirectory
CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem
CVE-2019-10197: smbd: split change_to_user_impersonate() out of change_to_user_internal()
libcli/smb: add new COMPRESSION and NETNAME negotiate context ids
libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
s4:auth: use the correct client realm in gensec_gssapi_update_internal()
s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm
s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5()
s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials
s3:libads/kerberos: always use the canonicalized principal after kinit
krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal
s4:auth: kinit_to_ccache() should always use the canonicalized principal
s3:libads: ads_krb5_chg_password() should always use the canonicalized principal
krb5_wrap: let smb_krb5_parse_name() accept enterprise principals
docs-xml: add "winbind use krb5 enterprise principals" option
s3:winbindd: implement the "winbind use krb5 enterprise principals" logic
tests/pam_winbind.py: turn pypamtest.PamTestError into a failure
tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value
test_pam_winbind.sh: allow different pam_winbindd config options to be specified
selftest/tests.py: prepare looping over pam_winbindd tests
selftest/tests.py: test pam_winbind with krb5_auth
selftest/tests.py: test pam_winbind with a lot of username variations
selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member
selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member
python/tests/gensec: make it possible to add knownfail tests for gensec.update()
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list