[SCM] Samba Shared Repository - annotated tag samba-4.11.1 created

Karolin Seeger kseeger at samba.org
Fri Oct 18 09:17:16 UTC 2019

The annotated tag, samba-4.11.1 has been created
        at  2816c3ec0942c7fd9869b3da85fd568dfb0eeb09 (tag)
   tagging  be4cb417135af09fcf076a92bc8b7e02310a2383 (commit)
  replaces  samba-4.11.0
 tagged by  Karolin Seeger
        on  Fri Oct 18 11:16:52 2019 +0200

- Log -----------------------------------------------------------------
samba: tag release samba-4.11.1


Amitay Isaacs (1):
      ctdb-vacuum: Process all records not deleted on a remote node

Andreas Schneider (22):
      selftest: Export TRUST information in the ad_member target environment
      s3:waf: Do not check for nanosleep() as we don't use it anywhere
      replace: Only link against librt if really needed
      pthreadpool: Only link pthreadpool against librt if we have to
      third_party: Only link cmocka against librt if really needed
      third_party: Link nss_wrapper against pthread
      third_party: Link uid_wrapper against pthread
      waf:replace: Do not link against libpthread if not necessary
      testprogs: Fix failure count in test_net_ads.sh
      s3:libads: Use ldap_add_ext_s() in ads_gen_add()
      s3:libnet: Require sealed LDAP SASL connections for joining
      s3:libads: Cleanup error code paths in ads_create_machine_acct()
      s3:libads: Use a talloc_asprintf in ads_find_machine_acct()
      s3:libads: Fix detection if acount already exists in ads_find_machine_count()
      s3:libads: Don't set supported encryption types during account creation
      s3:libads: Fix creating machine account using LDAP
      s3:libnet: Improve debug messages
      s3:libads: Just change the machine password if account already exists
      testprogs: Add test for 'net ads join createcomputer='
      s3:libsmb: Do not check the SPNEGO neg token for KRB5
      lib:krb5_wrap: Do not create a temporary file for MEMORY keytabs
      s3:libads: Do not turn on canonicalization flag for MIT Kerberos

Björn Jacke (2):
      classicupgrade: fix a a bytes-like object is required, not 'str' error
      fault.c: improve fault_report message text pointing to our wiki

Bryan Mason (1):
      s3:client:Use DEVICE_URI, instead of argv[0],for Device URI

Christof Schmitt (1):
      selftest: Test ID_TYPE_BOTH with idmap_rid module

Günther Deschner (3):
      s3-winbindd: fix forest trusts with additional trust attributes.
      libcli/auth: add test for gensec_schannel code
      auth/gensec: fix non-AES schannel seal

Isaac Boukris (8):
      spnego: ignore server mech_types list
      selftest: s3: add a test for spnego downgrade from krb5 to ntlm
      spnego: add client option to omit sending an optimistic token
      selftest: add tests for no optimistic spnego exchange
      python/tests/gensec: add spnego downgrade python tests
      spnego: fix server handling of no optimistic exchange
      nsswitch: Link stress-nss-libwbclient against pthread
      s3:libsmb: Link libsmb against pthread

Jeremy Allison (6):
      s3: libsmbclient: Ensure SMBC_readdir_ctx() also updates the readdirplus pointers.
      s3: libsmbclient: Ensure SMBC_readdirplus_ctx() also updates the readdir pointers.
      s3: libsmbclient: Ensure SMBC_getdents_ctx() also updates the readdirplus pointers.
      s3: libsmbclient: Fix smbc_lseekdir() to work with smbc_readdirplus().
      s3/4: libsmbclient test. Test using smbc_telldir/smbc_lseekdir with smbc_readdir/smbc_readdirplus/smbc_getdents.
      s3: smbclient: Stop an SMB2-connection from blundering into SMB1-specific calls.

Karolin Seeger (3):
      VERSION: Bump version up to 4.11.1...
      WHATSNEW: Add release notes for Samba 4.11.1.
      VERSION: Disable GIT_SNAPSHOT for Samba 4.11.1.

Martin Schwenke (1):
      ctdb-tools: Stop deleted nodes from influencing ctdb nodestatus exit code

Mathieu Parent (1):
      pod2man is no longer needed

Michael Adam (1):
      winbind: provide passwd struct for group sid with ID_TYPE_BOTH mapping (again)

Noel Power (1):
      s3/libads: clang: Fix Value stored to 'canon_princ' is never read

Ralph Boehme (13):
      torture:smb2: extend test for File-IDs
      torture:smb2: add a File-ID test on directories
      s3:smbd: change the place where we call dos_mode() when processing SMB2_CREATE
      s3:smbd: when storing DOS attribute call dos_mode() beforehand
      s3:lib: rework a return expression into an if block
      s3:lib: assert stream_name is NULL for POSIX paths
      s3:lib: factor out stream name asserts to helper function
      s3:lib: expand a comment with the function doc for is_ntfs_stream_smb_fname
      s3:lib: implement logic directly in is_ntfs_default_stream_smb_fname()
      s3:lib: use strequal_m() in is_ntfs_default_stream_smb_fname()
      s3:lib: add is_named_stream()
      s3:smbd: ensure a created stream picks up the File-ID from the basefile
      s3:smbd: add a comment explaining the File-ID semantics when a file is created

Stefan Metzmacher (22):
      nsswitch: add logging to wbc_auth_error_to_pam_error() for non auth errors
      s4:auth: use the correct client realm in gensec_gssapi_update_internal()
      s3:libads: let kerberos_kinit_password_ext() return the canonicalized principal/realm
      s3:libsmb: avoid wrong debug message in cli_session_creds_prepare_krb5()
      s3:libsmb: let cli_session_creds_prepare_krb5() update the canonicalized principal to cli_credentials
      s3:libads/kerberos: always use the canonicalized principal after kinit
      krb5_wrap: smb_krb5_kinit_password_ccache() should always use the canonicalized principal
      s4:auth: kinit_to_ccache() should always use the canonicalized principal
      s3:libads: ads_krb5_chg_password() should always use the canonicalized principal
      krb5_wrap: let smb_krb5_parse_name() accept enterprise principals
      docs-xml: add "winbind use krb5 enterprise principals" option
      s3:winbindd: implement the "winbind use krb5 enterprise principals" logic
      tests/pam_winbind.py: turn pypamtest.PamTestError into a failure
      tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty DOMAIN value
      test_pam_winbind.sh: allow different pam_winbindd config options to be specified
      selftest/tests.py: prepare looping over pam_winbindd tests
      selftest/tests.py: test pam_winbind with krb5_auth
      selftest/tests.py: test pam_winbind with a lot of username variations
      selftest/tests.py: test pam_winbind for trusts domains
      selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member
      selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member
      python/tests/gensec: make it possible to add knownfail tests for gensec.update()


Samba Shared Repository

More information about the samba-cvs mailing list