[SCM] Samba Shared Repository - branch v4-11-stable updated
Karolin Seeger
kseeger at samba.org
Wed Sep 11 06:46:56 UTC 2019
The branch, v4-11-stable has been updated
via b788d502cd1 VERSION: Disable GIT_SNAPSHOT for the 4.11.0rc4 release.
via 70906342a77 WHATSNEW: Add release notes for Samba 4.11.0rc4.
via 76eab3e6bc9 WHATSNEW: Remove paragraph about rejoining DCs.
via d887047aa0c vfs: restore stat fields in vfs_stat_fsp()
via b4aaa612d33 s3:vfs: streamline vfs_stat_fsp()
via b14dd975c75 s3: replace fsp_stat() with vfs_stat_fsp()
via cb09104951c s3:lib: add update_stat_ex_from_saved_stat()
via 4930920648a vfs_catia: stat info may have been updated, make sure to return changes
via d47f8ca1a76 s3:smbd: ensure to update the File-ID in struct smb_filename
via 6dfeecf345c s3:lib: round itime to NTTIME resolution in make_file_id_from_itime()
via cca34da443e lib: add round_timespec_to_nttime()
via 0318b68675d s4:torture: add a file-id related test
via 02ccbe08a53 s3:ldap: Fix join with don't exists machine account
via be42cfafee0 s3:selftest: add delay_inject:brl_lock_windows testing
via 9bf1c5c3e48 vfs_delay_inject: add support for brl_[un]lock_windows()
via ec21e68912d s3:locking: add brl_req_guid() and brl_req_mem_ctx() helper functions
via 74527a20584 s3:smb2_lock: handle NT_STATUS_RETRY from the VFS backend
via a1117587afb s3:blocking: handle NT_STATUS_RETRY from the VFS backend
via c8086b8873b s3:blocking: make use of smbd_smb1_do_locks_try() in smbd_smb1_do_locks_send()
via 5e9d294a045 s3:blocking: call smbd_smb1_do_locks_setup_timeout() also in smbd_smb1_do_locks_try()
via 11e489b0789 s3:blocking: fix the fsp->blocked_smb1_lock_reqs handling
via 333026209a8 s3:blocking: do the timeout calculation before calling dbwrap_watched_watch_send()
via f479c7bc03a s3:blocking: split out smbd_smb1_do_locks_setup_timeout()
via 9f46f3b0e72 s3:blocking: use timeval_expired(&state->endtime) to stop processing
via d857b21d4fe s4:torture/raw: add multilock6 test
via a037ebbc347 s4:torture/raw: add multilock5 test
via cc9afc3dac2 s4:torture/raw: add multilock4 test
via 6bd411aad81 s4:torture/raw: add multilock3 test
via da765a062aa s4:torture/raw: improvements for multilock2
via c4d7c186aca s3:smb2_lock: add retry for POSIX locks
via 061b60353d7 s4:torture/smb2: add smb2.samba3misc.localposixlock1
via 00fc583960f s3:smb2_lock: make use of smbd_smb2_lock_try() in smbd_smb2_lock_send()
via 1fb82e04d02 s3:smb2_lock: let smbd_smb2_lock_try() explicitly check for the retry condition
via c4ab0c85022 s3:smb2_lock: error out early in smbd_smb2_lock_send()
via 5e156be97a3 s3:smb2_lock: split smbd_smb2_lock_retry() into _try() and _retry()
via e5385142987 s3:smb2_lock: move from 'blocking' to 'state->blocking'
via 8b3a50609f4 s3:brlock: always return LOCK_NOT_GRANTED instead of FILE_LOCK_CONFLICT
via b56bb2ac59d s3:blocking: maintain state->deny_status
via 85b9b5f04fd s4:torture/raw: assert to get LOCK_NOT_GRANTED in torture_samba3_posixtimedlock()
via 1fd0a52e672 s3:blocking: use dynamic posix lock wait intervals
via e91bae2bdb1 s3:blocking: Remove bug reproducer from a few commits ago
via 2c31c9d365d s3:blocking: fix posix lock retry
via 6b23f24ee38 s3:blocking: move from 'timeout' to 'smbd_smb1_do_locks_state->timeout'
via b381f4b314c s3:blocking: split smbd_smb1_do_locks_retry() into _try() and _retry()
via 841fceae680 s3:blocking: demonstrate the posix lock retry fails
via ffdb166e49f s3:torture: convert LOCK9 into LOCK9A and LOCK9B
via 0742879bd8d s3:torture: fix the timeout alarm handling on LOCK9
via 75e07d48594 s3:blocking: remove unused timeval_brl_min()
via f73b670b4db s3:locking: add share_mode_wakeup_waiters() helper function
via 244ad1210cc s3:locking: add/split out byte_range_{valid,overlap}() helper functions
via 80a04a4e19a s3:smb2_lock: call change_to_user_by_fsp() when dbwrap_watched_watch* finishes
via 728e29d84ca s3:blocking: call change_to_user_by_fsp() when dbwrap_watched_watch* finishes
via d01dbe68cdf libcli/smb: send SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
via bff4ee33420 libcli/smb: add new COMPRESSION and NETNAME negotiate context ids
via 11c2b21b97d ctdb: fix compilation on systems with glibc robust mutexes
via 04867f4c513 WHATSNEW: Add entry for deprecation of "lanman auth" and "encrypt passwords = no"
via f1d2b5eba72 docs: Deprecate "encrypt passwords = no"
via 116f8cfe304 docs: Deprecate "lanman auth = yes"
via bc0d16c9d8e ldb: Release ldb 2.0.7
via 9392ee7d290 ldb: Extend the ldb_dn_explode test matrix
via e019f3a6aac ldb: Do not read beyond the end of the extended DN component when printing
via 9b0c3051783 ldb: Add test with == true or false to boolean if statements in ldb_dn_explode()
via 1bc9476be79 ldb: Rework all pointer NULL tests to use Samba's normal style
via 0f993c094ea ldb: add some dn explode tests
via c71c51dda00 ldb: don't try to save a value that isn't there
via 61a039cc21d ldb: Call TALLOC_FREE(filtered_msg->elements) on ldb_filter_attrs() failure
via 11427be15ed ldb: use TALLOC_FREE() over talloc_free() in ldb_filter_attrs()
via 9c677a274d4 ldb: Correct Pigeonhole principle validation in ldb_filter_attrs()
via 57f00784ffa ldb: Fix mem-leak if talloc_realloc fails
via 7cf6afba656 ldb_dn: free dn components on explode failure
via 0358b3f9bc1 ldb: do not allow adding a DN as a base to itself
via 0e96b2cb506 vfs_glusterfs: Use pthreadpool for scheduling aio operations
via 8b680d30979 ctdb-recoverd: Fix typo in previous fix
via 20c4d212472 ctdb-tests: Clear deleted record via recovery instead of vacuuming
via 9063f5dde3f ctdb-tests: Strengthen volatile DB traverse test
via a03443efef6 ctdb-recoverd: Only check for LMASTER nodes in the VNN map
via 4a5c554508b ctdb-tests: Don't retrieve the VNN map from target node for notlmaster
via 7e004230708 ctdb-tests: Handle special cases first and return
via e876b1e8562 ctdb-tests: Inline handling of recovered and notlmaster statuses
via 6efb59affb2 ctdb-tests: Drop unused node statuses frozen/unfrozen
via a279b888346 ctdb-tests: Reformat node_has_status()
via 96961348432 VERSION: Bump verison up to 4.11.0rc4...
from c1d9e02d06a VERSION: Disable GIT_SNAPSHOT for the 4.11.0rc3 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 60 +-
ctdb/server/ctdb_recoverd.c | 14 +-
ctdb/tests/scripts/integration.bash | 80 +-
ctdb/tests/simple/69_recovery_resurrect_deleted.sh | 17 +-
ctdb/tests/simple/79_volatile_db_traverse.sh | 67 +-
ctdb/wscript | 2 +-
docs-xml/smbdotconf/security/encryptpasswords.xml | 8 +
docs-xml/smbdotconf/security/lanmanauth.xml | 9 +
lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.0.7.sigs} | 0
...yldb-util-1.1.10.sigs => pyldb-util-2.0.7.sigs} | 0
lib/ldb/common/ldb_dn.c | 156 +--
lib/ldb/common/ldb_pack.c | 35 +-
lib/ldb/tests/ldb_filter_attrs_test.c | 988 ++++++++++++++++++
lib/ldb/tests/test_ldb_dn.c | 115 +++
lib/ldb/wscript | 7 +-
lib/util/time.c | 9 +
lib/util/time.h | 1 +
libcli/smb/smb2_constants.h | 2 +
libcli/smb/smbXcli_base.c | 17 +
selftest/knownfail | 1 +
selftest/skip | 3 +-
selftest/target/Samba3.pm | 12 +
source3/include/locking.h | 2 +
source3/include/proto.h | 2 +
source3/lib/file_id.c | 2 +
source3/lib/system.c | 20 +
source3/libads/ldap.c | 5 +-
source3/locking/brlock.c | 162 ++-
source3/locking/locking.c | 11 +-
source3/locking/proto.h | 15 +
source3/locking/share_mode_lock.c | 12 +
source3/modules/vfs_catia.c | 4 +
source3/modules/vfs_delay_inject.c | 117 +++
source3/modules/vfs_dirsort.c | 13 +-
source3/modules/vfs_fruit.c | 13 +
source3/modules/vfs_glusterfs.c | 562 +++++-----
source3/selftest/tests.py | 11 +-
source3/smbd/blocking.c | 545 +++++++---
source3/smbd/durable.c | 2 +
source3/smbd/fileio.c | 17 -
source3/smbd/globals.c | 18 +
source3/smbd/globals.h | 2 +
source3/smbd/open.c | 17 +
source3/smbd/proto.h | 5 +-
source3/smbd/reply.c | 30 +-
source3/smbd/smb2_lock.c | 243 ++++-
source3/smbd/trans2.c | 2 +
source3/smbd/vfs.c | 12 +-
source3/torture/torture.c | 40 +-
source4/selftest/tests.py | 1 +
source4/torture/raw/lock.c | 1069 +++++++++++++++++++-
source4/torture/raw/samba3misc.c | 6 +-
source4/torture/smb2/create.c | 212 ++++
source4/torture/smb2/samba3misc.c | 188 ++++
source4/torture/smb2/smb2.c | 2 +
source4/torture/smb2/wscript_build | 1 +
57 files changed, 4255 insertions(+), 713 deletions(-)
copy lib/ldb/ABI/{ldb-2.0.5.sigs => ldb-2.0.7.sigs} (100%)
copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs => pyldb-util-2.0.7.sigs} (100%)
create mode 100644 lib/ldb/tests/ldb_filter_attrs_test.c
create mode 100644 source4/torture/smb2/samba3misc.c
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index a8742ca9e50..792dd684a3c 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
# e.g. SAMBA_VERSION_RC_RELEASE=1 #
# -> "3.0.0rc1" #
########################################################
-SAMBA_VERSION_RC_RELEASE=3
+SAMBA_VERSION_RC_RELEASE=4
########################################################
# To mark SVN snapshots this should be set to 'yes' #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index eece43fcd9e..74d1de4c021 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
Release Announcements
=====================
-This is the third release candidate of Samba 4.11. This is *not*
+This is the fourth release candidate of Samba 4.11. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
@@ -33,11 +33,6 @@ When either upgrading or downgrading, users should also avoid making any
database modifications between installing the new Samba packages and starting
the samba executable.
-Note that when moving between major Samba releases in general, we recommend
-that the AD DC is rejoined to the domain. Using this approach avoids the need
-to explicitly downgrade the database manually. For more details, see:
-https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC
-
SMB1 is disabled by default
---------------------------
@@ -68,6 +63,18 @@ in the following years. If you have a strong requirement for SMB1
(except for supporting old Linux Kernels), please file a bug
at https://bugzilla.samba.org and let us know about the details.
+LanMan and plaintext authentication deprecated
+----------------------------------------------
+
+The "lanman auth" and "encrypt passwords" parameters are deprecated
+with this release as both are only applicable to SMB1 and are quite
+insecure. NTLM, NTLMv2 and Kerberos authentication are unaffected, as
+"encrypt passwords = yes" has been the default since Samba 3.0.0.
+
+If you have a strong requirement for these authentication protocols,
+please file a bug at https://bugzilla.samba.org and let us know about
+the details.
+
BIND9_FLATFILE deprecated
-------------------------
@@ -357,6 +364,47 @@ smb.conf changes
fruit:zero_file_id Changed default False
debug encryption New: dump encryption keys False
rndc command Deprecated
+ lanman auth Deprecated
+ encrypt passwords Deprecated
+
+
+CHANGES SINCE 4.11.0rc3
+=======================
+
+o Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
+ * BUG 14049: ldb: Don't try to save a value that isn't there.
+ * ldb_dn: Free dn components on explode failure.
+ * ldb: Do not allow adding a DN as a base to itself.
+
+o Andrew Bartlett <abartlet at samba.org>
+ * ldb: Release ldb 2.0.7.
+ * BUG 13695: ldb: Correct Pigeonhole principle validation in
+ ldb_filter_attrs().
+ * BUG 14049: Fix ldb dn crash.
+ * BUG 14117: Deprecate "lanman auth = yes" and "encrypt passwords = no".
+
+o Ralph Boehme <slow at samba.org>
+ * BUG 14038: Fix compiling ctdb on older systems lacking POSIX robust
+ mutexes.
+ * BUG 14121: smbd returns bad File-ID on filehandle used to create a file or
+ directory.
+
+o Poornima G <pgurusid at redhat.com>
+ * BUG 14098: vfs_glusterfs: Use pthreadpool for scheduling aio operations.
+
+o Stefan Metzmacher <metze at samba.org>
+ * BUG 14055: Add the target server name of SMB 3.1.1 connections as a hint to
+ load balancers or servers with "multi-tenancy" support.
+ * BUG 14113: Fix byte range locking bugs/regressions.
+
+o Swen Schillig <swen at linux.ibm.com>
+ * ldb: Fix mem-leak if talloc_realloc fails.
+
+o Evgeny Sinelnikov <sin at altlinux.org>
+ * BUG 14007: Fix join with don't exists machine account.
+
+o Martin Schwenke <martin at meltin.net>
+ * BUG 14085: ctdb-recoverd: Only check for LMASTER nodes in the VNN map.
CHANGES SINCE 4.11.0rc2
diff --git a/ctdb/server/ctdb_recoverd.c b/ctdb/server/ctdb_recoverd.c
index 652bf9ce4ea..3d5b727715a 100644
--- a/ctdb/server/ctdb_recoverd.c
+++ b/ctdb/server/ctdb_recoverd.c
@@ -2989,13 +2989,19 @@ static void main_loop(struct ctdb_context *ctdb, struct ctdb_recoverd *rec,
return;
}
- /* verify that all active nodes in the nodemap also exist in
- the vnnmap.
+ /*
+ * Verify that all active lmaster nodes in the nodemap also
+ * exist in the vnnmap
*/
for (j=0; j<nodemap->num; j++) {
if (nodemap->nodes[j].flags & NODE_FLAGS_INACTIVE) {
continue;
}
+ if (! ctdb_node_has_capabilities(rec->caps,
+ nodemap->nodes[j].pnn,
+ CTDB_CAP_LMASTER)) {
+ continue;
+ }
if (nodemap->nodes[j].pnn == pnn) {
continue;
}
@@ -3006,8 +3012,8 @@ static void main_loop(struct ctdb_context *ctdb, struct ctdb_recoverd *rec,
}
}
if (i == vnnmap->size) {
- DEBUG(DEBUG_ERR, (__location__ " Node %u is active in the nodemap but did not exist in the vnnmap\n",
- nodemap->nodes[j].pnn));
+ D_ERR("Active LMASTER node %u is not in the vnnmap\n",
+ nodemap->nodes[j].pnn);
ctdb_set_culprit(rec, nodemap->nodes[j].pnn);
do_recovery(rec, mem_ctx, pnn, nodemap, vnnmap);
return;
diff --git a/ctdb/tests/scripts/integration.bash b/ctdb/tests/scripts/integration.bash
index 30725c48e53..a4d45fb9ac2 100644
--- a/ctdb/tests/scripts/integration.bash
+++ b/ctdb/tests/scripts/integration.bash
@@ -311,53 +311,53 @@ wait_until_ready ()
# This function is becoming nicely overloaded. Soon it will collapse! :-)
node_has_status ()
{
- local pnn="$1"
- local status="$2"
-
- local bits fpat mpat rpat
- case "$status" in
- (unhealthy) bits="?|?|?|1|*" ;;
- (healthy) bits="?|?|?|0|*" ;;
- (disconnected) bits="1|*" ;;
- (connected) bits="0|*" ;;
- (banned) bits="?|1|*" ;;
- (unbanned) bits="?|0|*" ;;
- (disabled) bits="?|?|1|*" ;;
- (enabled) bits="?|?|0|*" ;;
- (stopped) bits="?|?|?|?|1|*" ;;
- (notstopped) bits="?|?|?|?|0|*" ;;
- (frozen) fpat='^[[:space:]]+frozen[[:space:]]+1$' ;;
- (unfrozen) fpat='^[[:space:]]+frozen[[:space:]]+0$' ;;
- (recovered) rpat='^Recovery mode:RECOVERY \(1\)$' ;;
- (notlmaster) rpat="^hash:.* lmaster:${pnn}\$" ;;
+ local pnn="$1"
+ local status="$2"
+
+ case "$status" in
+ recovered)
+ ! $CTDB status -n "$pnn" | \
+ grep -Eq '^Recovery mode:RECOVERY \(1\)$'
+ return
+ ;;
+ notlmaster)
+ ! $CTDB status | grep -Eq "^hash:.* lmaster:${pnn}\$"
+ return
+ ;;
+ esac
+
+ local bits
+ case "$status" in
+ unhealthy) bits="?|?|?|1|*" ;;
+ healthy) bits="?|?|?|0|*" ;;
+ disconnected) bits="1|*" ;;
+ connected) bits="0|*" ;;
+ banned) bits="?|1|*" ;;
+ unbanned) bits="?|0|*" ;;
+ disabled) bits="?|?|1|*" ;;
+ enabled) bits="?|?|0|*" ;;
+ stopped) bits="?|?|?|?|1|*" ;;
+ notstopped) bits="?|?|?|?|0|*" ;;
*)
- echo "node_has_status: unknown status \"$status\""
- return 1
- esac
-
- if [ -n "$bits" ] ; then
+ echo "node_has_status: unknown status \"$status\""
+ return 1
+ esac
local out x line
out=$($CTDB -X status 2>&1) || return 1
{
- read x
- while read line ; do
- # This needs to be done in 2 steps to avoid false matches.
- local line_bits="${line#|${pnn}|*|}"
- [ "$line_bits" = "$line" ] && continue
- [ "${line_bits#${bits}}" != "$line_bits" ] && return 0
- done
- return 1
+ read x
+ while read line ; do
+ # This needs to be done in 2 steps to
+ # avoid false matches.
+ local line_bits="${line#|${pnn}|*|}"
+ [ "$line_bits" = "$line" ] && continue
+ [ "${line_bits#${bits}}" != "$line_bits" ] && \
+ return 0
+ done
+ return 1
} <<<"$out" # Yay bash!
- elif [ -n "$fpat" ] ; then
- $CTDB statistics -n "$pnn" | egrep -q "$fpat"
- elif [ -n "$rpat" ] ; then
- ! $CTDB status -n "$pnn" | egrep -q "$rpat"
- else
- echo 'node_has_status: unknown mode, neither $bits nor $fpat is set'
- return 1
- fi
}
wait_until_node_has_status ()
diff --git a/ctdb/tests/simple/69_recovery_resurrect_deleted.sh b/ctdb/tests/simple/69_recovery_resurrect_deleted.sh
index 8126c49b83c..f6c72c59f2a 100755
--- a/ctdb/tests/simple/69_recovery_resurrect_deleted.sh
+++ b/ctdb/tests/simple/69_recovery_resurrect_deleted.sh
@@ -54,18 +54,11 @@ database_has_zero_records ()
return 0
}
-echo "Get vacuum interval"
-try_command_on_node -v $second $CTDB getvar VacuumInterval
-vacuum_interval="${out#* = }"
-
-echo "Wait until vacuuming deletes the record on active nodes"
-# Why 4? Steps are:
-# 1. Original node processes delete queue, asks lmaster to fetch
-# 2. lmaster recoverd fetches
-# 3. lmaster processes delete queue
-# If vacuuming is just missed then need an extra interval
-t=$((vacuum_interval * 4))
-wait_until "${t}/10" database_has_zero_records
+echo "Trigger a recovery"
+try_command_on_node "$second" $CTDB recover
+
+echo "Checking that database has 0 records"
+database_has_zero_records
echo "Continue node ${first}"
try_command_on_node $first $CTDB continue
diff --git a/ctdb/tests/simple/79_volatile_db_traverse.sh b/ctdb/tests/simple/79_volatile_db_traverse.sh
index af7e962f579..7f3007d5105 100755
--- a/ctdb/tests/simple/79_volatile_db_traverse.sh
+++ b/ctdb/tests/simple/79_volatile_db_traverse.sh
@@ -42,11 +42,56 @@ try_command_on_node 0 $CTDB writekey "$TESTDB" "foo" "bar0"
echo "write foo=bar1 on node 1"
try_command_on_node 1 $CTDB writekey "$TESTDB" "foo" "bar1"
-echo "do traverse on node 0"
-try_command_on_node -v 0 $CTDB catdb "$TESTDB"
+echo
-echo "do traverse on node 1"
-try_command_on_node -v 1 $CTDB catdb "$TESTDB"
+check_db_num_records ()
+{
+ local node="$1"
+ local db="$2"
+ local n="$3"
+
+ echo "Checking on node ${node} to ensure ${db} has ${n} records..."
+ try_command_on_node "$node" "${CTDB} catdb ${db}"
+
+ num=$(sed -n -e 's|^Dumped \(.*\) records$|\1|p' "$outfile")
+ if [ "$num" = "$n" ] ; then
+ echo "OK: Number of records=${num}"
+ echo
+ else
+ echo "BAD: There were ${num} (!= ${n}) records"
+ cat "$outfile"
+ exit 1
+ fi
+}
+
+check_db_num_records 0 "$TESTDB" 1
+check_db_num_records 1 "$TESTDB" 1
+
+cat <<EOF
+
+Again, this time with 10 records, rewriting 5 of them on the 2nd node
+
+EOF
+
+echo "wipe test database $TESTDB"
+try_command_on_node 0 $CTDB wipedb "$TESTDB"
+
+for i in $(seq 0 9) ; do
+ k="foo${i}"
+ v="bar${i}@0"
+ echo "write ${k}=${v} on node 0"
+ try_command_on_node 0 "${CTDB} writekey ${TESTDB} ${k} ${v}"
+done
+
+for i in $(seq 1 5) ; do
+ k="foo${i}"
+ v="bar${i}@1"
+ echo "write ${k}=${v} on node 1"
+ try_command_on_node 1 "${CTDB} writekey ${TESTDB} ${k} ${v}"
+done
+
+check_db_num_records 0 "$TESTDB" 10
+check_db_num_records 1 "$TESTDB" 10
cat <<EOF
@@ -63,8 +108,6 @@ try_command_on_node 1 $CTDB setlmasterrole off
try_command_on_node -v 1 $CTDB getcapabilities
wait_until_node_has_status 1 notlmaster 10 0
-# Wait for recovery and new VNN map to be pushed
-#sleep_for 10
echo "write foo=bar0 on node 0"
try_command_on_node 0 $CTDB writekey "$TESTDB" "foo" "bar0"
@@ -72,16 +115,10 @@ try_command_on_node 0 $CTDB writekey "$TESTDB" "foo" "bar0"
echo "write foo=bar1 on node 1"
try_command_on_node 1 $CTDB writekey "$TESTDB" "foo" "bar1"
-echo "do traverse on node 0"
-try_command_on_node -v 0 $CTDB catdb "$TESTDB"
+echo
-num=$(sed -n -e 's|^Dumped \(.*\) records$|\1|p' "$outfile")
-if [ "$num" = 1 ] ; then
- echo "OK: There was 1 record"
-else
- echo "BAD: There were ${num} (!= 1) records"
- exit 1
-fi
+check_db_num_records 0 "$TESTDB" 1
+check_db_num_records 1 "$TESTDB" 1
if grep -q "^data(4) = \"bar1\"\$" "$outfile" ; then
echo "OK: Data from node 1 was returned"
diff --git a/ctdb/wscript b/ctdb/wscript
index 51a09fdc63d..9663213a2a8 100644
--- a/ctdb/wscript
+++ b/ctdb/wscript
@@ -1040,7 +1040,7 @@ def build(bld):
ib_deps,
install_path='${CTDB_TEST_LIBEXECDIR}')
- if bld.env.HAVE_ROBUST_MUTEXES and sys.platform.startswith('linux'):
+ if bld.env.HAVE_ROBUST_MUTEXES and sys.platform.startswith('linux') and bld.env.DEVELOPER:
bld.SAMBA_BINARY('test_mutex_raw',
source='tests/src/test_mutex_raw.c',
deps='pthread',
diff --git a/docs-xml/smbdotconf/security/encryptpasswords.xml b/docs-xml/smbdotconf/security/encryptpasswords.xml
index 4bd97809d86..4fdfa898501 100644
--- a/docs-xml/smbdotconf/security/encryptpasswords.xml
+++ b/docs-xml/smbdotconf/security/encryptpasswords.xml
@@ -1,8 +1,16 @@
<samba:parameter name="encrypt passwords"
context="G"
type="boolean"
+ deprecated="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
+ <para>This parameter has been deprecated since Samba 4.11 and
+ support for plaintext (as distinct from NTLM, NTLMv2
+ or Kerberos authentication)
+ will be removed in a future Samba release.</para>
+ <para>That is, in the future, the current default of
+ <command>encrypt passwords = yes</command>
+ will be the enforced behaviour.</para>
<para>This boolean controls whether encrypted passwords
will be negotiated with the client. Note that Windows NT 4.0 SP3 and
above and also Windows 98 will by default expect encrypted passwords
diff --git a/docs-xml/smbdotconf/security/lanmanauth.xml b/docs-xml/smbdotconf/security/lanmanauth.xml
index 97f2fb04dcb..e5e63e43076 100644
--- a/docs-xml/smbdotconf/security/lanmanauth.xml
+++ b/docs-xml/smbdotconf/security/lanmanauth.xml
@@ -2,8 +2,17 @@
context="G"
type="boolean"
function="_lanman_auth"
+ deprecated="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
+ <para>This parameter has been deprecated since Samba 4.11 and
+ support for LanMan (as distinct from NTLM, NTLMv2 or
+ Kerberos authentication)
+ will be removed in a future Samba release.</para>
+ <para>That is, in the future, the current default of
+ <command>lanman auth = no</command>
+ will be the enforced behaviour.</para>
+
<para>This parameter determines whether or not <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> will attempt to
authenticate users or permit password changes
diff --git a/lib/ldb/ABI/ldb-2.0.5.sigs b/lib/ldb/ABI/ldb-2.0.7.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.0.5.sigs
copy to lib/ldb/ABI/ldb-2.0.7.sigs
diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs b/lib/ldb/ABI/pyldb-util-2.0.7.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs
copy to lib/ldb/ABI/pyldb-util-2.0.7.sigs
diff --git a/lib/ldb/common/ldb_dn.c b/lib/ldb/common/ldb_dn.c
index 2e98f391467..83f94e3b913 100644
--- a/lib/ldb/common/ldb_dn.c
+++ b/lib/ldb/common/ldb_dn.c
@@ -298,19 +298,21 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
char *parse_dn;
bool is_index;
- if ( ! dn || dn->invalid) return false;
+ if (dn == NULL || dn->invalid == true) {
+ return false;
+ }
- if (dn->components) {
+ if (dn->components != NULL) {
return true;
}
- if (dn->ext_linearized) {
+ if (dn->ext_linearized != NULL) {
parse_dn = dn->ext_linearized;
} else {
parse_dn = dn->linearized;
}
- if ( ! parse_dn ) {
+ if (parse_dn == NULL) {
return false;
}
@@ -322,7 +324,7 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
}
/* Special DNs case */
- if (dn->special) {
+ if (dn->special == true) {
return true;
}
@@ -333,14 +335,14 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
/* in the common case we have 3 or more components */
/* make sure all components are zeroed, other functions depend on it */
dn->components = talloc_zero_array(dn, struct ldb_dn_component, 3);
- if ( ! dn->components) {
+ if (dn->components == NULL) {
return false;
}
/* Components data space is allocated here once */
data = talloc_array(dn->components, char, strlen(parse_dn) + 1);
- if (!data) {
- return false;
+ if (data == NULL) {
+ goto failed;
}
p = parse_dn;
@@ -348,7 +350,7 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
d = dt = data;
while (*p) {
- if (in_extended) {
+ if (in_extended == true) {
if (!in_ex_name && !in_ex_value) {
@@ -376,6 +378,7 @@ static bool ldb_dn_explode(struct ldb_dn *dn)
}
if (in_ex_value && *p == '>') {
+ struct ldb_dn_ext_component *ext_comp = NULL;
const struct ldb_dn_extended_syntax *ext_syntax;
struct ldb_val ex_val = {
.data = (uint8_t *)ex_value,
--
Samba Shared Repository
More information about the samba-cvs
mailing list