[SCM] Samba Shared Repository - annotated tag ldb-2.1.0 created
Stefan Metzmacher
metze at samba.org
Tue Jan 21 14:13:18 UTC 2020
The annotated tag, ldb-2.1.0 has been created
at f5698d21c5e94186d82048b57512b907556069f8 (tag)
tagging 79460b1b9f3452d6d68014b84f4a9dc3988bd916 (commit)
replaces tevent-0.10.2
tagged by Stefan Metzmacher
on Tue Jan 21 15:13:07 2020 +0100
- Log -----------------------------------------------------------------
ldb: tag release ldb-2.1.0
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl4nBvMACgkQR5ORYRMI
QCUtUAf/SqLyprEhEB9ZrmguuSezQaDvBr5GpK1ufOOd0iDQ5wwRqSPikhIc71kW
V72bfy1yUjEQbYjtWiqAOhppAyZHxiPNmWxbZMdISMaZTn5viuh+S/F/Z5EvM8Pz
Fd1z5ctSnIx+QbcdS9GVPDQnsupLk1vwWnotpLzL/TKREczOwJJktgmzMY7Tti9S
fNVCw2uwqFU2Ptqs5XEneIafLf79XdeI+bfBBPIQ7t7W3pAkOadk9DPZuoN5oLes
XqiQ+hKwS9BgCtkM/h7f5T/rLH4dWIA8+0RlOjdJfQwyItAhd72ZgWJHzwGpzQ3X
B2kaARhXDlwLI91xk0nXPEhgEqqo1g==
=kQMw
-----END PGP SIGNATURE-----
Alexander Bokovoy (1):
s3-rpcserver: fix security level check for DsRGetForestTrustInformation
Amitay Isaacs (1):
build: add missing crypt dependency for auth4_unix
Andreas Schneider (41):
s3:rpc_server: Replace E_md5hash() with GnuTLS calls
s3:winbindd: Replace E_md5hash() with GnuTLS calls
s3:winbind: Replace E_md5hash() with GnuTLS calls
libcli:auth: Remove unused E_md5hash()
s4:lib:tls: Fix cert and privkey types
s4:rpc_server: Return the status code from dcesrv_transport_session_key()
s3:printing: Use httpConnect2 from CUPS
gitignore: Add .build.log
s3:winbind: Print priv pipe location
ldb:tests: Avoid that the debug function overwrites memory
ldb:tests: Allow test filtering in ldb_mod_op_test
ldb: Avoid a possible NULL pointer dereference
ldb:tests: Use assert_in_range() in test_get_size()
ldb:tests: Add missing size check for tdb
ldb:tests: Add missing null check for ldb_kv_private
s3:tests: Remove the -I SERVER_IP so that Kerberos auth works
s3:selfest: Do not print the env twice
s3:smbspool: Map AUTH_INFO_REQUIRED=none to anonymous connection
s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous
s3:smbspool: Leave early if we print as root
s4:lib: Make sure we close fd's in error path
s3:rpc_server: Fix string compare for utmp entries
s3:torture: Do not segfault if cli is NULL
s3:smbd: Fix possible NULL deref in smbd_do_qfilepathinfo()
s3:lib: Move NULL check before messaging_dgm_out_rearm_idle_timer()
auth:tests: Improve debug output of test_gnutls
auth:tests: Only enable torture_gnutls_aes_128_cfb() on GnuTLS >= 3.6.11
pidl: Remove Parse/Yapp/Driver.pm
lib:crypto: Remove our implementation of AES CCM
lib:crypto: Remove our implementation of AES GCM
lib:crypto: Only build AES code if we need AES CMAC
lib:crypto: Build intel aes-ni only if GnuTLS doesn't provide AES CMAC
s3:script: Try to fix a Perl warning
s3:libsmb: Generate the inode only based on the path component
s3:libsmb: Add try_posixinfo to SMBSRV struct. Only enable for SMB1 with UNIX for now.
s3:libsmb: Return a 'struct stat' buffer for SMBC_getatr()
s3:libsmb: Add a setup_stat_from_stat_ex() function
libsmbclient: If over SMB1 first try to do a posix stat on the file.
librpc: Fix string length checking in ndr_pull_charset_to_null()
librpc: Add test for ndr_string_length()
docs-xml: 'mangled names = illegal' is the new default
Andrew Bartlett (95):
lib/fuzzing: Avoid NULL pointer de-ref from 0-length input
lib/fuzzing: Free memory after successful load in fuzz_tiniparser
witness.idl: Change array type in IDL for the print function
ndr: Include the caller location in ndr_{pull,push}_error() messages
librpc: Unify packet dumping on ndr_pull() failure
ndrdump: Fix one more NTSTATUS rather than friendly ndr message
ndrdump: print structure name when failing to setup
ndrdump: TALLOC_FREE() on each exit path to allow running with leak detection
ndrdump: Add const
ndrdump: Check for input decode failures
ndrdump: Allow for base64-encoded input in a file and on the command line
ndrdump: Return a different error code for ndr_pull() failures
ndrdump: Invert sense of --stop-on-parse-failure into --print-after-parse-failure
ndrdump: Still print --dump bytes after parse failure
python: Return the stdout when also checking error codes
selftest: Confirm that --base64-input and --input work and a PIDL bug is fixed.
selftest: Confirm that NDR bugs are fixed in DCOM code
selftest: Test repushing an ntlmssp AUTHENTICATE_MESSAGE
librpc: Check for NULL pointer in value() in ntlmssp_AUTHENTICATE
lib/fuzzing: Use --fuzz-target-ldflags if specified
lib/fuzzing/oss-fuzz: Add build_samba.sh for oss-fuzz
lib/fuzzing/oss-fuzz: add stub build.sh that will not change often
lib/fuzzing/oss-fuzz: Install chrpath as we use it in the build.sh script to set -rpath
lib/fuzzing/oss-fuzz: copy required libraries to the build target
lib/fuzzing: Add oss-fuzz info to README.md
build: Do not build selftest binaries for builds without --enable-selftest
librpc: Make CFDATA private to cab.idl and remove pull and push functions
librpc/ndr: Remove unused ndr_cab_generate_checksum()
ndrdump: Show the actual struct/function name in the print, not just what it was called
ndrdump: Improve error message when the pipes fail to dump
ndrdump: Do not run the validate step after a failure
selftest: Test partial parse behaviour in ndrdump
librpc: Avoid spinning on string_array elements with a short input
selftest: Add ndrdump tests for malformed drsuapi traffic
librpc/ndr: Do not follow a client-supplied NULL pointer in _print_drsuapi_DsAttributeValue_attid()
librpc: Fill in full deps for NDR_* subsystems
lib/fuzzing: Link only the required NDR_ subsystems into ndr_fuzz_X binaries
lib/fuzzer: Remove rudundent install=False flag from fuzz_ndr_X build rule
lib/fuzzer: Allow building a fuzz binary for just one interface
lib/fuzzing: Tell the compiler we know we are ignoring errors in fuzz_reg_parse
lib/fuzzing: Also confirm we can make a string filter from the parsed tree in fuzz_ldb_parse_tree
lib/fuzzing: Add mode for the AFL fuzzer
oss-fuzz: Align build.sh sh parameters with pattern from the oss-fuzz project
lib/fuzzing: Remove oss-fuzz build.sh stub from the Samba repo
lib/fuzzing: Support an oss-fuzz build with either address or undefined behaviour sanitizers
lib/fuzzing Add comments to explain RUNPATH manipulation in build.sh
lib/fuzzing Truncate the original files after RUNPATH manipulation in build.sh
build: Skip build of python bindings when in fuzzing mode
bootstrap: Add chrpath as a required package
CVE-2019-14861: s4-rpc/dnsserver: Confirm sort behaviour in dcesrv_DnssrvEnumRecords
CVE-2019-14861: s4-rpc_server: Remove special case for @ in dns_build_tree()
CVE-2019-14861: s4-rpc/dnsserver: Avoid crash in ldb_qsort() via dcesrv_DnssrvEnumRecords)
CVE-2019-14861: Test to demonstrate the bug
selftest: Confirm that ndrdump struct mode is not available for enums
pidl:NDR/Parser: only include structs in ndr_interface_public_struct
.gitlab-ci.yml: Align tasks with "pages" dependency to get comprehensive code coverage
autobuild.py: Add missing samba-simpleserver job
autobuild.py: Avoid listing jobs twice
autobuild: extend autobuild with samba-fuzz job to build the fuzzers in AFL mode using oss-fuzz scripts
lib/fuzzing: Ensure mem_ctx is freed each time fuzz_ldb_parse_tree is run
lib/fuzzing: Split up automatically build fuzzers into TYPE_{IN,OUT,STRUCT}
lib/fuzzing: Fix argument order to ldb_filter_from_tree in fuzz_ldb_parse_tree
lib/krb5_wrap: Remove unused smb_krb5_get_allowed_weak_crypto()
librpc/idl/dnsserver.idl: Ensure DnsProperty id matches what is pulled from the stored buffer
selftest: Add test for structure with NDR_BUFFERS only in a union
selftest: Add example xattr_NTACL packets to demonstrate switch/union behaviour
selftest: Add test for ndr_size_union() faulting on a NULL pointer
selftest: Add test for ndr_size_struct() faulting on a NULL pointer
libndr: Do not overwrite token list with NULL on allocation failure
ndr: Restrict size of ndr_token lists to avoid memory abuse by malicious clients
s4-libcli/rap: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour
negoex: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour
librpc: Set the switch_value before NDR_BUFFERS to prepare for new libndr behaviour
pidl: Generate and consume the switch level token for both NDR_SCALARS and NDR_BUFFERS in ndr_pull()
librpc/ndr: Add ndr_push_steal_switch_value()
pidl: Add and use ndr_print_steal_switch_value(), removing ndr_print_get_switch_value()
pidl: Mismatch between set and get of relative base pointers
librpc: Do not follow a NULL pointer when calculating the size of a structure
pidl: Mismatch between set and get of relative base pointers
librpc: Do not follow a NULL pointer when calculating the size of a union
librpc: Remove last callers of ndr_pull_get_switch_value()
librpc: Remove last callers of ndr_push_get_switch_value()
librpc/ndr: Remove ndr_{push,pull}_get_switch_value()
libndr: Return enum ndr_err_code from ndr_{pull,push}_steal_switch_value()
lib/fuzzing: Initialise st buffer in fuzz_ndr_X
lib/fuzzing: Allow load of fuzz inputs as files on the command line
sefltest: Demonstrate crash in manually written printer for drsuapi_DsAttributeValue
librpc: Fix manually written printer for drsuapi_DsAttributeValue
lib/fuzzer: Allow coverage build for oss-fuzz
lib/fuzzing and librpc: Do not generate fuzzers for pointless targets
librpc: Move winstation.idl to the top level and exclude from fuzzing
s4-smbd: Also restart prefork children lost to SIGKILL (-9)
WHATSNEW: Celebrate the end of smbdes and the almost-end of in-tree AES
selftest: Confirm parse of dnsProperty records
librpc: Do not access name[-1] trying to push "" into a dnsp_name
Anoop C S (2):
s3: VFS: glusterfs: Reset nlinks for symlink entries during readdir
s3: lib: dbwrap: Set rec->value_valid to avoid backtrace in `smbstatus`
Björn Baumbach (10):
samba-tool group show: fix a copy-paste mistake
samba-tool tests: remove duplicate definitions of test functions
samba-tool tests: prepare tests for new samba-tool functionality
samba-tool {user,group,computer,contact} show: avoid base64 encoded strings if possible
samba-tool tests: re-add tests for attribute value verification using samba-tool
samba_kcc: avoid ValueError when local connections are less than 2
samba-tool: implement user setprimary group command (set primaryGroupID)
selftest: create working directory for blackbox test
tests: Test samba-tool user getgroups command
tests: Test samba-tool user setprimarygroup command
Björn Jacke (8):
python/loadparm: check for AD DC required VFS modules
docs-xml/winbindnssinfo: clarify interaction with idmap_ad etc.
tests/DNS: \n.COM shouldn't be a valid DNS record
samba-tool: fix adding of dns SRV/MX/SOA records
tests/DNS: add MX/SRV record tests with multiple spaces
smbclient/tar: add verbose mode
smbtar: adopt for new tar verbose option
clitar: use modern DBG macros
Christof Schmitt (37):
gpfswrap: Add wrappers for gpfs_fstat_x and gpfs_stat_x
vfs_gpfs: Use gpfs_stat_x in vfs_gpfs_get_dos_attributes
vfs_gpfs: Use gpfs_fstat_x in vfs_gpfs_fget_dos_attributes
vfs_gpfs: Create fileid from filesystem metadata
vfs_gpfs: Use update_stat_ex_create_time
sharesec: Return NTSTATUS from share_info_db_init
sharesec: Return NTSTATUS from set_share_security
sharesec: Return NTSTATUS from delete_share_security
selftest: Make net command available in sharesec test
selftest: Add test for 'net conf delshare' also removing share ACL
net: Delete share ACL from 'net conf delshare'
system: Rename argument for kernel_flock function
vfs: Rename argument for kernel_flock function
vfs_not_implemented: Rename argument for flock function
vfs_catia: Rename argument for flock function
vfs_ceph: Rename argument for flock function
vfs_full_audit: Rename argument of flock function
vfs_glusterfs: Rename argument of flock function
vfs_gpfs: Rename argument of flock function
vfs_streams_xattr: Rename argument of flock function
vfs_time_audit: Rename argument of flock function
vfs_gpfs: Remove check for open file in share mode function
vfs_gpfs: Move mapping from access mask to sharemode allow to helper function
vfs_gpfs: Move mapping to sharemode deny to helper function
vfs_gpfs: Cleanup clearing file system share mode
vfs_gpfs: Cleanup debug message file system share mode
vfs_gpfs: Remove unncessary check from close function
vfs_gpfs: Add comment explaining why sharemode is dropped in close call.
vfs_gpfs: Log error if clearing of sharemode fails on close
vfs_gpfs: Only clear sharemode on close when sharemode has been taken
vfs_gpfs: Remove logging for unsupported file system
vfs_gpfs: Switch share mode helper function to return int
vfs_gpfs: Use early return in sharemode function
vfs_gpfs: Explicitly log when share mode has been denied
vfs_gpfs: Print message when share modes are disabled in file system
vfs_gpfs: Log failed gpfs_set_share call as error
vfs_gpfs: Update message for requesting sharemode on stream
David Disseldorp (5):
vfs_ceph_snapshots: fix root relative path handling
loadparm: check for AD DC required VFS modules
vfs_ceph: assert renameat() fsps match cwd
vfs_ceph: drop support for building without statx
vfs_ceph: drop support for pre-hammer libcephfs versions
David Mulder (2):
Convert samba4.base.*attr tests to smb2
Convert samba4.base.rw1 test to smb2
Douglas Bagnall (37):
ndr_orpc: properly allocate empty DUALSTRINGARRAY
pidl: check the size of pulled arrays of arrays
build: Set fuzzer=True on fuzzer binaries
lib/fuzzing/oss-fuzz: Add build_image.sh using Samba's bootstrap tools
pygpo: use correct method flags
pidl: add a base class for PIDL parsers
pidl: optionally annotate output for debug purposes
pidl Samba3::ClientNDR uses Pidl::Base
pidl:: adjust s4::Python pidl_hdr() to be the same as others
pidl s4::Python uses Pidl::Base
pidl s4/NDR/Client: fix pidl_both()
pidl s4/NDR/Client: use Pidl::Base
pidl: s4/NDR/Parser uses Pidl::Base
pidl s4/TDR: use conventional ->{res} name
pidl s4/TDR: use Parse::Pidl::Base
pidl: don't export parser class methods
pidl: use perl warnings
pidl s4::NDR::Parser: read hex numbers as numbers for ranges
pidl s4::NDR::Parser: correct has_fast_array logic
pidl s4::NDR::Parser: silence a warning
pidl Parse::Pidl::NDR: warn of unknown scalar alignments
pidl Parse::Pidl::NDR: add HRESULT alignment
pidl Parse::Pidl::NDR: silence two warnings about undefined strings
pidl s4::Python: silence warnings
pidl/tests/samba-ndr.pl: remove duplicate import
lib/fuzzing: add fuzz_ndr_X
dcerpc: developer option to save ndr_fuzz_X seeds
fuzzing: Add script decode_ndr_X_crash to decode crash results
lib/fuzzing/decode_ndr_X: print less by default, avoid pipe
fuzzing/decode_ndr_X: read crashes from a HONGGFUZZ report
fuzz/decode_ndr_X_crash: -f to filter crashes by regex
decode_ndr_X_crash: always find pipe in honggfuzz file
fuzz_ldap_decode: do not print to stdout
ldb controls: fix typo in bypassoperational message
fuzz: add a fuzzer for parsing ldb controls
libgpo: parse_gp_ext: do not crash upon no ext_strings
net_ads_gpo: remove old '#if 0' blocks
Fabrice Fontaine (2):
lib/ldb/tests: include stdint.h before cmocka.h
source4/utils/oLschema2ldif: include stdint.h before cmocka.h
Gary Lockyer (8):
librpc ndr: Infinite loop parsing Suplemental creds
librpc ndr: Tests for ndr_pull_string
librpc dnsp test: Ensure length matches union selector
lib ldb: fix use after free
test upgradedns: ensure lmdb lock files linked
upgradedns: ensure lmdb lock files linked
ndr basic: Check ndr_token_store return code
lib ldb common: Fix memory leak
Guenther Deschner (1):
s3:winbind: Also set the cmd name for bool dispatch table
Günther Deschner (16):
s3-rpc_server: always print the full PDU.
librpc: fix IDL for spoolss_GetCorePrinterDrivers()
s3-rpcclient: add cmd_spoolss_get_core_printer_drivers
librpc: add IDL for spoolss_EnumPerMachineConnections
s3-rpcclient: properly check and initialize buffers in getdriverpackagepath
s3-rpcclient: add enumpermachineconnections command
s3-rpcclient: add addpermachineconnection command
s3-rpcclient: add delpermachineconnection command
s4-torture: add test for spoolss AddPerMachineConnection
s4-torture: add test for spoolss_EnumPerMachineConnections
librpc: better naming for NDR_SPOOLSS_{PUSH|PULL}_ENUM variants
librpc/ndr: provide infrastructure for NDR_SPOOLSS_{PUSH|PULL}_ENUM macros
librpc: pidlify spoolss_EnumPerMachineConnections
s3-rpcclient: give slightly better descriptions to clusapi commands
s3-rpcclient: add clusapi_pause_node command.
s3-rpcclient: add clusapi_resume_node command.
Isaac Boukris (44):
selftest/remote_pac: remove test_PACVerify_workstation_des
selftest: exclude msDS-SupportedEncryptionType in ldapcmp
kerberos: remove single DES enctypes from ENC_ALL_TYPES
kdc/db-glue: do not fetch single DES keys from db
password_hash: do not generate single DES keys
kerberos_keytab: do not add single DES keys to keytab
machine_account_secrets: do not generate single DES keys
selftest: mitm-s4u2self: use zlib for CRC32_checksum calc
selftest: allow any kdc error in mitm-s4u2self test
heimdal: do not compile weak crypto
whatsnew: announce removal of DES encryption type in Kerberos
heimdal: invoke gsskrb5_set_dns_canonicalize(false) in gse_context_init()
Revert "selftest: system-heimdal: workaround upstream "host" canon bug"
krb5: remove "set_dns_canonicalize" conf option
krb5: move disabling dns-canon to lower level init calls
libcli/auth: test des_crypt56() and add test_gnutls to selftest
selftest: test E_P16
selftest: test sam_rid_crypt
selftest: test E_P24 and SMBOWFencrypt
selftest: test E_old_pw_hash
selftest: test des_crypt128
selftest: test des_crypt112 and fix (unused) decryption
selftest: test des_crypt112_16
selftest: test SMBsesskeygen_lm_sess_key
selftest: test sess_crypt_blob
smbdes: add des_crypt56_gnutls() using DES-CBC with zeroed IV
netlogon_creds_des_encrypt/decrypt_LMKey: use gnutls and return NTSTATUS
SMBsesskeygen_lm_sess_key: use gnutls and return NTSTATUS
smbdes: convert sam_rid_crypt() to use gnutls
smbdes: convert E_P16() to use gnutls
smbdes: remove D_P16() (not used)
smbdes: convert E_P24() and SMBOWFencrypt to use gnutls
smbdes: convert des_crypt128() to use gnutls
smbdes: convert E_old_pw_hash to use gnutls
smbdes: convert des_crypt112 to use gnutls
smbdes: convert des_crypt112_16 to use gnutls
session: convert sess_crypt_blob to use gnutls
sess_crypt_blob can only crypt blobs whose size divides by 8
smbdes: remove old unused DES builtin-crypto
samba-tool: add user-sensitive command to set not-delegated flag
CVE-2019-14870: heimdal: add S4U test for delegation_not_allowed
CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2Self
CVE-2019-14870: mit-kdc: enforce delegation_not_allowed flag
winbindd_pam.c: split winbindd_dual_pam_auth_samlogon
Jeremy Allison (20):
s3: smbd: Allow smbd_smb2_process_negprot() to return NTSTATUS as it can fail.
s3: smbd: Ensure we exit on smbd_smb2_process_negprot() fail.
s3: smbd: Change reply_smb20xx() to return NTSTATUS.
s3: smbd: Change (*proto_reply_fn()) to return an NTSTATUS.
s3: smbd: Ensure we exit if supported_protocols[protocol].proto_reply_fn() fails.
python: tests. Add test for fuzzing smbd crash bug.
s3: smbd: Only set xconn->smb1.negprot.done = true after supported_protocols[protocol].proto_reply_fn() succeeds.
s3: smbd: msdfs: Cleanup, don't mix int and size_t types for a count variable.
s3: smbd: cleanup. Change 'int referral_count' -> 'size_t referral_count' in struct junction_map.
s3: smbd: msdfs: Factor out the code to create a msdfs:referral,list into a separate function.
s3: VFS: Add SMB_VFS_CREATE_DFS_PATHAT().
s3: VFS: Implement create_dfs_pathat() in ceph.
s3: VFS: Implement create_dfs_pathat() in gluster.
s3: VFS: Implement create_dfs_pathat() in shadow_copy2.
s3: VFS: Implement create_dfs_pathat() in snapper.
s3: VFS: Implement create_dfs_pathat() in full_audit.
s3: VFS: Implement create_dfs_pathat() in time_audit.
s3: smbd: msdfs: Change create_msdfs_link() to call SMB_VFS_CREATE_DFS_PATHAT().
s3: lib: dbwrap_ctdb: Ensure value_valid is set true if we find the record in the marshall buffer.
s3: lib: dbwrap. Cleanup. Add a couple of missing 'return NULL' statements on talloc fail.
Martin Schwenke (2):
ctdb-scripts: Strip square brackets when gathering connection info
ctdb-tests: Skip some tests that don't work with IPv6
Michael Hanselmann (1):
Split winbindd into library and binary
Mikhail Novosyolov (2):
s3:smbspool_krb5_wrapper: ignore unknown values of AUTH_INFO_REQUIRED
s3:smbspool: print a hint about smbspool_krb5_wrapper
Noel Power (11):
s3/selftest: allow samba3.blackbox.dfree_command run NT1 & SMB3 tests
s3/script/tests: Prepare to split samba3.blackbox.net.misc for SMB1/SMB2
s3/selftest: split SMB1 & SMB2 parts of samba3.blackbox.dfree_quota
s3/script/tests: Allow test script to accept option protocol list
s3/selftest: run samba3.blackbox.preserve_case with SMB1 & >=SMB2
s3/selftest: allow samba3.blackbox.smbclient_ntlm.plain run SMB1 & SMB3
s3/script/tests: Use protocol param passed to selectively run tests
s3/utils: net time always hardcoded to use SMB1
s3/script/tests: Add simple test for net share list
s3/utils: Make sure we can negotiate protocol based on smb.conf settings
s4/smb_server: Fix handling of SMB2 messages after Netbios session setup
Puran Chand (1):
s3: smbclient doc fix
Ralph Boehme (199):
s3:param: rename lp_string() argument ctx to mem_ctx
lib/param: introduce loadparm_substitution infrastructure
smbdotconf: mark "dont descend" with substitution="1"
smbdotconf: mark "force group" with substitution="1"
smbdotconf: mark "force user" with substitution="1"
smbdotconf: mark "hide files" with substitution="1"
smbdotconf: mark "magic output" with substitution="1"
smbdotconf: mark "magic script" with substitution="1"
smbdotconf: mark "msdfs proxy" with substitution="1"
smbdotconf: mark "path" with substitution="1"
smbdotconf: mark "postexec" with substitution="1"
smbdotconf: mark "preexec" with substitution="1"
smbdotconf: mark "printername" with substitution="1"
smbdotconf: mark "root postexec" with substitution="1"
smbdotconf: mark "root preexec" with substitution="1"
smbdotconf: mark "veto files" with substitution="1"
smbdotconf: mark "veto oplock files" with substitution="1"
smbdotconf: mark "volume" with substitution="1"
smbdotconf: mark "abort shutdown script" with substitution="1"
smbdotconf: mark "add group script" with substitution="1"
smbdotconf: mark "add machine script" with substitution="1"
smbdotconf: mark "addport command" with substitution="1"
smbdotconf: mark "addprinter command" with substitution="1"
smbdotconf: mark "add share command" with substitution="1"
smbdotconf: mark "add user script" with substitution="1"
smbdotconf: mark "add user to group script" with substitution="1"
s3:param: let lp_add_auto_services() take a const char *
smbdotconf: mark "auto services" with substitution="1"
smbdotconf: mark "change share command" with substitution="1"
smbdotconf: mark "check password script" with substitution="1"
smbdotconf: mark "next configfile" with substitution="1"
smbdotconf: mark "cups server" with substitution="1"
smbdotconf: mark "defaultservice" with substitution="1"
smbdotconf: mark "delete group script" with substitution="1"
smbdotconf: mark "deleteprinter command" with substitution="1"
smbdotconf: mark "delete share command" with substitution="1"
smbdotconf: mark "delete user from group script" with substitution="1"
smbdotconf: mark "delete user script" with substitution="1"
smbdotconf: mark "enumports command" with substitution="1"
smbdotconf: mark "get quota command" with substitution="1"
s3:lib: add missing TALLOC_CTX parameter in call to lp_homedir_map()
smbdotconf: mark "homedir map" with substitution="1"
smbdotconf: mark "iprint server" with substitution="1"
smbdotconf: mark "logfile" with substitution="1"
smbdotconf: mark "logging" with substitution="1"
smbdotconf: mark "log level" with substitution="1"
smbdotconf: mark "log nt token command" with substitution="1"
smbdotconf: mark "message command" with substitution="1"
smbdotconf: mark "os2 driver map" with substitution="1"
smbdotconf: mark "panic action" with substitution="1"
smbdotconf: mark "passwd chat" with substitution="1"
smbdotconf: mark "passwd program" with substitution="1"
s3: remove a prototype that is generated by loadparm
smbdotconf: mark "perfcount module" with substitution="1"
smbdotconf: mark "remote announce" with substitution="1"
smbdotconf: mark "remote browse sync" with substitution="1"
smbdotconf: mark "rename user script" with substitution="1"
smbdotconf: mark "root directory" with substitution="1"
smbdotconf: mark "server string" with substitution="1"
smbdotconf: mark "set primary group script" with substitution="1"
smbdotconf: mark "set quota command" with substitution="1"
smbdotconf: mark "shutdown script" with substitution="1"
smbdotconf: mark "username map" with substitution="1"
smbdotconf: mark "username map script" with substitution="1"
smbdotconf: mark "usershare path" with substitution="1"
smbdotconf: mark "wins hook" with substitution="1"
smbdotconf: mark "ldap admin dn" with constant="1"
smbdotconf: mark "ldap suffix" with constant="1"
smbdotconf: mark "ldap group suffix" with constant="1"
smbdotconf: mark "ldap idmap suffix" with constant="1"
smbdotconf: mark "ldap machine suffix" with constant="1"
smbdotconf: mark "ldap user suffix" with constant="1"
smbdotconf: mark "mangling method" with constant="1"
smbdotconf: mark "rpc server dynamic port range" with constant="1"
smbdotconf: mark "usershare template share" with constant="1"
docs-xml: remove SWAT specific flags
param: remove now unused FN_GLOBAL_STRING macro
docs-xml: remove explicit "constant"
printing: use lpcfg_substituted_string() in print_run_command()
s3:param: make "servicename" a substituted option
param: remove FN_LOCAL_STRING
param: remove now unused lp_string()
selftest: fix a flapping test
s3/selftest: Run samba3.blackbox.net.misc with smb1/smb2
s3:locking: simplify code in get_share_mode_lock()
s3:lib: remove unused uint64s_nt_time_to_unix_abs()
s3:tests: add a blackbox test that confirms broken timestamp behaviour
replace: ensure UTIME_NOW and UTIME_OMIT are always available
lib: provide UTIME_NOW|OMIT defines under our own namespace
lib: add functions dealing with struct timespec UTIME_OMIT
lib: add full_timespec_to_nt_time()
torture: add a timestamps torture testsuite
lib: add nt_time_to_full_timespec()
lib: add full_timespec_to_time_t()
lib: add nt_time_to_full_time_t()
lib: use nt_time_to_unix_full() in nt_time_string()
lib: add timespec_string_buf()
lib: add time_t_to_full_timespec()
lib: canonicalize pull_dos_date3()
s3:lib: let round_timespec() handle SAMBA_UTIME_OMIT
s3:lib: add put_long_date_full_timespec()
smbd: use put_long_date_full_timespec()
s3:lib: add pull_long_date_full_timespec()
smbd: use pull_long_date_full_timespec()
s3:lib: use nt_time_to_full_timespec() in interpret_long_date()
smbclient: use full_timespec_to_nt_time()
libsmb: add cli_setpathinfo_ext()
smbclient: use cli_setpathinfo_ext() in utimes command
s3: add init_smb_file_time()
smbd: fix handling of sentinel timestamp values
WHATSNEW: document SMB_VFS_NTIMES() interface change
s4:smbtorture: also test for date >> UINT32_MAX in timestamps test
lib: add NTTIME_MAX, NTTIME_MIN, NTTIME_OMIT and NTTIME_FREEZE definitions
lib: harden full_timespec_to_nt_time()
lib: add a comment to nt_time_to_full_timespec()
lib: spelling fix
lib/replace: work around an API conflict between ncurses and XFS xattr API
lib/replace: prefer <sys/xattr.h> over <attr/xattr.h>
selftest: use ad_dc_ntvfs env instead of ad_dc_default for samba4.ldb.ldaps
selftest: make testenv name logic more flexible for the rpc testcases
selftest: hardcode ad_dc_ntvfs for the rpc.netlogon testsuite
selftest: run rpc.srvsvc and rpc.mgmt against ad_dc_ntvfs explicitly
selftest: run samba.tests.dcerpc.srvsvc against ad_dc_ntvfs explicitly
selftest: run samba4.ldap.dirsync.python against ad_dc_ntvfs explicitly
selftest: run samba.ldap.referrals against ad_dc_ntvfs explicitly
selftest: run samba.tests.samba_tool.user against ad_dc_ntvfs:local explicitly
selftest: make ad_dc_default an alias for ad_dc, not ad_dc_ntvfs
selftest: make ad_dc_slowtests an alias for ad_dc, not ad_dc_ntvfs
selftest: make fl2008dc an alias for ad_dc, not ad_dc_ntvfs
selftest: don't use NTVFS fileserver in promoted_dc
selftest: don't use NTVFS fileserver in vampire_dc
selftest: don't use NTVFS fileserver in fl2000dc
selftest: don't use NTVFS fileserver in fl2003dc
selftest: don't use NTVFS fileserver in fl2008r2dc
selftest: don't use NTVFS fileserver in rodc
selftest: don't use NTVFS fileserver in chgdcpass
s3: pass session info to get_referred_path()
s3: pass session_info to create_msdfs_link()
s3: pass session_info to remove_msdfs_link()
smbd: pass session_info to junction_to_local_path_tos()
s3: pass session_info to enum_msdfs_links()
smbd: pass session info to count_dfs_links()
smbd: pass session_info to form_junctions()
smbd: pass session info to create_conn_struct_tos_cwd()
s3:rpc_server: pass session_info to elog_check_access()
s3:rpc_server: pass session_info to get_nt_acl_no_snum()
smbd: pass session_info to create_conn_struct_tos()
python: move system_session_unix to new auth_util.py
pysmbd: reformat py_smbd_set_simple_acl() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_chown() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_unlink() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_have_posix_acls() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_get_nt_acl() kwnames
pysmbd: reformat py_smbd_set_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_get_sys_acl() kwnames and PyArg_ParseTupleAndKeywords() call
pysmbd: reformat py_smbd_mkdir() kwnames
pysmbd: reformat py_smbd_create_file() kwnames
python/tests: use a system session_info in posixacl.py
pysmbd: add "session_info" arg to py_smbd_set_simple_acl()
pysmbd: add "session_info" arg to py_smbd_chown()
pysmbd: add "session_info" arg to py_smbd_unlink()
pysmbd: make "session_info" arg to py_smbd_set_nt_acl() mandatory
pysmbd: make "session_info" arg to py_smbd_get_nt_acl() mandatory
pysmbd: add "session_info" arg to py_smbd_set_sys_acl()
pysmbd: add "session_info" arg to py_smbd_get_sys_acl()
pysmbd: add "session_info" arg to py_smbd_mkdir()
pysmbd: add "session_info" arg tp py_smbd_create_file()
s3: simplify create_conn_struct_as_root()
s3: remove unused macro FSP_BELONGS_CONN()
s3: remove unused session_keystr from struct user_struct
vfs_zfsacl: pass nfs4_params to smb_set_nt_acl_nfs4()
vfs_zfsacl: pass config to zfs_get_nt_acl_common()
smbd: add session to struct smb_request
smbd: move homes_snum from struct user_struct to struct smbXsrv_session
smbd: pass smbXsrv_session to make_connection_snum()
smbd: use session->global->session_wire_id instead of session->compat->vuid
smbd: remove vuid from struct user_struct
smbd: use session->global->auth_session_info in make_connection_snum()
smbd: remove vuser arg from make_connection_snum()
smbd: introduce smbXsrv_session_info_lookup()
smbd: use smbXsrv_session_info_lookup() in change_to_user_and_service()
smbd: share level security is long gone...
smbd: use smbXsrv_session_info_lookup() in api_WWkstaUserLogon()
smbd: use smbXsrv_session_info_lookup() in api_reply()
smbd: remove dependency on session->compat in smbXsrv_session_logoff()
smbd: use session->global->auth_session_info in switch_message()
smbd: add get_valid_smbXsrv_session()
smbd: use get_valid_smbXsrv_session() in invalidate_vuid()
smbd: remove enum server_allocated_state magic from get_valid_user_struct()
smbd: add smbXsrv_session_local_traverse()
smbd: use smbXsrv_session_local_traverse() in id_in_use()
smbd: remove use of user_struct from reply_ulogoffX()
smbd: use req->session instead of vuser->session in make_connection_smb1()
smbd: remove unused vuser arg from make_connection_smb1()
smbd: remove unused vuser arg from make_connection_smb2()
smbd: don't use vuser in make_connection()
smbd: remove using vuser from smbd_smb2_tree_connect()
smbd: use smbXsrv_session_info_lookup() in become_user_without_service()
smbd: RIP user_struct
Richard Sharpe (1):
docs-xml/Samba-Developers-Guide/vfs.xml: Fix incorrect VFS func names.
Robert Scott (1):
utils: only compile test_oLschema2ldif if fmemopen exists
Samuel Cabrero (6):
librpc:core: Split dcesrv context init and endpoint servers init
librpc:core: Add public functions to initialize endpoint servers
librpc:core: Add a function to reinitialize the dcesrv_context
pidl:NDR/Server: Allow to define endpoint server shutdown functions
s4:torture/rpc: Fix torture comment in mdssvc.c
selftest: Do not force the endpoint for fsrvp tests
Simo Sorce (1):
mit-kdb: Fix license on header file
Stefan Metzmacher (20):
s3:lib: remove unused str_list_sub_basic()
s3:lib: remove unused str_list_substitute()
s3:param: split out loadparm_s3_global_substitution from lp_string()
s3:param: split out lp_parm_substituted_string()
s3:mdssvc: make use of lp_parm_const_string()
s3:vfs_tsmsm: make use of lp_parm_substituted_string()
s3:vfs_streams_depot: make use of lp_parm_substituted_string()
s3:vfs_nfs4acl_xattr: make use of lp_parm_substituted_string()
s3:vfs_glusterfs: make use of lp_parm_substituted_string()
s3:parm: remove unused lp_parm_talloc_string()
param: add FN_{GLOBAL,LOCAL}_SUBSTITUTED_STRING support
smbdotconf: mark "aio write behind" with substitution="1"
smbdotconf: mark "comment" with substitution="1"
smbdotconf: mark "dfree command" with substitution="1"
smbdotconf: mark "cups options" with substitution="1"
s4:heimdal_build: move krb5-types.h into include/krb5-types.h
bootstrap: use runners with 'docker' and 'gce' tags for the image creation
bootstrap: add debian10 support
Happy New Year 2020!
samba-tool: implement user getgroups command
Torsten Fohrer (1):
Avoiding bad call flags with python 3.8, using METH_NOARGS instead of zero.
Uri Simchoni (1):
heimdal-build: avoid hard-coded /usr/include/heimdal in asn1_compile-generated code.
Volker Lendecke (121):
librpc: Fix CID 1455913 Use after free
winbind: Fix CID 1455915 Resource leak
smbd: Fix CID 1455912 Logically dead code
vfs: Fix CID 1455914 Unused value
vfs: Fix a typo
dbwrap_tdb: Avoid includes.h
dbwrap_tdb: Return correct error from db_tdb_storev()
dbwrap: Pass "value" to dbwrap_do_locked() callback
g_lock: Pass "data" down to g_lock_trylock()
vfs: Use dbwrap_parse_record() in vfs_offload_token_db_fetch_fsp()
vfs: Use dbwrap_do_locked() in vfs_offload_token_db_store_fsp()
dbwrap: Protect against invalid db_record->value
locking: Remove a call to dbwrap_record_get_value()
dbwrap: Don't set rec->value in dbwrap_do_locked()
torture3: Consolidate dbwrap_watch test initialization
torture3: Test the next patch: No two waiters in one do_locked()
dbwrap_watch: Prevent two watchers per fetch_locked sequence
dbwrap_watch: Encapsulate watchers in "struct dbwrap_watcher"
dbwrap_watch: Add a uin64_t instance to watchers
dbwrap_watch: Simplify the wakeup messages
dbwrap_watch: Simplify struct dbwrap_watched_watch_state
dbwrap_watch: Don't store in-RAM caches
smbd: Add share_mode_watch_send/recv
smbd: Use share_mode_watch_send()
smbd: Pass the db_record down to share_mode_data_store()
smbd: Remove share_mode_data->record
g_lock: Change prototype of g_lock_dump
lib: Make struct g_lock_rec private to g_lock.c
torture: g_lock will allow duplicate READ locks soon
lib: Add g_lock_ctx_init_backend()
lib: Change the g_lock data model
torture: Test g_lock deadlock detection
g_lock: Factor out g_lock_cleanup_shared()
g_lock: Move a variable inside the block were it's used
g_lock: Speed up sync g_lock_lock()
lib: Make stdin_new_passwd() static
lib: Remove duplicate get_pass() prototypes
lib: Remove a duplicate fdprintf() prototype
winbind: Use vasprintf() in winbindd_cache
lib: Remove unused smb_xvasprintf()
smbd: Use share_mode_do_locked() in smbd_do_unlocking()
smbd: Avoid leaking share_entries.tdb records
libndr: Fix a talloc context leak
smbd: Fix a typo
auth3: Remove auth_script
build: Multi-line a long list of deps
build: messaging.c uses talloc_report_printf()
build: libcli/http does not need samba3core, only gensec
build: gencache.c in 'samba3core' needs crc32()
build: Explicitly depend on samba-modules where needed
smbd: Make lp_use_sendfile() static to reply.c
build: secrets3 need E_md4hash and kerberos functions
build: util_cmdline depends on cli_credentials
build: Trim the deps of 'smbconf'
smbd: Panic if there's a leak in share_entries.tdb
selftest: Make durable_v2_delay more specific
smbd: Test cleanup of disconnected durable handle records
smbd: Fix a share_entries.tdb record leak
smbd: Use NULL instead of 0 for a pointer type
torture: Use sizeof() where appropriate
smbd: Call reopen_logs() in the smbd scavenger
smbd: Call reopen_logs() in the notifyd
net: Extend some debug information
smbd: Give a better error message for non-existing share modes
build: Fix the build without system gssapi headers
torture4: Use generate_random_u64() instead of random()
torture: Run durable_v2_reconnect_delay_msec with leases
smbd: Fix a leases.tdb record leak
smbd: Avoid casts in open_directory()
smbd: Fix a typo
torture4: Fix a typo
smbd: Explicitly state when modifying share_mode_data
smbd: Use explicit share_mode_wakeup_waiters()
smbd: Use explicit share_mode_wakeup_waiters()
smbd: Add share_mode_count_entries()
net: Use share_mode_count_entries()
smbd: Pass num_share_modes to share_mode_entry_do() callback
smbd: Avoid a reference to share_mode_data->num_share_modes
smbd: Avoid a reference to share_mode_data->num_share_modes
smbd: Introduce share_mode_have_entries()
smbd: Avoid a direct access to share_mode_data->num_share_modes
smbd: Use share_mode_data->num_share_modes as a boolean
smbd: Don't store "num_share_modes" in locking.tdb
smbd: Convert share_mode_data->num_share_modes into a boolean8
torture3: Introduce "key" helper variable
torture3: Parametrize lock4_child()s locktype
torture3: Add a test that contends with a READ, not a WRITE lock
lib: Fix contending with a READ lock
lib: Remove an unused variable from security_token_debug()
ntlm_auth: Fix a DEBUG message
audit_log: Align integer types
dsdb: Align integer types
lsasd: Align integer types
smbd: Avoid a "? True : False"
smbd: Remove an unused parameter from defer_open()
tests: Fix a typo
auth3: Check for talloc failure
auth3: Simplify auth_get_ntlm_challenge()
auth3: Avoid a casts in auth3_check_password()
winbind: Fix CID 1456624 Uninitialized scalar variable
auth: Remove the "typedef auth_methods"
auth: Check for talloc failure in smb_pwd_check_ntlmv2()
auth: Slightly simplify smb_pwd_check_ntlmv2()
auth: Check for talloc failure in smb_pwd_check_ntlmv1()
auth: Slightly simplify smb_pwd_check_ntlmv1()
auth: Check for talloc failure in smb_sess_key_ntlmv2()
auth: Avoid casts in ntlm_check.c
auth3: Replace auth3_check_password() by _send and _recv
ntlm_auth: Replace local_pw_check() by _send and _recv
ntlm_auth: Replace winbind_pw_check() by _send and _recv
auth: Simplify struct auth4_context
printing: Align integer types
printing: Avoid EBADF from EPOLL_CTL_DEL
ntlm_auth: Add a NULL check
ntlm_auth: Add type-safety instead of a simple cast
nfs4acl: Align integer types
lib: Use tevent version of timeval_current_ofs()
lib: Remove "msg_ctx" from server_id_watch_send()
lib: Avoid an unnecessary include
test3: Fix usage check for test_sharesec.sh
smbd: Protect against non-string "close-share" sharenames
awalker (3):
vfs_zfsacl: load parameters on connect
vfs_zfsacl: add manpage entry for zfsacl:denymissingspecial
vfs_zfsacl: fix issue with ACL inheritance in zfsacl
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list