[SCM] Samba Shared Repository - annotated tag tevent-0.16.0 created
Stefan Metzmacher
metze at samba.org
Mon Oct 16 08:16:38 UTC 2023
The annotated tag, tevent-0.16.0 has been created
at af9580411a92603c958fe83245780fb645bb8172 (tag)
tagging acd9248b13cba06d5b748f17aa9bc5d62079d9cc (commit)
replaces samba-4.19.0rc1
tagged by Stefan Metzmacher
on Mon Oct 16 10:16:27 2023 +0200
- Log -----------------------------------------------------------------
tevent: tag release tevent-0.16.0
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAmUs8VsACgkQR5ORYRMI
QCVwuAgArQ9DCWIxmeG3AZ/U6HhadH9FbzmTMen821xZ8bM9MqzRjlqPCd309r3+
SpvdjQc3J5/AGVWJOm4VNMCuUHdKw4/+BNmDDr5Q3P8SNqQYiW+h8NYmj9h5UHZy
yJY+zK6kfGqZeuxii98Jo9CdE+tq9K1qnvNq82Gw7u5k/GBoVUZXh+WYEUvooPGD
/Vi1n67FpqnWkpayT1vs8z2w+aoZC819V7v8j8+9iNGX7hDapdKOsIzM0SUbB1tO
O0h4b0m/uko7+S1LPNiucUH7+JzPLiGZ3ne5ZTU0tkg/S4i987pmG5XRaWvCRhjK
85sddxP8GcrpsR1oXqFKssMKwirBcw==
=UhV/
-----END PGP SIGNATURE-----
Andreas Schneider (58):
lib:fuzzing: Fix code spelling
lib:tevent: Fix code spelling
s3:utils: Fix code spelling
s3:spoolss: Remove dead code
s4:auth: Fix code spelling
s4:cldap_server: Fix code spelling
s4:client: Fix code spelling
s4:dns_server: Fix code spelling
s4:dsdb:common: Fix code spelling
s4:dsdb:kcc: Fix code spelling
s4:dsdb:repl: Fix code spelling
s4:dsdb:samdb: Fix code spelling
s4:dsdb:schema: Fix trailing white spaces
s4:dsdb:schema: Fix code spelling
s4:dsdb:tests: Fix code spelling
s4:kdc: Fix code spelling
bootstrap: Install codespell
s4:lib: Fix code spelling
s4:libcli: Remove tailing white spaces
s4:libcli: Fix code spelling
s4:libnet: Fix code spelling
s4:librpc: Fix code spelling
s4:ntvfs: Fix code spelling
s4:rpc_server: Fix code spelling
s4:samba: Fix code spelling
s4:scripting: Fix code spelling
s4:selftest: Fix code spelling
s3:ldap_server: Fix code spelling
s4:setup: Fix code spelling
s4:smb_server: Fix code spelling
s4:torture:auth: Fix code spelling
s4:torture:dfs: Fix code spelling
s4:torture:drs: Fix code spelling
s4:torture:basic: Fix code spelling
s4:torture:dns: Fix code spelling
s4:torture:krb5: Fix code spelling
s4:torture:ldap: Remove trailing white spaces
s4:torture:ldap: Fix code spelling
s4:torture:ldb: Fix code spelling
s4:torture:libnetapi: Fix code spelling
s4:torture:nbench: Fix code spelling
s4:torture:nbt: Fix code spelling
s4:torture:raw: Fix code spelling
s4:torture:rpc: Fix code spelling
s4:torture:smb2: Fix code spelling
s4:torture: Fix code spelling
s4:wrepl_server: Remove trailing white spaces
s4:wrepl_server: Fix code spelling
testprogs: Fix code spelling
tests: Fix code spelling
wintest: Fix code spelling
scripts: Add codespell check
gitlab-ci: Add running codespell
waf: Build nmbd with -Wno-error=stringop-overflow
s3:torture: Remove masktest.c
s4:samdb: Avoid memory leaks in partition_metadata_get_uint64()
s3:client: Use lpcfg_set_cmdline()
s3:param: Remove unused lp_set_cmdline()
Andrew Bartlett (82):
dsdb: Add new function samdb_system_container_dn()
dsdb: Use samdb_system_container_dn() in samldb.c
dsdb: Use samdb_get_system_container_dn() to get Password Settings Container
s4-rpc_server/lsa: Use samdb_system_container_dn() in dcesrv_lsa_get_policy_state()
s4-rpc_server/netlogon: Use samdb_system_container_dn() in fill_trusted_domains_array()
s4-rpc_server/backupkey: Use samdb_system_container_dn() in set_lsa_secret()
s4-rpc_server/backupkey: Use samdb_system_container_dn() in get_lsa_secret()
dsdb: Use samdb_system_container_dn() in dsdb_trust_*()
dsdb: Use samdb_system_container_dn() in pdb_samba_dsdb_*()
lib/util: Move DEBUG() calls in gendb_search_v to common levels and new DBG_*() pattern
dsdb: Add dsdb_search_scope_as_string() and use in ldap_backend.c
dsdb: Add tracing to dsdb_search() similar to gendb_search_v()
dsdb: Add tracing to dsdb_search_dn() similar to gendb_search_v()
selftest: Add test for combination of anr and paged_results
dsdb: Replace talloc_steal() with a shallow copy and reference in dsdb_paged_results
dsdb: Make a shallow copy of ldb_parse_tree in operational module
s4-rpc_server/drsuapi: Add tmp_highest_usn tracking to replication log
s4-rpc_server/drsuapi: Improve debugging of invalid DNs
s4-rpc_server/drsuapi: Improve debug message for drs_ObjectIdentifier_to_dn_and_nc_root() failure
s4-dsdb: Improve logging for drs_ObjectIdentifier_to_dn_and_nc_root()
s4-rpc_server/drsuapi: Remove rudundant check for valid and non-NULL ncRoot_dn
s4-torture/drs: Save the server dnsname on the DcConnection object
s4-torture/drs: Create temp OU with a unique name per test
s4-torture/drs: Use addCleanup() in getchanges.py for OU handling
s4-torture/drs: Add a test matching Azure AD Connect REPL_OBJ behaviour
s4-torture/drs: Add test demonstrating that a GetNCChanges REPL_OBJ will not reset the replication cookie
s4-torture/drs: Add test showing that if present in the set the NC root leads and tmp_highest_usn moves
s4-rpc_server/drsuapi: Only keep and invalidate replication cycle state for normal replication
s4-rpc_server/drsuapi: Fix indentation in GetNCChanges()
s4-rpc_server/drsuapi: Avoid modification to ncRoot input variable in GetNCChanges
s4-rpc_server/drsuapi: Rename ncRoot -> untrusted_ncRoot to avoid misuse
s4-rpc_server/drsuapi: Update getnc_state to be != NULL
s4-rpc_server/drsuapi: Ensure logs show DN for replicated objects, not (null)
s4-rpc_server/drsupai: Avoid looping with Azure AD Connect by not incrementing temp_highest_usn for the NC root
WHATSNEW: Remove unusual box around 'REMOVED FEATURES'
bootstrap: Heimdal no longer requires perl-JSON
selftest: Allow MIT Krb5 1.21 to still start to fl2000dc
krb5: Increase the minimum MIT Krb5 version to 1.21
.gitlab-ci: Do builds under /builds as this is never an overlayfs
.gitlab-ci.yml: Move coverity build to internal Heimdal
.gitlab-ci: Allow ext4 jobs to run on shared runners
build: Remove -Wno-error=missing-field-initializers from Heimdal build
build: Reduce heimdal_no_error_flags to a more minimal set
s3-lib/util_nttoken: Reimplement dup_nt_token() with NDR pull/push
librpc: Add context as to if this token should be used for claims evaluation
docs-xml: Add new parameter "acl claims evaluation"
s4-auth: pass lp_ctx to auth_generate_session_info() where possible
libcli/security: Pass in claims evaluation state when building any security token
s3-net_rpc: Use security_token_initialise() to create struct security_token
s3-net_rpc: Make the struct user_token array the parent talloc context
s3-winbind: Use token as parent for token->sids in check_info3_in_group()
libcli/security: Move dup_nt_token() to libcli/security
libcli/security: Rename dup_nt_token() -> security_token_duplicate()
libgpo: Reimplmeent registry_create_system_token() using get_system_token()
python: Change the generic merge_nt_token() to being specific to the system_token
s3-lib: Modify merge_nt_token() into a GPO-specifc merge with SYSTEM
libcli/security: Hook in ability to disable conditional ACE evaluation
conditional_aces: Avoid manual parsing for ace_condition_sid
conditional_aces: Avoid manual parsing for ace_condition_bytes, use DATA_BLOB
Make blob->data pointer in ace_sid_to_claim_v1_sid() a child of the DATA_BLOB
libcli/security: Make failure parsing where consumed == -1 clear
libcli/security: Check for sddl_from_conditional_ace() failure in test_sddl_conditional_ace
conditional_aces: Avoid manual parsing for ace_condition_int
libndr: Add support for pulling strings with LIBNDR_FLAG_STR_SIZE4|LIBNDR_FLAG_STR_NOTERM|LIBNDR_FLAG_STR_BYTESIZE
conditional_aces: Avoid manual parsing for ace_condition_unicode
add comment that ace_condition_composite is not representative of the wire format
CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests twice
CVE-2023-4154 dsdb/tests: Use self.addCleanup() and delete_force()
CVE-2023-4154 dsdb/tests: Force the test attribute to be not-confidential at the start
CVE-2023-4154 dsdb/tests: Check that secret attributes are not visible with DirSync ever.
CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches once
CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
CVE-2023-4154 dsdb/tests: Extend attribute read DirSync tests
CVE-2023-4154: Unimplement the original DirSync behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
CVE-2023-42669 s4-rpc_server: Disable rpcecho server by default
CVE-2023-42669 s3-rpc_server: Disable rpcecho for consistency with the AD DC
s4-echo: Remove the "echo" server (port 7, RFC 862) in production builds
CVE-2023-42670 s3-rpc_server: Strictly refuse to start RPC servers in conflict with AD DC
CVE-2023-42670 s3-rpc_server: Remove cross-check with "samba" EPM lookup
s4-kdc: Do not modify the returned user_info_dc from samba_kdc_get_user_info_dc()
s4:kdc: Change the type of ‘compounded_auth’ to boolean
third_party/heimdal: import lorikeet-heimdal-202310092248 (commit cd12cddd8058d9fe627b5b203e471b8d761dcfbb)
Arvid Requate (2):
For Bug #9959: local talloc frame for next commit
Bug #9959: Don't search for CN=System
David Mulder (19):
gp: Ensure Firewalld tests don't flop
gp: Test modifying firewalld policy enforces changes
gp: Test modifying firefox policy enforces changes
gp: Test modifying MOTD policy enforces changes
gp: Test modifying Messages policy enforces changes
gp: Test modifying Issue policy enforces changes
gp: Test modifying smb.conf policy enforces changes
gp: Test modifying script user policy enforces changes
gp: Test modifying centrify crontab user policy enforces changes
gp: Ensure Firewalld preforms proper cleanup
gp: Add a misc applier, to assist some gp exts
gp: Ensure Firefox policy preforms proper cleanup
gp: Ensure Messages policy preforms proper cleanup
gp: Ensure Issue policy preforms proper cleanup
gp: Ensure MOTD policy preforms proper cleanup
gp: Ensure smb.conf policy preforms proper cleanup
gp: Ensure script user policy performs proper cleanup
gp: Ensure centrify crontab user policy performs proper cleanup
gp: Cleanup some unused code
Douglas Bagnall (119):
lib/fuzzing: LLVMFuzzerTestOneInput() takes const uint8_t*
lib/fuzzing:fuzz_sddl_access_check fix nul-term check
util/base64: add a note about zero length strings
libcli:auth:sess_crypt_blob: ensure key has 7 bytes
fuzz: add fuzzer for sess_crypt_blob
fuzz: add fuzzer for ldb_comparison_fold
tldap: avoid infinite loop when filter contains "\)"
lib/replace: fix strlcat/strlcpy compile for Honggfuzz
lib/util: strhex_to_data_blob checks talloc
libcli/security/pysecurity: use NULL to mean NULL in C
pytests: add helper to grab a directory from environment
pytest/sddl: replace/export tests based on environment vars
pytest/sddl: environment option for exporting as fuzz seeds
pytest/sddl: add option for case-insensitive tests
pytest/sddl: tests for more invalid or weird cases
s4/torture: initialise ACE structs to zero
s4/ntfvfs/pvfs_acl: initialise ACEs to zeroes
libcli/security: sddl ACL decode avoids early splitting on parenthesis
librpc/security.idl: adjust size calculations for upcoming ace types
libcli/security: used sec_ace_object() in sddl encoding
libcli/security: avoid leak in calculate_inherited_from_parent()
libcli/security: remove unused tmp_ctx in calculate_inherited_from_parent()
libcli/security: script to turn token/descriptor pairs into sddl
libcli/security: add some test more Windows SDDL test strings
python/colour: add a colour diff helper
libcli/security: rewrite SDDL tests for running on Windows
libcli/security: move Windows test script to windows subdir
libcli/security: test helper script extracts fuzz SDDL
pytest: compare Samba vs Windows SDDL security descriptors
libcli/security: rm unused sec_ace_copy()
selftest:ndrdump: adjust xattr_NTACL test for ACE coda
pytests:security: don't use invalid domain SID S-2-0-0
libcli/security: make sddl_encode_sid an external function
librpc/idl: add conditional ACE structures and constants
libcli/security: create_descriptor handles unknown ACE types
librpc:security.idl: add more ACE enum types, with annotations
libcli:sec:display: print callback ace types
libcli:sec:display: use macro for more ace types
librpc:security.idl: add enums for resource attribute aces
librpc:security.idl: add Resource Attribute claim types
security.idl: extend security token for claims
s3:rpc: bump named_pipe_auth_req_info version number
security.idl: extend security token with device SIDs
security.idl: use sec_ace_object() in object switch
libcli/security: helper to find callback/conditional aces
libcli/security: helper to find resource attribute ACEs
libcli/security: helper to find ACEs with meaningful codas
libcli/security: use tabs in sec_ace_object()
libcli/security: callback object aces are object aces
librpc:security.idl: ace->coda can be resource attribute
libcli/sec: reformat long line in wscript_build
librpc:security.idl: add conditional ace coda
ndr_sec_helper: ndr_size_security_ace: do less work
ndr_sec_helper: ace length should be multiple of 4
libcli/security: whitespace repair in sddl.c
libcli/security: find SDDL coda for RA and conditional ACEs
libcli/security: add stub of conditional ACE code.
libcli:security: outline for sddl_conditional_ace.c
libcli:security: helpers for converting claim types
libcli/security: add conditional ACE SDDL functions
libcli:security: add functions to decode and decode RA ACEs
libcli:security: add code to interpret conditional ACES
libcli/security: add conditional ace files to samba-security
libcli/security: sdd_decode_ace handles callback types
libcli/security: sdd_decode_ace handles resource attribute types
libcli/security: sddl_encode_ace encodes conditional ACEs
libcli/security: sddl_encode_ace encodes resource attribute ACEs
libcli/security: SDDL: add callback and resource ace type flags
libcli/security/create_descriptor: calc_inherited handles new types
lbcli/security: callback object ACES fall back with no GUID
libcli/security: test SDDL compilation in cmocka
lib/fuzzing: fuzz SDDL conditional ACEs
s4/librpc: build conditional ace Python bindings
pytest: security_descriptors comparison is quieter
pytest: security_descriptors test for repetitive ACLs
librpc/ndr:ndr_sec_helper: fix a typo
libcli/security: use sec_object_ace() in size_security_ace
pytest: security_descriptors: tests without revision number hack
pytest: security descriptors: test some conditional and RA ACEs
pytest:security descriptors: hack to capture results as json
pytest:security_descriptors: test collected conditional ACEs
libcli/security: windows-sddl-test: fix typo in --help
libcli/security: windows-sddl-test: fix read of text examples
pytest: sddl tests can be only externally defined
pytest: sddl strings dir can be defined in class
libcli/security/tests: add some test strings
pytest: sddl tests with conditional ACEs
security.idl: drop claim v1 reserved field
libcli/security/conditional ACEs: compare composites as sets
libcli/security: cmocka test for running conditional ACEs
pytest: tools for creating security tokens
pytest: tests for conditional ACEs with security tokens
pytest:conditional_ace_claims: ease export of failing tests to C
libcli/security: conditional ace access checks for AD
libcli/security: conditional ace access checks for file server
lib/fuzzing: adapt fuzz_sddl_access_check for claims
lib/fuzzing: fuzz_conditional_ace_blob
lib/fuzzing: adjust access-check seed patch
pytest: assembler for conditional ACEs
libcli/security: beginning of tests for conditional ACE bytes
pytest: conditional_ace assembler assembles full descriptor
librpc/ndr_claims: avoid 'bin/default' in #include
libcli/security: adjust tests for evaluate_claims flag
libcli/security: access_check with MAXIMUM_ALLOWED checks callbacks
libcli/security: sec_access_check_ds uses new callback ACE checks
libcli/security: se_access_check uses new callback checks
libcli/security: access_check handles CALLBACK_OBJECT types
lib/fuzzing: fuzz_sddl_parse: allow non-round-trip with long strings
libcli/security/sddl_conditional_ace: ban empty expressions in SDDL
libcl/security: conditional ACE sddl >= ops take literal parens only
libcli/security: conditional ACE sddl doesn't have string escapes
util/str: helper to check for utf-8 validity
fuzzing: fuzz_sddl_parse forgives bad utf-8
libcli/security: conditional ace sddl: do not write nested composites
libcli/security: conditional ace sddl: do not read nested composites
libcli/security: condtional ACE recursive composites are not supported
libcli/security: conditional ACEs check again for NULL/empty claims
libcli/security: test_run_condtional_ace: va_end() on errors
libcli/security: fix talloc context for integer values (CID 1545156)
Gabriel Nagy (9):
gp: Support more global trust directories
gp: Support update-ca-trust helper
gp: Change root cert extension suffix
gp: Test with binary content for certificate data
gp: Convert CA certificates to base64
gp: Test adding new cert templates enforces changes
gp: Template changes should invalidate cache
gp: Test disabled enrollment unapplies policy
gp: Send list of keys instead of dict to remove
Günther Deschner (5):
s3-iremotewinspool: add PAR->RPRN mapping table
s3-iremotewinspool: properly map incoming PAR to RPRN requests.
s4-torture: add testcase to iremotewinspool suite to explore object_uuid handling
s3-iremotewinspool: check for correct object_uuid in dispatch fn.
s4-torture: add another test to demonstrate identical functions
Jeremy Allison (25):
s3: smbd: Deliberately currupt an uninitialized pointer.
s3: torture: Add SMB1-TRUNCATED-SESSSETUP test.
s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest.
s3: smbd: Uncorrupt the pointer we were using to prove a crash.
s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out dest pointer.
s3: torture: Add a test doing an SMB1 negotiate+exit.
s3: smbd: Add missing 'return;'s in exit paths in reply_exit_done().
s3: smbd: init_smb1_request() isn't being passed zero'ed memory from any codepath.
s3: torture: Add SMB1-NEGOTIATE-TCON that shows the SMB1 server crashes on the uninitialized req->session.
s3: smbd: Ensure init_smb1_request() zeros out what the incoming pointer points to.
s3: libsmb: Add a missing return statement in the timeout case.
s3: smbd: rename_internals_fsp() has to reopen the parent directory of the target as a pathref to check permissions.
s3: smbd: Now we've proved dst_dirfsp parameter is always NULL, remove the parameter from rename_internals_fsp().
s3: smbd: As rename_internals() calls rename_internals_fsp(), show we can pass dst_dirfsp as NULL here too.
s3: smbd: Now we have shown dst_dirfsp is always NULL, remove the parameter from rename_internals().
s3: smbd: hardlink_internals() never looks at src_dirfsp or dst_dirfsp.
s3: smbd: Now we have proved hardlink_internals() doesn't use src_dirfsp and dst_dirfsp, remove the parameters.
s3: smbd: Add some DEVELOPER-only code to panic if the destructor for an aio_lnk is called and the associated fsp doesn't exist.
s3: smbd: named pipe reads are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown.
s3: smbd: named pipe writes are async. Use the same logic as for named pipe transacts to avoid crashes on shutdown.
s3: torture: Add a new SMB2 test: SMB2-PIPE-READ-ASYNC-DISCONNECT
s3: smbd: Ensure we remove any pending aio values for named pipes on forced shutdown.
CVE-2023-3961:s3:smbd: Catch any incoming pipe path that could exit socket_dir.
CVE-2023-3961:s3:torture: Add test SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators through to the UNIX domain socket code.
CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that crashes on bad pipenames.
Jones Syue (2):
vfs_aio_pthread: fix segfault if samba-tool ntacl get
mdssvc: Do an early talloc_free() in _mdssvc_open()
Joseph Sutton (701):
third_party/heimdal: Import lorikeet-heimdal-202308030152 (commit 2a036a6fd80833799316b8a85623cdea3a1135df)
lib:dbwrap: Remove unneeded space in debug message
lib/replace: Const-qualify sys_errlist
auth: Add missing newlines to logging messages
auth: Fix code spelling
ctdb: Add missing newlines to logging messages
lib/util: Add missing newlines to logging messages
lib/ldb-samba: Add missing newline to logging message
s4:auth: Add missing newlines to logging messages
libcli: Add missing newlines to logging messages
libcli/auth: Fix code spelling
libcli/security: Remove unnecessary code
libcli/security: Cast isupper() argument to ‘unsigned char’
librpc/rpc: Add missing newline to logging message
librpc/ndr: Remove unneeded casts
ndr_string: Add overflow check in ndr_pull_charset_to_null()
ndr_string: Fix typo
ndr_string: Remove dodgy-looking casts
ndr/dns-utils: Make error message slightly more readable
librpc/ndr: Format NDR pull sizes as ‘size_t’
librpc/py_security: Don’t pass a NULL pointer to PyUnicode_FromString()
librpc/ndr: Fix code spelling
pidl: Remove unneeded semicolon
s3:eventlog: Fix code spelling
s3:utils: Fix debug message formatting
nmbd_become_lmb.c: Fix debug message formatting
s4:dsdb: Add missing newlines to logging messages
s4:dsdb: Move comment to more appropriate place
s4:dsdb: Fix code spelling
s4:kdc: Add missing newlines to logging messages
s4:kdc: Check that client and server are not NULL (CID 1534695)
s4:kdc: Fix code spelling
s4:kdc: Remove unused variable
s4:kdc: Remove redundant comment
s4:kdc: Remove casts in debug messages
s4:kdc: Use portable format specifiers
s4:kdc: Use newer debugging macros
s4:kdc: Inline some variables
s4:kdc: Fix comment
s4:kdc: Avoid operator precedence issues
s4:libcli/ldap: Fix code spelling
s4:libcli/smb_composite: Fix code spelling
s4:librpc: Fix code spelling
s4:rpc_server: Add missing newlines to debugging messages
s4:rpc_server/backupkey: Fix code spelling
selftest: Fix code spelling
selftest: Add missing import
testprogs: Fix code spelling
samba-tool/ntacl: Remove unused and unnecessary return
samba-tool/ntacl: Remove unused variable
samba-tool/ntacl: Remove unused imports
python: Use correct function signatures
python:samba:kcc: Fix log message formatting
python: Fix leak
python: Check return value of talloc_strndup()
pyglue: Fix leak
pyglue: Add missing whitespace in docstrings
python:tests: Remove references to now-gone files
tests/krb5: Correct comment
libgpo:admx: Fix code spelling
libcli/ldap: Don’t try to encode NULL name
ldb: Don’t pass NULL pointer into strcasecmp()
ldb: Account for ‘name’ possibly being NULL
ldb: Fix leaks
ldb: Don’t decrement reference count until object is no longer needed
ldb: Check talloc_strdup() return value
ldb: Don’t leak ‘msg’
ldb: Check talloc_zero_array() return value
ldb: Don’t leak ‘el’
ldb: Clarify documentation for PyObject_AsMessageElement()
ldb: Work around inconsistent behaviour in PyObject_AsMessageElement()
smbXcli: Remove call to utf16_len_n()
ndr_string: Move string length calculation fallback into default case
lib:charset: Update NUM_CHARSETS to reflect true value
nsswitch:libwbclient: Fix memory leak
auth: Add missing newlines to logging messages
ctdb: Add missing newline to logging message
talloc: Fix typo
lib:mscat: Add missing newlines to logging messages
lib:socket: Add missing newlines to logging messages
lib/util: Fix code spelling
libcli/auth: Add missing newline to logging message
libcli/security: Call dom_sid_compare_domain() instead of sid_compare_domain()
s3:modules: Call dom_sid_compare_domain() instead of sid_compare_domain()
libcli/security: Remove unused function sid_compare_domain()
libcli/security: Fix integer overflow
libcli/security: Use portable format specifiers
libcli/security: Remove unnecessary cast
librpc:ndr: Fix leaks
librpc: Fix typo
s3:auth: Add missing newlines to logging messages
s3:client: Add missing newlines to logging messages
s3:lib: Consistently return a string with a trailing newline
s3:client: Remove unnecessary newline from logging message
s3:groupdb: Add missing newline to logging message
s3:lib: Add missing newlines to logging messages
s3:lib: Use portable format specifiers
tldap: Use portable integer constant
s3:libads: Add missing newlines to logging messages
s3:libnet: Add missing newline to logging message
s3:librpc: Add missing newline to logging message
s3:libsmb: Add missing newlines to logging messages
s3:libsmb: Add missing parenthesis to logging message
s3:modules: Add missing newlines to logging messages
s3:modules: Remove redundant newlines in logging messages
s3:modules: Correct escape sequence
s3:modules: Fix error message
s3:nmbd: Add missing newlines to logging messages
s3:passdb: Add missing newlines to logging messages
s3:passdb: Fix typo
s3:printing: Add missing newlines to logging messages
s3:printing: Add missing spaces to error messages
s3:printing: Fix code spelling
s3:registry: Add missing newlines to logging messages
s3:rpc_client: Add missing newlines to logging messages
s3:rpc_server: Add missing newlines to logging messages
s3:rpc_server: Fix incomplete logging messages
s3:rpc_server: Add missing space to debug message
s3:rpc_server: Fix typo
s3:smbd: Add missing newlines to logging messages
s3:smbd Remove unnecessary newlines from logging messages
s3:smbd: Fix code spelling
s3:smbd: Add missing space to warning message
s3:utils: Add missing newlines to logging messages
s3:utils: Fix code spelling
s3:vfs: Add missing space in debug message
s3:winbindd: Add missing newlines to logging messages
s3:winbindd: Fix debug messages
s4:auth: Fix leaks
s4:auth: Check return value of talloc_reference()
s4:auth: Correct condition and remove redundant check
s4:cldap_server: Add missing newline to logging message
s4:client: Add missing newlines to logging messages
s4:dns_server: Add missing newline to logging message
s4:dsdb: Add missing newlines to logging messages
s4:dsdb: Improve grammar
s4:dsdb: Remove unnecessary parentheses
s4:dsdb: Fix leaks
s4:dsdb: Correct error messages
s4:dsdb: Check result of talloc functions
s4:dsdb: Do not dereference a NULL pointer
s4:dsdb:tests: Use control that was (presumably) intended
s4:dsdb:tests: Remove unused variables
s4:ldap_server: Add missing newlines to logging messages
s4:lib: Add missing newlines to logging messages
s4:libnet: Add missing newlines to logging messages
s4:librpc: Add missing newline to logging message
s4:ntvfs: Add missing newline to logging message
s4:param: Add missing newlines to logging messages
s4:policy: Fix leak
s4:rpc_server: Add missing newlines to logging messages
s4:rpc_server/backupkey: Fix leaks
s4:rpc_server: Remove unnecessary parentheses
s4:rpc_server: Fix typo
s4:samba: Add missing newline to logging message
s4:smb_server: Add missing newlines to logging messages
s4:smb_server: Fix code spelling
s4:torture: Fix code spelling
auth: Remove unnecessary casts
auth: Use portable format specifier
docs-xml: Fix code spelling
ldb: Fix code spelling
ldb:ldb_sqlite3: Access correct member of union
lib:krb5_wrap: Remove unnecessary cast
lib/replace: Ensure that __STDC_WANT_LIB_EXT1__ is set to 1
tsocket: Fix code spelling
librpc:ndr: Format sizes as ‘size_t’
s3:lib: Use portable format specifiers
s3:registry: Fix code spelling
s4:auth: Fix code spelling
s4:dsdb: Remove unnecessary casts
s4:dsdb: Access correct member of union
s4:kdc: Remove unnecessary casts
s4:kdc: Correct comments mentioning Heimdal
s4:rpc_server: Fix code spelling
s4:torture: Fix code spelling
s4:kdc: Refer to correct function in error messages
tests/krb5: Allow cached=True with an assigned silo or policy
tests/krb5: Rename compatability_tests class
tests/krb5: Keep claim types for subsequent tests
tests/krb5: Move some functions round to prepare for splitting the class
tests/krb5: Split out new AuthnPolicyBaseTests class
tests/krb5: Allow specifying additional details for a test account
tests/krb5: Allow specifying KDC options when requesting a TGT
tests/krb5: Test that neither forwardable nor proxiable tickets are issued to Protected Users
s4:kdc: Don’t issue forwardable or proxiable tickets to Protected Users
s4:kdc: Don’t log secret keys
s4:kdc: Initialize entry->modified_by
s4:kdc: Check result of samdb_result_dom_sid()
s4:kdc: Ensure we don’t increase the value of entry->etypes->len
s4:kdc: Fix leak of sdb_entry
s4:kdc: Check return value from ldb_dn_get_linearized()
s4:kdc: Free samba_kdc_seq context on failure to allocate memory
s4:kdc: Call krb5_free_principal() directly after to-be-freed principal is used
s4:kdc: Remove unnecessary talloc context
s4:kdc: Move calls to talloc_steal() out of the ‘out’ paths
s4:kdc: Fix leaks
s4:kdc: Fix code spelling
s4:kdc: Return an error code if sdb_entry_to_hdb_entry() fails
s4:kdc: Correct error message
s4:kdc: Use portable format specifier
s4:kdc: Correctly report length of KDC packet
s4:kdc: Fail PAC checksum verification if the krbtgt entry has no keys
s4:kdc: Fix leaks of sdb_entry’s members
s4:kdc: Consistently zero HDB structures
s4:kdc: Ensure the value of h->len is accurate
s4:kdc: Erase key data
s4:kdc: Use type bool for ‘is_tgs’
s4:auth: Add missing space to error message
s4:auth: Fix leaks
s4:auth: Check return value of talloc_new()
s4:kdc: Return (possibly) more appropriate error codes
s4:kdc: Make some functions static
s4:kdc: Return krb5_error_code
s4:kdc: Switch to using samdb_result_dom_sid_buf()
s4:kdc: Don’t enforce a server authentication policy for the krbtgt
s4:kdc: Inline samba_get_claims_blob()
s4:kdc: Use common out path in mit_samba_kpasswd_change_password()
s4:kdc: Free error message returned by krb5_get_error_message()
s4:dsdb: Use uint32_t for ‘num_sids’
s4:dsdb: Make ‘sids’ parameter const
s4:dsdb: Check for overflow in security_token_create()
s4:kdc: Have encode_claims_set return NTSTATUS
s4:kdc: Remove ldb_context parameter as being no longer needed
s4:kdc: Properly allocate claims set on a talloc context
s4:kdc: Ensure that we don’t dereference a NULL pointer
s4:kdc: Rename get_claims_for_principal() to get_claims_blob_for_principal()
s4:kdc: Rename ‘claims_blob’ parameter to ‘claims_blob_out’
s4:kdc: Add get_claims_set_for_principal()
tests/krb5: Remove unused import
tests/krb5: Shorten long lines
tests/krb5: Add a test decoding INT64 PAC claims issued by Windows
librpc:ndr: Add ‘int64’ type
claims.idl: Use ‘int64’ instead of ‘dlong’ for INT64 claims
tests/krb5: Remove incorrect comments
lib:krb5_wrap: Fix code spelling
lib:krb5_wrap: Fix references to incorrect function names
libcli/auth: Remove unnecessary casts
librpc:ndr: Use portable integer types
pidl: Use non-existent function dissect_ndr_int64()
python:netcmd: Add missing newlines to error messages
python:netcmd: Remove semicolon
python:subunit: Fix docstring
python:subunit: Use ‘is’ to compare variables with singletons
python:tests: Make getSamDB() a static method
python:tests: Reuse claims created by setUp() across all tests
python:tests: Reuse policies and silos created by setUp() across all tests
python:tests: Fix spelling
python:tests: Save files with intended contents
s3:libnet: Remove unnecessary cast
s3:libnet: Fix reference to incorrect function names
s3:rpc_server: Remove unnecessary cast
s4:kdc: Do not panic if authsam_logon_success_accounting() fails
s4:kdc: Remove support code for older versions of MIT Kerberos
s4:kdc: Set SAMBA_KDC_FLAG_PROTOCOL_TRANSITION flag for MIT Kerberos
s4:kdc: Use ‘krb5_error_code’ for return types
s4:kdc: Use smb_krb5_make_data()
s4:smb_server: Fix code spelling
s4:torture: Fix code spelling
selftest: Remove semicolon
selftest: Remove unused variable
selftest: Remove leftover from debugging
selftest: Fix subunit reporting the time incorrectly
selftest: Report time at which testsuite starts
samba-tool: Allow LDB URL to be None
pyldb: Check whether Python object is a list
pyldb: Check return values of talloc functions
pyldb: Check return values of Python functions
pyldb: Fix leaks
buildtools: Fix comments and documentation
buildtools: Use ‘is’ to compare with singletons
buildtools: Prefer ‘x not in y’ to ‘not x in y’
buildtools: Properly set global variable
lib:ldb:tests: Remove explicit comparison with False
ldb: Remove unused import
ldb: Heed return code from Python testsuite
python: Fix spelling
python: Remove unused imports
python: Remove redundant backslashes
python: Fix invalid escape sequences
python:join: Fix references to undefined variables
samba-tool: Remove useless return
python: Fix reference to undefined name ‘samba’
python:tests: Fix usage line
python:tests: Complete assertion messages
python:tests: Rename test method so as not to mask previously-defined method
pytest/dns_aging: Check value of ‘dtime’
pytest/dns_aging: Correctly check that record is tombstoned
pytest/dns_aging: Assert that the name of the node to search for is a string
gp: Add missing import
gp: Don’t shadow imports
gp: Prefer ‘x not in y’ to ‘not x in y’
gp: Check correct variables
gp: Use assertEqual() instead of assertEquals()
gp: Fix resource leaks
gp: Use read_file() instead of readfp()
tests/krb5: Remove test of pre-1.20 MIT Kerberos behaviour
tests/krb5: Move KDC TGT tests to new file
tests/krb5: Remove local variable
tests/krb5: Correctly assert that we found a LOGON_INFO PAC buffer
tests/krb5: Re-raise any LdbError other than ERR_ENTRY_ALREADY_EXISTS
tests/krb5: Add KerberosCredentials.get_rid()
tests/krb5: Have modified_ticket() not modify its arguments
s4:dsdb:tests: Fix spelling
s4:dsdb:tests: Remove unused imports
s4:dsdb:tests: Fix usage lines
selftest: Remove unused imports
selftest: Remove star imports
selftest: Don’t use invalid escape sequences
third_party/heimdal_build: Remove unused imports
third_party/heimdal_build: Remove semicolons
third_party/heimdal_build: Use ‘is’ to compare with singletons
wscript: Remove unused variable
wscript: Use ‘is’ to compare with singletons
wscript: Remove unused imports
wscript: Remove semicolons
wscript: Refer to correct ConfigSet variable
libcli/security: make sddl_decode_sid an external function
Makefile: Fix spelling
auth: Fix code spelling
ctdb: Fix code spelling
docs-xml: Fix spelling
lib:compression: Fix code spelling
lib:crypto: Fix code spelling
lib:krb5_wrap: Fix spelling in documentation
ldb: Fix code spelling
lib:printer_driver: Fix code spelling
tdb: Fix code spelling
tevent: Fix code spelling
lib:charset: Fix code spelling
libcli: Fix code spelling
libgpo: Fix code spelling
librpc: Fix code spelling
pidl: Fix code spelling
python:tests: Fix code spelling
selftest: Fix code spelling
s3:auth: Fix code spelling
s3:lib: Fix code spelling
s3:libads: Fix code spelling
s3:libnet: Fix code spelling
s3:librpc: Fix code spelling
s3:nmbd: Fix code spelling
s3:registry: Fix code spelling
s3:rpc_client: Fix code spelling
s3:rpc_server: Fix code spelling
s3:smbd: Fix code spelling
s3:utils: Fix code spelling
s3:winbindd: Fix code spelling
s4:auth: Fix code spelling
s4:client: Fix code spelling
s4:dns_server: Fix code spelling
s4:dsdb: Fix code spelling
s4:kdc: Fix code spelling
s4:libcli: Fix code spelling
s4:libnet: Fix code spelling
s4:ntvfs: Fix code spelling
s4:rpc_server: Fix code spelling
s4:samba: Fix code spelling
s4:torture: Fix code spelling
s4:wrepl_server: Fix code spelling
lib:mscat: Remove unnecessary casts
lib:tdr: Remove unnecessary cast
libgpo: Remove unnecessary cast
librpc:ndr: Avoid overflow in size calculation
python:tests: Remove unused imports
s4:scripting: Remove unused imports
libcli:security: Prefer explicit initialization to ZERO_STRUCTP()
s4:kdc: Prefer explicit initialization to ZERO_STRUCT()
s4:kdc: Remove duplicate function signature
s4:kdc: Use smb_krb5_data_from_blob()
s4:kdc: Remove unused flags
s4:kdc: Check result of dom_sid_parse()
s4:kdc: Handle invalid enum values
s4:kdc: Check result of talloc_realloc()
s4:kdc: Make functions to add special SIDs non‐static
claims.idl: Allow empty claim value buffers
claims.idl: Be more lenient in our expectations for the compression of claims
s4:kdc: Check return value of samdb_result_dom_sid()
s4:kdc: Remove unused talloc context
s4:kdc: Check return value of smb_krb5_principal_get_comp_string()
s4:kdc: Correct error message
s4:kdc: Initialize pointers to NULL
s4:kdc: Fix error message
s4:kdc: Inline samba_get_requester_sid_pac_blob()
s4:kdc: Allocate contents of PAC blobs on blob talloc contexts
s4:kdc: Don’t operate directly on caller‐owned pointer
s4:kdc: Fix leaks
docs-xml: Add missing paragraph section
python:tests: Remove unused variables
python:tests: Fix invalid escape sequence
s3:rpc_server: Fix inverted error messages
s4:kdc: Inline samba_get_pac_attrs_blob()
s4:scripting: Fix comments
s4:scripting: Prefer ‘x not in y’ to ‘not x in y’
s4:dsdb: Parenthesize macro expression
s4:dsdb: Prefer explicit initialization to ZERO_STRUCT()
s4:auth: Check return values of talloc functions
s4:auth: Fix leaks
s4:kdc: Add correct Asserted Identity SID in response to an S4U2Self request
s4:kdc: Fix leaks
s4:kdc: Use common exit point for functions
s4:kdc: Fix leak
s4:kdc: Avoid potential use‐after‐free
s4:kdc: Check for overflow when adding a domain group SID
s4:kdc: Don’t corrupt domain groups structure if talloc_realloc() fails
s4:kdc: Assign RID and attribute together
s4:kdc: Directly zero‐initialize PAC_DOMAIN_GROUP_MEMBERSHIP structure
s4:kdc: Increment PAC_DEVICE_INFO::domain_group_count only after SID has been successfully added
s4:kdc: Allocate variables on to more suitable memory context
s4:kdc: Fix leak
s4:kdc: Use temporary memory context in samba_kdc_verify_pac()
s4:kdc: Introduce a temporary talloc context in samba_kdc_update_pac()
s4:kdc: Add common out path to pac_blobs_from_krb5_pac()
s4:kdc: Don’t corrupt pac_blobs structure if talloc_realloc() fails
s4:kdc: Make ‘struct pac_blobs’ memory handling safer and more consistent
s4:kdc: Make pac_blobs_remove_blob() never fail
s4:kdc: Have samba_krbtgt_is_in_db() return a krb5_error_code
s4:kdc: Have samba_krbtgt_is_in_db() take a const KDC entry
s4:kdc: Rename ‘status’ variables to ‘reply_status’
s4:kdc: Make RODC ID checks easier to understand with more clearly‐named variables
s4:kdc: Prefer explicit initialization to ZERO_STRUCTP()
s4:kdc: Be sure not to pass a NULL pointer into strcmp()
s4:kdc: Fix leaks
lib:krb5_wrap: Eliminate redundant code from smb_krb5_sockaddr_to_kaddr()
lib:krb5_wrap: Have smb_krb5_principal_get_realm() check the return values of intermediate functions
lib:krb5_wrap: Add smb_krb5_princ_component()
lib:krb5_wrap: Add Heimdal‐specific smb_krb5_princ_component() implementation
s4:dsdb: Switch to using smb_krb5_princ_component()
s4:kdc: Switch to using smb_krb5_princ_component()
s4:rpc_server: Switch to using smb_krb5_princ_component()
lib:krb5_wrap: Remove Heimdal‐only krb5_princ_component() implementation
nsswitch: Fix script usage
s3:script: Fix script usage lines
s4:selftest: Fix script usage lines
s4:setup: Fix script usage line
testprogs: Fix script usage lines
s4:kdc: Remove ks_is_tgs_principal()
ldb: Prefer explicit initialization to ZERO_STRUCT()
s4:wrepl_server: Correctly read ‘type’ element
s4:kdc: Don’t prepend useless colon to MIT KDC logging messages
s3:net: Check return value of data_blob_talloc()
tests/krb5: Rename ‘client_claims’ to ‘claims_metadata’
fsrvp.idl: Remove excess zero digit from literal
dsgetdcname: Remove excess zero digits from literals
s3:winbindd: Add zero digit to literal
s4:dsdb: Fix comment
libcli/security: Add header guard
libcli/security: Use correct union member
libcli/security: Remove bool_value member
libcli/security: Const‐qualify function parameters
libcli/security: Add some missing declarations
libcli/security: Add function to convert token claims to security attribute claims
libcli/security: Emit error message if program is too large
tests/krb5: Match filter after transforming test name
python:tests: Fix invalid escape sequences
libcli:security: Add SELF SID constant
libcli:security: Use SELF SID constant
libcli:security: Correct Asserted Identity SID definitions
s4:dsdb: Use NULL SID constant
s4:kdc: Use Asserted Identity SID constants
libcli:security: Add Compounded Authentication and Claims Valid SID constants
s4:kdc: Use Compounded Authentication and Claims Valid SID constants
s4:auth: Use Anonymous and System SID constants
s4:dsdb: Use Builtin SID constant
s4:ntvfs: Use World and System SID constants
s4:rpc_server: Use Builtin SID constant
s4:torture: Use SID constants
s4:auth: Correct error message
python:tests: Remove unused import
libcli/security: Remove unused macro
libcli/security: Remove unused flag SDDL_FLAG_EXPECTING_END
libcli/security: Remove unused flag SDDL_FLAG_IS_ATTR
libcli/security: Remove unused flag SDDL_FLAG_IS_LITERAL
libcli/security: Remove unused flag SDDL_FLAG_IS_FAKE_OP
libcli/security: Refer to UTF‐16 code units rather than to codepoints
libcli/security: Use ACL revision constants
libcli/security: Fix code formatting
libcli/security: Test hex‐escapes that should be literals
lib/krb5_wrap: Make use of smb_krb5_make_data()
lib/krb5_wrap: Simplify assignments
lib:audit_logging: Initialize ‘tm’ structure
s3:lib: Initialize ‘tm’ structure
s3:modules: Initialize ‘tm’ structure
s3:passdb: Initialize ‘tm’ structure
s3:rpc_server: Initialize ‘tm’ structure
s3:smbd: Initialize ‘tm’ structure
s4:kdc: Initialize ‘tm’ structure
s4:kdc: Fix ldb_msg_find_krb5time_ldap_time()
s4:torture: Initialize ‘tm’ structure
s4:auth: Make returning resource groups the last thing we do
s4:auth: Introduce helper variable ‘resource_groups_in’
s4:auth: Return a talloc‐allocated resource groups structure
s4:auth: Fix ‘user_info_dc_out’ leak
s4:kdc: Move encode_claims_set() into the auth_session subsystem
s4:auth: Include missing headers
s4:auth: Add functions to convert between different claims formats
testdata: Mark compression test data as binary
ndr: Display values for failed range checks
pidl: Use portable format specifiers
librpc/ndr: Use portable format specifiers
librpc: Use portable format specifiers
pidl: Use INT_MAX as enum constant for portability
librpc: Fix typos in error messages
tests/krb5: Sort imports
tests/krb5: Allow variation in PADATA_PW_SALT
tests/krb5: Allow filter for tests that crash Windows
tests/krb5: Allow multiple ticket modification functions
tests/krb5: Don’t bother regenerating the PAC if modify_pac_fn or update_pac_checksums are false
tests/krb5: Allow passing mapping=None to map_to_sid()
tests/krb5: Make set_pac_sids() parameters keyword‐only
tests/krb5: Make optional ‘user_rid’ parameter to set_pac_sids()
tests/krb5: Make optional ‘domain_sid’ parameter to set_pac_sids()
tests/krb5: Have set_pac_sids() accept lone RIDs as well as full SIDs
tests/krb5: Add method to replace the device SIDs in a PAC
tests/krb5: Add method to replace client or device claims in a PAC
tests/krb5: Add samba.tests.krb5.conditional_ace_tests
lib:compression: Fix building with FORTIFY_SOURCE=2
lib/ldb-samba: Fix building with FORTIFY_SOURCE=2
ldb: Fix building with FORTIFY_SOURCE=2
lib/util: Fix building with FORTIFY_SOURCE=2
s3:libads: Don’t do first loop iteration if ‘attr’ is NULL
s3:libads: Fix building with FORTIFY_SOURCE=2
s3:rpc_server: Fix building with FORTIFY_SOURCE=2
s3:smbd: Fix building with FORTIFY_SOURCE=2
s4:ntvfs: Fix building with FORTIFY_SOURCE=2
s4:torture: Fix building with FORTIFY_SOURCE=2
libcli/security: Conform to Samba’s brace style
libcli/security: Parenthesize macro parameter
libcli/security: Have security_ace_equal() handle callback and resource ACEs
libcli/security: Handle new ACE types with sec_ace_object()
s4:auth: Ensure that some parameters are not NULL
lib:krb5_wrap: Include missing headers
.gitattributes: Mark large data file as binary
s4:kdc: Prefer explicit initialization to ZERO_STRUCTP()
s4:kdc: Check that principal being copied is not NULL
s4:kdc: Remove unnecessary assignments
s4:kdc: Initialize pointer to NULL
ndr: Parenthesize expressions to be cast
pidl: Parenthesize expression to be cast
s4:dsdb: Add parameters for claims and device SIDs to security_token_create()
s4:dsdb: Add session info flag to indicate authentication with a device
s4:auth: Rename parameter to match function implementation
s4:auth: Reformat function calls
s4:kdc: Reformat function call
s4:auth: Add parameters for claims and device info to auth_generate_security_token()
s4:kdc: Add parameters for claims and device info to authn_policy_access_check()
s4:kdc: Add claims parameter to authn_policy_authenticate_from_device()
s4:kdc: Add parameters for claims and device info to authn_policy_authenticate_to_service()
s4:kdc: Remove unused memory context from samba_kdc_lookup_realm()
s4:kdc: Remove ‘compounded_auth’ parameter from samba_kdc_get_user_info_dc()
s4:kdc: Have callers of samba_kdc_get_user_info_dc() themselves add the Claims Valid SID
s4:kdc: Remove ‘claims_valid’ parameter from samba_kdc_get_user_info_dc()
s4:kdc: Have callers of samba_kdc_get_user_info_dc() themselves add an Asserted Identity SID
s4:kdc: Remove ‘asserted_identity’ parameter from samba_kdc_get_user_info_dc()
tests/krb5: Initialize variable
tests/krb5: Add method to perform an armored AS‐REQ
tests/krb5: Add tests performing AS‐REQs armored with unacceptable tickets
s4:kdc: Remove device PAC validation
s4:kdc: Remove unused parameters from samba_kdc_verify_pac()
tests/krb5: Add Device Restriction tests for silos and authentication policies in the KDC
third_party/heimdal_build: Define HAVE_KRB5_PAC_IS_TRUSTED when using embedded Heimdal
s4:kdc: Add ‘samba_kdc_entry_pac’ wrapper type
s4:kdc: Remove unused declaration
s4:kdc: Fix indentation
s4:kdc: Add function to determine whether a KDC entry represents a trust
s4:kdc: Add function to get device PAC entry from Heimdal request structure
s4:kdc: Make use of ‘samba_kdc_entry_pac’ wrapper type
tests/krb5: Test that the correct Asserted Identity SID is added when inner FX‐FAST padata is used
libcli/security: Initialize conditional ACE token
s4:kdc: Rename ‘skdc_entry’ parameter of samba_kdc_get_user_info_from_db() to ‘entry’
s4:kdc: Rename ‘user_info_dc’ parameter of samba_kdc_get_user_info_from_db() to ‘info_out’
s4:kdc: Rename ‘skdc_entry’ parameter of samba_kdc_get_user_info_dc() to ‘entry’
s4:kdc: Rename ‘user_info_dc_out’ parameter of samba_kdc_get_user_info_dc() to ‘info_out’
s4:kdc: Add ‘msg’ parameter to samba_kdc_get_user_info_dc()
s4:kdc: Replace calls to samba_kdc_get_user_info_from_db() with calls to samba_kdc_get_user_info_dc()
s4:kdc: Inline samba_kdc_get_user_info_from_db() into its only caller
s4:kdc: Rename samba_kdc_get_user_info_dc() to samba_kdc_get_user_info_from_db()
s4:kdc: Rename samba_kdc_entry::user_info_dc to samba_kdc_entry::info_from_db
s4:kdc: Pass Kerberos context into samba_kdc_get_device_info_blob()
s4:kdc: Modify samba_kdc_get_user_info_from_db() to return a Kerberos error code
s4:kdc: Make boolean members into bit‐fields
s4:kdc: Add ‘samdb’ parameter to samba_kdc_verify_pac()
s4:kdc: Add ‘samdb’ parameter to samba_kdc_get_device_info_blob()
s4:kdc: Pass ‘samdb’ into samba_kdc_get_user_info_from_db()
s4:kdc: Rename local variable ‘user_info_dc’ to ‘info’
s4:kdc: Check parameters of samba_kdc_get_user_info_from_db()
s4:kdc: Initialize out parameter of samba_kdc_get_user_info_from_db()
s4:kdc: Introduce intermediate variable ‘resource_groups’
s4:kdc: Fix leak
s4:kdc: Rename parameter ‘user_info_dc_out’ to ‘info_out’
s4:kdc: Rename variable ‘user_info_dc’ to ‘info’
s4:kdc: Split samba_kdc_get_user_info_from_pac() out of samba_kdc_obtain_user_info_dc()
s4:kdc: Remove common out path from samba_kdc_obtain_user_info_dc()
s4:kdc: Simplify memory management with talloc stackframe
s4:kdc: Check parameters of samba_kdc_get_user_info_from_pac()
s4:kdc: Make ‘resource_groups_out’ parameter const
s4:kdc: Pass resource groups parameter only if we are creating a TGT
s4:kdc: Pass AUTH_EXCLUDE_RESOURCE_GROUPS into samba_kdc_obtain_user_info_dc()
s4:kdc: Remove ‘group_inclusion’ parameter from samba_kdc_obtain_user_info_dc()
s4:kdc: Label ‘resource_groups_out’ parameter
s4:kdc: Always fetch resource groups
s4:kdc: Cache user info and resource groups from PACs
s4:kdc: Rename samba_kdc_obtain_user_info_dc() to samba_kdc_get_user_info_dc()
s4:kdc: Declare ‘auth_entry’ to be of type ‘samba_kdc_entry_pac’
s4:auth: Have claims_data_encoded_claims_set() return a reference to the encoded claims
s4:auth: Explicitly initialize claims structures
s4:kdc: Add functions to fetch claims from the DB or from the PAC
s4:kdc: Modify samba_kdc_get_claims_blob() to use claims_data functions
s4:kdc: Remove unused function get_claims_blob_for_principal()
s4:kdc: Create the Requester SID blob only if we actually need it
s4:kdc: Simplify samba_kdc_check_device() by calling samba_kdc_get_user_info_dc()
s4:kdc: Note use of parent memory context
s4:kdc: Simplify creation of device claims blob
s4:kdc: Introduce helper variable ‘server_restrictions_present’
s4:kdc: Remove ‘claims_valid’ parameter from samba_kdc_add_claims_valid()
s4:kdc: Remove ‘compounded_auth’ parameter from samba_kdc_add_compounded_auth()
s4:kdc: Make samba_kdc_add_compounded_auth() static
tests/krb5: Correctly test services that do not support Compound Identity
s4:kdc: Do not perform compound authentication for services without Compound Identity support
s4:kdc: Fetch device claims for server restrictions
s4:kdc: Have samba_kdc_allowed_to_authenticate_to() take claims and device info
s4:kdc: Use claims and device info to evaluate server authentication policy
s4:kdc: Use device claims to evaluate client authentication policy
s4:kdc: Use ‘claims_data’ functions to create client claims blob
s4:kdc: Make samba_kdc_get_user_info_dc() non‐static
s4:kdc: Use claims and device info to evaluate server authentication policy
third_party/heimdal: Fix PKINIT freshness token memory handling (Import lorikeet-heimdal-202310092148 (commit 38aa80e35b6b1e16b081fa9c005c03b1e6994204))
s4:kdc: Adapt interface to new Heimdal revision
s4:kdc: Factor creation of user_info_dc out of samba_kdc_check_s4u2proxy_rbcd() into its callers
s4:kdc: Add comment regarding RODC‐issued evidence tickets for constrained delegation
s4:kdc: Call samba_kdc_get_user_info_dc() to get client information
s4:kdc: Rename ‘user_info_dc’ to ‘client_info’
s4:kdc: Pass claims and device info into samba_kdc_check_s4u2proxy_rbcd()
s4:kdc: Use device info to evaluate RBCD conditions
s4:kdc: Use claims to evaluate RBCD conditions
s4:dsdb: Skip allocation of empty device SIDs array
s4:kdc: Always regard device info when checking a server authentication policy
lib:compression: Correctly fix sign extension of long matches (CID 1517275)
lib:printer_driver: Check return value of gp_inifile_enum_section() (CID 1444835)
lib:replace: Properly check result of write() and read() (CID 1034925)
tdb: Do not pass non–null‐terminated strings to strcmp() (CID 1449485)
util: Remove redundant assertion (CID 1497841)
lib:util: Remove always‐false comparison (CID 242193)
smbXcli: Remove unreachable code (CID 1444978)
s3:client: Correctly call setgroups() (CID 1449449)
s3:lib: Rearrange preprocessor directives to avoid structurally dead code (CID 242032)
Revert "s3:libads: Don’t do first loop iteration if ‘attr’ is NULL"
s3:libnet: Remove always‐false comparison (CID 241309)
s3:libsmb: Fix array traversal (CID 1034683)
s3:modules: Remove unreachable code (CID 1508998)
s3:modules: Initialize mask_permset (CID 1435850)
s3:nmbd: Remove redundant code (CID 1414756)
s3:rpcclient: Do not pass uninitialized pointer to printf() (CID 1476170)
s3:smbd: Avoid integer overflow (CID 1035487)
Revert "smbd: Fix CID 1504457 Resource leak"
smb2_server: Remove unreachable code (CID 1444981)
smb2_server: Check status codes (CID 1474441)
s3:utils: Avoid integer overflow (CID 1035488)
s3:utils: Check return value of cli_RNetServiceEnum() (CID 1273313)
s4:auth: Fix resource leak (CID 1107222)
s4:auth: Remove event context on failure
s4:dns_server: Merge similar code paths
s4:dns_server: Check return value of ldb_transaction_commit() (CID 1034631)
s4:dsdb: Check whether ‘p’ is NULL before dereferencing it (CID 240875)
s4:dsdb: Permit forward link to be missing in linked_attributes_fix_forward_link()
s4:dsdb: Check return code (CID 1444824/1444844)
s4:dsdb: Remove unreachable code (CID 1034686)
s4:dsdb: Fix unreachable code (CID 1435967)
s4:dsdb: Check return value of ldb_msg_add_empty() (CID 1272827)
s4:dsdb: Replace early ‘continue’ with ‘if’ statement (CID 1414738)
s4:dsdb: Log correct ldb error
s4:dsdb: Don’t overwrite existing error code (CID 1445263)
s4:libcli: Remove unnecessary casts
s4:libcli: Check return value of convert_string_talloc() (CID 1272839)
s4:messaging: Remove redundant code
s4:ntvfs: Remove unneeded NULL check (CID 240771)
s4:ntvfs: Remove dead code path
s4:ntvfs: Correctly acknowledge PVFS_FLAG_STRICT_SYNC flag (CID 241154)
s4:rpc_server: Check mkdir() return value (CID 1034649)
s4:rpc_server: Check return values of gnutls functions (CID 1452111)
buildtools: Remove semicolons
examples: Don’t use deprecated method ‘has_key()’
examples: Fix invalid escape sequences
python:colour: Fix exception message
python:subunit: Use now() instead of utcnow()
python:tests: Use assertEqual() instead of assertEquals()
python:tests: Fix exception message
python:tests: Fix comment
python:tests: Correct search expression
python:tests: Remove semicolons
python:tests: Use now() instead of utcnow()
tests/krb5: Use assertEqual() instead of assertEquals()
tests/krb5: Fix assertion messages
s3:script: Remove semicolons
s4:dsdb:tests: Remove unused imports
s4:dsdb:tests: Remove unused variables
s4:dsdb:tests: Fix assertion messages
s4:dsdb:tests: Use loadTestsFromTestCase() instead of makeSuite()
s4:torture: Use assertEqual() instead of assertEquals()
selftest: Use now() instead of utcnow()
wintest: Fix invalid escape sequences
Jule Anger (1):
ldb: change the version to 2.9.0 for Samba 4.20
Kacper (1):
samba-tool: Fix for gpo restore not working without --tmpdir
Martin Schwenke (12):
ctdb-tools: Fix CID 1539212 - signed/unsigned issue
ctdb-doc: Fix documentation for ctdb event status
ctdb-common: Improve error handling
ctdb-common: Replace pcap_open_live() by lower level calls
ctdb-common: Set immediate mode for pcap capture
util: Avoid logging to multiple backends for stdout/stderr
ctdb-daemon: Call setproctitle_init()
ctdb-doc: Update CTDB manual pages to UTF-8
ctdb-doc: Add some subsection names in description
ctdb-scripts: Avoid errors for uninitialised counters
ctdb-scripts: Implement failcount handling with thresholds
ctdb-scripts: Convert 40.vsftpd to use threshold-based fail counting
Michael Tokarev (1):
python/samba/netcmd/domain/schemaupgrade.py: fix missing newline
MikeLiu (2):
vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in aio_pthread_openat_fn()
streams_depot: Goto done if FSETXATTR SAMBA_XATTR_MARKER failed
Noel Power (6):
selftest: Add new dfs share (with widelinks enabled)
sefltest: Add new regression test dfs with widelinks = yes
s3/modules: Add flag indicating if connected share is a dfs share
s3/modules: Fix DFS links when widelinks = yes
pidl/lib: Add recursion detection logic to prevent looping.
pidl/tests: Add tests for hang with nested struct.
Pavel Filipenský (16):
s4:auth: Fix trailing whitespaces in kerberos_util.c
auth:kerberos: Fix resource leak in parse_principal()
auth:kerberos: Fix resource leak in smb_krb5_get_keytab_container()
auth:kerberos: Fix resource leak in smb_krb5_update_keytab()
auth:credentials: Fix resource leak in cli_credentials_set_from_ccache()
lib:krb5_wrap: Fix resource leak in smb_krb5_kt_seek_and_delete_old_entries
s3:winbindd: Avoid doing the same assignment twice
s3:winbindd: Use a correct value for the length of domain children
docs:smbdotconf: Inform that changing 'winbind max domain connections' needs a restart
s3:tests: Fix smbspool_argv_wrapper.c
s3:tests: test_smbspool.sh should be calling smbspool_argv_wrapper
s3:tests: Fix init of samba_kdestroy in test_smbclient_kerberos.sh
s3:tests: Fix syntax error in test_smbclient_kerberos.sh
s3:tests: Check if test_smbclient_kerberos.sh was successful
s3:winbindd: Skip check_negative_conn_cache() if saf_servername == NULL
s3:winbindd: Call winbind_add_failed_connection_entry() for the correct dc name
Pavel Kalugin (27):
s3:param: Use lpcfg_set_cmdline()
examples: Use lpcfg_set_cmdline()
s3:rpcclient: Use lpcfg_set_cmdline()
s3:rpc_server: Use lpcfg_set_cmdline() in test_mdsparser_es
s3:utils: Use lpcfg_set_cmdline() in dbwrap_tool
s3:utils: Use lpcfg_set_cmdline() in dbwrap_torture
s3:utils: Use lpcfg_set_cmdline() in mdsearch
s3:utils: Use lpcfg_set_cmdline() in net
s3:utils: Remove trailing spaces in pdbedit; no changes
s3:utils: Use lpcfg_set_cmdline() in pdbedit
s3:utils: Use lpcfg_set_cmdline() in regedit
s3:utils: Use lpcfg_set_cmdline() in sharesec
s3:utils: Use lpcfg_set_cmdline() in smbcacls
s3:utils: Remove trailing spaces in smbcacls; no changes
s3:utils: Use lpcfg_set_cmdline() in smbcontrol
s3:utils: Remove trailing spaces in smbcontrol; no changes
s3:utils: Use lpcfg_set_cmdline() in smbcquotas
s3:utils: Remove trailing spaces in smbcquotas; no changes
s3:utils: Use lpcfg_set_cmdline() in smbstatus
s3:utils: Use lpcfg_set_cmdline() in testparm
s3:utils: Use lpcfg_set_cmdline() in vfstest
s3:notifyd: Use lpcfg_set_cmdline()
s3:torture: Use lpcfg_set_cmdline()
s3:utils: Use lpcfg_set_cmdline() in smbpasswd
libnetapi: Use lpcfg_set_cmdline()
s3:netapi: Fix a leak in libnetapi_net_init()
s3:libsmb: Use lpcfg_set_cmdline()
Ralph Boehme (6):
mdssvc: better support for search with mdfind from Macs
smbd: make vfs_stat_fsp() a no-op on fake file-handles
s3: smbd: Ignore fstat() error on deleted stream in fd_close().
CVE-2023-4091: smbtorture: test overwrite dispositions on read-only file
CVE-2023-4091: smbd: use open_access_mask for access check in open_file()
s4:torture/smb2: fix typo in acls.c
Rob van der Linde (41):
netcmd: user: turn user.py into module netcmd.user
netcmd: user: move user add command
netcmd: user: move user delete command
netcmd: user: move user enable command
netcmd: user: move user disable command
netcmd: user: move user list command
netcmd: user: move user setexpiry command
netcmd: user: move common code used by various password commands
netcmd: user: move user password command
netcmd: user: move user getgroups command
netcmd: user: move user setprimarygroup command
netcmd: user: move user setpassword command
netcmd: user: move user getpassword and syncpasswords commands
netcmd: user: move user edit command
netcmd: user: move user show command
netcmd: user: move user move command
netcmd: user: move user rename command
netcmd: user: move user unlock command
netcmd: user: move user add_unix_attrs command
netcmd: user: move user sensitive command
netcmd: user: readpasswords: turn getpassword.py into readpasswords module
netcmd: user: readpasswords: move show command to readpasswords
netcmd: user: readpasswords: move common.py to readpasswords
netcmd: user: readpasswords: move getpassword command to readpasswords
netcmd: user: readpasswords: move syncpasswords command to readpasswords
netcmd: tests: avoid the need to create a random command in GetSamDB
netcmd: tests: bugfix: argument -U was already in creds so listed twice
python: tests: implement setUpTestData overridable class method
netcmd: tests: make _run a classmethod in SambaToolCmdTest
netcmd: tests: tests tidyup and make use of setUpTestData
netcmd: tests: test that create objects make use of addCleanup
netcmd: tests: modify claim cli tests setup their own test data
netcmd: tests: modify auth policy cli tests setup their own test data
netcmd: tests: modify auth silo cli tests setup their own test data
netcmd: models: field to_db_value needs ldb param
netcmd: models: add FieldError subclass which stores the field
netcmd: models: add SDDL model field
netcmd: models: add SDDL fields to AuthenticationPolicy model
netcmd: auth: add new SDDL fields to create and modify auth policy commands
netcmd: tests: add some tests for valid and invalid SDDL in cli commands
netcmd: auth: manpage documentation for conditional ace fields
Samuel Cabrero (15):
s3:libnetapi: Return error from RequestOfflineJoin
s3:libnetapi: Add some comments to document ODJ blob charset conversions
s3:libnetapi: Add NetComposeOfflineDomainJoin() to IDL
s3:libnetapi: Add NetComposeOfflineDomainJoin() boilerplate
s3:libnetapi: Add NetComposeOfflineDomainJoin() to API.
s3:libnetapi: Implement NetComposeOfflineDomainJoin_l()
s3:net: Add "net offlinejoin composeodj" command
s3:net: Load ODJ blob from file only if "loadfile" parameter is present
s3:net: Allow to load ODJ blob from stdin
testprogs: Cleanup machine account in net offlinejoin tests
testprogs: Add net offlinejoin composeodj tests
netapi: Pass loadparm_context to libnetapi_net_init()
netapi: Pass net's cmdline credentials to libnetapi_net_init()
auth:credentials: Check if password_obtained > obtained
testparm: Allow idmap ranges overlap for idmap_nss
Stefan Metzmacher (43):
VERSION: Bump version up to 4.20.0pre1...
WHATSNEW: Start release notes for Samba 4.20.0pre1.
paged_results: add no memory checks in paged_search()
s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED
librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments without any payload
dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED payload
s4:torture/smb2: let torture_smb2_con_sopt() use smb2_connect()
s4:torture/smb2: let us have a common torture_smb2_con_share()
s4:torture/smb2: make it possible to pass existing_conn to smb2_connect_ext()
s4:torture/smb2: add smb2.multichannel.bugs.bug_15346
s3:smbd: always clear filter_subreq in smb2srv_client_mc_negprot_next()
s3:smbd: fix multichannel connection passing race
smb2_server: avoid ZERO_STRUCT*() in the core code
smb2_server: move struct msghdr to smbd_smb2_request_read_state
smb2_server: remove state->hdr.done and always set state->vector first
smb2_server: split smbd_smb2_advance_incoming() out of smbd_smb2_io_handler()
lib/util: inline iov_{buflen,buf,advance}()
smb2_server: change smbd_smb2_advance_incoming() to use iov_advance()
smb2_server: simplify smbd_smb2_advance_incoming() recvfile logic
smb2_server: split out smbd_smb2_advance_send_queue() out of smbd_smb2_flush_send_queue()
smb2_server: split out smbd_smb2_flush_with_sendmsg() out of smbd_smb2_flush_send_queue()
smb2_server: move struct msghdr to smbd_smb2_send_queue
.gitlab-ci: restore starting ubuntu2204-samba-o3 for the default pipeline
.gitlab-ci: make it explicit that some tests require ext4/5.15 kernel
nsswitch: add test for pthread_key_delete missuse (bug 15464)
nsswitch/wb_common.c: fix build without HAVE_PTHREAD
nsswitch/wb_common.c: winbind_destructor can always use get_wb_global_ctx()
nsswitch/wb_common.c: don't operate on a stale wb_global_ctx.key
nsswitch/wb_common.c: fix socket fd and memory leaks of global state
selftest: add some basic testing for the io_uring vfs module
.codespellignore: adjust in order to pass on ubuntu 22.04
bootstrap: install codespell, shfmt and shellcheck also on debian/ubuntu
gitlab-ci: run samba-codecheck on ubuntu22.04
tevent: introduce DLIST_DEMOTE_SHORT()
lib/util: sync DLIST_DEMOTE_SHORT() changes to dlinklist.h
ldb: sync DLIST_DEMOTE_SHORT() changes to include/dlinklist.h
tevent: split out a tevent_common_fd_disarm() helper
tevent: add tevent_common_fd_mpx infrastructure
tevent: let tevent_epoll.c use new generic mpx infrastructure
tevent: add test_fd_speed3
tevent: add test_event_fd3
tevent: add support for TEVENT_FD_ERROR
tevent: version 0.16.0
Volker Lendecke (152):
smbd: Don't crash in cli_fsctl_send()
libcli: Make symlink_reparse_buffer_parse() more flexible
libcli: Add general reparse point data parsing
libsmb: Use reparse_data_buffer_parse() in cli_readlink()
libsmb: Use reparse_data_buffer_parse() to get symlink error resp
pylibsmb: Use reparse_data_buffer_parse()
libsmb: Some README.Coding for symlink_reparse_buffer_parse()
libsmb: Move symlink_reparse_buffer_parse() to reparse.c
libsmb: Factor out cli_get_reparse_data() from cli_readlink()
libsmb: Retry with OPEN_REPARSE_POINT on IO_REPARSE_TAG_NOT_HANDLED
smbclient3: Get all reparse data for allinfo
passdb: Fix a DBG message
passdb: Fix whitespace
passdb: Fix a DBG statement
idmap: Fix whitespace
idmap_tdb: Remove a variable never used
idmap:fix whitespace
lib: Move few bytes of R/W data to R/O text
smbd: Use struct initialization
smbd: Fix DBG macro
dbwrap: Simplify dbwrap_change_uint32_atomic_action()
dbwrap: Simplify dbwrap_change_int32_atomic_action()
smbstatus: Fix CID 1507870 Uninitialized pointer read
smbstatus: Fix CID 1507865 Uninitialized pointer read
smbd: Use "dirfsp" in smb_posix_open()
smbd: Use "dirfsp" in smb_posix_unlink()
smbd: Pass down "dirfsp" to smb_unix_mknod()
libsmb: A bit README.Coding for cli_qpathinfo2()
tevent: Fix a typo
audit_logging: Simplify json_add_stringn() with json_stringn()
libsmb: Add cli_smb2_qpathinfo_send/recv()
libsmb: Use cli_smb2_qpathinfo() for streams
libsmb: Use cli_smb2_qpathinfo() in cli_qpathinfo2()
libsmb: Use cli_smb2_qpathinfo_basic() in cli_getatr()
smbclient: Don't give up in allinfo if getting advanced info fails
torture3: Avoid unused variables
libsmb: Move cli_qpathinfo1() to torture3
libsmb: Move cli_raw_ioctl() to torture3
libsmb: Use tevent_req_oom() where appropriate
libsmb: Remove a duplicate TALLOC_FREE()
libsmb: Use tevent_req_nterror() properly
clifuse: Use direct FSCC info level
libcli: Add required #includes to smbXcli_base.h
tests: Create symlinks using posix extensions
tests: Add test_symlink_reparse_data_buffer_parse
libsmb: Fix parsing symlink reparse points
tests: Add reproducer for BZ15481
smbd: Fix BZ15481
conf: Remove "smb3 unix extensions" parameter
libsmb: Add sync cli_mknod() for smbclient3's use
smbclient: Add mkfifo command
libsmb: Add reparse_data_buffer_marshall()
libsmb: Use reparse_data_buffer_marshall() in py_reparse_symlink_put()
libsmb: Factor out cli_create_reparse_point() from cli_symlink()
libsmb: Use reparse_data_buffer_marshall() in cli_symlink_send()
libsmb: Use reparse_data_buffer_marshall() in py_reparse_put()
libsmb: Remove reparse_symlink.c
libsmb: Extend cli_mknod to create NFS reparse points
smbclient: Save lines with talloc_asprintf_addbuf()
libsmb: Remove unused cli_is_nt_error()
libsmb: Remove a call to SMBC_errno()
libsmb: Remove a call to SMBC_errno()
libsmb: Remove a call to SMBC_errno()
libsmb: Remove SMBC_errno()
libsmb: Eliminate a reader of cli->raw_status
libsmb: Remove unused cli_dos_error()
libsmb: Remove unused cli_is_dos_error()
lib: Modernize tdb_fetch_lifetime()
lib: Avoid a tdb handle leak
examples: Use explicit SMBCCTX
smbd: Modernize a few DBG statements
libsmb: Remove two #defines just used once
examples: Slightly modernize printfs in teststat
clifuse: Use an empty array for holding the inode path
clifuse: Start implementing forget()
libcli: Correct guard #define
libsmb: Make libsmb/clispnego.c static to libads/
libsmb: Pass neg contexts through sync smbXcli_negprot_recv()
tests: We always do smb3 unix extensions
tests: Run smb3unix tests with SMB1
pylibsmb: Py_BuildValue can build tuples directly
libsmb: Allow NULL print_name in reparse_data_buffer_marshall()
idl: Add smb3posix.idl
smbd: Use smb3posix marshalling in smbd_smb2_create_after_exec()
smbd: Add smb3_file_posix_information_init()
smbd: Modernize a DEBUG statement
smbd: Use Use smb3posix marshalling in in smbd_marshall_dir_entry()
smbd: Use Use smb3posix marshalling in in smbd_do_qfilepathinfo()
smbd: Remove unused marshalling of smb3posix file information
libndr: Factor out ndr_pull_struct_blob_noalloc()
libsmb: Pass NTTIME to interpret_long_date()
libsmb: Use pidl generated parsing for posix file info
smbd: Pass "struct vfs_open_how" to reopen_from_procfd()
smbd: Pass "struct vfs_open_how" to fd_open_atomic()
smbd: Pass "struct vfs_open_how" to reopen_from_fsp()
smbd: Slightly simplify open_file()
smbd: Remove variable "accmode" from open_file()
smbd: Don't change incoming flags in open_file()
smbd: Simplify open_file()
smbd: Simplify an if-condition in open_file()
smbd: Simplify open_file()
smbd: Simplify open_file()
smbd: Simplify open_file()
smbd: Make open_file() a bit safer
smbd: Remove "local_flags" from open_file()
smbd: Pass struct vfs_open_how to open_file()
smbd: Remove "flags2" from open_file_ntcreate()
vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT
libsmb: Add "flags" to cli_smb2_close_fnum_send()
libsmb: Pass "flags" through cli_close_send() and pylibsmb
pylibsmb: Add SMB2_CLOSE_FLAGS_FULL_INFORMATION constant
tests: Add reproducer for bug 15487
ctdb: Fix whitespace
ctdb: Reduce indentation in get_tunable_values()
ctdb: Align variable signedness
ctdb: setup $CTDB_BASE for deterministic ip alloc tests
ctdb: Add "home_nodes" file to deterministic IP allocation
smbd: Expand IS_DOS_* macros
libsmb: Expand IS_DOS_* macros
smbd: Expand IS_DOS_ARCHIVE() macros
smbd: Expand IS_DOS_READONLY() macros
examples: Expand IS_DOS_DIR() macros
libsmb: Expand IS_DOS_DIR() macro
Remove IS_DOS_*() macros
pdb: Slightly simplify pdb_samba_dsdb_set_trusteddom_pw()
lsa_srv4: Fix a typo
dsdb: Slightly simplify dsdb_trust_get_incoming_passwords()
rpc_netlogon4: Simplify dcesrv_netr_ServerAuthenticate3_helper()
rpc_server3: Remove a duplicate comment
rpc_server3: Avoid a pointless DEBUGADD
smbd: Avoid casts in a DBG statement
libsmb: Remove unused smb2_create_blob_remove()
smbd: Reduce indentation, remove a nested if-statement
smbd: Modernize two DBG statements
vfs: Fix a typo
smbd: Fix a typo
smbd: Use SMB_VFS_FSTATAT() instead of SMB_LSTAT()
smbd: Remove a pointless NULL check
smbd: is_in_path() deals with a NULL namelist
libcli: Convert security_token_debug_privileges() to talloc_asprintf
libcli: Make security_token_debug() use just one DEBUG statement
libcli: Make debug_unix_user_token() use just one DEBUG statement
smbclient: Always ask for SMB311 posix in negprot
libsmb: Ask for posix semantics if requested
examples: Print file type as part of teststat
libsmb: Add placeholder "mode" parameter to cli_qpathinfo2()
libsmb: Query reparse tag in cli_qpathinfo2
libsmb: Parse reparse tag in query_directory response
libsmbclient: Add smbc_[gs]etOptionPosixExtensions()
libsmbclient: Read the file type from the server with posix enabled
examples: Enable posix for teststat
libsmb: Use cli_smb2_qpathinfo_send() for SMB_QUERY_FILE_ALT_NAME_INFO
-----------------------------------------------------------------------
--
Samba Shared Repository
More information about the samba-cvs
mailing list