The annotated tag, tevent-0.10.1 has been created
at 6dd6858bc8eb7bbb20cb911e3c4660bd14a7d821 (tag)
tagging 123267138e993c6a87990c0022e89f4970c0ac12 (commit)
replaces tdb-1.4.2
tagged by Stefan Metzmacher
on Wed Sep 4 17:43:36 2019 +0200
- Log -----------------------------------------------------------------
tevent: tag release tevent-0.10.1
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEkUejOXGVGO6QEby1R5ORYRMIQCUFAl1v26gACgkQR5ORYRMI
QCXASAf+ILBVSvIlxY6N3jicEoEaXzbWJmnBYU83FQh1S7me3scZpnN3qUEI9RLG
BslY/f3rmB6MGppYNm3J576gERLGfPSvnthzA6AiRZ4n3VXFf1WSheP1btCsdUsX
QZpyK/yPH6ujzrE1TepfdDM92OIrn+f7/sxUKFinmMqThe110nDrIIKI/k6ICkS3
eh702/KUd469SQPl5Lv+/xMbWxoIgiEKw6mexgYHcnAJLO9R+4GufCX8FdmINXIU
Moog0KTCILnIPhKRm1z06MVNpkYoKB2pYJiqbpsXIwHiKkGMD6B1ZCKbqyJTvfLP
I8IUmzxXT6sx0i8cOGoGU2Oe80Cjig==
=CZLG
-----END PGP SIGNATURE-----
Aaron Haslett (2):
rpc samr: EnumDomainUsers perf improvement
paged results: tests without server_sort ctrl
Andreas Schneider (31):
s4:samdb: Add test_gnutls_value_decryption()
s4:samdb: Remove dual-stack mode from (test_)encrypted_secrets
s4:samdb: Only include necessary header files in encrypted_secrets
waf: Check for GNUTLS AES CFB support
libcli:auth: Use netlogon_creds_aes_encrypt() in
netlogon_creds_step_crypt()
libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_encrypt()
libcli:auth: Return NTSTATUS for netlogon_creds_aes_encrypt()
libcli:auth: Use GnuTLS AES128 CFB for netlogon_creds_aes_decrypt()
auth:gensec: Use GnuTLS AES128 CFB8 in netsec_do_seq_num()
auth:gensec: Use GnuTLS AES CFB8 in netsec_do_seal()
lib:crypto: Prepare not to build AES or AES-CMAC if we use GnuTLS support
it
libcli:smb: Define SMB2_AES_128_CCM_NONCE_SIZE
libcli:smb: Use GnuTLS for AES constants
libcli:smb: Add gnutls_aead_cipher_hd_t to smb2_signing_key structure
libcli:smb: Use a smb2_signing_key for storing the encryption key
libcli:smb: Use a smb2_signing_key for storing the decryption key
s3:smbd: Use smb2_signing_key structure for the encryption key
s3:smbd: Use smb2_signing_key structure for the decryption key
s3:smbd: Use GnuTLS for AES constants
waf: Check for AES128 CMAC support in GnuTLS
libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_sign_pdu()
libcli:smb: Use GnuTLS AES128 CMAC in smb2_signing_check_pdu()
lib:crypto: Do not build AES-CMAC if we use GnuTLS that supports it
libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_encrypt_pdu()
libcli:smb: Support GnuTLS AES CCM and GCM in smb2_signing_decrypt_pdu()
libcli:smb: Use smb2_signing_key in smb2_signing_decrypt_pdu()
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_decrypt_pdu()
libcli:smb: Use smb2_signing_key in smb2_signing_encrypt_pdu()
libcli:smb: Use gnutls_error_to_ntstatus() in smb2_signing_encrypt_pdu()
libcli:smb: Prefer AES-GCM over AES-CCM with GnuTLS
s3:smbd: Prefer AES-GCM over AES-CCM with GnuTLS
Andrew Bartlett (39):
encrypted_secrets: Add known and expected value test
libcli:auth Return NTSTATUS from netlogon_creds_aes_decrypt()
crypto: Update REQUIREMENTS file with new minimum version
libcli:auth Check NTSTATUS from netlogon_creds_aes_{en,de}crypt()
s3-rpc_server: Check NTSTATUS return value from
netlogon_creds_aes_decrypt()
s4-rpc_server: Check NTSTATUS return value from
netlogon_creds_aes_decrypt()
s3-librpc: Remove unused init_netr_CryptPassword()
auth/credentials: Check NTSTATUS return from netlogon_creds_aes_encrypt()
auth/gensec: Use gnutls_error_to_ntstatus() consistently in schannel
auth/gensec: Use gnutls_error_to_ntstatus() in netsec_do_seal()
build: Set minimum GnuTLS version at 3.4.7
s4-rpc_server: Remove Heimdal-based BackupKey server
s4-rpc_server/backupkey: consistently check error codes from GnuTLS
lib/crypto: Remove unused RC4 code from Samba
s4-samdb: Remove duplicate encrypted_secrets code using internal Samba AES
build: Remove explicit check for HAVE_GNUTLS_AEAD as we require GnuTLS
3.4.7
libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_sign_pdu()
libcli/smb: Use gnutls_error_to_ntstatus() in smb2_signing_check_pdu()
docs: Deprecate "rndc command" for Samba 4.11
s4-dns: Deprecate BIND9_FLATFILE and remove "rndc command"
ldb: Correct Pigeonhole principle validation in ldb_filter_attrs()
ldb: use TALLOC_FREE() over talloc_free() in ldb_filter_attrs()
ldb: Call TALLOC_FREE(filtered_msg->elements) on ldb_filter_attrs()
failure
ldb: Rework all pointer NULL tests to use Samba's normal style
ldb: Add test with == true or false to boolean if statements in
ldb_dn_explode()
ldb: Do not read beyond the end of the extended DN component when printing
ldb: Extend the ldb_dn_explode test matrix
WHATSNEW: Document new GnuTLS 3.4.7 requirement
selftest: Remove obsolete LDAP backend hooks from selftest.pl et al
sefltest: Remove tests for obsolete OpenLDAP backend
samba-tool domain provision: Remove experimental OpenLDAP support
dsdb: Remove LDAP backend specific modules from extended_dn_out
dsdb: Remove OpenLDAP backend complexity from partitions module
dsdb: Remove OpenLDAP backend complexity from samba_dsdb module
dsdb: Remove unused entryuuid and nsuniqueid modules
util: Remove unused NS_GUID_string() and NS_GUID_from_string()
dsdb: Remove unused simple_dn module
dsdb: Remove unused local_password module
build: Raise minimum python version to 3.5.0 for Samba 4.12
Anoop C S (1):
vfs_glusterfs: Enable profiling for file system operations
Björn Baumbach (1):
build: remove unneeded libceph-common dependency
Björn Jacke (5):
python: use os.urandom, which is available in python by definition
docs-xml: fix problamatic quotes from panic action example
replace/setxattr: set reasonable and unified errno value in case the EA
value was too big
xattr/setxattr: fix flag support on AIX
replace/setxattr: correctly use our flags on Darwin
Christof Schmitt (1):
pthreadpool: Remove wrong comment.
David Disseldorp (1):
build: drop --with-libcephfs=<path> support
Douglas Bagnall (2):
ldb: don't try to save a value that isn't there
ldb: add some dn explode tests
Gary Lockyer (1):
ldb tests: Fix ldb_lmdb_size_test
Jeremy Allison (115):
s3: VFS: Add SMB_VFS_LINKAT().
s3: VFS: vfs_cap. Implement linkat().
s3: VFS: vfs_ceph. Implement linkat().
s3: VFS: vfs_ceph_snapshots. Implement linkat().
s3: VFS: vfs_full_audit. Implement linkat().
s3: VFS: vfs_glusterfs. Implement linkat().
s3: VFS: vfs_media_harmony. Implement linkat().
s3: VFS: vfs_shadow_copy2. Implement linkat().
s3: VFS: vfs_snapper. Implement linkat().
s3: VFS: vfs_syncops. Implement linkat().
s3: VFS: vfs_time_audit. Implement linkat().
s3: VFS: vfs_unityed_media. Implement linkat().
s3: torture: Change cmd_link to call SMB_VFS_LINKAT().
s3: smbd: Make hardlink_internals() call SMB_VFS_LINKAT() instead of
SMB_VFS_LINK()
s3: VFS: vfs_cap. Remove link_fn(). No longer used.
s3: VFS: vfs_ceph. Remove link_fn(). No longer used.
s3: VFS: vfs_ceph_snapshots. Remove link_fn(). No longer used.
s3: VFS: vfs_glusterfs. Remove link_fn(). No longer used.
s3: VFS: vfs_media_harmony. Remove link_fn(). No longer used.
s3: VFS: vfs_shadow_copy2. Remove link_fn(). No longer used.
s3: VFS: vfs_snapper. Remove link_fn(). No longer used.
s3: VFS: vfs_syncops. Remove link_fn(). No longer used.
s3: VFS: vfs_unityed_media. Remove link_fn(). No longer used.
s3: VFS: vfs_full_audit. Remove link_fn(). No longer used.
s3: VFS: vfs_time_audit. Remove link_fn(). No longer used.
s3: VFS: Complete the replacement of SMB_VFS_LINK() -> SMB_VFS_LINKAT().
s3: VFS: Remove extraneous enum/struct values for removed SMB_VFS_OP_LINK.
s3: smbd: Add sys_mknodat() wrapper call.
s3: VFS: Add SMB_VFS_MKNODAT().
s3: VFS: vfs_cap. Implement mknodat().
s3: VFS: vfs_ceph. Implement mknodat().
3: VFS: vfs_ceph_snapshots. Implement mknodat().
s3: VFS: vfs_glusterfs. Implement mknodat().
s3: VFS: vfs_media_harmony. Implement mknodat().
s3: VFS: vfs_shadow_copy2. Implement mknodat().
s3: VFS: vfs_snapper. Implement mknodat().
s3: VFS: vfs_syncops. Implement mknodat().
s3: VFS: vfs_unityed_media. Implement mknodat().
s3: VFS: vfs_full_audit. Implement mknodat().
s3: VFS: vfs_time_audit. Implement mknodat().
s3: torture: Change cmd_mknod to call SMB_VFS_MKNODAT().
s3: smbd: Make smb_unix_mknod() call SMB_VFS_MKNODAT() instead of
SMB_VFS_MKNOD()
s3: VFS: vfs_cap. Remove mknod_fn(). No longer used.
s3: VFS: vfs_ceph. Remove mknod_fn(). No longer used.
s3: VFS: vfs_ceph_snapshots. Remove mknod_fn(). No longer used.
s3: VFS: vfs_glusterfs. Remove mknod_fn(). No longer used.
s3: VFS: vfs_media_harmony. Remove mknod_fn(). No longer used.
s3: VFS: vfs_shadow_copy2. Remove mknod_fn(). No longer used.
s3: VFS: vfs_snapper. Remove mknod_fn(). No longer used.
s3: VFS: vfs_syncops. Remove mknod_fn(). No longer used.
s3: VFS: vfs_unityed_media. Remove mknod_fn(). No longer used.
s3: VFS: vfs_full_audit. Remove mknod_fn(). No longer used.
s3: VFS: vfs_time_audit. Remove mknod_fn(). No longer used.
s3: VFS: Complete the replacement of SMB_VFS_MKNOD() -> SMB_VFS_MKNODAT().
s3: VFS: Add SMB_VFS_READLINKAT().
s3: VFS: vfs_cap. Implement readlinkat().
s3: VFS: vfs_ceph. Implement readlinkat().
s3: VFS: vfs_ceph_snapshots. Implement readlinkat().
s3: VFS: vfs_expand_msdfs. Implement readlinkat().
s3: VFS: vfs_full_audit. Implement readlinkat().
s3: VFS: vfs_glusterfs. Implement readlinkat().
s3: VFS: vfs_media_harmony. Implement readlinkat().
s3: VFS: vfs_shadow_copy2. Implement readlinkat().
s3: VFS: vfs_snapper. Implement readlinkat().
s3: VFS: vfs_time_audit. Implement readlinkat().
s3: VFS: vfs_unityed_media. Implement readlinkat().
s3: torture: Change cmd_readlink to call SMB_VFS_READLINKAT().
s3: smbd: Change is_msdfs_link_internal() to call SMB_VFS_READLINKAT().
s3: smbd: Change smbd_do_qfilepathinfo(): case SMB_QUERY_FILE_UNIX_LINK:
to call SMB_VFS_READLINKAT().
s3: smbd: Change process_symlink_open() to call SMB_VFS_READLINKAT().
s3: VFS: vfs_cap. Remove readlink_fn(). No longer used.
s3: VFS: vfs_ceph. Remove readlink_fn(). No longer used.
s3: VFS: vfs_ceph_snapshots. Remove readlink_fn(). No longer used.
s3: VFS: vfs_expand_msdfs. Remove readlink_fn(). No longer used.
s3: VFS: vfs_glusterfs. Remove readlink_fn(). No longer used.
s3: VFS: vfs_media_harmony. Remove readlink_fn(). No longer used.
s3: VFS: vfs_shadow_copy2. Remove readlink_fn(). No longer used.
s3: VFS: vfs_snapper. Remove readlink_fn(). No longer used.
s3: VFS: vfs_unityed_media. Remove readlink_fn(). No longer used.
s3: VFS: vfs_full_audit. Remove readlink_fn(). No longer used.
s3: VFS: vfs_time_audit. Remove readlink_fn(). No longer used.
s3: VFS: Complete the replacement of SMB_VFS_READLINK() ->
SMB_VFS_READLINKAT().
CVE-2019-10197: smbd: separate out impersonation debug info into a new
function.
s3: libsmbclient: Ensure SMBC_readdir_ctx() also updates the readdirplus
pointers.
s3: libsmbclient: Ensure SMBC_readdirplus_ctx() also updates the readdir
pointers.
s3: libsmbclient: Ensure SMBC_getdents_ctx() also updates the readdirplus
pointers.
s3: libsmbclient: Fix smbc_lseekdir() to work with smbc_readdirplus().
s3/4: libsmbclient test. Test using smbc_telldir/smbc_lseekdir with
smbc_readdir/smbc_readdirplus/smbc_getdents.
s3: VFS: Add SMB_VFS_SYMLINKAT().
s3: VFS: vfs_cap. Implement symlinkat().
s3: VFS: vfs_ceph. Implement symlinkat().
s3: VFS: vfs_ceph_snapshots. Implement symlinkat().
s3: VFS: vfs_full_audit. Implement symlinkat().
s3: VFS: vfs_glusterfs. Implement symlinkat().
s3: VFS: vfs_media_harmony. Implement symlinkat().
s3: VFS: vfs_shadow_copy2. Implement symlinkat().
s3: VFS: vfs_snapper. Implement symlinkat().
s3: VFS: vfs_syncops. Implement symlinkat().
s3: VFS: vfs_time_audit. Implement symlinkat().
s3: VFS: vfs_unityed_media. Implement symlinkat().
s3: torture: Change cmd_symlink to call SMB_VFS_SYMLINKAT().
s3: smbd: Change smb_set_file_unix_link() to call SMB_VFS_SYMLINKAT().
s3: smbd: Change create_msdfs_link() to call SMB_VFS_SYMLINKAT().
s3: VFS: vfs_cap. Remove symlink_fn(). No longer used.
s3: VFS: vfs_ceph. Remove symlink_fn(). No longer used.
s3: VFS: vfs_ceph_snapshots. Remove symlink_fn(). No longer used.
s3: VFS: vfs_glusterfs. Remove symlink_fn(). No longer used.
s3: VFS: vfs_media_harmony. Remove symlink_fn(). No longer used.
s3: VFS: vfs_shadow_copy2. Remove symlink_fn(). No longer used.
s3: VFS: vfs_snapper. Remove symlink_fn(). No longer used.
s3: VFS: vfs_syncops. Remove symlink_fn(). No longer used.
s3: VFS: vfs_unityed_media. Remove symlink_fn(). No longer used.
s3: VFS: vfs_full_audit. Remove symlink_fn(). No longer used.
s3: VFS: vfs_time_audit. Remove symlink_fn(). No longer used.
s3: VFS: Complete the replacement of SMB_VFS_SYMLINK() ->
SMB_VFS_SYMLINKAT().
Marco Wang (1):
s3: net: net_ads: fix a typo in comment
Martin Schwenke (10):
ctdb-tests: Reformat node_has_status()
ctdb-tests: Drop unused node statuses frozen/unfrozen
ctdb-tests: Inline handling of recovered and notlmaster statuses
ctdb-tests: Handle special cases first and return
ctdb-tests: Don't retrieve the VNN map from target node for notlmaster
ctdb-recoverd: Only check for LMASTER nodes in the VNN map
ctdb-tests: Strengthen volatile DB traverse test
ctdb-tests: Wait for child process when killing cluster mutex helper
ctdb-tests: Clear deleted record via recovery instead of vacuuming
ctdb-recoverd: Fix typo in previous fix
Mathieu Parent (61):
Spelling fixes s/containter/container/
Spelling fixes s/depencies/dependencies/
Spelling fixes s/tempates/templates/
Spelling fixes s/advertisment/advertisement/
Spelling fixes s/negotatie/negotiate/
Spelling fixes s/sepcific/specific/
Spelling fixes s/Unsuported/Unsupported/
Spelling fixes s/integrety/integrity/
Spelling fixes s/autentication/authentication/
Spelling fixes s/convertion/conversion/
Spelling fixes s/exising/existing/
Spelling fixes s/Mirgate/Migrate/
Spelling fixes s/succedded/succeeded/
Spelling fixes s/encrpted/encrypted/
Spelling fixes s/setted/set/
Spelling fixes s/hierachy/hierarchy/
Spelling fixes s/exisiting/existing/
Spelling fixes s/Therefor /Therefore /
Spelling fixes s/emtpy/empty/
Spelling fixes s/BUITIN/BUILTIN/
Spelling fixes s/serivce/service/
Spelling fixes s/DISLPAY/DISPLAY/
Spelling fixes s/avaiable/available/
Spelling fixes s/nonexistant/nonexistent/
Spelling fixes s/componet/component/
Spelling fixes s/optinally/optionally/
Spelling fixes s/overriden/overridden/
Spelling fixes s/didnt'/didn't/
Spelling fixes s/wont /won't /
Spelling fixes s/explicite /explicit /
Spelling fixes s/recieved/received/
Spelling fixes s/noone/no one/
Spelling fixes s/ ot / to /
Spelling fixes s/ upto / up to /
Spelling fixes s/ dont / don't /
Spelling fixes s/directores/directories/
Spelling fixes s/filesytems/filesystems/
Spelling fixes s/explizitly/explicitly/
Spelling fixes s/simliar/similar/
Spelling fixes s/substitue/substitute/
Spelling fixes s/accidentially/accidentally/
Spelling fixes s/rebuilded/rebuilt/
Spelling fixes s/concatonated/concatenated/
Spelling fixes s/retreiving/retrieving/
Spelling fixes s/priveliges/privileges/
Spelling fixes s/compatability/compatibility/
Spelling fixes s/ingnored/ignored/
Spelling fixes s/staticly/statically/
Spelling fixes s/implentation/implementation/
Spelling fixes s/touble/trouble/
Spelling fixes s/whitch/which/
Spelling fixes s/suceeded/succeeded/
Spelling fixes s/withing/within/
Spelling fixes s/valuie/value/
Spelling fixes s/preceeding/preceding/
Spelling fixes s/intergration/integration/
Spelling fixes s/accomodations/accommodations/
Spelling fixes s/permited/permitted/
Spelling fixes s/hightest/highest/
Spelling fixes s/varaible/variable/
Spelling fixes s/ querys / queries /
Noel Power (18):
s3/libsmb: clang: Fix 'The left operand of '!=' is a garbage value'
s3/libsmb: clang: Fix 'The left operand of '&' is a garbage value'
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'
s3/libsmb: clang: Fix 'Value stored to 'ea_size' is never read'
s3/libsmb: clang: Fix 'Value stored to 'p' is never read' warning
libcli/auth: clang: Fix 'Value stored to 'status' is never read'
s3/libsmb: clang: Fix 'The left operand of '>' or '<' is a garbage value
s3/libsmb: clang: Fix '2nd func call argument is uninitalized value'
s3/libsmb: clang: Fix 'Assigned value is garbage or undefined'
s3/libsmb: clang: Fix 'warning: Assigned value is garbage or undefined '
s3/libsmb: clang: Fix value stored to 'offset' is never read
s3/libads: clang: Fix Value stored to 'canon_princ' is never read
s3/libsmb: clang: Fix: The right operand of '<' is a garbage value
s3/libsmb: clang: Fix Value set during its initialization is never read
s3/libsmb: clang: Fix 2nd function call argument is an uninitialized value
s3/libsmb: clang: Fix 'warning: Value stored to 'status' is never read'
s3/libsmb: clang: Fix 'Value stored to 'status' is never read'
s3/libsmb: clang: Fix 'Value stored during initialization is never read'
Poornima G (1):
vfs_glusterfs: Use pthreadpool for scheduling aio operations
Ralph Wuerthner (1):
s3:net: load registry shares too in 'net vfs stream2adouble'
Stefan Metzmacher (6):
CVE-2019-10197: smbd: make sure that change_to_user_internal() always
resets current_user.done_chdir
CVE-2019-10197: smbd: make sure we reset current_user.{need,done}_chdir
in become_root()
CVE-2019-10197: selftest: make fsrvp_share its own independent
subdirectory
CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no
permission on share root problem
CVE-2019-10197: smbd: split change_to_user_impersonate() out of
change_to_user_internal()
tevent: Release tevent 0.10.1
Swen Schillig (14):
talloc: ASAN fix for test_realloc_on_destructor_parent
talloc: ASAN fix for test_talloc_free_in_destructor
talloc: ASAN fix for test_pool_nest
talloc: ASAN fix for test_rusty
talloc: ASAN fix for test_magic_protection
torture: fix mem leak found by ASAN (smb2_connect)
s3: free popt context in utils
rpcclient: free popt context when done
s4: free popt context in torture
s4: free popt context in client
s4: free popt context in utils
s4: free popt context in dnsserver
lib: free popt context in texpect
ctdb-tests: fix mem leak in ltdb_fetch
-----------------------------------------------------------------------
--
Samba Shared Repository
