[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  fbba9a24796 VERSION: Disable GIT_SNAPSHOT for the Samba 4.18.0rc1 
release.
   via  0c9b310e239 WHATSNEW: Up to Samba 4.18.0rc1.
   via  f972b1ea061 ldb: version 2.7.0
   via  3c6d28ebae2 tevent: version 0.14.0
   via  c5d5ebb60d4 tevent: Call depth tracking
   via  07251f562c6 tevent: expose tevent_find_ops_byname() to callers
   via  ab49d9ee4ee tevent: allow the "standard" backend to be overloaded
   via  147a317b7b9 tevent: remove solaris port backend
   via  620ad8af466 tevent: remove unused register_backend() from python 
bindings
   via  eb05fe87bf7 tevent: remove unused tevent_liboop.c
   via  77c828e1248 tevent: Fix trailing whitespaces in tevent.c
   via  f6a6d917e10 tevent: use samba_tevent_set_debug() in testsuite.c
   via  96e4be0a799 lib/util: install a tevent_abort callback using 
smb_panic()
   via  a92150ed0ef s4:lib/events: let s4_event_context_init() use 
samba_tevent_context_init()
   via  eab796a4f91 tdb: version 1.4.8
   via  5224ed98eeb talloc: version 2.4.0
  from  7105554cb05 bootstrap: Update to Ubuntu 22.04 as base default OS

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
---

Summary of changes:
 VERSION|   6 +-
 WHATSNEW.txt   |   2 +-
 lib/ldb/wscript|   2 +-
 ...oc-util-2.3.0.sigs => pytalloc-util-2.4.0.sigs} |   0
 .../ABI/{talloc-2.3.5.sigs => talloc-2.4.0.sigs}   |   0
 lib/talloc/talloc.h|   2 +-
 lib/talloc/wscript |   2 +-
 lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.8.sigs}|   0
 lib/tdb/wscript|   2 +-
 .../ABI/{tevent-0.13.0.sigs => tevent-0.14.0.sigs} |   5 +
 lib/tevent/pytevent.c  | 130 
 lib/tevent/testsuite.c |  50 +-
 lib/tevent/tevent.c|  15 +-
 lib/tevent/tevent.h| 164 +
 lib/tevent/tevent_debug.c  |  38 +
 lib/tevent/tevent_internal.h   |   8 +-
 lib/tevent/tevent_liboop.c | 292 
 lib/tevent/tevent_port.c   | 804 -
 lib/tevent/tevent_queue.c  |   2 +
 lib/tevent/tevent_req.c|  10 +
 lib/tevent/tevent_standard.c   |   2 +-
 lib/tevent/wscript |   2 +-
 lib/util/tevent_debug.c|  18 +
 source4/lib/events/tevent_s4.c |   2 +-
 24 files changed, 294 insertions(+), 1264 deletions(-)
 copy lib/talloc/ABI/{pytalloc-util-2.3.0.sigs => pytalloc-util-2.4.0.sigs} 
(100%)
 copy lib/talloc/ABI/{talloc-2.3.5.sigs => talloc-2.4.0.sigs} (100%)
 copy lib/tdb/ABI/{tdb-1.3.17.sigs => tdb-1.4.8.sigs} (100%)
 copy lib/tevent/ABI/{tevent-0.13.0.sigs => tevent-0.14.0.sigs} (97%)
 delete mode 100644 lib/tevent/tevent_liboop.c
 delete mode 100644 lib/tevent/tevent_port.c


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index ba39cbcaacb..97e56c10a35 100644
--- a/VERSION
+++ b/VERSION
@@ -77,7 +77,7 @@ SAMBA_VERSION_BETA_RELEASE=
 # e.g. SAMBA_VERSION_PRE_RELEASE=1 #
 #  ->  "2.2.9pre1" #
 
-SAMBA_VERSION_PRE_RELEASE=1
+SAMBA_VERSION_PRE_RELEASE=
 
 
 # For 'rc' releases the version will be#
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=1
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=
+SAMBA_VERSION_RC_RELEASE=1
 
 
 # To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=
 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes   #
 #  ->  "3.0.0-SVN-build-199"   #
 
-SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
+SAMBA_VERSION_IS_GIT_SNAPSHOT=no
 
 
 # This is for specifying a release nickname#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 4a40b7147dd..eb71f69fadc 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
 Release Announcements
 =
 
-This is the first pre release of Samba 4.18.  This is *not*
+This is the first release candidate of Samba 4.18.  This is *not*
 intended for production environments a

[SCM] Samba Shared Repository - branch v4-18-test updated

[Stefan Metzmacher]

The branch, v4-18-test has been updated
   via  1886a72d966 VERSION: Bump version up to 4.18.0rc2...
  from  fbba9a24796 VERSION: Disable GIT_SNAPSHOT for the Samba 4.18.0rc1 
release.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 1886a72d966dba78246fff8ee465b02384214b01
Author: Stefan Metzmacher 
Date:   Thu Jan 19 13:43:44 2023 +0100

VERSION: Bump version up to 4.18.0rc2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Stefan Metzmacher 

Autobuild-User(v4-18-test): Stefan Metzmacher 
Autobuild-Date(v4-18-test): Thu Jan 19 14:33:06 UTC 2023 on atb-devel-224

---

Summary of changes:
 VERSION | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 97e56c10a35..e7078e58136 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=1
+SAMBA_VERSION_RC_RELEASE=2
 
 
 # To mark SVN snapshots this should be set to 'yes'#
@@ -99,7 +99,7 @@ SAMBA_VERSION_RC_RELEASE=1
 # e.g. SAMBA_VERSION_IS_SVN_SNAPSHOT=yes   #
 #  ->  "3.0.0-SVN-build-199"   #
 
-SAMBA_VERSION_IS_GIT_SNAPSHOT=no
+SAMBA_VERSION_IS_GIT_SNAPSHOT=yes
 
 
 # This is for specifying a release nickname#


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  8b97aca0dee WHATSNEW 4.18: mention samba-tool dsacl delete
  from  1886a72d966 VERSION: Bump version up to 4.18.0rc2...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 8b97aca0dee6bfe47a0903a8a61f3e09bd779aea
Author: Douglas Bagnall 
Date:   Thu Jan 19 14:18:15 2023 +1300

WHATSNEW 4.18: mention samba-tool dsacl delete

Signed-off-by: Douglas Bagnall 

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Jan 20 12:00:40 UTC 2023 on atb-devel-224

---

Summary of changes:
 WHATSNEW.txt | 8 
 1 file changed, 8 insertions(+)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index eb71f69fadc..4aa903c2fec 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -65,6 +65,14 @@ already used it, the defaults have changed slightly.
set it overrides --color for the purpose of the output diagram, but
not for other output like error messages.
 
+New samba-tool dsacl subcommand for deleting ACES
+-
+
+The samba-tool dsacl tool can now delete entries in directory access
+control lists. The interface for 'samba-tool dsacl delete' is similar
+to that of 'samba-tool dsacl set', with the difference being that the
+ACEs described by the --sddl argument are deleted rather than added.
+
 No colour with NO_COLOR environment variable
 
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  af00a0df70a s3/lib: Prevent use after free of messaging_ctdb_fde_ev 
structs
   via  f21236ac004 s3:auth: call wbcFreeMemory(info) in 
auth3_generate_session_info_pac()
   via  6e6913bcac2 WHATSNEW: add acl_xattr:security_acl_name option
  from  8b97aca0dee WHATSNEW 4.18: mention samba-tool dsacl delete

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit af00a0df70a591ef5890274ba700349abe9ec928
Author: Noel Power 
Date:   Wed Jan 25 17:03:07 2023 +

s3/lib: Prevent use after free of messaging_ctdb_fde_ev structs

In a cluster setup samba-bgqd async callback
cups_pcap_load_async can access messaging_ctdb_fde_ev associated
with already destructed global_ctdb_ctx_destructor

==26053== Invalid read of size 8
==26053==at 0x71692E1: messaging_ctdb_fde_ev_destructor 
(messages_ctdb.c:181)
==26053==by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053==by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053==by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053==by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053==by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053==by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053==by 0x40B3963: _talloc_free (talloc.c:1792)
==26053==by 0x4056BCA: tevent_req_received (tevent_req.c:301)
==26053==by 0x405673D: tevent_req_destructor (tevent_req.c:135)
==26053==by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053==by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053==by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053==by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053==by 0x40B3963: _talloc_free (talloc.c:1792)
==26053==by 0x1384EF: cups_pcap_load_async (print_cups.c:507)
==26053==by 0x13894B: cups_cache_reload (print_cups.c:602)
==26053==by 0x1373AE: pcap_cache_reload (pcap.c:140)
==26053==by 0x1369D2: register_printing_bq_handlers 
(queue_process.c:323)
==26053==by 0x122AD6: main (samba-bgqd.c:316)
==26053==  Address 0xed64d48 is 120 bytes inside a block of size 128 free'd
==26053==at 0x4C370EB: free (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26053==by 0x40B25E1: _tc_free_internal (talloc.c:1222)
==26053==by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053==by 0x40B3963: _talloc_free (talloc.c:1792)
==26053==by 0x71691F6: messaging_ctdb_destroy (messages_ctdb.c:141)
==26053==by 0x7169C21: msg_ctdb_ref_destructor (messages_ctdb_ref.c:142)
==26053==by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053==by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053==by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053==by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053==by 0x40B3963: _talloc_free (talloc.c:1792)
==26053==by 0x4157380: messaging_reinit (messages.c:646)
==26053==by 0x416C01E: reinit_after_fork (util.c:488)
==26053==by 0x13844C: cups_pcap_load_async (print_cups.c:498)
==26053==by 0x13894B: cups_cache_reload (print_cups.c:602)
==26053==by 0x1373AE: pcap_cache_reload (pcap.c:140)
==26053==by 0x1369D2: register_printing_bq_handlers 
(queue_process.c:323)
==26053==by 0x122AD6: main (samba-bgqd.c:316)
==26053==  Block was alloc'd at
==26053==at 0x4C346A4: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26053==by 0x40B1989: __talloc_with_prefix (talloc.c:783)
==26053==by 0x40B1B23: __talloc (talloc.c:825)
==26053==by 0x40B1ECC: _talloc_named_const (talloc.c:982)
==26053==by 0x40B49C3: _talloc_zero (talloc.c:2421)
==26053==by 0x7168E68: messaging_ctdb_init (messages_ctdb.c:93)
==26053==by 0x716979D: messaging_ctdb_ref (messages_ctdb_ref.c:75)
==26053==by 0x415702A: messaging_init_internal (messages.c:563)
==26053==by 0x41572FD: messaging_init (messages.c:622)
==26053==by 0x4163ED3: global_messaging_context (global_contexts.c:62)
==26053==by 0x12273B: main (samba-bgqd.c:271)
==26053==

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15293

Signed-off-by: Noel Power 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 7a880ef52dfc85ed2f674250b5baf5109f8d4691)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Jan 31 12:49:50 UTC 2023 on atb-devel-224

commit f21236ac004b42f822214277c6f8be4c6450b13f
Author: Stefan Metzmacher 
Date:   Thu Dec 16 18:24:16 2021 +0100

s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15286

Signed-of

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  65077cd390f WHATSNEW: Add note about Azure AD cloud connect sync 
support
   via  c9b7fd177d4 s4-drsuapi: Give an error that matches windows on 
destination_dsa_guid lookup failure
   via  68fcea19bd0 s4-drsuapi: Clarify role of 
drs_security_access_check_nc_root()
   via  262fef5acbf s4-rpc_server: Pre-check destination_dsa_guid in 
GetNCChanges for validity
   via  68edd5c1c7f s4-drsuapi: Use samdb_get_ntds_obj_by_guid() to find 
RODC in REPL_SECRET
   via  dc7497c3a46 s4-dsdb: Require that the NTDS object is an nTDSDSA 
objectclass
   via  29a89f07aa7 s4-dsdb: Split samdb_get_ntds_obj_by_guid() out of 
samdb_is_rodc()
   via  613d9b75499 s4-rpc_server/drsuapi: Return correct error code for an 
invalid DN to EXOP_REPL_OBJ/EXOP_REPL_OBJ
   via  64df0963f8c s4-drs: Make drs_ObjectIdentifier_to_dn() safer and 
able to cope with DummyDN values
   via  84a952b01ee s4-dsdb: rework drs_ObjectIdentifier_to_dn() into 
drs_ObjectIdentifier_to_dn_and_nc_root()
   via  1a97e897f86 s4-rpc_server/drsuapi: Use 
dsdb_normalise_dn_and_find_nc_root()
   via  feffb9ec5df s4-dsdb: Add dsdb_normalise_dn_and_find_nc_root() 
around dsdb_find_nc_root()
   via  ab282dba376 s4-dsdb: Add better debugging to 
dsdb_objects_have_same_nc()
   via  855c11c4146 s4-dsdb: Make dsdb_find_nc_root() first try and use 
DSDB_CONTROL_CURRENT_PARTITION_OID
   via  92f56081291 s4-dsdb: Schedule SD propegation only after successful 
rename
   via  f70fd3385f3 s4-selftest/drs: Confirm GetNCChanges REPL_SECRET works 
with a DummyDN and real GUID
   via  87ed6e23061 s4-selftest/drs: Confirm GetNCChanges full replication 
works with a DummyDN and real GUID
   via  a40d3697e1a s4-selftest/drs: Confirm GetNCChanges REPL_OBJ works 
with a DummyDN and real GUID
   via  7712ef7288a s4-selftest/drs Allow re-run of DRS tests after failed 
cleanup
   via  11540d828f7 s4-selftest/drs Allow some DRS tests to operate against 
an IP
   via  501728cdcfe s4-selftest/drs Add test of expected return code for 
invaid DNs in GetNCChanges
   via  d0c2305b35a s4-dsdb: Add tests of SamDB.get_nc_root()
  from  af00a0df70a s3/lib: Prevent use after free of messaging_ctdb_fde_ev 
structs

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 65077cd390f8ec5153b8b3295da1f4251c8c1b03
Author: Andrew Bartlett 
Date:   Wed Feb 1 13:08:05 2023 +1300

WHATSNEW: Add note about Azure AD cloud connect sync support

Signed-off-by: Andrew Bartlett 

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Feb  1 17:26:50 UTC 2023 on atb-devel-224

commit c9b7fd177d4ec4589712f8acf6f084f650b95a5e
Author: Andrew Bartlett 
Date:   Wed Jan 25 15:24:57 2023 +1300

s4-drsuapi: Give an error that matches windows on destination_dsa_guid 
lookup failure

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Jan 31 13:43:54 UTC 2023 on atb-devel-224

(cherry picked from commit 0f2978bbc0ed5b65d75c20472650a749643312e7)

commit 68fcea19bd03d96f3ecfbcf1cdcaa39097ee401a
Author: Andrew Bartlett 
Date:   Wed Jan 25 16:01:48 2023 +1300

s4-drsuapi: Clarify role of drs_security_access_check_nc_root()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 1838f349c94b878de1740af35351a2e8e0c8cffb)

commit 262fef5acbff53e6a4e8cc654ddf1ce7accc9e20
Author: Andrew Bartlett 
Date:   Wed Jan 25 14:18:11 2023 +1300

s4-rpc_server: Pre-check destination_dsa_guid in GetNCChanges for validity

This allows our new tests to pass as these need to be checked first.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 115a3a10440f44ba11029be5ae3a05534a7b98c0)

commit 68edd5c1c7f0e6cbd929cd592b79f89cb2c8369f
Author: Andrew Bartlett 
Date:   Wed Jan 25 15:24:01 2023 +1300

s4-drsuapi: Use samdb_get_ntds_obj_by_guid() to find RODC in REPL_SECRET

We need to find the RODC per the destination_dsa_guid to mark the secrets as
having been replicated, and by using samdb_get_ntds_obj_by_guid() we are 
stricter
in the checks, as the RODC has to be the right objectClass (nTDSDSA) and 
under
the CN=Configuration partition.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 09ec6a1db2d3b831548bf7d66475c486be29b1d1)

commit dc7497c3a4681c96fdf71e82db1b93e21214cc19
Author: Andrew Bartlett 
Date:   Wed Jan 25 15:18

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  ad669874981 VERSION: Bump version up to Samba 4.18.0rc3...
   via  71fa86a3fbb VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc2 release.
   via  0679a07af31 WHATSNEW: Add release notes for Samba 4.18.0rc2.
   via  46e0575931e tmp
  from  65077cd390f WHATSNEW: Add note about Azure AD cloud connect sync 
support

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit ad669874981b9e53c915091de6a00e90c9d3a055
Author: Jule Anger 
Date:   Wed Feb 1 18:28:58 2023 +0100

VERSION: Bump version up to Samba 4.18.0rc3...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 71fa86a3fbb12ba466c43e222313cc6f4f831e59
Author: Jule Anger 
Date:   Wed Feb 1 18:27:44 2023 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc2 release.

Signed-off-by: Jule Anger 

commit 0679a07af31bb85ca5dc8e92ddcf8cdd4be83bac
Author: Jule Anger 
Date:   Wed Feb 1 18:27:16 2023 +0100

WHATSNEW: Add release notes for Samba 4.18.0rc2.

Signed-off-by: Jule Anger 

commit 46e0575931e90e24d033bce0d91f902a32568183
Author: Jule Anger 
Date:   Wed Feb 1 18:35:25 2023 +0100

tmp

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 18 --
 2 files changed, 17 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index e7078e58136..f3808f51549 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=2
+SAMBA_VERSION_RC_RELEASE=3
 
 
 # To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 12b91486c2e..66a7a80e963 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,12 +1,12 @@
 Release Announcements
 =
 
-This is the first release candidate of Samba 4.18.  This is *not*
+This is the second release candidate of Samba 4.18.  This is *not*
 intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
 
-Samba 4.18 will be the next version of the Samba suite.
+Samba 4.18 will be the next version of the Samba suite...
 
 
 UPGRADING
@@ -125,6 +125,20 @@ smb.conf changes
   acl_xattr:security_acl_name New security.NTACL
 
 
+CHANGES SINCE 4.18.0rc1
+===
+
+o  Andrew Bartlett 
+   * BUG 10635: Office365 azure Password Sync not working.
+
+o  Stefan Metzmacher 
+   * BUG 15286: auth3_generate_session_info_pac leaks wbcAuthUserInfo.
+
+o  Noel Power 
+   * BUG 15293: With clustering enabled samba-bgqd can core dump due to use
+ after free.
+
+
 KNOWN ISSUES
 
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c98812ce65e WHATSNEW: fix typo
  from  ad669874981 VERSION: Bump version up to Samba 4.18.0rc3...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c98812ce65e4a00adfcbae6a88b83036fb9cc591
Author: Jule Anger 
Date:   Wed Feb 1 18:48:21 2023 +0100

WHATSNEW: fix typo

Signed-off-by: Jule Anger 

---

Summary of changes:
 WHATSNEW.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 66a7a80e963..ea6e21f1298 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -6,7 +6,7 @@ intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
 
-Samba 4.18 will be the next version of the Samba suite...
+Samba 4.18 will be the next version of the Samba suite.
 
 
 UPGRADING


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  550faa99fc8 ldb: version 2.7.1
   via  74f6ca2ca90 tevent: version 0.14.1
   via  2d07ab93e55 tevent: remove the already removed tevent_port.c also 
from the build
   via  d14e1c8bef5 replace: remove unused configure checks for 
port_create()
   via  9fbff9d422a replace: provide PIPE_BUF on GNU/Hurd
  from  c98812ce65e WHATSNEW: fix typo

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 550faa99fc81520ada220fe1fd972984522c14f2
Author: Stefan Metzmacher 
Date:   Wed Feb 1 20:05:13 2023 +0100

ldb: version 2.7.1

- Build fix for Solaris, after removal
  of tevent ports backend (bug #15298)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15298

Signed-off-by: Stefan Metzmacher 

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Feb  6 13:55:46 UTC 2023 on atb-devel-224

commit 74f6ca2ca907de1e83fdc0ad091947372fbf78cc
Author: Stefan Metzmacher 
Date:   Wed Feb 1 15:31:32 2023 +

tevent: version 0.14.1

- Build fix for GNU/Hurd
- Build fix for Solaris, after removal
  of ports backend (bug #15298)

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Feb  2 18:27:08 UTC 2023 on atb-devel-224

(cherry picked from commit d80f28b081e515e32a480daf80b42cf782447a9c)

commit 2d07ab93e55b9f05466dfe50790095e1c3d629e1
Author: Stefan Metzmacher 
Date:   Wed Feb 1 13:31:38 2023 +

tevent: remove the already removed tevent_port.c also from the build

This fixes a regression introduced by 
147a317b7b92e60c5940d875dbd7aef19824834e.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15298

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit ae77854a44094df6c9291271504c9733e717674f)

commit d14e1c8bef5a073a6ba92b64aa14a4060bf59809
Author: Stefan Metzmacher 
Date:   Wed Feb 1 13:33:42 2023 +

replace: remove unused configure checks for port_create()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15298

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 488aa2275847162755dcbfc75cb2549299aa2aeb)

commit 9fbff9d422a55a7987a2664a5d0ac17c75a252d5
Author: Samuel Thibault 
Date:   Sun Aug 2 18:01:05 2020 +

replace: provide PIPE_BUF on GNU/Hurd

There is no hardcoded PIPE_BUF pipe limitation on GNU/Hurd, but POSIX
provides a minimum value that we can use.

Signed-off-by: Samuel Thibault 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 15b1afc9175e045b3b28523309fb3b28a3fab484)

---

Summary of changes:
 lib/ldb/ABI/{ldb-2.6.1.sigs => ldb-2.7.1.sigs}   |  0
 lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.7.1.sigs} |  0
 lib/ldb/wscript  |  2 +-
 lib/replace/system/network.h | 12 
 lib/replace/system/select.h  |  4 
 lib/replace/wscript  |  5 -
 lib/tevent/ABI/{tevent-0.14.0.sigs => tevent-0.14.1.sigs}|  0
 lib/tevent/wscript   |  5 +
 8 files changed, 14 insertions(+), 14 deletions(-)
 copy lib/ldb/ABI/{ldb-2.6.1.sigs => ldb-2.7.1.sigs} (100%)
 copy lib/ldb/ABI/{pyldb-util-2.1.0.sigs => pyldb-util-2.7.1.sigs} (100%)
 copy lib/tevent/ABI/{tevent-0.14.0.sigs => tevent-0.14.1.sigs} (100%)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/ABI/ldb-2.6.1.sigs b/lib/ldb/ABI/ldb-2.7.1.sigs
similarity index 100%
copy from lib/ldb/ABI/ldb-2.6.1.sigs
copy to lib/ldb/ABI/ldb-2.7.1.sigs
diff --git a/lib/ldb/ABI/pyldb-util-2.1.0.sigs 
b/lib/ldb/ABI/pyldb-util-2.7.1.sigs
similarity index 100%
copy from lib/ldb/ABI/pyldb-util-2.1.0.sigs
copy to lib/ldb/ABI/pyldb-util-2.7.1.sigs
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 95aee9be6d3..03076e6 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -2,7 +2,7 @@
 
 APPNAME = 'ldb'
 # For Samba 4.18.x !
-VERSION = '2.7.0'
+VERSION = '2.7.1'
 
 import sys, os
 
diff --git a/lib/replace/system/network.h b/lib/replace/system/network.h
index a84bfd453b1..1721d65a51a 100644
--- a/lib/replace/system/network.h
+++ b/lib/replace/system/network.h
@@ -91,6 +91,8 @@
 #include 
 #endif
 
+#include 
+
 #ifndef HAVE_SOCKLEN_T
 #define HAVE_SOCKLEN_T
 typedef int socklen_t;
@@ -342,6 +344,16 @@ typedef unsigned short int sa_family_t;
 # endif
 #endif
 
+#ifndef PIPE_BUF
+# ifdef __GNU__
+  /*
+   * GNU/Hurd does not have such hardcoded limitations. But it has to support
+   * the minimum POSIX value anyway.
+   */
+#  define 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c714e369507 s3:lib: Change file_modtime() to return an error code 
and a struct timespec.
   via  9a3fb55870d selftest: Only run samba.tests.smb3unix in developer 
mode
   via  a19e32ef2cb python:tests: Avoid exceptions in cleanup code if a 
test fails in smb3unix.py
   via  f6bbd277dcb param: Use a higher time resolution for 
lp_file_list_changed()
   via  0853cda5d92 lib:param: Remove trailing whitespaces from loadparm.c
   via  aa4c0c5ffa4 lib:util: Print data in ISO 8601 format
   via  897a183c7b2 lib:util: Remove trailing whitespaces from time.c
   via  8816c1b6e31 mdssvc: fix kMDScopeArray parsing
   via  3a5190b80b8 selftest: Update devel_env.sh for 
SAMBA_DCERPCD_DONT_LOG_STDOUT=1
   via  fd2cb3197ba s3:tests: Add support for SMBD_DONT_LOG_STDOUT=1 in 
test_chdir_cache.sh
  from  550faa99fc8 ldb: version 2.7.1

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c714e36950723199fc2559959796b90de8a63ba1
Author: Jeremy Allison 
Date:   Thu Jan 26 09:39:10 2023 -0800

s3:lib: Change file_modtime() to return an error code and a struct timespec.

Removes need for external stat() code when checking for timechange.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Jeremy Allison 
Reviewed-by: Andreas Schneider 
(cherry picked from commit 7e0eb0f31a24ef6d1742363d70090875d1037dc2)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Feb 10 11:46:16 UTC 2023 on atb-devel-224

commit 9a3fb55870da1e25e46a1b36425027240b438b2c
Author: Andreas Schneider 
Date:   Wed Jan 25 10:46:03 2023 +0100

selftest: Only run samba.tests.smb3unix in developer mode

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 56c6f0b6d64d29a34659c9af2e4f6ee397b3e0ca)

commit a19e32ef2cbf93657b4a84d0f238d68647bfe3ac
Author: Andreas Schneider 
Date:   Tue Jan 24 09:18:46 2023 +0100

python:tests: Avoid exceptions in cleanup code if a test fails in 
smb3unix.py

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit e6f0e4d53285177f7a60559394efeb5a78b6bd53)

commit f6bbd277dcb05b1d4a92aa7ee2dd5b2a0ed2ecc8
Author: Andreas Schneider 
Date:   Tue Jan 24 21:44:34 2023 +0100

param: Use a higher time resolution for lp_file_list_changed()

It is possible that in our test environment one of the config 'include' 
files
change more than once per second. To avoid missing a file update we use a
higher time resolution than seconds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit ac0e844ea87be7974ba6ff81745b3b0cfeecaa57)

commit 0853cda5d927fd44edf12e8db3ccb97a17648fa8
Author: Andreas Schneider 
Date:   Tue Jan 24 21:43:09 2023 +0100

lib:param: Remove trailing whitespaces from loadparm.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 9440cb7322d35097d63455c3fe801e62cb29396c)

commit aa4c0c5ffa4b6d3f5cd5c5ba89a11cf0c2265703
Author: Andreas Schneider 
Date:   Tue Jan 24 22:31:17 2023 +0100

lib:util: Print data in ISO 8601 format

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit fcf05b1d233aa90f6043730c17e94886b0a50be8)

commit 897a183c7b279eef7d13087f81894a2707e5bd2e
Author: Andreas Schneider 
Date:   Tue Jan 24 22:31:00 2023 +0100

lib:util: Remove trailing whitespaces from time.c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15301

Signed-off-by: Andreas Schneider 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 55a49527d61bc8ddae88178936b4e8fbba6a163c)

commit 8816c1b6e315f499afa66610a999ca82b38cb28d
Author: Ralph Boehme 
Date:   Wed Jan 18 16:21:16 2023 +0100

mdssvc: fix kMDScopeArray parsing

In macOS Ventura marshalling of kMDScopeArray in the "openQueryWithParams"
request has changed from

  string: kMDScopeArray
  sl_array_t(#1): {
string: /foo/bar
  }

to:

  string: kMDScopeArray
  sl_array_t(#1): {
sl_array_t(#1): {
  string: /foo/bar
}
  }

With this patch we check both encodings. Bug fixed according to user 
feedback.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15299
RN: Spotlight doesn't work with latest macOS Ventura

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commi

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  82d7b2a142e vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and 
close vfs calls
  from  c714e369507 s3:lib: Change file_modtime() to return an error code 
and a struct timespec.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 82d7b2a142e4ab64a573f268457e8bbff697e6fd
Author: John Mulligan 
Date:   Fri Feb 3 13:09:18 2023 -0500

vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and close vfs calls

Replace fsp_get_io_fd with fsp_get_pathref_fd as these calls do use
pathref fsps. fsp_get_io_fd asserts that the fsp is not pathref and
asserts (on a debug build) or returns -1 (non debug build).

Prior to these changes running ls on the root of the share failed.
Logging from the failure case:
```
openat_pathref_fsp: smb_fname [.]
openat_pathref_fullname: smb_fname [.]
fsp_new: allocated files structure (1 used)
file_name_hash: //. hash 0x3dfcc1c2
check_reduced_name: check_reduced_name [.] [/]
cephwrap_realpath: [CEPH] realpath(0x55604da9a030, .) = //.
check_reduced_name realpath [.] -> [//.]
check_reduced_name: . reduced to //.
cephwrap_openat: [CEPH] openat(0x55604da9a030, ., 0x55604da81f00, 133120, 0)
cephwrap_openat: [CEPH] open(...) = 10
cephwrap_fstat: fsp_get_io_fd: fsp [.] is a path referencing fsp
[CEPH] fstat(0x55604da9a030, -1)
fsp_get_io_fd: fsp [.] is a path referencing fsp
cephwrap_fstat: [CEPH] fstat(...) = -9
fd_openat: name ., flags = 04000 mode = 00, fd = 10.  
NT_STATUS_INVALID_HANDLE
openat_pathref_fullname: Opening pathref for [.] failed: 
NT_STATUS_INVALID_HANDLE
```

This change also seems to match the recommendations in the `When to use
fsp_get_io_fd() or fsp_get_pathref_fd()` section of The_New_VFS.txt
document.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15307

Signed-off-by: John Mulligan 
Reviewed-by: Jeremy Allison 
Reviewed-by: Gunther Deschner 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Mon Feb 13 20:04:38 UTC 2023 on atb-devel-224

(cherry picked from commit 54a8da864071e28eb6297b872dcb57fb9b171f33)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Feb 15 14:22:52 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/modules/vfs_ceph.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c
index b8190fa25e4..c5ee9d5967c 100644
--- a/source3/modules/vfs_ceph.c
+++ b/source3/modules/vfs_ceph.c
@@ -464,7 +464,7 @@ static int cephwrap_close(struct vfs_handle_struct *handle, 
files_struct *fsp)
int result;
 
DBG_DEBUG("[CEPH] close(%p, %p)\n", handle, fsp);
-   result = ceph_close(handle->data, fsp_get_io_fd(fsp));
+   result = ceph_close(handle->data, fsp_get_pathref_fd(fsp));
DBG_DEBUG("[CEPH] close(...) = %d\n", result);
 
WRAP_RETURN(result);
@@ -788,9 +788,10 @@ static int cephwrap_fstat(struct vfs_handle_struct 
*handle, files_struct *fsp, S
 {
int result = -1;
struct ceph_statx stx;
+   int fd = fsp_get_pathref_fd(fsp);
 
-   DBG_DEBUG("[CEPH] fstat(%p, %d)\n", handle, fsp_get_io_fd(fsp));
-   result = ceph_fstatx(handle->data, fsp_get_io_fd(fsp), &stx,
+   DBG_DEBUG("[CEPH] fstat(%p, %d)\n", handle, fd);
+   result = ceph_fstatx(handle->data, fd, &stx,
SAMBA_STATX_ATTR_MASK, 0);
DBG_DEBUG("[CEPH] fstat(...) = %d\n", result);
if (result < 0) {


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  b2d0a834149 VERSION: Bump version up to Samba 4.18.0rc4...
   via  4c48a250c04 VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc3 release.
   via  4480a638407 WHATSNEW: Add release notes for Samba 4.18.0rc3.
  from  82d7b2a142e vfs_ceph: use fsp_get_pathref_fd in ceph fstatat and 
close vfs calls

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit b2d0a83414903bccb2d20514818ef12668b0bad6
Author: Jule Anger 
Date:   Wed Feb 15 16:12:13 2023 +0100

VERSION: Bump version up to Samba 4.18.0rc4...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 4c48a250c04b3f0be3d88550fbd68fdbf7a8c65b
Author: Jule Anger 
Date:   Wed Feb 15 16:11:34 2023 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc3 release.

Signed-off-by: Jule Anger 

commit 4480a63840766a406b945c79ba40ac70974b3125
Author: Jule Anger 
Date:   Wed Feb 15 16:10:54 2023 +0100

WHATSNEW: Add release notes for Samba 4.18.0rc3.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 24 +++-
 2 files changed, 24 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index f3808f51549..fba1465b13e 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=3
+SAMBA_VERSION_RC_RELEASE=4
 
 
 # To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index ea6e21f1298..a035daeef79 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
 Release Announcements
 =
 
-This is the second release candidate of Samba 4.18.  This is *not*
+This is the third release candidate of Samba 4.18.  This is *not*
 intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
@@ -125,6 +125,28 @@ smb.conf changes
   acl_xattr:security_acl_name New security.NTACL
 
 
+CHANGES SINCE 4.18.0rc2
+===
+
+o  Jeremy Allison 
+   * BUG 15301: Improve file_modtime() and issues around smb3 unix test.
+
+o  Ralph Boehme 
+   * BUG 15299: Spotlight doesn't work with latest macOS Ventura.
+
+o  Stefan Metzmacher 
+   * BUG 15298: Build failure on solaris with tevent 0.14.0 (and ldb 2.7.0).
+ (tevent 0.14.1 and ldb 2.7.1 are already released...)
+
+o  John Mulligan 
+   * BUG 15307: vfs_ceph incorrectly uses fsp_get_io_fd() instead of
+ fsp_get_pathref_fd() in close and fstat.
+
+o  Andreas Schneider 
+   * BUG 15291: test_chdir_cache.sh doesn't work with SMBD_DONT_LOG_STDOUT=1.
+   * BUG 15301: Improve file_modtime() and issues around smb3 unix test.
+
+
 CHANGES SINCE 4.18.0rc1
 ===
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  b8299405352 lib:util: File descriptor being closed repeatedly.
   via  6191dbda193 python:tests: Make sure we delete the OU for movetest
   via  b925ac8094f python:tests: Add missing result checks for 
samba_tool.gpo tests
   via  b7b61025b65 python:tests: Tell dns.resolver to not read 
/etc/resolv.conf
   via  8739c9c72dd python:tests: Fix domain_backup test with Python 3.11
   via  9e8cc236bd3 python:tests: Make sure we do not run into issues with 
already existing users
   via  bebf313dcb0 python:tests: Use a random machine name for 
computer_edit.sh test
   via  5ce320a06e0 python:tests: Correctly escape $ in computer_edit.sh
   via  889839858fe python:tests: Use a random username for contact_edit.sh 
test
   via  074e0c2783a python:tests: Correctly escape $ in contact_edit.sh
   via  359095e8ddd python:tests: Use a random username for user_edit.sh 
tests
   via  d45706e2653 python:tests: Correctly escape $ in user_edit.sh
   via  820970ab5ec testprogs: Use random user names for kpasswd tests
   via  f15a1413571 testprogs: Use random usernames for export keytab tests
   via  67639f6d9ad testprogs: Use random usernames for kinit tests
  from  b2d0a834149 VERSION: Bump version up to Samba 4.18.0rc4...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit b829940535215f0608bc927829544cfa8a80e934
Author: baixiangcpp 
Date:   Fri Feb 10 11:01:47 2023 +0800

lib:util: File descriptor being closed repeatedly.

In file_load()/file_lines_load(), the file's fd is obtained using
open(), and in fd_load() the fd is converted to a FILE* using
fdopen(). However, after fclose(), the fd is closed again using
close().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15311
Signed-off-by: baixiangcpp baixiang...@gmail.com
Reviewed-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Thu Feb 16 12:13:05 UTC 2023 on atb-devel-224

(cherry picked from commit 206dcf7d426e9e85c896c54839008e194d9a2824)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Feb 24 09:50:59 UTC 2023 on atb-devel-224

commit 6191dbda1932d8eab59a593ce5ef979143ce3a46
Author: Andreas Schneider 
Date:   Wed Feb 8 15:44:43 2023 +0100

python:tests: Make sure we delete the OU for movetest

UNEXPECTED(failure): 
samba.tests.samba_tool.group.samba.tests.samba_tool.group.GroupCmdTestCase.test_move(ad_dc_default:local)
REASON: Exception: Exception: Traceback (most recent call last):
  File "python/samba/tests/samba_tool/group.py", line 341, in test_move
self.assertCmdSuccess(result, out, err)
  File "python/samba/tests/samba_tool/base.py", line 97, in assertCmdSuccess
self.assertIsNone(exit, msg=msg.replace("\n]\n", "\n] \n"))
AssertionError: -1 is not None : exit[-1] stdout[] stderr[ERROR(ldb): 
Failed to
  add ou "OU=movetest,DC=addom,DC=samba,DC=example,DC=com" - Entry
  OU=movetest,DC=addom,DC=samba,DC=example,DC=com already exists

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15308

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit a4307072d6ea5ddef5b37aa361e9e9f16f7254e7)

commit b925ac8094fb62a6247d066bc17b374d24abcd5b
Author: Andreas Schneider 
Date:   Thu Feb 9 18:32:59 2023 +0100

python:tests: Add missing result checks for samba_tool.gpo tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15308

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 69442ae1072eb6dc4c9903122d613c1756ca57c7)

commit b7b61025b65164327f5d375de38e92f0b6ddc4cf
Author: Andreas Schneider 
Date:   Wed Feb 8 12:21:10 2023 +0100

python:tests: Tell dns.resolver to not read /etc/resolv.conf

We explicitly set the nameserver in the next line. Also the file
/etc/resolv.conf might not exist on the system (e.g in Fedora mockbuild).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15308

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit c4dba61e3691a1fd15eb63ee69224457102bf961)

commit 8739c9c72ddb346642e4adf98b1fb8f4440cf288
Author: Andreas Schneider 
Date:   Wed Feb 8 11:16:12 2023 +0100

python:tests: Fix domain_backup test with Python 3.11

Traceback (most recent call last):
  File "bin/python/samba/tests/domain_backup.py", line 615, in 
test_backup_restore_with_conf
self._test_backup_restore_with_conf()
  File "bin/python/samba/tests/domain_backup.py", line 244, in 
_test_backup_restore_with_conf
self.restore_backup(backup_file,

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  bca78e31c69 WHATSNEW: SMB Server performance improvements
  from  b8299405352 lib:util: File descriptor being closed repeatedly.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit bca78e31c696ffae0f71d88300c6a7b675c76498
Author: Stefan Metzmacher 
Date:   Fri Feb 24 15:39:35 2023 +0100

WHATSNEW: SMB Server performance improvements

Signed-off-by: Stefan Metzmacher 

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Mar  1 10:16:41 UTC 2023 on atb-devel-224

---

Summary of changes:
 WHATSNEW.txt | 13 +
 1 file changed, 13 insertions(+)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a035daeef79..94bb80c74e5 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -16,6 +16,19 @@ UPGRADING
 NEW FEATURES/CHANGES
 
 
+SMB Server performance improvements
+---
+
+The security improvements in recent releases
+(4.13, 4.14, 4.15, 4.16), mainly as protection against symlink races,
+caused performance regressions for metadata heavy workloads.
+
+While 4.17 already improved the situation quite a lot,
+with 4.18 the locking overhead for contended path based operations
+is reduced by an additional factor of ~ 3 compared to 4.17.
+It means the throughput of open/close
+operations reached the level of 4.12 again.
+
 More succinct samba-tool error messages
 ---
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  18e45f2d89f VERSION: Bump version up to Samba 4.18.0rc5...
   via  746b83bbd89 VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc4 release.
   via  5be2d9c542e WHATSNEW: Add release notes for Samba 4.18.0rc4.
   via  24a1a469a91 WHATSNEW: add server addresses option
  from  bca78e31c69 WHATSNEW: SMB Server performance improvements

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 18e45f2d89fc68be4046e1365c3ddf1a80b5510d
Author: Jule Anger 
Date:   Wed Mar 1 13:41:04 2023 +0100

VERSION: Bump version up to Samba 4.18.0rc5...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 746b83bbd89cc2ca06d791f6163d55ae9766bfb5
Author: Jule Anger 
Date:   Wed Mar 1 13:40:38 2023 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc4 release.

Signed-off-by: Jule Anger 

commit 5be2d9c542e194b4110ff24fd4493dc924879c37
Author: Jule Anger 
Date:   Wed Mar 1 13:40:09 2023 +0100

WHATSNEW: Add release notes for Samba 4.18.0rc4.

Signed-off-by: Jule Anger 

commit 24a1a469a913f83e56b15eabecd10dd8f45a678e
Author: Jule Anger 
Date:   Wed Mar 1 13:36:46 2023 +0100

WHATSNEW: add server addresses option

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 14 +-
 2 files changed, 14 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index fba1465b13e..c0318663c0c 100644
--- a/VERSION
+++ b/VERSION
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=4
+SAMBA_VERSION_RC_RELEASE=5
 
 
 # To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 94bb80c74e5..cb386f28fde 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,7 +1,7 @@
 Release Announcements
 =
 
-This is the third release candidate of Samba 4.18.  This is *not*
+This is the fourth release candidate of Samba 4.18.  This is *not*
 intended for production environments and is designed for testing
 purposes only.  Please report any defects via the Samba bug reporting
 system at https://bugzilla.samba.org/.
@@ -136,6 +136,18 @@ smb.conf changes
   Parameter Name  Description Default
   --  --- ---
   acl_xattr:security_acl_name New security.NTACL
+  server addressesNew
+
+
+CHANGES SINCE 4.18.0rc3
+===
+
+o  Andreas Schneider 
+   * BUG 15308: Avoid that tests fail because other tests didn't do cleanup on
+ failure.
+
+o  baixiangcpp 
+   * BUG 15311: fd_load() function implicitly closes the fd where it should 
not.
 
 
 CHANGES SINCE 4.18.0rc2


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  800f4f9cc9d s3: smbd: Fix fsp/fd leak when looking up a 
non-existent stream name on a file.
   via  3fb8f2c579c s3: tests: Add new test_stream_dir_rename.sh test.
   via  f2c9d59e5a3 s3: provision: Add new streams_xattr_nostrict share - 
needs "strict rename = no".
   via  2030aa02ce0 rpcd: With npa->need_idle_server we can have more than 
256 servers
   via  501ae551da9 rpcd: Do blocking connects to local pipes
   via  06483b02e9d rpcd: Increase listening queue
   via  04e0412a659 torture3: test rpc scalability
   via  73f99903244 librpc: Remove unused sync rpc_transport_np_init()
   via  d6ce38a197d librpc: Make rpc_pipe_open_np() public and async
  from  18e45f2d89f VERSION: Bump version up to Samba 4.18.0rc5...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 800f4f9cc9dba727cdca44b3f799cfa83f5f0854
Author: Jeremy Allison 
Date:   Tue Feb 28 11:20:12 2023 -0800

s3: smbd: Fix fsp/fd leak when looking up a non-existent stream name on a 
file.

When open_stream_pathref_fsp() returns
NT_STATUS_OBJECT_NAME_NOT_FOUND, smb_fname_rel->fsp
has been set to NULL, so we must free base_fsp separately
to prevent fd-leaks when opening a stream that doesn't
exist.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Fri Mar  3 16:37:27 UTC 2023 on atb-devel-224

(cherry picked from commit 3f84a6df4546e0f1e62dfbcd0b823ea29499a787)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Mar  8 11:16:54 UTC 2023 on atb-devel-224

commit 3fb8f2c579cf13fd7d0367ace97d8d2ff5d2c5ac
Author: Jeremy Allison 
Date:   Tue Feb 28 11:18:10 2023 -0800

s3: tests: Add new test_stream_dir_rename.sh test.

Shows we are leaking an fsp/fd if we request a non-existent stream on a 
file.
This then causes rename of a directory containing the file to be denied, as
it thinks we have an existing open file below it.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit c54bec26ad23b0121b2ddfbf04bc81050f27e6e1)

commit f2c9d59e5a3c66156a20d297c8660ab2609bedb5
Author: Jeremy Allison 
Date:   Tue Feb 28 11:14:34 2023 -0800

s3: provision: Add new streams_xattr_nostrict share - needs "strict rename 
= no".

The bug we're testing for needs "strict rename = no" (the default),
but the existing streams_xattr share uses "strict rename = yes" from
the [global] section.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15314

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 5a3db5105bd8360b245cd35810002740ccff605c)

commit 2030aa02ce0be576ca2180adf7cd30efce329825
Author: Volker Lendecke 
Date:   Mon Feb 20 18:46:50 2023 +0100

rpcd: With npa->need_idle_server we can have more than 256 servers

Before this patch the worker-status cut the worker index such that
samba-dcerpcd could not properly update status of the surplus rpc
daemons. This could lead to those daemons to stay around forever,
samba-dcerpcd will never notice they are idle and can exit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Mon Mar  6 22:35:00 UTC 2023 on atb-devel-224

(cherry picked from commit a1780ed8d1b46e4760319b27a4978e7ce7a1df80)

commit 501ae551da9c49047a2f67e9fec8732aa32309b1
Author: Volker Lendecke 
Date:   Wed Mar 1 14:42:00 2023 +0100

rpcd: Do blocking connects to local pipes

We don't have real async callers yet, and this is the simplest way to
fix our missing light-weight deterministic async fallback mechanism.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 0ab7b84ccbd383bb2f696ce258438d4af57fe6f0)

commit 06483b02e9db952a17b0590a3ec8d0fe2d132b3e
Author: Volker Lendecke 
Date:   Wed Mar 1 14:40:37 2023 +0100

rpcd: Increase listening queue

Allow more waiters under load.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15310

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit f23eb1b3b728d7a13add8c6614d9992aad2c3653)

commit 04e0412a659b2542bc9c6d4a22bc443d8445b0ef
Author: Volker Lendecke 
Date:   Mon Mar 6 10:05:41 2023 +0100

torture3: test rpc scalability

With

smbtorture3 //127.0.0.1/ipc\$ rpc-s

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  6bd15c87430 VERSION: Bump version up to Samba 4.18.1...
   via  a597a8767fa VERSION: Disable GIT_SNAPSHOT for the 4.18.0 release.
   via  c82ecf68b0b WHATSNEW: Add release notes for Samba 4.18.0.
  from  800f4f9cc9d s3: smbd: Fix fsp/fd leak when looking up a 
non-existent stream name on a file.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 6bd15c87430efc103742d87917dcb14226f24169
Author: Jule Anger 
Date:   Wed Mar 8 13:22:33 2023 +0100

VERSION: Bump version up to Samba 4.18.1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit a597a8767fabfe85ee0bcf869407e770a0c3e184
Author: Jule Anger 
Date:   Wed Mar 8 13:21:53 2023 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.0 release.

Signed-off-by: Jule Anger 

commit c82ecf68b0b07893d5386ed0ff1579027da75c6f
Author: Jule Anger 
Date:   Wed Mar 8 13:20:42 2023 +0100

WHATSNEW: Add release notes for Samba 4.18.0.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  4 ++--
 WHATSNEW.txt | 29 -
 2 files changed, 18 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index c0318663c0c..8ff795fe865 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=0
+SAMBA_VERSION_RELEASE=1
 
 
 # If a official release has a serious bug  #
@@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE=
 # e.g. SAMBA_VERSION_RC_RELEASE=1  #
 #  ->  "3.0.0rc1"  #
 
-SAMBA_VERSION_RC_RELEASE=5
+SAMBA_VERSION_RC_RELEASE=
 
 
 # To mark SVN snapshots this should be set to 'yes'#
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cb386f28fde..edd3c8828b0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,17 +1,10 @@
-Release Announcements
-=
-
-This is the fourth release candidate of Samba 4.18.  This is *not*
-intended for production environments and is designed for testing
-purposes only.  Please report any defects via the Samba bug reporting
-system at https://bugzilla.samba.org/.
-
-Samba 4.18 will be the next version of the Samba suite.
-
-
-UPGRADING
-=
+   ==
+   Release Notes for Samba 4.18.0
+   March 08, 2023
+   ==
 
+This is the first stable release of the Samba 4.18 release series.
+Please read the release notes carefully before upgrading.
 
 NEW FEATURES/CHANGES
 
@@ -139,6 +132,16 @@ smb.conf changes
   server addressesNew
 
 
+CHANGES SINCE 4.18.0rc4
+===
+
+o  Jeremy Allison 
+   * BUG 15314: streams_xattr is creating unexpected locks on folders.
+
+o  Volker Lendecke 
+   * BUG 15310: New samba-dcerpc architecture does not scale gracefully.
+
+
 CHANGES SINCE 4.18.0rc3
 ===
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  5db0223764d VERSION: Bump version up to Samba 4.18.2...
   via  4b145ce26b6 VERSION: Disable GIT_SNAPSHOT for the 4.18.1 release.
   via  17b49ffd146 WHATSNEW: Add release notes for Samba 4.18.1.
   via  bb5aecbd102 CVE-2023-0922 set default ldap client sasl wrapping to 
seal
   via  003f6c16112 CVE-2023-0225 s4-acl: Don't return early if dNSHostName 
element has no values
   via  016687b3aae CVE-2023-0225 pytest/acl: test deleting dNSHostName as 
unprivileged user
   via  12617e0ec48 CVE-2023-0614 ldb: Release LDB 2.7.2
   via  0776ce5caed CVE-2023-0614 lib/ldb-samba Ensure ACLs are evaluated 
on SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN
   via  d564a5c8166 CVE-2023-0614 lib/ldb-samba: Add test for 
SAMBA_LDAP_MATCH_RULE_TRANSITIVE_EVAL / LDAP_MATCHING_RULE_IN_CHAIN with and 
ACL hidden attributes
   via  afad0829b16 CVE-2023-0614 dsdb: Add pre-cleanup and 
self.addCleanup() of OU created in match_rules tests
   via  7e69ecbdc3a CVE-2023-0614 dsdb: Add DSDB_MARK_REQ_UNTRUSTED
   via  ad4c2204112 CVE-2023-0614 s4-dsdb: Treat confidential attributes as 
unindexed
   via  7f37b4ce6b5 CVE-2023-0614 ldb: Filter on search base before 
redacting message
   via  358894675d1 CVE-2023-0614 ldb: Centralise checking for inaccessible 
matches
   via  b0168c2ed0c CVE-2023-0614 ldb: Use binary search to check whether 
attribute is secret
   via  e7065304bd0 CVE-2023-0614 s4-acl: Avoid calling 
dsdb_module_am_system() if we can help it
   via  e54fc56e238 CVE-2023-0614 ldb: Prevent disclosure of confidential 
attributes
   via  c1cb8021392 CVE-2023-0614 s4-acl: Split out function to set up 
access checking variables
   via  9c9a03d020a CVE-2023-0614 s4-dsdb: Add samdb_result_dom_sid_buf()
   via  db65f5f7628 CVE-2023-0614 s4-acl: Split out logic to remove access 
checking attributes
   via  2603728b14d CVE-2023-0614 ldb: Add ldb_parse_tree_get_attr()
   via  c23689e97a4 CVE-2023-0614 tests/krb5: Add test for confidential 
attributes timing differences
   via  f20992d7fc9 CVE-2023-0614 schema_samba4.ldif: Allocate previously 
added OID
   via  5c4086d51f5 CVE-2023-0614 s4:dsdb:tests: Fix  search in 
confidential attributes test
   via  5f6e01c029d CVE-2023-0614 s4:dsdb/extended_dn_in: Don't modify a 
search tree we don't own
   via  7689a2caeb4 CVE-2023-0614 ldb: Make use of 
ldb_filter_attrs_in_place()
   via  4b956377c66 CVE-2023-0614 ldb: Make ldb_filter_attrs_in_place() 
work in place
   via  feb7ef495c8 CVE-2023-0614 ldb: Add function to filter message in 
place
   via  d2244ec1d3e CVE-2023-0614 ldb: Add function to add 
distinguishedName to message
   via  15723d6ff5e CVE-2023-0614 ldb: Add function to remove excess 
capacity from an ldb message
   via  78a7b155cc2 CVE-2023-0614 ldb: Add function to take ownership of an 
ldb message
   via  ba135dceead CVE-2023-0614 ldb:tests: Ensure all tests are accounted 
for
   via  04de06f18fe CVE-2023-0614 ldb:tests: Ensure ldb_val data is 
zero-terminated
   via  9222e613f66 CVE-2023-0614 s4-acl: Use ldb functions for handling 
inaccessible message elements
   via  5a33688dda2 CVE-2023-0614 ldb: Add functions for handling 
inaccessible message elements
   via  ce9b66c6642 CVE-2023-0614 s4-acl: Make some parameters const
   via  1b1f6dd4887 CVE-2023-0614 s4:dsdb: Use talloc_get_type_abort() more 
consistently
   via  88b5d9215c6 CVE-2023-0614 libcli/security: Make some parameters 
const
   via  90b5fddb826 CVE-2023-0614 dsdb: Alter timeout test in large_ldap.py 
to be slower by matching on large objects
   via  64da379aa95 CVE-2023-0614 selftest: Use setUpClass() to reduce 
"make test TESTS=large_ldap" time
   via  680b865f183 CVE-2023-0614 lib/ldb: Avoid allocation and memcpy() 
for every wildcard match candidate
  from  6bd15c87430 VERSION: Bump version up to Samba 4.18.1...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 5db0223764d392e17df40a6519ea8516e94a94ad
Author: Jule Anger 
Date:   Wed Mar 29 16:36:47 2023 +0200

VERSION: Bump version up to Samba 4.18.2...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION|2 +-
 WHATSNEW.txt   |   71 +-
 .../smbdotconf/ldap/clientldapsaslwrapping.xml |   27 +-
 lib/ldb-samba/ldb_matching_rules.c |   17 +-
 lib/ldb-samba/tests/match_rules.py |  135 +--
 lib/ldb-samba/tests/match_rules_remote.py  |  104 ++
 lib/ldb/ABI/{ldb-2.6.1.sigs => ldb-2.7.2.sigs} |   10 +
 ...pyldb-util-2.1.0.sigs => pyldb-util-2.7.2.sigs} |0
 lib/ldb/common/ldb_match.c

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  4022ee96aef python:netcmd: Decode return value of find_netbios() 
from bytes into string
   via  50f68094f68 dsdb: Avoid ERROR(ldb): uncaught exception - Deleted 
target CN=NTDS Settings... in join
   via  e804b5b7808 selftest/drs: Demonstrate ERROR(ldb): uncaught 
exception - Deleted target CN=NTDS Settings... in join
   via  1a119c757df tsocket: Increase tcp_user_timeout max_loops
   via  f968514c4d4 idmap_hash: remember new domain sids in 
idmap_hash_sid_to_id()
   via  750865aca3a idmap_hash: don't return ID_REQUIRE_TYPE if the domain 
is known in the netsamlogon cache
   via  eb4129d3cc7 idmap_hash: only return ID_REQUIRE_TYPE if we don't 
know about the domain yet
   via  e79be5ed069 idmap_hash: return ID_REQUIRE_TYPE only if there's a 
chance to get a mapping later
   via  da963496278 idmap_hash: split out a idmap_hash_sid_to_id() helper 
function
   via  31cedf58e69 idmap_hash: split out a idmap_hash_id_to_sid() helper 
function
   via  54e872cdf05 idmap_hash: mirror the 
NT_STATUS_NONE_MAPPED/STATUS_SOME_UNMAPPED logic from idmap_autorid
   via  678c66f1327 idmap_hash: we don't need to call 
idmap_hash_initialize() over an over again
   via  bbd1f56b78c idmap_hash: remove unused error checks
   via  00909630b0d idmap_hash: fix comments about the algorithm
   via  e804feaf76d idmap_hash: provide ID_TYPE_BOTH mappings also for 
unixids_to_sids
   via  fd7e0aaa196 idmap_autorid: fix ID_REQUIRE_TYPE for more than one 
SID for an unknown domain
   via  5c68985b278 winbindd: don't call set_domain_online_request() in the 
idmap child
  from  5db0223764d VERSION: Bump version up to Samba 4.18.2...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 4022ee96aef8184f7d1a4686e06113cda7e29ac3
Author: Andreas Schneider 
Date:   Fri Mar 10 09:08:48 2023 +0100

python:netcmd: Decode return value of find_netbios() from bytes into string

ERROR(): uncaught exception - replace() argument 1 must 
be
str, not bytes
  File "bin/python/samba/netcmd/__init__.py", line 230, in _run
return self.run(*args, **kwargs)
   ^
  File "bin/python/samba/netcmd/ldapcmp.py", line 966, in run
if b1.diff(b2):
   ^^^
  File "bin/python/samba/netcmd/ldapcmp.py", line 790, in diff
if object1 == object2:
   ^^
  File "bin/python/samba/netcmd/ldapcmp.py", line 557, in __eq__
return self.cmp_attrs(other)
   ^
  File "bin/python/samba/netcmd/ldapcmp.py", line 656, in cmp_attrs
p = [self.fix_domain_netbios(j) for j in m]
^^^
  File "bin/python/samba/netcmd/ldapcmp.py", line 656, in 
p = [self.fix_domain_netbios(j) for j in m]
 ^^
  File "bin/python/samba/netcmd/ldapcmp.py", line 542, in fix_domain_netbios
res = res.replace(self.con.domain_netbios.lower(), 
self.con.domain_netbios.upper())
  
^

BUGS: https://bugzilla.samba.org/show_bug.cgi?id=15330

Signed-off-by: Andreas Schneider 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 4fa0242b9d34decd8dbd813be40655a593df3db9)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Apr  5 11:41:32 UTC 2023 on atb-devel-224

commit 50f68094f68078072510d9193e72eef56c70c6d5
Author: Andrew Bartlett 
Date:   Thu Mar 9 20:25:06 2023 +1300

dsdb: Avoid ERROR(ldb): uncaught exception - Deleted target CN=NTDS 
Settings... in join

"samba-tool domain join" uses the replication API in a strange way, perhaps 
no longer
required, except that we often still have folks upgrading from very old 
Samba versions.

When deferring the writing out to the DB of link replication to the very 
end, there
is a greater opportunity for the deletion of an object to have been sent 
with the
other objects, and have the link applied later.

This tells the repl_meta_data code to behave as if GET_TGT had been sent at 
the
time the link was returned, allowing a link to a deleted object to be 
silently
discarded.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15329

Signed-off-by: Andrew Bartlett 
Reviewed-by: Joseph Sutton 
(cherry picked from commit bfc33b47bb428233e100f75e7a725ac52179f823)

commit e804b5b7808f5fafaf61c19476cee98c475fab8a
Author: Andrew Bartlett 
Date:   Thu Mar 9 17:02:35 2023 +1300

selftest/drs: Demonstrate ERROR(ldb): uncaught exception - Deleted target 
CN=NTDS Settings... in join

"samba-tool domain join" uses the replication API in a strange way, perhaps 
no longer
required, except 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  7e6dc45f7e6 selftest: fix flapping samba-tool drs showrepl test
   via  5382bf6344c selftest: make two samba-tool drs tests generic
   via  e9f5d1c03bc python: Replace calls to deprecated methods
   via  e59e9eadd0e s3: libcli: Refuse to connect to any server with zero 
values for max_trans_size, max_read_size, max_write_size.
   via  05fcd4f3035 tests: Add samba3.blackbox.zero_readsize test.
  from  4022ee96aef python:netcmd: Decode return value of find_netbios() 
from bytes into string

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 7e6dc45f7e61dfad2d56ff58f31664cefb96281c
Author: Rob van der Linde 
Date:   Thu Feb 23 16:56:30 2023 +1300

selftest: fix flapping samba-tool drs showrepl test

Test should have been using "schema_pair_dc", it was picking this up from 
the variable env in the loop above it.

However, it was hardcoded to use promoted_dc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15316

Signed-off-by: Rob van der Linde 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Joseph Sutton 
(cherry picked from commit 3687ab318a9553883d8c0d1214e2d49b83ec91ba)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Apr  5 13:02:59 UTC 2023 on atb-devel-224

commit 5382bf6344cc417144136957cc5e04f6f0aa1fcd
Author: Rob van der Linde 
Date:   Thu Feb 23 16:56:07 2023 +1300

selftest: make two samba-tool drs tests generic

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15316

Signed-off-by: Rob van der Linde 
Reviewed-by: Andrew Bartlett 
Reviewed-by: Joseph Sutton 
(cherry picked from commit 1368e359b2a75b6b683aff274b2b2084f3cd469b)

commit e9f5d1c03bcb800fc6e01a11c49cf5c193d6a00c
Author: Joseph Sutton 
Date:   Thu Jan 19 08:37:03 2023 +1300

python: Replace calls to deprecated methods

These aliases are deprecated and have been removed in Python 3.12.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15343
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15316

Signed-off-by: Joseph Sutton 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 41aa379abb391ffab77238d65ee5ba11b9ab8538)

[abart...@samba.org BUG tag added as required patch for bug 15316]

commit e59e9eadd0e86126c56107be08c2f5b25c6bc484
Author: Jeremy Allison 
Date:   Tue Mar 21 10:34:46 2023 -0700

s3: libcli: Refuse to connect to any server with zero values for 
max_trans_size, max_read_size, max_write_size.

There's nothing we can do to such a server (this
now matches the behavior for SMB1).

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15306

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Wed Mar 29 18:58:33 UTC 2023 on atb-devel-224

(cherry picked from commit 76573d6d8f168d6e6107af26a434b8c71aaf93af)

commit 05fcd4f3035442df1e7fc2db0c4d4e74f6f36050
Author: Jeremy Allison 
Date:   Tue Mar 21 10:31:36 2023 -0700

tests: Add samba3.blackbox.zero_readsize test.

smbclient crashes when smbd has "smb2 max read = 0"
in the [global] section of smb.conf.

We should fail the protocol negotiation with
NT_STATUS_INVALID_NETWORK_RESPONSE in this case.

Adds knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15306

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 006fe806782c42e860ed2cf2bc9f6b1b82c3a307)

---

Summary of changes:
 libcli/smb/smbXcli_base.c  |  11 +++
 python/samba/tests/audit_log_dsdb.py   |  40 
 python/samba/tests/audit_log_pass_change.py|  28 +++---
 python/samba/tests/gpo.py  |  16 ++--
 python/samba/tests/group_audit.py  |  48 +-
 python/samba/tests/prefork_restart.py  |  18 ++--
 python/samba/tests/samba_tool/computer.py  |   6 +-
 python/samba/tests/samba_tool/contact.py   |   6 +-
 .../samba_tool/drs_clone_dc_data_lmdb_size.py  |  10 +-
 python/samba/tests/samba_tool/join_lmdb_size.py|  10 +-
 python/samba/tests/samba_tool/ou.py|   6 +-
 python/samba/tests/samba_tool/passwordsettings.py  |   4 +-
 .../samba/tests/samba_tool/promote_dc_lmdb_size.py |  10 +-
 .../samba/tests/samba_tool/provision_lmdb_size.py  |  10 +-
 .../tests/samba_tool/provision_password_check.py   |   4 +-
 python/samba/tests/upgradeprovisionneeddc.py   |   8 +-
 source3/script/tests/test_zero_readsize.sh | 101 +
 source3/selftest/tests.py  |  12 +++
 source4/dsdb/tests/python/urgent_replication.py|  20 ++

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  dea4cb70045 dsdb/tests: Double number of expressions in 
large_ldap.py ldap_timeout test
   via  330958ae804 dsdb/tests: Move SD modification on class-created 
objects to classSetUp
  from  7e6dc45f7e6 selftest: fix flapping samba-tool drs showrepl test

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit dea4cb70045503fe882c2d4d24bfc07ce502c673
Author: Andrew Bartlett 
Date:   Thu Apr 6 08:59:17 2023 +1200

dsdb/tests: Double number of expressions in large_ldap.py ldap_timeout test

By slowing the filter down more this makes the test reliable on the
autobuild host.

This is not a long-term solution, but is a quick tweak that can be done
today to address current issues with getting commits past the host-based
(compared with cloud-based) autobuild.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15351

Signed-off-by: Andrew Bartlett 
Reviewed-by: Joseph Sutton 
(cherry picked from commit 479634e4cd6543d489eb4700aebde1a479b94fe5)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Apr 11 08:36:03 UTC 2023 on atb-devel-224

commit 330958ae80495311ae1718bfe021c05ecec77e05
Author: Andrew Bartlett 
Date:   Thu Apr 6 08:54:02 2023 +1200

dsdb/tests: Move SD modification on class-created objects to classSetUp

These modifications persist, so should be done at the class level,
not in the test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15351

Signed-off-by: Andrew Bartlett 
Reviewed-by: Joseph Sutton 
(cherry picked from commit e1c0c2066c2f29bb614e3386b796eec3cb289aea)

---

Summary of changes:
 source4/dsdb/tests/python/large_ldap.py | 20 +---
 1 file changed, 9 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/tests/python/large_ldap.py 
b/source4/dsdb/tests/python/large_ldap.py
index 0da79da6f73..cd8176363b5 100644
--- a/source4/dsdb/tests/python/large_ldap.py
+++ b/source4/dsdb/tests/python/large_ldap.py
@@ -146,6 +146,14 @@ class LargeLDAPTest(samba.tests.TestCase):
 "sAMAccountName": user_name,
 "jpegPhoto": b'a' * (2 * 1024 * 1024)})
 
+ace = "(OD;;RP;{6bc69afa-7bd9-4184-88f5-28762137eb6a};;S-1-%d)" % x
+dn = ldb.Dn(cls.ldb, "cn=" + user_name + "," + str(cls.ou_dn))
+
+# add an ACE that denies access to the above random attr
+# for a not-existing user.  This makes each SD distinct
+# and so will slow SD parsing.
+cls.sd_utils.dacl_add_ace(dn, ace)
+
 @classmethod
 def tearDownClass(cls):
 # Remake the connection for tear-down (old Samba drops the socket)
@@ -290,19 +298,9 @@ class LargeLDAPTest(samba.tests.TestCase):
   session_info=system_session(lp),
   lp=lp)
 
-for x in range(200):
-user_name = self.USER_NAME + format(x, "03")
-ace = "(OD;;RP;{6bc69afa-7bd9-4184-88f5-28762137eb6a};;S-1-%d)" % x
-dn = ldb.Dn(self.ldb, "cn=" + user_name + "," + str(self.ou_dn))
-
-# add an ACE that denies access to the above random attr
-# for a not-existing user.  This makes each SD distinct
-# and so will slow SD parsing.
-self.sd_utils.dacl_add_ace(dn, ace)
-
 # Create a large search expression that will take a long time to
 # evaluate.
-expression = f'(jpegPhoto=*X*)' * 1000
+expression = '(jpegPhoto=*X*)' * 2000
 expression = f'(|{expression})'
 
 # Perform the LDAP search.


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  31d4b337cb7 smbd: Fix case normalization in for directories
   via  da3531910d7 tests: Show that the case sensitive large dir 
optimization is broken
   via  9af15e1737f tests: Move libsmb-basic to fileserver_smb1 environment
   via  188d598c1d8 s3: smbd: Fix log spam. Change a normal error message 
from DBG_ERR (level 0) to DBG_INFO (level 5).
   via  d477f6fa70a smbd: Prevent creation of vetoed files
   via  c3582deb5a0 CI: add a test creating a vetoed file
  from  dea4cb70045 dsdb/tests: Double number of expressions in 
large_ldap.py ldap_timeout test

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 31d4b337cb70203eac3032838a78c9c6ef48bf6e
Author: Volker Lendecke 
Date:   Fri Feb 17 10:02:37 2023 +0100

smbd: Fix case normalization in for directories

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313
Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Fri Feb 24 08:46:14 UTC 2023 on atb-devel-224

(cherry picked from commit bf9130d375b6c401bb79fc1a0911975814759e3b)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Apr 11 16:30:25 UTC 2023 on atb-devel-224

commit da3531910d7823bb46fbbb9ea5100d8b093a3cc0
Author: Volker Lendecke 
Date:   Fri Feb 17 15:41:12 2023 +0100

tests: Show that the case sensitive large dir optimization is broken

We don't normalize the directories

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313
Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 342d8f6a0a8bc2229332783a840c882f85a1dd4e)

commit 9af15e1737f2ec4e3096ad8d6aebabe4b3c31a8c
Author: Volker Lendecke 
Date:   Fri Feb 17 15:40:30 2023 +0100

tests: Move libsmb-basic to fileserver_smb1 environment

This has the lower-case share, used in the next commit

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15313
Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit a9301d8f2956409a6d36e7776d0237d03bfbdbf6)

commit 188d598c1d8cf3067c26ddb50ef13c511e67d6ae
Author: Jeremy Allison 
Date:   Tue Feb 7 17:51:10 2023 -0800

s3: smbd: Fix log spam. Change a normal error message from DBG_ERR (level 
0) to DBG_INFO (level 5).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15302

Signed-off-by: Jeremy Allison 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Sat Feb 11 08:48:05 UTC 2023 on atb-devel-224

(cherry picked from commit e8abe52df2d3ae533b3f874a885856f26ba5ec7e)

commit d477f6fa70a7db5a13655cb6aab1df4b251a4832
Author: Ralph Boehme 
Date:   Wed Apr 5 11:03:52 2023 +0200

smbd: Prevent creation of vetoed files

The problem is when checking for vetoed names on the last path component in
openat_pathref_fsp_case_insensitive() we return
NT_STATUS_OBJECT_NAME_NOT_FOUND. The in the caller
filename_convert_dirfsp_nosymlink() this is treated as the "file creation 
case"
causing filename_convert_dirfsp_nosymlink() to return NT_STATUS_OK.

In order to correctly distinguish between the cases

1) file doesn't exist, we may be creating it, return
2) a vetoed a file

we need 2) to return a more specific error to
filename_convert_dirfsp_nosymlink(). I've chosen 
NT_STATUS_OBJECT_NAME_INVALID
which gets mapped to the appropriate errror NT_STATUS_OBJECT_PATH_NOT_FOUND 
or
NT_STATUS_OBJECT_NAME_NOT_FOUND depending on which path component was 
vetoed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Apr  6 23:03:50 UTC 2023 on atb-devel-224

(cherry picked from commit 8b23a4a7eca9b8f80cc4113bb8cf9bb7bd5b4807)

commit c3582deb5a01b686ecad7254cb087effbaf062d3
Author: Ralph Boehme 
Date:   Wed Apr 5 11:32:09 2023 +0200

CI: add a test creating a vetoed file

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15143

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 2e8954d5be3336f1c4c2cf033209f632ad84e712)

---

Summary of changes:
 python/samba/tests/libsmb-basic.py  |  9 +++
 selftest/target/Samba3.pm   |  1 +
 source3/script/tests/test_veto_files.sh | 47 +
 source3/smbd/filename.c | 18 ++---
 source3/smbd/open.c |  2 +-
 source4/selftest/tests.py   |  2 +-
 6 files changed, 74 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  64161923b6d rpcd_mdssvc: initialize POSIX locking
   via  5cc3c1b5f6b net_ads: fill ads->auth.realm from c->creds
   via  4f1d674aa92 testprogs/blackbox: add test_net_ads_search_server.sh
   via  50d90531fae smbXsrv_tcon: avoid storing temporary (invalid!) 
records.
  from  31d4b337cb7 smbd: Fix case normalization in for directories

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 64161923b6d35a3e79a00fceaf115e2afdd7d643
Author: Ralph Boehme 
Date:   Thu Apr 6 10:16:46 2023 +0200

rpcd_mdssvc: initialize POSIX locking

Otherwise the posix_pending_close_db is NULL and we crash when trying to 
close a
file descriptor:

   #4 /usr/lib64/samba/libdbwrap-samba4.so(dbwrap_parse_record+0xe) 
[0x7fbc5d05c8ae]
   #5 /usr/lib64/samba/libdbwrap-samba4.so(dbwrap_fetch_int32+0x38) 
[0x7fbc5d05d438]
   #6 /usr/lib64/samba/libsmbd-base-samba4.so(fd_close_posix+0x7b) 
[0x7fbc5e276f8b]
   #7 /usr/lib64/samba/libsmbd-base-samba4.so(+0x57900) [0x7fbc5e28a900]
   #8 /usr/lib64/samba/libsmbd-base-samba4.so(fd_close+0x68) 
[0x7fbc5e2b7ea8]
   #9 /usr/lib64/samba/libsmbd-base-samba4.so(+0x62608) [0x7fbc5e295608]
   #10 /usr/lib64/samba/libtalloc-samba4.so(_talloc_free+0x51b) 
[0x7fbc5d9f439b]
   #11 /usr/lib64/samba/vfs/fruit.so(+0xcac2) [0x7fbc45fcdac2]
   #12 /usr/lib64/samba/vfs/fruit.so(+0xcbdd) [0x7fbc45fcdbdd]
   #13 /usr/lib64/samba/vfs/fruit.so(+0xf603) [0x7fbc45fd0603]
   #14 /usr/lib64/samba/libsmbd-base-samba4.so(+0x56375) [0x7fbc5e289375]
   #15 /usr/lib64/samba/vfs/nothingtoseeherereally.so(+0x196c) 
[0x7fbc467f996c]
   #16 /usr/lib64/samba/vfs/streams_xattr.so(+0x51fc) [0x7fbc461e71fc]
   #17 /usr/lib64/samba/libsmbd-base-samba4.so(+0xade3a) [0x7fbc5e2e0e3a]
   #18 /usr/lib64/samba/libsmbd-base-samba4.so(create_conn_struct_cwd+0x44) 
[0x7fbc5e2e1cf4]
   #19 /usr/libexec/samba/rpcd_mdssvc(mds_init_ctx+0x2c3) [0x563fdac08f03]
   #20 /usr/libexec/samba/rpcd_mdssvc(_mdssvc_open+0x141) [0x563fdac0b4d1]

The corresponding open is done as part of initializing a connection_struct
object, where we chdir() and stat() the root path of the share. The stat() 
in
vfs_fruit causes an expensive metadata request on the path which triggers an
internal open of a pathref handle. Note that this only affects servers that 
have
fruit:metadata = netatalk set, which is the default unfortunately.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15354

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Fri Apr  7 21:12:21 UTC 2023 on atb-devel-224

(cherry picked from commit 3633027e49aec064e7d890a1f7ec4d81711a5de7)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Sun Apr 16 16:39:24 UTC 2023 on atb-devel-224

commit 5cc3c1b5f6b0289f91c01b20989558badc28fd61
Author: Stefan Metzmacher 
Date:   Thu Mar 2 14:46:25 2023 +0100

net_ads: fill ads->auth.realm from c->creds

We get the realm we use for authentication needs to
the realm belonging to the username we use.

We derive the username from c->creds, so we need to
do the same for the realm.

Otherwise we try to authenticate as the wrong user.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
(cherry picked from commit 0ef53b948e13eb36b536228cccd89aa4c2adbb90)

commit 4f1d674aa929208a9d623ce933da3d38692f68b8
Author: Stefan Metzmacher 
Date:   Wed Apr 5 16:45:21 2023 +0200

testprogs/blackbox: add test_net_ads_search_server.sh

This reproduces a regression with
'net ads search -P --server server.of.trusted.domain'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
(cherry picked from commit 3b585f9e8cc320841fab4cd5c3be53788d0a87ac)

commit 50d90531fae36f54c2d6a5e6cf1aba133473a29c
Author: Stefan Metzmacher 
Date:   Wed Apr 5 16:59:44 2023 +0200

smbXsrv_tcon: avoid storing temporary (invalid!) records.

We used to store smbXsrv_tcon_global.tdb records in two steps,
first we created a record in order to allocate the tcon id.
The temporary record had a NULL share_name, which translated
into 0 bytes for the string during ndr_push_smbXsrv_tcon_global0.

The problem is that ndr_pull_smbXsrv_tcon_global0 fails on
this with something like:

Invalid record in smbXsrv_tcon_global.tdb:key '2CA0ED4A' 
ndr_pull_struct_blob(length=85) - Buffer Size Error

The blob looks like this:

[] 00 00 00 00 01 00 00 00   00 00 00 00 00 00 02 00     

[0010] 00 00 00 00 4A ED A0 2C   4A ED A0

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  10ec0699aed shadow_copy2: Fix stream open for streams_depot paths
   via  a377bd61102 tests: Show that streams_depot and shadow_copy2 don't 
play together
   via  e1508b92203 streams_depot: Create files when requested
  from  64161923b6d rpcd_mdssvc: initialize POSIX locking

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 10ec0699aedd59e2ed957ecfeb96075ab9f66345
Author: Volker Lendecke 
Date:   Fri Apr 14 17:22:18 2023 +0200

shadow_copy2: Fix stream open for streams_depot paths

streams_depot hands us absolute paths with : filename components
instead of having set smb_fname_in->stream_name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15358

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Mon Apr 17 18:11:07 UTC 2023 on atb-devel-224

(cherry picked from commit 526f381f413d1cb5cde93b9542034f5ebfcfcc10)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Apr 18 19:06:55 UTC 2023 on atb-devel-224

commit a377bd611023ad75046e697804126b78e923d62b
Author: Volker Lendecke 
Date:   Fri Apr 14 15:34:17 2023 +

tests: Show that streams_depot and shadow_copy2 don't play together

See the next patch, we assert in shadow_copy2_openat() over paths
passed in from shadow_copy2

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15358

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 0327334c89cfda9020c6044a7b2b182138e46d03)

commit e1508b922032b08602544a363b9cb3ab690591d8
Author: Volker Lendecke 
Date:   Fri Apr 14 16:32:42 2023 +0200

streams_depot: Create files when requested

If you set "create mask = 0600" no streams will be created

Tested manually. Not creating an automated test for this, there are so
many places where this can go wrong that testing this individual
glitch does not gain us much confidence.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15357

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 081e808ab4ac6e187b9791da322eb7173e1e133c)

---

Summary of changes:
 python/samba/tests/libsmb-basic.py  | 15 ++-
 selftest/target/Samba3.pm   |  5 +
 source3/modules/vfs_shadow_copy2.c  | 25 -
 source3/modules/vfs_streams_depot.c |  2 +-
 4 files changed, 36 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/tests/libsmb-basic.py 
b/python/samba/tests/libsmb-basic.py
index 37b82b26dac..cbe7cce5bae 100644
--- a/python/samba/tests/libsmb-basic.py
+++ b/python/samba/tests/libsmb-basic.py
@@ -19,7 +19,7 @@
 
 from samba.samba3 import libsmb_samba_internal as libsmb
 from samba.dcerpc import security
-from samba import NTSTATUSError
+from samba import NTSTATUSError,ntstatus
 from samba.ntstatus import NT_STATUS_DELETE_PENDING
 from samba.credentials import SMB_ENCRYPTION_REQUIRED
 import samba.tests.libsmb
@@ -202,6 +202,19 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests):
 c.rmdir("subdir")
 self.assertTrue(ret)
 
+def test_libsmb_shadow_depot(self):
+c = libsmb.Conn(self.server_ip, "shadow_depot", self.lp, self.creds)
+try:
+fnum=c.create("x:y",CreateDisposition=libsmb.FILE_CREATE)
+c.close(fnum)
+except:
+self.fail()
+finally:
+# "c" might have crashed, get a new connection
+c1 = libsmb.Conn(self.server_ip, "shadow_depot", self.lp, 
self.creds)
+c1.unlink("x")
+c1 = None
+
 if __name__ == "__main__":
 import unittest
 unittest.main()
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index c8fe925a948..e0e3c026fa6 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -3405,6 +3405,11 @@ sub provision($$)
shadow:fixinodes = yes
smbd async dosmode = yes
 
+[shadow_depot]
+   path = $shadow_shrdir
+   comment = previous versions with streams_depot
+   vfs objects = streams_depot shadow_copy2
+
 [dfq]
path = $shrdir/dfree
vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
diff --git a/source3/modules/vfs_shadow_copy2.c 
b/source3/modules/vfs_shadow_copy2.c
index 16e39c2f070..a2c9d3ce4c9 100644
--- a/source3/modules/vfs_shadow_copy2.c
+++ b/source3/modules/vfs_shadow_copy2.c
@@ -1522,15 +1522,22 @@ static struct smb_filename *shadow_copy2_openat_name(
if (fsp->base_fsp != NULL) {
struct smb_filename *base_fname = fsp->base_fsp->fsp_name;
 
-   SMB_ASSERT(is_named_stream(smb_fname_in));
-
-  

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c4f24bac692 VERSION: Bump version up to Samba 4.18.3...
   via  4f9b36a6156 VERSION: Disable GIT_SNAPSHOT for the 4.18.2 release.
   via  a87efafabf8 WHATSNEW: Add release notes for Samba 4.18.2.
  from  10ec0699aed shadow_copy2: Fix stream open for streams_depot paths

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c4f24bac6927a04e83b1c99d3f428f47938459fe
Author: Jule Anger 
Date:   Wed Apr 19 12:16:30 2023 +0200

VERSION: Bump version up to Samba 4.18.3...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 4f9b36a6156ec51a3d4a18745b5e85a4bc77d9dd
Author: Jule Anger 
Date:   Wed Apr 19 12:16:08 2023 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.18.2 release.

Signed-off-by: Jule Anger 

commit a87efafabf82816a2409eab0a4d39b66c7d20bfe
Author: Jule Anger 
Date:   Wed Apr 19 12:15:36 2023 +0200

WHATSNEW: Add release notes for Samba 4.18.2.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 77 ++--
 2 files changed, 76 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 56b27245d41..e11c1d3d1c5 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=2
+SAMBA_VERSION_RELEASE=3
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 1b49d1b5a6a..bfad04cbde0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,77 @@
+   ==
+   Release Notes for Samba 4.18.2
+   April 19, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.1
+
+
+o  Jeremy Allison 
+   * BUG 15302: Log flood: smbd_calculate_access_mask_fsp: Access denied:
+ message level should be lower.
+   * BUG 15306: Floating point exception (FPE) via cli_pull_send at
+ source3/libsmb/clireadwrite.c.
+
+o  Andrew Bartlett 
+   * BUG 15328: test_tstream_more_tcp_user_timeout_spin fails intermittently on
+ Rackspace GitLab runners.
+   * BUG 15329: Reduce flapping of ridalloc test.
+   * BUG 15351: large_ldap test is unreliable.
+
+o  Ralph Boehme 
+   * BUG 15143: New filename parser doesn't check veto files smb.conf 
parameter.
+   * BUG 15354: mdssvc may crash when initializing.
+
+o  Volker Lendecke 
+   * BUG 15313: large directory optimization broken for non-lcomp path 
elements.
+   * BUG 15357: streams_depot fails to create streams.
+   * BUG 15358: shadow_copy2 and streams_depot don't play well together.
+
+o  Rob van der Linde 
+   * BUG 15316: Flapping tests in samba_tool_drs_show_repl.py.
+
+o  Stefan Metzmacher 
+   * BUG 15317: winbindd idmap child contacts the domain controller without a
+ need.
+   * BUG 15318: idmap_autorid may fail to map sids of trusted domains for the
+ first time.
+   * BUG 15319: idmap_hash doesn't use ID_TYPE_BOTH for reverse mappings.
+   * BUG 15323: net ads search -P doesn't work against servers in other 
domains.
+   * BUG 15353: Temporary smbXsrv_tcon_global.tdb can't be parsed.
+
+o  Joseph Sutton 
+   * BUG 15316: Flapping tests in samba_tool_drs_show_repl.py.
+   * BUG 15343: Tests use depricated and removed methods like
+ assertRegexpMatches.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.18.1
March 29, 2023
@@ -65,8 +139,7 @@ database (https://bugzilla.samba.org/).
 ==
 
 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  49777b08ac2 s3:lib: Do not try to match '.' and '..' directories in 
is_in_path()
   via  c09c3f8e38a s3:tests: Add test that veto files works for hidden 
files
   via  a26cbb56b5b s3:tests: Create a temporary directory for 
test_veto_files.sh
   via  2a20fbdbd78 libcli/security: rewrite 
calculate_inherited_from_parent()
  from  c4f24bac692 VERSION: Bump version up to Samba 4.18.3...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 49777b08ac26e76d339fd74c39f74c20af433837
Author: Andreas Schneider 
Date:   Wed Apr 19 16:23:10 2023 +0200

s3:lib: Do not try to match '.' and '..' directories in is_in_path()

This fixes setting veto files to '.*' to not list hidden files and
directories starting with a dot.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360

Signed-off-by: Andreas Schneider 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 9eb44306623fc4897b373b04763e475f696ab92d)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Apr 28 15:17:25 UTC 2023 on atb-devel-224

commit c09c3f8e38ac2e02676af908b9a0e958ac673d74
Author: Andreas Schneider 
Date:   Wed Apr 19 15:35:47 2023 +0200

s3:tests: Add test that veto files works for hidden files

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360

Signed-off-by: Andreas Schneider 
Reviewed-by: Jeremy Allison 
(cherry picked from commit a2acbd3f3cff8d1cac63acdead4b7be14a7092b2)

commit a26cbb56b5b7be67b261f9646799fb70651ebca3
Author: Andreas Schneider 
Date:   Wed Apr 19 20:45:52 2023 +0200

s3:tests: Create a temporary directory for test_veto_files.sh

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15360

Signed-off-by: Andreas Schneider 
Reviewed-by: Jeremy Allison 
(cherry picked from commit b5a66840e3057cbff85fe6cd231310c4a9cfb34b)

commit 2a20fbdbd7860582f332d8e38dbca2446e2bf0fa
Author: Stefan Metzmacher 
Date:   Sat Mar 18 01:17:04 2023 +0100

libcli/security: rewrite calculate_inherited_from_parent()

This allows us to pass the new tests we just added.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15338

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit bb09c06d6d58a04e1d270a9f99d1179cfa9acbda)

---

Summary of changes:
 libcli/security/create_descriptor.c | 247 +---
 selftest/target/Samba3.pm   |   4 +
 source3/lib/util.c  |   5 +
 source3/script/tests/test_veto_files.sh |  35 -
 4 files changed, 234 insertions(+), 57 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/security/create_descriptor.c 
b/libcli/security/create_descriptor.c
index ef60d847033..947d6c19d58 100644
--- a/libcli/security/create_descriptor.c
+++ b/libcli/security/create_descriptor.c
@@ -78,7 +78,7 @@ uint32_t map_generic_rights_ds(uint32_t access_mask)
 
 /* Not sure what this has to be,
 * and it does not seem to have any influence */
-static bool object_in_list(struct GUID *object_list, struct GUID *object)
+static bool object_in_list(const struct GUID *object_list, const struct GUID 
*object)
 {
size_t i;
 
@@ -107,7 +107,7 @@ static bool object_in_list(struct GUID *object_list, struct 
GUID *object)
 /* returns true if the ACE gontains generic information
  * that needs to be processed additionally */
  
-static bool desc_ace_has_generic(struct security_ace *ace)
+static bool desc_ace_has_generic(const struct security_ace *ace)
 {
if (ace->access_mask & SEC_GENERIC_ALL || ace->access_mask & 
SEC_GENERIC_READ ||
ace->access_mask & SEC_GENERIC_WRITE || ace->access_mask & 
SEC_GENERIC_EXECUTE) {
@@ -155,12 +155,114 @@ static struct security_acl 
*calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
}
 
for (i=0; i < acl->num_aces; i++) {
-   struct security_ace *ace = &acl->aces[i];
-   if ((ace->flags & SEC_ACE_FLAG_CONTAINER_INHERIT) ||
-   (ace->flags & SEC_ACE_FLAG_OBJECT_INHERIT)) {
-   struct GUID inherited_object = GUID_zero();
+   const struct security_ace *ace = &acl->aces[i];
+   const struct GUID *inherited_object = NULL;
+   const struct GUID *inherited_property = NULL;
+   struct security_ace *tmp_ace = NULL;
+   bool applies = false;
+   bool inherited_only = false;
+   bool expand_ace = false;
+   bool expand_only = false;
+
+   if (is_container && (ace->flags & 
SEC_ACE_FLAG_CONTAINER_INHERIT)) {
+   applies = true;
+   } else if (!is_container && (ace->flags & 
SEC_ACE_FLAG_OBJECT_INHERIT)) {
+  

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  1ace31bc878 dsgetdcname: do not assume local system uses IPv4
  from  49777b08ac2 s3:lib: Do not try to match '.' and '..' directories in 
is_in_path()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 1ace31bc8787a72a923b1445192476cc8d71a0d8
Author: Nathaniel W. Turner 
Date:   Fri Sep 23 16:37:46 2022 -0400

dsgetdcname: do not assume local system uses IPv4

Return the first IPv4 and the first IPv6 address found for each DC.
This is slightly inelegant, but resolves an issue where IPv6-only
systems were unable to run "net ads join" against domain controllers
that have both A and  records in DNS.

While this impacts performance due to the additional LDAP ping attempts,
in practice an attempt to connect to an IPv6 address on an IPv4-only
system (or vice versa) will fail immediately with
NT_STATUS_NETWORK_UNREACHABLE, and thus the performance impact should be
negligible.

The alternative approach, using an smb.conf setting to control whether
the logic prefers a single address of one family or the other ends up
being a bit awkward, as it pushes the problem onto admins and tools such
as "realm join" that want to dynamically synthesize an smb.conf on the
fly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15325

Signed-off-by: Nathaniel W. Turner 
Reviewed-by: Jeremy Allison 
Reviewed-by: David Mulder 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Mar  9 19:12:15 UTC 2023 on atb-devel-224

(cherry picked from commit f55a357c6b9387883a7628a1b1083263a10121a6)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon May  8 10:17:16 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/libsmb/dsgetdcname.c | 49 +++-
 1 file changed, 26 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libsmb/dsgetdcname.c b/source3/libsmb/dsgetdcname.c
index 42714fcb2a1..e0462d5fb24 100644
--- a/source3/libsmb/dsgetdcname.c
+++ b/source3/libsmb/dsgetdcname.c
@@ -551,14 +551,20 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
}
 
+   /* Check for integer wrap. */
+   if (numdcs + numdcs < numdcs) {
+   TALLOC_FREE(dcs);
+   return NT_STATUS_INVALID_PARAMETER;
+   }
+
/*
-* We're only returning one address per
-* DC name, so just allocate size numdcs.
+* We're only returning up to 2 addresses per
+* DC name, so just allocate size numdcs x 2.
 */
 
dclist = talloc_zero_array(mem_ctx,
   struct ip_service_name,
-  numdcs);
+  numdcs * 2);
if (!dclist) {
TALLOC_FREE(dcs);
return NT_STATUS_NO_MEMORY;
@@ -571,17 +577,16 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
ret_count = 0;
for (i = 0; i < numdcs; i++) {
size_t j;
+   bool have_v4_addr = false;
+   bool have_v6_addr = false;
 
if (dcs[i].num_ips == 0) {
continue;
}
 
-   dclist[ret_count].hostname =
-   talloc_move(dclist, &dcs[i].hostname);
-
/*
-* Pick the first IPv4 address,
-* if none pick the first address.
+* Pick up to 1 address from each address
+* family (IPv4, IPv6).
 *
 * This is different from the previous
 * code which picked a 'next ip' address
@@ -589,8 +594,11 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
 * Too complex to maintain :-(.
 */
for (j = 0; j < dcs[i].num_ips; j++) {
-   if (dcs[i].ss_s[j].ss_family == AF_INET) {
+   if ((dcs[i].ss_s[j].ss_family == AF_INET && 
!have_v4_addr) ||
+   (dcs[i].ss_s[j].ss_family == AF_INET6 && 
!have_v6_addr)) {
bool ok;
+   dclist[ret_count].hostname =
+   talloc_strdup(dclist, dcs[i].hostname);
ok = sockaddr_storage_to_samba_sockaddr(
&dclist[ret_count].sa,
&dcs[i].ss_s[j]);
@@ -599,22 +607,17 @@ static NTSTATUS discover_dc_dns(TALLOC_CTX *mem_ctx,
TALLOC_FREE(dclist);
return NT_ST

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  128a80758fd s3:locking: fix debug level for NT_STATUS_NOT_FOUND 
messanges in get_static_share_mode_data
  from  1ace31bc878 dsgetdcname: do not assume local system uses IPv4

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 128a80758fd389333f2ab30981a5fe626d01e434
Author: Stefan Metzmacher 
Date:   Mon Apr 24 15:08:42 2023 +0200

s3:locking: fix debug level for NT_STATUS_NOT_FOUND messanges in 
get_static_share_mode_data

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15362

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Björn Jacke 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Mon Apr 24 14:13:35 UTC 2023 on atb-devel-224

(cherry picked from commit eafcef18584c264dc68dd95fbd8aa39218199446)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue May  9 13:15:57 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/locking/share_mode_lock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/locking/share_mode_lock.c 
b/source3/locking/share_mode_lock.c
index 09a02853511..3fc7d56562a 100644
--- a/source3/locking/share_mode_lock.c
+++ b/source3/locking/share_mode_lock.c
@@ -885,7 +885,7 @@ static NTSTATUS get_static_share_mode_data(
return status;
}
if (!NT_STATUS_IS_OK(state.status)) {
-   DBG_GET_SHARE_MODE_LOCK(status,
+   DBG_GET_SHARE_MODE_LOCK(state.status,
"get_static_share_mode_data_fn failed: %s\n",
nt_errstr(state.status));
return state.status;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  0f1dbe552dc winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 
users
   via  97c9f812fa9 winbind: Test wbinfo -u with more than 1000 users
  from  128a80758fd s3:locking: fix debug level for NT_STATUS_NOT_FOUND 
messanges in get_static_share_mode_data

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 0f1dbe552dc061e1863222b6b9471c1c7a412a83
Author: Volker Lendecke 
Date:   Wed Apr 26 17:19:29 2023 +0200

winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 users

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366

Signed-off-by: Volker Lendecke 
Reviewed-by: Andrew Bartlett 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Tue May  9 02:58:45 UTC 2023 on atb-devel-224

(cherry picked from commit 6206e15b4de0ba67d713124c2be353dabf3878c8)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri May 12 15:58:34 UTC 2023 on atb-devel-224

commit 97c9f812fa9f246fbedebcb28fcf875ec6679709
Author: Volker Lendecke 
Date:   Thu Apr 27 12:25:24 2023 +0200

winbind: Test wbinfo -u with more than 1000 users

winbind asks dcerpc_samr_LookupRids in one batch, where samr.idl has

NTSTATUS samr_LookupRids(
[in,ref]  policy_handle *domain_handle,
[in,range(0,1000)] uint32 num_rids,
[in,size_is(1000),length_is(num_rids)] uint32 rids[],
[out,ref] lsa_Strings *names,
[out,ref] samr_Ids *types
);

limiting num_rids to 1000 entries. Test this.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15366

Signed-off-by: Volker Lendecke 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit f633389f36e79d3e772777ad7ca13012e3616273)

---

Summary of changes:
 source3/script/tests/test_wbinfo_u_large_ad.sh |  28 +++
 source3/winbindd/winbindd_samr.c   | 102 +++--
 source4/selftest/tests.py  |   5 ++
 3 files changed, 95 insertions(+), 40 deletions(-)
 create mode 100755 source3/script/tests/test_wbinfo_u_large_ad.sh


Changeset truncated at 500 lines:

diff --git a/source3/script/tests/test_wbinfo_u_large_ad.sh 
b/source3/script/tests/test_wbinfo_u_large_ad.sh
new file mode 100755
index 000..ab5f0ca1f6a
--- /dev/null
+++ b/source3/script/tests/test_wbinfo_u_large_ad.sh
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+LDBMODIFY="$VALGRIND ${LDBMODIFY:-$BINDIR/ldbmodify} $CONFIGURATION"
+LDBSEARCH="$VALGRIND ${LDBSEARCH:-$BINDIR/ldbsearch} $CONFIGURATION"
+WBINFO="$VALGRIND ${WBINFO:-$BINDIR/wbinfo} $CONFIGURATION"
+
+NUM_USERS=1234
+
+BASE_DN=$($LDBSEARCH -H ldap://$DC_SERVER -b "" --scope=base 
defaultNamingContext | awk '/^defaultNamingContext/ {print $2}')
+
+incdir=$(dirname $0)/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+seq -w 1 "$NUM_USERS" |
+xargs -INUM echo -e 
"dn:cn=large_ad_NUM,cn=users,$BASE_DN\nchangetype:add\nobjectclass:user\nsamaccountname:large_ad_NUM\n"
 |
+$LDBMODIFY -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+
+testit_grep_count \
+"Make sure $NUM_USERS $DOMAIN users are returned" \
+"$DOMAIN/large_ad_" \
+"$NUM_USERS" \
+${WBINFO} -u || failed=$(expr $failed + 1)
+
+seq -w 1 "$NUM_USERS" |
+xargs -INUM echo -e 
"dn:cn=large_ad_NUM,cn=users,$BASE_DN\nchangetype:delete\n" |
+$LDBMODIFY -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
+
+testok $0 $failed
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index ebf9c24b9e4..92dd1851abd 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -914,8 +914,6 @@ static NTSTATUS sam_rids_to_names(struct winbindd_domain 
*domain,
struct rpc_pipe_client *samr_pipe = NULL;
struct dcerpc_binding_handle *h = NULL;
struct policy_handle dom_pol = { .handle_type = 0, };
-   struct lsa_Strings lsa_names = { .count = 0, };
-   struct samr_Ids samr_types = { .count = 0, };
enum lsa_SidType *types = NULL;
char **names = NULL;
const char *domain_name = NULL;
@@ -997,49 +995,73 @@ again:
}
h = samr_pipe->binding_handle;
 
-   status = dcerpc_samr_LookupRids(
-   h,
-   tmp_ctx,
-   &dom_pol,
-   num_rids,
-   rids,
-   &lsa_names,
-   &samr_types,
-   &result);
-
-   if (!retry && reset_connection_on_error(domain, samr_pipe, status)) {
-   retry = true;
-   goto again;
-   }
+   /*
+* Magic number 1000 comes from samr.idl
+*/
 
-   if (!NT_STATUS_IS_OK(status)) {
-   DBG_DEBUG("dcerpc_samr_LookupRids failed

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  a22173a745e rpc_server3: Pass winbind_env_set() state through to 
rpcd_*
   via  faa507637e5 lib: Add security_token_del_npa_flags() helper function
   via  ec0c93199b9 rpc: Remove named_pipe_auth_req_info6->need_idle_server
   via  e92fb837630 rpc_server3: Use global_sid_Samba_NPA_Flags to pass 
"need_idle"
   via  e46af7b3322 named_pipe_auth: Bump info5 to info6
   via  5a09eaf01ac rpc: Add global_sid_Samba_NPA_Flags SID
   via  40378826afb librpc: Simplify dcerpc_is_transport_encrypted()
   via  dc2606e10e1 smbd: Use security_token_count_flag_sids() in 
open_np_file()
   via  8ed6bbcb555 libcli: Add security_token_count_flag_sids()
   via  74449f2afcc samba-tool domain: Run in interactive mode if no args 
are supplied
   via  cae050cf785 librpc/rpc: allow smb3_sid_parse() to accept modern 
encryption algorithms
  from  0f1dbe552dc winbind: Fix "wbinfo -u" on a Samba AD DC with >1000 
users

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit a22173a745ecfc0023231e4f32b862e5ab287955
Author: Volker Lendecke 
Date:   Tue Apr 18 12:47:04 2023 +0200

rpc_server3: Pass winbind_env_set() state through to rpcd_*

Winbind can ask rpcd_lsad for LookupNames etc. This can recurse back
into winbind for getpwnam. We have the "_NO_WINBINDD" environment
variable set in winbind itself for this case, but this is lost on the
way into rpcd_lsad. Use a flag in global_sid_Samba_NPA_Flags to pass
this information to dcerpc_core, where it sets the variable on every
call if requested.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Tue May 16 11:54:32 UTC 2023 on atb-devel-224

(cherry picked from commit 59694ad0a4cc489f1baa4c2c94c6322c0f22c1df)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri May 26 13:29:20 UTC 2023 on atb-devel-224

commit faa507637e54373467ffe78c1c2feb6fd949b9d5
Author: Volker Lendecke 
Date:   Tue Apr 18 14:32:20 2023 +0200

lib: Add security_token_del_npa_flags() helper function

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit bb3ea36e10079ad9c73c68d7ed8fce51ecb40ebe)

commit ec0c93199b934db0c91816b6dcf465dbb68d6aed
Author: Volker Lendecke 
Date:   Tue Apr 18 12:29:34 2023 +0200

rpc: Remove named_pipe_auth_req_info6->need_idle_server

Involves bumping up the version number

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit bdba027a33e35aab7bb322bc3167cdd7babfc059)

commit e92fb837630f1dc4107085fb38b16905de0dbf25
Author: Volker Lendecke 
Date:   Tue Apr 18 12:28:28 2023 +0200

rpc_server3: Use global_sid_Samba_NPA_Flags to pass "need_idle"

More code, but will be more flexible in the future.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 31180e0e6d9e43d54e7656a56ed3af129f578105)

commit e46af7b3322e52cf482180e4da1eefa6bff55e5b
Author: Joseph Sutton 
Date:   Thu Dec 22 17:48:26 2022 +1300

named_pipe_auth: Bump info5 to info6

In the next commit, we shall replace the 'authenticated' field of
named_pipe_auth_req_info.info5.session_info.session_info.info with a
more general 'user_flags' field.

Signed-off-by: Joseph Sutton 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 8aef16bbbc1e55f0a9f5a8ec87e5348688d93785)

commit 5a09eaf01aca6fb650973deca4f0142f26be9934
Author: Volker Lendecke 
Date:   Tue Apr 18 12:09:45 2023 +0200

rpc: Add global_sid_Samba_NPA_Flags SID

This will be used as a flexible way to pass per-RPC-connection flags
over ncalrpc to the RPC server without having to modify
named_pipe_auth_req_info6 every time something new needs to be
passed. It's modeled after global_sid_Samba_SMB3.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit ebbb93cc7a57a118b82b8f383d25f1eb022397d6)

commit 40378826afbd370d087efb248edfb68d7f385f47
Author: Volker Lendecke 
Date:   Tue Apr 18 12:04:17 2023 +0200

librpc: Simplify dcerpc_is_transport_encrypted()

Simplify logic by using security_token_count_flag_sids()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15361
Signed-off-by: Volker Lendecke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 1d11e0489b2c91fc05c6befc0463695d7102abcc)

commit dc2606e10e

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  af9dc206043 smbd: also reset struct stat_ex.cached_dos_attributes 
in SET_STAT_INVALID()
   via  09ea170e3b4 smbd: zero intialize SMB_STRUCT_STAT in 
vfswrap_readdir()
   via  5865388ede8 CI: add a test that checks the dosmode of symlinks
   via  6dfa2252fd3 vfs_fruit: add fruit:convert_adouble parameter
   via  5c5ab78d93d vfs_fruit: just log failing AppleDouble conversion
   via  0db5f559d0e libadouble: allow FILE_SHARE_DELETE in 
ad_convert_xattr()
   via  fe988c71379 vfs_fruit: never return AFP_Resource stream for 
directories
   via  051cd8f5915 vfs_fruit: return ENOENT instead of EISDIR when trying 
to open AFP_Resource for a directory
   via  976b4955570 CI: add a test for fruit AppleDouble conversion when 
deletion triggers conversion
  from  a22173a745e rpc_server3: Pass winbind_env_set() state through to 
rpcd_*

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit af9dc206043809a706063019112a191e81456ed7
Author: Ralph Boehme 
Date:   Tue May 23 17:26:03 2023 +0200

smbd: also reset struct stat_ex.cached_dos_attributes in SET_STAT_INVALID()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Wed May 24 21:42:50 UTC 2023 on atb-devel-224

(cherry picked from commit 412373984db6d0c20ba38076d06d0a87631890d0)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed May 31 10:47:15 UTC 2023 on atb-devel-224

commit 09ea170e3b4a5c962e29b86d1eadf06a430bc9a6
Author: Ralph Boehme 
Date:   Tue May 23 17:23:28 2023 +0200

smbd: zero intialize SMB_STRUCT_STAT in vfswrap_readdir()

Avoid returning an uninitialized st.cached_dos_attributes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 0391120079b032077c3914c10189b85e61dc8498)

commit 5865388ede8b5d3d3b389be49261574dde7008d7
Author: Ralph Boehme 
Date:   Wed May 24 13:13:19 2023 +0200

CI: add a test that checks the dosmode of symlinks

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15375

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit b4af281b2d7bfddbdb7289dadbed9db623bf0e84)

commit 6dfa2252fd308ab7a60513d5a167305614a9e192
Author: Ralph Boehme 
Date:   Mon May 22 12:32:00 2023 +0200

vfs_fruit: add fruit:convert_adouble parameter

https://bugzilla.samba.org/show_bug.cgi?id=15378

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Fri May 26 00:52:29 UTC 2023 on atb-devel-224

(cherry picked from commit 035f6d914d133cf3248f15b1be06a9e1837238da)

commit 5c5ab78d93def900a91954e30fdb25aa1d5a3cdb
Author: Ralph Boehme 
Date:   Mon May 22 12:25:04 2023 +0200

vfs_fruit: just log failing AppleDouble conversion

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 3bf97f19c36d26b4178f7cb6202bbdd44de0c1aa)

commit 0db5f559d0ef883c975177a705e82ae4d0951c72
Author: Ralph Boehme 
Date:   Tue May 23 17:28:33 2023 +0200

libadouble: allow FILE_SHARE_DELETE in ad_convert_xattr()

Not specifying FILE_SHARE_DELETE wasn't done intentionally. Not setting the 
flag
triggers the following problem:

* client sends a CREATE with delete access

* this triggers a call to open_streams_for_delete() where we check for
conflicting opens on any of the streams of the file or directory

* if the file (or directory) has a stream like ":com.apple.quarantine" the
stream is opened with DELETE_ACCESS and kept open when the next step might:

* if the file (or directory) has a Mac specific :AFP_AfpInfo stream, the
ad_convert() routine in fruit_create_file() is triggered

* ad_convert() checks if the file (or ...) has a sidecar ._ AppleDouble 
file, if
it has:

* in ad_convert_xattr() we unpack any set of xattrs encoded in the 
AppleDouble
file and recreate them as streams with the VFS. Now, if any of these xattrs
happens to be converted to a stream that we still have open in
open_streams_for_delete() (see above) we get a NT_STATUS_SHARING_VIOLATION

This error gets passed up the stack back to open_streams_for_delete() so the
client CREATE request fails and the client is unhappy.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15378

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 55bd10456486628cad2bd085618e873598401c3b)

commit fe988c713798732b996

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  fcf2e89167f VERSION: Bump version up to Samba 4.18.4...
   via  897e67a7cf8 VERSION: Disable GIT_SNAPSHOT for the 4.18.3 release.
   via  f988fcf671d WHATSNEW: Add release notes for Samba 4.18.3.
  from  af9dc206043 smbd: also reset struct stat_ex.cached_dos_attributes 
in SET_STAT_INVALID()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit fcf2e89167f5a64f98ae0ee4ac2af2beff4e6b5a
Author: Jule Anger 
Date:   Wed May 31 18:05:14 2023 +0200

VERSION: Bump version up to Samba 4.18.4...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 897e67a7cf86568da8bf8736aabe069e05c342ca
Author: Jule Anger 
Date:   Wed May 31 18:04:56 2023 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.18.3 release.

Signed-off-by: Jule Anger 

commit f988fcf671d75b5b4064f0cc7891e62f4185f4be
Author: Jule Anger 
Date:   Wed May 31 18:04:26 2023 +0200

WHATSNEW: Add release notes for Samba 4.18.3.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 65 ++--
 2 files changed, 64 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index e11c1d3d1c5..b11e1c9469e 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=3
+SAMBA_VERSION_RELEASE=4
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index bfad04cbde0..01c121a8e48 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,65 @@
+   ==
+   Release Notes for Samba 4.18.3
+May 31, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.2
+
+
+o  Ralph Boehme 
+   * BUG 15375: Symlinks to files can have random DOS mode information in a
+ directory listing.
+   * BUG 15378: vfs_fruit might cause a failing open for delete.
+
+o  Volker Lendecke 
+   * BUG 15361: winbind recurses into itself via rpcd_lsad.
+   * BUG 15366: wbinfo -u fails on ad dc with >1000 users.
+
+o  Stefan Metzmacher 
+   * BUG 15338: DS ACEs might be inherited to unrelated object classes.
+   * BUG 15362: a lot of messages: get_static_share_mode_data:
+ get_static_share_mode_data_fn failed: NT_STATUS_NOT_FOUND.
+   * BUG 15374: aes256 smb3 encryption algorithms are not allowed in
+ smb3_sid_parse().
+
+o  Andreas Schneider 
+   * BUG 15360: Setting veto files = /.*/ break listing directories.
+
+o  Joseph Sutton 
+   * BUG 15363: "samba-tool domain provision" does not run interactive mode if
+ no arguments are given.
+
+o  Nathaniel W. Turner 
+   * BUG 15325: dsgetdcname: assumes local system uses IPv4.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.18.2
April 19, 2023
@@ -70,8 +132,7 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--
==
Release Notes for Samba 4.18.1
March 29, 2023


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  3662ddaadc9 libsmb: Fix directory listing against old servers
   via  ad3f78b4ab6 tests: Show that we 100% loop in cli_list_old_recv()
   via  6f0d17e1210 tests: Make timelimit available to test scripts
   via  af4d536ad20 s4:dnsserver: Rename dns_name_equal() to 
samba_dns_name_equal()
  from  fcf2e89167f VERSION: Bump version up to Samba 4.18.4...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 3662ddaadc9b18d55d1ad30f5acdb12c2564195f
Author: Volker Lendecke 
Date:   Thu Jun 1 15:57:26 2023 +0200

libsmb: Fix directory listing against old servers

cli_list_trans_recv() can be called multiple times. When it's done, it
return NT_STATUS_OK and set *finfo to NULL. cli_list_old_recv() did
not do the NULL part, so smbclient would endlessly loop.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Jun  1 21:54:42 UTC 2023 on atb-devel-224

(cherry picked from commit f30f5793ad592e193546586b765837c0ac9f5647)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Jun  2 13:16:16 UTC 2023 on atb-devel-224

commit ad3f78b4ab615b90641ea6ea7f43087ec796b2b3
Author: Volker Lendecke 
Date:   Thu Jun 1 16:41:37 2023 +0200

tests: Show that we 100% loop in cli_list_old_recv()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit e86234f3d61c62e4365e1ea105bdd29feaf7ccbe)

commit 6f0d17e1210aa1652145989a48cb86fee446656b
Author: Volker Lendecke 
Date:   Thu Jun 1 16:39:21 2023 +0200

tests: Make timelimit available to test scripts

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15382

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 4804d6b89a9146f1fc5270de158cd25254505f61)

commit af4d536ad20ecc735c0a44ca71618dec6dbcc772
Author: Samuel Cabrero 
Date:   Wed Jan 18 17:25:29 2023 +0100

s4:dnsserver: Rename dns_name_equal() to samba_dns_name_equal()

This function already exists in bind9 but takes different arguments, so when
the DLZ is loaded and this function is called bind crashes:

  named[1523]: samba_dlz: allowing update of 
signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa 
tcpaddr=192.168.101.118  type=PTR 
key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
  named[1523]: samba_dlz: allowing update of 
signer=DESKTOP-8BUKMBK\$\@AFOREST.AD name=118.101.168.192.in-addr.arpa 
tcpaddr=192.168.101.118  type=PTR 
key=1264-ms-7.1-2ac9.9ef238e1-9747-11ed-9f95-525400dc6981/159/0
  named[1523]: client @0x7f26caa90f68 192.168.101.118#58223/key 
DESKTOP-8BUKMBK\$\@AFOREST.AD: updating zone '101.168.192.in-addr.arpa/NONE': 
deleting rrset at '118.101.168.192.in-addr.ar
  named[1523]: name.c:664: REQUIRE(((name1) != ((void *)0) && ((const 
isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | 
('n') failed, back trace

Backtrace:

  #0  0x7f2716c957ec in __pthread_kill_implementation () from 
/lib64/libc.so.6
  #1  0x7f2716c42816 in raise () from /lib64/libc.so.6
  #2  0x7f2716c2b81c in abort () from /lib64/libc.so.6
  #3  0x55d4de847995 in assertion_failed (file=, 
line=,
  type=, cond=) at 
/usr/src/debug/bind-9.18.10/bin/named/main.c:237
  #4  0x7f27176388fc in isc_assertion_failed 
(file=file@entry=0x7f27173b0df6 "name.c",
  line=line@entry=664, type=type@entry=isc_assertiontype_require,
  cond=cond@entry=0x7f27173b0268 "((name1) != ((void *)0) && ((const 
isc__magic_t *)(name1))->magic == ((('D') << 24 | ('N') << 16 | ('S') << 8 | 
('n'")
  at /usr/src/debug/bind-9.18.10/lib/isc/assertions.c:48
  #5  0x7f27172946f9 in dns_name_equal (name1=, 
name2=)
  at /usr/src/debug/bind-9.18.10/lib/dns/name.c:664

   Here bind's dns_name_equal() is called instead of samba's 
dns_name_equal() 

  #6  0x7f27077ad6f2 in dns_record_match (rec1=0x7f26f8042d70, 
rec2=0x7f26f8044d10)
  at ../../source4/dns_server/dnsserver_common.c:1346
  #7  0x7f271404732c in b9_record_match (rec1=0x7f26f8042d70, 
rec2=0x7f26f8044d10)
  at ../../source4/dns_server/dlz_bind9.c:1830
  #8  0x7f2714047daa in dlz_subrdataset (name=0x7f2706ff82f0 
"118.101.168.192.in-addr.arpa",
  rdatastr=0x7f26c9c1 
"118.101.168.192.in-addr.arpa.\t1200\tIN\tPTR\tDESKTOP-8BUKMBK.aforest.ad.",
  dbdata=0x7f271003d300, version=0x7f26f8044b20) at 
../../source4/dns_server/dlz_bind9.c:2077
  #9  0x55d4de84afb4 in dlopen_dlz_subrdataset (name=0x

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c4968128b7f smbclient: Fix fd leak with "showacls;ls"
   via  d49f9f4be7d smbd: remove comments about deprecated 'write cache 
size'
  from  3662ddaadc9 libsmb: Fix directory listing against old servers

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c4968128b7f2c75aa96eb7e446719d766950ef58
Author: Volker Lendecke 
Date:   Thu Jun 8 10:14:18 2023 +0200

smbclient: Fix fd leak with "showacls;ls"

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15391

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Jun  8 16:55:14 UTC 2023 on atb-devel-224

(cherry picked from commit 5c52f71c0d0e162dcbf42378357313035efa860f)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jun 12 08:25:18 UTC 2023 on atb-devel-224

commit d49f9f4be7d825153026b2f63101fd89baa40ceb
Author: Jones Syue 
Date:   Fri Jun 2 14:40:09 2023 +0800

smbd: remove comments about deprecated 'write cache size'

The option 'write cache size' was removed since samba-4.12 version:
https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed
https://git.samba.org/?p=samba.git;a=commit;h=3fea05e0
https://git.samba.org/?p=samba.git;a=commit;h=728fabea

It is supposed to remove comments about deprecated 'write cache size',
in order to avoid confusion when reading source code and documents.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15383

Signed-off-by: Jones Syue 
Reviewed-by: Ralph Boehme 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Fri Jun  2 09:48:17 UTC 2023 on atb-devel-224

(cherry picked from commit 9c24f853a84e1435235ba58ffcaaeff7dd80f6aa)

---

Summary of changes:
 docs-xml/smbdotconf/locking/smb2leases.xml  | 2 --
 docs-xml/smbdotconf/tuning/aioreadsize.xml  | 2 +-
 docs-xml/smbdotconf/tuning/aiowritesize.xml | 2 +-
 source3/client/client.c | 1 +
 source3/smbd/smb2_read.c| 1 -
 5 files changed, 3 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/smbdotconf/locking/smb2leases.xml 
b/docs-xml/smbdotconf/locking/smb2leases.xml
index 5a490875af7..89ff307d8f9 100644
--- a/docs-xml/smbdotconf/locking/smb2leases.xml
+++ b/docs-xml/smbdotconf/locking/smb2leases.xml
@@ -15,8 +15,6 @@
and no.

 
-   Note that the write cache won't be used for file handles with a 
smb2 write lease.
-
 
 
 oplocks
diff --git a/docs-xml/smbdotconf/tuning/aioreadsize.xml 
b/docs-xml/smbdotconf/tuning/aioreadsize.xml
index 71120a80388..5218f34a6d6 100644
--- a/docs-xml/smbdotconf/tuning/aioreadsize.xml
+++ b/docs-xml/smbdotconf/tuning/aioreadsize.xml
@@ -6,7 +6,7 @@
   If this integer parameter is set to a non-zero value,
 Samba will read from files asynchronously when the request size is bigger
 than this value. Note that it happens only for non-chained and non-chaining
-reads and when not using write cache.
+reads.
   The only reasonable values for this parameter are 0 (no async I/O) and
 1 (always do async I/O).
   aio write size
diff --git a/docs-xml/smbdotconf/tuning/aiowritesize.xml 
b/docs-xml/smbdotconf/tuning/aiowritesize.xml
index cdc079d13dc..029e1d135c0 100644
--- a/docs-xml/smbdotconf/tuning/aiowritesize.xml
+++ b/docs-xml/smbdotconf/tuning/aiowritesize.xml
@@ -6,7 +6,7 @@
   If this integer parameter is set to a non-zero value,
 Samba will write to files asynchronously when the request size is bigger
 than this value. Note that it happens only for non-chained and non-chaining
-reads and when not using write cache.
+writes.
   The only reasonable values for this parameter are 0 (no async I/O) and
 1 (always do async I/O).
   Compared to  this parameter has
diff --git a/source3/client/client.c b/source3/client/client.c
index 8e29224918d..c4d309958cd 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -626,6 +626,7 @@ static NTSTATUS display_finfo(struct cli_state *cli_state, 
struct file_info *fin
display_sec_desc(sd);
}
TALLOC_FREE(sd);
+   cli_close(targetcli, fnum);
}
TALLOC_FREE(afname);
}
diff --git a/source3/smbd/smb2_read.c b/source3/smbd/smb2_read.c
index 4c6822f2c74..ff945302f54 100644
--- a/source3/smbd/smb2_read.c
+++ b/source3/smbd/smb2_read.c
@@ -353,7 +353,6 @@ static NTSTATUS schedule_smb2_sendfile_read(struct 
smbd_smb2_request *smb2req,
 * Signing is active OR
 * This is a compound SMB2 operation OR
 * fsp is a STREAM file OR

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c7e3c042fbc smbcacls/smbcquotas: check for valid UNC path
  from  c4968128b7f smbclient: Fix fd leak with "showacls;ls"

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c7e3c042fbc56824f66652af7c0580276f5144e7
Author: Björn Jacke 
Date:   Tue Jan 10 12:25:35 2023 +0100

smbcacls/smbcquotas: check for valid UNC path

we used to strip the first two characters of the path and used that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=2312

Signed-off-by: Bjoern Jacke 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Tue Jun  6 09:33:47 UTC 2023 on atb-devel-224

(cherry picked from commit fcedf5514b121914483bbc0ffe77580929093ac6)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jun 19 08:13:18 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/utils/smbcacls.c   | 5 +
 source3/utils/smbcquotas.c | 5 +
 2 files changed, 10 insertions(+)


Changeset truncated at 500 lines:

diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 71cd93b8bc7..6e6a5d932be 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -1736,6 +1736,11 @@ int main(int argc, char *argv[])
return -1;
}
 
+   if (strncmp(path, "", 2) && strncmp(path, "//", 2)) {
+   printf("Invalid argument: %s\n", path);
+   return -1;
+   }
+
if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
return -1;
diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c
index 748334a04a6..ce8ca2fafd0 100644
--- a/source3/utils/smbcquotas.c
+++ b/source3/utils/smbcquotas.c
@@ -760,6 +760,11 @@ int main(int argc, char *argv[])
exit(EXIT_PARSE_ERROR);
}
 
+   if (strncmp(path, "", 2) && strncmp(path, "//", 2)) {
+   printf("Invalid argument: %s\n", path);
+   return -1;
+   }
+
poptFreeContext(pc);
samba_cmdline_burn(argc, argv);
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  a6edfaa4985 python:safe_tarfile: Improve safe extract()
   via  b7cad429a52 python:safe_tarfile: Implement safer extractall()
   via  eff4e88d2cc python:safe_tarfile: Set extraction_filter for pythons 
providing it
   via  4a79ee44c31 python:tests: Adopt safe_tarfile for extraction_filter 
raises
   via  d2c86925f62 s3/utils: avoid erronous NO MEMORY detection
  from  c7e3c042fbc smbcacls/smbcquotas: check for valid UNC path

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit a6edfaa498552dcef704bda0c6fcb7b14c88bdcc
Author: Andreas Schneider 
Date:   Tue Jun 6 15:38:12 2023 +0200

python:safe_tarfile: Improve safe extract()

This also checks for symlinks and hardlinks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 1f74f9f366d7f107a89220a4a5951bc4daf18025)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jun 19 10:29:13 UTC 2023 on atb-devel-224

commit b7cad429a52857ac8a1d1685c732f4c746e7c339
Author: Andreas Schneider 
Date:   Tue Jun 6 15:30:20 2023 +0200

python:safe_tarfile: Implement safer extractall()

This also checks for symlinks and hardlinks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 431f7698e48387413aac586c7a939a1682464681)

commit eff4e88d2cc01d60a8ad03108f0d5691bde0e976
Author: Andreas Schneider 
Date:   Tue Jun 6 15:29:06 2023 +0200

python:safe_tarfile: Set extraction_filter for pythons providing it

It should be available for Python >= 3.11.4 but also has been
backported.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 8c90c66a9a409d807dad56822540509c9813425b)

commit 4a79ee44c311f1a78de9fc9d2b8bc73fb4987719
Author: Andreas Schneider 
Date:   Tue Jun 6 16:06:57 2023 +0200

python:tests: Adopt safe_tarfile for extraction_filter raises

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Andreas Schneider 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit ebaa00816259cbae5c45ebf0ba5fb260b09e4695)

commit d2c86925f62012f0fe017a16ce4cef5fd47e17c3
Author: Noel Power 
Date:   Fri Jun 2 14:27:55 2023 +0100

s3/utils: avoid erronous NO MEMORY detection

since 5cc3c1b5f6b0289f91c01b20989558badc28fd61 if we don't have
a realm specified either on cmdline or in conf file we try to
copy (talloc_strdup) a NULL variable which triggers a NO_MEMORY
error when we check the result of the copy

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15384

Signed-off-by: Noel Power 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Sun Jun  4 12:42:16 UTC 2023 on atb-devel-224

(cherry picked from commit 22ab42c1007775abca0b578744d4c18a85cda627)

---

Summary of changes:
 python/samba/safe_tarfile.py   | 73 --
 python/samba/tests/safe_tarfile.py | 27 ++
 source3/utils/net_ads.c| 10 +++---
 3 files changed, 89 insertions(+), 21 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/safe_tarfile.py b/python/samba/safe_tarfile.py
index cc19770d73f..7a2b0382a79 100644
--- a/python/samba/safe_tarfile.py
+++ b/python/samba/safe_tarfile.py
@@ -15,6 +15,9 @@
 # along with this program.  If not, see .
 
 
+import os
+import tarfile
+from pathlib import Path
 from tarfile import ExtractError, TarInfo, TarFile as UnsafeTarFile
 
 
@@ -24,20 +27,68 @@ class TarFile(UnsafeTarFile):
 using '../../'.
 """
 
-def extract(self, member, path="", set_attrs=True, *, numeric_owner=False):
-if isinstance(member, TarInfo):
-name = member.name
-else:
-name = member
+try:
+# New in version 3.11.4 (also has been backported)
+# 
https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extraction_filter
+# https://peps.python.org/pep-0706/
+extraction_filter = staticmethod(tarfile.data_filter)
+except AttributeError:
+def extract(self, member, path="", set_attrs=True, *,
+numeric_owner=False):
+self._safetarfile_check()
+super().extract(member, path, set_attrs=set_attrs,
+numeric_owner=numeric_owner)
 
-if '../' in name:
-raise ExtractError(f"'../' is not allowed in path '{name}'")
+def extractall(s

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  fe17ff2cfc4 s3:winbind: Fix talloc parent in find_dc() leading to a 
segfault
  from  a6edfaa4985 python:safe_tarfile: Improve safe extract()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit fe17ff2cfc4b140e26ec25df6ad73e6499a4af7f
Author: Andreas Schneider 
Date:   Tue Jun 20 11:52:12 2023 +0200

s3:winbind: Fix talloc parent in find_dc() leading to a segfault

[2023/06/16 16:30:18.677249,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/cmdline/cmdline.c:56(_samba_cmdline_talloc_log)
  Bad talloc magic value - unknown value
[2023/06/16 16:30:18.677374,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:173(smb_panic_log)
  ===
[2023/06/16 16:30:18.677388,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:177(smb_panic_log)
  INTERNAL ERROR: Bad talloc magic value - unknown value in pid 28112 
(4.18.3)
[2023/06/16 16:30:18.677398,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:182(smb_panic_log)
  If you are running a recent Samba version, and if you think this problem 
is not yet fixed in the latest versions, please consider reporting this bug, 
see https://wiki.samba.org/index.php/Bug_Reporting
[2023/06/16 16:30:18.677408,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:183(smb_panic_log)
  ===
[2023/06/16 16:30:18.677420,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:185(smb_panic_log)
  PANIC (pid 28112): Bad talloc magic value - unknown value in 4.18.3
[2023/06/16 16:30:18.677698,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../lib/util/fault.c:293(log_stack_trace)
  BACKTRACE: 22 stack frames:
   #0 /usr/lib64/samba/libgenrand-samba4.so(log_stack_trace+0x34) 
[0x7fcc04ad35d4]
   #1 /usr/lib64/samba/libgenrand-samba4.so(smb_panic+0xd) [0x7fcc04ad382d]
   #2 /lib64/libtalloc.so.2(+0x3121) [0x7fcc04650121]
   #3 /usr/sbin/winbindd(_wbint_InitConnection+0xe8) [0x55aa1fd79028]
   #4 /usr/sbin/winbindd(+0x59488) [0x55aa1fd7e488]
   #5 /lib64/libdcerpc-server-core.so.0(dcesrv_call_dispatch_local+0x69) 
[0x7fcc05890469]
   #6 /usr/sbin/winbindd(winbindd_dual_ndrcmd+0x3c5) [0x55aa1fd762d5]
   #7 /usr/sbin/winbindd(+0x4d664) [0x55aa1fd72664]
   #8 /lib64/libtevent.so.0(tevent_common_invoke_fd_handler+0x97) 
[0x7fcc03d2e707]
   #9 /lib64/libtevent.so.0(+0xef4f) [0x7fcc03d34f4f]
   #10 /lib64/libtevent.so.0(+0xcf5b) [0x7fcc03d32f5b]
   #11 /lib64/libtevent.so.0(_tevent_loop_once+0x95) [0x7fcc03d2d9b5]
   #12 /usr/sbin/winbindd(+0x4fd14) [0x55aa1fd74d14]
   #13 /usr/sbin/winbindd(+0x505cd) [0x55aa1fd755cd]
   #14 /lib64/libtevent.so.0(tevent_common_invoke_immediate_handler+0x182) 
[0x7fcc03d2ec72]
   #15 /lib64/libtevent.so.0(tevent_common_loop_immediate+0x27) 
[0x7fcc03d2eca7]
   #16 /lib64/libtevent.so.0(+0xed2f) [0x7fcc03d34d2f]
   #17 /lib64/libtevent.so.0(+0xcf5b) [0x7fcc03d32f5b]
   #18 /lib64/libtevent.so.0(_tevent_loop_once+0x95) [0x7fcc03d2d9b5]
   #19 /usr/sbin/winbindd(main+0xd34) [0x55aa1fd402f4]
   #20 /lib64/libc.so.6(__libc_start_main+0xe5) [0x7fcc0339dd85]
   #21 /usr/sbin/winbindd(_start+0x2e) [0x55aa1fd40e8e]
[2023/06/16 16:30:18.677828,  0, pid=28112, effective(0, 0), real(0, 0), 
traceid=35] ../../source3/lib/dumpcore.c:318(dump_core)
  coredump is handled by helper binary specified at 
/proc/sys/kernel/core_pattern

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15398

Signed-off-by: Andreas Schneider 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit d34ff44d91ba4ffad45dfa3e4ee37470498b3f2d)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Jun 23 13:01:17 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/winbindd/winbindd_cm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 264fc1368d6..4aaa67521ee 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1559,7 +1559,7 @@ static bool find_dc(TALLOC_CTX *mem_ctx,
if (*dcnames[fd_index] != '\0' && !is_ipaddress(dcnames[fd_index])) {
/* Ok, we've got a name for the DC */
TALLOC_FREE(domain->dcname);
-   domain->dcname = talloc_strdup(mem_ctx, dcnames[fd_index]);
+   domain->dcname = talloc_strdup(domain, dcnames[fd_index]);
if (domain->dcname == NULL) {
   

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  d35c773e969 pidl: avoid py compile issues with --pidl-developer
   via  29c08b5891d s3:utils: smbget fix a memory leak
   via  694829f1872 smbd: Don't mask open error if fstatat() fails
   via  5d040beed2c tests: Show smbd returns wrong error code when creating 
on r/o fs
   via  14cbe1b8671 error_inject: Enable returning EROFS for O_CREAT
   via  3350e196a7e error_inject: map EROFS
   via  ccb235c2f4e vfs_gpfs: Register smbd process with GPFS
   via  2492a18d762 gpfswrap: Add wrapper for gpfs_register_cifs_export
  from  fe17ff2cfc4 s3:winbind: Fix talloc parent in find_dc() leading to a 
segfault

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit d35c773e969ff56ee527fbecd385a4a56a878cf0
Author: Douglas Bagnall 
Date:   Fri Dec 9 10:36:30 2022 +1300

pidl: avoid py compile issues with --pidl-developer

We get these warnings-as-errors:

librpc/gen_ndr/py_netlogon.c:61903:53: error: stray ‘\’ in program
61903 |PyErr_Format(PyExc_TypeError, "Expected type %s",\  // 
Parse::Pidl::Samba4::Python::ConvertObjectFromPythonData  
lib/Parse/Pidl/Samba4/Python.pm:2005

but the '\' is unnecessary and unconventional anyway, since we're in a
function argument list.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15404

Signed-off-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Fri Feb  3 03:27:54 UTC 2023 on atb-devel-224

(cherry picked from commit e26a01a48c4a6ca6f9424ced72eda68e6eb1e7e3)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jul  3 08:53:24 UTC 2023 on atb-devel-224

commit 29c08b5891d984dad1935dbf1ac72c1bb384ff88
Author: Jones Syue 
Date:   Tue Jun 27 17:19:59 2023 +0800

s3:utils: smbget fix a memory leak

Using smbget to download files recursively (-R).

If smbget found that a file is already existed in the destination,
smbget would said 'File exists', return early, and 'newname' allocated
memory is never freed, this is found by valgrind.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15403

Signed-off-by: Jones Syue 
Reviewed-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Wed Jun 28 07:02:34 UTC 2023 on atb-devel-224

(cherry picked from commit afbed653526b572f7309e67ed742a76ef7b2b8ec)

commit 694829f18723f630a9ca46969c345915c33e9b0a
Author: Volker Lendecke 
Date:   Mon Jun 26 13:17:44 2023 +0200

smbd: Don't mask open error if fstatat() fails

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Jun 26 16:53:21 UTC 2023 on atb-devel-224

(cherry picked from commit de2738fb9a7dad84eb50a0cf007d89b6ef53ec9a)

commit 5d040beed2c6012d8d97b0f9e4117931dea754e3
Author: Volker Lendecke 
Date:   Mon Jun 26 14:54:00 2023 +0200

tests: Show smbd returns wrong error code when creating on r/o fs

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 13d199bea0f39fafd2bf39516d83e20893003aa2)

commit 14cbe1b86716a83a2619671b65c72d522405e38e
Author: Volker Lendecke 
Date:   Mon Jun 26 13:17:19 2023 +0200

error_inject: Enable returning EROFS for O_CREAT

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 37b3667f65d10a39b95dd84c002677d16f8c0776)

commit 3350e196a7e72d5535f88586b95201edb3723739
Author: Volker Lendecke 
Date:   Mon Jun 26 12:47:17 2023 +0200

error_inject: map EROFS

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15402
Signed-off-by: Volker Lendecke 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 840480789fcbb2e4ffe8b08818869f8490dc29d5)

commit ccb235c2f4e0a2e6007af6ca206a01a5a59ac09d
Author: Christof Schmitt 
Date:   Wed May 31 11:13:51 2023 -0700

vfs_gpfs: Register smbd process with GPFS

Issue API call to tell the file system that this is a Samba process.
This fixed the GPFS handling of Samba since the rename of smbd processes
in commit 5955dc1e4fd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15381

Signed-off-by: Christof Schmitt 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 3b72136f6782d9704a197ab7b17201df6ff4d60d)

commit 2492a18d7624054f65624203f69b86e3994c3bae
Author: Christof Schmitt 
Date:   Wed May 24 14:06:36 2023 -0700

gpfswrap: Add wrapper for gpfs_register_cifs_export

BUG: https://bugzilla.samba.org/

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  d4b86186d29 selftest:Samba3: use the correct NSS_WRAPPER_HOSTNAME
  from  d35c773e969 pidl: avoid py compile issues with --pidl-developer

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit d4b86186d293c80682b4e2189b8dbbec4572a9e8
Author: Stefan Metzmacher 
Date:   Wed Apr 12 17:22:02 2023 +0200

selftest:Samba3: use the correct NSS_WRAPPER_HOSTNAME

The value of NSS_WRAPPER_HOSTNAME needs to match value
we put into the NSS_WRAPPER_HOSTS file.

We had a mismatch of
idmapridmember.samba.example.com
vs.
idmapridmember.addom.samba.example.com

This causes getaddrinfo() in nss_wrapper to fallback to
the libc version, which talks to a dns server.
It's not clear if recent glibc code will reach resolve/socket wrapper.
So it's not unlikely that idmapridmember.samba.example.com will
be passed via the internet, which causes delays up to 20 seconds.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15355

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Wed Apr 12 20:29:05 UTC 2023 on atb-devel-224

(cherry picked from commit 53f0a292f8057a63ddee951058e380b43b9d2916)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Jul  5 10:19:29 UTC 2023 on atb-devel-224

---

Summary of changes:
 selftest/target/Samba3.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 0556efd4741..ba3268f147c 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -3678,7 +3678,7 @@ jacknomappergroup:x:$gid_jacknomapper:jacknomapper
$createuser_env{NSS_WRAPPER_PASSWD} = $nss_wrapper_passwd;
$createuser_env{NSS_WRAPPER_GROUP} = $nss_wrapper_group;
$createuser_env{NSS_WRAPPER_HOSTS} = $nss_wrapper_hosts;
-   $createuser_env{NSS_WRAPPER_HOSTNAME} = "${hostname}.samba.example.com";
+   $createuser_env{NSS_WRAPPER_HOSTNAME} = "${hostname}.${dns_domain}";
if ($ENV{SAMBA_DNS_FAKING}) {
$createuser_env{RESOLV_WRAPPER_HOSTS} = $dns_host_file;
} else {
@@ -3732,7 +3732,7 @@ jacknomappergroup:x:$gid_jacknomapper:jacknomapper
$ret{NSS_WRAPPER_PASSWD} = $nss_wrapper_passwd;
$ret{NSS_WRAPPER_GROUP} = $nss_wrapper_group;
$ret{NSS_WRAPPER_HOSTS} = $nss_wrapper_hosts;
-   $ret{NSS_WRAPPER_HOSTNAME} = "${hostname}.samba.example.com";
+   $ret{NSS_WRAPPER_HOSTNAME} = "${hostname}.${dns_domain}";
$ret{NSS_WRAPPER_MODULE_SO_PATH} = 
Samba::nss_wrapper_winbind_so_path($self);
$ret{NSS_WRAPPER_MODULE_FN_PREFIX} = "winbind";
if ($ENV{SAMBA_DNS_FAKING}) {


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  f2c18045a57 VERSION: Bump version up to Samba 4.18.5...
   via  273696dc5d4 VERSION: Disable GIT_SNAPSHOT for the 4.18.4 release.
   via  bcdc186bb67 WHATSNEW: Add release notes for Samba 4.18.4.
  from  d4b86186d29 selftest:Samba3: use the correct NSS_WRAPPER_HOSTNAME

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit f2c18045a57e95597b4841e704e67b5811454979
Author: Jule Anger 
Date:   Wed Jul 5 12:35:59 2023 +0200

VERSION: Bump version up to Samba 4.18.5...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 273696dc5d4c485735cfea0be9e71e28c97ffcf9
Author: Jule Anger 
Date:   Wed Jul 5 12:35:33 2023 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.18.4 release.

Signed-off-by: Jule Anger 

commit bcdc186bb67ac6889e08b6c534f72ce0cc1461d6
Author: Jule Anger 
Date:   Wed Jul 5 12:34:37 2023 +0200

WHATSNEW: Add release notes for Samba 4.18.4.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 73 ++--
 2 files changed, 72 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index b11e1c9469e..80ff8c0c369 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=4
+SAMBA_VERSION_RELEASE=5
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 01c121a8e48..c5dbc985f28 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,73 @@
+   ==
+   Release Notes for Samba 4.18.4
+   July 05, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.3
+
+
+o  Douglas Bagnall 
+   * BUG 15404: Backport --pidl-developer fixes.
+
+o  Samuel Cabrero 
+   * BUG 14030: Named crashes on DLZ zone update.
+
+o  Björn Jacke 
+   * BUG 2312: smbcacls and smbcquotas do not check // before the server.
+
+o  Volker Lendecke 
+   * BUG 15382: cli_list loops 100% CPU against pre-lanman2 servers.
+   * BUG 15391: smbclient leaks fds with showacls.
+   * BUG 15402: smbd returns NOT_FOUND when creating files on a r/o filesystem.
+
+o  Stefan Metzmacher 
+   * BUG 15355: NSS_WRAPPER_HOSTNAME doesn't match NSS_WRAPPER_HOSTS entry and
+ causes test timeouts.
+
+o  Noel Power 
+   * BUG 15384: net ads lookup (with unspecified realm) fails.
+
+o  Christof Schmitt 
+   * BUG 15381: Register Samba processes with GPFS.
+
+o  Andreas Schneider 
+   * BUG 15390: Python tarfile extraction needs change to avoid a warning
+ (CVE-2007-4559 mitigation).
+   * BUG 15398: The winbind child segfaults when listing users with `winbind
+ scan trusted domains = yes`.
+
+o  Jones Syue 
+   * BUG 15383: Remove comments about deprecated 'write cache size'.
+   * BUG 15403: smbget memory leak if failed to download files recursively.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.18.3
 May 31, 2023
@@ -58,8 +128,7 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--
==
Release Notes for Samba 4.18.2
April 19, 2023


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  9b25d901756 s3:winbindd: let winbind_samlogon_retry_loop() fallback 
to NT_STATUS_NO_LOGON_SERVERS
   via  ddd6169918e s3:winbindd: make use of reset_cm_connection_on_error() 
in winbind_samlogon_retry_loop()
   via  12043529bc1 s3:winbindd: let winbind_samlogon_retry_loop() always 
start with authoritative = 1
   via  156bafb22e4 s3:winbindd: make use of reset_cm_connection_on_error() 
for winbindd_lookup_{names,sids}()
   via  3b2f3cf8a26 s3:winbindd: call reset_cm_connection_on_error() in 
wb_cache_query_user_list()
   via  bdaf1b1c5c3 s3:libads: re-initialize num_requests to 0 for 
cldap_ping_list retries
   via  36bb9480604 smbd: call exit_server_cleanly() to avoid panicking
  from  f2c18045a57 VERSION: Bump version up to Samba 4.18.5...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 9b25d90175603414a6c5a335d254d117ec76524f
Author: Stefan Metzmacher 
Date:   Tue Jul 4 14:12:03 2023 +0200

s3:winbindd: let winbind_samlogon_retry_loop() fallback to 
NT_STATUS_NO_LOGON_SERVERS

When we were not able to get a valid response from any DC we should
report NT_STATUS_NO_LOGON_SERVERS with authoritative = 1.

This matches what windows does. In a chain of transitive
trusts the ACCESS_DENIED/authoritative=0 is not propagated,
instead NT_STATUS_NO_LOGON_SERVERS/authoritative=1 is
passed along the chain if there's no other DC is available.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 50e771c12f84f9268c2e9ddeef0965f79f85de3d)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Thu Jul  6 13:01:55 UTC 2023 on atb-devel-224

commit ddd6169918e80a4c7da82e4a64d73396de1e282c
Author: Stefan Metzmacher 
Date:   Tue Jul 4 13:01:24 2023 +0200

s3:winbindd: make use of reset_cm_connection_on_error() in 
winbind_samlogon_retry_loop()

Note this is more than a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true, which is important in order
to recover from NT_STATUS_RPC_SEC_PKG_ERROR errors.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 
(cherry picked from commit b317b10dffd99d1add3ff0b85b958edd9639abc8)

commit 12043529bc1df793cc76823c289e4241821c535a
Author: Stefan Metzmacher 
Date:   Wed Feb 16 14:19:16 2022 +0100

s3:winbindd: let winbind_samlogon_retry_loop() always start with 
authoritative = 1

Otherwise we could treat a local problem as non-authoritative.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 0cb6de4b1d5410f3699172952be81c6eb75c2c86)

commit 156bafb22e4eea0ff5a287d1e75850ad34d2858e
Author: Stefan Metzmacher 
Date:   Tue Jul 4 12:32:34 2023 +0200

s3:winbindd: make use of reset_cm_connection_on_error() for 
winbindd_lookup_{names,sids}()

Note this is more than a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.

This is not strictly needed as the callers call
reset_cm_connection_on_error() via reconnect_need_retry().
But it might avoid one roundtrip.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 4ad5a35a3f67860aa7a1345efcfc92fe40578e31)

commit 3b2f3cf8a26a6b766c01f0bb73d8b71ed9afc1b1
Author: Stefan Metzmacher 
Date:   Tue Jul 4 12:32:34 2023 +0200

s3:winbindd: call reset_cm_connection_on_error() in 
wb_cache_query_user_list()

This is mostly for consistency, every remote call should call
reset_cm_connection_on_error(). Note this is more than
a simple invalidate_cm_connection() as it may set
domain->conn.netlogon_force_reauth = true.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15413

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
Reviewed-by: Volker Lendecke 
(cherry picked from commit cb59fd43bbf758e4bad774cfc19ef87b157052c2)

commit bdaf1b1c5c344cbd1a2c8b1a29667d6ee885651c
Author: Stefan Metzmacher 
Date:   Tue Jul 4 18:07:12 2023 +0200

s3:libads: re-initialize num_requests to 0 for cldap_ping_list retries

Commit 8132edf119757ee91070facffef016c93de9c2a6 introduced a retry loop
arround cldap_multi_netlogon(), but it forgot to reset num_requests to 0
for the retries.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15416

 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  9100d5ac2e2 VERSION: Bump version up to Samba 4.18.6...
   via  108287320f5 Merge tag 'samba-4.18.5' into v4-18-test
   via  50a9b496556 VERSION: Disable GIT_SNAPSHOT for the 4.18.5 release.
   via  bd5d7de1da4 WHATSNEW: Add release notes for Samba 4.18.5.
   via  be141a1c14b s3:rpc_server:netlogon: generate FAULT_INVALID_TAG for 
invalid netr_LogonGetCapabilities levels
   via  7818b00d13d s4:rpc_server:netlogon: generate FAULT_INVALID_TAG for 
invalid netr_LogonGetCapabilities levels
   via  30c3fa71a17 s4:torture/rpc: let rpc.schannel also check 
netr_LogonGetCapabilities with different levels
   via  0d7376cac69 netlogon.idl: add support for netr_LogonGetCapabilities 
response level 2
   via  0815d401937 CVE-2023-3347: smbd: fix "server signing = mandatory"
   via  24157fb3be5 CVE-2023-3347: smbd: remove comment in 
smbd_smb2_request_process_negprot()
   via  6be7bd40f0a CVE-2023-3347: smbd: inline smb2_srv_init_signing() 
code in srv_init_signing()
   via  5f39da85276 CVE-2023-3347: smbd: pass lp_ctx to 
smb[1|2]_srv_init_signing()
   via  69cbb0414a3 CVE-2023-3347: CI: add a test for server-side mandatory 
signing
   via  7a4ed01ea6c CVE-2023-34968: mdssvc: return a fake share path
   via  a84244705de CVE-2023-34968: mdscli: return share relative paths
   via  fdae8c00a6e CVE-2023-34968: mdssvc: introduce an allocating wrapper 
to sl_pack()
   via  beeac1e0925 CVE-2023-34968: mdssvc: switch to doing an early return
   via  e58d0339305 CVE-2023-34968: mdssvc: remove response blob allocation
   via  de611ccaa89 CVE-2023-34968: rpcclient: remove response blob 
allocation
   via  783dbdd2530 CVE-2023-34968: smbtorture: remove response blob 
allocation in mdssvc.c
   via  a6e05b4bccb CVE-2023-34968: mdscli: remove response blob allocation
   via  921a9925909 CVE-2023-34968: mdscli: use correct TALLOC memory 
context when allocating spotlight_blob
   via  a75be03b23c CVE-2023-34968: mdssvc: add missing 
"kMDSStoreMetaScopes" dict key in slrpc_fetch_properties()
   via  3815bb8a70c CVE-2023-34968: mdssvc: cache and reuse stat info in 
struct sl_inode_path_map
   via  f4aa2147125 CVE-2023-34967: mdssvc: add type checking to 
dalloc_value_for_key()
   via  4cb78124227 CVE-2023-34967: CI: add a test for type checking of 
dalloc_value_for_key()
   via  207489b6b92 CVE-2023-34966: mdssvc: harden sl_unpack_loop()
   via  1a208f258aa CVE-2023-34966: CI: test for sl_unpack_loop()
   via  b09567397c2 CVE-2022-2127: ntlm_auth: cap lanman response length 
value
   via  19dcb036cb8 CVE-2022-2127: winbindd: Fix WINBINDD_PAM_AUTH_CRAP 
length checks
  from  9b25d901756 s3:winbindd: let winbind_samlogon_retry_loop() fallback 
to NT_STATUS_NO_LOGON_SERVERS

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 9100d5ac2e2715c9a007bab0b758a344881d4f6c
Author: Jule Anger 
Date:   Wed Jul 19 17:04:23 2023 +0200

VERSION: Bump version up to Samba 4.18.6...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 108287320f50b694fb0f9ecf7f6bf8f13acf422d
Merge: 9b25d901756 50a9b496556
Author: Jule Anger 
Date:   Wed Jul 19 17:01:18 2023 +0200

Merge tag 'samba-4.18.5' into v4-18-test

samba: tag release samba-4.18.5

---

Summary of changes:
 VERSION   |   2 +-
 WHATSNEW.txt  |  77 +++-
 librpc/idl/netlogon.idl   |   1 +
 python/samba/tests/blackbox/mdsearch.py   |   8 +-
 python/samba/tests/dcerpc/mdssvc.py   |  26 +--
 selftest/target/Samba3.pm |   1 +
 source3/rpc_client/cli_mdssvc.c   | 191 
 source3/rpc_client/cli_mdssvc_private.h   |   4 +
 source3/rpc_client/cli_mdssvc_util.c  | 148 ---
 source3/rpc_client/cli_mdssvc_util.h  |   4 +
 source3/rpc_server/mdssvc/dalloc.c|  14 +-
 source3/rpc_server/mdssvc/marshalling.c   |  45 +++--
 source3/rpc_server/mdssvc/marshalling.h   |   9 +-
 source3/rpc_server/mdssvc/mdssvc.c| 142 ++-
 source3/rpc_server/mdssvc/mdssvc.h|   7 +-
 source3/rpc_server/mdssvc/srv_mdssvc_nt.c |  32 ++--
 source3/rpc_server/netlogon/srv_netlog_nt.c   |  29 ++-
 source3/rpcclient/cmd_spotlight.c |  48 +
 source3/selftest/tests.py |   2 +
 source3/smbd/proto.h  |   1 -
 source3/smbd/smb1_signing.c   |  10 +-
 source3/smbd/smb1_signing.h   |   3 +-
 source3/smbd/smb2_negprot.c   |   6 -
 source3/smbd/smb2_signing.c   |  23 +--
 source3/utils/ntlm_auth.c |   8 +-
 s

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  96793d42907 smbd: don't leak the fsp if close_file_smb() fails
   via  5ac859e96e8 s3-net: no secrets access required when processing a 
ODJ provisioning
  from  9100d5ac2e2 VERSION: Bump version up to Samba 4.18.6...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 96793d42907e28446e093285966d4102b37d08dc
Author: Ralph Boehme 
Date:   Mon Jul 10 16:34:23 2023 +0200

smbd: don't leak the fsp if close_file_smb() fails

This can happen if DELETE-ON-CLOSE is set, but the deletion fails for some
reason.

The bug was introduced by 1808e5c133474eabc9d3cf91c2a92ec4d92d9fdd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15417

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Mon Jul 10 21:32:32 UTC 2023 on atb-devel-224

(cherry picked from commit 4da50463e1b75c06d5f8c066e8b4eff48186afb0)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Jul 19 16:23:17 UTC 2023 on atb-devel-224

commit 5ac859e96e83566c7748b6247770fde90fd694a7
Author: Günther Deschner 
Date:   Tue Jun 6 11:14:01 2023 +0200

s3-net: no secrets access required when processing a ODJ provisioning

It should be possible to call "net offlinejoin provision" as non-root,
no access to secrets.tdb required in that case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15414

Guenther

Signed-off-by: Guenther Deschner 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Günther Deschner 
Autobuild-Date(master): Wed Jul  5 09:23:22 UTC 2023 on atb-devel-224

(cherry picked from commit bf7fbf7e2b675145e25ce7bffc29abbf44c35540)

---

Summary of changes:
 source3/libnet/libnet_join.c | 8 
 source3/smbd/smb2_close.c| 2 ++
 2 files changed, 10 insertions(+)


Changeset truncated at 500 lines:

diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 3bff7ec1412..b60eb112d0a 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -2369,6 +2369,14 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX 
*mem_ctx,
r->in.admin_account = admin_account;
}
 
+   if (r->in.provision_computer_account_only) {
+   /*
+* When in the "provision_computer_account_only" path we do not
+* need to have access to secrets.tdb at all - gd
+*/
+   return WERR_OK;
+   }
+
if (!secrets_init()) {
libnet_join_set_error_string(mem_ctx, r,
"Unable to open secrets database");
diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c
index ed2b21dc5bc..7812c32afa4 100644
--- a/source3/smbd/smb2_close.c
+++ b/source3/smbd/smb2_close.c
@@ -225,6 +225,8 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request 
*req,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("smbd_smb2_close: close_file[%s]: %s\n",
 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
+   file_free(smbreq, fsp);
+   *_fsp = fsp = NULL;
return status;
}
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  14ce7756e7a python/samba: Adjust tarfile extraction filter
  from  96793d42907 smbd: don't leak the fsp if close_file_smb() fails

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 14ce7756e7a5403144126f55be1f7022374c64ea
Author: Noel Power 
Date:   Fri Jul 14 14:53:29 2023 +0100

python/samba: Adjust tarfile extraction filter

The 'data_filter' is far too restrictive, this filter doesn't apply any
mode bits to directories which in turn will result in unexpected
directory permissions of the amongst others msg.[ls]ock directories.

With 'data_filter' and a 'patched' python at best we experience
CI failures with samba-ad-back1 & samba-ad-back2 CI jobs due to server
startup failures, at worst user/admins will need to adjust directory
permissions post backup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15390

Signed-off-by: Noel Power 
Reviewed-by: Douglas Bagnall 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit e401ae44b2f952fc2686065fbfb3a563e3d4066a)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jul 24 10:19:13 UTC 2023 on atb-devel-224

---

Summary of changes:
 python/samba/safe_tarfile.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/safe_tarfile.py b/python/samba/safe_tarfile.py
index 7a2b0382a79..21366178475 100644
--- a/python/samba/safe_tarfile.py
+++ b/python/samba/safe_tarfile.py
@@ -31,7 +31,7 @@ class TarFile(UnsafeTarFile):
 # New in version 3.11.4 (also has been backported)
 # 
https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extraction_filter
 # https://peps.python.org/pep-0706/
-extraction_filter = staticmethod(tarfile.data_filter)
+extraction_filter = staticmethod(tarfile.tar_filter)
 except AttributeError:
 def extract(self, member, path="", set_attrs=True, *,
 numeric_owner=False):


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c1c2a0ec80d s3:winbindd: Fix double close(fd)
   via  aa2af3c0c20 s3:rpc_server: Fix double blackslash issue in dfs path
   via  19e110d7ac5 s3:rpc_server: Initialize consumedcnt to 0 in 
_dfs_GetInfo()
   via  c052d8bdea8 s3:tests: Add rpcclient 'dfsgetinfo' test
  from  14ce7756e7a python/samba: Adjust tarfile extraction filter

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c1c2a0ec80d65e663f4cd6ed144f77b75d0edea7
Author: Pavel Filipenský 
Date:   Tue Jul 25 11:16:56 2023 +0200

s3:winbindd: Fix double close(fd)

Reported by Red Hat internal coverity

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15433

Signed-off-by: Pavel Filipenský 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Pavel Filipensky 
Autobuild-Date(master): Tue Jul 25 12:08:49 UTC 2023 on atb-devel-224

(cherry picked from commit dd998cc163358edd6c748e40900247877f91eb1f)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Jul 28 13:37:01 UTC 2023 on atb-devel-224

commit aa2af3c0c20daed2f7e69b70544dd1fef34de474
Author: Pavel Filipenský 
Date:   Tue Jun 20 16:24:55 2023 +0200

s3:rpc_server: Fix double blackslash issue in dfs path

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400

Signed-off-by: Pavel Filipenský 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Wed Jul  5 20:24:35 UTC 2023 on atb-devel-224

(cherry picked from commit 6f073f258f1f4f03a8eb568ea05be78fdbec49eb)

commit 19e110d7ac5c3a3f1f45115de9ddb9c38f896d65
Author: Pavel Filipenský 
Date:   Fri Jun 23 10:08:39 2023 +0200

s3:rpc_server: Initialize consumedcnt to 0 in _dfs_GetInfo()

Signed-off-by: Pavel Filipenský 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 8c10f53928653d02bbb75d6ab05510e87ee97420)

commit c052d8bdea879e20716704234a2049f8c2cfbff2
Author: Pavel Filipenský 
Date:   Fri Jun 23 12:03:30 2023 +0200

s3:tests: Add rpcclient 'dfsgetinfo' test

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15400

Signed-off-by: Pavel Filipenský 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 2af9c65f2a17ace4e1021b5c8fd6df636c904cfe)

---

Summary of changes:
 source3/rpc_server/dfs/srv_dfs_nt.c| 32 ++
 source3/script/tests/test_rpcclient_dfs.sh |  7 +++
 source3/winbindd/winbindd_cm.c | 10 --
 3 files changed, 39 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/dfs/srv_dfs_nt.c 
b/source3/rpc_server/dfs/srv_dfs_nt.c
index 7b5119bbaf7..8eaa59a8b0e 100644
--- a/source3/rpc_server/dfs/srv_dfs_nt.c
+++ b/source3/rpc_server/dfs/srv_dfs_nt.c
@@ -63,6 +63,7 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r)
char *altpath = NULL;
NTSTATUS status;
TALLOC_CTX *ctx = talloc_tos();
+   const char *pathnamep = r->in.path;
 
if (session_info->unix_token->uid != sec_initial_uid()) {
DEBUG(10,("_dfs_add: uid != 0. Access denied.\n"));
@@ -84,10 +85,15 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r)
return WERR_NOT_ENOUGH_MEMORY;
}
 
+   while (IS_DIRECTORY_SEP(pathnamep[0]) &&
+  IS_DIRECTORY_SEP(pathnamep[1])) {
+   pathnamep++;
+   }
+
/* The following call can change the cwd. */
status = get_referred_path(ctx,
   session_info,
-  r->in.path,
+  pathnamep,
   remote_address,
   local_address,
   jn, &consumedcnt, &self_ref);
@@ -141,6 +147,7 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct 
dfs_Remove *r)
TALLOC_CTX *ctx = talloc_tos();
char *altpath = NULL;
NTSTATUS status;
+   const char *pathnamep = r->in.dfs_entry_path;
 
if (session_info->unix_token->uid != sec_initial_uid()) {
DEBUG(10,("_dfs_remove: uid != 0. Access denied.\n"));
@@ -166,9 +173,14 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct 
dfs_Remove *r)
r->in.dfs_entry_path, r->in.servername, 
r->in.sharename));
}
 
+   while (IS_DIRECTORY_SEP(pathnamep[0]) &&
+  IS_DIRECTORY_SEP(pathnamep[1])) {
+   pathnamep++;
+   }
+
status = get_referred_path(ctx,
   session_info,
-  r->in.dfs_entry_path,
+  pathnamep,
   remote_address,

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  35573c04465 mdssvc: fix returning file modification date for older 
Mac releases
   via  f4a3373585f mdssvc: fix date marshalling
   via  aa4db8a3cf8 mdssvc: prepare for returning timestamps with 
sub-seconds granularity
   via  590c91640bf mdssvc: reduce pagesize to 50
   via  3036f3cb96f tests/mdssvc: match hits:total:value to be the actual 
amount of entries in hits
   via  39c2b556456 mdssvc: fix enforcement of "elasticsearch:max results"
   via  60fdb3adbee mdssvc: add and use SL_PAGESIZE
   via  7d5e9f5fc23 mdssvc: fix long running backend queries
   via  160b7dc05dc mdssvc: set query state for continued queries to 
SLQ_STATE_RUNNING
  from  c1c2a0ec80d s3:winbindd: Fix double close(fd)

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 35573c04465820f78642a22231a4040ca855e1e1
Author: Ralph Boehme 
Date:   Thu May 18 18:12:19 2023 +0200

mdssvc: fix returning file modification date for older Mac releases

Mac 10.10 uses kMDItemContentModificationDate instead of
kMDItemFSContentChangeDate.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Wed Jul 26 23:42:44 UTC 2023 on atb-devel-224

(cherry picked from commit c2e83ebe726b7bc42b329198214c784936f19888)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jul 31 09:11:21 UTC 2023 on atb-devel-224

commit f4a3373585f0ba0b87763d35bb90054a983109c6
Author: Ralph Boehme 
Date:   Wed May 17 16:38:39 2023 +0200

mdssvc: fix date marshalling

Did this ever work? Possible just copied over from Netatalk and was always
broken... The Mac client expects the timevalue as seconds relative to
2001-01-01 00:00:00 UTC, packed as IEEE float.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 620ca1e68d02be45a94aa41217a141d211fceb1f)

commit aa4db8a3cf82c278380600fa6ce293ac7a7379c3
Author: Ralph Boehme 
Date:   Wed May 17 16:37:36 2023 +0200

mdssvc: prepare for returning timestamps with sub-seconds granularity

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15427

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 9dc66fecf7c1743d264c5c4f8978b77bab75ed86)

commit 590c91640bfec9909a543eafeef8f52d5a42a89e
Author: Ralph Boehme 
Date:   Thu Apr 20 17:27:20 2023 +0200

mdssvc: reduce pagesize to 50

Lastest macOS queries additional file metadata per search result, which 
causes
the mashalled paged result set including metadata to exceed the 64 KB result
fragment buffer.

Lacking fragementation support in mdssvc (it's supported by the protocol), 
for
now just reduce the maximum number of results per search page.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 724a0518c901589fe1171d94648391832e056f4d)

commit 3036f3cb96f1923949c7c73d2d3e9273539d0978
Author: Ralph Boehme 
Date:   Fri Apr 21 07:07:13 2023 +0200

tests/mdssvc: match hits:total:value to be the actual amount of entries in 
hits

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 7f5e4edf64f7e4175f652bf8762d4edc110ad6b1)

commit 39c2b556456bd0a348148df72cafdecf8e3c4a6f
Author: Ralph Boehme 
Date:   Thu Apr 20 17:58:38 2023 +0200

mdssvc: fix enforcement of "elasticsearch:max results"

This wasn't enforced at all thus a query would return all available matches
without limit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit d8fa5c8e2a1794ea8dc663485315ebd9401b2628)

commit 60fdb3adbee0130ecc993741688979d0a1104ee5
Author: Ralph Boehme 
Date:   Thu Apr 20 17:24:30 2023 +0200

mdssvc: add and use SL_PAGESIZE

SL_PAGESIZE is the number of entries we want to process per paged search 
result
set. This is different from MAX_SL_RESULTS which ought to be a default 
maximum
value for total number of results returned for a search query.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15342

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 086c2602d074d4dc0d44f5534857e5f59a8690b2)

commit 7d5e9f5fc23d5be2a6b38ee04548378ff8a25ea0
Author: Ralph Boehme 
Date:   Thu Mar 23 16:39:11 2023 +0100

mdssvc: fix long running backend queries

If a query is still running in the bac

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  ed62f4fabaf dsdb: Use samdb_system_container_dn() in 
pdb_samba_dsdb_*()
   via  da03582f30a dsdb: Use samdb_system_container_dn() in dsdb_trust_*()
   via  5f908aef367 s4-rpc_server/backupkey: Use 
samdb_system_container_dn() in get_lsa_secret()
   via  ae64a438b70 s4-rpc_server/backupkey: Use 
samdb_system_container_dn() in set_lsa_secret()
   via  c35953103f3 s4-rpc_server/netlogon: Use samdb_system_container_dn() 
in fill_trusted_domains_array()
   via  3270419407d s4-rpc_server/lsa: Use samdb_system_container_dn() in 
dcesrv_lsa_get_policy_state()
   via  8e45b202cae dsdb: Use samdb_get_system_container_dn() to get 
Password Settings Container
   via  820752e3777 dsdb: Use samdb_system_container_dn() in samldb.c
   via  c14fbf24d96 dsdb: Add new function samdb_system_container_dn()
   via  364730e9dc6 Bug #9959: Don't search for CN=System
   via  3b3b92f56bf For Bug #9959: local talloc frame for next commit
  from  35573c04465 mdssvc: fix returning file modification date for older 
Mac releases

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit ed62f4fabafcbe54db7d48e3782a2e952cb13e81
Author: Andrew Bartlett 
Date:   Thu Jul 27 17:18:45 2023 +1200

dsdb: Use samdb_system_container_dn() in pdb_samba_dsdb_*()

This makes more calls to add children, but avoids the cn=system string in 
the
codebase which makes it easier to audit that this is always being built
correctly.

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Mon Jul 31 07:20:21 UTC 2023 on atb-devel-224

(cherry picked from commit 5571ce9619d856d3c9545099366f4e0259aee8ef)

RN: A second container with name CN=System would disable the operation
 of the Samba AD DC.  Samba now finds the CN=System container by exact
 DN and not a search.

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Aug  1 10:57:04 UTC 2023 on atb-devel-224

commit da03582f30a629bf46dcb2fc5a9e7ecccb9e7a1e
Author: Andrew Bartlett 
Date:   Thu Jul 27 17:14:30 2023 +1200

dsdb: Use samdb_system_container_dn() in dsdb_trust_*()

This is now exactly the same actions, but just uses common code to do it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 4250d07e4dcd43bf7450b1ae603ff46fdc892d02)

commit 5f908aef367494fb6b8939f9bd4f7dbc6d3f3690
Author: Andrew Bartlett 
Date:   Thu Jul 27 17:11:39 2023 +1200

s4-rpc_server/backupkey: Use samdb_system_container_dn() in get_lsa_secret()

This is now exactly the same actions, but just uses common code to do it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 9b4f3f3cb4ed17bb233d3b5ccd191be63f01f3f4)

commit ae64a438b708c5b211cf96949b89d91ab2297ed6
Author: Andrew Bartlett 
Date:   Thu Jul 27 17:09:31 2023 +1200

s4-rpc_server/backupkey: Use samdb_system_container_dn() in set_lsa_secret()

This is now exactly the same actions, but just uses common code to do it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 13eed1e0e7d0bdef6b5cdb6b858f124b812adbea)

commit c35953103f31b6b6a9534192cf29fb67fe5fa001
Author: Andrew Bartlett 
Date:   Thu Jul 27 17:00:21 2023 +1200

s4-rpc_server/netlogon: Use samdb_system_container_dn() in 
fill_trusted_domains_array()

This is now exactly the same actions, but just uses common code to do it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit a900f6aa5d909d912ee3ca529baa4047c9c4da87)

commit 3270419407da4253c299f4fb34e1d588b0d8c7c1
Author: Andrew Bartlett 
Date:   Thu Jul 27 16:58:13 2023 +1200

s4-rpc_server/lsa: Use samdb_system_container_dn() in 
dcesrv_lsa_get_policy_state()

This is now exactly the same actions, but just uses common code to do it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=9959

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 4e18066fa243da1c505f782ba87187c3bb1078ee)

commit 8e45b202caed2635a17b79d9df85d8e66169ed09
Author: Andrew Bartlett 
Date:   Thu Jul 27 16:44:10 2023 +1200

dsdb: Use samdb_get_system_container_dn() to get Password Settings Container

By doing this we use the common samdb_get_system_container_dn() routine and 
we
avoid doing a linerize and parse step on the main DN, instead using the

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c40f1619d96 s3/modules: Fix DFS links when widelinks = yes
   via  e949750d4f5 s3/modules: Add flag indicating if connected share is a 
dfs share
   via  5db858c1afd sefltest: Add new regression test dfs with widelinks = 
yes
   via  e50f377b4ab selftest: Add new dfs share (with widelinks enabled)
  from  ed62f4fabaf dsdb: Use samdb_system_container_dn() in 
pdb_samba_dsdb_*()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c40f1619d96c0332d3ad9d9b8e63a4fbc10f332f
Author: Noel Power 
Date:   Thu Jul 27 13:26:21 2023 +0100

s3/modules: Fix DFS links when widelinks = yes

In openat(), even if we fail to open the file,
propagate stat if and only if the object is a link in
a DFS share. This allows calling code to further process
the link.

Also remove knownfail

Pair-Programmed-With: Jeremy Alison 

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435

Signed-off-by: Noel Power 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Sat Jul 29 00:43:52 UTC 2023 on atb-devel-224

(cherry picked from commit 0bf8b25aacdf2f5c746922320b32e3f0886c81f5)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Thu Aug  3 08:44:47 UTC 2023 on atb-devel-224

commit e949750d4f533d0c2a04ada4a02236f1b012107a
Author: Noel Power 
Date:   Thu Jul 27 17:36:29 2023 +0100

s3/modules: Add flag indicating if connected share is a dfs share

Not used yet, will be used in the next commit to avoid testing
if the connected share is a dfs one.

Pair-Programmed-With: Jeremy Alison 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435

Signed-off-by: Noel Power 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 2668dcd0968133cca4f8410bf8c41ed0483f5d87)

commit 5db858c1afde2fd0a20c81360f03f165eee2d53b
Author: Noel Power 
Date:   Fri Jul 28 09:41:59 2023 +0100

sefltest: Add new regression test dfs with widelinks = yes

Adds a new test trying to cd into dfs path on share with
widelinks enabled, should generate an error (see BUG:)

Add a knownfail so CI continues

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435

Signed-off-by: Noel Power 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 3d2e9db8b95f9f45d486f8272e53584975f177fa)

commit e50f377b4ab853b11ea17778a3e5ea712548bc22
Author: Noel Power 
Date:   Fri Jul 28 09:40:57 2023 +0100

selftest: Add new dfs share (with widelinks enabled)

Adds share (to be used in later test) that has dfs node
but additionally has widelinks set to yes

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15435

Signed-off-by: Noel Power 
Reviewed-by: Jeremy Allison 
(cherry picked from commit b57cdfd7efb161cf96b3a39dc7a1652db817e602)

---

Summary of changes:
 selftest/target/Samba3.pm  |  5 
 source3/modules/vfs_widelinks.c| 30 +++---
 source3/script/tests/test_bug15435_widelink_dfs.sh | 28 
 source3/selftest/tests.py  | 10 
 4 files changed, 70 insertions(+), 3 deletions(-)
 create mode 100755 source3/script/tests/test_bug15435_widelink_dfs.sh


Changeset truncated at 500 lines:

diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index d3ee7388026..fb581451801 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -3030,6 +3030,11 @@ sub provision($$)
msdfs root = yes
msdfs shuffle referrals = yes
guest ok = yes
+[msdfs-share-wl]
+   path = $msdfs_shrdir
+   msdfs root = yes
+   wide links = yes
+   guest ok = yes
 [msdfs-share2]
path = $msdfs_shrdir2
msdfs root = yes
diff --git a/source3/modules/vfs_widelinks.c b/source3/modules/vfs_widelinks.c
index 2a35ea5eb68..c68468a950b 100644
--- a/source3/modules/vfs_widelinks.c
+++ b/source3/modules/vfs_widelinks.c
@@ -106,6 +106,7 @@
 
 struct widelinks_config {
bool active;
+   bool is_dfs_share;
char *cwd;
 };
 
@@ -134,7 +135,8 @@ static int widelinks_connect(struct vfs_handle_struct 
*handle,
DBG_ERR("vfs_widelinks module loaded with "
"widelinks = no\n");
}
-
+   config->is_dfs_share =
+   (lp_host_msdfs() && lp_msdfs_root(SNUM(handle->conn)));
 SMB_VFS_HANDLE_SET_DATA(handle,
config,
NULL, /* free_fn */
@@ -346,7 +348,7 @@ static int widelinks_openat(vfs_handle_struct *handle,
 {
struct vfs_open_how how = *_how;
struct widelinks_config *config = NULL;
-
+   int ret;
 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  e911424161d lib/cmdline: Also redact --newpassword in 
samba_cmdline_burn()
   via  c11b6d6b6a4 lib/cmdline: Also burn the --password2 parameter if 
given
   via  e724909ac06 samba-tool: Use samba.glue.get_burnt_cmdline rather 
than regex
   via  8c2c1b5413a python: Add glue.burn_commandline() method
   via  534425ba2f6 python: Remove const from PyList_AsStringList()
   via  2ed39136875 python: Move PyList_AsStringList to common code so we 
can reuse
   via  7f87d028516 lib/cmdline: Return if the commandline was redacted in 
samba_cmdline_burn()
  from  c40f1619d96 s3/modules: Fix DFS links when widelinks = yes

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit e911424161d838ab09cc582ae56843c84ee52bc1
Author: Andrew Bartlett 
Date:   Fri Jul 21 15:39:28 2023 +1200

lib/cmdline: Also redact --newpassword in samba_cmdline_burn()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Fri Jul 21 06:16:30 UTC 2023 on atb-devel-224

(cherry picked from commit 76ad44f446c42832e87b2c60a4731a8de3a0018f)

RN: post-exec password redaction for samba-tool is more reliable for
 fully random passwords as it no longer uses regular expressions
 containing the password value itself.

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Aug  4 08:05:00 UTC 2023 on atb-devel-224

commit c11b6d6b6a43730f49809eb725931900b99b941d
Author: Andrew Bartlett 
Date:   Fri Jul 21 14:35:20 2023 +1200

lib/cmdline: Also burn the --password2 parameter if given

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 414b3803bb6a1b12c44b52ab1ff64a8b7f61fd03)

commit e724909ac0640bb2aa27275e4368b3758de7bde5
Author: Andrew Bartlett 
Date:   Fri Jul 21 13:30:39 2023 +1200

samba-tool: Use samba.glue.get_burnt_cmdline rather than regex

This use avoids having two different methods to match on command-line
passwords.  We already have a dependency on the setproctitle python
module, and this does not change as the (C) libbsd setproctitle()
can't be run from within a python module.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit a53ebc288f47329c997d52325eeeb5e91ce43b75)

commit 8c2c1b5413a9e0d6b82b07e5571c43a6f3c50618
Author: Andrew Bartlett 
Date:   Fri Jul 21 13:29:22 2023 +1200

python: Add glue.burn_commandline() method

This uses samba_cmdline_burn() to as to have common
command line redaction code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 3f9e455898554b726bf1689f743b2d9cb6b59537)

commit 534425ba2f6527666401b9cab6960c977ca22308
Author: Andrew Bartlett 
Date:   Fri Jul 21 14:32:46 2023 +1200

python: Remove const from PyList_AsStringList()

The returned strings are not owned by python, so need not be const.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 5afd206d1d8f0344a2f1fa7a238204d1fb164eda)

commit 2ed3913687513995cd006ca5590eac426ccfbeec
Author: Andrew Bartlett 
Date:   Fri Jul 21 14:31:30 2023 +1200

python: Move PyList_AsStringList to common code so we can reuse

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit fd81759e2ed44cac3bc67243a39256f953969103)

commit 7f87d028516b6f006c944efa44be92f84a8b1c52
Author: Andrew Bartlett 
Date:   Fri Jul 21 15:27:00 2023 +1200

lib/cmdline: Return if the commandline was redacted in samba_cmdline_burn()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15289

Signed-off-by: Andrew Bartlett 
Reviewed-by: Douglas Bagnall 
(cherry picked from commit 848fea1a01a4ddc1598150823d5d0784d3ef0be4)

---

Summary of changes:
 lib/cmdline/cmdline.c  | 17 +--
 lib/cmdline/cmdline.h  |  4 ++-
 python/modules.c   | 35 +
 python/modules.h   |  7 +
 python/pyglue.c| 60 
 python/samba/getopt.py | 69 --
 python/samba/tests/cred_opt.py | 14 ++---
 python/wscript |  1 +
 source4/auth/pyauth.c  | 38 ++

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  1b3197ff477 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL 
and DCERPC_PKT_ORPHANED payload
   via  30f317cfb09 librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() 
handle fragments without any payload
   via  f2604db12b0 s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and 
DCERPC_PKT_ORPHANED
   via  bace04c3c5c vfs_aio_pthread: fix segfault if samba-tool ntacl get
   via  cf7a0c9d754 vfs_aio_pthread: don't crash without a pthreadpool
  from  e911424161d lib/cmdline: Also redact --newpassword in 
samba_cmdline_burn()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 1b3197ff477714239eca42722cc368c366827327
Author: Stefan Metzmacher 
Date:   Fri Aug 4 14:03:43 2023 +0200

dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL and 
DCERPC_PKT_ORPHANED payload

It seems commit 259129e8f4bc8cacd1850eba3f6551134835d079 was partly just
fantasy...

Windows clients just use 16 bytes for DCERPC_PKT_CO_CANCEL and
DCERPC_PKT_ORPHANED pdus.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Tue Aug  8 08:57:46 UTC 2023 on atb-devel-224

(cherry picked from commit 9ec22e680249cfde06fb1a0a34fcc94d1f47002d)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Aug  8 12:56:30 UTC 2023 on atb-devel-224

commit 30f317cfb094db05abd3bd368806304be30f232b
Author: Stefan Metzmacher 
Date:   Mon Aug 7 16:16:27 2023 +0200

librpc/rpc: let dcerpc_read_ncacn_packet_next_vector() handle fragments 
without any payload

DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED don't have any payload by
default. In order to receive them via dcerpc_read_ncacn_packet_send/recv
we need to allow fragments with frag_len == DCERPC_NCACN_PAYLOAD_OFFSET.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 5c724a3e156ae734e4d187bf9639d895bb011834)

commit f2604db12b0a5da6ad3b28d4a0257ec1dd4a37fc
Author: Stefan Metzmacher 
Date:   Fri Aug 4 13:57:12 2023 +0200

s4:torture/ndr: add tests for DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED

The PDUs were generated by Windows clients.

And we fail to parse them currently.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15446

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 
(cherry picked from commit c37adb762640b7df9731d6a60edce808aa8787f8)

commit bace04c3c5c3bd3b345e2e5bf06f522745be2024
Author: Jones Syue 
Date:   Wed Aug 2 09:48:40 2023 +0800

vfs_aio_pthread: fix segfault if samba-tool ntacl get

If configured as AD DC and aio_pthread appended into 'vfs objects'[1],
run these commands would get segfault:
1. sudo samba-tool ntacl get .
2. sudo net vfs getntacl sysvol .
gdb said it goes through aio_pthread_openat_fn() @ vfs_aio_pthread.c[2],
and the fsp->conn->sconn->client is null (0x0).

'sconn->client' memory is allocated when a new connection is accpeted:
smbd_accept_connection > smbd_process > smbXsrv_client_create
While running local commands looks like it would not go through
smbXsrv_client_create so the 'client' is null, segfault might happen.
We should not dereference 'client->server_multi_channel_enabled',
if 'client' is null.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15441

[1] smb.conf example, samba-4.18.5, ubuntu 22.04.2
[global]
dns forwarder = 127.0.0.53
netbios name = U22-JONES-88X1
realm = U22-JONES-88X1.X88X1.JONES
server role = active directory domain controller
workgroup = X88X1
idmap_ldb:use rfc2307 = yes
vfs objects = dfs_samba4 acl_xattr aio_pthread

[sysvol]
path = /var/lib/samba/sysvol
read only = No

[netlogon]
path = /var/lib/samba/sysvol/u22-jones-88x1.x88x1.jones/scripts
read only = No

[2] gdb
(gdb) run /usr/local/samba/bin/samba-tool ntacl get .
Starting program: /usr/local/Python3/bin/python3 
/usr/local/samba/bin/samba-tool ntacl get .
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x7fffd0eb809e in aio_pthread_openat_fn (handle=0x8d5cc0, 
dirfsp=0x8c3070, smb_fname=0x18ab4f0, fsp=0x1af3550, flags=196608, mode=0)
at ../../source3/modules/vfs_aio_pthread.c:467
warning: Source file is more recent than executable.
467 if (fsp->conn->sconn->client->server_multi_channel_enabled) 
{

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  cd866f5c4ce s3:smbd: fix multichannel connection passing race
   via  4dcefc01054 s3:smbd: always clear filter_subreq in 
smb2srv_client_mc_negprot_next()
   via  28e68be9612 s4:torture/smb2: add smb2.multichannel.bugs.bug_15346
   via  76c6234a0c9 s4:torture/smb2: make it possible to pass existing_conn 
to smb2_connect_ext()
   via  208bece139b s4:torture/smb2: let us have a common 
torture_smb2_con_share()
   via  aec49671a31 s4:torture/smb2: let torture_smb2_con_sopt() use 
smb2_connect()
  from  1b3197ff477 dcerpc.idl: fix definitions for DCERPC_PKT_CO_CANCEL 
and DCERPC_PKT_ORPHANED payload

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit cd866f5c4ce5a85ce7076f6beb9b32aacb25fb5a
Author: Stefan Metzmacher 
Date:   Thu Aug 3 15:45:45 2023 +0200

s3:smbd: fix multichannel connection passing race

If a client opens multiple connection with the same
client guid in parallel, our connection passing is likely
to hit a race.

Assume we have 3 processes:

smbdA: This process already handles all connections for
   a given client guid
smbdB: This just received a new connection with an
   SMB2 neprot for the same client guid
smbdC: This also received a new connection with an
   SMB2 neprot for the same client guid

Now both smbdB and smbdC send a MSG_SMBXSRV_CONNECTION_PASS
message to smbdA. These messages contain the socket fd
for each connection.

While waiting for a MSG_SMBXSRV_CONNECTION_PASSED message
from smbdA, both smbdB and smbdC watch the smbXcli_client.tdb
record for changes (that also verifies smbdA stays alive).

Once one of them say smbdB received the MSG_SMBXSRV_CONNECTION_PASSED
message, the dbwrap_watch logic will wakeup smbdC in order to
let it recheck the smbXcli_client.tdb record in order to
handle the case where smbdA died or deleted its record.

Now smbdC rechecks the smbXcli_client.tdb record, but it
was not woken because of a problem with smbdA. It meant
that smbdC sends a MSG_SMBXSRV_CONNECTION_PASS message
including the socket fd again.

As a result smbdA got the socket fd from smbdC twice (or even more),
and creates two (or more) smbXsrv_connection structures for the
same low level tcp connection. And it also sends more than one
SMB2 negprot response. Depending on the tevent logic, it will
use different smbXsrv_connection structures to process incoming
requests. And this will almost immediately result in errors.

The typicall error is:
 smb2_validate_sequence_number: smb2_validate_sequence_number: bad 
message_id 2 (sequence id 2) (granted = 1, low = 1, range = 1)

But other errors would also be possible.

The detail that leads to the long delays on the client side is
that our smbd_server_connection_terminate_ex() code will close
only the fd of a single smbXsrv_connection, but the refcount
on the socket fd in the kernel is still not 0, so the tcp
connection is still alive...

Now we remember the server_id of the process that we send
the MSG_SMBXSRV_CONNECTION_PASS message to. And just keep
watching the smbXcli_client.tdb record if the server_id
don't change. As we just need more patience to wait for
the MSG_SMBXSRV_CONNECTION_PASSED message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 

Autobuild-User(master): Andreas Schneider 
Autobuild-Date(master): Tue Aug  8 13:59:58 UTC 2023 on atb-devel-224

(cherry picked from commit f348b84fbcf203ab1ba92840cf7aecd55dbf9aa0)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Aug 11 09:49:53 UTC 2023 on atb-devel-224

commit 4dcefc01054d046080b85a71b822ab67e60a98b2
Author: Stefan Metzmacher 
Date:   Thu Aug 3 15:34:29 2023 +0200

s3:smbd: always clear filter_subreq in smb2srv_client_mc_negprot_next()

Commit 5d66d5b84f87267243dcd5223210906ce589af91 introduced a
'verify_again:' target, if we ever hit that, we would leak
the existing filter_subreq.

Moving it just above a possible messaging_filtered_read_send()
will allow us to only clear it if we actually create a new
request. That will help us in the next commits.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15346

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andreas Schneider 
(cherry picked from commit 50d61e5300250922bf36bb699306f82dff6a00b9)

commit 28e68be96127f9a0398a24f324d05e0378d442f0
Author: Stefan Metzmacher 
Date:   Fri Aug 4 17:16:14 2023 +0200

s4:torture/smb2: add smb2.multichannel.bugs.bug_15346

This demonstrates the race quite easily against
Samba and wor

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  320d654041d s3: smbd: Add missing 'return;'s in exit paths in 
reply_exit_done().
   via  122afc37724 s3: torture: Add a test doing an SMB1 negotiate+exit.
   via  e6c0d4f122d s3: smbd: Ensure all callers to 
srvstr_pull_req_talloc() pass a zeroed-out dest pointer.
   via  f025f51ac5c s3: smbd: Uncorrupt the pointer we were using to prove 
a crash.
   via  4c27dfe322c s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs 
out *dest.
   via  6fef976770c s3: torture: Add SMB1-TRUNCATED-SESSSETUP test.
   via  8e31fd2d599 s3: smbd: Deliberately currupt an uninitialized pointer.
   via  9e5f1a30a49 mdssvc: Do an early talloc_free() in _mdssvc_open()
  from  cd866f5c4ce s3:smbd: fix multichannel connection passing race

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 320d654041d8f867f7bf3767486a028948136aa8
Author: Jeremy Allison 
Date:   Fri Aug 11 15:19:01 2023 -0700

s3: smbd: Add missing 'return;'s in exit paths in reply_exit_done().

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15430

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 

Autobuild-User(master): Noel Power 
Autobuild-Date(master): Mon Aug 14 19:52:49 UTC 2023 on atb-devel-224

(cherry picked from commit d79d0508a4b8bdc4582a350d109181ecae0bf1e2)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Aug 16 11:49:39 UTC 2023 on atb-devel-224

commit 122afc377246f722306df2d8c1b4ca5eb0aa7bb0
Author: Jeremy Allison 
Date:   Fri Aug 11 15:12:05 2023 -0700

s3: torture: Add a test doing an SMB1 negotiate+exit.

Robert Morris  noticed a missing
return in reply_exit_done().

Adds knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15430

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 
(cherry picked from commit 63895e03c4e8ed79a3b2cda928f58ec278cd6608)

commit e6c0d4f122d8083273009d0f61e099bb34fbcf51
Author: Jeremy Allison 
Date:   Fri Aug 11 10:52:31 2023 -0700

s3: smbd: Ensure all callers to srvstr_pull_req_talloc() pass a zeroed-out 
dest pointer.

Now we've fixed srvstr_pull_req_talloc() this isn't
strictly needed, but ensuring pointers are initialized
is best practice to avoid future bugs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420

Signed-off-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Aug 14 15:55:43 UTC 2023 on atb-devel-224

(cherry picked from commit 5379b8d557a9a16b81eafb87b60b81debc4bfccb)

commit f025f51ac5c363c37f4a80baa06c40106ae2bdae
Author: Jeremy Allison 
Date:   Fri Aug 11 10:47:28 2023 -0700

s3: smbd: Uncorrupt the pointer we were using to prove a crash.

Rather than restore to uninitialized, set to NULL as per
modern coding practices.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420
Reviewed-by: Volker Lendecke 

Signed-off-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 5bc50d2ea244721e72b4264311c7005d2f3c)

commit 4c27dfe322c28e01a5657e1e707000474d2343f9
Author: Jeremy Allison 
Date:   Fri Aug 11 10:42:41 2023 -0700

s3: smbd: Ensure srvstr_pull_req_talloc() always NULLs out *dest.

Robert Morris  noticed that in the case
where srvstr_pull_req_talloc() is being called with
buffer remaining == 0, we don't NULL out the destination
pointed which is *always* done in the codepaths inside
pull_string_talloc(). This prevents a crash in the caller.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420

Signed-off-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 9220c45cc191b34e293190f6a923ba463edd5db9)

commit 6fef976770c596e5663f49a3cf194b0e6cdf83e6
Author: Jeremy Allison 
Date:   Fri Aug 11 10:39:36 2023 -0700

s3: torture: Add SMB1-TRUNCATED-SESSSETUP test.

Shows that we indirect through an uninitialized pointer and the client 
crashes
it's own smbd.

Add knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420

Signed-off-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 963fd8aa9b76361ab9aeb63307773f2498b17879)

commit 8e31fd2d5998d08f66bad617aecbc6dc4a9490cf
Author: Jeremy Allison 
Date:   Fri Aug 11 10:38:23 2023 -0700

s3: smbd: Deliberately currupt an uninitialized pointer.

We will need this to show smbd crashing in the test code.
This will be removed once we're passing the test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15420

Signed-off-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 
(cherry picked from commit e7bf9

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  fec8cda70bc VERSION: Bump version up to Samba 4.18.7...
   via  2613f2b288c VERSION: Disable GIT_SNAPSHOT for the 4.18.6 release.
   via  87e193d9b7e WHATSNEW: Add release notes for Samba 4.18.6.
  from  320d654041d s3: smbd: Add missing 'return;'s in exit paths in 
reply_exit_done().

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit fec8cda70bcf05df5fabe2f6c1717b0640d4be42
Author: Jule Anger 
Date:   Wed Aug 16 18:37:25 2023 +0200

VERSION: Bump version up to Samba 4.18.7...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 2613f2b288cde2c4b48cda457c992a7efddab9ce
Author: Jule Anger 
Date:   Wed Aug 16 18:36:46 2023 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.18.6 release.

Signed-off-by: Jule Anger 

commit 87e193d9b7e82c73f2961be1c0c8691f4cdfb1ba
Author: Jule Anger 
Date:   Wed Aug 16 18:36:14 2023 +0200

WHATSNEW: Add release notes for Samba 4.18.6.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 83 ++--
 2 files changed, 82 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 8ff609656d2..2245ca751a6 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 2ad4ab1a0ee..1bb83f6ba4c 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,83 @@
+   ==
+   Release Notes for Samba 4.18.6
+  August 16, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.5
+
+
+o  Jeremy Allison 
+   * BUG 15420: reply_sesssetup_and_X() can dereference uninitialized tmp
+ pointer.
+   * BUG 15430: Missing return in reply_exit_done().
+
+o  Andrew Bartlett 
+   * BUG 15289: post-exec password redaction for samba-tool is more reliable 
for
+ fully random passwords as it no longer uses regular expressions
+ containing the password value itself.
+   * BUG 9959: Windows client join fails if a second container CN=System exists
+ somewhere.
+
+o  Ralph Boehme 
+   * BUG 15342: Spotlight sometimes returns no results on latest macOS.
+   * BUG 15417: Renaming results in NT_STATUS_SHARING_VIOLATION if previously
+ attempted to remove the destination.
+   * BUG 15427: Spotlight results return wrong date in result list.
+
+o  Günther Deschner 
+   * BUG 15414: "net offlinejoin provision" does not work as non-root user.
+
+o  Pavel Filipenský 
+   * BUG 15400: rpcserver no longer accepts double backslash in dfs pathname.
+   * BUG 15433: cm_prepare_connection() calls close(fd) for the second time.
+
+o  Stefan Metzmacher 
+   * BUG 15346: 2-3min delays at reconnect with smb2_validate_sequence_number:
+ bad message_id 2.
+   * BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
+   * BUG 15446: DCERPC_PKT_CO_CANCEL and DCERPC_PKT_ORPHANED can't be parsed.
+
+o  Noel Power 
+   * BUG 15390: Python tarfile extraction needs change to avoid a warning
+ (CVE-2007-4559 mitigation).
+   * BUG 15435: Regression DFS not working with widelinks = true.
+
+o  Arvid Requate 
+   * BUG 9959: Windows client join fails if a second container CN=System exists
+somewhere.
+
+o  Jones Syue 
+   * BUG 15441: samba-tool ntacl get segfault if aio_pthread appended.
+   * BUG 15449: mdssvc: Do an early talloc_free() in _mdssvc_open().
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  0a044e409de s3: smbd: Ensure init_smb1_request() zeros out what the 
incoming pointer points to.
   via  0605946d20f s3: torture: Add SMB1-NEGOTIATE-TCON that shows the 
SMB1 server crashes on the uninitialized req->session.
   via  d2c16aada79 s3: smbd: init_smb1_request() isn't being passed 
zero'ed memory from any codepath.
  from  fec8cda70bc VERSION: Bump version up to Samba 4.18.7...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 0a044e409dede6a51c32d269e82c17f6b8f5abf0
Author: Jeremy Allison 
Date:   Fri Aug 11 17:28:53 2023 -0700

s3: smbd: Ensure init_smb1_request() zeros out what the incoming pointer 
points to.

Remove the now unneeded req->xxx = NULL assignments (and the
deliberately bogus req->session = (void *)0xDEADBEEF one
used to demonstrate the bug).

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15432

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 

Autobuild-User(master): Noel Power 
Autobuild-Date(master): Tue Aug 15 12:06:36 UTC 2023 on atb-devel-224

(Back-ported from commit 4145bfb1b5a3639caf26a310d612aec29fc00117)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Aug 18 14:07:39 UTC 2023 on atb-devel-224

commit 0605946d20f582cb66a807baf3defa41b97f4857
Author: Jeremy Allison 
Date:   Fri Aug 11 17:18:26 2023 -0700

s3: torture: Add SMB1-NEGOTIATE-TCON that shows the SMB1 server crashes on 
the uninitialized req->session.

Found by Robert Morris .

Adds knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15432

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 
(Back-ported from commit c32df3bb31ce6275cfb91107e34e2d6b3c2fba1b)

commit d2c16aada79fa13dcc2e60b05586388f819d93d6
Author: Jeremy Allison 
Date:   Fri Aug 11 17:14:38 2023 -0700

s3: smbd: init_smb1_request() isn't being passed zero'ed memory from any 
codepath.

If a client does a SMB1 NEGPROT followed by SMB1 TCON
then req->session is left uninitialized.

Show this causes a crash by deliberately initializing
req->session to an invalid pointer. This will be removed
once the test shows the crash, and the fix is added to
cause init_smb1_request() to zero the memory passed in.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15432

Signed-off-by: Jeremy Allison 
Reviewed-by: Noel Power 
(Back-ported from commit f02f74e931f5821c7b7c1be2b8f0fb60c9a69b19)

---

Summary of changes:
 source3/selftest/tests.py   | 11 +++
 source3/smbd/smb2_process.c |  7 ++-
 source3/torture/torture.c   | 40 
 3 files changed, 53 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 178f550b5b7..809a2be631b 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -239,6 +239,17 @@ 
plantestsuite("samba3.smbtorture_s3.smb1.SMB1-NEGOTIATE-EXIT",
 smbtorture3,
 "-mNT1"])
 
+plantestsuite("samba3.smbtorture_s3.smb1.SMB1-NEGOTIATE-TCON",
+"fileserver_smb1",
+[os.path.join(samba3srcdir,
+  "script/tests/test_smbtorture_s3.sh"),
+'SMB1-NEGOTIATE-TCON',
+'//$SERVER_IP/tmp',
+'$USERNAME',
+'$PASSWORD',
+smbtorture3,
+"-mNT1"])
+
 #
 # MSDFS attribute tests.
 #
diff --git a/source3/smbd/smb2_process.c b/source3/smbd/smb2_process.c
index ad4386e08a4..11f556c88ac 100644
--- a/source3/smbd/smb2_process.c
+++ b/source3/smbd/smb2_process.c
@@ -764,6 +764,8 @@ bool init_smb1_request(struct smb_request *req,
return false;
}
 
+   *req = (struct smb_request) { .cmd = 0};
+
req->request_time = timeval_current();
now = timeval_to_nttime(&req->request_time);
 
@@ -782,16 +784,12 @@ bool init_smb1_request(struct smb_request *req,
req->encrypted = encrypted;
req->sconn = sconn;
req->xconn = xconn;
-   req->conn = NULL;
if (xconn != NULL) {
status = smb1srv_tcon_lookup(xconn, req->tid, now, &tcon);
if (NT_STATUS_IS_OK(status)) {
req->conn = tcon->compat;
}
}
-   req->chain_fsp = NULL;
-   req->smb2req = NULL;
-   req->chain = NULL;
req->posix_pathnames = lp_posix_pathnames();
smb_init_perfcount_data(&req->pcd);
 
@@ -812,7 +810,6 @@ bool init_smb1_request(struct smb_request *req,
return false;
}
 
-   req->outbuf = NULL;
return true;
 }
 
diff --git 

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  794ce23b350 s4-rpc_server/drsupai: Avoid looping with Azure AD 
Connect by not incrementing temp_highest_usn for the NC root
   via  50bba4925e0 s4-rpc_server/drsuapi: Ensure logs show DN for 
replicated objects, not (null)
   via  9d3b0af9db7 s4-rpc_server/drsuapi: Update getnc_state to be != NULL
   via  cb83e9dbad8 s4-rpc_server/drsuapi: Rename ncRoot -> 
untrusted_ncRoot to avoid misuse
   via  21628e1f536 s4-rpc_server/drsuapi: Avoid modification to ncRoot 
input variable in GetNCChanges
   via  7da93e9a92f s4-rpc_server/drsuapi: Fix indentation in GetNCChanges()
   via  e43ea61cdd2 s4-rpc_server/drsuapi: Only keep and invalidate 
replication cycle state for normal replication
   via  dba337929d6 s4-torture/drs: Add test showing that if present in the 
set the NC root leads and tmp_highest_usn moves
   via  1fa63e6de9d s4-torture/drs: Add test demonstrating that a 
GetNCChanges REPL_OBJ will not reset the replication cookie
   via  69eac697606 s4-torture/drs: Add a test matching Azure AD Connect 
REPL_OBJ behaviour
   via  473cb476cdf s4-torture/drs: Use addCleanup() in getchanges.py for 
OU handling
   via  c6801832cb3 s4-torture/drs: Create temp OU with a unique name per 
test
   via  4b30611733e s4-torture/drs: Save the server dnsname on the 
DcConnection object
   via  958ae0038d6 s4-rpc_server/drsuapi: Remove rudundant check for valid 
and non-NULL ncRoot_dn
   via  2eae9fa2183 s4-dsdb: Improve logging for 
drs_ObjectIdentifier_to_dn_and_nc_root()
   via  e8fdc72b22e s4-rpc_server/drsuapi: Improve debug message for 
drs_ObjectIdentifier_to_dn_and_nc_root() failure
   via  251e3cd8c8d s4-rpc_server/drsuapi: Improve debugging of invalid DNs
   via  2fe39b167ac s4-rpc_server/drsuapi: Add tmp_highest_usn tracking to 
replication log
  from  0a044e409de s3: smbd: Ensure init_smb1_request() zeros out what the 
incoming pointer points to.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 794ce23b3503fa6c1b892854f86c4de9de42c31d
Author: Andrew Bartlett 
Date:   Wed Jul 26 14:27:16 2023 +1200

s4-rpc_server/drsupai: Avoid looping with Azure AD Connect by not 
incrementing temp_highest_usn for the NC root

We send the NC root first, as a special case for every chunk
that we send until the natural point where it belongs.

We do not bump the tmp_highest_usn in the highwatermark that
the client and server use (it is meant to be an opauqe cookie)
until the 'natural' point where the object appears, similar
to the cache for GET_ANC.

The issue is that without this, because the NC root was sorted
first in whatever chunk it appeared in but could have a 'high'
highwatermark, Azure AD Connect will send back the same
new_highwatermark->tmp_highest_usn, and due to a bug,
a zero reserved_usn, which makes Samba discard it.

The reserved_usn is now much less likely to ever be set because
the tmp_higest_usn is now always advancing.

RN: Avoid infinite loop in initial user sync with Azure AD Connect
 when synchronising a large Samba AD domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 79ca6ef28a6f94965cb030c4a7da8c1b9db7150b)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Aug 21 09:12:14 UTC 2023 on atb-devel-224

commit 50bba4925e0cd47fd0419c242e66ff9220d1ae7a
Author: Andrew Bartlett 
Date:   Wed Jun 28 15:57:47 2023 +1200

s4-rpc_server/drsuapi: Ensure logs show DN for replicated objects, not 
(null)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15407
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 17359afa627a3086ec8d6862f007a3479574a8b4)

commit 9d3b0af9db7ddf567d6fa420a0e58ae2fa932200
Author: Andrew Bartlett 
Date:   Tue Jun 27 17:01:28 2023 +1200

s4-rpc_server/drsuapi: Update getnc_state to be != NULL

This is closer to our READDME.Coding style

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 2aba9e230ea62efcbd829f6f073894dfa3180c91)

commit cb83e9dbad896961e9711d86916ca5247904dddc
Author: Andrew Bartlett 
Date:   Tue Jun 27 14:43:39 2023 +1200

s4-rpc_server/drsuapi: Rename ncRoot -> untrusted_ncRoot to avoid misuse

Because of the requirement to echo back the original string, we can
not force this to be a trustworthy value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15401

Signed-off-by: Andrew Bartlett 
Reviewed-by: Stefan Metzmacher 
(cherry picked

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  5fac5b7b2fd ctdb-common: Set immediate mode for pcap capture
   via  2b5512712e5 ctdb-common: Replace pcap_open_live() by lower level 
calls
   via  550972627b7 ctdb-common: Improve error handling
  from  794ce23b350 s4-rpc_server/drsupai: Avoid looping with Azure AD 
Connect by not incrementing temp_highest_usn for the NC root

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 5fac5b7b2fd3a61401b46f8dfd9ba38aeb4a5091
Author: Martin Schwenke 
Date:   Tue Aug 15 12:34:20 2023 +1000

ctdb-common: Set immediate mode for pcap capture

Fix a problem where ctdb_killtcp (almost always) fails to capture
packets with --enable-pcap and libpcap ≥ 1.9.1.  The problem is due to
a gradual change in libpcap semantics when using
pcap_get_selectable_fd(3PCAP) to get a file descriptor and then using
that file descriptor in non-blocking mode.

pcap_set_immediate_mode(3PCAP) says:

  pcap_set_immediate_mode() sets whether immediate mode should be set
  on a capture handle when the handle is activated.  In immediate
  mode, packets are always delivered as soon as they arrive, with no
  buffering.

and

  On Linux, with previous releases of libpcap, capture devices are
  always in immediate mode; however, in 1.5.0 and later, they are, by
  default, not in immediate mode, so if pcap_set_immediate_mode() is
  available, it should be used.

However, it wasn't until libpcap commit
2ade7676101366983bd4f86bc039ffd25da8c126 (before libpcap 1.9.1) that
it became a requirement to use pcap_set_immediate_mode(), even with a
timeout of 0.

More explanation in this libpcap issue comment:

  
https://github.com/the-tcpdump-group/libpcap/issues/860#issuecomment-541204548

Do a configure check for pcap_set_immediate_mode() even though it has
existed for 10 years.  It is easy enough.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15451

Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 

Autobuild-User(master): Amitay Isaacs 
Autobuild-Date(master): Tue Aug 15 10:53:52 UTC 2023 on atb-devel-224

(cherry picked from commit dc7b48c404337891b5105df4d6751cf549a533eb)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Aug 29 12:27:35 UTC 2023 on atb-devel-224

commit 2b5512712e50761117bacd8c78fc3c45e846ee90
Author: Martin Schwenke 
Date:   Tue Aug 15 10:57:59 2023 +1000

ctdb-common: Replace pcap_open_live() by lower level calls

A subsequent commit will insert an additional call before
pcap_activate().

This sequence of calls is taken from the source for pcap_open_live(),
so there should be no change in behaviour.

Given the defaults set by pcap_create_common(), it would be possible
to omit the calls to pcap_set_promisc() and pcap_set_timeout().
However, those defaults don't seem to be well documented, so continue
to explicitly set everything that was set before.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15451

Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit ffc2ae616d8fab7528fbdfd8c6b94c5b9a0e3a7c)

commit 550972627b745fe01600fb5bd705472554372f9b
Author: Martin Schwenke 
Date:   Tue Aug 15 10:43:57 2023 +1000

ctdb-common: Improve error handling

Factor out a failure label, which will get more use in subsequent
commits, and only set private_data when success is certain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15451

Signed-off-by: Martin Schwenke 
Reviewed-by: Amitay Isaacs 
(cherry picked from commit d87041d8968e91db9d257445321b85693303f95e)

---

Summary of changes:
 ctdb/common/system_socket.c | 42 ++
 ctdb/wscript|  1 +
 2 files changed, 39 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/ctdb/common/system_socket.c b/ctdb/common/system_socket.c
index 06dc558eb22..273b9c3400e 100644
--- a/ctdb/common/system_socket.c
+++ b/ctdb/common/system_socket.c
@@ -980,15 +980,45 @@ int ctdb_sys_open_capture_socket(const char *iface, void 
**private_data)
int pcap_packet_type;
const char *t = NULL;
int fd;
+   int ret;
 
-   pt = pcap_open_live(iface, 100, 0, 0, errbuf);
+   pt = pcap_create(iface, errbuf);
if (pt == NULL) {
DBG_ERR("Failed to open pcap capture device %s (%s)\n",
iface,
errbuf);
return -1;
}
-   *((pcap_t **)private_data) = pt;
+   /*
+* pcap isn't very clear about defaults...
+*/
+   ret = pcap_set_sn

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  fdc2f48 s3: smbd: Sanitize any "server" and "share" components 
of SMB1 DFS paths to remove UNIX separators.
   via  b80fdc0b0b3 s3: torture: Add test to show an SMB1 DFS path of 
"\x//\/" crashes smbd.
  from  5fac5b7b2fd ctdb-common: Set immediate mode for pcap capture

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit fdc2f48db0c90f430c4a3d1636d7973494d3
Author: Jeremy Allison 
Date:   Wed Jul 26 16:39:51 2023 -0700

s3: smbd: Sanitize any "server" and "share" components of SMB1 DFS paths to 
remove UNIX separators.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15419

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Thu Jul 27 10:52:50 UTC 2023 on atb-devel-224

(cherry picked from commit 20df26b908182f0455f301a51aeb54b6044af580)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Thu Aug 31 09:38:21 UTC 2023 on atb-devel-224

commit b80fdc0b0b3d637afd9871493c5813916cef2f40
Author: Jeremy Allison 
Date:   Wed Jul 26 16:37:11 2023 -0700

s3: torture: Add test to show an SMB1 DFS path of "\\x//\\/" crashes smbd.

Adds knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15419

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 2aa9ffa2f0fc79599efbfe0c37aac4ef5160f712)

---

Summary of changes:
 source3/selftest/tests.py   | 14 +++
 source3/smbd/smb2_reply.c   | 31 +++
 source3/torture/proto.h |  1 +
 source3/torture/test_smb1_dfs.c | 56 +
 source3/torture/torture.c   |  4 +++
 5 files changed, 106 insertions(+)


Changeset truncated at 500 lines:

diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 809a2be631b..0c834ed48b5 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -388,6 +388,20 @@ 
plantestsuite("samba3.smbtorture_s3.smb1.SMB1-DFS-OPERATIONS",
 '$PASSWORD',
 smbtorture3,
 "-mNT1"])
+#
+# SMB1-DFS-BADPATH needs to run against a special share msdfs-pathname-share
+# BUG: https://bugzilla.samba.org/show_bug.cgi?id=15419
+#
+plantestsuite("samba3.smbtorture_s3.smb1.SMB1-DFS-BADPATH",
+"fileserver_smb1",
+[os.path.join(samba3srcdir,
+  "script/tests/test_smbtorture_s3.sh"),
+'SMB1-DFS-BADPATH',
+'//$SERVER_IP/msdfs-pathname-share',
+'$USERNAME',
+'$PASSWORD',
+smbtorture3,
+"-mNT1"])
 
 #
 # SMB2-STREAM-ACL needs to run against a special share - vfs_wo_fruit
diff --git a/source3/smbd/smb2_reply.c b/source3/smbd/smb2_reply.c
index 5ff6f4db8c9..9476c69b73c 100644
--- a/source3/smbd/smb2_reply.c
+++ b/source3/smbd/smb2_reply.c
@@ -335,6 +335,7 @@ static size_t srvstr_get_path_internal(TALLOC_CTX *ctx,
char *share = NULL;
char *remaining_path = NULL;
char path_sep = 0;
+   char *p = NULL;
 
if (posix_pathnames && (dst[0] == '/')) {
path_sep = dst[0];
@@ -385,6 +386,16 @@ static size_t srvstr_get_path_internal(TALLOC_CTX *ctx,
if (share == NULL) {
goto local_path;
}
+   /*
+* Ensure the server name does not contain
+* any possible path components by converting
+* them to _'s.
+*/
+   for (p = server + 1; p < share; p++) {
+   if (*p == '/' || *p == '\\') {
+   *p = '_';
+   }
+   }
/*
 * It's a well formed DFS path with
 * at least server and share components.
@@ -399,6 +410,16 @@ static size_t srvstr_get_path_internal(TALLOC_CTX *ctx,
 */
remaining_path = strchr(share+1, path_sep);
if (remaining_path == NULL) {
+   /*
+* Ensure the share name does not contain
+* any possible path components by converting
+* them to _'s.
+*/
+   for (p = share + 1; *p; p++) {
+   if (*p == '/' || *p == '\\') {
+   *p = '_';
+   }
+   }
/*
 * If no remaining path this was
 * a bare /server/share path

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  14380eb832d vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in 
aio_pthread_openat_fn()
  from  fdc2f48 s3: smbd: Sanitize any "server" and "share" components 
of SMB1 DFS paths to remove UNIX separators.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 14380eb832dff7f6c9e80206f2035bfb4a8e1a6b
Author: MikeLiu 
Date:   Tue Aug 22 10:01:14 2023 +0800

vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in aio_pthread_openat_fn()

1. Set 'aio_allow_open' to false if fsp->fsp_flags.is_pathref
2. Move !(how->flags & O_CREAT) and !(how->flags & O_EXCL) up and set 
'aio_allow_open' to false
3. Use SMB_VFS_NEXT_OPENAT() instead of openat() for disable async opens 
case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15453

Signed-off-by: MikeLiu 
Reviewed-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Tue Aug 22 17:44:00 UTC 2023 on atb-devel-224

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Sep  4 09:49:30 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/modules/vfs_aio_pthread.c | 28 ++--
 1 file changed, 14 insertions(+), 14 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_aio_pthread.c 
b/source3/modules/vfs_aio_pthread.c
index 0303ff04bc9..b099a6b5b52 100644
--- a/source3/modules/vfs_aio_pthread.c
+++ b/source3/modules/vfs_aio_pthread.c
@@ -483,28 +483,28 @@ static int aio_pthread_openat_fn(vfs_handle_struct 
*handle,
aio_allow_open = false;
}
 
-   if (!aio_allow_open) {
-   /* aio opens turned off. */
-   return openat(fsp_get_pathref_fd(dirfsp),
- smb_fname->base_name,
- how->flags,
- how->mode);
+   if (fsp->fsp_flags.is_pathref) {
+   /* Use SMB_VFS_NEXT_OPENAT() to call openat() with O_PATH. */
+   aio_allow_open = false;
}
 
if (!(how->flags & O_CREAT)) {
/* Only creates matter. */
-   return openat(fsp_get_pathref_fd(dirfsp),
- smb_fname->base_name,
- how->flags,
- how->mode);
+   aio_allow_open = false;
}
 
if (!(how->flags & O_EXCL)) {
/* Only creates with O_EXCL matter. */
-   return openat(fsp_get_pathref_fd(dirfsp),
- smb_fname->base_name,
- how->flags,
- how->mode);
+   aio_allow_open = false;
+   }
+
+   if (!aio_allow_open) {
+   /* aio opens turned off. */
+   return SMB_VFS_NEXT_OPENAT(handle,
+ dirfsp,
+ smb_fname,
+ fsp,
+ how);
}
 
/*


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  69fd70b83df mdssvc: better support for search with mdfind from Macs
  from  14380eb832d vfs_aio_pthread: use SMB_VFS_NEXT_OPENAT() in 
aio_pthread_openat_fn()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 69fd70b83df5f6a77192f6eeb3f333fb2a26643a
Author: Ralph Boehme 
Date:   Tue Aug 29 16:14:38 2023 +0200

mdssvc: better support for search with mdfind from Macs

When searching Samba via Spotlight from a Mac with mdfind, only 50 results 
are
returned.

It seems the changes for bug #15342 where one step in the right
direction. There, a status indicator meaning "search is still being 
processed"
was implemented, returning a special status indicator (0x23) in a response, 
when
the query was still running in the backend, eg Elasticsearch, and we 
haven't got
any result when when the Mac already comes along asking for results of a 
query.

Turns out, we should also return 0x23, ie "search is still being processed" 
when
we have some initial search results from the backend. Otherwise mdfind will 
stop
querying for more results. It works in Finder, as the Finder by default 
employs
a "live" search where it just keeps polling for more results even after the
server returned an empty result set. The Finder just keeps on querying in 
some
interval, typically 4 seconds, and a Mac server Spotlight server might 
return
new results if new files where created that match the query, hence "live"
search.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15463

Signed-off-by: Ralph Boehme 
Reviewed-by: Noel Power 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Wed Aug 30 10:51:40 UTC 2023 on atb-devel-224

(cherry picked from commit 3afa27a01ca0b81b0044d5d543a36582e67a)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Sep  5 09:28:33 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/rpc_server/mdssvc/mdssvc.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/mdssvc/mdssvc.c 
b/source3/rpc_server/mdssvc/mdssvc.c
index a7d5d7afc02..5f0ec0289f2 100644
--- a/source3/rpc_server/mdssvc/mdssvc.c
+++ b/source3/rpc_server/mdssvc/mdssvc.c
@@ -313,11 +313,11 @@ static bool add_results(sl_array_t *array, struct 
sl_query *slq)
bool ok;
 
/*
-* Taken from a network trace against a macOS SMB Spotlight server. If
-* the first fetch-query-results has no results yet because the search
-* is still running, macOS returns 0x23, otherwise 0x0.
+* Taken from network traces against a macOS SMB Spotlight server: if
+* the search is not finished yet in the backend macOS returns 0x23,
+* otherwise 0x0.
 */
-   if (slq->state >= SLQ_STATE_RESULTS ) {
+   if (slq->state >= SLQ_STATE_DONE) {
status = 0;
} else {
status = 0x23;


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  5cf6870718c libsmb: Fix test for smbc_getxattr
   via  0d8e5ba4f51 libsmb: fix regression on smbc_getxattr and fix doc
  from  69fd70b83df mdssvc: better support for search with mdfind from Macs

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 5cf6870718cf4356e627e0159866faf53ee11a08
Author: Remi Collet 
Date:   Tue Apr 4 12:16:09 2023 +0200

libsmb: Fix test for smbc_getxattr

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808
Signed-off-by: Remi Collet 
Reviewed-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Sun Apr  9 10:44:38 UTC 2023 on atb-devel-224

(cherry picked from commit 0cd66fe6bd4ac2aa0b302ddf3eb5068fc9c522ec)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Sep  6 09:28:02 UTC 2023 on atb-devel-224

commit 0d8e5ba4f511d7da2c76b01931190fe1d9bd6a7e
Author: Remi Collet 
Date:   Tue Apr 4 10:22:09 2023 +0200

libsmb: fix regression on smbc_getxattr and fix doc

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14808
Signed-off-by: Remi Collet 
Reviewed-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 4fc166628fda160d1cd38c140a9664defc5844ab)

---

Summary of changes:
 source3/include/libsmbclient.h  |  2 +-
 source3/libsmb/libsmb_xattr.c   |  4 ++--
 source4/torture/libsmbclient/libsmbclient.c | 25 +++--
 3 files changed, 22 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/libsmbclient.h b/source3/include/libsmbclient.h
index ef8b327e374..056444d008c 100644
--- a/source3/include/libsmbclient.h
+++ b/source3/include/libsmbclient.h
@@ -2419,7 +2419,7 @@ int smbc_getxattr(const char *url,
  *  required to hold the attribute value will be returned,
  *  but nothing will be placed into the value buffer.
  *
- * @return  0 on success, < 0 on error with errno set:
+ * @return  size on success, < 0 on error with errno set:
  *  - EINVAL  The client library is not properly initialized
  *or one of the parameters is not of a correct
  *form
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 1e8d2718a22..1f820521193 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -2182,9 +2182,9 @@ SMBC_getxattr_ctx(SMBCCTX *context,
TALLOC_FREE(frame);
/*
 * static function cacl_get returns a value greater than zero
-* on success. Map this to zero meaning success.
+* which is needed buffer size needed when size_t is 0.
 */
-return ret < 0 ? -1 : 0;
+return ret;
 }
 
 /* Unsupported attribute name */
diff --git a/source4/torture/libsmbclient/libsmbclient.c 
b/source4/torture/libsmbclient/libsmbclient.c
index 55ea26f5bc8..72af8fc01c9 100644
--- a/source4/torture/libsmbclient/libsmbclient.c
+++ b/source4/torture/libsmbclient/libsmbclient.c
@@ -1542,17 +1542,30 @@ static bool torture_libsmbclient_getxattr(struct 
torture_context *tctx)
ret));
 
/*
-* Ensure getting a valid attribute returns 0.
+* Ensure getting a valid attribute computes its size.
+*/
+   ret = smbc_getxattr(getxattr_name, "system.*", NULL, 0);
+   torture_assert_goto(tctx,
+   ret >= 0,
+   ok,
+   done,
+   talloc_asprintf(tctx,
+   "smbc_getxattr(foobar, NULL) on '%s' should "
+   "get >=0, got %d\n",
+   getxattr_name,
+   ret));
+
+   /*
+* Ensure getting a valid attribute returns its size.
 */
ret = smbc_getxattr(getxattr_name, "system.*", value, sizeof(value));
-   torture_assert_int_equal_goto(tctx,
-   ret,
-   0,
+   torture_assert_goto(tctx,
+   ret >= 0,
ok,
done,
talloc_asprintf(tctx,
-   "smbc_getxattr(foobar) on '%s' should "
-   "get -1, got %d\n",
+   "smbc_getxattr(foobar, value) on '%s' should "
+   "get >=0, got %d\n",
getxattr_name,
ret));
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  82d6f8a6ce3 nsswitch/wb_common.c: fix socket fd and memory leaks of 
global state
   via  3d8e8ed1594 nsswitch/wb_common.c: don't operate on a stale 
wb_global_ctx.key
   via  5b9b8b31582 nsswitch/wb_common.c: winbind_destructor can always use 
get_wb_global_ctx()
   via  0ebaac2afe9 nsswitch/wb_common.c: fix build without HAVE_PTHREAD
   via  cb71db6827f nsswitch: add test for pthread_key_delete missuse (bug 
15464)
  from  5cf6870718c libsmb: Fix test for smbc_getxattr

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 82d6f8a6ce3918b51a9422101823328084a27ffa
Author: Stefan Metzmacher 
Date:   Thu Sep 7 15:59:59 2023 +0200

nsswitch/wb_common.c: fix socket fd and memory leaks of global state

When we are called in wb_atfork_child() or winbind_destructor(),
wb_thread_ctx_destructor() is not called for the global state
of the current nor any other thread, which means we would
leak the related memory and socket fds.

Now we maintain a global list protected by a global mutex.
We traverse the list and close all socket fds, which are no
longer used (winbind_destructor) or no longer valid in the
current process (wb_atfork_child), in addition we 'autofree'
the ones, which are only visible internally as global (per thread)
context.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Tested-by: Krzysztof Piotr Oledzki 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Sep 14 18:53:07 UTC 2023 on atb-devel-224

(cherry picked from commit 4af3faace481d23869b64485b791bdd43d8972c5)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Sep 18 17:25:43 UTC 2023 on atb-devel-224

commit 3d8e8ed15942374939c95384b5cd03b0162000ad
Author: Stefan Metzmacher 
Date:   Fri Sep 8 09:56:47 2023 +0200

nsswitch/wb_common.c: don't operate on a stale wb_global_ctx.key

If nss_winbind is loaded into a process that uses fork multiple times
without any further calls into nss_winbind, wb_atfork_child handler
was using a wb_global_ctx.key that was no longer registered in the
pthread library, so we operated on a slot that was potentially
reused by other libraries or the main application. Which is likely
to cause memory corruption.

So we better don't call pthread_key_delete() in wb_atfork_child().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Reported-by: Krzysztof Piotr Oledzki 
Tested-by: Krzysztof Piotr Oledzki 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 91b30a7261e6455d3a4f31728c23e4849e3945b9)

commit 5b9b8b315821c429ecfcb9153aa5308e3c9f5086
Author: Stefan Metzmacher 
Date:   Fri Sep 8 09:53:42 2023 +0200

nsswitch/wb_common.c: winbind_destructor can always use get_wb_global_ctx()

The HAVE_PTHREAD logic inside of get_wb_global_ctx() will do all
required magic.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 836823e5047d0eb18e66707386ba03b812adfaf8)

commit 0ebaac2afe94cf09599970962c66a7cc2761625c
Author: Stefan Metzmacher 
Date:   Thu Sep 7 16:02:32 2023 +0200

nsswitch/wb_common.c: fix build without HAVE_PTHREAD

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 4faf806412c4408db25448b1f67c09359ec2f81f)

commit cb71db6827f2575799d65c8a3560e1748a389889
Author: Stefan Metzmacher 
Date:   Fri Sep 8 13:57:26 2023 +0200

nsswitch: add test for pthread_key_delete missuse (bug 15464)

This is based on https://bugzilla.samba.org/attachment.cgi?id=18081
written by Krzysztof Piotr Oledzki 

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15464

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 62af25d44e542548d8cdecb061a6001e0071ee76)

---

Summary of changes:
 nsswitch/b15464-testcase.c|  77 +
 nsswitch/wb_common.c  | 152 +-
 nsswitch/wscript_build|   5 ++
 source3/selftest/tests.py |   6 ++
 testprogs/blackbox/b15464-testcase.sh |  21 +
 5 files changed, 222 insertions(+), 39 deletions(-)
 create mode 100644 nsswitch/b15464-testcase.c
 create mode 100755 testprogs/blackbox/b15464-testcase.sh


Changeset truncated at 500 lines:

diff --git a/nsswitch/b15464-testcase.c b/nsswitch/b15464-testcase.c
new file mode 100644
index 000..d

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  f869013c616 s3: smbd: Ensure we remove any pending aio values for 
named pipes on forced shutdown.
   via  db1fbcc0263 s3: torture: Add a new SMB2 test: 
SMB2-PIPE-READ-ASYNC-DISCONNECT
   via  721513a219d s3: smbd: named pipe writes are async. Use the same 
logic as for named pipe transacts to avoid crashes on shutdown.
   via  b3a881f89ae s3: smbd: named pipe reads are async. Use the same 
logic as for named pipe transacts to avoid crashes on shutdown.
   via  4baff9de6b2 s3: smbd: Add some DEVELOPER-only code to panic if the 
destructor for an aio_lnk is called and the associated fsp doesn't exist.
  from  82d6f8a6ce3 nsswitch/wb_common.c: fix socket fd and memory leaks of 
global state

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit f869013c616d706007f11ebfcaa0f8af4cadc230
Author: Jeremy Allison 
Date:   Tue Sep 19 14:36:45 2023 -0700

s3: smbd: Ensure we remove any pending aio values for named pipes on forced 
shutdown.

Matches file and directory closes.

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Wed Sep 20 02:43:18 UTC 2023 on atb-devel-224

(cherry picked from commit 11280f1705c0faa1729f5aeaa1b6a1f79ab5a199)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Sep 20 21:38:55 UTC 2023 on atb-devel-224

commit db1fbcc0263d8ce3854a65bda5b54b38a9d4d66d
Author: Jeremy Allison 
Date:   Tue Sep 19 14:30:26 2023 -0700

s3: torture: Add a new SMB2 test: SMB2-PIPE-READ-ASYNC-DISCONNECT

Shows the server crashes if we open a named pipe, do an async read
and then disconnect.

Adds knownfail:

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 66398dd03c46633b474438dddb771caa2d245e64)

commit 721513a219d8b543a3f6a284d05ddc2c99717afe
Author: Jeremy Allison 
Date:   Mon Sep 18 17:37:44 2023 -0700

s3: smbd: named pipe writes are async. Use the same logic as for named pipe 
transacts to avoid crashes on shutdown.

Noticed by Metze.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit ea062c3b0d4dbb1f0682f808ac893bf36a6fb194)

commit b3a881f89ae089e3ec8e603e96eda5b1388e0cb0
Author: Jeremy Allison 
Date:   Mon Sep 18 17:09:00 2023 -0700

s3: smbd: named pipe reads are async. Use the same logic as for named pipe 
transacts to avoid crashes on shutdown.

Noticed by Metze.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 3f32bf887d4425655e81da0b2234cbca3b1d56e6)

commit 4baff9de6b2dc93d81c25874c78f31f91b16d260
Author: Jeremy Allison 
Date:   Mon Sep 18 14:43:23 2023 -0700

s3: smbd: Add some DEVELOPER-only code to panic if the destructor for an 
aio_lnk is called and the associated fsp doesn't exist.

Make this DEVELOPER-only as it walks the entire open
file list on every file close (with associated aio).

This helps catch really subtle problems with orphaned
aio lnk structs.

Reproducer test case to follow.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15423

Signed-off-by: Jeremy Allison 
Reviewed-by: Ralph Boehme 
(cherry picked from commit 82e88f70f181300f6f98691f6680839a94470e13)

---

Summary of changes:
 ...torture_s3.sh => test_smbtorture_nocrash_s3.sh} |  12 +++
 source3/selftest/tests.py  |  16 +++
 source3/smbd/close.c   |   8 ++
 source3/smbd/smb2_aio.c|  24 +
 source3/smbd/smb2_read.c   |  13 +++
 source3/smbd/smb2_write.c  |  13 +++
 source3/torture/proto.h|   1 +
 source3/torture/test_smb2.c| 117 +
 source3/torture/torture.c  |   4 +
 9 files changed, 208 insertions(+)
 copy source3/script/tests/{test_smbtorture_s3.sh => 
test_smbtorture_nocrash_s3.sh} (62%)


Changeset truncated at 500 lines:

diff --git a/source3/script/tests/test_smbtorture_s3.sh 
b/source3/script/tests/test_smbtorture_nocrash_s3.sh
similarity index 62%
copy from source3/script/tests/test_smbtorture_s3.sh
copy to source3/script/tests/test_smbtorture_nocrash_s3.sh
index 4376f4a7199..b6ef1391262 100755
--- a/source3/script/tests/test_smbtorture_s3.sh
+++ b/source3/script/tests/test_smbtorture_nocra

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c4fd0850c5e smbd: Fix BZ15481
   via  7de498a38d9 tests: Add reproducer for BZ15481
   via  7b57cfb1a93 s4:kdc: Add correct Asserted Identity SID in response 
to an S4U2Self request
   via  d96cd43df01 s4:kdc: Avoid copying data if not needed
   via  f1b7a21a7f6 s4:kdc: Don't pass a NULL pointer into 
krb5_pac_add_buffer()
  from  f869013c616 s3: smbd: Ensure we remove any pending aio values for 
named pipes on forced shutdown.

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c4fd0850c5e855af326913147c10dea70f8e7322
Author: Volker Lendecke 
Date:   Tue Sep 19 17:44:56 2023 -0700

smbd: Fix BZ15481

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15481

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Wed Sep 20 22:42:48 UTC 2023 on atb-devel-224

(cherry picked from commit 3481bbfede5127e3664bcf464a0ae3dec9247ab7)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Fri Sep 22 21:07:52 UTC 2023 on atb-devel-224

commit 7de498a38d93411cb4810456b6bd42e9a5ead4ce
Author: Volker Lendecke 
Date:   Wed Sep 20 10:53:52 2023 -0700

tests: Add reproducer for BZ15481

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15481

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit 56df75d44795582dcecb8676a0d80d6f4a46c7e9)

commit 7b57cfb1a9328072e090b5e05c9b0cb09cd2d883
Author: Joseph Sutton 
Date:   Mon Sep 4 13:20:34 2023 +1200

s4:kdc: Add correct Asserted Identity SID in response to an S4U2Self request

I’m not sure exactly how this check was supposed to work. But in any
case, within fast_unwrap_request() the Heimdal KDC replaces the outer
padata with the padata from the inner FAST request. Hence, this check
does not accomplish anything useful: at no point should the KDC plugin
see the outer padata.

A couple of unwanted consequences resulted from this check. One was that
a client who sent empty FX‐FAST padata within the inner FAST request
would receive the *Authentication Authority* Asserted Identity SID
instead of the *Service* Asserted Identity SID. Another consequence was
that a client could in the same manner bypass the restriction on
performing S4U2Self with an RODC‐issued TGT.

Overall, samba_wdc_is_s4u2self_req() is somewhat of a hack. But the
Heimdal plugin API gives us nothing better to work with.

Signed-off-by: Joseph Sutton 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 5c580dbdb3e6a70c8d2f5059e2b7293a7e780414)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15477

commit d96cd43df01ff30df6962f481ade1eca895feab5
Author: Joseph Sutton 
Date:   Fri Mar 17 09:16:17 2023 +1300

s4:kdc: Avoid copying data if not needed

krb5_pac_add_buffer() makes its own copy of the data we pass in. We
don't need to make yet another copy.

Signed-off-by: Joseph Sutton 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit fa901e7346d36ae64a7ceab5dcf76bc210a67c93)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15476

commit f1b7a21a7f6e47377ab4f41a9741a87907438c01
Author: Joseph Sutton 
Date:   Fri Mar 17 09:25:52 2023 +1300

s4:kdc: Don't pass a NULL pointer into krb5_pac_add_buffer()

Heimdal contains an assertion that the data pointer is not NULL. We need
to pass in a pointer to some dummy data instead.

Signed-off-by: Joseph Sutton 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 47ef49fd91f050ce4a79a8471b3e66c808f48752)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15476

---

Summary of changes:
 python/samba/tests/libsmb-basic.py | 27 +++
 source3/smbd/filename.c| 12 +++-
 source4/kdc/pac-glue.c | 26 +++---
 source4/kdc/wdc-samba4.c   | 22 --
 4 files changed, 53 insertions(+), 34 deletions(-)


Changeset truncated at 500 lines:

diff --git a/python/samba/tests/libsmb-basic.py 
b/python/samba/tests/libsmb-basic.py
index cbe7cce5bae..163c5b09ea9 100644
--- a/python/samba/tests/libsmb-basic.py
+++ b/python/samba/tests/libsmb-basic.py
@@ -215,6 +215,33 @@ class LibsmbTestCase(samba.tests.libsmb.LibsmbTests):
 c1.unlink("x")
 c1 = None
 
+def test_gencache_pollution_bz15481(self):
+c = libsmb.Conn(self.server_ip, "tmp", self.lp, self.creds)
+fh = c.create("file",
+  DesiredAccess=security.SEC_STD_DELETE,
+  CreateDisposition=libsmb.FILE_CREATE)
+
+# prime the gencache File->file
+fh_upper = c.

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  ca1b7c185ed VERSION: Bump version up to Samba 4.18.8...
   via  7ee4d12e5c3 VERSION: Disable GIT_SNAPSHOT for the 4.18.7 release.
   via  68195cebe73 WHATSNEW: Add release notes for Samba 4.18.7.
  from  c4fd0850c5e smbd: Fix BZ15481

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit ca1b7c185edf67b1ceb988a8015396351c5ac240
Author: Jule Anger 
Date:   Wed Sep 27 10:09:45 2023 +0200

VERSION: Bump version up to Samba 4.18.8...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 7ee4d12e5c3a880618b600f37df08d4c8fa94e6a
Author: Jule Anger 
Date:   Wed Sep 27 10:09:25 2023 +0200

VERSION: Disable GIT_SNAPSHOT for the 4.18.7 release.

Signed-off-by: Jule Anger 

commit 68195cebe73cd8344dfbccfce1dae781a8e95c29
Author: Jule Anger 
Date:   Wed Sep 27 10:08:45 2023 +0200

WHATSNEW: Add release notes for Samba 4.18.7.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 79 ++--
 2 files changed, 78 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 2245ca751a6..c3dd706bbb3 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=7
+SAMBA_VERSION_RELEASE=8
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 1bb83f6ba4c..fd11954058e 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,79 @@
+   ==
+   Release Notes for Samba 4.18.7
+ September 27, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.6
+
+
+o  Jeremy Allison 
+   * BUG 15419: Weird filename can cause assert to fail in
+ openat_pathref_fsp_nosymlink().
+   * BUG 15423: use-after-free in aio_del_req_from_fsp during smbd shutdown
+ after failed IPC FSCTL_PIPE_TRANSCEIVE.
+   * BUG 15432: TREE_CONNECT without SETUP causes smbd to use uninitialized
+ pointer.
+
+o  Andrew Bartlett 
+   * BUG 15401: Avoid infinite loop in initial user sync with Azure AD Connect.
+   * BUG 15407: Samba replication logs show (null) DN.
+
+o  Ralph Boehme 
+   * BUG 15463: macOS mdfind returns only 50 results.
+
+o  Remi Collet 
+   * BUG 14808: smbc_getxattr() return value is incorrect.
+
+o  Volker Lendecke 
+   * BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
+ previous cache entry value.
+
+o  Stefan Metzmacher 
+   * BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
+ impacts sendmail, zabbix, potentially more.
+
+o  MikeLiu 
+   * BUG 15453: File doesn't show when user doesn't have permission if
+ aio_pthread is loaded.
+
+o  Martin Schwenke 
+   * BUG 15451: ctdb_killtcp fails to work with --enable-pcap and libpcap ≥
+ 1.9.1.
+
+o  Joseph Sutton 
+   * BUG 15476: The KDC in 4.18 (and older) is not able to accept tickets with
+ empty claims pac blobs (from Samba 4.19 or Windows).
+   * BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
+ in use.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.18.6
   August 16, 2023
@@ -76,8 +152,7 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  b9b0d8bc0f0 VERSION: Bump version up to Samba 4.18.9...
   via  d709251a392 Merge branch 'v4-18-stable' into v4-18-test
   via  3dc0412a79f Merge tag 'samba-4.18.8' into v4-18-stable
   via  f1c0d4f1feb VERSION: Disable GIT_SNAPSHOT for the 4.18.8 release.
   via  0bf0250e358 WHATSNEW: Add release notes for Samba 4.18.8.
   via  eb6f2d92e8a CVE-2023-42670 s3-rpc_server: Remove cross-check with 
"samba" EPM lookup
   via  4eba269b1ba CVE-2023-42670 s3-rpc_server: Strictly refuse to start 
RPC servers in conflict with AD DC
   via  2ef556473bd CVE-2023-42669 s3-rpc_server: Disable rpcecho for 
consistency with the AD DC
   via  e652fbe8525 CVE-2023-42669 s4-rpc_server: Disable rpcecho server by 
default
   via  4b3da3a97d1 CVE-2023-4154: Unimplement the original DirSync 
behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
   via  e691257c618 CVE-2023-4154 dsdb/tests: Extend attribute read DirSync 
tests
   via  9d249db44c7 CVE-2023-4154 dsdb/tests: Add test for 
SEARCH_FLAG_RODC_ATTRIBUTE behaviour
   via  ebc2796a029 CVE-2023-4154 dsdb/tests: Speed up DirSync test by only 
checking positive matches once
   via  3e7bdcd0e48 CVE-2023-4154 dsdb/tests: Check that secret attributes 
are not visible with DirSync ever.
   via  23031057e86 CVE-2023-4154 dsdb/tests: Force the test attribute to 
be not-confidential at the start
   via  87ff4f57bf7 CVE-2023-4154 dsdb/tests: Use self.addCleanup() and 
delete_force()
   via  8ad21108f88 CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests 
twice
   via  570e892a0e8 CVE-2023-4154 libcli/security: add 
security_descriptor_[s|d]acl_insert() helpers
   via  7ebf51dd8b5 CVE-2023-4154 libcli/security: prepare 
security_descriptor_acl_add() to place the ace at a position
   via  da9bdf36c35 CVE-2023-4154 replace: add ARRAY_INSERT_ELEMENT() helper
   via  217b30b05e2 CVE-2023-4154 python/samba/ndr: add ndr_deepcopy() 
helper
   via  8a2b11fda30 CVE-2023-4154 py_security: allow idx argument to 
descriptor.[s|d]acl_add()
   via  8ebcfe5599c CVE-2023-4154 python:sd_utils: add 
dacl_{prepend,append,delete}_aces() helpers
   via  b65b141ed75 CVE-2023-4154 python:sd_utils: introduce 
update_aces_in_dacl() helper
   via  704fadfb60e CVE-2023-4154 s4-dsdb: Remove 
DSDB_ACL_CHECKS_DIRSYNC_FLAG
   via  e8df1a60866 CVE-2023-4154 s4:dsdb:tests: Fix code spelling
   via  5ca0ee6f111 CVE-2023-4154 s4:dsdb:tests: Refactor confidential 
attributes test
   via  582f4f2e844 CVE-2023-4154 dsdb: Remove remaining references to 
DC_MODE_RETURN_NONE and DC_MODE_RETURN_ALL
   via  3c432b14469 CVE-2023-4091: smbd: use open_access_mask for access 
check in open_file()
   via  bfe8e10bf3b CVE-2023-4091: smbtorture: test overwrite dispositions 
on read-only file
   via  3e64edae781 CVE-2023-3961:s3: smbd: Remove the SMB_ASSERT() that 
crashes on bad pipenames.
   via  d1a26b4f46b CVE-2023-3961:s3:torture: Add test 
SMB2-INVALID-PIPENAME to show we allow bad pipenames with unix separators 
through to the UNIX domain socket code.
   via  84b5d3640f7 CVE-2023-3961:s3:smbd: Catch any incoming pipe path 
that could exit socket_dir.
   via  2576c0275dc VERSION: Bump version up to Samba 4.18.8...
   via  85475a0cb20 CVE-2023-42670 s3-rpc_server: Remove cross-check with 
"samba" EPM lookup
   via  614d9c22357 CVE-2023-42670 s3-rpc_server: Strictly refuse to start 
RPC servers in conflict with AD DC
   via  2e2a9feecff CVE-2023-42669 s3-rpc_server: Disable rpcecho for 
consistency with the AD DC
   via  808a46b1877 CVE-2023-42669 s4-rpc_server: Disable rpcecho server by 
default
   via  23c5300d099 CVE-2023-4154: Unimplement the original DirSync 
behaviour without LDAP_DIRSYNC_OBJECT_SECURITY
   via  6925e6b6051 CVE-2023-4154 dsdb/tests: Extend attribute read DirSync 
tests
   via  84dcfc3b40f CVE-2023-4154 dsdb/tests: Add test for 
SEARCH_FLAG_RODC_ATTRIBUTE behaviour
   via  9499526ba8e CVE-2023-4154 dsdb/tests: Speed up DirSync test by only 
checking positive matches once
   via  5dc5062ba28 CVE-2023-4154 dsdb/tests: Check that secret attributes 
are not visible with DirSync ever.
   via  029c47f2a40 CVE-2023-4154 dsdb/tests: Force the test attribute to 
be not-confidential at the start
   via  ee3ac4fb9af CVE-2023-4154 dsdb/tests: Use self.addCleanup() and 
delete_force()
   via  2cff332edb5 CVE-2023-4154 dsdb/tests: Do not run SimpleDirsyncTests 
twice
   via  9dade2ab67f CVE-2023-4154 libcli/security: add 
security_descriptor_[s|d]acl_insert() helpers
   via  939f243222e CVE-2023-4154 libcli/security: prepare 
security_descriptor_acl_add() to place the ace at a position
   via  c896afcaf2f CVE-2023-4154 replace: add ARRAY_INSERT_ELEMENT() helper
   via  571d3bf48ee CVE-2023-4154 python/samba/ndr: add ndr_deepcopy() 
helper
   via  b56849aa64b CVE-2023-4154 py_sec

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  653984f4a6d ctdb-daemon: Call setproctitle_init()
  from  b9b0d8bc0f0 VERSION: Bump version up to Samba 4.18.9...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 653984f4a6d3af16597ccb70f23d09e6ed87d1f9
Author: Martin Schwenke 
Date:   Tue Sep 19 17:47:36 2023 +1000

ctdb-daemon: Call setproctitle_init()

Commit 19c82c19c009eefe975ae95c8b709fc93f5f4c39 changed the behaviour
of prctl_set_comment() so it now calls setproctitle(3bsd) by default.

In some Linux distributions (e.g. Rocky Linux 8.8), this results in
messages like this spamming the logs:

  ctdbd: setproctitle not initialized, please either call 
setproctitle_init() or link against libbsd-ctor.

Most Samba daemons seem to call setproctitle_init(), so do it here.

In the longer term CTDB should also switch to using lib/util's
process_set_title(), like the rest of Samba, for more flexible process
names.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15479

Signed-off-by: Martin Schwenke 
Reviewed-by: Ralph Boehme 

Autobuild-User(master): Martin Schwenke 
Autobuild-Date(master): Thu Sep 21 00:46:50 UTC 2023 on atb-devel-224

(cherry picked from commit 8b9f464420b66cebaf00654cf8b19165b301b8b6)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Oct 11 10:57:21 UTC 2023 on atb-devel-224

---

Summary of changes:
 ctdb/server/ctdbd.c | 2 ++
 1 file changed, 2 insertions(+)


Changeset truncated at 500 lines:

diff --git a/ctdb/server/ctdbd.c b/ctdb/server/ctdbd.c
index 10541cb21f1..a388bff1598 100644
--- a/ctdb/server/ctdbd.c
+++ b/ctdb/server/ctdbd.c
@@ -170,6 +170,8 @@ int main(int argc, const char *argv[])
const char *test_mode;
bool ok;
 
+   setproctitle_init(argc, discard_const(argv), environ);
+
/*
 * Basic setup
 */


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  cbbfc917b96 CVE-2018-14628: python:descriptor: let samba-tool 
dbcheck fix the nTSecurityDescriptor on CN=Deleted Objects containers
   via  f967b91da76 CVE-2018-14628: dbchecker: use 
get_deletedobjects_descriptor for missing deleted objects container
   via  edac27f5408 CVE-2018-14628: s4:dsdb: remove unused code in 
dirsync_filter_entry()
   via  74a508b39e6 CVE-2018-14628: s4:setup: set the correct 
nTSecurityDescriptor on the CN=Deleted Objects container
   via  46a168c9a89 CVE-2018-14628: python:provision: make 
DELETEDOBJECTS_DESCRIPTOR available in the ldif files
   via  e884fc791e5 CVE-2018-14628: python:descriptor: add 
get_deletedobjects_descriptor()
   via  8e33532980d gitignore: add WAF lockfile
   via  acf4286fbed build: Add 'make printversion' to provide version string
  from  653984f4a6d ctdb-daemon: Call setproctitle_init()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit cbbfc917b9635bc62825ea64a157028297f54fb7
Author: Stefan Metzmacher 
Date:   Fri Jan 29 23:35:31 2016 +0100

CVE-2018-14628: python:descriptor: let samba-tool dbcheck fix the 
nTSecurityDescriptor on CN=Deleted Objects containers

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 97e4aab1a6e2feda7c6c6fdeaa7c3e1818c55566)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Oct 23 09:52:22 UTC 2023 on atb-devel-224

commit f967b91da76f86a9feb4c1469fccfce93be8bc79
Author: Stefan Metzmacher 
Date:   Wed Jun 7 18:18:58 2023 +0200

CVE-2018-14628: dbchecker: use get_deletedobjects_descriptor for missing 
deleted objects container

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 70586061128f90afa33f25e104d4570a1cf778db)

commit edac27f5408191567233983562091484ebbbad0a
Author: Stefan Metzmacher 
Date:   Mon Jun 26 15:14:24 2023 +0200

CVE-2018-14628: s4:dsdb: remove unused code in dirsync_filter_entry()

This makes the next change easier to understand.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 498542be0bbf4f26558573c1f87b77b8e3509371)

commit 74a508b39e6fd5036a2adc99d559bd3852f8ce8d
Author: Stefan Metzmacher 
Date:   Fri Jan 29 23:34:15 2016 +0100

CVE-2018-14628: s4:setup: set the correct nTSecurityDescriptor on the 
CN=Deleted Objects container

This revealed a bug in our dirsync code, so we mark
test_search_with_dirsync_deleted_objects as knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 7f8b15faa76d05023c987fac2c4c31f9ac61bb47)

commit 46a168c9a89e82ccaf8d27669d1ae5459f7becb9
Author: Stefan Metzmacher 
Date:   Fri Jan 29 23:33:37 2016 +0100

CVE-2018-14628: python:provision: make DELETEDOBJECTS_DESCRIPTOR available 
in the ldif files

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 0c329a0fda37d87ed737e4b579b6d04ec907604c)

commit e884fc791e59bd6ebd41b4a2ab7c9d7dc45415f4
Author: Stefan Metzmacher 
Date:   Fri Jan 29 23:30:59 2016 +0100

CVE-2018-14628: python:descriptor: add get_deletedobjects_descriptor()

samba-tool drs clone-dc-database was quite useful to find
the true value of nTSecurityDescriptor of the CN=Delete Objects
containers.

Only the auto inherited SACL is available via a ldap search.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 3be190dcf7153e479383f7f3d29ddca43fe121b8)

commit 8e33532980d9b4b16520a5092336bd86f882e0f5
Author: Michael Adam 
Date:   Mon Oct 16 19:04:55 2023 +0200

gitignore: add WAF lockfile

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15497

Signed-off-by: Michael Adam 
Reviewed-by: Christof Schmitt 
Reviewed-by: Andrew Bartlett 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Tue Oct 17 04:16:29 UTC 2023 on atb-devel-224

(cherry picked from commit 310629508bfbedecfab9b653b7cba0282f5c0e8b)

commit acf4286fbed5014af58a7fcf0055b1b80f00705d
Author: Christof Schmitt 
Date:   Thu Sep 12 16:11:34 2013 -0700

build: Add 'make printversion' to provide version string

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15497

Signed-off-by: Christof Schmitt 
Reviewed-by: Andrew Bartlett 
(cherry picked f

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  9a5b46d89e2 s3: smbd: Ignore fstat() error on deleted stream in 
fd_close().
  from  cbbfc917b96 CVE-2018-14628: python:descriptor: let samba-tool 
dbcheck fix the nTSecurityDescriptor on CN=Deleted Objects containers

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 9a5b46d89e2820d447c5e4c9c6a0c67d58962c6e
Author: Ralph Boehme 
Date:   Wed Sep 20 14:21:44 2023 -0700

s3: smbd: Ignore fstat() error on deleted stream in fd_close().

In the fd_close() fsp->fsp_flags.fstat_before_close code path.

If this is a stream and delete-on-close was set, the
backing object (an xattr from streams_xattr) might
already be deleted so fstat() fails with
NT_STATUS_NOT_FOUND. So if fsp refers to a stream we
ignore the error and only bail for normal files where
an fstat() should still work. NB. We cannot use
fsp_is_alternate_stream(fsp) for this as the base_fsp
has already been closed at this point and so the value
fsp_is_alternate_stream() checks for is already NULL.

Remove knownfail.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15487

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Tue Oct 10 09:39:27 UTC 2023 on atb-devel-224

(cherry picked from commit 633a3ee6894cc1d05b44dbe47a278202803d9b21)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Nov 13 12:16:15 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/smbd/open.c | 15 ++-
 1 file changed, 14 insertions(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0c9ddfe7c94..c848243c9b5 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -997,7 +997,20 @@ NTSTATUS fd_close(files_struct *fsp)
if (fsp->fsp_flags.fstat_before_close) {
status = vfs_stat_fsp(fsp);
if (!NT_STATUS_IS_OK(status)) {
-   return status;
+   /*
+* If this is a stream and delete-on-close was set, the
+* backing object (an xattr from streams_xattr) might
+* already be deleted so fstat() fails with
+* NT_STATUS_NOT_FOUND. So if fsp refers to a stream we
+* ignore the error and only bail for normal files where
+* an fstat() should still work. NB. We cannot use
+* fsp_is_alternate_stream(fsp) for this as the base_fsp
+* has already been closed at this point and so the 
value
+* fsp_is_alternate_stream() checks for is already NULL.
+*/
+   if (fsp->fsp_name->stream_name == NULL) {
+   return status;
+   }
}
}
 


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  a2ad66e4933 system.c: fall back to become_root if CAP_DAC_OVERRIDE 
isn't usable
  from  9a5b46d89e2 s3: smbd: Ignore fstat() error on deleted stream in 
fd_close().

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit a2ad66e4933b6fd0a30218b779d5e3e8e9b4750c
Author: Björn Jacke 
Date:   Thu Nov 9 14:56:06 2023 +0100

system.c: fall back to become_root if CAP_DAC_OVERRIDE isn't usable

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15093

Signed-off-by: Bjoern Jacke 
Reviewed-by: Christof Schmitt 
(cherry picked from commit a1738e8265dd256c5a1064482a6dfccbf9ca44f1)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Nov 20 09:55:39 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/lib/system.c | 31 +--
 1 file changed, 29 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/system.c b/source3/lib/system.c
index da92d9b64c8..16fe3839446 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -643,18 +643,45 @@ static bool set_process_capability(enum smbd_capability 
capability,
  Gain the oplock capability from the kernel if possible.
 /
 
+#if defined(HAVE_POSIX_CAPABILITIES) && defined(CAP_DAC_OVERRIDE)
+static bool have_cap_dac_override = true;
+#else
+static bool have_cap_dac_override = false;
+#endif
+
 void set_effective_capability(enum smbd_capability capability)
 {
+   bool ret = false;
+
+   if (capability != DAC_OVERRIDE_CAPABILITY || have_cap_dac_override) {
 #if defined(HAVE_POSIX_CAPABILITIES)
-   set_process_capability(capability, True);
+   ret = set_process_capability(capability, True);
 #endif /* HAVE_POSIX_CAPABILITIES */
+   }
+
+   /*
+* Fallback to become_root() if CAP_DAC_OVERRIDE is not
+* available.
+*/
+   if (capability == DAC_OVERRIDE_CAPABILITY) {
+   if (!ret) {
+   have_cap_dac_override = false;
+   }
+   if (!have_cap_dac_override) {
+   become_root();
+   }
+   }
 }
 
 void drop_effective_capability(enum smbd_capability capability)
 {
+   if (capability != DAC_OVERRIDE_CAPABILITY || have_cap_dac_override) {
 #if defined(HAVE_POSIX_CAPABILITIES)
-   set_process_capability(capability, False);
+   set_process_capability(capability, False);
 #endif /* HAVE_POSIX_CAPABILITIES */
+   } else {
+   unbecome_root();
+   }
 }
 
 /**


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  d522d15c82b smbd: fix close order of base_fsp and stream_fsp in 
smb_fname_fsp_destructor()
  from  a2ad66e4933 system.c: fall back to become_root if CAP_DAC_OVERRIDE 
isn't usable

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit d522d15c82bc413fcc83106c93fd3f051a04f270
Author: Ralph Boehme 
Date:   Thu Nov 16 10:50:32 2023 +0100

smbd: fix close order of base_fsp and stream_fsp in 
smb_fname_fsp_destructor()

VFS modules like streams_xattr use the function fsp_is_alternate_stream() 
on the
fsp to determine in an fsp is a stream, eg in streams_xattr_close(). If
fspo->base_fsp is arlready set to NULL, this won't work anymore.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15521

Signed-off-by: Ralph Boehme 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Thu Nov 16 18:31:17 UTC 2023 on atb-devel-224

(cherry picked from commit 4481a67c1b20549a71d6c5132b637798a09f966d)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Nov 21 10:24:37 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/smbd/files.c | 24 +---
 1 file changed, 13 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 792e9424bdc..d3f6b629264 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -406,6 +406,7 @@ static void destroy_fsp_smb_fname_link(struct 
fsp_smb_fname_link **_link)
 static int smb_fname_fsp_destructor(struct smb_filename *smb_fname)
 {
struct files_struct *fsp = smb_fname->fsp;
+   struct files_struct *base_fsp = NULL;
NTSTATUS status;
int saved_errno = errno;
 
@@ -417,17 +418,7 @@ static int smb_fname_fsp_destructor(struct smb_filename 
*smb_fname)
}
 
if (fsp_is_alternate_stream(fsp)) {
-   struct files_struct *tmp_base_fsp = fsp->base_fsp;
-
-   fsp_set_base_fsp(fsp, NULL);
-
-   status = fd_close(tmp_base_fsp);
-   if (!NT_STATUS_IS_OK(status)) {
-   DBG_ERR("Closing fd for fsp [%s] failed: %s. "
-   "Please check your filesystem!!!\n",
-   fsp_str_dbg(fsp), nt_errstr(status));
-   }
-   file_free(NULL, tmp_base_fsp);
+   base_fsp = fsp->base_fsp;
}
 
status = fd_close(fsp);
@@ -439,6 +430,17 @@ static int smb_fname_fsp_destructor(struct smb_filename 
*smb_fname)
file_free(NULL, fsp);
smb_fname->fsp = NULL;
 
+   if (base_fsp != NULL) {
+   base_fsp->stream_fsp = NULL;
+   status = fd_close(base_fsp);
+   if (!NT_STATUS_IS_OK(status)) {
+   DBG_ERR("Closing fd for base_fsp [%s] failed: %s. "
+   "Please check your filesystem!!!\n",
+   fsp_str_dbg(base_fsp), nt_errstr(status));
+   }
+   file_free(NULL, base_fsp);
+   }
+
errno = saved_errno;
return 0;
 }


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  be0b6c4b807 vfs_zfsacl: Call stat CAP_DAC_OVERRIDE functions
   via  66259b50c17 vfs_aixacl2: Call stat DAC_CAP_OVERRIDE functions
   via  11523b490c5 nfs4_acls: Make fstat_with_cap_dac_override static
   via  f9d4855b1ac nfs4_acls: Make stat_with_cap_dac_override static
   via  6090ebfa5c1 nfs4_acls: Make fstatat_with_cap_dac_override static
   via  3241127482d vfs_gpfs: Move vfs_gpfs_fstatat to nfs4_acls.c and 
rename function
   via  790363f076f vfs_gpfs: Move vfs_gpfs_lstat to nfs4_acls.c and rename 
function
   via  8ca3c4839fe vfs_gpfs: Move vfs_gpfs_fstat to nfs4_acls.c and rename 
function
   via  cf8f5bdf956 vfs_gpfs: Move vfs_gpfs_stat to nfs4_acls.c and rename 
function
   via  776091ad50f vfs_gpfs: Move stat_with_capability to nfs4_acls.c and 
rename function
   via  53e4d90dbd1 vfs_gpfs: Move fstatat_with_cap_dac_override to 
nfs4_acls.c
   via  f00db2a13b7 nfs4_acls: Implement fstat with DAC_CAP_OVERRIDE
   via  619eb761344 vfs_gpfs: Implement CAP_DAC_OVERRIDE for fstatat
   via  fedb492e868 vfs_gpfs: Implement CAP_DAC_OVERRIDE for fstat
   via  ddef013da21 vfs_gpfs: Move fstatat with DAC_CAP_OVERRIDE to helper 
function
   via  71bf59691f5 vfs_gpfs: Use O_PATH for opening dirfd for stat with 
CAP_DAC_OVERRIDE
  from  d522d15c82b smbd: fix close order of base_fsp and stream_fsp in 
smb_fname_fsp_destructor()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit be0b6c4b807d196b9ebce0e26f60be31063e352c
Author: Christof Schmitt 
Date:   Thu Nov 9 12:44:02 2023 -0700

vfs_zfsacl: Call stat CAP_DAC_OVERRIDE functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 

Autobuild-User(master): Björn Jacke 
Autobuild-Date(master): Wed Nov 15 19:55:07 UTC 2023 on atb-devel-224

(cherry picked from commit 12e5c15a97b45aa01fc3f4274f8ba9cf7d1ddbe9)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Sat Nov 25 19:34:32 UTC 2023 on atb-devel-224

commit 66259b50c1705069d986bf398901cd32f21cb8f8
Author: Christof Schmitt 
Date:   Thu Nov 9 12:42:13 2023 -0700

vfs_aixacl2: Call stat DAC_CAP_OVERRIDE functions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit 9cac9154212bde79391ca99291a76752f334)

commit 11523b490c5f8eee5cd9e7faa1c348f71675623f
Author: Christof Schmitt 
Date:   Thu Nov 9 12:39:57 2023 -0700

nfs4_acls: Make fstat_with_cap_dac_override static

No other module is calling this function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit bffd8bd8c32fea738824b807eb9e5f97a609493e)

commit f9d4855b1ac35eba4bd9f9de7d3cc0248dae0885
Author: Christof Schmitt 
Date:   Thu Nov 9 12:38:46 2023 -0700

nfs4_acls: Make stat_with_cap_dac_override static

No other module is calling this function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit 0f664f016207894e0a156b9e1f4db7677c264205)

commit 6090ebfa5c14c777e3f6e4519bef244d1992f598
Author: Christof Schmitt 
Date:   Thu Nov 9 12:37:25 2023 -0700

nfs4_acls: Make fstatat_with_cap_dac_override static

No other module is calling this function.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit 8831eeca1d70c909e15c86c8af6a7b1d7b0d3b5b)

commit 3241127482dd8cbe6211ab4bd4bd865d98ee99e3
Author: Christof Schmitt 
Date:   Thu Nov 9 12:35:21 2023 -0700

vfs_gpfs: Move vfs_gpfs_fstatat to nfs4_acls.c and rename function

All stat DAC_CAP_OVERRIDE code is being moved to nfs4_acls.c to allow
reuse. Move the vfs_gpfs_fstatat function and rename it to the more
generic name nfs4_acl_fstat.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit 5fd73e93af9d015c9e65a6d4d16229476a541cfc)

commit 790363f076f7adc7ae5a6a936715b71c60084ad7
Author: Christof Schmitt 
Date:   Thu Nov 9 12:30:27 2023 -0700

vfs_gpfs: Move vfs_gpfs_lstat to nfs4_acls.c and rename function

All stat CAP_DAC_OVERRIDE code is being moved to nf4_acls.c to allow
reuse. Move the vfs_gpfs_lstat function and rename to the more generic
name nfs4_acl_lstat.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15507

Signed-off-by: Christof Schmitt 
Reviewed-by: Björn Jacke 
(cherry picked from commit 2c1195678d3451

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  6c06c9ed427 VERSION: Bump version up to Samba 4.18.10...
   via  2669b77d97b VERSION: Disable GIT_SNAPSHOT for the 4.18.9 release.
   via  2e5bc96588c WHATSNEW: Add release notes for Samba 4.18.9.
  from  be0b6c4b807 vfs_zfsacl: Call stat CAP_DAC_OVERRIDE functions

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 6c06c9ed427f64034507aea2924d0cb9d0bb3c3e
Author: Jule Anger 
Date:   Wed Nov 29 15:24:32 2023 +0100

VERSION: Bump version up to Samba 4.18.10...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 2669b77d97b55542b6f2bc80c72cf699399e8ec8
Author: Jule Anger 
Date:   Wed Nov 29 15:24:09 2023 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.9 release.

Signed-off-by: Jule Anger 

commit 2e5bc96588cb2206abbf11c99d6fdccad73c4405
Author: Jule Anger 
Date:   Wed Nov 29 15:23:30 2023 +0100

WHATSNEW: Add release notes for Samba 4.18.9.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |   2 +-
 WHATSNEW.txt | 124 ++-
 2 files changed, 123 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index 37824cd31dc..ac25cfd99fa 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=9
+SAMBA_VERSION_RELEASE=10
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 53fe4eafa72..3c77ebfd0f6 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,124 @@
+   ==
+   Release Notes for Samba 4.18.9
+ November 29, 2023
+   ==
+
+
+This is the latest stable release of the Samba 4.18 release series.
+It contains the security-relevant bugfix CVE-2018-14628:
+
+Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
+allow read of object tombstones over LDAP
+(Administrator action required!)
+https://www.samba.org/samba/security/CVE-2018-14628.html
+
+
+Description of CVE-2018-14628
+-
+
+All versions of Samba from 4.0.0 onwards are vulnerable to an
+information leak (compared with the established behaviour of
+Microsoft's Active Directory) when Samba is an Active Directory Domain
+Controller.
+
+When a domain was provisioned with an unpatched Samba version,
+the ntSecurityDescriptor is simply inherited from Domain/Partition-HEAD-Object
+instead of being very strict (as on a Windows provisioned domain).
+
+This means also non privileged users can use the
+LDAP_SERVER_SHOW_DELETED_OID control in order to view,
+the names and preserved attributes of deleted objects.
+
+No information that was hidden before the deletion is visible, but in
+with the correct ntSecurityDescriptor value in place the whole object
+is also not visible without administrative rights.
+
+There is no further vulnerability associated with this error, merely an
+information disclosure.
+
+Action required in order to resolve CVE-2018-14628!
+---
+
+The patched Samba does NOT protect existing domains!
+
+The administrator needs to run the following command
+(on only one domain controller)
+in order to apply the protection to an existing domain:
+
+  samba-tool dbcheck --cross-ncs --attrs=nTSecurityDescriptor --fix
+
+The above requires manual interaction in order to review the
+changes before they are applied. Typicall question look like this:
+
+  Reset nTSecurityDescriptor on CN=Deleted Objects,DC=samba,DC=org back to 
provision default?
+Owner mismatch: SY (in ref) DA(in current)
+Group mismatch: SY (in ref) DA(in current)
+Part dacl is different between reference and current here is the 
detail:
+(A;;LCRPLORC;;;AU) ACE is not present in the reference
+(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY) ACE is not present in the 
reference
+(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;DA) ACE is not present in the 
reference
+(A;;CCDCLCSWRPWPSDRCWDWO;;;SY) ACE is not present in the 
current
+(A;;LCRP;;;BA) ACE is not present in the current
+   [y/N/all/none] y
+  Fixed attribute 'nTSecurityDescriptor' of 'CN=Deleted 
Objects,DC=samba,DC=org'
+
+The change should be confirmed with 'y' for all objects starting with
+'CN=Deleted Objects'.
+
+
+Changes since 4.18.8
+
+
+o  Michael Adam 
+   * BUG 15497: Add make command for querying Samba version.
+
+o  Ralph Boehme 
+   * BUG 15487: smbd crashes if asked to return full

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  0a8cf4f1c06 testprogs: Add net offlinejoin composeodj tests
   via  ce29bbfb7db testprogs: Cleanup machine account in net offlinejoin 
tests
   via  69475590970 s3:net: Allow to load ODJ blob from stdin
   via  1f066b595f9 s3:net: Load ODJ blob from file only if "loadfile" 
parameter is present
   via  ca6ba984095 s3:net: Add "net offlinejoin composeodj" command
   via  4e43af11c3a s3:libnetapi: Implement NetComposeOfflineDomainJoin_l()
   via  ad2196fd792 s3:libnetapi: Add NetComposeOfflineDomainJoin() to API.
   via  fddbff3d44a s3:libnetapi: Add NetComposeOfflineDomainJoin() 
boilerplate
   via  a85441249de s3:libnetapi: Add NetComposeOfflineDomainJoin() to IDL
   via  f8021a241e5 s3:libnetapi: Add some comments to document ODJ blob 
charset conversions
   via  f731d75081f s3:libnetapi: Return error from RequestOfflineJoin
  from  6c06c9ed427 VERSION: Bump version up to Samba 4.18.10...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 0a8cf4f1c067754e3f9805f1365d43b8acdeb322
Author: Samuel Cabrero 
Date:   Mon Sep 4 16:49:52 2023 +0200

testprogs: Add net offlinejoin composeodj tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 

Autobuild-User(master): Andrew Bartlett 
Autobuild-Date(master): Tue Sep  5 22:11:46 UTC 2023 on atb-devel-224

(cherry picked from commit f3c632e74ba100b455eeac66e8914b11d1d9b0a0)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Wed Nov 29 15:55:45 UTC 2023 on atb-devel-224

commit ce29bbfb7db31c69d5d73bb0ca89e6754ffe7e6d
Author: Samuel Cabrero 
Date:   Mon Sep 4 16:18:35 2023 +0200

testprogs: Cleanup machine account in net offlinejoin tests

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit e92e4b9544231c15eaf0bdbba4505345cd0f6ab5)

commit 69475590970e2bfc7ee78f6b8c1edfbbe3060276
Author: Samuel Cabrero 
Date:   Wed Aug 30 20:53:18 2023 +0200

s3:net: Allow to load ODJ blob from stdin

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit c14a4f51443f67bc46a670a342eed8cb9e81f37d)

commit 1f066b595f968a59bdff52b5a54dffa555f832d6
Author: Samuel Cabrero 
Date:   Wed Aug 30 20:25:17 2023 +0200

s3:net: Load ODJ blob from file only if "loadfile" parameter is present

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit b2399b6994c89404f245e1a97ba1c1cf13d7fc86)

commit ca6ba984095512e187528024eee18e3fd9cd9a8c
Author: Samuel Cabrero 
Date:   Thu Aug 31 12:46:52 2023 +0200

s3:net: Add "net offlinejoin composeodj" command

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 4a1f2071a6028a761bbe7efee20e9654851b51f0)

commit 4e43af11c3aa7331789b64e5e7a32287dc67ce0a
Author: Samuel Cabrero 
Date:   Thu Aug 31 12:45:42 2023 +0200

s3:libnetapi: Implement NetComposeOfflineDomainJoin_l()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit a8bd8f22aac2c223e85e318dba7af8b64052b053)

commit ad2196fd79247dd133cbba3a5bf39721e741699e
Author: Samuel Cabrero 
Date:   Thu Aug 31 12:44:26 2023 +0200

s3:libnetapi: Add NetComposeOfflineDomainJoin() to API.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 7cabbec2eaf5aefd3751c635c12556eca590f506)

commit fddbff3d44adcfa6715afe0a62d0fd49ed890e7b
Author: Samuel Cabrero 
Date:   Thu Aug 31 12:43:22 2023 +0200

s3:libnetapi: Add NetComposeOfflineDomainJoin() boilerplate

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 532701e3cce9d15e95166ee7c24cd1e4af51fcc4)

commit a85441249de22d2b707bf9a6877720da78f31ea6
Author: Samuel Cabrero 
Date:   Thu Aug 31 12:39:04 2023 +0200

s3:libnetapi: Add NetComposeOfflineDomainJoin() to IDL

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577

Signed-off-by: Samuel Cabrero 
Reviewed-by: Andrew Bartlett 
(cherry picked from commit 740e704bd68a6b618b62336ba1583c0edeb82d6f)

commit f8021a241e50a20cd009fe2ad58e01133360e4e9
Author: Samuel Cabrero 
Date:   Mon Sep 4 10:47:06 2023 +0200

s3:libnetapi: Add some comments to document ODJ blob cha

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  849c370d92a vfs_ceph: call 'ceph_fgetxattr' only if valid fd
  from  0a8cf4f1c06 testprogs: Add net offlinejoin composeodj tests

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 849c370d92a1fca18450ba7d0064e1adab4a77e4
Author: Shachar Sharon 
Date:   Thu Nov 16 11:57:02 2023 +0200

vfs_ceph: call 'ceph_fgetxattr' only if valid fd

Align getxattr logic with the rest of xattr hooks: call ceph_fgetxattr
with appropriate io-fd when 'is_pathref' is false; otherwise, call
ceph_getxattr.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15440

Signed-off-by: Shachar Sharon 
Reviewed-by: Anoop C S 
Reviewed-by: Guenther Deschner 

Autobuild-User(master): Günther Deschner 
Autobuild-Date(master): Thu Nov 30 12:32:29 UTC 2023 on atb-devel-224

(cherry picked from commit 83edfcff5ccd8c4c710576b6d5612e0578d168c8)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Dec 11 13:21:02 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/modules/vfs_ceph.c | 27 ---
 1 file changed, 24 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/modules/vfs_ceph.c b/source3/modules/vfs_ceph.c
index c5ee9d5967c..9fa0f760084 100644
--- a/source3/modules/vfs_ceph.c
+++ b/source3/modules/vfs_ceph.c
@@ -1305,11 +1305,32 @@ static const char *cephwrap_connectpath(
  Extended attribute operations.
 */
 
-static ssize_t cephwrap_fgetxattr(struct vfs_handle_struct *handle, struct 
files_struct *fsp, const char *name, void *value, size_t size)
+static ssize_t cephwrap_fgetxattr(struct vfs_handle_struct *handle,
+ struct files_struct *fsp,
+ const char *name,
+ void *value,
+ size_t size)
 {
int ret;
-   DBG_DEBUG("[CEPH] fgetxattr(%p, %p, %s, %p, %llu)\n", handle, fsp, 
name, value, llu(size));
-   ret = ceph_fgetxattr(handle->data, fsp_get_io_fd(fsp), name, value, 
size);
+   DBG_DEBUG("[CEPH] fgetxattr(%p, %p, %s, %p, %llu)\n",
+ handle,
+ fsp,
+ name,
+ value,
+ llu(size));
+   if (!fsp->fsp_flags.is_pathref) {
+   ret = ceph_fgetxattr(handle->data,
+fsp_get_io_fd(fsp),
+name,
+value,
+size);
+   } else {
+   ret = ceph_getxattr(handle->data,
+   fsp->fsp_name->base_name,
+   name,
+   value,
+   size);
+   }
DBG_DEBUG("[CEPH] fgetxattr(...) = %d\n", ret);
if (ret < 0) {
WRAP_RETURN(ret);


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  a149a96eaf2 ctdb-server: Drop unnecessary copy of destination 
address
   via  ff4ed4d760a ctdb-daemon: Use ctdb_connection_to_buf() to simplify
   via  279187965b8 smbd: Remove callback for release_ip when "state" is 
free'ed
   via  f8c02609f48 s3:selftest: add 
samba3.blackbox.smbXsrv_client_ctdb_registered_ips
   via  d9ed96c908c selftest: export/use CTDB related envvars in order to 
run the ctdb command
   via  6ca3ce4db30 ctdbd_conn: add ctdbd_passed_ips()
   via  18d34cea2a1 ctdbd_conn: add ctdbd_unregister_ips()
   via  ecc0acbbff2 ctdbd_conn: Add deregister_from_ctdbd()
   via  562e360ed7c ctdbd_conn: let register_with_ctdbd() call 
CTDB_CONTROL_REGISTER_SRVID just once
   via  24d960d02b8 ctdbd_conn: don't use uninitialized memory in 
ctdbd_register_ips()
   via  813e7186719 ctdb: add/implement CTDB_CONTROL_TCP_CLIENT_PASSED
   via  f7694157993 ctdb: add/implement CTDB_CONTROL_TCP_CLIENT_DISCONNECTED
   via  0de804ac5d6 ctdb: add ctdb_connection_same() helper
   via  9d8768ffd35 ctdb: make use of ctdb_canonicalize_ip_inplace() in 
ctdb_control_tcp_client()
   via  d7249b3cbd2 ctdb: add ctdb_canonicalize_ip_inplace() helper
   via  30fddc01431 ctdb: remove unused ctdb->client_ip_list and print 
debug on ctdb_tcp_list instead
  from  849c370d92a vfs_ceph: call 'ceph_fgetxattr' only if valid fd

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit a149a96eaf250625b4be89aa1059330bd953a06c
Author: Martin Schwenke 
Date:   Wed Dec 13 10:29:05 2023 +1100

ctdb-server: Drop unnecessary copy of destination address

Modernise debug while touching the code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523

Signed-off-by: Martin Schwenke 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Fri Dec 15 12:09:21 UTC 2023 on atb-devel-224

(cherry picked from commit 4b7329f15820f1b4d9a7b7f0947719c4217b312a)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Sat Dec 16 15:26:50 UTC 2023 on atb-devel-224

commit ff4ed4d760a61e59d2e23f1e3d956308585b846d
Author: Martin Schwenke 
Date:   Wed Dec 13 10:22:04 2023 +1100

ctdb-daemon: Use ctdb_connection_to_buf() to simplify

The one case that is no longer handled specially is when the
destination address is IPv4 loopback.  This may previously have been
used to avoid flooding the logs when testing.  However, that seems
unnecessary - if testing with 127.0.0.1 then make it a public address.

Modernise debug while touching the code.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523

Signed-off-by: Martin Schwenke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 8fc3872557f715dc38f9898754a785fd073ace96)

commit 279187965b8b2adbd2939bf2a9e587edce04431d
Author: Volker Lendecke 
Date:   Thu Oct 12 17:19:45 2023 +0200

smbd: Remove callback for release_ip when "state" is free'ed

If a client connects to a non-public address first followed by a connect
to public address with the same client_guid and a connection to
the non-public address gets disconnected first, we hit by a use-after-free
talloc_get_type_abort() called from release_ip() as
"xconn" is already gone, taking smbd_release_ip_state with it.

We need to decide between calling ctdbd_unregister_ips() by default, as
it means the tcp connection is really gone and ctdb needs to remove the
'tickle' information.  But when a connection was passed to a different
smbd process, we need to use ctdbd_passed_ips() as the tcp connection is
still alive and the 'tickle' information should not be removed within
ctdb.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15523

Pair-Programmed-With: Stefan Metzmacher 

Signed-off-by: Volker Lendecke 
Signed-off-by: Stefan Metzmacher 
Reviewed-by: Martin Schwenke 
(cherry picked from commit ddf47e7fe314e0f5bf71ff53e35350e0ba530d08)

commit f8c02609f4807435cbdee1d1433429a549fc981e
Author: Stefan Metzmacher 
Date:   Fri Nov 17 11:46:27 2023 +0100

s3:selftest: add samba3.blackbox.smbXsrv_client_ctdb_registered_ips

This demonstrates the crash that happens if a client connects to a
non-public address first followed by a connect
to public address with the same client_guid and a connection to
the non-public address gets disconnected first, we hit by a
use-after-free talloc_get_type_abort() called from release_ip() as
"xconn" is already gone, taking smbd_release_ip_state with it.

Note that we also need to mark some subtests as flapping
as there's a 2nd problem that happens in the interaction
between smbd processes and ctdb when passing a multichannel
con

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  c2c111688c4 s3:ctdbd_conn: fix ctdbd_public_ip_foreach() for ipv6 
addresses
  from  a149a96eaf2 ctdb-server: Drop unnecessary copy of destination 
address

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit c2c111688c49feaffb6f6a7461537dbb213a9e2e
Author: Stefan Metzmacher 
Date:   Tue Aug 15 08:57:57 2023 +0200

s3:ctdbd_conn: fix ctdbd_public_ip_foreach() for ipv6 addresses

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15534

Signed-off-by: Stefan Metzmacher 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Stefan Metzmacher 
Autobuild-Date(master): Thu Dec 21 11:09:30 UTC 2023 on atb-devel-224

(cherry picked from commit 828f3c99122fb033ecb79e24ed24821b8510f0f8)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Thu Dec 28 17:09:25 UTC 2023 on atb-devel-224

---

Summary of changes:
 source3/lib/ctdbd_conn.c | 33 -
 1 file changed, 28 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index a739c97f3fd..3698c9d3672 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -1438,6 +1438,32 @@ static int ctdbd_control_get_public_ips(struct 
ctdbd_connection *conn,
return 0;
 }
 
+static struct samba_sockaddr ctdbd_sock_addr_to_samba(const ctdb_sock_addr *c)
+{
+   struct samba_sockaddr s = {};
+
+   switch (c->sa.sa_family) {
+   case AF_INET:
+   s.u.in = c->ip;
+   break;
+   case AF_INET6:
+   /*
+* ctdb always requires HAVE_IPV6,
+* so we don't need an ifdef here.
+*/
+   s.u.in6 = c->ip6;
+   break;
+   default:
+   /*
+* ctdb_sock_addr only supports ipv4 and ipv6
+*/
+   smb_panic(__location__);
+   break;
+   }
+
+   return s;
+}
+
 int ctdbd_public_ip_foreach(struct ctdbd_connection *conn,
int (*cb)(uint32_t total_ip_count,
  const struct sockaddr_storage *ip,
@@ -1457,11 +1483,8 @@ int ctdbd_public_ip_foreach(struct ctdbd_connection 
*conn,
}
 
for (i=0; i < ips->num; i++) {
-   struct samba_sockaddr tmp = {
-   .u = {
-   .sa = ips->ips[i].addr.sa,
-   },
-   };
+   const ctdb_sock_addr *addr = &ips->ips[i].addr;
+   struct samba_sockaddr tmp = ctdbd_sock_addr_to_samba(addr);
 
ret = cb(ips->num,
 &tmp.u.ss,


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Stefan Metzmacher]

The branch, v4-18-test has been updated
   via  9f8a73d7cc4 s3:smbd multichannel: always refresh the network 
information
  from  c2c111688c4 s3:ctdbd_conn: fix ctdbd_public_ip_foreach() for ipv6 
addresses

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 9f8a73d7cc4bc0662aa527b045bc9925b9b4c71a
Author: Jones Syue 
Date:   Thu Jan 4 09:42:15 2024 +0800

s3:smbd multichannel: always refresh the network information

To maintain SMB Multichannel, windows client might periodically query with
FSCTL_QUERY_NETWORK_INTERFACE_INFO to get SMB server's network information,
in my case windows server 2022 would do this every 10 minutes (600 seconds).

Consider a scenario: the network information might have changed between
these queries, some become link down, new interface is link up, network
speed is changed, and etc. So far smbd might not aware of these changes and
still report out-of-date network information to windows client, until we
manually send a SIGHUP to smbd in order to trigger load_interfaces():
smbd_sig_hup_handler() > reload_services () > load_interfaces()
This might be a bit inconvenient because it is hard to decide when should
we manually send a SIGHUP to smbd for refreshing network information.

This patch adds load_interfaces() at fsctl_network_iface_info(), while smbd
received FSCTL_QUERY_NETWORK_INTERFACE_INFO would go through this and 
refresh
local_interfaces, then respond to client with up-to-date network 
information;
also refresh num_ifaces to make sure interfaces count is consistent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15547

Signed-off-by: Jones Syue 
Reviewed-by: Stefan Metzmacher 
Reviewed-by: Björn Jacke 
(cherry picked from commit 318fd95d5ea63724798592eb6b4eebaecfa0cbfb)

Autobuild-User(v4-18-test): Stefan Metzmacher 
Autobuild-Date(v4-18-test): Fri Jan  5 13:46:39 UTC 2024 on atb-devel-224

---

Summary of changes:
 source3/smbd/smb2_ioctl_network_fs.c | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/smb2_ioctl_network_fs.c 
b/source3/smbd/smb2_ioctl_network_fs.c
index 5b396855ca6..9ef99dca90f 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -366,7 +366,7 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX 
*mem_ctx,
struct fsctl_net_iface_info *first = NULL;
struct fsctl_net_iface_info *last = NULL;
size_t i;
-   size_t num_ifaces = iface_count();
+   size_t num_ifaces;
enum ndr_err_code ndr_err;
struct cluster_movable_ips *cluster_movable_ips = NULL;
int ret;
@@ -375,6 +375,16 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX 
*mem_ctx,
return NT_STATUS_INVALID_PARAMETER;
}
 
+   /*
+* The list of probed interfaces might have changed, we might need to
+* refresh local_interfaces to get up-to-date network information, and
+* respond to clients which sent FSCTL_QUERY_NETWORK_INTERFACE_INFO.
+* For example, network speed is changed, interfaces count is changed
+* (some link down or link up), and etc.
+*/
+   load_interfaces();
+   num_ifaces = iface_count();
+
*out_output = data_blob_null;
 
array = talloc_zero_array(mem_ctx,


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  a9862b23e00 docs-xml: use XML_CATALOG_FILES env var if defined
   via  96897774dd7 winbind_nss_netbsd: fix missing semicolon
   via  49d9e55edd9 doc-xml: fix name of vfs_linux_xfs man page
   via  529fb888a6c smbd: Fix traversing snapshot dirs that vanished in 
current fileset
   via  7f4d5a3737f shadow_copy: Add test for missing directory in 
"current" fileset
  from  9f8a73d7cc4 s3:smbd multichannel: always refresh the network 
information

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit a9862b23e000fc84fa910bab933db742f38abf20
Author: Björn Jacke 
Date:   Mon Dec 25 19:50:55 2023 +0100

docs-xml: use XML_CATALOG_FILES env var if defined

Thanks to Thierry LARONDE for the fix.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15540

Signed-off-by: Björn Jacke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit b9f32b32e0e1463b8ca3e696d682ecf86503464b)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jan  8 14:02:46 UTC 2024 on atb-devel-224

commit 96897774dd7df89b6b10437b25f48055431826e6
Author: Björn Jacke 
Date:   Mon Dec 25 19:53:30 2023 +0100

winbind_nss_netbsd: fix missing semicolon

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15541

Signed-off-by: Bjoern Jacke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit b41f95f891ab5b1d1878735a513be5d9a13f63c6)

commit 49d9e55edd963b6df3a33e7494271dc18ccae29d
Author: Björn Jacke 
Date:   Mon Dec 25 19:49:38 2023 +0100

doc-xml: fix name of vfs_linux_xfs man page

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15542

Signed-off-by: Bjoern Jacke 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 2073bbf9dcab5fabe5e683c12e16c195239fcba1)

commit 529fb888a6c27819a228ffc08fd6cf0430707fa2
Author: Volker Lendecke 
Date:   Thu Dec 28 14:38:37 2023 +0100

smbd: Fix traversing snapshot dirs that vanished in current fileset

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 

Autobuild-User(master): Jeremy Allison 
Autobuild-Date(master): Tue Jan  2 20:37:01 UTC 2024 on atb-devel-224

commit 7f4d5a3737f96e1e2298963fb7e7541c67eacc50
Author: Volker Lendecke 
Date:   Thu Dec 28 14:20:11 2023 +0100

shadow_copy: Add test for missing directory in "current" fileset

Right now we can't traverse a subdirectory in a snapshot which was
deleted in the current set of files.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15544

Signed-off-by: Volker Lendecke 
Reviewed-by: Jeremy Allison 
(cherry picked from commit a0bfadb32b83ab1e58290f84c298d345e21866d9)

---

Summary of changes:
 buildtools/wafsamba/wafsamba.py|  2 +-
 docs-xml/manpages/vfs_linux_xfs_sgid.8.xml |  4 ++--
 nsswitch/winbind_nss_netbsd.c  |  2 +-
 source3/script/tests/test_shadow_copy.sh   | 27 +++
 source3/smbd/filename.c|  2 +-
 5 files changed, 32 insertions(+), 5 deletions(-)


Changeset truncated at 500 lines:

diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py
index 17a188f5036..12b1bbcea96 100644
--- a/buildtools/wafsamba/wafsamba.py
+++ b/buildtools/wafsamba/wafsamba.py
@@ -1181,7 +1181,7 @@ def SAMBAMANPAGES(bld, manpages, extra_source=None):
 bld.env.SAMBA_EXPAND_XSL = bld.srcnode.abspath() + 
'/docs-xml/xslt/expand-sambadoc.xsl'
 bld.env.SAMBA_MAN_XSL = bld.srcnode.abspath() + '/docs-xml/xslt/man.xsl'
 bld.env.SAMBA_CATALOG = bld.bldnode.abspath() + 
'/docs-xml/build/catalog.xml'
-bld.env.SAMBA_CATALOGS = 'file:///etc/xml/catalog 
file:///usr/local/share/xml/catalog file://' + bld.env.SAMBA_CATALOG
+bld.env.SAMBA_CATALOGS = os.getenv('XML_CATALOG_FILES', 
'file:///etc/xml/catalog file:///usr/local/share/xml/catalog') + ' file://' + 
bld.env.SAMBA_CATALOG
 
 for m in manpages.split():
 source = [m + '.xml']
diff --git a/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml 
b/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml
index 73820339a9b..a0117dc17b3 100644
--- a/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml
+++ b/docs-xml/manpages/vfs_linux_xfs_sgid.8.xml
@@ -3,7 +3,7 @@
 
 
 
-   vfs_syncops
+   vfs_linux_xfs_sgid
8
Samba
System Administration tools
@@ -49,7 +49,7 @@
 
EXAMPLES
 
-   Add syncops functionality for [share]:
+   Add linux_xfs_sgid functionality for [share]:
 
 
linux_xfs_sgid
diff --git a/nsswitch/winbind_nss_netbsd.c b/nsswitch/winbind_nss_netbsd.c
index 94552639b7b..473fa50037c 100644
--- a/nsswitch/winbind_nss_netbsd.c
+++ b/nsswitch/winbind_nss_netbsd.c
@@ -185,7 +185,7 @@ netbsdwinbind_ge

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  ee2df0bbb34 smbd: move access override for previous versions to the 
SMB layer
   via  1e108b3ac07 smbd: check for previous versions in 
check_any_access_fsp()
   via  d3f062e2122 smbd: use check_any_access_fsp() for all access checks
   via  77a71bc9932 smbd: replace CHECK_WRITE() macro with calls to 
check_any_access_fsp()
   via  15536403f63 smbd: set fsp->fsp_flags.can_write to false for access 
to previous-versions
   via  8ee0768d6f2 smbd: return correct error when trying to create a 
hardlink to a VSS file
   via  8c08511f97d smbd: fix check_any_access_fsp() for non-fsa fsps
   via  b775434b7eb smbd: rename check_access_fsp() to 
check_any_access_fsp()
   via  d87294724e6 smbd: set fsp_flags.is_fsa to true on printer file 
handles
   via  c8e1d26cea5 smbd: return the correct error in can_rename()
   via  7080c5b4850 smbtorture: expand smb2.twrp.write test
   via  469c91c4133 s4/libcli/raw: implemement 
RAW_SFILEINFO_LINK_INFORMATION
   via  29f629a155f selftest: remove error_inject from shadow_write share
  from  a9862b23e00 docs-xml: use XML_CATALOG_FILES env var if defined

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit ee2df0bbb3429ca2bece2b651e00182453d1b089
Author: Ralph Boehme 
Date:   Fri Dec 15 11:59:36 2023 +0100

smbd: move access override for previous versions to the SMB layer

Doing the previous version access checks and semantics at the SMB
layer means we can simplify the shadow_copy2 and remove the kludge.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 

Autobuild-User(master): Ralph Böhme 
Autobuild-Date(master): Mon Jan  8 16:58:26 UTC 2024 on atb-devel-224

(backported from commit f14a7065690b00e3c6af2c1f0b0aec51c1e0b372)
[s...@samba.org: vfs_shadow_copy2.c: no TALLOC_FREE() in context]
[s...@samba.org: open.c: assign result from calculate_open_access_flags()]

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Jan 16 10:05:29 UTC 2024 on atb-devel-224

commit 1e108b3ac072ac396fc07f4cb4073217af2877bf
Author: Ralph Boehme 
Date:   Wed Dec 20 15:09:59 2023 +0100

smbd: check for previous versions in check_any_access_fsp()

Now that check_any_access_fsp() is broadly used consistently to
restrict access for all modifying operations, we can add a check for
previous versions to check_any_access_fsp() and it gets enforced
consistently.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit fd4e41144a819b4403340e4a28664ac586722b41)

commit d3f062e21224f720ca724dee740ade5d56748da1
Author: Ralph Boehme 
Date:   Wed Dec 20 18:01:57 2023 +0100

smbd: use check_any_access_fsp() for all access checks

Replaces the direct access to fsp->access_mask with a call to
check_any_access_fsp() which allows doing additional checks if needed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 
(backported from commit 02ed99343d19fd0845531ad99a46b1dd5b8a7a4f)
[s...@samba.org: vfs_acl_common.c: different chown_needed check]

commit 77a71bc9932acc7e73fe4b89443bf500c0374a98
Author: Ralph Boehme 
Date:   Wed Dec 20 18:32:25 2023 +0100

smbd: replace CHECK_WRITE() macro with calls to check_any_access_fsp()

The additional check if fd underlying fd is valid and not -1 should not be 
done
at this place. I actually would prefer an write to fail with EBADF if this
happens, as it's likely easier to debug why this happened. These days we 
should
always have a valid fd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit 995a31c8d4c1789c16bae6b8196f2565d4b1dfdb)

commit 15536403f631e757b8d3db77ea442cb858e03bd3
Author: Ralph Boehme 
Date:   Wed Dec 20 18:03:22 2023 +0100

smbd: set fsp->fsp_flags.can_write to false for access to previous-versions

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit ee3035218df4cfd68b6aab6825c78f2b85234c6c)

commit 8ee0768d6f2c1b79a4ad381f0cef1ae32a9618b7
Author: Ralph Boehme 
Date:   Fri Dec 22 11:19:38 2023 +0100

smbd: return correct error when trying to create a hardlink to a VSS file

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme 
Reviewed-by: Stefan Metzmacher 
(cherry picked from commit a0ae45be770a13373c148a689b9761f14c4f942c)

commit 8c08511f97d0915fdc87c77f4c5a815

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  e6745b15107 s3:passdb: smbpasswd reset permissions only if not 0600
   via  161efeac21d system.c: fix fake directory create times
   via  0d75a9acaf3 time.c: fix ctime which was feeded with the mtime 
seconds
  from  ee2df0bbb34 smbd: move access override for previous versions to the 
SMB layer

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit e6745b151074c620fe5d102b0b5f0c47023e12e1
Author: Jones Syue 
Date:   Fri Jan 12 11:52:34 2024 +0800

s3:passdb: smbpasswd reset permissions only if not 0600

Browsing files or download files from samba server, smbd would check user's
id to decide whether this user could access these files, by lookup user's
information from the password file (e.g. 
/usr/local/samba/private/smbpasswd).
smbd might goes through startsmbfilepwent(), this api calls [f]chmod() to
make sure the password file has valid permissions 0600.

Consider a scenario: we are doing a read performance benchmark about
downloading a bunch of files (e.g. a thousand files) from a samba server,
monitoring file system i/o activities counters, and expecting that should
be only read operations on file system because this is just downloading, no
uploading is involved. But actually found that still write operations on 
file
system, because smbd lookup user and always reset 0600 permissions on 
password
file while access each file, it makes dirty pages (inode modification) in 
ram,
later triggered a kernel journal daemon to sync dirty pages into back 
storage
(e.g. ext3 kjournald, or ext4 jbd2).
This looks like not friendly for read performance benchmark if it happened 
on
an entry-level systems with much less memory and limited computation power,
because dirty pages syncing in the meantime slows down read performance.

This patch adds fstat() before [f]chmod(), it would check whether password
file has valid permissions 0600 or not. If 0600 smbd would bypass [f]chmod()
to avoid making dirty pages on file systems. If not 0600 smbd would warn and
go through [f]chmod() to set valid permissions 0600 to password file as
earlier days.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=1

Signed-off-by: Jones Syue 
Reviewed-by: Jeremy Allison 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Thu Jan 18 10:28:19 UTC 2024 on atb-devel-224

(cherry picked from commit c82a267b2a1b7617e818548aa486b7cfbda74657)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jan 22 10:09:52 UTC 2024 on atb-devel-224

commit 161efeac21dd2d4f36d72b50c25f1e4b434c15a7
Author: Bjoern Jacke 
Date:   Mon Jan 8 15:04:12 2024 +

system.c: fix fake directory create times

This was broken by c9c3d4312d7281904fc back in 2009 already.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12421

Signed-off-by: Bjoern Jacke 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 56c3dbc2ff8531772bf79eb9da3497767a20ce6f)

commit 0d75a9acaf31aecbe3d0f5409350ddcadfd8e00a
Author: Björn Jacke 
Date:   Sun Jan 7 05:09:58 2024 +0100

time.c: fix ctime which was feeded with the mtime seconds

This bug was introduced with 53a1d034f3e47ed3c in 2020.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15550

Signed-off-by: Bjoern Jacke 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 2df2e34c3c1ccf76bbcc78586cbbb6433b6d30d5)

---

Summary of changes:
 lib/util/time.c|  2 +-
 source3/lib/system.c   |  1 +
 source3/passdb/pdb_smbpasswd.c | 36 
 3 files changed, 30 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/time.c b/lib/util/time.c
index 773fd611a33..bc1ea5f6473 100644
--- a/lib/util/time.c
+++ b/lib/util/time.c
@@ -1450,7 +1450,7 @@ struct timespec get_ctimespec(const struct stat *pst)
 {
struct timespec ret;
 
-   ret.tv_sec = pst->st_mtime;
+   ret.tv_sec = pst->st_ctime;
ret.tv_nsec = get_ctimensec(pst);
return ret;
 }
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 16fe3839446..5874afadd3c 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -186,6 +186,7 @@ static void make_create_timespec(const struct stat *pst, 
struct stat_ex *dst,
if (S_ISDIR(pst->st_mode) && fake_dir_create_times) {
dst->st_ex_btime.tv_sec = 315493200L;  /* 1/1/1980 */
dst->st_ex_btime.tv_nsec = 0;
+   return;
}
 
dst->st_ex_iflags &= ~ST_EX_IFLAG_CALCULATED_BTIME;
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpa

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  974a8908223 smbd: use dirfsp and atname in open_directory()
   via  ab7d69665d0 smbd: use safe_symlink_target_path() in 
symlink_target_below_conn()
   via  0086f3d4b7b smbd: add a directory argument to 
safe_symlink_target_path()
   via  f495f6d2778 smbd: pass symlink target path to 
safe_symlink_target_path()
   via  8bac9003342 CI: disable /proc/fds and RESOLVE_NO_SYMLINK in 
samba-no-opath-build runner
   via  4b1f0c6e8bb vfs_default: allow disabling /proc/fds and 
RESOLVE_NO_SYMLINK at compile time
  from  e6745b15107 s3:passdb: smbpasswd reset permissions only if not 0600

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 974a890822384314178281875c8afbd9959e2db1
Author: Ralph Boehme 
Date:   Mon Dec 18 12:35:58 2023 +0100

smbd: use dirfsp and atname in open_directory()

On systems without /proc/fd support this avoid the expensive chdir()
logic in non_widelink_open(). open_file_ntcreate() already passes
dirfsp and atname to reopen_from_fsp(), it was just missed in the
conversion.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Reviewed-by: Volker Lendecke 
Signed-off-by: Ralph Boehme 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Jan 22 12:00:56 UTC 2024 on atb-devel-224

(cherry picked from commit 2713023250f15cf9971d88620cab9dd4afd0dc73)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Mon Jan 29 11:53:56 UTC 2024 on atb-devel-224

commit ab7d69665d0d9bffd5ba06efa4bf28e09c041b7b
Author: Ralph Boehme 
Date:   Tue Jan 2 14:34:26 2024 +0100

smbd: use safe_symlink_target_path() in symlink_target_below_conn()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 1965fc77b3852a0593e13897af08f5304a1ce3a2)

commit 0086f3d4b7b4bd5726c19863c063af0a8de10cd5
Author: Ralph Boehme 
Date:   Tue Jan 2 13:25:25 2024 +0100

smbd: add a directory argument to safe_symlink_target_path()

Existing caller passes NULL, no change in behaviour. Prepares for
replacing symlink_target_below_conn() in open.c.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme 
Reviewed-by: Volker Lendecke 
(cherry picked from commit fc80c72d658a41fe4d93b24b793b52c91b350175)

commit f495f6d2778c47f137d896a2351fe7ddb1637d3f
Author: Ralph Boehme 
Date:   Tue Jan 2 12:49:14 2024 +0100

smbd: pass symlink target path to safe_symlink_target_path()

Moves processing the symlink error response to the caller
filename_convert_dirfsp(). Prepares for using this in
non_widelink_open(), where it will replace symlink_target_below_conn()
with the same functionality.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme 
Reviewed-by: Volker Lendecke 
(back-ported from commit 0515dded4ddb49e5570ae7df51126af1a2d643de)

commit 8bac90033423e96addc0a50418381a943eba9839
Author: Ralph Boehme 
Date:   Tue Dec 19 11:12:49 2023 +0100

CI: disable /proc/fds and RESOLVE_NO_SYMLINK in samba-no-opath-build runner

This is a more sensible combination of missing Linux specific features:

- O_PATH
- openat2() with RESOLVE_NO_SYMLINKS
- somehow safely reopen an O_PATH file handle

Currently only O_PATH is disabled for these jobs, but that doesn't really 
match
and know OS.

The following list shows which features are available and used by Samba on 
a few
OSes:

| O_PATH | RESOLVE_NO_SYMLINKS | Safe reopen| CI covered
||-|
| Supported Used | Supported Used  | Supported Used |

Linux   | + +| + + | + +| +
FreeBSD | + +| + [1] - | + [2] -| -
AIX | - -| - - | - -| +

So by also disabling RESOLVE_NO_SYMLINKS and Safe Reopen, we cover classic 
UNIX
systems like AIX.

[1] via open() flag O_RESOLVE_BENEATH
[2] via open() flag O_EMPTY_PATH

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15549

Signed-off-by: Ralph Boehme 
Reviewed-by: Volker Lendecke 
(cherry picked from commit 62cbe145c7e500c4759ed2005c78bd5056c87f43)

commit 4b1f0c6e8bb98088eb8ec6864e4f1f614720ed70
Author: Ralph Boehme 
Date:   Tue Dec 19 11:11:55 2023 +0100

vfs_default: allow disabling /proc/fds and RESOLVE_NO_SYMLINK at compile 
time

This will be used in CI to have a gitlab runner without all modern Linux
features we make use o

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  18305d8d86c VERSION: Bump version up to Samba 4.18.11...
   via  51a13a23371 VERSION: Disable GIT_SNAPSHOT for the 4.18.10 release.
   via  13709fd743d WHATSNEW: Add release notes for Samba 4.18.10.
  from  974a8908223 smbd: use dirfsp and atname in open_directory()

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 18305d8d86c392704ac3e9bb4255e299d65db528
Author: Jule Anger 
Date:   Wed Jan 31 21:34:34 2024 +0100

VERSION: Bump version up to Samba 4.18.11...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 51a13a23371ea483811cbbdd2a700e31130453e5
Author: Jule Anger 
Date:   Wed Jan 31 21:33:46 2024 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.10 release.

Signed-off-by: Jule Anger 

commit 13709fd743d7b4a91c3836f24db46481ece4997f
Author: Jule Anger 
Date:   Wed Jan 31 21:33:05 2024 +0100

WHATSNEW: Add release notes for Samba 4.18.10.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 82 ++--
 2 files changed, 81 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index ac25cfd99fa..a4cb410d3b8 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=10
+SAMBA_VERSION_RELEASE=11
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 3c77ebfd0f6..be2f81f823b 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,82 @@
+   ===
+   Release Notes for Samba 4.18.10
+  January 31, 2024
+   ===
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.9
+
+
+o  Ralph Boehme 
+   * BUG 13688: Windows 2016 fails to restore previous version of a file from a
+ shadow_copy2 snapshot.
+   * BUG 15549: Symlinks on AIX are broken in 4.19 (and a few version before
+ that).
+
+o  Samuel Cabrero 
+   * BUG 13577: net changesecretpw cannot set the machine account password if
+ secrets.tdb is empty.
+
+o  Bjoern Jacke 
+   * BUG 12421: Fake directory create times has no effect.
+
+o  Björn Jacke 
+   * BUG 15540: For generating doc, take, if defined, env XML_CATALOG_FILES.
+   * BUG 15541: Trivial C typo in nsswitch/winbind_nss_netbsd.c.
+   * BUG 15542: vfs_linux_xfs is incorrectly named.
+   * BUG 15550: ctime mixed up with mtime by smbd.
+
+o  Volker Lendecke 
+   * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+   * BUG 15544: shadow_copy2 broken when current fileset's directories are
+ removed.
+
+o  Stefan Metzmacher 
+   * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+   * BUG 15534: smbd does not detect ctdb public ipv6 addresses for 
multichannel
+ exclusion.
+
+o  Martin Schwenke 
+   * BUG 15523: ctdb RELEASE_IP causes a crash in release_ip if a connection to
+ a non-public address disconnects first.
+
+o  Shachar Sharon 
+   * BUG 15440: Unable to copy and write files from clients to Ceph cluster via
+ SMB Linux gateway with Ceph VFS module.
+
+o  Jones Syue 
+   * BUG 15547: Multichannel refresh network information.
+   * BUG 1: smbpasswd reset permissions only if not 0600.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
==
Release Notes for Samba 4.18.9
  November 29, 2023
@@ -117,8 +196,7 @@ database (https://bugzilla.samba.org/).
 ===

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  081a6d5fc1d ctdb-protocol: Add missing push support for new controls
  from  18305d8d86c VERSION: Bump version up to Samba 4.18.11...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 081a6d5fc1df36a2d57dae6ecff8664396fac363
Author: Martin Schwenke 
Date:   Fri Feb 9 17:29:46 2024 +1100

ctdb-protocol: Add missing push support for new controls

CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
CTDB_CONTROL_TCP_CLIENT_PASSED were added in commits
c6602b686b4e50d93272667ef86d3904181fb1ab and
037e8e449deb136ad5ed5e4de05439411b545b6d.  They were missing test
support for the packet push/pull.  While adding the testing (for
completeness, before adding another new control) I noticed that the
push functionality was absent.  This adds that, along with the test
support.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15580

Signed-off-by: Martin Schwenke 
Reviewed-by: Volker Lendecke 

Autobuild-User(master): Volker Lendecke 
Autobuild-Date(master): Mon Feb 19 10:21:48 UTC 2024 on atb-devel-224

(cherry picked from commit dd9b11acbc4fbde1941719968aeb463b853b0ffb)

Autobuild-User(v4-18-test): Jule Anger 
Autobuild-Date(v4-18-test): Tue Feb 20 12:56:43 UTC 2024 on atb-devel-224

---

Summary of changes:
 ctdb/protocol/protocol_control.c  |  8 
 ctdb/tests/src/protocol_common_ctdb.c | 33 +
 ctdb/tests/src/protocol_ctdb_test.c   |  2 +-
 3 files changed, 42 insertions(+), 1 deletion(-)


Changeset truncated at 500 lines:

diff --git a/ctdb/protocol/protocol_control.c b/ctdb/protocol/protocol_control.c
index 83ed6cb4ee1..e4491159937 100644
--- a/ctdb/protocol/protocol_control.c
+++ b/ctdb/protocol/protocol_control.c
@@ -693,6 +693,14 @@ static void ctdb_req_control_data_push(struct 
ctdb_req_control_data *cd,
case CTDB_CONTROL_ECHO_DATA:
ctdb_echo_data_push(cd->data.echo_data, buf, &np);
break;
+
+   case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+   ctdb_connection_push(cd->data.conn, buf, &np);
+   break;
+
+   case CTDB_CONTROL_TCP_CLIENT_PASSED:
+   ctdb_connection_push(cd->data.conn, buf, &np);
+   break;
}
 
*npush = np;
diff --git a/ctdb/tests/src/protocol_common_ctdb.c 
b/ctdb/tests/src/protocol_common_ctdb.c
index 384076824a4..8a8e114f67a 100644
--- a/ctdb/tests/src/protocol_common_ctdb.c
+++ b/ctdb/tests/src/protocol_common_ctdb.c
@@ -593,6 +593,19 @@ void fill_ctdb_req_control_data(TALLOC_CTX *mem_ctx,
 
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+   case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+   cd->data.conn = talloc(mem_ctx, struct ctdb_connection);
+   assert(cd->data.conn != NULL);
+   fill_ctdb_connection(mem_ctx, cd->data.conn);
+   break;
+
+   case CTDB_CONTROL_TCP_CLIENT_PASSED:
+   cd->data.conn = talloc(mem_ctx, struct ctdb_connection);
+   assert(cd->data.conn != NULL);
+   fill_ctdb_connection(mem_ctx, cd->data.conn);
+   break;
+
}
 }
 
@@ -982,6 +995,14 @@ void verify_ctdb_req_control_data(struct 
ctdb_req_control_data *cd,
 
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+   case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+   verify_ctdb_connection(cd->data.conn, cd2->data.conn);
+   break;
+
+   case CTDB_CONTROL_TCP_CLIENT_PASSED:
+   verify_ctdb_connection(cd->data.conn, cd2->data.conn);
+   break;
}
 }
 
@@ -1378,6 +1399,12 @@ void fill_ctdb_reply_control_data(TALLOC_CTX *mem_ctx,
 
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+   case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+   break;
+
+   case CTDB_CONTROL_TCP_CLIENT_PASSED:
+   break;
}
 }
 
@@ -1715,6 +1742,12 @@ void verify_ctdb_reply_control_data(struct 
ctdb_reply_control_data *cd,
 
case CTDB_CONTROL_ENABLE_NODE:
break;
+
+   case CTDB_CONTROL_TCP_CLIENT_DISCONNECTED:
+   break;
+
+   case CTDB_CONTROL_TCP_CLIENT_PASSED:
+   break;
}
 }
 
diff --git a/ctdb/tests/src/protocol_ctdb_test.c 
b/ctdb/tests/src/protocol_ctdb_test.c
index f6fb5134a00..840d465ae30 100644
--- a/ctdb/tests/src/protocol_ctdb_test.c
+++ b/ctdb/tests/src/protocol_ctdb_test.c
@@ -277,7 +277,7 @@ PROTOCOL_CTDB4_TEST(struct ctdb_req_dmaster, 
ctdb_req_dmaster,
 PROTOCOL_CTDB4_TEST(struct ctdb_reply_dmaster, ctdb_reply_dmaster,
CTDB_REPLY_DMASTER);
 
-#define NUM_CONTROLS   159
+#define NUM_CONTROLS   161
 
 PROTOCOL_CTDB2_TEST(struct ctdb_req_control_data, ctdb_req_control_d

[SCM] Samba Shared Repository - branch v4-18-test updated

[Jule Anger]

The branch, v4-18-test has been updated
   via  105e6d817dd VERSION: Bump version up to Samba 4.18.12...
   via  4017976e8c0 VERSION: Disable GIT_SNAPSHOT for the 4.18.11 release.
   via  2edd0aac9f1 WHATSNEW: Add release notes for Samba 4.18.11.
  from  081a6d5fc1d ctdb-protocol: Add missing push support for new controls

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -
commit 105e6d817ddd2654bf44db92027d20c7cb0e85eb
Author: Jule Anger 
Date:   Wed Mar 13 16:48:07 2024 +0100

VERSION: Bump version up to Samba 4.18.12...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger 

commit 4017976e8c0f5d1ae79ea01f1d4a46608ee0f61f
Author: Jule Anger 
Date:   Wed Mar 13 16:47:33 2024 +0100

VERSION: Disable GIT_SNAPSHOT for the 4.18.11 release.

Signed-off-by: Jule Anger 

commit 2edd0aac9f115b21b7c58b254c7b814ee664380e
Author: Jule Anger 
Date:   Wed Mar 13 16:47:00 2024 +0100

WHATSNEW: Add release notes for Samba 4.18.11.

Signed-off-by: Jule Anger 

---

Summary of changes:
 VERSION  |  2 +-
 WHATSNEW.txt | 44 ++--
 2 files changed, 43 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/VERSION b/VERSION
index a4cb410d3b8..25cf7311e9c 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=18
-SAMBA_VERSION_RELEASE=11
+SAMBA_VERSION_RELEASE=12
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index be2f81f823b..1bcbbdedcfc 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,44 @@
+   ===
+   Release Notes for Samba 4.18.11
+   March 13, 2024
+   ===
+
+
+This is the latest stable release of the Samba 4.18 release series.
+
+
+Changes since 4.18.10
+-
+
+o  Martin Schwenke 
+   * BUG 15580: Packet marshalling push support missing for
+ CTDB_CONTROL_TCP_CLIENT_DISCONNECTED and
+ CTDB_CONTROL_TCP_CLIENT_PASSED
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical:matrix.org matrix room, or
+#samba-technical IRC channel on irc.libera.chat.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+==
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+==
+
+
+Release notes for older releases follow:
+
===
Release Notes for Samba 4.18.10
   January 31, 2024
@@ -75,8 +116,7 @@ database (https://bugzilla.samba.org/).
 ==
 
 
-Release notes for older releases follow:
-
+--
==
Release Notes for Samba 4.18.9
  November 29, 2023


-- 
Samba Shared Repository