[Pkg-samba-maint] [samba] branch upstream_4.5 created (now a4dd3c9)
Mathieu Parent
sathieu at moszumanska.debian.org
Sat Sep 10 19:50:40 UTC 2016
This is an automated email from the git hooks/post-receive script.
sathieu pushed a change to branch upstream_4.5
in repository samba.
at a4dd3c9 New upstream version 4.5.0+dfsg
This branch includes the following new commits:
new ca9bbc8 selftest: Avoid sorting issues on Ubuntu 10.04 vs 14.04
new 42fe66f tests: Allow alternative error code for backupkey test
new 5235f1f util/binsearch: macro for greater than or equal search
new 407c812 util/tests: add test for BINARY_ARRAY_SEARCH_V macro
new 4c38e74 dsdb: Introduce LDB_SYNTAX_SAMBA_OCTET_STRING
new 182c87f ldb paged_results: quieten a warning.
new 2973d4c ldb controls: base64 encode VLV response context strings
new 78f8a89 ldb controls: better error string for VLV control
new 5421d70 ldap VLV: use correct ASN.1 encoding for requests
new d2c6f76 ldap VLV: memdup, not strdup VLV context_id
new 177ca76 vlv: better syntax for parsing greater than or equal strings
new 8b650a5 ldap: fix search control rule identifiers ASN.1 type
new 8ca1e34 ASN1: use a talloc context in read_contextSimple
new fe2bcf9 ldap VLV: correct ASN1 parsing of VLV requests
new 16fda12 ldb controls: use uint8_t* for contextID binary blob
new 9bbd7d1 asn1: make readContextSimple() add a NUL byte
new 577f972 ldb_controls: add base64 option to VLV
new b797baa Add python server sort tests
new 5d6a67e ldb sort: allow sorting on attributes not returned in search
new c1b68fa torture_ldap_sort: avoid segfault
new 1c79654 configure: set HAVE___ATTRIBUTE__ for heimdal
new 19cbdf9 vfs_united_media: Fix CID 1355492 Uninitialized scalar variable
new 5741e84 smbd: Avoid an "else"
new 3e88ccd testparm: vfs_fruit checks
new f28014d docs: update vfs_fruit manpage
new 085b687 s3/utils/regedit.c: typo
new 34ae5c5 s4/auth/ntlm/auth_unix.c: add parens
new ad9c1aa s4/client/cifsdd.c: typo
new 511c747 s4/heimdal/lib/gssapi/mech/gss_compare_name.c: typo
new cb51e8d s4/heimdal/lib/krb5/pac.c: typo
new 12879b3 ctdb-tests: Fix description of NFS tickle test
new df2d752 ctdb-tests: Fix CIFS tickle test
new 0328098 ctdb-tests: Re-indent and re-format some functions
new 6b51ea3 ctdb-tests: Allow tcptickle_sniff_wait_show() to filter by MAC address
new 05051bd ctdb-tests: Add a new NFS tickle test for the releasing node
new 4bf6cab ctdb-doc: Sort the tunable variables in alphabetical order
new aa700de ctdb-tunables: Add missing flags in the initializer
new 73ab0f9 ctdb-tunables: Mark tunable MaxRedirectCount obsolete
new 4a78200 ctdb-tunables: Mark tunable ReclockPingPeriod obsolete
new e253908 ctdb-doc: Update tunables documentation
new 3680aba ctdb-doc: Add documentation for missing tunables
new 700f393 ctdb-recovery-helper: Get tunables first, so control timeout can be set
new bd23b43 ctdb-tunables: Fix the implementation of LIST_TUNABLES control
new 2db5e3e ctdb-doc: Update ctdb man page
new 963d082 ctdb-doc: Update ctdb man page
new 21ec67e ctdb-doc: Drop outdated NEWS file
new aaa57fb ctdb-tools: Drop "ctdb rebalanceip"
new d678684 ctdb-tools: Drop "ctdb rebalancenode"
new c9e69a4 ctdb-recoverd: Drop use of DeferredRebalanceOnNodeAdd tunable
new fa8bd41 ctdb-tunables: Mark tunable DeferredRebalanceOnNodeAdd obsolete
new b551cd8 CVE-2015-7560: s3: smbd: Add refuse_symlink() function that can be used to prevent operations on a symlink.
new 306a7f3 CVE-2015-7560: s3: smbd: Refuse to get an ACL from a POSIX file handle on a symlink.
new 9ee4ddd CVE-2015-7560: s3: smbd: Refuse to set an ACL from a POSIX file handle on a symlink.
new 5941d75 CVE-2015-7560: s3: smbd: Refuse to set a POSIX ACL on a symlink.
new 0be0b75 CVE-2015-7560: s3: smbd: Refuse to get a POSIX ACL on a symlink.
new 464d044 CVE-2015-7560: s3: smbd: Set return values early, allows removal of code duplication.
new 3f491d7 CVE-2015-7560: s3: smbd: Silently return no EA's available on a symlink.
new 77b3d5b CVE-2015-7560: s3: smbd: Refuse to set EA's on a symlink.
new e7e23e9 CVE-2015-7560: s3: libsmb: Rename cli_posix_getfaclXX() functions to cli_posix_getacl() as they operate on pathnames.
new 6b61b54 CVE-2015-7560: s3: libsmb: Add SMB1-only POSIX cli_posix_setacl() functions. Needed for tests.
new 19eb1c9 CVE-2015-7560: s3: torture3: Add new POSIX-SYMLINK-ACL test.
new 841ae4a CVE-2015-7560: s3: torture3: Add new POSIX-SYMLINK-EA test.
new 42524c2 CVE-2016-0771: s4:librpc: python_dns and python_dcerpc_dnsp doesn't require client bindings
new 63b1fb0 CVE-2016-0771: librpc: add RPC_NDR_DNSSERVER to dcerpc-samba library
new 1cc57a9 CVE-2016-0771: librpc: add ndr_dnsp_string_list_copy() helper function
new ee8d777 CVE-2016-0771: s4:dns_server: fix idl for dns_txt_record
new d22a9f4 CVE-2016-0771: dns.idl: make use of dnsp_hinfo
new e09544d CVE-2016-0771: tests/dns: Modify dns tests to match new IDL
new 2ad53d1 CVE-2016-0771: tests/dns: prepare script for further testing
new a988dc7 CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows
new 866bf51 CVE-2016-0771: tests/dns: Add a comment regarding odd Windows behaviour
new 5b10cc2 CVE-2016-0771: tests/dns: restore formerly segfaulting test
new bbda6b6 CVE-2016-0771: tests/dns: Correct error code for formerly unrun test
new 2a796e5 CVE-2016-0771: tests/dns: Add some more test cases for TXT records
new ffec494 CVE-2016-0771: tests/dns: modify tests to check via RPC
new 8e056ca CVE-2016-0771: dnsserver: don't force UTF-8 for TXT
new 286b7a5 CVE-2016-0771: tests/dns: RPC => DNS roundtrip test
new 8cee2c8 CVE-2016-0771: tests: rename test getopt to get_opt
new 9f1ba00 CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest
new c37c4b1 CVE-2016-0771: tests/dns: Remove dependencies on env variables
new 1e1e12a s3-libads: Pass down the salt principal in smb_krb5_kt_add_entry()
new a135b35 s3-libads: Call smb_krb5_create_key_from_string() directly
new 49efa93 s3-libads: Use the C99 boolean false
new 4e36728 krb5_wrap: Move smb_krb5_kt_add_entry() to krb5_wrap
new c2f5c30 krb5_wrap: Add smb_krb5_open_keytab_relative() function
new eb880cc s3-libnet: Allow the keytab function to use a relative path
new 5c5d586 s4-libnet: Implement export_keytab without HDB
new f7116f0 s4-selftest: Make export keytab test heimdal specific
new 771042a lib/util_net: move ipv6 linklocal handling into interpret_string_addr_internal()
new 6400bbb lib/util_net: add support for .ipv6-literal.net
new e906739 s3:test_smbclient_auth.sh: test using the ip address in the unc path (incl. ipv6-literal.net)
new 2c9f955 s3:selftest: run samba3.blackbox.smbclient_auth.plain also with $SERVER_IPV6
new 2e71f5d epmapper.idl: make epm_twr_t available in python bindings
new 5afc2d8 dcerpc.idl: make WERROR RPC faults available in ndr_print output
new e9e9ba7 librpc/rpc: add error mappings for NO_CALL_ACTIVE, OUT_OF_RESOURCES and BAD_STUB_DATA
new 960b0ad s4:librpc/rpc: map alter context SEC_PKG_ERROR to NT_STATUS_LOGON_FAILURE
new cd8af25 s3:libads: remove unused ads_connect_gc()
new 1fd5bda wscript_configure_system_mitkrb5: add configure checks for GSS_KRB5_CRED_NO_CI_FLAGS_X
new 46b9252 s3:librpc/gse: make use of GSS_C_EMPTY_BUFFER in gse_init_client
new 84c66f1 s3:librpc/gse: fix debug message in gse_init_client()
new a8fa078 s3:librpc/gse: set GSS_KRB5_CRED_NO_CI_FLAGS_X in gse_init_client() if available
new e4aebd7 s3:librpc/gse: correctly support GENSEC_FEATURE_SESSION_KEY
new 79bf883 s3:librpc/gse: don't log gss_acquire_creds failed at level 0
new dec9d08 s3:librpc/gse: implement gensec_gse_max_{input,wrapped}_size()
new 0f67138 s4:pygensec: make sig_size() and sign/check_packet() available
new 5e913af auth/gensec: keep a pointer to a possible child/sub gensec_security context
new 64364e3 auth/gensec: handle gensec_security_by_sasl_name(NULL, ...)
new 8efcb49 auth/gensec: make gensec_security_by_name() public
new ccfd264 s3:auth_generic: add auth_generic_client_start_by_name()
new 79a6fc0 s3:auth_generic: add auth_generic_client_start_by_sasl()
new 0a9e37a auth/ntlmssp: keep ntlmssp_state->server.netbios_domain on the correct talloc context
new a85a02b auth/ntlmssp: add gensec_ntlmssp_server_domain()
new 69a7ec7 s3:ntlm_auth: fix --use-cached-creds with ntlmssp-client-1
new cf2ea04 s3:torture/test_ntlm_auth.py: replace tabs with whitespaces
new 1289130 s3:torture/test_ntlm_auth.py: add --client-use-cached-creds option
new 9bd1ecf s3:tests/test_ntlm_auth_s3: test ntlmssp-client-1 with cached credentials
new 871e8a9 winbindd: pass an memory context to do_ntlm_auth_with_stored_pw()
new 0d66e2d s3:auth_generic: make use of the top level NTLMSSP client code
new 52c03c0 s3:ntlmssp: remove unused libsmb/ntlmssp_wrap.c
new b3d4523 auth/ntlmssp: provide a "ntlmssp_resume_ccache" backend
new 0a93cad auth/gensec: add GENSEC_FEATURE_NTLM_CCACHE define
new b133f66 auth/ntlmssp: implement GENSEC_FEATURE_NTLM_CCACHE
new 8bcde9e s3:auth_generic: add "ntlmssp_resume_ccache" backend in auth_generic_client_prepare()
new 716e78f winbindd: make use of ntlmssp_resume_ccache backend for WINBINDD_CCACHE_NTLMAUTH
new 279d58c s3:ntlm_auth: also use gensec for "ntlmssp-client-1" and "gss-spnego-client"
new e63442a auth/ntlmssp: split out a debug_ntlmssp_flags_raw() that's more complete
new 30d6260 auth/ntlmssp: NTLMSSP_NEGOTIATE_VERSION is not a negotiated option
new afba38d auth/ntlmssp: define all client neg_flags in gensec_ntlmssp_client_start()
new efd4986 auth/ntlmssp: set NTLMSSP_ANONYMOUS for anonymous authentication
new 4fca8ea auth/ntlmssp: don't send domain and workstation in the NEGOTIATE_MESSAGE
new a61ab39 auth/ntlmssp: add ntlmssp_version_blob()
new 4a1809c auth/ntlmssp: let the client always include NTLMSSP_NEGOTIATE_VERSION
new 8af6b8d auth/ntlmssp: use ntlmssp_version_blob() in the server
new 1f88812 security.idl: add LSAP_TOKEN_INFO_INTEGRITY
new ab54e0f ntlmssp.idl: MsAvRestrictions is MsvAvSingleHost now
new f4ff351 ntlmssp.idl: make AV_PAIR_LIST public
new c1e2a1f librpc/ndr: add ndr_ntlmssp_find_av() helper function
new f6b9e1f auth/ntlmssp: use ndr_push_AV_PAIR_LIST in gensec_ntlmssp_server_negotiate().
new 069aee4 auth/gensec: add GENSEC_FEATURE_LDAP_STYLE define
new f3dbe19 auth/ntlmssp: implement GENSEC_FEATURE_LDAP_STYLE
new 122a5f6 auth/ntlmssp: add more compat for GENSEC_FEATURE_LDAP_STYLE
new 5930183 auth/ntlmssp: remove ntlmssp_unwrap() fallback for LDAP
new d04663b s4:libcli/ldap: make use of GENSEC_FEATURE_LDAP_STYLE
new d9d0d2d s4:libcli/ldap: fix retry authentication after a bad password
new 5cf8546 s4:selftest: we don't need to run ldap test with --option=socket:testnonblock=true
new c431543 s4:selftest: simplify the loops over samba4.ldb.ldap
new 0ebe929 s4:ldap_server: make use of GENSEC_FEATURE_LDAP_STYLE
new 8f9a963 s3:libads: add missing TALLOC_FREE(frame) in error path
new 357d37f s3:libads: make use of GENSEC_FEATURE_LDAP_STYLE
new c6f79cf s3:libads: make use of GENSEC_OID_SPNEGO in ads_sasl_spnego_ntlmssp_bind()
new 139ce7d s3:libads: provide a generic ads_sasl_spnego_gensec_bind() function
new 0c204e1 s3:libads: don't pass given_principal to ads_generate_service_principal() anymore.
new c5d7956 s3:libads: keep service and hostname separately in ads_service_principal
new 2cb07ba s3:libads: make use of ads_sasl_spnego_gensec_bind() for GSS-SPNEGO with Kerberos
new 4f6fe27 s3:libsmb: make use gensec based SPNEGO/NTLMSSP
new afffe79 s3:libsmb: unused ntlmssp.c
new 576257f s3:libsmb: let cli_session_setup_ntlmssp*() use gensec_update_send/recv()
new 285c342 s3:libsmb: provide generic cli_session_setup_gensec_send/recv() pair
new 907e2b1 s3:libsmb: call cli_state_remote_realm() within cli_session_setup_spnego_send()
new 0e1b2eb s3:libsmb: make use of cli_session_setup_gensec*() for Kerberos
new 95b9539 s3:libsmb: remove unused cli_session_setup_kerberos*() functions
new 1433501 s3:libsmb: remove unused functions in clispnego.c
new 0400f30 s4:torture/rpc: do testjoin only via ncalrpc or ncacn_np
new c793b23 s4:torture: the backupkey tests need to use ncacn_np: for LSA calls
new f699eb3 s4:selftest: run rpc.samr over ncacn_np instead of ncacn_ip_tcp
new af8c4eb s4:torture:samba3rpc: use an authenticated SMB connection and an anonymous DCERPC connection on top
new 5a39721 s4:librpc/rpc: dcerpc_generic_session_key() should only be available on local transports
new 58b3389 s4:rpc_server/samr: hide a possible NO_USER_SESSION_KEY error
new 645e777 s4:rpc_server: dcesrv_generic_session_key should only work on local transports
new b27cf10 selftest: run net ads join test in a private client env
new b96511f selftest: add some test cases to net ads join
new 59f6a73 s3:lib. Add split_stream_filename() Not yet used.
new e2056f8 s3:lib: Rewrite synthetic_smb_fname_split() to use split_stream_filename().
new 153af65 s3:lib: Remove the const SMB_STRUCT_STAT * parameter from synthetic_smb_fname_split().
new b4246f8 s3:lib: Move internal lp_posix_pathnames() call out of utility function synthetic_smb_fname_split().
new bffa598 s3: smbd: Simplify logic inside rename_internals_fsp() part 1.
new a971cfe s3: smbd: Simplify logic inside rename_internals_fsp() part 2
new 9341c02 smbd: Prevent a crash
new ad5b9c3 ctdb-client: Increase the timeout for TRANS3_COMMIT control
new 0b500d4 Added MSV1_0_ALLOW_MSVCHAPV2 flag to ntlm_auth
new 1a315be s4:dsdb/test/notification: make test_invalid_filter more resilient against ordering races
new 7b4ad69 s4:dsdb/test/sort: avoid 'from collections import Counter'
new 2ef0eed selftest: mark samba4.winbind.struct.domain_info.ad_member as flapping
new 2e2f811 lib/socket/interfaces: Fix some uninitialied bytes.
new 5fc6d2d smbd: Only check dev/inode in open_directory, not the full stat()
new 0a9acd4 build: fix disk-free quota support on Solaris 10
new bb387c5 s3:winbindd: don't unclude two '\0' at the end of the domain list
new 4335371 s4:torture/lsa: improve debug message
new 6ecfc4c dsdb/repl: Ensure we use the LOCAL attid value, not the remote one
new e8e0ffc tests: Allow alternative error code for backupkey test
new 6686f67 Partly revert "s3:libads: setup the msDS-SupportedEncryptionTypes attribute on ldap_add"
new 71d5634 s3:libnet:libnet_join: prepare to allow connecting with machine creds.
new 34030b0 s3:libads:ldap: print LDAP error message with log level 10.
new e8f6acd s3:libads:ndr: add ADS_AUTH_USER_CREDS to ndr_print_ads_auth_flags()
new c61b111 s3:libads:ldap: fix ads_check_ou_dn to deal with account_ou not being initialized
new df8f79c s3:libnet:libnet_join: always try to create machineaccount via LDAP first.
new 4a49f6f s3:librpc:idl:libnet_join: add encryption types to libnet_JoinCtx.
new e0da059 s3:libnet:libnet_join: define list of desired encryption types only once.
new 5d498d1 s3:libnet:libnet_join: fill in output enctypes and only modify when necessary.
new 06aefe4 s3:libnet:libnet_join: update msDS-SupportedEncryptionTypes (if required) with machine creds.
new b7a050d smbd:smb2: remove an unnecessary !! cast.
new fca72bf s3: smbd: Remove the last lp_posix_pathnames() in the rename path.
new 6d9e7ad s3:smbd: Fix build for vfs_aixacl2.c.
new cb70165 s3:smbd:vfs: Change smb_get_nt_acl_nfs4() to take a const struct smb_filename *.
new 377c7b3 s3:smbd:vfs: Change posix_get_nt_acl() from const char * to const struct smb_filename *.
new faf7185 s3:vfs: Change smbacl4_GetFileOwner() to take const struct smb_filename * from const char *.
new e3be771 build: improve comments in tests/oldquotas.c
new 7b431eb build: mark explicit dependencies on pytalloc-util
new f690c1c s3: vfs: vfs_hpuxacl. refuse_symlink() means we can always use STAT here.
new b10d3c6 s3: vfs: vfs_solarisacl. refuse_symlink() means we can always use STAT here.
new 347d3aa s3:vfs: vfs_streams_xattr.c - Remove duplicate code. This is exactly vfs_stat_smb_basename().
new e800092 s3:vfs: vfs_streams_xattr.c: Change walk_xattr_streams() to const struct smb_filename * from const char *.
new c3937f5 s3: smbd: Reformatting - remove unneeded const char *fname variable.
new 641ebf0 s3: smbd: Change canonicalize_ea_name() to take a const smb_filename * parameter from const char *.
new 4404cff s3:smbd: Change get_ea_list_from_file_path() to take a const smb_filename * parameter from const char *.
new e7898c6 s3:smbd: Change get_ea_names_from_file() to take a const smb_filename * parameter from const char *.
new 13dae2b s3:smbd: Change refuse_symlink() to take a const smb_filename * parameter from const char *.
new 6b87710 s3:vfs: Change get_acl_blob() to take a const smb_filename * parameter from const char *.
new e64ab0d s3: vfs: vfs_xattr_tdb - cleanup. Remove unneeded variable "path".
new 8a71e1a param: add parameter "server multi channel support", defaults to off.
new e85e405 smbd: enable multi-channel if 'server multi channel support = yes' in the config
new 74ca470 s3:wscript: pylibsmb depends on pycredentials
new e55806e ldb-samba:wscript: python_samba__ldb depends on pyauth
new 7d46ea4 samba3.blackbox.smbclient_auth.plain: Add new regression test case.
new 67a29a8 smbd: remove quota support for some ancient OSs
new 228ab34 build: fix build when --without-quota specified
new fb80e11 s3:winbindd:idmap: add domain_has_idmap_config() helper function.
new 55be1ee s3:winbindd:idmap_hash: skip domains that already have their own idmap configuration.
new 4632ad9 s3:winbindd:idmap: check loadparm in domain_has_idmap_config() helper as well.
new 4172491 idmap_hash: rename be_init() --> idmap_hash_initialize()
new a16379c idmap_hash: only allow the hash module for default idmap config.
new 44f3dde smbd: fix use after free via conn->fsp_fi_cache
new 2467032 krb5-wrap: Use the principal returned by the KDC to create the ccache
new 1092324 wscript: detect if we have libkdb5 and kdb.h.
new 6825a61 s4-kdc: Introduce a simple sdb_kdb shim layer
new 209d4b5 mit_samba: Use sdb in the mit_samba plugin
new 33fcc76 mit_samba: Make mit_samba a shim layer between Samba and KDB
new 597772d mit_samba: Directly pass the principal and kflags
new 859a6fb mit_samba: Use talloc_zero in mit_samba_context_init().
new 77cec01 mit_samba: Add ks_is_tgs_principal()
new 909e7f9 mit_samba: Add function to change the password
new 9734b5d mit_samba: Add functions to generate random password and salt.
new 23c249a mit_samba: Add function for handling bad password count
new 4865867 mit_samba: Setup logging to stdout
new 7feb650 wscript: Build the KDC code if we have the AD DC build enabled
new ade958e mit-kdb: Add initial MIT KDB Samba driver
new 1b6a085 mit-kdb: Do not overwrite the error code in failure case.
new d787d35 mit-kdb: Use calloc so both authdata elements are zeroed
new e13e9c5 mit-kdb: Add more ks_is_kadmin* functions.
new 742b4c3 mit-kdb: Do not allow to get a kadmin ticket as a client.
new 5a4e3ad mit-kdb: Add ks_create_principal().
new fab9fe0 mit-kdb: Add ks_get_admin_principal() and use it for kadmin users.
new f5e86db mit-kdb: Use calloc to initialize master keylists.
new 5a6819d mit-kdb: Implement KDB function to change passwords
new b76cf19 mit-kdb: Return 0 in kdb_samba_db_put_principal()
new 05cc9b0 mit-kdb: Restrict admin/changepw principal db_entry with some flags
new b0f2165 mit-kdb: Add support for bad password count
new bb72aec mit-kdb: Add support for KDB version 8
new 859c625 mit-kdb: Fix segfault in krb5kdc dereferencing an invalid pointer
new abfa8e3 mit-kdb: Add missing SDB_F_FOR_AS_REQ for AS requests
new 0fa2853 ctdb-protocol: Check header is not null before copying
new 6cdb927 ctdb-protocol: Add protocol debug routines
new bcb6714 ctdb-tests: Add a utility to parse ctdb packets
new c561a42 selftest: s!addc.samba.example.com!addom.samba.example.com!
new b0bdbee selftest: add some helper scripts to mange a CA
new bdc1f03 selftest: add config and script to create a samba.example.com CA
new 520c85a selftest: add CA-samba.example.com (non-binary) files
new 1928f08 selftest: add CA-samba.example.com binary files (currently unused by Samba)
new 2a96885 selftest: mark commands in manage-CA-samba.example.com.sh as DONE
new a6447fd selftest: add Samba::prepare_keyblobs() helper function
new c321a59 selftest: use Samba::prepare_keyblobs() and use the certs from the new CA
new b2c0f71 selftest: set tls crlfile if it exist
new b00c38a selftest: setup information of new samba.example.com CA in the client environment
new 2c36501 s3:selftest: rpc.samr.passwords.validate should run with [seal] in order to be realistic
new f9a1915 s3:test_rpcclient_samlogon.sh: test samlogon with schannel
new 1a7d8b8 s4:torture/netlogon: add/use test_SetupCredentialsPipe() helper function
new 26e5ef6 s4:torture/rpc/samr: use DCERPC_SEAL in setup_schannel_netlogon_pipe()
new 050a1d0 s4:torture/rpc/samlogon: use DCERPC_SEAL for netr_LogonSamLogonEx and validation level 6
new 5058168 s4:torture/rpc: correctly use torture_skip() for test_ManyGetDCName() without NCACN_NP
new 733ccd1 s4:torture/rpc/schannel: don't use validation level 6 without privacy
new cc3dea5 auth/gensec: make sure gensec_security_by_auth_type() returns NULL for AUTH_TYPE_NONE
new 57946ac auth/gensec: split out a gensec_verify_dcerpc_auth_level() function
new 31f07d0 s4:rpc_server: require access to the machine account credentials
new fe93a09 s4-smb_server: check for return code of cli_credentials_set_machine_account().
new c06058a s3-auth: check for return code of cli_credentials_set_machine_account().
new dcaa881 libads: Fix CID 1356316 Uninitialized pointer read
new 3940d4e crypto: Fix CID 1356314 Resource leak
new a243a90 lib: Fix CID 1356315 Dereference before null check
new deaab95 ctdb: Fix CID 1356313 Explicit null dereferenced
new f50c3fb libsmb: Fix CID 1356312 Explicit null dereferenced
new 3563d79 s3:mdssvc: older glib2 versions require g_type_init()
new e8e2386 s4:selftest: run rpc.netlogon.admin also over ncalrpc and ncacn_ip_tcp
new ac4dc0c s3/vfs:stream_depots: Parse substitutions in streams-depot-directory path
new e806824 ldb client controls: avoid talloc_memdup(x, y, (size_t)-1);
new 0ffa5d8 ctdb-daemon: Validate length of new interface names
new e4f5925 ctdb-daemon: Replace an unsafe strcpy(3) call
new 092d6f9 lib: Update socket_wrapper to version 1.1.6
new 9e8876a lib: Update uid_wrapper to version 1.2.1
new b9d93e7 lib: Update nss_wrapper to version 1.1.3
new 31f33a3 s3:smbXsrv.idl: add 8 byte channel_sequence number and request counters to IDL.
new 0884681 smbd:smb2: add a modify flag to dispatch table
new ae6967e smbd:smb2: add request_counters_updated to the smbd_smb2_request struct
new 71d2b19 smbd:smb2: implement channel sequence checks and request counters in dispatch
new 7dbb170 smbd:smb2: update outstanding request counters before sending a reply
new f81f3a2 smbd:smb2: add some asserts before decrementing the counters
new ccda60e libcli:smb:smbXcli_base: add smb2cli_session_current_channel_sequence() call.
new 2b79988 torture:smb2: add test for checking sequence number wrap around.
new c5c3f91 lib/torture: add torture_assert_u64_not_equal_goto macro
new e095a61 torture:smb2: Add test replay6 to verify Error Codes for DurableHandleReqV2 replay
new b7186a0 torture:smb2: use assert, not warning in error case in durable-open.reopen1a
new 37c05f4 torture:smb2: fix crashes in smb2.durable-open.reopen1a test
new 505546b torture:smb2: durable-open.reopen1a only needs one io struct
new 7b55761 torture:smb2: for oplocks, durable reconnect works with different client guid
new 3e90abe torture:smb2: add durable-open.reopen1a-lease
new 186cd70 torture:smb2: use assert, not warning in error case in durable-v2-open.reopen1a
new b0f592d torture:smb2: fix crashes in smb2.durable-v2-open.reopen1a test
new cd22980 torture:smb2: get rid of supefluous io2 var in durable-v2-open.reopen1a
new b853040 torture:smb2: for oplocks, durable reconnect works with different client-guid
new e9586a6 torture:smb2: add durable-v2-open.reopen1a-lease
new 7e435d3 nsswitch: linux: Remove use of strcpy().
new 4609058 examples: Remove all uses of strcpy in examples (except for validchr.c).
new a559ac3 lib:tdb: Remove use of strcpy in tdb test.
new a8ab1bf nsswitch: winbind_nss_aix: Remove all uses of strcpy.
new bac35a1 nsswitch: winbind_nss_solaris.c: Remove unused macro containing strcpy.
new 9af628a ndr: avoid unnecessary searches of token list
new 7261433 librpc ndr: add ndr_pull_steal_switch_value()
new 59d530c ndr: Use ndr_steal to avoid long lists
new c20e7b8 ndr: inline search for ndr_token_peek()
new a3ffac3 ndrdump: add quiet flag
new cd594a3 sort: enable custom behaviour on critical control
new 79c58c2 Implement Virtual List View (VLV)
new 578643f ldb controls: don't ignore memory allocation failure
new 0edb3da ldb sort tests: point out a known fails against Windows
new 52975b0 dsdb sort test: avoid exception with fewer elements
new 66c5082 dsdb python tests: fix several usage strings
new 7bd0661 ldb client controls: don't ignore failed memdup
new bd6a022 ldb controls: allow paged_search to use a cookie
new 5e4f39a ldb_controls: avoid unnecessary unchecked talloc_asprintf()s
new aab2f39 autobuild: Return the last 50 log lines
new 5291462 winbind: Fix CID 1357100 Unchecked return value
new 0906d61 s3:rpc_server/samr: correctly handle session_extract_session_key() failures
new ef1ad0e s3:ntlm_auth: pass manage_squid_request() needs a valid struct ntlm_auth_state from within get_password()
new fb381d8 torture: Fix the O3 developer build
new 0234e3a Revert "autobuild: Return the last 50 log lines"
new acdfa98 s4-libnet: only build python-dckeytab module for Heimdal in AD DC mode
new 765e5f1 vfs_acl_common: avoid setting POSIX ACLs if "ignore system acls" is set
new 099c6f3 seltest: add test for "ignore system acls" in vfs_acl_xattr.
new 725bef6 s4:torture:smb2:rename.c: Fix file permissions.
new c027e3d s4-libnet: Link dckeytab.so correctly when is AD DC enabled
new 88be24c util/attr.h: use HAVE___ATTRIBUTE__, not __GNUC__ comparisons
new 6ba2fe2 libreplace: use HAVE___ATTRIBUTE__ instead of __GNUC__
new a20ee62 tevent.h: use HAVE___ATTRIBUTE__ instead of __GNUC__
new fb0ebbf s3/modules/getdate: use HAVE___ATTRIBUTE__ instead of __GNUC__
new 7b92b84 mdssvc/sparql_parser.c: use HAVE___ATTRIBUTE__ instead of __GNUC__
new 82258aa s4/lib/wmi_wrap: use HAVE___ATTRIBUTE__ instead of __GNUC__
new d648775 third_party/zlib/zlib.h: use HAVE___ATTRIBUTE__ instead of __GNUC__
new 5dccb19 selftest/Samba3: use the correct "SELFTEST_WINBINDD_SOCKET_DIR" for "net join"
new 8c90799 Fix an obvious error where we were converting a UNIX error to an NT STATUS but not returning it.
new 8d8c204 s3:smbd: Fix build for vfs_afsacl.c.
new feb297c s3: vfs: vfs_afsacl. refuse_symlink() means we can always use STAT here.
new 09325a0 s3:smbd: Move lp_posix_pathnames() out of ea_list_has_invalid_name().
new 2e302d7 s3: smbd: Add uint32_t flags field to struct smb_filename.
new dc5dad4 s3: Filenames: Add uint32_t flags parameter to synthetic_smb_fname().
new 91c385c s3: vfs: Remove use of lp_posix_pathnames() below the VFS.
new 0f245c5 s3: posix_acls. Always use STAT, not LSTAT here.
new be56fff s3: smbd: Remove unneeded lp_posix_pathnames() check in SMB2 create.
new ce75fbf s3: smbd: Remove many common uses of lp_posix_pathnames().
new f9dc022 s3: vfs: recycle. Remove use of vfs_stat_smb_basename().
new 125a1b5 s3: vfs: vfs_acl_tdb. Remove use of vfs_stat_smb_basename().
new 6ae59eb s3: smbd: Modify vfs_stat_smb_basename() to take a const struct smb_filename * instead of const char *.
new 8151ac2 s3: torture. Remove spurious lp_posix_pathnames() included by cut-and-paste error.
new 67799c7 ctdb-client: Add client API for sending message to multiple nodes
new c41808e ctdb-tunables: Add new tunable RecBufferSizeLimit
new fe69b72 ctdb-protocol: Add new data type ctdb_pulldb_ext for new control
new 0fd156a ctdb-protocol: Add new controls DB_PULL and DB_PUSH_START/DB_PUSH_CONFIRM
new 95a15cd ctdb-daemon: Implement new controls DB_PULL and DB_PUSH_START/DB_PUSH_CONFIRM
new 338e0dc ctdb-client: Add client API functions for new controls
new 5f43f92 ctdb-recovery-helper: Factor out generic recv function
new 5b926d8 ctdb-recovery-helper: Pass capabilities to database recovery functions
new 70011a1 ctdb-recovery-helper: Rename pnn to dmaster in recdb_records()
new a80ff09 ctdb-recovery-helper: Create accessors for recdb structure fields
new 76f653f ctdb-protocol: Add file IO functions for ctdb_rec_buffer
new 9058fe0 ctdb-recovery-helper: Re-factor function to retain records from recdb
new e1fdfdd ctdb-recovery-helper: Write recovery records to a recovery file
new b1e8714 ctdb-protocol: Introduce variable for checking srvid prefix
new c5776f0 ctdb-protocol: Add srvid for messages during recovery
new bb6541b ctdb-protocol: Add new capability
new b96a475 ctdb-recovery-helper: Introduce pull database abstraction
new ffea827 ctdb-recovery-helper: Introduce push database abstraction
new a7b8ee8 ctdb-tests: Add a test for recovery of large databases
new e5a714a ctdb-recovery-helper: Improve log message
new ad7a407 ctdb-recovery-helper: Introduce new #define variable
new fc63eae ctdb-protocol: Add srvid for assigning banning credits
new ae366fb ctdb-recoverd: Add message handler to assigning banning credits
new c51b8c2 ctdb-recovery-helper: Add banning to parallel recovery
new fca78dd s3: smbd: DFS - Remove the last lp_posix_pathnames() from the SMB2/3 code paths.
new 4c139e2 pam_winbind: Use the correct type to check the pam_parse() return code
new 94464ed pam_winbind: Create and use a wbclient context
new b96ae7c s3: smbd: DFS: Pass uint32_t ucf_flags through into resolve_dfspath_wcard().
new 6156c82 s3: smbd: DFS: Pass uint32_t ucf_flags through into dfs_redirect().
new 9377f3b s3: smbd: DFS: Pass uint32_t ucf_flags through into unix_convert().
new a4e6250 s3: vfs: Add VFS functions for setting and getting DOS attributes.
new 82801f9 s3: vfs: Use the new VFS functions for setting and getting DOS attributes.
new 644e697 lib/util: fix function comment
new f1c84e4 s3-profile: reduce dependencies of smbprofile.h
new b2ae298 s3-profile: add PROFILE_TIMESTAMP macro
new 98b7486 asys: call clock_gettime_mono() only on profile-enabled build
new 7616229 vfs_aio_linux: call clock_gettime_mono() only on profile-enabled build
new eb2ea0b vfs_aio_fork: call clock_gettime_mono() only on profile-enabled build
new aa81199 vfs_glusterfs: call clock_gettime_mono() only on profile-enabled build
new a7a77e2 tdb: avoid a race condition when checking for robust mutexes
new 9efb5bb VLV: avoid name conflict with string.h's index()
new 16dc16e idmap: Factor out lp_scan_idmap_domains()
new 50aef48 winbind: Introduce id_map_ptrs_init
new a3bd040 winbind: Do per-domain xids2sids calls
new 5d90692 winbind: Add idmap_backend_unixids_to_sids
new bfc1d07 winbind: Pass down the domain name to xids2sids
new fdfe993 winbind: Use plural xids2sids in _wbint_UnixIDs2Sids
new fa8f097 winbind: Remove unused idmap_[ug]id_to_sid
new 3cc3406 winbind: Remove unused idmap_backends_unixid_to_sid
new 0fa9f34 examples/perfcounter/perf_writer.c: fix memset
new d378c85 winbind: Fix a typo in a wrong comment...
new fcf6527 nt-quotas: vfs_get_ntquota() return NTSTATUS
new 78ae852 nt-quotas: return 0 as indication of no quota
new 20a0d59 ntquotas - skip entry if the quota is zero
new faaaae3 sys-quotas: do not fail if user has no quota
new ce82f66 xfs-quota: do not fail if user has no quota
new 0124d3e nfs-quota: do not fail on ECONNREFUSED
new 0e01ed0 smbd: do not cover up VFS failures to get quota
new 9d6d620 smbcquotas: print "NO LIMIT" only if returned quota value is 0.
new 4f65fa9 pam_winbind: Avoid a use of sprintf
new 74f0a24 docs: build idmap_script.8 by default
new 10054c4 docs: Mention _NO_WINBINDD in idmap_script.8
new 676f42a ctdb-util: Move rb_tree.c to ctdb-util
new 5433a00 ctdb-tests: Link ctdb-util instead of including
new 386cd79 ctdb-system: Add ctdb_parse_connections() function
new 380c894 ctdb-killtcp: Use the given event context directly
new 32ea7c0 ctdb-killtcp: Determine the interface as soon as vnn is known
new 1bf494f ctdb-killtcp: Avoid CTDB_NO_MEMORY()
new 879960b ctdb-killtcp: Change struct ctdb_tcp_kill to store arbitrary destructor data
new f76cb52 ctdb-killtcp: Factor out ctdb_killtcp()
new 51f5faf ctdb-killtcp: Factor out killtcp code into separate file.
new 248557b ctdb-killtcp: Avoid unnecessary dependency on lib/util/time.h
new c561129 ctdb-killtcp: Simplify includes by using ctdb_sock_addr_to_string()
new 1924323 ctdb-killtcp: New helper ctdb_killtcp
new b417d79 ctdb-scripts: Add interface argument to kill_tcp_connections()
new 83502a7 ctdb-scripts: Use ctdb_killtcp helper to kill connections
new efd3716 ctdb-tools: Drop "ctdb killtcp" command
new f0a83d8 ctdb-client: Drop killtcp client functions
new d8398b0 ctdb-daemon: Remove implementation of CTDB_CONTROL_KILL_TCP
new 52cfe76 ctdb-protocol: Drop killtcp protocol support
new 2e1e1e8 ctdb-killtcp: Merge "common" killtcp code into helper
new 7aea3c1 ctdb-killtcp: Drop check to see if capture socket can be read
new 4105ca9 ctdb-killtcp: Drop unnecessary casts
new 5492f87 ctdb-killtcp: Don't send initial tickle ACK during setup
new cb2fee2 ctdb-killtcp: Set debug level via environment variable CTDB_DEBUGLEVEL
new d7fa4b7 ctdb-killtcp: Clarify a debug message
new bba3115 ctdb-system: Return window size and RST bit when reading TCP packets
new 7e5eab1 ctdb-killtcp: Filter out sent packets
new 402f3c0 ctdb-killtcp: Keep track of number of kill attempts and maximum allowed
new 93f3cd6 ctdb-killtcp: Don't count attempts for individual connections
new e66cdd8 ctdb-killtcp: Store retry interval in killtcp structure
new dd06c79 ctdb-killtcp: Send tickle ACKs in batches
new 02f4808 ctdb-killtcp: Change default retry interval, batch size and attempts
new 6a2d97b gpfswrap: Add wrapper for gpfs_set_winattrs
new f20aed5 vfs_gpfs: Implement new dos_attributes vfs functions
new 16ef497 vfs_gpfs: Remove xattr functions
new f777ca3 Bug 11818 : obvious missing word When trying to demote a dc, 'remove_dc.remove_sysvol_references' is sent 'remote_samdb, dc_name' , it expects 'remote_samdb, logger, dc_name'
new 0da76c9 lib:replace: Missing semicolon on function definition.
new 70174af s3: vfs: full_audit. Sort vfs fn list and add comments on missing entries.
new 40a8a72 s3: vfs: full_audit. Add missing get_dfs_referrals_fn().
new de547ca s3: vfs: full_audit. Add missing fsctl_fn().
new 4489b4c s3: vfs: full_audit. Add audit_file_fn().
new 884ad41 s3: vfs: full_audit. Implement missing durable_XXX functions.
new 6ccd3ad s3: vfs: Sort vfs function entries in vfs_time_audit.
new 8a92450 s3: vfs: time_audit. Add missing get_dfs_referrals().
new e2a3204 s3: vfs: time_audit. Add missing fsctl().
new 0bb6315 s3: vfs: time_audit: Add get/fget/set/fset dos_attributes functions.
new a4bb49b s3: vfs: time_audit. Add missing audit_file().
new ff6b49b nwrap: Fix the build on Solaris
new 94f3129 configure: Don't check for inotify on illumos
new d18a0ff vfs: Add helper to check for missing VFS functions
new 8a9f74e vfs_full_audit: Assert that all VFS functions are implemented
new 0d9c2b9 vfs_time_audit: Assert that all VFS functions are implemented
new 6eba42f selftest: Load time_audit and full_audit
new f63b9a7 s3: libsmb: Fix error where short name length was read as 2 bytes, should be 1.
new 494da27 examples/smb.conf.default: Fix typo in comment line: sever -> server
new 8fedb37 vfs_catia: Align loop index with terminator
new 3e2af15 vfs_catia: Fix bug 11827, memleak
new ef3d837 tdb: rework cleanup logic in tdb_runtime_check_for_robust_mutexes()
new acf6deb tdb: version 1.3.9
new e6ed803 tdb mutex check: Fix CID 1358473 Uninitialized scalar variable
new e4bab3a Revert "selftest: dbcheck should not be marked flapping"
new 61ec7f0 CVE-2016-2110: auth/ntlmssp: let ntlmssp_handle_neg_flags() return NTSTATUS
new 2843f01 CVE-2016-2110: auth/ntlmssp: maintain conf_flags and required_flags variables
new 7a6b3ef CVE-2016-2110: auth/ntlmssp: split allow_lm_response from allow_lm_key
new dc6e28d CVE-2016-2110: auth/ntlmssp: don't allow a downgrade from NTLMv2 to LM_AUTH
new 1668367 CVE-2016-2110: auth/ntlmssp: don't let ntlmssp_handle_neg_flags() change ntlmssp_state->use_ntlmv2
new 858ef6a CVE-2016-2110: auth/ntlmssp: let gensec_ntlmssp_client_start require flags depending on the requested features
new 83c7158 CVE-2016-2110: auth/ntlmssp: let gensec_ntlmssp_client_start require NTLM2 (EXTENDED_SESSIONSECURITY) when using ntlmv2
new 2063692 CVE-2016-2110: winbindd: add new_spnego to the WINBINDD_CCACHE_NTLMAUTH response
new 001735a CVE-2016-2110: libcli/auth: use enum spnego_negResult instead of uint8_t
new 574535c CVE-2016-2110: libcli/auth: add SPNEGO_REQUEST_MIC to enum spnego_negResult
new 4106fde CVE-2016-2110: auth/gensec: fix the client side of a new_spnego exchange
new 4ec38db CVE-2016-2110: auth/gensec: fix the client side of a spnego downgrade
new a4dd512 CVE-2016-2110: auth/gensec: require spnego mechListMIC exchange for new_spnego backends
new 1e3bd3e CVE-2016-2110: auth/gensec: add gensec_may_reset_crypto() infrastructure
new fa8c656 CVE-2016-2110: auth/ntlmssp: call ntlmssp_sign_init if we provide GENSEC_FEATURE_SIGN
new 8cd1a2a CVE-2016-2110: auth/ntlmssp: implement gensec_ntlmssp_may_reset_crypto()
new 8a647ae CVE-2016-2110: auth/credentials: clear the LMv2 key for NTLMv2 in cli_credentials_get_ntlm_response()
new bbaba64 CVE-2016-2110: auth/credentials: pass server_timestamp to cli_credentials_get_ntlm_response()
new 4c48296 CVE-2016-2110: libcli/auth: pass server_timestamp to SMBNTLMv2encrypt_hash()
new 8b76b05 CVE-2016-2110: ntlmssp.idl: add NTLMSSP_MIC_{OFFSET,SIZE}
new c0fc6a6 CVE-2016-2110: auth/ntlmssp: implement new_spnego support including MIC checking (as server)
new 0d641ee CVE-2016-2110: auth/ntlmssp: implement new_spnego support including MIC generation (as client)
new 2200d49 CVE-2016-2111: auth/gensec: require DCERPC_AUTH_LEVEL_INTEGRITY or higher in schannel_update()
new 7074b1a CVE-2016-2111: auth/gensec: correctly report GENSEC_FEATURE_{SIGN,SEAL} in schannel_have_feature()
new afe48e9 CVE-2016-2111: s4:rpc_server: implement 'server schannel = yes' restriction
new d4a64ba CVE-2016-2111: s3:rpc_server/netlogon: always go through netr_creds_server_step_check()
new 5fe7085 CVE-2016-2111: s4:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6
new 9ed1197 CVE-2016-2111: s3:rpc_server/netlogon: require DCERPC_AUTH_LEVEL_PRIVACY for validation level 6
new 5adad29 CVE-2016-2111: s4:torture/rpc: fix rpc.samba3.netlogon ntlmv2 test
new 847192d CVE-2016-2111: s4:torture/rpc: fix rpc.pac ntlmv2 test
new 423e95b CVE-2016-2111: libcli/auth: add NTLMv2_RESPONSE_verify_netlogon_creds() helper function
new fb20f13 CVE-2016-2111: s4:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
new 93e3f25 CVE-2016-2111: s3:rpc_server/netlogon: check NTLMv2_RESPONSE values for SEC_CHAN_WKSTA
new bbb066a CVE-2016-2111: s4:torture/raw: don't use ntlmv2 for dos connection in raw.samba3badpath
new f10589c CVE-2016-2111: s4:torture/base: don't use ntlmv2 for dos connection in base.samba3error
new c985ffd CVE-2016-2111: s4:libcli: don't allow the LANMAN2 session setup without "client lanman auth = yes"
new 894aad5 CVE-2016-2111: s4:param: use "client use spnego" to initialize options->use_spnego
new a711399 CVE-2016-2111: s4:libcli: don't send a raw NTLMv2 response when we want to use spnego
new 2c73047 CVE-2016-2111: s3:libsmb: don't send a raw NTLMv2 response when we want to use spnego
new 6cd48ad CVE-2016-2111: docs-xml: document the new "client NTLMv2 auth" and "client use spnego" interaction
new a1900b5 CVE-2016-2111: docs-xml: add "raw NTLMv2 auth" defaulting to "yes"
new 4fb6867 CVE-2016-2111: s3:auth: implement "raw NTLMv2 auth" checks
new 70452c9 CVE-2016-2111: s4:smb_server: implement "raw NTLMv2 auth" checks
new 5ab1db0 CVE-2016-2111: selftest:Samba3: use "raw NTLMv2 auth = yes" for nt4_dc
new 1dc40a0 CVE-2016-2111: docs-xml/smbdotconf: default "raw NTLMv2 auth" to "no"
new 20859a2 CVE-2016-2112: s3:libads: make sure we detect downgrade attacks
new ed863ef CVE-2016-2112: s4:libcli/ldap: honour "client ldap sasl wrapping" option
new 1da744b CVE-2016-2112: s4:libcli/ldap: make sure we detect downgrade attacks
new 05692ec CVE-2016-2112: s4:libcli/ldap: auto upgrade to SIGN after STRONG_AUTH_REQUIRED
new 98ff297 CVE-2016-2112: s4:selftest: use --option=clientldapsaslwrapping=plain for plain connections
new dedba1f CVE-2016-2112: s4:ldap_server: reduce scope of old_session_info variable
new 0cd2ace CVE-2016-2112: docs-xml: add "ldap server require strong auth" option
new 28f1af7 CVE-2016-2112: s4:ldap_server: implement "ldap server require strong auth" option
new c5c5735 CVE-2016-2112: s4:selftest: run samba4.ldap.bind against fl2008r2dc
new e71be80 CVE-2016-2112: selftest: servers with explicit "ldap server require strong auth" options
new 2b40fb8 CVE-2016-2112: s4:selftest: run some ldap test against ad_dc_ntvfs, fl2008r2dc and fl2003dc
new 6e22abd CVE-2016-2112: docs-xml: change the default of "ldap server require strong auth" to "yes"
new b5681c4 CVE-2016-2113: s4:lib/tls: create better certificates and sign the host cert with the ca cert
new 64a9cd2 CVE-2016-2113: s4:lib/tls: implement infrastructure to do peer verification
new 2362c03 CVE-2016-2113: docs-xml: add "tls verify peer" option defaulting to "no_check"
new e72b2c9 CVE-2016-2113: s4:selftest: explicitly use '--option="tlsverifypeer=no_check" for some ldaps tests
new 4b679c3 CVE-2016-2113: s4:libcli/ldap: verify the server certificate and hostname if configured
new 45ff760 CVE-2016-2113: s4:librpc/rpc: verify the rpc_proxy certificate and hostname if configured
new 942e4ed CVE-2016-2113: selftest: test all "tls verify peer" combinations with ldaps
new 7cf3318 CVE-2016-2113: selftest: use "tls verify peer = no_check"
new 6ad9ba7 CVE-2016-2113: docs-xml: let "tls verify peer" default to "as_strict_as_possible"
new 44dd523 CVE-2016-2114: s4:smb2_server: fix session setup with required signing
new 5cb4ee2 CVE-2016-2114: s3:smbd: use the correct default values for "smb signing"
new 80adeb0 CVE-2016-2114: libcli/smb: let mandatory signing imply allowed signing
new 99f2bbc CVE-2016-2114: s3:smbd: enforce "server signing = mandatory"
new 1dd4378 CVE-2016-2114: docs-xml: let the "smb signing" documentation reflect the reality
new 8ff6a95 CVE-2016-2115: docs-xml: add "client ipc min protocol" and "client ipc max protocol" options
new f65f618 CVE-2016-2115: docs-xml: add "client ipc signing" option
new 35ce75e CVE-2016-2115: s4:libcli/raw: add smbcli_options.min_protocol
new 5721234 CVE-2016-2115: s4:libcli/smb2: use the configured min_protocol
new 57f0b0c CVE-2016-2115: s4:libcli/raw: limit maxprotocol to NT1 in smb_raw_negotiate*()
new 68d6c10 CVE-2016-2115: s4:libcli/raw: pass the minprotocol to smb_raw_negotiate*()
new b6debbc CVE-2016-2115: s4:librpc/rpc: make use of "client ipc *" options for ncacn_np
new 57b04e8 CVE-2016-2115: s3:winbindd: use lp_client_ipc_{min,max}_protocol()
new a046ffd CVE-2016-2115: s3:winbindd: use lp_client_ipc_signing()
new b720575 CVE-2016-2115: s3:libsmb: add signing constant SMB_SIGNING_IPC_DEFAULT
new 5c8721e CVE-2016-2115: s3:libsmb: let SMB_SIGNING_IPC_DEFAULT use "client ipc min/max protocol"
new e9c0adf CVE-2016-2115: net: use SMB_SIGNING_IPC_DEFAULT
new 983a55b CVE-2016-2115: s3:lib/netapi: use SMB_SIGNING_IPC_DEFAULT
new eaa7f66 CVE-2016-2115: s3:auth_domain: use SMB_SIGNING_IPC_DEFAULT
new 121196e CVE-2016-2115: s3:libnet: use SMB_SIGNING_IPC_DEFAULT
new 1667e73 CVE-2016-2115: s3:libsmb: use SMB_SIGNING_IPC_DEFAULT and lp_client_ipc_{min,max}_protocol()
new c52097a CVE-2016-2115: docs-xml: always default "client ipc signing" to "mandatory"
new 51aa7bd CVE-2016-2118: s4:rpc_server: make it possible to define a min_auth_level on a presentation context
new 80dae9a CVE-2016-2118: s4:rpc_server/drsuapi: require DCERPC_AUTH_LEVEL_PRIVACY
new c32548f CVE-2016-2118: s4:rpc_server/backupkey: require DCERPC_AUTH_LEVEL_PRIVACY
new 85972a5 CVE-2016-2118: python:tests/dcerpc: use [sign] for dnsserver tests
new e9a51ad CVE-2016-2118: s4:rpc_server/dnsserver: require at least DCERPC_AUTH_LEVEL_INTEGRITY
new 6a47994 CVE-2016-2118: s3: rpcclient: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY
new d1c2ad4 CVE-2016-2118: librpc: change the default auth level from DCERPC_AUTH_LEVEL_CONNECT to DCERPC_AUTH_LEVEL_INTEGRITY
new 9085300 CVE-2016-2118: s4:librpc: use integrity by default for authenticated binds
new 06b038c CVE-2016-2118: docs-xml: add "allow dcerpc auth level connect" defaulting to "yes"
new 991dddd CVE-2016-2118: s4:rpc_server: make use of "allow dcerpc auth level connect"
new fcdd15a CVE-2016-2118: s4:rpc_server/lsa: reject DCERPC_AUTH_LEVEL_CONNECT by default
new 398a21c CVE-2016-2118: s4:rpc_server/samr: reject DCERPC_AUTH_LEVEL_CONNECT by default
new ea3f14c CVE-2016-2118: s4:rpc_server/netlogon: reject DCERPC_AUTH_LEVEL_CONNECT by default
new b6b726c CVE-2016-2118: s4:rpc_server/epmapper: allow DCERPC_AUTH_LEVEL_CONNECT by default
new 4dbf6f8 CVE-2016-2118: s4:rpc_server/mgmt: allow DCERPC_AUTH_LEVEL_CONNECT by default
new 5c9b10d CVE-2016-2118: s4:rpc_server/rpcecho: allow DCERPC_AUTH_LEVEL_CONNECT by default
new 7fab11e CVE-2016-2118: s3:rpc_server: make use of "allow dcerpc auth level connect"
new 41bccb5 CVE-2016-2118: s3:rpc_server/{samr,lsa,netlogon}: reject DCERPC_AUTH_LEVEL_CONNECT by default
new 339e306 CVE-2016-2118: s3:rpc_server/{epmapper,echo}: allow DCERPC_AUTH_LEVEL_CONNECT by default
new f762be4 CVE-2016-2118: docs-xml: default "allow dcerpc auth level connect" to "no"
new 521316d CVE-2016-2118: s4:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
new 14e5f9a CVE-2016-2118: s3:rpc_server/samr: allow _samr_ValidatePassword only with PRIVACY...
new 63a7d05 CVE-2015-5370: dcerpc.idl: add DCERPC_{NCACN_PAYLOAD,FRAG}_MAX_SIZE defines
new 8e19ce7 CVE-2015-5370: librpc/rpc: simplify and harden dcerpc_pull_auth_trailer()
new 67f6fd3 CVE-2015-5370: s3:librpc/rpc: don't call dcerpc_pull_auth_trailer() if auth_length is 0
new 335b3ce CVE-2015-5370: s4:librpc/rpc: send a dcerpc_sec_verification_trailer if needed
new 27da35f CVE-2015-5370: s4:librpc/rpc: maintain dcecli_security->auth_{type,level,context_id}
new 8f6cffc CVE-2015-5370: s4:librpc/rpc: use auth_context_id = 1
new 3e3ea1b CVE-2015-5370: s4:librpc/rpc: use a local auth_info variable in ncacn_push_request_sign()
new a735892 CVE-2015-5370: s4:librpc/rpc: avoid using hs->p->conn->security_state.auth_info in dcerpc_bh_auth_info()
new 8a93fbc CVE-2015-5370: s4:librpc/rpc: avoid using c->security_state.auth_info in ncacn_pull_request_auth()
new d4e735c CVE-2015-5370: s4:librpc/rpc: always use ncacn_pull_request_auth() for DCERPC_PKT_RESPONSE pdus
new 46be379 CVE-2015-5370: s4:librpc/rpc: avoid dereferencing sec->auth_info in dcerpc_request_prepare_vt()
new 98ef1d6 CVE-2015-5370: s4:librpc/rpc: simplify checks if gensec is used in dcerpc_ship_next_request()
new ace2364 CVE-2015-5370: s4:librpc/rpc: avoid using dcecli_security->auth_info and use per request values
new cdba091 CVE-2015-5370: s4:librpc/rpc: finally verify the server uses the expected auth_{type,level,context_id} values
new 0fa8378 CVE-2015-5370: librpc/rpc: add a dcerpc_verify_ncacn_packet_header() helper function
new 6cef082 CVE-2015-5370: s3:rpc_client: move AS/U hack to the top of cli_pipe_validate_current_pdu()
new 8cba1c3 CVE-2015-5370: s3:rpc_client: remove useless frag_length check in rpc_api_pipe_got_pdu()
new 02a74dd CVE-2015-5370: s4:librpc/rpc: make use of dcerpc_map_ack_reason() in dcerpc_bind_recv_handler()
new 9f4d962 CVE-2015-5370: s4:librpc/rpc: handle DCERPC_PKT_FAULT before anything else in dcerpc_alter_context_recv_handler()
new 3bf4763 CVE-2015-5370: s4:librpc/rpc: use dcerpc_verify_ncacn_packet_header() to verify BIND_ACK,ALTER_RESP,RESPONSE pdus
new def0019 CVE-2015-5370: s4:librpc/rpc: protect dcerpc_request_recv_data() against too large payloads
new 2396086 CVE-2015-5370: s4:rpc_server: make use of talloc_zero()
new b6ac227 CVE-2015-5370: s4:rpc_server: no authentication is indicated by pkt->auth_length == 0
new f97d9d1 CVE-2015-5370: s4:rpc_server: check the result of dcerpc_pull_auth_trailer() in dcesrv_auth_bind()
new accac3a CVE-2015-5370: s4:rpc_server: maintain dcesrv_auth->auth_{type,level,context_id}
new 06b9c93 CVE-2015-5370: s4:rpc_server: make use of dce_call->conn->auth_state.auth_* in dcesrv_request()
new 8305c0a CVE-2015-5370: s4:rpc_server/lsa: make use of dce_call->conn->auth_state.auth_{level,type}
new f91da2a CVE-2015-5370: s4:rpc_server/samr: make use of dce_call->conn->auth_state.auth_level
new 4624c83 CVE-2015-5370: s4:rpc_server/netlogon: make use of dce_call->conn->auth_state.auth_{level,type}
new e6f6b4b CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit}_frag
new e3c3499 CVE-2015-5370: s4:rpc_server: avoid ZERO_STRUCT() in dcesrv_fault()
new c58dbe4 CVE-2015-5370: s4:rpc_server: set alloc_hint = 24 in dcesrv_fault()
new 5c76e84 CVE-2015-5370: s4:rpc_server: fill context_id in dcesrv_fault()
new 254048f CVE-2015-5370: s4:rpc_server: split out a dcesrv_fault_with_flags() helper function
new 7bde997 CVE-2015-5370: s4:rpc_server: add some padding to dcesrv_bind_nak() responses
new 3c6fef3 CVE-2015-5370: s4:rpc_server: return the correct secondary_address in dcesrv_bind()
new 57b0758 CVE-2015-5370: s4:rpc_server: make dcesrv_process_ncacn_packet() static
new caa1e75 CVE-2015-5370: s4:rpc_server: add infrastructure to terminate a connection after a response
new c0d74ca CVE-2015-5370: s4:rpc_server: verify the protocol headers before processing pdus
new 0ba1b18 CVE-2015-5370: s4:rpc_server: ensure that the message ordering doesn't violate the spec
new cb8e2ab CVE-2015-5370: s4:rpc_server: maintain in and out struct dcerpc_auth per dcesrv_call_state
new 5cb1250 CVE-2015-5370: s4:rpc_server: make sure alter_context and auth3 can't change auth_{type,level,context_id}
new 57afdaa CVE-2015-5370: s4:rpc_server: let invalid request fragments disconnect the connection with a protocol error
new 909538c CVE-2015-5370: s4:rpc_server: remove pointless dcesrv_find_context() from dcesrv_bind()
new f2dbb1c CVE-2015-5370: s4:rpc_server: don't derefence an empty ctx_list array in dcesrv_alter()
new 1f7dc72 CVE-2015-5370: s4:rpc_server: changing an existing presentation context via alter_context is a protocol error
new ed066b6 CVE-2015-5370: s4:rpc_server: fix the order of error checking in dcesrv_alter()
new 04e9245 CVE-2015-5370: s4:rpc_server: failing authentication should generate a SEC_PKG_ERROR
new a30eee5 CVE-2015-5370: s4:rpc_server: let a failing auth3 mark the authentication as invalid
new 818e09f CVE-2015-5370: s4:rpc_server: disconnect after a failing dcesrv_auth_request()
new aef225a CVE-2015-5370: s4:rpc_server: give the correct reject reasons for invalid auth_level values
new 6b5144c CVE-2015-5370: s4:rpc_server: check frag_length for requests
new 4b6197f CVE-2015-5370: s4:rpc_server: limit allocation and alloc_hint to 4 MByte
new ad6a5cf CVE-2015-5370: s4:rpc_server: only allow one fragmented call_id at a time
new 0b16561 CVE-2015-5370: s4:rpc_server: the assoc_group is relative to the connection (association)
new c0f3f30 CVE-2015-5370: s4:rpc_server: reject DCERPC_PFC_FLAG_PENDING_CANCEL with DCERPC_FAULT_NO_CALL_ACTIVE
new 5108d26 CVE-2015-5370: librpc/rpc: don't allow pkt->auth_length == 0 in dcerpc_pull_auth_trailer()
new 642fe0a CVE-2015-5370: s3:librpc/rpc: remove auth trailer and possible padding within dcerpc_check_auth()
new 8a62408 CVE-2015-5370: s3:librpc/rpc: let dcerpc_check_auth() auth_{type,level} against the expected values.
new 7123204 CVE-2015-5370: s3:rpc_client: make use of dcerpc_pull_auth_trailer()
new a4811d3 CVE-2015-5370: s3:rpc_client: make use of dcerpc_verify_ncacn_packet_header() in cli_pipe_validate_current_pdu()
new 574eca7 CVE-2015-5370: s3:rpc_client: protect rpc_api_pipe_got_pdu() against too large payloads
new 2e56192 CVE-2015-5370: s3:rpc_client: verify auth_{type,level} in rpc_pipe_bind_step_one_done()
new 3f02e04 CVE-2015-5370: s3:rpc_server: make use of dcerpc_pull_auth_trailer() in api_pipe_{bind_req,alter_context,bind_auth3}()
new ca96d57 CVE-2015-5370: s3:rpc_server: let a failing sec_verification_trailer mark the connection as broken
new 84027af CVE-2015-5370: s3:rpc_server: just call pipe_auth_generic_bind() in api_pipe_bind_req()
new b4e38e2 CVE-2015-5370: s3:rpc_server: don't ignore failures of dcerpc_push_ncacn_packet()
new f8aa62d CVE-2015-5370: s3:rpc_server: don't allow auth3 if the authentication was already finished
new 46436d0 CVE-2015-5370: s3:rpc_server: let a failing auth3 mark the authentication as invalid
new 302d927 CVE-2015-5370: s3:rpc_server: make sure auth_level isn't changed by alter_context or auth3
new f74c4c8 CVE-2015-5370: s3:rpc_server: ensure that the message ordering doesn't violate the spec
new e4fa243 CVE-2015-5370: s3:rpc_server: use 'alter' instead of 'bind' for variables in api_pipe_alter_context()
new ab29002 CVE-2015-5370: s3:rpc_server: verify presentation context arrays
new a18a811 CVE-2015-5370: s3:rpc_server: make use of dcerpc_verify_ncacn_packet_header() to verify incoming pdus
new cd1c7d2 CVE-2015-5370: s3:rpc_server: disconnect the connection after a fatal FAULT pdu
new 6c9a2d3 CVE-2015-5370: s3:rpc_server: let a failing BIND mark the connection as broken
new 28661ca CVE-2015-5370: s3:rpc_server: use DCERPC_NCA_S_PROTO_ERROR FAULTs for protocol errors
new 0f8d4a5 CVE-2015-5370: s3:librpc/rpc: remove unused dcerpc_pull_dcerpc_auth()
new 3fdc4de CVE-2015-5370: s3:rpc_server: check the transfer syntax in check_bind_req() first
new dc91d35 CVE-2015-5370: s3:rpc_server: don't allow an existing context to be changed in check_bind_req()
new 6923621 CVE-2015-5370: s3:rpc_client: pass struct pipe_auth_data to create_rpc_{bind_auth3,alter_context}()
new ce8d2d6 CVE-2015-5370: s3:librpc/rpc: add auth_context_id to struct pipe_auth_data
new f564287 CVE-2015-5370: s3:rpc_client: make use of pipe_auth_data->auth_context_id
new 1c0f927 CVE-2015-5370: s3:rpc_server: make use of pipe_auth_data->auth_context_id
new 9dedf27 CVE-2015-5370: s3:librpc/rpc: make use of auth->auth_context_id in dcerpc_add_auth_footer()
new 97ee4d8 CVE-2015-5370: s3:librpc/rpc: verify auth_context_id in dcerpc_check_auth()
new f37f965 CVE-2015-5370: s3:rpc_client: verify auth_context_id in rpc_pipe_bind_step_one_done()
new 65d9ab0 CVE-2015-5370: s3:rpc_server: verify auth_context_id in api_pipe_{bind_auth3,alter_context}
new e31d8de CVE-2015-5370: libcli/smb: use a max timeout of 1 second in tstream_smbXcli_np_destructor()
new 7e0b9c2 CVE-2015-5370: s3:rpc_client: disconnect connection on protocol errors
new 3b359d0 CVE-2015-5370: s4:librpc/rpc: call dcerpc_connection_dead() on protocol errors
new 782e8e2 CVE-2015-5370: python/samba/tests: add infrastructure to do raw protocol tests for DCERPC
new 4a53c8a CVE-2015-5370: python/samba/tests: add some dcerpc raw_protocol tests
new 4ec5ff4 CVE-2015-5370: s4:selftest: run samba.tests.dcerpc.raw_protocol against ad_dc
new 2ec4e16 s3:libads: sasl wrapped LDAP connections against with kerberos and arcfour-hmac-md5
new 43ea097 s3:libsmb: Fix illegal memory access after memory has been deleted.
new 6ff9060 ctdb-scripts: die() should output to stderr
new 600211d ctdb-scripts: Drop hardcoded /sbin and /proc paths in LVS eventscript
new a0ef57f ctdb-scripts: LVS eventscript error redirection improvements
new 39cbe07 ctdb-scripts: Drop "recovered" event from 91.lvs
new 6237b08 ctdb-tests: Allow scope to be specified in "ip addr add" stub
new 8305c8d ctdb-tests: Add loopback support for "ip link show" stub
new 47a68ff ctdb-tests: Add 32-bit netmask support to "ip addr show" stub
new e2ecdd2 ctdb-tests: Add ipvsadm test stub
new 89dc86e ctdb-tests: LVS support for ctdb tool stub
new 5fc9ca91 ctdb-tests: Add unit tests for LVS eventscript
new 7d52279 ctdb-scripts: LVS eventscript cleanups
new 0352224 ctdb-tools: Add new ctdb_lvs helper
new b737686 ctdb-scripts: Move ctdb_get_ip_address() to functions file
new ce33a7c ctdb-scripts: Call out to ctdb_lvs helper from 91.lvs
new 798b131 ctdb-doc: Add sample LVS configuration
new a92394e ctdb-scripts: Add monitoring of CTDB_LVS_PUBLIC_IFACE
new 9543e35 ctdb-tool: Change ctdb lvs/lvsmaster CLI commands to use ctdb_lvs helper
new e3a7178 ctdb-tools: Change ctdb CLI to have a single "lvs" command
new dfe8de9 ctdb-scripts: Simplify "ctdb lvs ..." output
new 951e818 ctdb-daemon: Drop --single-public-ip option and related code
new ffd64de ctdb-daemon: Drop --lvs option and support for CTDB_CAP_LVS
new cade673 Mask general purpose signals for notifyd.
new 154570d idmap_ad: Separate out the nss functions
new 830fd78 tldap: Add tldap_get/set_stream
new d5e77a8 tldap: Add tldap_gensec_bind
new 10ae56f winbind: Add wb_dsgetdcname_gencache_[gs]et
new f00af55 winbind: handle DC_NOT_FOUND in wb_sids2xids
new 8905a55 winbind: handle DC_NOT_FOUND in wb_xids2sids
new a9b6276 winbind: Base idmap_ad on tldap
new a610447 ctdb-daemon: Log a message when fork(2) fails
new 4a65844 ctdb-scripts: Missing NFS thread count file should just produce warning
new 04fe9e2 ctdb-scripts: Use ss instead of netstat for finding TCP connections
new 5042802 ctdb-tools: Remove simple uses of strcpy(3)
new 6d08b41 rodc: Allow RODC preload to continue with invalid users
new 0619a83 tests/rodc: Check that preload will skip broken users
new f26a284 dsdb: Only re-query dSHeuristics for userPassword support on modifies
new a523274 tests/dsdb: Verify that only a new ldb affects reads of userPassword
new fec698d tests/passwords: fix a typo
new ba6e390 util: Add memcmp_const_time()
new 5035f1a libcli:smb2: Use constant time memcmp() to verify the signature
new 03e8152 s4:libcli:smb2: Use constant time memcmp() to verify the signature
new b27c976 printing: use housekeeping period that matches cache time
new 90737fb printing: handle "printcap cache time" change on HUP
new 34482eb libads: record session expiry for spnego sasl binds
new 052b855 cleanupd: restart as needed
new 2ef0c9a dbcheck: Avoid pathological behaviour in operational module
new d3569ca nss_wins: ip_pton expects the raw IP address
new 0b1f4db nss_wins: Fix the hostent setup
new 773a16b pdb_ldap: Don't use autofree if "mods" still changes
new d2e1437 lib: dns: Clean up allocated structure on error exit.
new ac7974a Fixes an obvious copy-paste error in source3/utils/net_dns.c
new bf3f223 ctdb-scripts: Avoid dividing by zero in memory calculation
new bf701f0 ctdb-system: Fix typo in ctdb_get_peer_pid
new 811192b ctdb-protocol: Remove unused CTDB_SRVID_PREFIX
new 8142e10 ctdb-protocol: Define a range of SRVIDs used by the ctdb tool
new 9796930 ctdb-daemon: Avoid memory leak
new 2bad7d7 ctdb-tests: Update tests to include new controls
new fdaa231 ctdb-tests: Fix flakey test complex/18_ctdb_reloadips.sh
new c1236b3 ctdb-tests: Improve code coverage in tests
new d2f86ea ctdb-daemon: Remove unused controls related to server_id
new cb3db02 ctdb-tool: Remove commands related to server_id
new 2e2dfae ctdb-client: Remove client functions related to server_id
new 1bd461f ctdb-protocol: Remove data structures for obsolete server_id controls
new b970a53 ctdb-client: Set control opcode in reply for one-way controls
new 2a06e56 ctdb-protocol: Consistency check for opcode in the reply structure
new 5f72883 ctdb-client: Use correct TDB flags for opening database
new 59c7164 ctdb-tools: Fix a dangling reference to the LVS capability
new 84fdc2a ctdb-scripts: Improve error messages when using NFS service_check_cmd
new 107f40a ctdb-daemon: Move port filtering to server side when getting tickles
new 09173f8 ctdb-ipalloc: Do ipreallocated even if no IP addresses can be allocated
new cdaa829 ctdb-scripts: Fix incorrect comment
new fadc67c ctdb-scripts: Tweak NAT gateway list output format
new 3f3c483 ctdb-scripts: Drop node count from "ctdb natgw status" output
new 515e2a2 ctdb-tools: Add top-level "ctdb natgw" command
new cc3e9a6 ctdb-tests: Make ctdb natgw tool tests cover all the desired outputs
new d12858a ctdb-tools: Drop "ctdb natgwlist"
new 0c373f2 ctdb-tools: Drop onnode node specifications for recmaster/lvs/natgw
new b26ae7f krb5_wrap: add enctype arg to smb_krb5_kt_seek_and_delete_old_entries()
new 35b2fb4 krb5_wrap: fix keep_old_entries logic in smb_krb5_kt_seek_and_delete_old_entries()
new deab6c6 s4/libnet: fix exporting to keytab by SPN
new 3116e8d s4: add a minimal ktutil for selftest
new 5927e46 selftest/samba4.blackbox.export.keytab: use spn based on fqdn
new 957741c selftest/samba4.blackbox.export.keytab: check exported keytabs
new 20dc680 s4/heimdal: allow SPNs in AS-REQ
new fcf2cbb selftest/samba4.blackbox.export.keytab: check AS-REQ with SPN
new 409cd51 s4:libnet: fix 'Syscall param writev(vector[...])' valgrind error
new 9e8d748 s4:torture:rpc: fix valgrind Syscall param writev(vector[...]) error
new c901d98 s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' error
new 9cb4b1b s4:torture:rpc: fix valgrind 'Syscall param writev(vector[...])' valgrind error
new 60b2298 s4:lib:registry: fix 'Conditional jump or move' valgrind error.
new 4d5a73e s4:torture:basic fix 'Syscall param writev(vector[...])' valgrind error
new a5ce559 s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
new 6806c14 s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error
new c20fb11 s4:torture:basic: fix valgrind 'Syscall param writev(vector[...])' error.
new 03302bc s4:libcli: fix 'Conditional jump or move' valgrind error
new d949402 s4:torture:basic: fix 'Syscall param writev(vector[...])' valgrind error
new 83cb2ba s4:torture:basic: fix 'Conditional jump or move ' valgrind error
new 2a06c99 s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
new a22ccb0 s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
new de590da s4:torture:raw: fix 'Syscall param writev(vector[...])' valgrind error
new 04d70f5 s4:torture:raw: fix 'use of uninitialised value of size 8' valgrind errors
new bb0c4a9 s4:torture:raw: fix 'Conditional jump or move' valgrind error.
new cd7c57c s4:torture:raw: fix 'Invalid read of size 1 & Conditional jump or move' errors.
new 1ae1920 s4:torture:smb2: fix Use of 'uninitialised value of size 8' valgrind error.
new dc927de s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new bfc2349 s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
new d7e6d37 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new 9ce1f28 s4:torture:smb2 fix 'Use of uninitialised value of size 8' valgrind error.
new 2f137a9 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error
new fbf476e s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new b90f5f4 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new 37696e9 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new 4045931 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new ef461a3 s4:torture:smb2: fix 'Use of uninitialised value of size 8' valgrind error.
new 0ae25ff s4:torture:libnet: fix 'Conditional jump or move' valgrind error
new 8d998db s4:torture:libnet: fix 'Syscall param writev(vector[...])' valgrind error
new 417a58a s4:torture:vfs: fix Invalid read of size 8 valgrind valgrind error (and segv)
new 39bbd40 fix Invalid read of size 8
new d59ae31 ctdbd_conn: Adapt loop counter's type to the loop limit
new 14beae7 ctdbd_conn: Use sys_poll_intr
new b1277ac ctdbd_conn: Use ctdbd_init_connection in ctdbd_probe
new 1ff4002 ctdbd_conn: Make ctdbd_init_connection public
new e2d39ae lib: Use ctdbd_init_connection in messaging_ctdbd_init
new 966cef0 ctdbd_conn: Remove unused ctdbd_messaging_connection
new ff72a8a lib: Move ctdbd_init_connection out of ctdbd_traverse()
new d36def8 lib: serverid.h references struct server_id
new f0525d4 ctdbd_conn: Avoid "includes.h"
new 445ad6e ctdbd_conn: Use ctdbd_control_local where possible
new aad53cf ctdbd: Use talloc_memdup where appropriate
new 2bd1bcf ctdbd_conn: Add some more debug info
new ad5a4a9 ctdbd_conn: Make "cstatus" int32_t
new 53e0860 Fix CHECK_CODE usage in atomics builtin detection
new 81ca7ea Refactor the dns_open_connection code so that duplicate code is removed and ensure that EINTR is handled in the UDP path.
new 3e3e72f s3/rpc_server: mdssvc: suppress compiler warnings from glib headers
new 32b1f78 LDB: Redudant test on NULL context remove
new cce6b67 dbwrap_ctdb: Fix ENOENT->NT_STATUS_NOT_FOUND
new 2a81893 ctdb-tests: Fix CID 1358704 use of "=" where "==" may have been intended
new f9099d3 s3-libads: Fix compilation with MIT Kerberos
new b9ffb93 talloc/testsuite: Fix CID 1291641 - Logically dead code
new 9a7a38a lib/http/http_auth: Fix CID 1273428 - Unchecked return value
new 51f221c dcesrv_backupkey_heimdal: Fix CID 1321647 - Unchecked return value
new f4181f2 ldb-samba/ldb_matching_rules: Fix CID 1349424 - Uninitialized pointer read
new 07e2f47 Fix the smb2_setinfo to handle FS info types and FSQUOTA infolevel
new 10b0a8b smbd: Avoid large reads beyond EOF
new 1b607f2 ctdb-build: ctdb-system depends on samba-util for debug
new 4842b6b ctdb-recovery: Rename recovery lock functions and struct
new 14a2330 ctdb-recovery: Use single char ASCII numbers for status from child
new 419f57f ctdb-recovery: Factor out new function set_recmode_handler()
new ab75f2a ctdb-recovery: Use a configurable handler when testing cluster mutex
new 43e9f58 ctdb-recovery: Factor out reclock testing into ctdb_cluster_mutex()
new 978404e ctdb-recovery: Add optional timeout argument to ctdb_cluster_mutex()
new c14e0ff ctdb-tools: Simplify "ctdb getreclock" output
new 5cf3b7a ctdb: Add new helper ctdb_mutex_fcntl_helper
new e679a17 ctdb-recovery: Switch ctdb_cluster_mutex() to use helper
new 0b0b954 ctdb-recovery: Kill cluster mutex helper with a signal that can be caught
new 64d5572 ctdb-recovery: Reimplement ctdb_recovery_lock() using ctdb_cluster_mutex()
new 918b0d9 ctdb-recovery: Parse recovery lock setting
new 4668486 ctdb-recovery: Recovery lock setting can now include helper command
new 94fb2cf ctdb_recovery: ctdb_cluster_mutex() now takes an argstring argument
new ecc6751 ctdb-recovery: Factor out setting of cluster mutex handler
new df99d9e ctdb-cluster-mutex: Factor out cluster mutex code
new bcb838b ctdb-recovery: Move recovery lock functions to recovery daemon code
new 721f645 ctdb-recovery: Move recovery lock latency updating to handler
new f667ff6 ctdb-doc: Document cluster mutex helper API
new 4158729 selfttest: add common_test_fns.inc
new 8704958 s4:gensec_tstream: allow wrapped messages up to a size of 0xfffffff
new 795e796 s3:libads/sasl: allow wrapped messages up to a size of 0xfffffff
new 95b8b02 lib:krb5_wrap:krb5_samba: increase debug level for smb_krb5_get_default_realm_from_ccache().
new b659503 s3:librpc:crypto:gse: increase debug level for gse_init_client().
new 9930bd1 auth/spnego: change log level for 'Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR'
new 032c273 auth/spnego: handle broken mechListMIC response from Windows 2000
new 5041adb auth/ntlmssp: don't require any flags in the ccache_resume code
new d97b347 auth/ntlmssp: don't require NTLMSSP_SIGN for smb connections
new 53be474 s3:libsmb: use password = NULL for anonymous connections
new 8e016ff libcli/smb: fix NULL pointer derreference in smbXcli_session_is_authenticated().
new e6f9e17 libcli/smb: add smb1cli_session_set_action() helper function
new cceaa61 libcli/smb: add SMB1 session setup action flags
new 8f4a4bec libcli/smb: add smbXcli_session_is_guest() helper function
new 02c9021 s3:libsmb: record the session setup action flags
new fa57992 s3:libsmb: don't finish the gensec handshake for guest logins
new e72ad19 s3:libsmb: use anonymous authentication via spnego if possible
new 6546295 auth/spnego: only try to verify the mechListMic if signing was negotiated.
new d247dce s4:auth_anonymous: anonymous authentication doesn't allow a password
new ead483b s3:auth_builtin: anonymous authentication doesn't allow a password
new 837e617 libcli/security: implement SECURITY_GUEST
new 25ce978 s3:smbd: make use SMB_SETUP_GUEST constant
new 79a7154 s3:smbd: only mark real guest sessions with the GUEST flag
new d667520 auth/ntlmssp: do map to guest checking after the authentication
new db9c01a auth/spnego: add spnego:simulate_w2k option for testing
new 7a2cb2c auth/ntlmssp: add ntlmssp_{client,server}:force_old_spnego option for testing
new b8055cb selftest:Samba4: provide DC_* variables for fl2000dc and fl2008r2dc
new 7091033 s3:test_smbclient_auth.sh: this script reqiures 5 arguments
new 587b5db selftest:Samba4: let fl2000dc use Windows2000 supported_enctypes
new 4de4338 selftest:Samba4: let fl2000dc use Windows2000 style SPNEGO/NTLMSSP
new eee88e0 s3:selftest: add smbclient_ntlm tests
new 184e787 winbindd: check if dcinfo from genache is expired
new b61658e winbindd/idmap_rfc2307: Fix CID 1273424 - Read from pointer after free
new 90403de testsuit/manage-ca.sh: specify key size in CSRs
new f198abc Provide fallback code for non-portable clearenv(3)
new 2c03d00 nt-quotas: fixup failure case for TRANSACT_GET_USER_QUOTA_FOR_SID
new d28282c xfs quotas - fix case of no quota for user
new e0d8c6b s3:client:smbspool_krb5_wrapper: fix the non clearenv build.
new 3d33ebe winbindd: Remove unused prototypes for winbindd_group.c
new 8bb4fcc gensec: Change log level of message when no PAC is found
new e2642da smbcacls: Do not read old ACL for 'set' operation
new 84a13e7 ctdb/ltdbtool: Fix static declarations
new 685e813 Add build option for default smbpasswd location
new ddfbd74 ctdb-doc: Fix example NFS Ganesha recovery directory maintenance logic
new fcb2ab7 ctdb-protocol: Fix marshalling of ctdb_string
new 324ae75 ctdb-protocol: Use ctdb_string marshalling
new c64435f ctdb-protocol: Fix marshalling of TDB_DATA
new 2e14d4e ctdb-protocol: Use TDB_DATA marshalling
new 79d1507 ctdb-protocol: Fix marshalling of ctdb_req_header
new 6ec25c7 ctdb-protocol: Use ctdb_req_header marshalling
new 8a20c11 ctdb-protocol: Add length routines for protocol elements
new 75363b9 ctdb-protocol: Use length routines for protocol elements
new e834e0a ctdb-protocol: Fix marshalling of ctdb_reply_control
new 0eca31b ctdb-protocol: Expose function to allocate a packet
new 2717427 ctdb-protocol: Check arguments in ctdb_allocate_pkt
new 0885872 ctdb-tests: Make sure the packet length matches the allocated size
new bf9b0b9 ctdb-protocol: Drop buffer allocation from protocol push functions
new 1fcedeb ctdb-protocol: Use consistent names for function arguments
new f288ce8 ctdb-client: Drop unnecessary discard_const
new 10dbedd ctdb-protocol: Return required buffer size in push functions
new a7cfb92 docs: Fix an outdated remark, tdbsam is default
new 89f5bbc dns: remove double talloc for strings
new ac4dd94 dnsserver: Remove C++ style comment
new 870b74d selftest: Remove an early return in the fl2003dc provision
new 5caebde dns: modify dns forwarder param to be multi-valued
new 3b2f9f8 tests/dns_forwarder: Add testing for DNS forwarding
new 2570f16 tests/dns: Add additional testing of CNAME handling
new 61f1eaf tests/dns_forwarder: remove statically defined IPs
new 97a7547 tests/dns_forwarder: Add an extra test for inactive forwarders
new 26cfd75 tests/dns_forwarder: Add additional testing for no flag recursive
new 34d2bfe VLV: initialise struct using names for clarity
new b59b22a VLV: handle empty results correctly
new 81f4e53 VLV: test using restrictive expressions
new 3751ffb autobuild: Return the last 50 log lines
new c264935 .gitignore: don;t accidentally ignore some files
new ef0f465 Fix formatting issue on 32bit with _FILE_OFFSET_BITS == 64
new 98712e9 libndr: Add ndr_pull_struct_blob_all_noalloc
new 5359031 ldb-samba: Use ndr_pull_struct_blob_all_noalloc
new 6b5b004 s3/lib: rework get_remote_arch_str() to use an array
new 44c236a s3/lib: add get_remote_arch_from_str()
new 719e422 s3/lib: add remote arch caching
new a2c59d3 smbd: use remote arch caching
new a5fd779 lib: The base64 chars are by definition single-byte :-)
new f457535 lib: =0 and |= is equivalent to =
new cf5a810 lib: Make callers of base64_encode_data_blob check for success
new 9ec3332 lib: Remove SMB_ASSERT from base64_encode_data_blob
new 93b982f lib: Give base64.c its own .h
new 87fa3c3 lib: Avoid includes.h in base64.c
new bb9f5ce s3:smbd/service disable case-sensitivity for SMB2/3 connections
new 3242776 s3:smbd/service apply some code formatting
new a9ccd50 s3:smbd/filename remove smelly code
new c519cc8 selftest: test for case insensitivity over SMB2/SMB3
new f85b30a s3:smbd remove todo comments
new 0f6d51f s3:libnet:libnet_join: add netbios aliases as SPNs
new 2a872e2 Correctly set cli->raw_status for libsmbclient in SMB2 code
new 625dcef vfs_fruit: add an option that allows disabling POSIX rename behaviour
new 2fe2e66 autobuild: fix typo in autobuild success subject line
new d4d14b1 lib:talloc. Fix memory leak when destructors reparent children.
new 83b64ae talloc: version 2.1.7
new dc3e224 Reset WHATSNEW.txt for 4.5.x series
new b51add1 smbd: remove "only user" and "username" parameters
new 25ac392 WHATSNEW: Document "only user" removal
new d4b3cb0 manpages: Markup led to missing space
new 38e08d7 typo: mplementation => implementation
new f74f2e0 examples/crackcheck: allow compilation with current builds
new 3e272e0 ctdb-recover: Avoid duplicate deferred attach processing
new 4bef374 ctdb-daemon: Don't use CTDB_SRVID_TAKEOVER_RUN_RESPONSE
new e225fbd ctdb-protocol: Drop unused CTDB_SRVID_TAKEOVER_RUN_RESPONSE
new 0a9401f ctdb-recoverd: Drop unreachable code
new e8c33aa ctdb-recoverd: Simplify return values when updating local flags
new ff28cbb ctdb-recoverd: Call election when necessary in recovery master validation
new fc4cbf5 ctdb-recoverd: Check that IP failover is active in IP verification
new bdcc796 ctdb-recoverd: Skip known IP address checking when it is disabled
new 4947789 ctdb-recoverd: Clean up local IP verification
new 866ca59 ctdb-recoverd: Fold IP allocation house-keeping into IP verification
new ebd139c init: set core file size to unlimited by default
new 6379737 heimdal: encode/decode kvno as signed integer
new a3f3a6c smbd: Remove an unused #define
new 58a8323 libcli/auth: let msrpc_parse() return talloc'ed empty strings
new 2855a30 selftest: Print a message when RID allocation fails
new 90cbf4f selftest: Wait 60 seconds for a RID alloc
new d6cebed dsdb: Clarify rename handling as to which record is being renamed
new e822b31 dsdb: Improve debug messages in operational module
new 4456f38 python/join.py: Avoid unchecked print in error path
new 6bb577f source4/param/pyparam.c: fix strange indentation
new cc6ed8f dsdb/common/util: remove some unnecessary str_list_length()s
new dfa9a5c dsdb/common/util: be careful about zero length string lists
new 8a3c905 dsdb schema_query: reduce calls to str_list_length
new 891abcf source4/registry/local: avoid str_list_length() to check first element
new 2f44f37 ldb: Fix error string when renaming to an DN that already exists
new 9084dae repl_meta_data: Explain why time(NULL) is good enough here
new bcace46 selftest: Include a few more details in selftest and samba startup.
new 9e2c1f7 join.py: Fetch the remote DC NTDS GUID early
new f6c7907 pidl: Correct string handling to use talloc and be in common
new 2ba83ae pytalloc: avoid double 0x0x in repr strings
new ed11ce8 Python pidl: avoid segfault with "del obj->attr"
new 4c7a3fd tests/dcerpc/array.py: test deletion of arrays
new eab6796 selftest: Enable samba.tests.dcerpc.array test
new 91f6439 tests/dcerpc: add tests for string allocation and deletion
new 63f7466 ctdb-tests: Get rid of ctdb func tests
new 60d0725 ctdb-lvs: Allow override of CTDB for testing
new ad0286c ctdb-natgw: Allow override of CTDB for testing
new e35ffb0 ctdb-protocol: Add function to compare ctdb_sock_addr
new e36a201 ctdb-tool: Remove xpnn command and related tests
new c8ed16b ctdb-tests: Remove ctdb reloadips tests
new bbadce4 ctdb-tool: Add test-hooks to enable testing of the tool
new 627e9a9 ctdb-tool: All errors should be logged via stderr
new 0711904 ctdb-tests: Add fake ctdb daemon implementation for testing
new 1394856 ctdb-tests: Use fake_ctdbd for ctdb tool tests instead of ctdb stub
new 90f04c7 ctdb-tests: Remove ctdb tool stub code
new 047886e ctdb-tests: Fix output for ctdb getcapabilities test
new 92d3704 ctdb-tests: Fix output for ctdb lvs test
new 92c8bd7 ctdb-tests: Fix output for ctdb reloadnodes tests
new e3fdb0a ctdb-tests: rename tests from stubby.* to ctdb.*
new 37ef959 samr4: Use <SID=%s> in GetAliasMembership
new e0acee0 samr4: Remove talloc_asprintf leak onto mem_ctx
new ac1ed18 classicupgrade: Avoid needing to quote CN values in an DN, use dn.set_component()
new 15f191a ldb-samba: Add "secret" as a value to hide in LDIF files
new 7efbe11 s3:libsmb/clifile use correct value for MaxParameterCount for setting EAs
new 86dbdce s3:rpc_server/samr: simplify the logic in get_user_info_18()
new 4fe5987 s3:rpcclient make --pw-nt-hash option work
new d0cdf02 s3:selftest add a test for rpcclient --pw-nt-hash option
new a55ac51 s3:rpcclient add -m option
new 149fa72 tevent:threads: fix -O3 error unused result of write
new 24b267e tevent:signal: fix -O3 error unused result of write
new 1521e68 tevent:signal: fix -O3 error unused result of read
new 22918a0 tevent:testsuite: fix O3 errors unused result for read
new 7740876 tevent:testsuite: fix O3 errors unused result of write
new a860245 tdb:torture: fix -O3 error unused result code of read
new 0e80775 tdb:torture: fix -O3 error unused result of write
new af83bc3 debug: fix -O3 warning - unused return code of write()
new 4680fe0 lib: add sys_read_v - void variant of sys_read
new 258360f lib: add sys_write_v - void variant of sys_write
new c150234 s4:libcli:resolve: fix O3 error unused result of write
new 2d8a312 s4:registry:patchfile: fix O3 error unused result of write
new 8e52137 s4:ntvfs: fix O3 error unused result of asprintf
new b64a24e s4:ntvfs: fix O3 error unused result of asprintf in svfs_file_utime
new 8f4759d s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_map_fileinfo
new fa80f1a s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_list_unix
new 93b1dac s4:ntvfs: fix O3 error unused result of asprintf in cifspsx_file_utime()
new 2a2d990 s4:ntvfs: fix O3 error unused result of write error in nbench_log()
new a6db052 s4:regshell: fix O3 error unused result of asprintf in reg_complete_key()
new ebfbf6b s4:torture:basic: fix O3 error unused result of asprintf
new 9918234 s4:torture:basic:misc: fix O3 error unused result of asprintf
new f725691 s4:torture:basic: fix O3 error unused result of write
new ef63ebd s4:torture:basic:dir: fix O3 error unused result of asprintf
new 080946c s4:torture:basic:delete: fix O3 error unused result of asprintf
new ea668a2 s4:torture:rpc:samlogon: fix O3 error unused result of asprintf
new a7fc5e0 s4:torture:nbench: fix O3 error unused result of asprintf
new 33d20f9 s4:client: fix O3 error unused result of of chdir and system
new 8f16d23 s3:samlogon_cache: fix O3 error unused result of truncate
new b7cf771 s3:utils:log2pcaphex: fix O3 error unused result of fgets
new 6bd436f s3:utils:log2pcaphex: fix O3 error uninitialized variable
new 3776a9c s3:smbfilter: fix O3 error unused result of system()
new 1f04687 s3:vfs:aio_fork: fix O3 error unused result of write
new ac64aab s3:vfs:preopen: fix O3 error unused result of write
new 5dae286 examples:smbclient:testacl3: fix O3 error unused result from fgets
new 2ec0ecc examples:smbclient:notify: fix O3 error unused result from fgets
new 49b9185 examples:smbclient:statvfs: fix O3 error unused result of fgets
new 398bb12 examples:smbclient:fstatvfs: fix O3 error unused result of fgets
new b279aa1 examples:smbclient:read: fix O3 error unused result of fgets
new fb81a0b examples:smbclient:write: fix O3 error unused result of fgets
new 3b4eb71 s3:modules/vfs_snapper squelch -O3 compile warning
new 8b3ae1b s4:repl_meta_data: squelch compile warning with -O3
new cc9d380 autobuild: add a target samba-o3 that is built with -O3
new 2317800 autobuild: run the samba-o3 target by default
new d36e693 travis: run the samba-o3 target
new 9056b43 ctdb-takeover: Drop ipreallocated fallback code
new d61a75f ctdb-takeover: PNN can be used to index into node map
new a44c099 ctdb-takeover: Takeover callback data doesn't need a node map
new 06ad171 ctdb-takeover: New function takeover_callback_data_init()
new 1f0263c ctdb-takeover: Use the takeover_run_fail_callback() in more cases
new db9ec11 ctdb-takeover: Have the takeover fail callback log a message
new 0053b85 ctdb-takeover: Send banning credit messages from fail callback
new 1c60694 ctdb-takeover: Count takeover run failures
new 1e9f650 ctdb-takeover: Only apply banning credits to the worst offender
new 9dc3b11 ctdb-takeover: Recovery daemon no longer passes fail callback
new 4331306 ctdb-takeover: Do not set node unhealthy when "takeip" fails
new 662f06d ctdb-recoverd: Drop explicit check to flag takeover run needed
new 2a93b84 ctdb-recoverd: Move takeover run checks after recover checks
new ebbeab7 ctdb-recoverd: Drop an unnecessary log message
new e3e4f37 ctdb-recoverd: Add early return in srvid_requests_reply()
new f9d4cb4 ctdb-recoverd: Unify takeover run triggering code in main loop
new a857e33 ctdb-scripts: Various small fixes to example nfs-ganesha-callout
new 755f060 ctdb-scripts: Organize global variables in nfs_ganesha_callout
new d375fd8 ctdb-scripts: Add register action to nfs-ganesha-callout
new e9b507c ctdb-scripts: Use D-Bus messages to trigger grace in nfs-ganesha-callout
new a540a0d ctdb-scripts: Cleanup service_check() in nfs-ganesha-callout
new c7dbf72 ctdb-scripts: Parametize symlink checking in nfs-ganesha-callout
new 8b59705 ctdb-scripts: Add config options for use by clustered NFS
new 83226d9 ctdb-scripts: Section off GPFS-specific functionality in nfs-ganesha-callout
new ecbe6c6 ctdb-scripts: Add GlusterFS support to nfs-ganesha-callout
new a5d49b7 smbd: Fix an assert
new 2600f82 ctdb: Improve debug in case of set_runstate failure
new 7d0fe14 ctdb: Fix the O3 developer build
new 8c332f4 lib: Fix a signed/unsigned mixup
new c4504bd lib: Fix some whitespace
new c42c0c0 torture: Remove a use of get_my_vnn()
new 87c5265 gitignore: ignore library bin directories
new b3b2fee python/tests/dns_forwarder: fix for python 2.6
new a1309d5 ctdbd_conn: remove ctdb_processes_exist
new 0b8896d ctdbd_conn: Simplify two DEBUGs
new 120f867 ctdbd_conn: "sockname" is not needed anymore
new 33c8861 ctdbd_conn: Expose ctdb socket readability handler
new 069d79b lib: Move async message handling out of ctdbd_conn
new e3fcf90 dbwrap_ctdb: Align loop index with terminator
new 0a367f5 dbwrap_ctdb: Add "conn" to db_ctdb_ctx
new 3fe3226 dbwrap_ctdb: Pass in ctdbd_connection
new 46be182 dbwrap: Add "msg_ctx" to db_open_ctdb
new 3bd368b ctdbd_conn: Remove messages.h dependency
new 1dcdd86 dbwrap_ctdb: Fix some 32-bit hickups
new 404acae dbwrap_ctdb: Remove get_my_vnn dependency
new 04b5e9c ctdb: Fix CID 1361817 Dereference after null check
new 84aea20 ctdb: Fix CID 1327222 Copy into fixed size buffer
new 825cce1 s3:ntlm_auth: make ntlm_auth_generate_session_info() more complete
new aa57604 s3:smbd: fix anonymous authentication if signing is mandatory
new 46524b4 packaging: Remove ulimit usage for setting core file size limit
new ba9ccc6 packaging: Set default limit for core file size in init scripts
new f15b23f packaging: Set default limit for core file size in service files
new 858e1ea s3-net: Convert the key_name to UTF8 during migration
new 1171fe6 s3-net: Cleanup the code of printing migration
new 3564873 s3:vfs: add 'kernel_share_modes_taken' to files_struct
new 6b232b2 smbd:close: only remove kernel share modes if they had been taken at open
new 9667297 WHATSNEW: Clear release notes for Samba 4.5.0pre1.
new 1de7747 WHATSNEW: add 'Support for LDAP_SERVER_NOTIFICATION_OID'
new 3aefd27 python:samba: move netcmd/time.py to python/samba/netcmd/nettime.py
new 3c0d86e vfs_fileid: Fix a signed/unsigned mixup
new 249012f vfs_fruit: Fix a few signed/unsigned mixups
new f85f4ce swrap: Update to version 1.1.7
new 1c76746 notifyd: prevent NULL deref segfault in notifyd_peer_destructor
new 61d38c8 ctdb-scripts: Support systemctl directly
new 02c2958 ctdb-scripts: Drop unnecessary detect_init_style() call
new 4146fb9 s3: locking: Rename xxx_windows_lock_ref_count to xxx_lock_ref_count.
new a3df904 s3: locking: Add some const.
new a3cb0a4 s3: locking: Add a const struct lock_context * paramter to set_posix_lock_posix_flavour()
new 66b8ee1 s3: locking: Convert on the wire behavior of POSIX (UNIX extensions) locks from process-associated locks to open file description locks.
new 1863e6d s3: torture: Add POSIX-OFD-LOCK test.
new bb93b24 s3: lib: Add 'int op' parameter to fcntl_getlock().
new da9b705 s3: VFS: Add bool use_ofd_locks member to struct files_struct.
new 5985383 s3: lib: util: Add map_process_lock_to_ofd_lock() utility function.
new e39436e s3: VFS: Map process-associated lock operation to open file description lock operation.
new 7d0def3 s3: wscript: Add checks for open file description locks.
new f4b5e9d Revert "s3:rpcclient add -m option"
new 2eb824f s3:rpcclient: make use of SMB_SIGNING_IPC_DEFAULT
new 5913329 s3-quotas: fix sysquotas_4B quota fetching for BSD
new b2b951d heimdal make kvno unisgned internally
new 7a3f0cf selftest: fix printf in cleanup_child()
new e06d016 selftest: improve misleading indentation in cleanup_child()
new 98304a8 selftest: improve logic in cleanup_child() with early return
new de2bc19 selftest: systematize formatting of if/elseif/else indentation in cleanup_child
new ca33674 s3:selftest: run test_smbclient_ntlm also against ad_dc
new 6de656b selftest: use the default values for "server signing"
new e7f54a2 samdb: Improve debugging in acl_validate_spn_value()
new 5af28c9 drsuapi: Improve debug in DsWriteAccountSpn
new e59e0a5 s3-smbspool: Log to stderr
new 92b4b6b s3-smbd: Support systemd 230
new 46695fa s3: libsmb: Add sync and async cli_posix_whoami().
new 17045c3 s3: smbclient: Add posix_whoami command.
new bc3fcb2 s3: docs: Add documentation for posix_whoami command in smbclient.
new 6ded4f5 drsuapi tests for DsBind with w2k8
new 1fd7c28 Extend DsBind and DsGetDomainControllerInfo to work with w2k8.
new b4878cf ctdb-scripts: New functions ip_block() and ip_unblock()
new d78bf2e ctdb-scripts: Rename get_iface_ip_maskbits_family() to get_iface_ip_maskbits()
new a412f21 ctdb-tests: Drop no-op functions and add an ip6tables stub
new 6cc4f78 ctdb-scripts: Simplify ip_maskbits_iface()
new cec2c9f ctdb-tests: Allow local daemons to be run under valgrind
new b6e7548 ctdb-tests: Make sure empty override values are properly quoted
new 4db5711 ctdb-common: Use correct macro for checking Ethernet hardware family
new 9fa8b5c s3-sysquotas-linux: remove support for old interfaces
new 38356be s3-sysquotas-linux: remove check for EDQUOT on getting user quota
new 847eff3 s3-sysquotas-linux - cleanup
new 1b3b893 s3: auth: Move the declaration of struct dom_sid tmp_sid to function level scope.
new 7a725ee Fix memory leak in share mode locking.
new b5ac30e vfs_fake_dfq: add more mocking options
new de2d624 selftest: add disk-free quota tests
new 42151f6 smbd: dfree - ignore quota if not enforced
new 227b35a s3: net: Return an error when no name servers were returned by the lookup so that we see an error in self test.
new b5f1ce8 s3: lib: ldap: Use struct sockaddr_storage to cope with IPv6.
new 3b5e3ef lib: tevent: Use struct sockaddr_storage to cope with IPv6.
new af6bd05 rwrap: Update resolve_wrapper to version 1.1.4
new 4feffb6 s3/client/clitar.c: NULL-check correct variable
new 7583377 samba-too: Allow 'samba-tool fsmo' to cope with empty or missing fsmo roles
new 3b352d3 s3-sysquotas-linux: do not check for EDQUOT
new 3d02489 selftest: remove test for EDQUOT returned from quota backend
new 8078e5f vfs_fake_dfq - remove support for generating EDQUOT
new b79ea7d s3-sysquotas: remove special handling of EDQUOT
new f722185 s3-dfree-quota: remove special handling of EDQUOT
new b83a742 dsdb: Simplify acl_validate_spn_value
new 537d5fc ctdb:tcp: add missing spaces in debug message in ctdb_tcp_node_connect()
new b360c72 ctdb:banning: timedout->timed out in dbg messages in ctdb_ban_node_event()
new 2fbf194 ctdb:eventscript: timedout->timed out in ctdb_event_script_args()
new c0b17c3 ctdb:tests: timedout->timed out in 60.nfs.multi.004 test
new dfda458 rpc_server/drsuapi: Return the correct 3 objects for DRSUAPI_EXOP_FSMO_RID_ALLOC
new 59d6c7c getncchanges: Give the correct error when RID_ALLOC fails on an invalid destination_dsa_guid
new b8f3252 getncchanges: Use the talloc_stackframe() for tempory memory
new 2d9383e getncchanges: Fill in ctr6.linked_attributes with a pointer to a zero-length array
new cb32e25 dsdb/subtree_rename: Rename the base before we rename children
new 01043fc repl_meta_data: Do rename before deleted object cleanup
new 57cb011 ctdb:banning: Improve a debug message
new 4b5eaf9 ctdb:banning: Improve debug message in ctdb_ban_node_event()
new f8141e9 ctdb-recoverd: Freeze databases whenever the node is INACTIVE
new e8c9e10 talloc: rename local timeval function copies
new 32c7d0c winbindd: log domain name of failures to get trustdoms
new e70fef9 winbindd: prevent log spam when enumerating users
new 0b79ec2 s3/client/clitar.c: always close fd
new 38faafe torture: Fix trailing whitespaces in krb5 tests
new db23c0f torture: Add a dummy test for MIT Kerberos case
new 84c4b91 sdb: Do not set disallow if we do not have ticket info in the DB
new 3d6e18f kdb: Do not allocate memory with size 0
new 00267c9 sdb: Fix NULL pointer deference if we return early
new 7a1fd66 sdb: Do not create kmod information if we return early
new 7019103 mit_samba: Return 0 in case of a wrong realm
new 8267b2e mit_samba: Fix flags that we get a referral tickets
new 4aab5ba mit_samba: Allow to use SPNs for AS-REQ
new 5fe59f3 dsdb: Use DRSUAPI_ATTID_isDeleted constant in repl_meta_data
new 2679bdc dsdb: Improve syntax clarity
new be7b291 selftest: Mark LDAPNotificationTest.test_max_search flapping
new ea84001 samba-tool domain demote: Fix error handling and error messages
new b816ca3 torture: Only walk over objects actually converted in drs.dssync
new 9066571 repl: Do not consider userPassword differences to matter in rpc.dssync
new 0b4c741 build: Build less of Samba when building --without-ntvfs-fileserver
new b929008 Improve help wording for samba-tool domain provision as per https://lists.samba.org/archive/samba-technical/2016-April/113740.html
new 8814b25 lib: replace: snprintf - Fix length calculation for hex/octal 64-bit values.
new 469fdcd Efficient xattr handling for VxFS Signed-off-by: Abhidnya Joshi <Abhidnya.Joshi at veritas.com>
new 5c008e0 samba_dnsupdate: do not interpret failure count as unix error code
new 82a1094 samba_spnupdate: do not interpret failure count as unix error code
new 93dcca2 ctdb-recovery: Update timeout and number of retries during recovery
new 5c6a977 selftest: Use random OIDs from under the Samba OID arc
new 21b4f67 dsdb: Remove incorrect RDN attid check in replmd_replPropertyMetaDataCtr1_verify
new 5967852 repl: Allow GetNCChanges DRSUAPI_EXOP_REPL_OBJ to succeed against a deleted object
new 65a35ac repl: Pass in the full partition DN to dsdb_replicated_objects_convert()
new d103aab dsdb: Only search the provided partition for the object GUID
new ca2e038 samba-tool domain join: Set drsuapi.DRSUAPI_DRS_GET_ANC during initial repl
new c6ed444 selftest: Make replica_sync test pass against Windows 2012R2
new de8fb1f dsdb: Allow "cn" to be missing on schema import
new 0f28c96 repl: Remove duplicated delete of sAMAccountType
new e070af2 selftest: Only mark runtime dbcheck as flapping
new db15993 dbcheck: Find and fix a missing Deleted Objects container
new ee80da5 repl: Retry replication of the schema on WERR_DS_DRA_SCHEMA_MISMATCH
new 4d26210 dsdb: Cache our local invocation_id at the start of each request
new 2082c0c lib/util: Avoid splitting tevent-unix-util as public library
new 97e1f53 ctdb-packaging: Remove tevent-unix-util public library
new a936234 Add yet another error code when forking an smbd and ctdb is not there. We can see NT_STATUS_CONNECTION_REFUSED in the logs upon such a rare case.
new 2d67128 dsdb: Move operational below repl_meta_data so we can query parentGUID
new 449271d repl: Enforce that we have parent objects for all replicated objects
new 1e21a5a dsdb: Clearly fail to replicate objects not NC_HEAD with a all-zero parentGUID
new fb9f526 dsdb: Give more errors in operational module when building the parentGUID
new 7773116 repl_meta_data: Fail to replicate over local objects not NC_HEAD with a all-zero parentGUID
new e1dcd45 repl_meta_data: Give more information on replication rename behaviour
new 8938f38 dsdb: Split rename case out of replmd_op_possible_conflict_callback
new 90581b2 dsdb: Simplify replmd_op_possible_conflict_callback behaviour
new 9aa2d44 dsdb: Give the objectGUID ahead of LDIF dump of replicated changes
new c5ed894 selftest: initial version of new repl_move test
new ca37c71 selftest/drs: Show we return the correct 3 objects for DRSUAPI_EXOP_FSMO_RID_ALLOC
new 4271692 repl: Do not report all replication failures at level 0
new 39ac5ad selftest: Add another test case to replica_sync test
new f7eb865 selftest: Assert that name, the RDN attribute and actual RDN are in sync
new cccd20f Remove the try/catch from urgent_replication.py
new 8f93bfc samldb: Make checks for schema attributes much more strict
new ae3d0fe selftest: Add tests to show that we can not create duplicate schema entries
new fa2a94a selftest: These replication tests are now OK after we fixed all the replication bugs
new 8f1557a selftest: Run the krb5.kdc test on a more selective basis
new 0b525fe selftest: Do not scan the full DB to confirm a specific DN in dbcheck
new f709261 dsdb: Add new helper function replmd_replPropertyMetaData1_new_should_be_taken()
new dae543e dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_op_possible_conflict_callback()
new b28d8d4 dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_handle_rename()
new f0aa1d8 dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_apply_merge()
new 5fee4aa dsdb: Use replmd_replPropertyMetaData1_new_should_be_taken in replmd_replicated_apply_search_callback()
new 9dcc62e selftest: Add more tests to cover attribute changes vs DN renames
new 225cef9 dsdb: Show initial replicated modify as well as resolved modify in repl_meta_data
new a8430d1 dsdb: Fix incorrect sorting of replPropertyMetaData with RDN last
new 374a011 dsdb: Fix rename and RDN handling for replPropertyMetaData
new 889f33d selftest: Assert replPropertyMetaData values before and after replication
new c4afb1d selftest: Add a reverse variation to ReplicateMoveObject3
new 1a87c9b repl: Avoid use-after-free when working with the working_schema
new 768f356 lib/poll_funcs: Build as SAMBA_SUBSYSTEM
new 6dcf81a lib: Move msghdr to lib/util/
new 2db6eb8 lib/util: Expose few more subsystems for standalone ctdb build
new dd27469 lib: Move poll_funcs to lib/
new 6d26d72 lib: Add accept_send/recv
new 6279773 lib: Fix CID 1362566 Dereference null return value
new f5e95af rpc_server: Fix CID 1362565 Improper use of negative value
new 08a7866 libsmb: Fix two CIDs for NULL dereference
new a3c2a39 ctdb-tests: Replace "ctdb setrelock" test with "ctdb getreclock" test
new d3da6f0 ctdb-tool: Drop support for "ctdb setreclock" command
new 091d4d2 ctdb-recovery: Consistency check reclock in start recovery control
new 23823f1 ctdb-recovery: Don't sync recovery lock across cluster
new 1127f3a ctdb-recovery: Don't update recovery lock from daemon
new 312521f ctdb-client: Remove support for SET_RECLOCK
new 872eb37 ctdb-protocol: Drop support for SET_RECLOCK
new 5b4dd8c ctdb-protocol: CTDB_CONTROL_SET_RECLOCK_FILE is obsolete
new f16b26b ctdb-daemon: Drop function ctdb_set_recovery_lock_file()
new fdd214c ctdb-daemon: Rename recovery lock file to just recovery lock
new dbd4e67 ctdb-recoverd: Don't expose internal cluster mutex status
new 630f169 ctdb-recoverd: Fix buggy function return on memory allocation failure
new a47da82 ctdb-cluster-mutex: Don't call the supplied hander more than once
new 58be187 ctdb-recoverd: No need to reset reclock handler
new 5c4744e ctdb-cluster-mutex: Pass a talloc context to allocate the handle off
new 197264d ctdb-recoverd: Recovery lock handle should be in recovery deamon context
new a192364 ctdb-recoverd: Simplify reclock handler
new 8cf74f3 ctdb-recovery: Wrap private data for reclock test callback
new 145ddcb ctdb-cluster-mutex: Drop cluster_mutex_handler() ctdb and handle arguments
new 4f0ca01 ctdb-cluster-mutex: ctdb_cluster_mutex() registers handler and private data
new 95a7920 ctdb-cluster-mutex: Register an extra handler for when mutex is lost
new 75717ac ctdb-recoverd: Add handler for lost recovery lock
new 174449c ctdb-recoverd: Release recovery lock on exit
new b7073d4 ctdb-cluster-mutex: Fix #endif decoration
new 2a5183f build: Try to work around strict aliasing rules on Ubuntu 10.04
new 6888c17 build: Address may be used uninitialized in this function on Ubuntu 10.04
new 6096233 ctdb-scripts: Move NFS callout-related code to functions file
new 48d1fd8 ctdb-scripts: Add eventscript 06.nfs
new 3031732 ctdb-tests: Re-use async accept wrapper from async_req
new e1e1442 ctdb-tests: Re-use set_blocking instead of re-definition
new 95c2cd1 lib/util: Add a generic definition for set_close_on_exec
new a4ac97d ctdb-daemon: Use lib/util functions instead of redefinitions
new 3d3c152 ctdb-system: Remove duplicate functions
new ecb7472 ctdb-recoverd: Avoid duplicate recoverd event in parallel recovery
new c620bf5 ctdb-daemon: Reset push_started flag once DB_PUSH_CONFIRM is done
new 0e2711b lib: Fix uninitialized read in msghdr_copy
new e46cb9b s3: krb5: keytab - The done label can be jumped to with context == NULL.
new 0ae1bbf selftest: Set the correct hostname
new 6ef0a64 s3-script: Install the findsmb script
new 1cc5f8f ctdb: set the path to 'ctdb' in 'functions' in CTDB
new 22f4e8c ctdb: make sure scripts using $CTDB called by test find ctdb
new c904cb0 ctdb: use properly configured ctdb in functions
new 09d8fe7 ctdb: use properly configured ctdb in ctdbd_wrapper
new 6d2d6a3 ctdb: use properly configured ctdb in 00.ctdb
new d277e29 ctdb: use properly configured ctdb in 01.reclock
new c9da418 ctdb: use properly configured ctdb in 10.external
new 7805374 ctdb: use properly configured ctdb in 13.per_ip_routing
new 5dea37a ctdb: use properly configured ctdb in 10.interfaces
new 54cd189 ctdb: use properly configured ctdb in 70.iscsi
new 0b98c64 ctdb: use properly configured ctdb in 91.lvs
new d9a44ae ctdb: use properly configured ctdb in 99.timeout
new 80492a4 ctdb: use properly configured ctdb in statd-callout
new c598426 ctdb: use properly configured ctdb in debug-hung-script.sh
new d2379ca s3-winbind: Fix schannel connections against trusted domain DCs
new 467ea85 lib: Fix a signed/unsigned mixup
new 55529d0 libreplace: Add a closefrom() implementation
new 46916b2 lib: Add a little closefrom() test
new 4c408f6 libnet_join: use sitename if it was set by pre-join detection
new 169e8ae s3-libnetapi: Correctly check for lp_realm.
new 632faa8 s3-libnet: Print error string even on successfuly completion of libnetjoin.
new 234a470 s3:libnet: accept empty realm for AD domains when only security=domain is set.
new df07996 librpc/ndr: add flag LIBNDR_FLAG_NO_COMPRESSION
new a51f998 librpc/dns: don't compress strings in TKEY and TSIG responses
new bea4aec librpc/dns: remove original_id from dns_fake_tsig_rec
new 8ed125e s4/dns_server: include request MAC in TSIG response MAC calculation
new 830316c s4/dns_server: split out function that does the MAC computation
new c1fca8f s4/dns_server: not finding the key here is a fatal error
new 77c5bfd s4/dns_server: ensure we store the key name in error code paths
new 8b4a2dc s4/dns_server: error codes for failing MAC verification in TSIG requests
new 8f46bf2 s4/dns_server: don't compute TSIG MAC in TSIG error records
new ba683d4 s4/dns_server: prepare sending correct error responses for dns_verify_tsig() errors
new 88700e7 s4/dns_server: enable sending of TSIG error records
new 721b21b selftest: add test for DNS updates with TKEY/TSIG
new 9173f20 selftest: Rebase DrsBaseTestCase on SambaToolCmdTest
new 2d79b61 samba-tool: Improve fsmo handling
new 215c20b samba-tool domain join: Refuse to re-join a DC with a still-valid password
new 20eb605 s4-samr: Fix samr.QueryUserInfo level 1 primary group
new 533ded5 selftest: Expand tokenGroups test to also build nested groups
new afcb2b8 selftest: Expand tokenGroups test to also compare with samr.GetGroupsForUser
new 9dcf1d4 libcli/smb: Fix compiler errors when building with --address-sanitizer
new c86d508 libgpo: Fix compiler errors when building with --address-sanitizer
new c0a9302 s3-client: Fix compiler errors when building with --address-sanitizer
new 5e895c2 s3-libnet: Fix compiler errors when building with --address-sanitizer
new 4717688 s3-vfs/snapper: Fix compiler errors when building with --address-sanitizer
new 8d70553 s4-kcc: Fix compiler errors when building with --address-sanitizer
new d660e66 s4-libcli/raw: Fix compiler errors when building with --address-sanitizer
new 1a5f0c7 s4-samr: Rework GetGroupsForUser to use memberOf
new f2f6db8 selftest: Add alias membership to the tokengroups test
new 57e6b80 selftest: Test that primaryGroupID is first in samr.GetUserGroups() reply
new 7748f68 selftest: Check a user with only primaryGroupID is correct in samr.GetUserGroups() reply
new e37af46 drsuapi.idl: Add attid used in testing in idl
new 4b16cbd tests/drs: cleanup some whitespace
new de2e955 samba_dnsupdate: Fix typo in -no-substitutions name
new 789ec34 samba_dnsupdate: Work around a bug in nsupdate
new c9aefa9 samba_dnsupdate: Add a mode that calls samba-tool dns, rather than nsupdate
new e382249 dns_update_list: Add in NS records
new 72d5fa7 samba_dnsupdate: Allow admin to force a particular IP into samba_dnsupdate
new b1ab37e samba_dnsupdate: Simplify logic and add more verbose debugging
new 8f1659e samba_dnsupdate: Implement RPC <ZONE> prefix in dns_update_list
new 26b475f samba_dnsupdate: Give the administrator more detail when DNS lookups fail
new f5aaa1e selftest: Ensure we write 127. addresses into DNS
new ba22d29 selftest: Always set up a resolv.conf and use it in samba_dnsupdate
new f67a3c2 selftest: confirm samba_dnsupdate works in both nsupdate and samba_tool mode
new 9394e14 dns_server: Fix typo in dns_authoritative_for_zone() name.
new c752e93 selftest: Add a DNS test matching Windows
new 7f651d3 selftest: Remove print attribute from getnc_exop test
new b4d2e10 drs: Send DRSUAPI_DRS_GET_ALL_GROUP_MEMBERSHIP by default
new e2743b1 flapping: temporarily add samba_dnsupdate test
new c3dfeb3 s4: dns: Correctly check for talloc failure.
new 9a274d9 winbind: honor 'socket options' in winbind
new d2ebe2d libnet: only create local private krb5.conf if joining an AD domain
new ed6a423 tests/drs: extend getnc_exop test to check linked attributes
new 3f0be46 tests/drs: make cleanup more robust
new 4de5e7d tests/drs: assert sorted identifier GUIDs across getncchanges
new 2bb8e18 tests/drs: change sort order in tests to match Windows
new 2ce9f24 getncchanges: remove some whitespace
new 570237f getncchanges: sort with precalculated target guid array
new 8dc3110 getncchanges: Match Windows on linked attribute sort
new a896a92 repl: Avoid excessive stack use and instead sort the links in the heap
new 0c0b898 flapping: remove samba_dnsupdate from flapping
new 0fc95c1 selftest: Do not run local.ndr 3 times
new 61cb3a6 lib/ldb-samba: We can confirm a GUID is a GUID by length
new 341d06f selftest: Use the correct smb.conf for ldbsearch
new f6e4dc2 selftest: Remove unneeded sleep before first ldbsearch execution
new 1619cde selftest: Consistently check for provision return code
new d6fdf3b selftest: Fix indentation in wait_for_start()
new 2643275 selftest: Add newlines for info output
new fa5292a selftest: Remove nbt wait time
new e639cf1 s4: libcli: Internal SMB1 pid is already stored as and uses 32-bits. Correct getpid() cast.
new b4f9ac6 s3: libsmb: Widen the internal client smb1.pid to 32-bits as is used on the wire and in libcli/smb/smb1*.c
new 4206741 s3: smbd: Correctly reflect back SMB_PIDHIGH to a client.
new 4db1c7d s3: torture: Add test that proves Win2k12 correctly returns pidlow and pidhigh in SMB1 requests.
new 1e29a1c s3: smbd: Remove unused 'req' argument from setup_readX_header()
new 2ff3171 s3: smbd: Make setup_readX_header() externally accessible
new 6507336 s3: smbd: Use common function setup_readX_header() in aio read code.
new e57f9e1 s3: smbd: In reply_read_and_X() SMB1 server is overwriting part of the 'reserved' zero fields with reply data length.
new 747de99 s4: torture: Added raw readX test to ensure 'reserved' fields are zero.
new e3e8ce4 ctdb-protocol: Fix marshaling of uint arrays
new e173964 ctdb-protocol: Add checks to validate data on wire before unmarshaling
new dcd1a43 ctdb-protocol: Add checks to validate data on wire before unmarshaling
new a978113 ctdb-tests: Improve ctdb protocol tests
new de88bfc s4-kdc: Rename heimdal KDC files
new 8a0b058 krb5_wrap: Add smb_krb5_mk_error()
new c5a02e8 s4-kdc: Use smb_krb5_mk_error() in kdc implemenation
new 5ddfe5e s4-kdc: Use smb_krb5_mk_error() in kpasswd implementation
new 0314796 s4-kdc: Put the heimdal kdc config into a private data pointer
new cafd2d3 s4-kdc: Use better and simpler names for the kdc_process_ret enum
new 13661b6 s4-kdc: Move definitions to kdc-server.h
new f110662 s4-kdc: Move kdc_process_fn_t declaration to kdc-server.h
new dc350a3 s4-kdc: Move KDC socket structs to krb5-server.h
new 379ed08 s4-kdc: Rename proxy-heimdal.c to kdc-proxy.c
new 3da8932 s4-kdc: Create a kdc-proxy.h header file
new 3de3f64 s4-kdc: Move KDC packet handling functions to kdc-server.c
new 9379a86 s3/net: print returned addresses in dns gethostbyname
new ea3ca6b selftest: Kerberos auth with netbios alias SPNs
new 92cfd1e torture: Add tests for trim_string()
new 2513d5e lib/util: Optimise trim_string() to use a single memmove(3)
new 0c04f5f selftest: make samba3.blackbox.smbclient_tar as flapping
new 33baf1c pidl/ws: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
new c5b598d pidl/ws: fix -Wmissing-prototype
new 5489855 pidl/ws: enhance dissector
new 30e7be5 pidl/ws: Fix Dead Store (Dead assignement/Dead increment) warning found by Clang
new 82f3f25 pidl/ws: fix indent (use 4 tabs) and remove trailing whitespace
new e3d15db pidl/ws: fix Assigned value is garbage or undefined found by Clang Analyzer
new fda6c78 pidl/ws: Remove #pragma warning (MSVC)
new ad99cfb pidl/ws: Eliminate e_uuid_t in favor of e_guid_t
new bce8543 pidl: use https urls and update dead msdn link
new cafb68f pidl/ws: avoid trailing tabs
new 4981890 pidl/ws: remove any starting _ in WS field names
new 57bc1ce pidl/ws: Remove pinfo->private_data from DCERPC dissectors.
new 0d209ea pidl/ws: dereference pointers when passing name param.
new 372b41e pidl/ws: Add HEADER START/HEADER END in ws dissector
new b18d075 pidl/ws: whitespace cleanup
new 97eda22 pidl/ws: Document CODE_START and HEADER_START
new deabf7a pidl/ws: directly use `di` param instead of casting `private_data` member.
new 8a691e5 pidl/s4/python: typo in comment
new 0757c57 pidl/ws: fix failing tests
new 2d348bd pidl/ws: fix missing $name when generating MAPI dissector
new fd7bad4 ctdb-daemon: Do explicit check for integer values
new 2828b9a ctdb-daemon: Explicitly assign boolean values
new a21a4de ctdb-locking: Conditionally set real-time priority in lock helper
new da91b70 ctdb-locking: Avoid real-time in lock helper if nosetsched option is set
new fc7e863 ctdb-scripts: Add new configuration variable CTDB_NOSETSCHED
new 7d9a876 ctdb-tests: Update local daemons tests to use CTDB_NOSETSCHED
new af08cb2 source4/scripting: add an option to samba_dnsupdate to add ns records.
new 6083e62 ctdb-daemon: make bool assignment more obvious
new 345cfae smbd: Fix a signed/unsigned hickup
new 7720d04 Revert "s3:libnet: accept empty realm for AD domains when only security=domain is set."
new e29d8f1 libnet: ignore realm setting for domain security joins to AD domains if 'winbind rpc only = true'
new c0704d9 s3: libsmb: Correctly trim a trailing \\ character in cli_smb2_create_fnum_send() when passing a pathname to SMB2 create.
new 8e88ab7 util: Fix a possible null pointer dereference
new 7bac35e librpc: Check for negative return value of socket_get_fd()
new 5499cff s3-torture: Do some code hygiene in the ldb test
new f01f424 s4-dsdb: Fix a possible NULL pointer dereference
new a737efe s4-ntlm: Fix a NULL pointer dereference in error path
new 281e11b dcerpc.idl: add DCERPC_NCACN_{REQUEST,RESPONSE}_DEFAULT_MAX_SIZE
new 7413e73 s4:librpc/rpc: allow a total reassembled response payload of 240 MBytes
new 3f36d31 s4:rpc_server: use a variable for the max total reassembled request payload
new 22d1d7d s3-ctdb: Fail CTDB connection only on INACTIVE state
new 8b91178 smbget: Fix a memory leak
new f479a1f nsswitch: Fix wbclient torture_assert_wbc_ok_goto_fail macro
new 2ae4086 nsswitch: Fix memory leak in test_wbc_pingdc()
new 4961362 nsswitch: Fix memory leak in test_wbc_get_sidaliases()
new 9b732c2 nsswitch: Fix memory leak in test_wbc_pingdc2()
new 6a620ad nsswitch: Fix memory leak in test_wbc_domain_info()
new e9fabe3 nsswitch: Fix memory leak in test_wbc_users()
new 3c9f081 nsswitch: Fix memory leak in test_wbc_groups()
new 539116e nsswitch: Fix memory leak in test_wbc_trusts()
new 9316a80 s3-libnet: Add a comment to make cleaŕ we want to fall through
new 1847556 ctdb-recovery-helper: Fix a comment
new 600cec4 ctdb-recovery: Terminate if recovery fails without any banning credits
new 40258f5 smbd: Fix a valgrind error
new d9e242e dcerpc.idl: remove unused DCERPC_NCACN_PAYLOAD_MAX_SIZE
new 200864f s4:server_named_pipe: make sure we use lower case pipe name
new 9f3bdc8 s4:rpc_server: context_id fields of presentation contexts are just 16bit
new 8a5eaaf s4:rpc_server: remove unused '_unused_auth_state'
new f360f47 s4:rpc_server: remove unused dcesrv_connection_context->assoc_group
new d491c6c s3:rpc_client: remove unused rpc_pipe_client->max_recv_frag
new 505a4e6 s4:rpc_server: parse auth data only for BIND,ALTER_REQ,AUTH3
new e05c732 s4:librpc/rpc: don't ask for auth_length if we ask for auth data only
new f386e81 librpc/rpc: let dcerpc_pull_auth_trailer() only accept auth_length!=NULL or auth_data_only=true
new 3f7e3ed librpc/rpc: let dcerpc_pull_auth_trailer() check that auth_pad_length fits within the whole pdu.
new aef0323 librpc/rpc: ignore invalid auth_pad_length values in BIND, ALTER and AUTH3 pdus
new 7d8edcc s4:rpc_server: generate the correct error when we got an invalid auth_pad_length on BIND,ALTER,AUTH3
new c49f9ab python/tests: add auth_pad test for the dcerpc raw_protocol test
new 030fd72 s3-ctdb: Return an error when unexpected reply is received
new c8c67c9 s3/smbd: add helper func dos_mode_from_name()
new 1be8770 s3/smbd: call dos_mode_from_name after SMB_VFS_GET_DOS_ATTRIBUTES()
new f2a53ef s3/smbd: move check for "hide files" to dos_mode_from_name()
new 36b7cff s3/smbd: only use stored dos attributes for open_match_attributes() check
new 2db5c10 s4/torture: add a test for dosmode and hidden files
new becc43b krb5_wrap: Fix build error when not using heimdal.
new 8813faf libutil: Support systemd 230
new 1bd56a0 selftest: Avoid running local.nss test against ad_dc_ntvfs
new 947996b selftest: Do not run winbind tests against ad_dc_ntvfs
new 2aeae27 dsdb: Provide shortcuut for repl_meta_data avoiding search of link targets
new ea86f5e dsdb: Fix use-after-free of parent_dn in operational module
new f5ca34e dsdb: Only fetch changed attributes in replmd_update_rpmd
new 4304eac librpc: Avoid talloc in GUID_from_data_blob()
new ab4cd63 ldb: Allow repl_meta_data to override the O(^2) loop checking for duplciates
new 4fb2363 ldb: Do not allocate the extended DN name
new 5fe2607 dsdb: Apply linked attribute backlinks as we apply the forward links
new bbf0532 dsdb: Avoid talloc() calls in dsdb_get_extended_dn_*()
new 552fc4a dsdb: Make less talloc() for parsed_dn.guid
new 1ce7721 Revert "source4/scripting: add an option to samba_dnsupdate to add ns records."
new 3076b1e selftest: add save.env.sh helper script.
new 582f506 librpc/tools: correctly validate relative pointers in ndrdump
new 9722f06 librpc/ndr: add support for NDR_ALIGN* to ndr_push_short_relative_ptr2()
new 959384f samba-tool: really deprecate 'samba-tool user add'
new 1e69c58 s4:dsdb/tests: make user_account_control.py executable
new 1bbab37 s4:dsdb/tests: use ncacn_ip_tcp:server[seal] for samr connections
new 6a73b5f s4:dsdb/tests: use GENSEC_SEAL for ldap connections in sam.py
new 82d2b99 s4:dsdb/tests: let the user_account_control.py test recover from a previous failure
new 8156cd7 s4:dsdb/tests: improve error message in test_new_user_default_attributes()
new e2a0dd9 s4:dsdb/repl_meta_data: pass now to replmd_add_fix_la
new c38a717 s4:selftest: run samba4.ldap.password_lockout.python only against ad_dc_ntvfs
new 05fec3e s4:dsdb/tests: use more useful userAccountControl/pwdLastSet values in the urgent_replication test
new 011d849 s3:pdb_samba_dsdb: fix calucating of dsdb_flags
new e68a9d2 s4:dsdb/samdb: allocate DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID
new 5980d12 s4:dsdb/samldb: add DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET_OID when defaulting pwdLastSet=0
new 88b7cfa s4:dsdb/samdb: allocate DSDB_CONTROL_PASSWORD_USER_ACCOUNT_CONTROL_OID
new b74eac8 s4:samldb: pass down DSDB_CONTROL_PASSWORD_USER_ACCOUNT_CONTROL_OID with changed userAccountControl details
new 3b15a7a s4:dsdb/common: add some const to helper functions
new 58e2d65 s4:dsdb/password_hash: use full NTTIME resolution for pwdLastSet
new 94e0afb s4:dsdb/password_hash: split out a password_hash_needed() function
new fec7d40 s4:dsdb/password_hash: split out a update_final_msg() function
new 0a79948 s4:dsdb/password_hash: make the variable names in setup_io() more clear
new 5e48dbb s4:dsdb/password_hash: leave the current value of pwdLastSet as 0 an add
new 02be8a1 s4:dsdb/password_hash: move the check for old passwords into setup_io()
new f3ce752 s4:dsdb/password_hash: call ndr_pull_supplementalCredentialsBlob in setup_io()
new 8ca1c02 s4:dsdb/password_hash: remember if we need to update the passwords and/or pwdLastSet
new 8262ec9 s4:dsdb/password_hash: move ldb_msg_add_empty() calls to update_final_msg()
new 786ee29 s4:dsdb/password_hash: create a shallow copy of the client message for the final update
new cad741c s4:dsdb/password_hash: only set pwdLastSet if required
new 9baae34 s4:dsdb/password_hash: make the DSDB_CONTROL_PASSWORD_BYPASS_LAST_SET code path more robust
new e536dbd s4:dsdb/password_hash: handle the DSDB_CONTROL_PASSWORD_DEFAULT_LAST_SET control
new cada33b s4:dsdb/password_hash: make it possible to specify pwdLastSet together with a password change
new b6933b2 s4:dsdb/password_hash: allow pwdLastSet only changes
new 97534ff s4:rpc_server/samr: only set pwdLastSet to "0" or "-1"
new 1d808bb s4:dsdb/password_hash: only allow pwdLastSet as "0" or "-1"
new bafa016 s4:dsdb/samldb: fix comment "lockoutTime" reset as per MS-SAMR 3.1.1.8.10
new f77c82d s4:dsdb/samldb: pwdLastSet = -1 requires Unexpire-Password right
new e0777da s4:dsdb/tests: add pwdLastSet tests
new a8c737f s3:utils/net: Add new option 'unregister' in 'net ads dns' command.
new 5e346af winbindd/idmap_rfc2307: fix a crash
new 9be9181 winbindd: in wb_lookupsids return domain name if we have it
new aa54fa4 selftest: make autorid the default idmap backend in admember_rfc2307
new 2a322a7 selftest: test idmap backend id allocation for unknown SIDS
new 4856906 s3: tldap: Remove asynchronous calls to gensec_update_send()/_recv() as for the spnego backend they're synchronous anyway.
new 6318615 s3: tldap: Make tldap_gensec_bind_send()/tldap_gensec_bind_recv() static.
new 874a9d9 libnet: Fix CID 1362934: CHECKED_RETURN
new 4e20d24 ldb: Fix CID 1362935: CHECKED_RETURN
new ed4af82 s4/selftests: test net ads dns register/unregister.
new 04967d6 s3: tdb: On some platforms pthread_mutex_trylock() returns EBUSY not EDEADLK.
new ca0332e selftest: Skip smbtorture_s3 tests against ntvfs
new 2240aff selftest: Skip the Samba4 rap tests
new 32d10fd selftest: Skip s4 smb2 rename tests
new 82f0c72 selftest: Remove samba4 delaywrite tests we skip
new bba66ca selftest: Remove samba4.smb2.compound tests we skip
new 9da97e5 selftest: Skip also s4 base.createx_sharemodes_dir
new 1be45ab selftest: Skip the samba4.raw.eas tests
new 826f619 s3-winbind: Fix memory leak with each cached credential login
new 1d4b20d s4: ldb: Ignore case of "range" in sscanf as we've already checked for its presence.
new 4524f59 tsocket: Do not dereference a NULL pointer
new 4034c0a auth/auth_sam_reply: add some const to input parameters
new 92141c6 s4:kdc: add some const to samba_get_logon_info_pac_blob()
new fdcdf34 krb5pac.idl: add PAC_CREDENTIAL related structures
new 9be4860 s4:auth/sam: use "msDS-UserPasswordExpiryTimeComputed" instead of samdb_result_force_password_change()
new 86b9bf9 s4:rpc_server/samr: use "msDS-UserPasswordExpiryTimeComputed" instead of samdb_result_force_password_change()
new a5efb21 s4:kdc: use "msDS-UserPasswordExpiryTimeComputed" instead of samdb_result_force_password_change()
new e81d25a s4:dsdb/common: remove unused samdb_result_force_password_change()
new f9989f2 s3:winbindd: pass 'interactive' down through winbindd_dual_auth_passdb()
new b73cb40 s4:auth_sam: don't allow interactive logons with UF_SMARTCARD_REQUIRED
new 8ac4218 s4:kdc: don't allow interactive password logons with UF_SMARTCARD_REQUIRED
new 9a81861 samdb.py: add smartcard_required option to newuser()
new 7ffffc9 samba-tool: add --smartcard-required option to 'samba-tool user create'
new 04f8ee3 samba-tool: do a password retype validation check for 'samba-tool user setpassword'
new cc262af samba-tool: add 'samba-tool user setpassword --smartcard-required/--clear-smartcard-required'
new 5e4928c test_pkinit_heimdal.sh: add a helper VARIABLE to store the certificate paths
new 8a74d8e test_pkinit_heimdal.sh: add a FILE: prefix to the KRB5CCNAME variable
new a35a5e9 s4:dsdb: add some const to {samdb_result,dsdb}_effective_badPwdCount()
new 1acd477 s4:auth/sam: only reset badPwdCount when the effetive value is not 0 already
new 869616c s4:auth/sam: don't update lastLogon just because it's 0 currently
new 853c2a6 s4:auth/sam: update the logonCount for interactive logons
new 9e6c22d s4:dsdb/tests: let password_lockout.py reduce the values for lockoutDuration and lockOutObservationWindow
new 58173f2 s4:dsdb/tests: let password_lockout.py cross-check the lastLogon value with samr
new 27d6846 s4:dsdb/tests: let password_lockout.py make the LDAP error string checks more useful
new 7b7d7be s4:dsdb/tests: let password_lockout.py add a _readd_user() helper function
new 26a96d2 s4:dsdb/tests: let password_lockout.py make use of the _readd_user() helper function
new 025e573 s4:dsdb/tests: let password_lockout.py let _readd_user() return the ldb connection as user
new a9722a1 s4:dsdb/tests: let password_lockout.py pass username,userpass optionally to insta_creds()
new f301623 s4:dsdb/tests: let password_lockout.py use user{name,pass,dn} variables in _readd_user()
new 860c6b1 s4:dsdb/tests: let password_lockout.py pass creds as argument to _readd_user()
new 73fb24c s4:dsdb/tests: let password_lockout.py use _readd_user() for testuser3 too
new da4e419 s4:dsdb/tests: let password_lockout.py make use of self.addCleanup() to cleanup objects
new f03d490 s4:dsdb/tests: let password_lockout.py use userdn variables in all functions
new e760319 s4:dsdb/tests: let password_lockout.py use other_ldb variables instead of self.ldb3
new a37eef6 s4:dsdb/tests: let password_lockout.py use userpass variables in all functions
new 2c46122 s4:dsdb/tests: let password_lockout.py use creds and other_ldb as function arguments
new 4b35d54 s4:dsdb/tests: let password_lockout.py copy user{name,pass} from the template in insta_creds()
new ca874c2 s4:dsdb/tests: let password_lockout.py verify more fields in _readd_user()
new 72d16f9 s4:dsdb/tests: let password_lockout.py test with all combinations of krb5, ntlmssp and lockOutObservationWindow
new 20ad79f s4:dsdb/tests: let password_lockout.py validate the lastLogon and lastLogonTimestamp interaction
new 193de1c s4:dsdb/tests: let password_lockout.py verify the logonCount values
new 70cc56d lib/param: add lpcfg_sam_dnsname() helper function
new b6c4c08 auth.idl: add user_principal_* and dns_domain_name to auth_user_info
new 432e83b s4:auth: make use of lpcfg_sam_name() in authsam_get_user_info_dc_principal()
new 6257003 s4:auth: fill user_principal_* and dns_domain_name in authsam_make_user_info_dc()
new b67ea0e s4:auth/kerberos: improve error message in kerberos_pac_to_user_info_dc()
new 5ddf5ad auth/auth_sam_reply: let make_user_info_dc_netlogon_validation() correctly handle level 6
new b8068e0 auth/wbc_auth_util: fill in base.logon_domain in wbcAuthUserInfo_to_netr_SamInfo3()
new 3eba60a auth/wbc_auth_util: change wbcAuthUserInfo_to_netr_SamInfo* from level 3 to 6
new aee33fc auth/auth_sam_reply: add auth_convert_user_info_dc_saminfo6() and implement level 3 as wrapper
new a872670 auth/auth_sam_reply: add auth_convert_user_info_dc_saminfo2() helper function
new 49bc18f auth/auth_sam_reply: do a real copy of strings in auth_convert_user_info_dc_sambaseinfo()
new 5128a87 s4:rpc_server/netlogon: initialize pointer to NULL in dcesrv_netr_LogonSamLogon_base()
new 3b94fde s4:rpc_server/netlogon: make use of auth_convert_user_info_dc_saminfo{2,6}()
new 74bccb3 auth/auth_sam_reply: make auth_convert_user_info_dc_sambaseinfo() a private helper
new 0fd4943 netlogon.idl: make netr_SidAttr public
new 4406cf7 krb5pac.idl: introduce PAC_DOMAIN_GROUP_MEMBERSHIP to handle the resource groups
new 8b7d92b librpc: add decode_netlogon_samlogon_response_packet for mailslot debugging.
new f13d07e s3/winbindd: use == -1 instead of < 0 for error checking uid_t
new 2352e49 selftest: Add test for domain join + kerberos-only auth
new 1444196 testprogs/blackbox: Improve the net ads dns register tests.
new 64244f9 lib: talloc: Rename talloc_XXX() internal functions that take a 'struct talloc_chunk *' to tc_XXX().
new 58f987d lib: talloc: Change __talloc_with_prefix() to return a struct talloc_chunk *.
new 5bc592d lib: talloc: Change __talloc() to return a struct talloc_chunk *.
new 2bfccbf lib: talloc: Change _talloc_set_name_const() to _tc_set_name_const()
new 192c757 lib: talloc: Add _vasprintf_tc() which returns the struct talloc_chunk *, not the talloc'ed pointer.
new c6d458e lib: talloc: Rename talloc_set_name_v() to tc_set_name_v(). Make it take a struct talloc_chunk *tc as the first argument.
new 94a7284 lib: talloc: Call talloc_chunk_from_ptr() less often in __talloc_with_prefix()
new d2a5927 lib: talloc: Rename the internals of _talloc_free_internal() to _tc_free_internal().
new fde0d0d lib: talloc: As _tc_free_internal() takes a struct talloc_chunk *, add an extra paranoia check against destructor overwrite.
new f877191 lib: talloc: As we have a struct talloc_chunk * in _talloc_free_children_internal(), use it to call _tc_free_internal() directly.
new d820b04 lib: talloc: Add check for destructor protection.
new 7700ee8 tdb: avoid many fcntl calls when incrementing seqnum
new 2d7ba83 ctdb-tests: Remove unused tests from IP takeover test harness
new fcc373e ctdb-tests: Simplify read_ctdb_public_ip_info() using new function add_ip()
new 4d20bab ctdb-tests: Don't bother setting all_ips
new 09924d9 ctdb-tests: Drop all_ips argument from read_ctdb_public_ip_info()
new 067a611 ctdb-tests: Drop CTDB_TEST_MAX_IPS
new cd5ed37 ctdb-tests: read_ctdb_public_ip_info() reads all test input
new 5d148ce ctdb-tests: Assign known and available arrays via pointers.
new 5f95240 ctdb-tests: Build a node map instead of a hacky node flags array
new 27a2608 ctdb-tests: Drop CTDB_TEST_MAX_NODES
new 03b300e ctdb-ipalloc: Move if-statement with broken condition
new c92aa61 ctdb-ipalloc: Drop an unnecessary check
new 1ec7de6 ctdb-ipalloc: Do not use node count or PNNs from CTDB context
new c86066c ctdb-ipalloc: Drop a use of CTDB_NO_MEMORY_NULL()
new 35644d0 ctdb-ipalloc: Drop remote IP verification
new a26d39e ctdb-recoverd: Drop code to change the IP assignment tree
new 58ada07 ctdb-tools: Don't bother sending CTDB_SRVID_RECD_UPDATE_IP
new 55f13b7 ctdb-ipalloc: Drop code to update IP assignment tree
new c09cf57 ctdb-ipalloc: Don't build a global IP tree
new 303ef82 ctdb-ipalloc: Clean up reloading of remote public IPs
new 1f5c4db ctdb-ipalloc: Remove function ctdb_reload_remote_public_ips()
new 5c47c35 ctdb-ipalloc: New function ipalloc_set_public_ips()
new e8ff433 ctdb-ipalloc: Move create_merged_ip_list() into ipalloc
new 695da51 ctdb-ipalloc: Drop known public IPs from IP allocation state
new c5d85a0 ctdb-ipalloc: New function ipalloc_can_host_ips()
new 86f7c4d ctdb-ipalloc: Fix buggy short-circuit when no IPs are available
new 64361d9 ctdb-ipalloc: Make no_ip_failback a boolean
new 38f4616 ctdb-ipalloc: Pass extra data to IP allocation state initialisation
new ee7fc25 ctdb-ipalloc: Move ipalloc state initialisation to ipalloc.c
new 2eb0b9e ctdb-ipalloc: Switch set_ipflags_internal() to use a new-style node map
new 21adcd3 ctdb-ipalloc: Move set_ipflags_internal() to ipalloc
new 41a14e7 ctdb-ipalloc: ipalloc() returns public IP list
new 445860b ctdb-ipalloc: IP allocation state is now an opaque structure
new ed2988c ctdb-tests: Drop use of CTDB context from takeover test
new 7d5a81e ctdb-tests: Allow takeover tests to be run under valgrind
new a2124a1 ctdb-ipalloc: Drop implicit dependency on ctdb-common
new 5a0d1b7 ctdb-tests: Link to ctdb-ipalloc instead of using ctdbd_test.c
new 878fa6e check-password-script: Allow AD to execute these scripts
new ef0cbc5 selftest: add check password script test
new 2129515 check_password_script: Add a DEBUG message for timeouts
new 7315256 param: fix a typo emtpy -> empty
new fa7212a tevent: typo in documentation
new 1a2427d typo: componemt => component
new 2840ebc typo: mandetory -> mandatory
new 965361a password_hash: Make an error message clearer
new 978bc86 kerberos: Return enc data on PREAUTH_FAILED
new e6818c8 ctdb-recoverd: Improve election win messages
new 7c8c6ce ctdb-daemon: Improve log message
new 3da13a8 ctdb-client: Add sync version of sending multiple messages
new 5ce8ac8 ctdb-client: Fix ctdb_rec_buffer traversal routine
new 5e2bd64 ctdb-client: Add async version of delete_record
new f0e331b ctdb-client: Fix implementation of delete_record
new f00319f ctdb-client: Use async version of delete_record in g_lock unlock
new 3888439 ctdb-client: Factor out ctdb_client_get_server_id function
new 3ed3d46 ctdb-client: If g_lock lock conflicts, try again sooner
new 8b8e73a ctdb-client: Fix g_lock implementation
new b762d77 ctdb-client: Release g_lock lock before retrying
new 4ff8f60 ctdb-client: Remove commented old g_lock implemention code
new da03f58 ctdb-client: Release the g_lock record once the update is done
new 37f587d ctdb-client: During transaction commit fetch seqnum locally
new f721035 ctdb-client: Fix implementation of transaction start
new f1b6bdb ctdb-client: Fix implementation of transaction commit
new 8310722 ctdb-client: Add async version of transaction cancel
new 1bd97e6 ctdb-client: Fix implementation of transaction cancel
new a660630 ctdb-client: Add debug messages to client db api
new d9b6cd0 ctdb-client: Expose ctdb_ltdb_fetch in client API
new e582d21 ctdb-ib: Include system/wait.h for signal
new ca35d81 ctdb-daemon: Check if method is initialized before calling
new 5a67bb4 ctdb-pmda: CTDB client code does not require ctdb->methods
new 9f54b6b ctdb-daemon: Log ctdb socket in the main daemon
new c9d61db ctdb-build: Exit if requested feature cannot be built
new a646d9e s3-libads: fix a memory leak in ads_sasl_spnego_bind()
new 77f3730 auth: fix a memory leak in gssapi_get_session_key()
new 20319ba gensec: Change log level for message when obtaining PAC from gss_get_name_attribute failed
new aa5b6f6 ctdb-scripts: Drop optional argument to nfs_check_services()
new 850863a ctdb-scripts: Export CTDB_BASE in functions file
new f227c26 ctdb-scripts: Update script boilerplate to avoid shellcheck warnings
new eabeecb ctdb-scripts: Fix incorrect variable reference
new c7ed73a ctdb-scripts: Fix incorrect variable reference
new 15ed9ad ctdb-scripts: Use globs instead of ls to list files
new 85b1cbb ctdb-scripts: Fix incorrect variable reference
new 9ec9e6f ctdb-scripts: Quote some variable expansions
new 60375ab provision_fill: move most db accesses into transactions
new c76b009 provision_fill: move GPO into transaction
new 6e37854 provision: Ignore duplicate attid and governsID check
new 3175d5f ldb: Avoid use-after-free when one error message is printed into another
new bad502f schema: Make the fetch of the schema version fast
new 5abcdd5 dsdb: Remove use of schema USN in samldb_add_handle_msDS_IntId
new 2a90606 dsdb: Remove 120 second delay and USN from schema refresh check
new 51d2779 schema: Reorder dsdb_set_schema() to unlink the old schema last
new bc3473e s4-torture: Add torture_check_krb5_error() function
new 860d465 s4-torture: Add AES and RC4 enctype checks
new 38b7bed s4-dsdb: Add missing header file for write() and close()
new 3be06be selftest: Do not use the deprecated samba-tool user add
new 68879fd security.idl: add SID_NT_NFS S-1-5-88* sids
new b74ff8c libcli/auth: remove unused variable in msrpc_parse()
new 171e87f s3:libsmb/clirap: remove unused cli_get_server_*() functions
new ef1a66d testprogs: Do not use the deprecated samba-tool user add
new d81bffa CVE-2016-2019: libcli/smb: don't allow guest sessions if we require signing
new 53a1248 CVE-2016-2019: s3:libsmb: add comment regarding smbXcli_session_is_guest() with mandatory signing
new f76a429 CVE-2016-2019: s3:selftest: add regression tests for guest logins and mandatory signing
new 1ca71aa s4:dsdb/samdb: add DSDB_FLAG_INTERNAL_FORCE_META_DATA
new d243996 s4:samba_dsdb: add "dsdb_flags_ignore" module
new 3f66ccd tests:samba3sam: make use of the dsdb_flags_ignore module
new c7307fb selftest/flapping: mark samba4.drs.repl_move.python as temporary flapping
new b0501a1 s4:dsdb/common: add a replication metadata stamp for an empty logonHours attribute
new 26d117c s4:dsdb/password_hash: force replication meta data for empty password attributes
new 2a44b69 Revert "selftest/flapping: mark samba4.drs.repl_move.python as temporary flapping"
new 769230a s4:torture/drs: verify the whole metadata array to be the same in the repl_move tests
new 657e314 schema: Remove unnecessary schema reload code
new f060811 schema: raise debug level
new ae2bd00 samba-tool: Add success message to samba-tool drs replicate --local
new eeb0c97 samba-tool: Add --local-online mode to samba-tool drs replicate
new 6e4e914 selftest: Add more tests for samba-tool drs replicate
new 49cd4c9 drsuapi.idl: add DRSUAPI_ATTID_operatorCount and DRSUAPI_ATTID_adminCount
new 6d4c485 s4:dsdb/samdb: add const to dsdb_make_object_category()
new 73d9f8b s4:password_hash: correctly update pwdLastSet on deleted objects.
new 5287e40 s4:dsdb/repl_meta_data: sort preserved_attrs and add "msDS-PortLDAP"
new 0350e3a s4:dsdb/repl_meta_data: remove secret attributes on delete
new 272d647 s4:dsdb/common: prepare dsdb_user_obj_set_defaults() for tombstone reanimation
new c16b30c s4:dsdb/tombstone_reanimate: restructure the module logic
new 7bfefa9 s4:dsdb/tests: make use assertAttributesEqual() in RestoreUserObjectTestCase()
new 16d3660 s4:dsdb/tests: make tombstone_reanimation.py executable
new cf19ab6 s4:dsdb/tests: improve tombstone_reanimation varifications
new 55932d7 s4:dsdb/tests: improve the RestoreUserObjectTestCase test
new 7ea5ec0 s4:dsdb/tests: add RestoreUserPwdObjectTestCase test
new fb9af97 Revert "dsdb: Disable tombstone_reanimation module until we isolate what causes flaky tests"
new 89e67e3 Revert selftest: Add knownfail entry required to disable tombstone_reanimation
new 3a0c16b smbd/cleanupd: use smbd_reinit_after_fork()
new bb90a84 smbd/notifyd: use smbd_reinit_after_fork()
new 6efd0af s3-rpc_server/mdssd: use smbd_reinit_after_fork()
new 4c4c3e0 tests/dns_update: Add error message for diagnosis
new b32df94 autobuild: Don't compare socket wrapper so_path for xc check
new c1c2a1c swrap: Build socket_wrapper path relative to blddir
new 2f95ada ctdb: fix autotest with socket-wrapper installed in the system
new 1184931 ctdbd_conn: split ctdbd_init_connection()
new 84da49f ctdbd_conn: add ctdbd_reinit_connection()
new c6373ab s3-messaging/ctdb: split messaging_ctdbd_init()
new f9913813 s3-messaging/ctdb: add messaging_ctdbd_reinit()
new a391e92 s3-messaging: use messaging_ctdbd_reinit() in messaging_reinit()
new 2672968 libads: ensure the right ccache is used during gssapi bind
new a1743de libads: ensure the right ccache is used during spnego bind
new 792f89c Fix typo in python/samba/provision/__init__.py
new 9d29593 tevent: Clarify apparently useless conditions
new e8bab7e libsmb:namequery: fix typo in comment in get_dc_list()
new 25fee06 selftest: check for winbind on 1-second basis
new ce8de54 selftest: check for smbd on a 1-second basis.
new cc339b0 libads: improve debug messages in sitename_fetch()
new cea4a4b tests: Allow alternative error code for backupkey test
new 2d3fdc0 pyrpc: Allow control of RPC timeout for IRPC
new b9b6443 samba-tool drs replicate: Allow replication call to take as long as required
new ba8e868 dsdb: Avoid search on * in replmd_replicated_apply_next()
new 8a5a904 dsdb: Improve debugging during SD recursion failure
new b7d2132 Remove unused stf directory
new f18a920 selftest: Disable full audit logging in selftest
new f9db6fb smbtorture: Add smb2.maxfid
new be39b73 dsdb: Fix CID 1363810: Null pointer dereferences
new f818136 python/remove_dc: handle dnsNode objects without dnsRecord attribute
new 84992e3 rpc_server: add mssing '#pragma GCC diagnostic push'
new f6d4380 selftest: Add tunable for smb2.maxfid limit
new 5d85fd8 lib:dlinklist: avoid -Wtautological-compare errors with gcc6
new 2991f77 tevent: avoid -Wtautological-compare errors with gcc6
new 7c9505e ldb:dlinklist: avoid -Wtautological-compare errors with gcc6
new 05c400e lib: Print own pid in messaging_init
new aca68e5 lib: Avoid a "procid_is_local" call
new c3af7a3 lib: Allow NULL blob for messaging_send()
new 91a17e5 tdb: Don't malloc for every record in traverse
new f061ccc Revert "ldb:dlinklist: avoid -Wtautological-compare errors with gcc6"
new ff55218 Revert "tevent: avoid -Wtautological-compare errors with gcc6"
new a751b97 Revert "lib:dlinklist: avoid -Wtautological-compare errors with gcc6"
new a6ee401 build: avoid -Wtautological-compare errors from gcc6+ by disabling it globally
new 2df3fea dbcheck: Script swallows input when given a carriage return
new 3f04354 match_rules: Fix a duplicated check
new 4d7c782 match_rules: Make cleanup faster and more efficient
new ebed182 s4/dsdb/repl_meta_data: use local bool version of flag
new 5d20159 replmd_modify_delete: check talloc_new()
new b7b229a repl_meta_data: free context on error in replmd_modify_la_delete()
new 5ce969d dsdb: add vanish links control
new 4cb565b dsdb tests: add linked attribute tests
new 9d8e766 drs tests: querying linked attribute over DRS
new 00e828a link_attrs: Add tests for one way links (and pseudo one-way)
new 31ffe97 extended_dn_out: Force showing of one-way links if they exist
new ca839cf dbcheck: cache linkIDs and reverse attribute names
new 8edb8a7 flapping: Add dbcheck to flapping
new 0b14050 dbcheck: check for linked atributes that should not exist
new d8e7ffd s4/selftest/provisions/dump.sh: dump to target dir if supplied
new f2b2eff blackbox/dbcheck-oldrelease: more accurate temp filename
new 58acf51 dbcheck linked attribute tests: save environment with bad links
new 5361fc6 dbcheck: change argument to specify a partial --yes
new 8859103 tests/dbcheck: One way links are expected to be stale
new 93be59e dbcheck.sh: Fix the arguments supplied as $@
new 52ac6d1 dbcheck: Split out valid stale DN links and invalid ones
new 08d602b dbcheck.sh: Remove all the plausible stale links
new 88eeb3e flapping: Remove dbcheck from flapping
new 9d1883a renamedc: Make a more targeted dbcheck
new 7d84267 lib: Add server_id_watch_send
new d4ca284 dbwrap: Add "blocker" to record_watch_send
new e364e51 g_lock: Use "blocker" argument to dbwrap_record_watch_send
new a672379 dbwrap: Add overflow protection to dbwrap_record_watchers_key()
new 54d0dbe dbwrap: Add an alternative implementation of dbwrap_watch_record_send
new db22df4 lib: Convert g_lock to new dbwrap_watch
new 83e4e1a7 smbd: Convert locking.tdb to new dbwrap_watch
new f23b25c smbd: Convert smbXsrv_open_global.tdb to new dbwrap_watch
new db020b3 smbd: Remove a reference to dbwrap_watch_db()
new fb71692 dbwrap: Remove dbwrap_watchers.tdb based code
new fddee66 lib: Fix a signed/unsigned mixup
new 6bb41cf smbtorture: Correctly initialize notify request in smb2.notify.tree
new a5c51ae smbd: Allow passing notify filter from inotify and fam
new f83432b notify_inotify: Move mapping table to top of file
new 5a58a14 notify_inotify: Map inotify mask back to filter
new afc2417 s3/smbd: move make_default_filesystem_acl() to vfs_acl_common.c
new 961c4b5 vfs_acl_xattr: objects without NT ACL xattr
new d183261 build: Always build eventlog6. This is not a duplicate of eventlog
new 7483849 param: Correct the defaults for "dcerpc endpoint services"
new c48aef3 Remove unused and untested source4 ntptr and spoolss systems
new da66a89 repl: Remove check for parentGUID being NULL in dsdb_convert_object_ex()
new b5d6f7b ldb: Add better debugging to ldb_wait()
new 5568892 samba-tool: Put full command and subcommand in informative name when testing samba-tool
new 6145da6 selftest: Make repl_schema more robust by disabling replication before the test
new 3a787f4 selftest: Make repl_move more robust by disabling replication before the test
new fcb13cb selftest: Disable replication before doing forced pre-test replicate
new 6b458a1 drs: pass the forced-replication flag from DsReplicaSync to GetNCChanges
new e359875 selftest: Ensure we can call DRSUAPI_EXOP_REPL_OBJ with replication disabled
new 0b3f2c6 selftest: Disable all replication during most replication tests
new 6c460ec pytalloc: Add a warning about enable_null_tracking
new 12dce74 join.py: Remove talloc enable_null_tracking
new 929ec47 VLV tests: reduce test duplication hence elapsed time
new 8bb14af VLV tests: comment typo
new 31707cd VLV: fix handling with show_deleted and similar controls
new 465b7bf VLV tests: add tests with show_deleted control
new bbdace4 VLV tests: remove vestigial pdb stub
new a4f1ecf s3: smbd: Fix delete operations enumerating streams inside a file. This must always be done as a Windows operation.
new 99b8aca s3: torture: Regression test case to specify exactly how UNIX extensions should act on files with streams.
new 2bd3451 smbd: Don't stop sending to children when one send fails
new 8e27c19 smbd: sconn->sys_notify_ctx is not used
new 2c7bfdc smbd: Factor out notify_init
new ea47abc smbd: Add fsp_fullbasepath
new ed26f4b smbd: Avoid a talloc_asprintf
new 229c910 smbd: Add "path" to notify_remove
new 60fe61b smbd: "path" is no longer needed in notify_list
new 2779cae smbd: Make notify_callback() public
new d446e40 smbd: There's only one notify_callback
new 3caa8a1 smbd: Pass "sconn" via notify to notify_callback()
new 99b9f57 smbd: Protect notify_callback from stray pointers
new 16a1418 smbd: Remove "listel" from notify_msg
new 7404fef notify_msg: Deregister handler upon talloc_free
new 5371d2b smbd: Remember notifyd's serverid
new 0136141 smbd: Log which notifyd was found
new cf7fea2 smbd: Store notify filters in fsp->notify
new fef0c3d smbd: Restart notifyd
new fa96452 smbd: Re-register notify requests
new 698f651 notifyd: Move BlockSignals calls to server.c
new a464a89 samba-tool: Speed up all samba-tool commands
new 7fdb5d2c WHATSNEW: Add features added for Samba 4.5
new 5f57bcc ctdb-client: Fix incorrect variable reference
new fac60e5 ctdb-client: Fix access after free error
new d3c8902 ctdb-tools: Avoid uninitialised memory access
new 1be64cb s4:kdc: ignore empty supplementalCredentialsBlob structures
new 5c1ce0e s3:libnet_dssync_keytab: ignore empty supplementalCredentialsBlob structures
new f9a4d0d s4:dsdb/password_hash: explicitly set SUPPLEMENTAL_CREDENTIALS_SIGNATURE
new e9c9615 drsblobs.idl: mark supplementalCredentialsSubBlob as nopull,nopush
new 26d2ea3 drsblobs.idl: supplementalCredentialsSubBlob make it possible to parse strange blobs
new cde8ed2 torture: show the first differing byte and a dump in torture_assert_data_blob_equal().
new 5690bc9 s4-torture: rename torture_suite_add_ndr_pullpush_test to torture_suite_add_ndr_pull_validate_test.
new c30dcae s4:torture/ndr: add validation checks for strange supplementalCredentials blobs
new 9e82286 s4:torture/ndr: Add supplementalCredentials blobs from alpha13 and release_4_1_0rc3
new 7eab12f s4:torture/ndr: Add supplementalCredentials blob from Win2012R2
new 4f5dde6 krb5pac: no need for a noprint PAC_BUFFER.
new 8e45836 krb5pac: fix push/pull of subcontexts in PAC_BUFFER
new 3852770 krb5pac.idl: implement PAC_UPN_DNS_INFO correct
new 7741e02 s4-torture: add ndr krb5pac testsuite.
new 930dc1a s4-torture: add another krb5pac buffer to the ndr test.
new a6f672d torture: Add another sample of a PAC that broke the old PAC_UPN_DNS_INFO handling
new 0e201ec krb5pac/netlogon: add a comment regarding PAC_LOGON_INFO unique pointers on push
new bb64c55 krb5_wrap: provide CKSUMTYPE_HMAC_SHA1_96_AES_*
new 4e4cc8e s4:torture/ndr: make use of torture_suite_add_ndr_pull_validate_test() in krb5pac when possible
new 5437fdc s4:torture/ndr: add more krb5pac tests with PAC blobs from pkinit
new 91eb421 ctdb-scripts: Fix a bug in counter checking
new c7a730c ctdb-tests: Add reclock event script tests
new ca28a47 ctdb-tests: Add new vsftpd event script test
new 0d60ecf ctdb-tests: Add new httpd event script test
new 5cf45ed ctdb-tests: New event script test for corrupt TDB checking
new d52409d ctdb-scripts: Drop use of ctdb_standard_event_handler()
new 09a7a78 ctdb-scripts: Event script indentation and whitespace cleanups
new fc53256 ctdb-scripts: Drop use of service_tcp_ports
new 92d0d44 ctdb-scripts: Drop use of ctdb_check_counter from httpd event script
new 0825eff ctdb-scripts: Drop use of ctdb_check_counter from reclock event script
new 770fe1f ctdb-scripts: Drop use of ctdb_check_counter from vsftpd event script
new 113529f ctdb-scripts: Drop function ctdb_check_counter()
new 0ea90f6 ctdb-scripts: Avoid shellcheck warning SC2016 ($ in single quotes)
new efc9af2 ctdb-scripts: Avoid shellcheck warnings SC2030, SC2031 (subshell variables)
new 13b3c6a ctdb-scripts: Avoid shellcheck warning SC2004 ($ in arithmetic)
new f6c25a4 ctdb-scripts: Avoid shellcheck warning SC2034 (unused variables)
new 9255d64 ctdb-scripts: Avoid shellcheck warnings SC2046, SC2086 (double-quoting)
new b208ae7 ctdb-scripts: Avoid shellcheck warning SC2154 (unassigned variables)
new 0ca0026 ctdb-scripts: Avoid shellcheck warning SC1004 (backslash in quotes)
new fc858a1 ctdb-scripts: Avoid shellcheck warning SC2017 (arithmetic precision)
new 77341f6 ctdb-scripts: Avoid shellcheck warning SC2002 (useless cat)
new 987fd07 ctdb-scripts: Avoid shellcheck warnings SC2119, SC2120 (function arguments)
new b0c1dbf ctdb-scripts: Avoid shellcheck warning SC2015 (A && B || C)
new f43df8f ctdb-scripts: Avoid shellcheck warning SC2039 (type command)
new d7f3b19 ctdb-scripts: Avoid shellcheck warning SC2039 (echo -n)
new 524eac9 ctdb-scripts: Avoid shellcheck warning SC2094 (read/write same file)
new e96c122 ctdb-scripts: Avoid shellcheck warning SC2039 (test -nt operator)
new d138cb8 ctdb-scripts: Avoid shellcheck warning SC2039 (non-portable ulimit options)
new 5e9aa57 ctdb-scripts: Avoid shellcheck warning SC2038 (find without -print0)
new 52b43d7 ctdb-scripts: Avoid shellcheck warning SC2012 (ls for file list)
new 8bd2c55 ctdb-scripts: Avoid chellcheck warning SC2012 (ls for file list)
new aa51875 ctdb-scripts: Avoid shellcheck warning SC2059 ($ in printf format)
new f19f44e ctdb-scripts: Avoid shellcheck warning SC2155 (declare, assign)
new dfa2c1d ctdb-scripts: Avoid shellcheck warning SC2124 (string=array)
new 355c49f ctdb-scripts: Avoid shellcheck warning SC2006 (legacy `..`)
new b51f604 ctdb-tests: Add new test support script for script install paths
new e0aae9f ctdb-tests: Add shellcheck test suite
new 5707a80 WHATSNEW: Samba-tool speed-up
new c11629b drepl: Fix a typo
new abb8d77 kcc: Make debug more scarce
new cad1473 selftest: Add more information when KCC fails
new 9dfd55c kcc: Prevent the KCC from doing work on the RODC
new 9206a10 samba_kcc: match translate connection from old KCC for RODC
new a5e0a2f samba_kcc: match translate connection from old KCC for RWDC
new 0c8e9a8 kcc: Make more fault tolerant on DC demotion
new 289d090 dbcheck: Replica locations can now be leftover
new 6212836 join.py: Ensure that all expressions are escaped
new 15ca517 join.py: Add Replica-Locations for DomainDNS and ForestDNS
new 5d470d2 join.py: Don't add replica locations without the backend
new 56771ec dbcheck/release-4-1-0rc3: Add a check regarding replica locations
new 3eb7fab dbcheck: Add a rule regarding replica locations
new 10f256a kcc: correct a typo in the debug messages
new fbc2628 samba_kcc: Enable the python samba_kcc
new f757836 WHATSNEW: Add the update for the samba kcc
new 47d95d2 ctdb-tests: Common code to wait for synchronization across cluster
new f0395de ctdb-tests: Common code to process commandline options
new 5fe216a ctdb-tests: Add torture test for g_lock functions
new 388fa2c ctdb-tests: Replace ctdb_bench with message_ring using new client API
new 2c27f300 ctdb-tests: Replace ctdb_fetch with fetch_ring using new client API
new bc157dc ctdb-tests: Replace ctdb_fetch_one with fetch_loop using new client API
new 5a510ec ctdb-tests: Replace ctdb_fetch_readonly_once with fetch_readonly using new client API
new c2e406c ctdb-tests: Replace ctdb_fetch_readonly_loop with fetch_readonly_loop using new client API
new 8cc069b ctdb-tests: Replace ctdb_transaction with transaction_loop using new client API
new f6d4f4d ctdb-tests: Replace ctdb_update_record with update_record using new client API
new a76fa36 ctdb-tests: Replace ctdb_update_record_persistent with update_record_persistent
new e98f7c2 ctdb-tests: Convert rb_test into a unit test
new 7ab5605 ctdb-tests: Rename ctdb_lock_tdb to lock_tdb
new 6ad8f46 ctdb-tests: Rename ctdb_porting_tests to porting_tests
new b8b6829 ctdb-tests: Remove unused tests code
new 3619a76 ctdb-tests: Add torture test for fetch functions
new 6bd0f1c ctdb-pcp-pmda: Reimplement using new client API
new 5e333b5 s4: torture: Don't crash if connections fail and treeXX variables are left as NULL.
new dd10c82 smbd: Enable leases by default
new 95e3d18 WHATSNEW: SMB 2.1 leases enabled by default
new c8f2bb1 WHATSNEW. Add text for Open File Description (OFD) locks.
new 9c994ba s3:ntlm_auth: call fault_setup() in order to get usefull backtraces
new 19b3712 s3:tests: add 'as user' to the test names in test_smbclient_auth.sh
new 7fd5629 s3:selftest: run smbclient_auth with a few more combinations
new 70827ca selftest: set "ntlm auth = yes" for now as a lot of tests rely on it
new cd8dfed docs-xml:smbdotconf: default "ntlm auth" to "no"
new 162c1f8 selftest: don't allow ntlmv1 for 'nt4_member' and 'ad_member'
new 1fd9271 WHATNEW: the default for "ntlm auth" is "no"
new a5591e5 pycredentials: add {get,set}_old_password()
new 67404ba pycredentials: add set_utf16_[old_]password()
new deb2a02 samba-tool: add 'user getpassword' command
new 3add197 python:samba/tests: add simple 'samba-tool user getpassword' test
new 4ef5266 python:samba/tests: verify the packages order in supplementalCredentials
new c8fb61c docs-xml:samba-tool.8: document "user getpassword" command
new c68cb6a samba-tool: add 'user syncpasswords' command
new 8791960 python:samba/tests: add simple 'samba-tool user syncpasswords' test
new d5541ef docs-xml:samba-tool.8: document "user syncpasswords" command
new eb33f73 docs-xml/smbdotconf: reference "unix password sync" with "samba-tool user syncpasswords"
new 39d194d .travis.yml: install libgpgme11-dev python[3]-gpgme
new f28d003 docs-xml/smbdotconf: add "password hash gpg key ids" option
new b66ff2f docs-xml/smbdotconf: reference "unix password sync" with "password hash gpg key ids"
new 81190f9 s4:dsdb/samdb: add configure checks for libgpgme
new 8d64999 drsblobs.idl: add package_PrimarySambaGPGBlob
new 763acdc s4:dsdb/samdb: optionally store package_PrimarySambaGPGBlob in supplementalCredentials
new f45a0ff samba-tool: add --decrypt-samba-gpg support to 'user getpasswords' and 'user syncpasswords'
new 3e9a6c8 selftest:gnupg: add a gpg key for Samba Selftest <selftest at samba.example.com>
new d903338 s4:selftest: run samba.tests.samba_tool.user also against ad_dc:local
new a4efb11 selftest:Samba4: configure "password hash gpg key ids" for ad_dc (if available)
new bbe3a6a python:samba/tests: use 'samba-tool user {getpassword,syncpasswords}' with --decrypt-samba-gpg
new 88e968c s4:torture/ndr: Add supplementalCredentials blob from Samba with the new SambaGPG blob
new aaee982 WHATSNEW: add 'Password sync as active directory domain controller'
new 4a34070 WHATSNEW: recomment python-crypto and python-m2crypto
new 281b73f build: Add hints on what libraries to install for gpgme support on failure
new 4110d73 tevent: Save 32 bytes of .text in tevent_req_create
new 8e989a1 tevent: Save 140 bytes of .text in tevent_req_create
new 0dd1c65 tevent: Add overflow protection to tevent_req_create
new 2d9958e auth/credentials: also do a shallow copy of the krb5_ccache.
new fbd0610 s4:torture/remote_pac: verify the order of PAC elements
new 08ead28 HEIMDAL:lib/krb5: allow predefined PAC_{LOGON_NAME,PRIVSVR_CHECKSUM,SERVER_CHECKSUM} elements in _krb5_pac_sign()
new f618330 HEIMDAL:kdc: reset e_text after successful pre-auth verification
new 0022ea9 HEIMDAL:kdc: add krb5plugin_windc_pac_pk_generate() hook
new 6762d6b s4:kdc: hook into heimdal's windc.pac_pk_generate hook
new c2b7bac s4:kdc: correctly update the PAC in samba_wdc_reget_pac()
new af4dc22 s4:kdc: provide a PAC_CREDENTIAL_INFO element for PKINIT logons
new acb2086 s4:dsdb/password_hash: add the UF_SMARTCARD_REQUIRED password reset magic
new f1bb8f6 s4:dsdb/tests: add UF_SMARTCARD_REQUIRED tests
new 763baa6 selftest/Samba: remove compat admincert* files
new 0860b13 selftest/manage-ca: add certificates for pkinit@[addom.]samba.example.com
new d4af9e4 selftest/manage-ca: update manage-CA-samba.example.com.sh
new b3f8270 selftest/Samba: copy pkinit@$DOMAIN certificates to the environment
new 3039062 test_pkinit_heimdal.sh: add some more tests regarding the UF_SMARTCARD_REQUIRED behavior
new 82726ac testprogs/blackbox: add test_pkinit_pac_heimdal.sh
new 4ab5365 s4:selftest: run test_pkinit_pac_heimdal.sh test
new 661e1a2 s4:selftest: run the pkinit test in the ad_dc and ad_dc_ntvfs environment
new 1854252 WHATSNEW: add SmartCard/PKINIT improvements
new 8b1f5ca auth/auth_sam_reply: fill user_principal_* and dns_domain_name in make_user_info_dc_pac()
new 54d32c2 s4:kdc: provide a PAC_UPN_DNS_INFO element for logons
new 049b507 s4:dsdb/repl_meta_data: remember originating updates when applying replicated changes
new 32a254d s4:dsdb/replicated_objects: don't skip notifications on resolved conflicts
new 32b1c74 s3: smbd: vfs: Remove any stale xattr values during file/directory create in vfs_xattr_tdb()
new da47e13 s4: messaging: Remove bool auto_remove parameter from imessaging_init().
new fe84f8b s4-torture: add new torture_assert_krb5_error_equal macro.
new 497658f s4-torture: fix compile of new NDR PAC tests with MIT Kerberos.
new fcc5883 s3: vfs: generalize functions that set/get posix acl through xattr
new 4c5367d s3: vfs: ceph: Add posix acl support
new 3a683b1 vfs_gpfs: Retry getacl with DAC capability if necessary
new 1f4d935 AddressSanitizer: Initialize for kcc_topology.c
new 555db4b AddressSanitizer: Initialize for smbd/oplock.c
new 1835cde AddressSanitizer: Initialize for vfs_fruit.c
new 1f1edb6 kcc: typo fix tupple => tuple
new 5505e36 kcc: fix a typo
new f5e7494 Wrap krb5_cc_copy_creds and krb5_cc_copy_cache
new df9c801 ctdb-web: Remove ctdb webpages from source
new d5e4a7a ctdb-locking: Drop code for Samba 3.x compatibility
new 3c933b1 ctdb-tool: Remove ctdb thaw command
new d5bc917 ctdb-client: Remove functions ctdb_ctrl_thaw_priority() and ctdb_ctrl_thaw()
new 0191305 ctdb-client: Remove function ctdb_ctrl_thaw() from new client API
new 5dedf66 ctdb-protocol: Drop marshalling code for THAW control
new 0e0331a ctdb-client: Reimplement ctdb_ctrl_freeze_priority() using ctdb_control()
new c346204 ctdb-client: Drop unused functions ctdb_ctrl_freeze_send/recv
new f03d39d ctdb-client: Mark ctdb_ctrl_freeze_priority static
new a376ba8 ctdb-vacuum: Do not use freeze_mode outside freeze code
new 9338443 ctdb-recovery: Remove serial database recovery code
new 79b6b4b ctdb-daemon: Drop priorites from freeze/thaw code
new 5944a9b ctdb-freeze: Drop function thaw_priority()
new 8630cc3 ctdb-client: Remove ctdb_ctrl_freeze_priority() function
new 4a48b6a ctdb-protocol: Remove CTDB_NUM_DB_PRIORITIES
new 6693fa5 ctdb-recoverd: Remove code that updates database priorities during recovery
new 2ac9d0a dbwrap_ctdb: Remove setting of database priority from samba
new 70d10ce ctdb-tool: Remove setdbprio and getdbprio commands
new dc0bfcd ctdb-daemon: Remove implementation of SET/GET_DB_PRIORITY
new bdb17fc ctdb-client: Remove client code for set/get_db_priority
new b7233e3 ctdb-client: Remove code to set/get_db_priority from new client code
new 7c8e933 ctdb-protocol: Drop marshalling code for set/get_db_priority
new a7dd60e ctdb-protocol: Deprecate controls SET/GET_DB_PRIORITY
new 3927603 ctdb-daemon: Remove priority field from ctdb_db_context
new b81824e ctdb-locking: Remove API for locking all databases
new 2852397 ctdb-locking: Remove API for locking databases with priority
new b5ede50 ctdb-freeze: Remove ctdb_db_prio_frozen() function
new 9187f26 ctdb-locking: Remove ctdb_db_prio_iterator function
new fbce266 ctdb-build: Add missing dependency on samba-util
new a66b83d ctdb-doc: Drop documentation for "ctdb setmonmode"
new 99e41e8 ctdb-doc: Drop documentation for "ctdb xpnn"
new f427fe8 ctdb-doc: Update allowed debug levels to include "ERROR"
new 2a85590 ctdb-doc: Document limitation of "ctdb reloadips"
new c6f36b5 ctdb-tests: Require setup_ctdbd() call in tool tests
new 779a8d8 ctdb-tests: Clean up temporary files in tool tests
new 752c70b ctdb-tests: Allow fake_ctdbd and tool to be run under valgrind in tool tests
new 80f7fd1 ctdb-tests: Allow secondary tool commands to be tested
new 046e566 ctdb-tests: Have fake_ctdbd log request IDs
new c77a50d ctdb-tests: Error on invalid destnode in fake_ctdbd
new 2b2a7a9 ctdb-tool: Log a message at INFO level
new eafa12e ctdb-tests: Drop ctdb tool debug level to NOTICE
new 02709c7 ctdb-tool: Drop arbitrary exit codes
new fc7968d ctdb-tool: Exit with 1 on failure instead of -1
new 1bb1b63 ctdb-tool: Fix a log message in "ctdb reloadnodes"
new 1c44436 ctdb-tests: Drop a "ctdb reloadnodes" tool test
new e1aa2bb ctdb-tests: Fix "ctdb status" test
new 48ed5f7 ctdb-tests: Add "ctdb ifaces" tool test
new d30143d ctdb-tests: Add "ctdb ping" tool test
new 55040c5 ctdb-tests: Add "ctdb recmaster" tool tests
new 467356d ctdb-tool: Improve "ctdb uptime" output format
new bde3f95 ctdb-tests: Add "ctdb uptime" tool test
new 339da22 ctdb-tool: Simplify "ctdb process-exists"
new 032c9f1 ctdb-tests: Add "ctdb process-exists" tool test
new accd1ca ctdb-tools: Simplify "ctdb getpid" output format
new d6e1e69 ctdb-tests: Add "ctdb getpid" tool test
new c3c106e ctdb-tools: Simplify "ctdb pnn" output format
new 4af127c ctdb-tests: Add "ctdb pnn" tool test
new b6623fe ctdb-tools: Simplify "ctdb getdebug" output format
new 6ee5136 ctdb-tool: Improve error output in "ctdb setdebug"
new e7e3342 ctdb-tests: Implement GET_DEBUG and SET_DEBUG controls in fake_ctdbd
new cf5d70c ctdb-tests: Add "ctdb setdebug" tool tests
new eb2544e ctdb-tests: Implement GET_RUNSTATE control in fake_ctdbd
new 37d321c ctdb-tests: Add "ctdb runstate" tool tests
new f79be2e ctdb-common: Refactor tunable related functions
new abd5d7c ctdb-daemon: Use refactored tunable code
new be0db16 ctdb-tests: Implement controls related to tunables in fake_ctdbd
new 5d63d8d ctdb-tests: Add "ctdb listvars/getvar/setvar" tool tests
new 435cf16 ctdb-tests: Implement SET_IFACE_LINK_STATE control in fake_ctdbd
new c0d1e9c ctdb-tests: Add "ctdb setifacelink" tool tests
new 7303d7b ctdb-tools: Simplify "ctdb getmonmode" output format
new 87bf242 ctdb-tests: Add monitoring related controls in fake_ctdbd
new 98f5172 ctdb-tests: Add "ctdb getmonmode/disablemonitor/enablemonitor" tool tests
new 0e8416d ctdb-tests: Implement GET_RECLOCK_FILE control in fake_ctdbd
new 8ef7168 ctdb-tests: Add "ctdb getreclock" tool tests
new f7a9d59 ctdb-tests: Implement STOP_NODE and CONTINUE_NODE controls in fake_ctdbd
new 8deb57b ctdb-tests: Implement TAKEOVER_RUN message in fake_ctdbd
new bd17dae ctdb-tests: Add "ctdb stop/continue" tool tests
new 3d6c23e ctdb-tests: Implement SET_BAN_STATE control in fake_ctdbd
new ae07e3b ctdb-tests: Add "ctdb ban/unban" tool tests
new 58f3bd3 ctdb-tests: Implement MODIFY_FLAGS control in fake_ctdbd
new 41d1347 ctdb-tests: Add "ctdb disable/enable" tool tests
new 74989b1 ctdb-tools: Simplify "ctdb getdbseqnum" output format
new 6a01251 ctdb-tests: Implement database related controls in fake_ctdbd
new 0e1ff5f ctdb-tests: Add database related tool tests
new 3cb659e WHATSNEW: CTDB updates
new f95bbc7 kcc: Add corresponding methods for repsTo
new 9427a24 kcc: Add a TODO for msDS[-RO]-Replica-Locations
new 8dabd57 kcc: Clean up repsTo attribute for old DCs
new add6442 ldb_ldb: Do not re-scan the index list for new DNs
new 9e676b2 dsdb: Fix CID 1364520 Incorrect expression (EVALUATION_ORDER)
new 7f56384 ctdb-doc: Add ctdb_diagnostics man page
new 337fc6e ctdb-doc: Integrate ctdb_diagnostics man page into build
new ff6a227 ctdb-doc: ctdb_diagnostics(1) tweaks and cross-references
new c40fc62 ctdb-ipalloc: Use a cumulative timeout for takeover run stages
new 10165c4 ctdb-daemon: Move CTDB VNN structure to IP takeover code
new 9e2a7f0 ctdb-common: Fix CID 1363227 (Resource leak)
new 89b7913 ctdb-tests: Fix CID 1364521 (Argument cannot be negative)
new 13dcaff ctdb-tests: Fix CID 1364522 (Argument cannot be negative)
new e42d587 ctdb-tests: Fix CID 1364523 (Argument cannot be negative)
new 6544590 ctdb-tests: Fix CID 1364524 (Argument cannot be negative)
new a20c3df ctdb-tests: Fix CID 1364525 (Argument cannot be negative)
new 785150a ctdb-tests: Fix CID 1364526 (Argument cannot be negative)
new b47a244 ctdb-doc: Drop documentation for obsolete tunable
new 16f33c9 ctdb-daemon: Fix statistics update macro
new 277aad6 ctdb-tests: Clean database before the test
new bea1252 ctdb-tests: Fix typo
new 0f5bfa6 ctdb-tests: Improve test to match exact output
new b647315 ctdb-tests: Add tests for idempotence
new 5d34755 ctdb-tests: Add more tests for ctdb setdbsticky and setdbreadonly
new dc065b1 ctdb-tests: Add machinereadable output tests
new 76c2208 ctdb-common: Fix parsing of debug level
new 57a66eb ctdb-protocol: Add function ctdb_sock_addr_same_ip
new 5d380ef ctdb-daemon: Add QueueBufferSize tunable
new 5dc1888 ctdb-daemon: Reduce QueueBufferSize from 16k to 1k
new 0a759bc ctdb-daemon: Use consistent naming for monitoring mode
new 87b49c9 ctdb-daemon: Deletion of IPs is deferred until the next takeover run
new 199293f ctdb-tool: Remove old ctdb tool
new 70f2573 ctdb-tool: Add replacement ctdb tool using new client API
new 29b7825 ctdb-tests: Adjust unit test output matching new ctdb
new 28b2a63 ctdb-daemon: Drop the implementation of THAW control
new 47c400f ctdb-protocol: Deprecate THAW control
new 3314a09 ctdb-daemon: Drop implementation of global transaction controls
new 24635e9 ctdb-client: Drop client code for global transaction controls
new 28f62be ctdb-protocol: Drop marshalling for global transaction controls
new 3fbb541 ctdb-protocol: Deprecate global transaction controls
new 3fafe48 ctdb-packaging: Move ctdb configuration to ctdbd.conf
new 44bbdbe WHATSNEW: ctdb updates
new a86be20 ctdb-tests: Fix valgrind unintialized error
new d10771c ctdb-tests: Do not add $VALGRIND to ctdb command
new 9871194 ctdb-tests: Removing sleep from porting_tests
new 0b4b2d0 ctdb-tests: Avoid division by zero in NFS eventscript unit test
new 806f54f ctdb-tests: Remove duplicate EOF terminators in some tool unit tests
new 2f70964 ctdb-tests: Avoid portability issue in porting tests
new 58bd3f8 ctdb-tests: Pretend not to ignore return from fgets()
new ed81e51 ctdb-daemon: Fix CID 1364527/8/9: Null pointer dereferences (NULL_RETURNS)
new 9c1cd31 s3/lib: add smbd_cleanupd.tdb
new da61c97 s3/smbd: add cleanupd_init_send()/recv()
new 4652a8b s3/cleanupd: use smbd_cleanupd.tdb
new 41875c8 s3/notifyd: add async send/recv functions
new f396449 lib: Move "message_send_all" to serverid.c
new eb6e320 fss_agent: Fix a signed/unsigned mixup
new 2a97fb0 tdb: version 1.3.10
new 77d2986 talloc: version 2.1.8
new 7b4c815 tevent: version 0.9.28
new 15e6217 replmd: Check dsdb_dn for syntax errors
new 88a4d55 valgrind: Avoid a warning about uninitialized memory
new e0b6d6b msds_intid: Add test for (non-schema) linked attributes
new 032fc27 rpc_server/drsuapi: Set msDS_IntId as attid for linked attributes if exists
new 2bb5f7d replmd: Remove data field on DSDB_CONTROL_REPLICATED_UPDATE_OID
new fa64116 replmd: Send replicated update OID for forward links
new 0555443 msds_intid: Add test for schema linked attributes
new dffe66e getncchanges: Set is_schema_nc when EXOP_OBJ
new 192e54c rpc_server/drsuapi: Don't set msDS_IntId as attid for linked attributes if schema
new caa231a s4:pyrpc: correctly implement .request_timeout
new 3cb3fc3 samba-tool: use a timeout of 5 minutes in 'samba-tool drs replicate'
new cba7e94 samba-tool: add --async-rep option to 'samba-tool drs replicate'
new 47d9b0e tests:samba_tool_drs: test samba-tool drs replicate with implicit machine credentials
new d282527 tests:samba_tool_drs: test samba-tool drs replicate with --async-op
new c07504f WHATSNEW: document new samba-tool drs replicate options
new 1246904 librpc: Add ndr_push_struct_into_fixed_blob() and use it in GUID_to_ndr_blob()
new cb6395c lib/ldb-samba: Use ndr_push_struct_into_fixed_blob() in ldif_handlers.c
new b8335f6 lib/ldb-samba: Avoid talloc() in ldif_read_objectSid() by parsing the SID string on the stack
new eeb594c dsdb: Limit potential stack use when parsing extended DNs
new 00f77d1 torture: Add tests for ndr_push_struct_into_fixed_blob()
new 7a21e40 ldb_tdb index: fix whitespace
new ebdf6e0 ldb: Free empty index lists as talloc_realloc() fails in this case
new f6e8718 ldb: Add ldb_unpack_data_only_attr_list_flags()
new b465161 ldb: Prepare for adding flags to ltdb_search_dn1() to control memory allocation
new e517d68 ldb: Add flags to ltdb_search_dn1() to control memory allocation
new 5f815c8 ldb: fix compiler warnings on ldb_unpack_data() arguments
new 8818f2c ldb: Use ldb_unpack_data_only_attr_list_flags in re_index()
new dbb243f ldb: version 1.1.27
new 999ea7e shadow_copy2: Fix shadow_copy2_posix_gmt_string return type
new 13f9224 shadow_copy2: Add test cases to cover shadow:format
new c9b6e99 shadow_copy2: create structure to store module specific information
new 71682e1 shadow_copy2: allow configurable prefix for snapshot name
new 8de11bd shadow_copy2: Add test case for snapprefix and delimiter
new 57518cf shadow_copy2: update man pages for the newly introduced options
new 17a6a78 shadow_copy2: Fix error handling in shadow_copy2_get_shadow_copy_data
new b11697b WHATSNEW: add shadow:snapprefix and shadow:delimiter
new 955dec2 VERSION: Set version to 4.5.0rc1...
new de4eaf9 VERSION: Bump version up to 4.5.0rc2...
new de3d1f3 WHATSNEW: Start release notes for Samba 4.5.0rc2.
new d4e5992 docs: Bump version up to 4.5.
new 3cf958d async_req: make async_connect_send() "reentrant"
new 0791bd6 man: Wrong option for parameter ldap ssl in smb.conf man page
new ca1ef4d ctdb-waf: Move ctdb tests to libexec directory
new 70a1836 ctdb-packaging: Move ctdb tests to libexec directory
new a772738 ctdb-tests: Stop cross-talk between reclock tests
new c026a38 ctdb-tests: Add --interactive/-i option to test options parsing code
new 0686be6 ctdb-tests: Implement --interactive/-i option in message_ring
new 8817849 ctdb-tests: Clean up and rename simple message_ring test
new 10e66ef ctdb-tests: Implement --interactive/-i option in fetch ring
new 21cbbb1 ctdb-tests: Clean up and rename simple fetch_ring test
new 106e572 ctdb-tests: Implement --interactive/-i option in transaction_loop
new ea6a976 ctdb-tests: Clean up and rename simple transaction_loop test
new 35f777c ctdb-tests: Clean up and rename simple transaction_loop recovery test
new 38d8bcf ctdb-tests: Add explicit wait to the fork_helper()
new 13301d8 ctdb-common: Fix CID 1125553 Buffer not null terminated (BUFFER_SIZE_WARNING)
new 2c8c82d ctdb-common: Consistently use strlcpy() on interface names
new a614e60 ctdb-utils: Fix CID 1297451 Explicit null dereferenced (FORWARD_NULL)
new 5d77e76 ctdb-daemon: Fix CID 1363233 Resource leak (RESOURCE_LEAK)
new 96395c2 ctdb-daemon: Fix CID 1363067 Resource leak (RESOURCE_LEAK)
new 2ffc301 ctdb-mutex: Fix CID 1359217 Resource leak (RESOURCE_LEAK)
new f002457 ctdb-common: Fix CID 1363227 Resource leak (RESOURCE_LEAK)
new 29c0b81 ctdb-tests: Fix CID 1361816 Buffer not null terminated (BUFFER_SIZE_WARNING)
new 9f0b1e1 ctdb-common: Fix CID 1125581 Dereference after null check (FORWARD_NULL)
new 6e8863b ctdb-common: Fix CID 1125583 Dereference after null check (FORWARD_NULL)
new fb3314f ctdb-common: Fix CID 1125585 Dereference after null check (FORWARD_NULL)
new 00d2d4b ctdb-daemon: Fix CID 1125627 Resource leak (RESOURCE_LEAK)
new fe1ca7a ctdb-mutex: Avoid corner case where helper is already reparented to init
new f0fe4f1 ctdb-tools: Fix CID 1364699 - dereference after null check
new a6b4f12 ctdb-tools: Fix CID 1364701 - resource leak
new dcae848 ctdb-tools: Fix CID 1364702 - resource leak
new 5e6bcb9 ctdb-tools: Fix CID 1364703 - resource leak
new 15c6776 ctdb-tools: Fix CID 1364704 - resource leak
new 66bf88a ctdb-tools: Fix CID 1364705 - resource leak
new c1dfac0 ctdb-tools: Fix CID 1364706 - resource leak
new e7c2383 ctdb-tools: Free record if it does not contain valid data
new 08d6c26 ctdb-tools: Free tickle list before exiting
new aa3e881 ctdb-tools: Add early return for empty connection list
new cab7216 ctdb-tools: Free connection list after processing it
new 661f901 ctdb-tools: Close tdb database on error
new 533d7e1 ctdb-tools: Free temporary memory context before exiting
new 34c3499 ctdb-client: transaction_cancel must free transaction handle
new a009532 ctdb-tools: Cancel transaction on error or if commit fails
new 52bff15 ctdb-tools: "ctdb tickle" command should run without daemon
new be449db ctdb-doc: Document that "ctdb tickle" can now read from stdin
new ae5f9b0 ctdb-packaging: Stop RPM from renaming working config to ctdb.rpmsave
new 5bcfc32 ctdb-daemon: Clean up SET_DB_PRIORITY/GET_DB_PRIORITY deprecation
new a990608 source3/wscript: Add support for disabling vfs_cephfs
new 3688305 buildscripts: Fix the regression with --without-acl-support.
new fa0ffa2 dbwrap: Fix structure initialization
new 449a0cf smbd: ignore ctdb tombstone records in fetch_share_mode_unlocked_parser()
new aa0522e s4/torture: add a test for ctdb-tombstrone-record deadlock
new 6a9bdca dbwrap_ctdb: treat empty records in ltdb as non-existing
new 5ad65ec WHATSNEW: Add changes since rc1.
new 30d823e VERSION: Disable git snapshots for the 4.5.0rc2 release.
new 3e25b21 VERSION: Bump version up to 4.5.0rc3...
new 76958a6 samba-tool/ldapcmp: ignore differences of whenChanged
new cbc6ba0 tests:samba_tool: pass stdout and stderr to assertCmdSuccess()
new f3e8789 tests:samba_tool: make use of assertCmdFail() in gpo.py
new f29471f script/autobuild.py: check for AUTOBUILD_SKIP_SAMBA_O3 environment variable
new 732b5a7 tests:blackbox: let samba_dnsupdate.py provide more details
new 315abf8 torture/backupkey: Allow WERR_INVALID_ACCESS, WERR_INVALID_PARAM or WERR_INVALID_DATA
new 8c8588b selftest: Merge alternate error codes into backupkey from backupkey_heimdal
new 252a0ca s4: repl: Ensure all error paths in dreplsrv_op_pull_source_get_changes_trigger() are protected with tevent returns.
new adf2ca1 s4:dsdb/schema: don't change schema->schema_info on originating schema changes.
new 5925277 s4:dsdb/repl: avoid recursion after fetching schema changes.
new 118b76c s4:dsdb/schema: store struct dsdb_schema_info instead of a hexstring
new 137a40b s4:dsdb/schema: don't treat an older remote schema as SCHEMA_MISMATCH
new c84842a s4:dsdb/repl: Improve memory handling in replicated schema code
new 2c2a837 s4:dsdb/schema: Remove unused old schema from memory
new d5fd8de s4:dsdb/schema: make dsdb_schema_pfm_add_entry() public and more useful
new 6143e5e s4:dsdb/repl: make sure the working_schema prefix map is populated with the remote prefix map
new 5902a36 s4:dsdb/objectclass_attrs: call dsdb_attribute_from_ldb() without a prefixmap
new e895b77 s4:dsdb/schema: avoid an implicit prefix map creation in lookup functions
new 9f3ff9e s4:dsdb/schema: don't update the in memory schema->prefixmap without reloading the schema!
new 67b678f s4:dsdb/schema: split out a dsdb_attribute_drsuapi_remote_to_local() function
new f7cf3c7 s4:dsdb/schema: move messages for unknown attids to higher debug levels during resolving
new bfb5258 s4:dsdb/repl: set working_schema->resolving_in_progress during schema creation
new 1b01340 s4:dsdb/repl: let dsdb_replicated_objects_convert() change remote to local attid for linked attributes
new fdbefe5 s4:dsdb/repl_meta_data: Add more info on which DN we failed to find an attid on
new 4c452a7 selftest: Move repl_schema test to a distinct OID prefix
new 4f41b69 selftest/flapping: add some samba3.blackbox.smbclient_s3 tests
new ac2b4cb script/autobuild.py: include the branch name in the output
new edc2eb2 WHATSNEW.txt: Added more details about multiple DNS forwarders
new 5fa05ec smbd: oplock: Fixup debug messages inside remove_oplock().
new a36549c smbd: oplock: Factor out internals of remove_oplock() into new remove_oplock_under_lock().
new 811fd8b s3: oplock: Fix race condition when closing an oplocked file.
new 97863e8 quotas: small cleanup
new 55d057d smbd: get a valid file stat to disk_quotas
new 9eb4ce1 smbd: use owner uid for free disk calculation if owner is inherited
new 78b96ed selftest: refactor test_dfree_quota.sh - add share parameter
new 84ffa9a selftest: add tests for dfree with inherit owner enabled
new 9a29038 s4-smbtorture: use standard macros in smb2.read test
new 84d6e5a s4-selftest: add functions which create with desired access
new df68a61 s4-selftest: add test for read access check
new 416a362 seltest: implicit FILE_READ_DATA non-reporting
new 2d8c18f seltest: allow opening files with arbitrary rights in smb2.ioctl tests
new 5ffcd2b s4-smbtorture: pin copychunk exec right behavior
new dca2195 smbd: look only at handle readability for COPYCHUNK dest
new d6e8fd9 smbd: allow reading files based on FILE_EXECUTE access right
new e217c14 s3: libsmb: Protect cli_connect_nb_send() from being passed a NULL hostname and dest_ss.
new 7ab1f4f libgpo: Correctly use the 'server' parameter after parsing it out of the GPO path.
new 294944f idmap: don't generally forbid id==0 from idmap_unix_id_is_in_range()
new f57177f idmap: centrally check that unix IDs returned by the idmap backends are in range
new 78460d1 s3-lib: Pass missing argument for format string
new b216684 s3-libnet: Add missing format element
new d6ece9c s3-lib: Remove unused function sprintf_append
new 685aac2 talloc: Fix format-nonliteral warning
new 0da9c69 tdb: Fix format-nonliteral warning
new de35ebd lib/util: Fix format-nonliteral warning
new 61423eb ldb: Fix format-nonliteral warning
new 3f635ce s3-lib: Fix format-nonliteral warning
new aa35339 s3-include: Fix format-nonliteral warning
new acef41a s3-netapi: Fix format-nonliteral warning
new 058e7c0 s3-libnet: Fix format-nonliteral warning
new 14afd99 regedit: Fix format-nonliteral warning
new 05758f4 wibindd: Fix format-nonliteral warning
new 3abe405 passdb: Fix format-nonliteral warning
new 6275a94 torture: Fix format-nonliteral warning
new ca7fa0c lib/util: Fix format strings and argument data types
new 0d98196 ctdb-common: Fix format-nonliteral warning
new 38f2415 ctdb-daemon: Fix format-nonliteral warning
new 91bd05f ctdb-daemon: Fix format-nonliteral warning
new 720af0a ctdb-daemon: Fix format-nonliteral warning
new 398f904 ctdb-recovery-helper: Fix format-nonliteral warning
new 2b203f1 ctdb-ib: Fix DEBUG log messages
new 8754d07 ctdb-pmda: Use 1s timeout for fetching statistics
new b356446 ctdb-tools: Drop "ctdb rebalanceip"
new 0083c24 ctdb-tools: Drop "ctdb rebalancenode"
new cf494f8 ctdb-tools: Addition of IPs is deferred until the next takeover run
new 0d74d1d ctdb-daemon: Fix CID 1272855 Operands don't affect result
new 74e2593 ctdb-daemon: Fix CID 1125575 Operands don't affect result
new 4f6592c ctdb-daemon: Fix CID 1125574 Operands don't affect result
new f2c64a9 ctdb-tests: Update porting test to be more flexible about line numbers
new 14c7c6a ctdb-common: Fix CID 1362729 Unchecked return value from library
new 2f10d65 ctdb-common: Fix CID 1362728 Unchecked return value from library
new 33dd902 ctdb-tcp: Fix CID 1362727 Unchecked return value from library
new 7b12049 ctdb-tcp: Set file descriptor to -1 after close.
new 03d7c48 ctdb-daemon: Fix CID 1362726 Unchecked return value from library
new 6933784 ctdb-client: Fix CID 1362725 Unchecked return value from library
new d244616 ctdb-client: Print error message before next syscall to avoid losing errno
new c92614b ctdb-tcp: Fix CID 1362724 Unchecked return value from library
new 965920b ctdb-daemon: Fix CID 1362723 Unchecked return value from library
new 386ba36 ctdb-logging: Fix CID 1272823 Unchecked return value from library
new 5159811a ctdb-tools: Fix CID 1125618 String not null terminated (STRING_NULL)
new 52813cd ctdb-tools: Consistently use db_name
new bddfe9b ctdb-common: Save errno before closing file to keep debug accurate
new a275b0c ctdb-daemon: Try to release IP address even if interface is unknown
new 5e4db43 ctdb-daemon: Do not update the VNN state on RELEASE_IP failure
new c80c2cf ctdb-daemon: Do not copy address for RELEASE_IP message
new 5fa6a1d ctdb-daemon: Factor out new function release_ip_post()
new 65445d5 ctdb-daemon: Use release_ip_post() when releasing all IP addresses
new 2a9566f ctdb-daemon: Rename takeover_callback_state -> release_ip_callback_state
new 46890c5 ctdb-daemon: When releasing an IP, update PNN in callback
new 18334fd ctdb-ipalloc: Fix cumulative takeover timeout
new f4618fc ctdb-tests: Drop function _ctdb_hack_options()
new e281108 ctdb-tests: Drop attempts to pass arguments to ctdbd on (re)start
new 2070850 ctdb-tests: Move local daemon configuration creation into setup_ctdb()
new c0dba49 ctdb-tests: Remove function daemons_start_1()
new eb55718 ctdb-tests: Reimplement daemons_stop() using ctdbd_wrapper
new 74fa37a KCC: Fix misnamed variable in DSA object
new ad835cf smbd: Fix snapshot query on shares with DFS enabled
new 1901c9e s3: vfs: shadow_copy2: Re-use an existing variable already set to the right value (p - name).
new 4b26677 s3: vfs: shadow_copy2. Remove any trailing slash when stripping @GMT-YYYY... from the end of a path.
new e5baf88 s3: vfs: shadow_copy2: Replace all uses of (p-name) with len_before_gmt.
new b4a05b1 s3: vfs: snapper: Add and use len_before_gmt, calculated as (p-name).
new 598327a s3: vfs: snapper: Fix snapper_gmt_strip_snapshot() function to strip @GMT token identically to shadow_copy2.c:shadow_copy2_strip_snapshot()
new cccf74e s3: SMB1: Add missing FLAGS2 definitions from MS-SMB.
new ac64b26 s3: libsmb: Add uint16_t additional_flags2 arg to cli_smb_send().
new 050673d s3: libsmb: Add uint16_t addtional_flags2 to cli_trans_send().
new c74aa87 s3: libsmb: Add uint16_t addtional_flags2 to cli_smb_req_create().
new 6f1ae6a s3: libsmb: Add clistr_is_previous_version_path()
new f570cda s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_setpathinfo_send().
new 87a1a1a s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_qpathinfo_send()
new fe2f658 s3: libsmb: s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_rename_send().
new 663c35d s3: libsmb: s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_ntrename_internal_send().
new a271db6 s3: libsmb: s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_unlink_send().
new 028f181 s3: libsmb: s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_mkdir_send().
new 30c97b3 s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_rmdir_send()
new e702d6a s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_ntcreate1_send().
new c98a801 s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_nttrans_create_send().
new ce5acbf s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_openx_create().
new 4276ffb s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_getatr_send().
new bff4980 s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_setatr_send().
new 4200c31 s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_chkpath_send().
new 48550cc s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_ctemp_send().
new 8256656 s3: libsmb: Make a comment note that cli_set_ea() needs some internal changes before cli_set_ea_path() can use previous path versions.
new 1d59274 s3: libsmb: Plumb in additional_flags2 = FLAGS2_REPARSE_PATH to cli_list_trans_send().
new 8d7f69d s3: libsmb: Correctly set max_setup_size in FSCTL_GET_SHADOW_COPY_DATA nttrans ioctl.
new bab467d s3: libsmb: Do some hardening in the receive processing of cli_shadow_copy_data_recv().
new b5bb91a s3: smbclient: In order to get shadow copy data over SMB1 we must call cli_shadow_copy_data() twice.
new 38baf4b s3: smbclient. Ensure we don't crash by freeing uninitialized *snapshots.
new b755e66 s3: libsmb: Correctly align create contexts in a create call.
new 8c0b554 s3: libsmb: Add return args to clistr_is_previous_version_path().
new 4dba637 s3: libsmb: Add cli_smb2_shadow_copy_data() function that gets shadow copy info over SMB2.
new a22c296 s3: libsmb: Plumb new SMB2 shadow copy call into cli_shadow_copy_data().
new 8328861 s3: libsmb: Add the capability to find a @GMT- path in an SMB2 create and transform to a timewarp token.
new 9bbc84a s2-selftest: run shadow_copy2 test both in NT1 and SMB3 modes
new 44616ab selftest: add content to files created during shadow_copy2 test
new bbc351a selftest: check file readability in shadow_copy2 test
new 8f535d5 selftest: test listing directories inside snapshots
new 3157af9 vfs_shadow_copy: handle non-existant files and wildcards
new 372fb30 s3: vfs: Fix compilation error on Solaris.
new 6c6fb45 s3-util: Fix asking for username and password in smbget.
new 0f63ac0 Added Wiki link to replPropertyMetaData Changes section
new 205d5f0 Removed upgrading-samba4.txt
new 92ada9f tests/schemainfo: run dsdb schema info tests with proper URI
new 7d24cd2 getncchanges: Fix some whitespace
new d107915 replicated_objects: Add missing newline for debug
new 06cd31c drepl_out: Send the prefix map alongside the RODC partial attribute set
new a57ec81 drepl_out: Send the prefix map alongside the global catalog partial attribute set
new 4c25f82 tests/getnc_exop: Ensure we do the fallback if not given a PAS
new eff99ba tests/getnc_exop: Ensure that all attids are valid in a given PAS
new 90581ae tests/getnc_exop: Ensure the remote prefixmap is always used (secret attrs)
new 2dde964 tests/getnc_exop: Ensure the remote prefixmap is always used (name attr)
new b1858ad tests/getnc_exop: PartialAttrSetEx test (passes Windows, fails us)
new 6600a47 getncchanges: Compute the partial attribute set from the remote schema
new 6f9876a tests/getnc_exop: Ensure that attribute list sorting is correct
new 4422790 WHATSNEW: Release notes for Samba 4.5.0rc3.
new d7258cb VERSION: Disable git snapshots for the 4.5.0rc3 release.
new 8869cf8 Added Wiki link to replPropertyMetaData Changes section
new e7c0cb3 Removed upgrading-samba4.txt
new 257d1d6 tests/schemainfo: run dsdb schema info tests with proper URI
new c146881 getncchanges: Fix some whitespace
new c664c03 replicated_objects: Add missing newline for debug
new 752a32a drepl_out: Send the prefix map alongside the RODC partial attribute set
new ec38c59 drepl_out: Send the prefix map alongside the global catalog partial attribute set
new fc27d74 tests/getnc_exop: Ensure we do the fallback if not given a PAS
new af88b47 tests/getnc_exop: Ensure that all attids are valid in a given PAS
new a6c6050 tests/getnc_exop: Ensure the remote prefixmap is always used (secret attrs)
new 589b76f tests/getnc_exop: Ensure the remote prefixmap is always used (name attr)
new 91f9633 tests/getnc_exop: PartialAttrSetEx test (passes Windows, fails us)
new ef21629 getncchanges: Compute the partial attribute set from the remote schema
new 46139bb tests/getnc_exop: Ensure that attribute list sorting is correct
new 81dff4e WHATSNEW: Release notes for Samba 4.5.0rc3.
new 6c94b10 VERSION: Disable git snapshots for the 4.5.0rc3 release.
new ff8d3d6 VERSION: Bump version up to 4.5.0rc4...
new 91901e0 WHATSNEW: Start release notes for Samba 4.5.0rc4.
new 181d050 script/release.sh: use 8 byte gpg key ids
new b005b5b dsdb: Allow missing a mandatory attribute from a dbcheck fix
new 0ccfa21 dbcheck: Abandon dbcheck if we get an error during a transaction
new 41ca635 ctdb-daemon: Schedule running of callback if there are no event scripts
new d9f5a6a ctdb-daemon: Handle failure immediately, do housekeeping later
new 8b2e01a ctdb-daemon: Don't steal control structure before synchronous reply
new 7e0846a ctdb-tests: Factor out function config_from_environment()
new af2386b ctdb-tests: Conditionally use temporary config file for local daemons
new 51a6036 ctdb-tests: Add a test to ensure that CTDB works with no eventscripts
new 73e24ec Merge tag 'samba-4.5.0rc3' into v4-5-test
new 1349c67 gensec/spnego: work around missing server mechListMIC in SMB servers
new 64e1f55 s3/rpc_server: shared rpc modules directory may not exist
new 8a02f97 Revert "vfs_acl_xattr: objects without NT ACL xattr"
new 32f3f7b vfs_acl_common: rename psd to psd_blob in get_nt_acl_internal()
new abbc4be vfs_acl_common: rename pdesc_next to psd_fs
new a2fb0fb vfs_acl_common: remove redundant NULL assignment
new 8a8c2ce vfs_acl_common: simplify ACL logic, cleanup and talloc hierarchy
new a48d106 vfs_acl_common: move the ACL blob validation to a helper function
new eabd4f8 vfs_acl_tdb|xattr: use a config handle
new 694c5d0 vfs_acl_common: move stat stuff to a helper function
new 7c657fc vfs_acl_common: check for ignore_system_acls before fetching filesystem ACL
new 497e828 vfs_acl_xattr|tdb: add option to control default ACL style
new 54e6a40 vfs_acl_common: Windows style default ACL
new 2aa1aea s4/torture: tests for vfs_acl_xattr default ACL styles
new 0069137 vfs_acl_common: use DBG_LEVEL and remove function prefixes in DEBUG statements
new 1f1d54c docs: document vfs_acl_xattr|tdb enforced settings
new 3987f0e vfs_acl_xattr|tdb: enforced settings when ignore system acls=yes
new 2419d59 idmap_script: add missing "IDTOSID" argument to the script command line.
new 3989032 s4-torture: test GetPrinterData with server handle and 0 keylength.
new d58fb55 s3-spoolss: fix _spoolss_GetPrinterDataEx by moving the keyname lengthcheck.
new dc2c876 WHATSNEW: Add release notes for Samba 4.5.0.
new 916fab0 VERSION: Set version to 4.5.0...
new a4dd3c9 New upstream version 4.5.0+dfsg
The 2538 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git
More information about the Pkg-samba-maint
mailing list