[Pkg-samba-maint] [Git][samba-team/samba][upstream_4.18] 31 commits: VERSION: Bump version up to 4.18.0rc2...
Michael Tokarev (@mjt)
gitlab at salsa.debian.org
Wed Feb 1 20:20:33 GMT 2023
Michael Tokarev pushed to branch upstream_4.18 at Debian Samba Team / samba
Commits:
1886a72d by Stefan Metzmacher at 2023-01-19T14:33:06+00:00
VERSION: Bump version up to 4.18.0rc2...
and re-enable GIT_SNAPSHOT.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(v4-18-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-18-test): Thu Jan 19 14:33:06 UTC 2023 on atb-devel-224
- - - - -
8b97aca0 by Douglas Bagnall at 2023-01-20T12:00:40+00:00
WHATSNEW 4.18: mention samba-tool dsacl delete
Signed-off-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Fri Jan 20 12:00:40 UTC 2023 on atb-devel-224
- - - - -
6e6913bc by Björn Baumbach at 2023-01-31T11:45:17+00:00
WHATSNEW: add acl_xattr:security_acl_name option
Signed-off-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Ralph Boehme <slow at samba.org>
- - - - -
f21236ac by Stefan Metzmacher at 2023-01-31T11:45:17+00:00
s3:auth: call wbcFreeMemory(info) in auth3_generate_session_info_pac()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15286
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit e27084f5d8c3a151c5d0b266118f0d71b641dc85)
- - - - -
af00a0df by Noel Power at 2023-01-31T12:49:50+00:00
s3/lib: Prevent use after free of messaging_ctdb_fde_ev structs
In a cluster setup samba-bgqd async callback
cups_pcap_load_async can access messaging_ctdb_fde_ev associated
with already destructed global_ctdb_ctx_destructor
==26053== Invalid read of size 8
==26053== at 0x71692E1: messaging_ctdb_fde_ev_destructor (messages_ctdb.c:181)
==26053== by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053== by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053== by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053== by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053== by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053== by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053== by 0x40B3963: _talloc_free (talloc.c:1792)
==26053== by 0x4056BCA: tevent_req_received (tevent_req.c:301)
==26053== by 0x405673D: tevent_req_destructor (tevent_req.c:135)
==26053== by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053== by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053== by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053== by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053== by 0x40B3963: _talloc_free (talloc.c:1792)
==26053== by 0x1384EF: cups_pcap_load_async (print_cups.c:507)
==26053== by 0x13894B: cups_cache_reload (print_cups.c:602)
==26053== by 0x1373AE: pcap_cache_reload (pcap.c:140)
==26053== by 0x1369D2: register_printing_bq_handlers (queue_process.c:323)
==26053== by 0x122AD6: main (samba-bgqd.c:316)
==26053== Address 0xed64d48 is 120 bytes inside a block of size 128 free'd
==26053== at 0x4C370EB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26053== by 0x40B25E1: _tc_free_internal (talloc.c:1222)
==26053== by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053== by 0x40B3963: _talloc_free (talloc.c:1792)
==26053== by 0x71691F6: messaging_ctdb_destroy (messages_ctdb.c:141)
==26053== by 0x7169C21: msg_ctdb_ref_destructor (messages_ctdb_ref.c:142)
==26053== by 0x40B2309: _tc_free_internal (talloc.c:1158)
==26053== by 0x40B3539: _tc_free_children_internal (talloc.c:1669)
==26053== by 0x40B24C4: _tc_free_internal (talloc.c:1184)
==26053== by 0x40B2685: _talloc_free_internal (talloc.c:1248)
==26053== by 0x40B3963: _talloc_free (talloc.c:1792)
==26053== by 0x4157380: messaging_reinit (messages.c:646)
==26053== by 0x416C01E: reinit_after_fork (util.c:488)
==26053== by 0x13844C: cups_pcap_load_async (print_cups.c:498)
==26053== by 0x13894B: cups_cache_reload (print_cups.c:602)
==26053== by 0x1373AE: pcap_cache_reload (pcap.c:140)
==26053== by 0x1369D2: register_printing_bq_handlers (queue_process.c:323)
==26053== by 0x122AD6: main (samba-bgqd.c:316)
==26053== Block was alloc'd at
==26053== at 0x4C346A4: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26053== by 0x40B1989: __talloc_with_prefix (talloc.c:783)
==26053== by 0x40B1B23: __talloc (talloc.c:825)
==26053== by 0x40B1ECC: _talloc_named_const (talloc.c:982)
==26053== by 0x40B49C3: _talloc_zero (talloc.c:2421)
==26053== by 0x7168E68: messaging_ctdb_init (messages_ctdb.c:93)
==26053== by 0x716979D: messaging_ctdb_ref (messages_ctdb_ref.c:75)
==26053== by 0x415702A: messaging_init_internal (messages.c:563)
==26053== by 0x41572FD: messaging_init (messages.c:622)
==26053== by 0x4163ED3: global_messaging_context (global_contexts.c:62)
==26053== by 0x12273B: main (samba-bgqd.c:271)
==26053==
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15293
Signed-off-by: Noel Power <npower at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
(cherry picked from commit 7a880ef52dfc85ed2f674250b5baf5109f8d4691)
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Tue Jan 31 12:49:50 UTC 2023 on atb-devel-224
- - - - -
d0c2305b by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Add tests of SamDB.get_nc_root()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 2c7bb58703c1fa26782ac6959ea7d81fccf3905c)
- - - - -
501728cd by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs Add test of expected return code for invaid DNs in GetNCChanges
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit bee45e6b29b97e0cab19a9c3cf692d9a7585a717)
- - - - -
11540d82 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs Allow some DRS tests to operate against an IP
This is not comprehensive, but makes some manual test runs easier by
avoiding the need for DNS names to resolve.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit a150a2dcb1fc7fc7f606838de17ad4d3e6072bda)
- - - - -
7712ef72 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs Allow re-run of DRS tests after failed cleanup
Using a random base is a useful start, even if the better solution also includes a self.AddCleanup()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 3204d1350b21704474e577cb5f3f2439b673c421)
- - - - -
a40d3697 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs: Confirm GetNCChanges REPL_OBJ works with a DummyDN and real GUID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 70faccae6d595056174af8d63b3437c9fe3805aa)
- - - - -
87ed6e23 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs: Confirm GetNCChanges full replication works with a DummyDN and real GUID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 539221dda33f03a1abf5ee5f3153db0fe1a9bfe6)
- - - - -
f70fd338 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-selftest/drs: Confirm GetNCChanges REPL_SECRET works with a DummyDN and real GUID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 7c43388576f768db564aaf15a47d3f9ce5796fb3)
- - - - -
92f56081 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Schedule SD propegation only after successful rename
This avoids needing to anticipate errors that the rename might give
while allowing the dsdb_find_nc_root() routine to become stricter.
The problem is that dsdb_find_nc_root() will soon do a real search and
so fail more often, but these failures will give "wrong" error codes.
We do not need to do this work if the operation fails, so put this in
the callback.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 7032b86cd5c1456318558ed95f8890e353117ced)
- - - - -
855c11c4 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Make dsdb_find_nc_root() first try and use DSDB_CONTROL_CURRENT_PARTITION_OID
This allows lookup of a DN with a GUID only or GUID and string,
possibly not yet in the database, yet still getting the correct result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit d0444be4b74bdad6a731bc5fcf86da6142b03539)
- - - - -
ab282dba by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Add better debugging to dsdb_objects_have_same_nc()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 0f501b2316af6568003e520848c1ec80c286fd36)
- - - - -
feffb9ec by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Add dsdb_normalise_dn_and_find_nc_root() around dsdb_find_nc_root()
Reuse the search done for dsdb_find_nc_root() to normalise the DN.
This will allow a GUID-input DN to be compared safely with a RID Manager DN
or Naming Context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 8e1122420efd11a91aa1c5d60c0cc8fd9ffaf157)
- - - - -
1a97e897 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-rpc_server/drsuapi: Use dsdb_normalise_dn_and_find_nc_root()
This reuses the search done for dsdb_find_nc_root() to normalise the DN.
This will allow a GUID-input DN to be compared safely with a RID Manager DN
or Naming Context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit e96dfc74b3ece40fe64a33aa8b8d810b576982bd)
- - - - -
84a952b0 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: rework drs_ObjectIdentifier_to_dn() into drs_ObjectIdentifier_to_dn_and_nc_root()
This make this funciton the gatekeeper between the wire format and the
internal struct ldb_dn, checking if the DN exists and which NC
it belongs to along the way, and presenting only a DB-returned
DN for internal processing.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit aee2039e63ceeb5e69a0461fb77e0f18278e4dc4)
- - - - -
64df0963 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-drs: Make drs_ObjectIdentifier_to_dn() safer and able to cope with DummyDN values
We want to totally ignore the string DN if there is a GUID,
as clients like "Microsoft Azure AD connect cloud sync" will
set a literal "DummyDN" string.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 73f3ece8b2b44ac4b3323a08fb969f29bf2b0380)
- - - - -
613d9b75 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-rpc_server/drsuapi: Return correct error code for an invalid DN to EXOP_REPL_OBJ/EXOP_REPL_OBJ
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit cbe18353d8d7b2a35b965e4fc8c895ac497e67e8)
- - - - -
29a89f07 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Split samdb_get_ntds_obj_by_guid() out of samdb_is_rodc()
This will allow the logic here to be tighened up and shared
in the next few commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit d5a2af3feae98057ba29de444d308d499d633941)
- - - - -
dc7497c3 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-dsdb: Require that the NTDS object is an nTDSDSA objectclass
This should avoid a user being able to specify the GUID of a different
type of object.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit adb776149e5ac0eb346992775610627106e1a986)
- - - - -
68edd5c1 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-drsuapi: Use samdb_get_ntds_obj_by_guid() to find RODC in REPL_SECRET
We need to find the RODC per the destination_dsa_guid to mark the secrets as
having been replicated, and by using samdb_get_ntds_obj_by_guid() we are stricter
in the checks, as the RODC has to be the right objectClass (nTDSDSA) and under
the CN=Configuration partition.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 09ec6a1db2d3b831548bf7d66475c486be29b1d1)
- - - - -
262fef5a by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-rpc_server: Pre-check destination_dsa_guid in GetNCChanges for validity
This allows our new tests to pass as these need to be checked first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 115a3a10440f44ba11029be5ae3a05534a7b98c0)
- - - - -
68fcea19 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-drsuapi: Clarify role of drs_security_access_check_nc_root()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 1838f349c94b878de1740af35351a2e8e0c8cffb)
- - - - -
c9b7fd17 by Andrew Bartlett at 2023-02-01T16:30:11+00:00
s4-drsuapi: Give an error that matches windows on destination_dsa_guid lookup failure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Tue Jan 31 13:43:54 UTC 2023 on atb-devel-224
(cherry picked from commit 0f2978bbc0ed5b65d75c20472650a749643312e7)
- - - - -
65077cd3 by Andrew Bartlett at 2023-02-01T17:26:50+00:00
WHATSNEW: Add note about Azure AD cloud connect sync support
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-18-test): Wed Feb 1 17:26:50 UTC 2023 on atb-devel-224
- - - - -
46e05759 by Jule Anger at 2023-02-01T18:35:25+01:00
tmp
- - - - -
0679a07a by Jule Anger at 2023-02-01T18:35:29+01:00
WHATSNEW: Add release notes for Samba 4.18.0rc2.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
71fa86a3 by Jule Anger at 2023-02-01T18:35:29+01:00
VERSION: Disable GIT_SNAPSHOT for the 4.18.0rc2 release.
Signed-off-by: Jule Anger <janger at samba.org>
- - - - -
19ef6827 by Michael Tokarev at 2023-02-01T23:10:34+03:00
New upstream version 4.18.0~rc2+dfsg
- - - - -
30 changed files:
- VERSION
- WHATSNEW.txt
- ctdb/doc/ctdb-etcd.7
- ctdb/doc/ctdb-script.options.5
- ctdb/doc/ctdb-statistics.7
- ctdb/doc/ctdb-tunables.7
- ctdb/doc/ctdb.1
- ctdb/doc/ctdb.7
- ctdb/doc/ctdb.conf.5
- ctdb/doc/ctdb.sysconfig.5
- ctdb/doc/ctdb_diagnostics.1
- ctdb/doc/ctdb_mutex_ceph_rados_helper.7
- ctdb/doc/ctdbd.1
- ctdb/doc/ltdbtool.1
- ctdb/doc/onnode.1
- ctdb/doc/ping_pong.1
- docs/manpages/cifsdd.8
- docs/manpages/dbwrap_tool.1
- docs/manpages/eventlogadm.8
- docs/manpages/idmap_ad.8
- docs/manpages/idmap_autorid.8
- docs/manpages/idmap_hash.8
- docs/manpages/idmap_ldap.8
- docs/manpages/idmap_nss.8
- docs/manpages/idmap_rfc2307.8
- docs/manpages/idmap_rid.8
- docs/manpages/idmap_script.8
- docs/manpages/idmap_tdb.8
- docs/manpages/idmap_tdb2.8
- docs/manpages/libsmbclient.7
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/c4676f284178d3a15c2ee0cde0c80a84afeca1e0...19ef6827432ba687b45bd940b8ff6cd5c6a6766d
--
View it on GitLab: https://salsa.debian.org/samba-team/samba/-/compare/c4676f284178d3a15c2ee0cde0c80a84afeca1e0...19ef6827432ba687b45bd940b8ff6cd5c6a6766d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-samba-maint/attachments/20230201/05d4ecd9/attachment-0001.htm>
More information about the Pkg-samba-maint
mailing list