summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* VERSION: Disable GIT_SNAPSHOT for the 4.10.10 release.samba-4.10.10Karolin Seeger2019-10-241-1/+1
| | | | | | | | | | | * Bug 14071: CVE-2019-10218: Client code can return filenames containing path separators. * Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive the full password. * Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.10.10.Karolin Seeger2019-10-241-2/+76
| | | | | | | | | | | * Bug 14071: CVE-2019-10218: Client code can return filenames containing path separators. * Bug 12438: CVE-2019-14833: Samba AD DC check password script does not receive the full password. * Bug 14040: CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync. Signed-off-by: Karolin Seeger <kseeger@samba.org>
* CVE-2019-14847 dsdb: Correct behaviour of ranged_results when combined with ↵Andrew Bartlett2019-10-243-9/+28
| | | | | | | | dirsync BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2019-14847 dsdb: Demonstrate the correct interaction of ranged_results ↵Andrew Bartlett2019-10-242-0/+27
| | | | | | | | | | | style attributes and dirsync Incremental results are provided by a flag on the dirsync control, not by changing the attribute name. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2019-14847 dsdb/modules/dirsync: ensure attrs exist (CID 1107212)Douglas Bagnall2019-10-241-0/+4
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14040 Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> (cherry picked from commit 23f72c4d712f8d1fec3d67a66d477709d5b0abe2)
* CVE-2019-14833 dsdb: send full password to check password scriptBjörn Baumbach2019-10-242-7/+27
| | | | | | | | | | | | | | | utf8_len represents the number of characters (not bytes) of the password. If the password includes multi-byte characters it is required to write the total number of bytes to the check password script. Otherwise the last bytes of the password string would be ignored. Therefore we rename utf8_len to be clear what it does and does not represent. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438 Signed-off-by: Björn Baumbach <bb@sernet.de> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2019-14833: Use utf8 characters in the unacceptable passwordAndrew Bartlett2019-10-242-1/+2
| | | | | | | This shows that the "check password script" handling has a bug. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2019-10218 - s3: libsmb: Protect SMB2 client code from evil server ↵Jeremy Allison2019-10-241-0/+7
| | | | | | | | | | returned names. Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071 Signed-off-by: Jeremy Allison <jra@samba.org>
* CVE-2019-10218 - s3: libsmb: Protect SMB1 client code from evil server ↵Jeremy Allison2019-10-242-0/+78
| | | | | | | | | | returned names. Disconnect with NT_STATUS_INVALID_NETWORK_RESPONSE if so. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14071 Signed-off-by: Jeremy Allison <jra@samba.org>
* VERSION: Bump version up to 4.10.10...Karolin Seeger2019-10-241-2/+2
| | | | | | | and re-enable GIT_SNAPSHOT. Signed-off-by: Karolin Seeger <kseeger@samba.org> (cherry picked from commit b19b75e324f3c09f1811f71a0346929965cc107e)
* VERSION: Disable GIT_SNAPSHOT for the 4.9.10 release.samba-4.10.9Karolin Seeger2019-10-171-1/+1
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* WHATSNEW: Add release notes for Samba 4.10.9.Karolin Seeger2019-10-171-2/+118
| | | | Signed-off-by: Karolin Seeger <kseeger@samba.org>
* s3:libads: Do not turn on canonicalization flag for MIT KerberosAndreas Schneider2019-10-161-0/+15
| | | | | | | | | | | | | | | | This partially reverts 303b7e59a286896888ee2473995fc50bb2b5ce5e. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14155 Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 123584294cfd153acc2d9a5be9d71c395c847a25) Autobuild-User(v4-10-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-10-test): Wed Oct 16 16:43:59 UTC 2019 on sn-devel-144
* lib:krb5_wrap: Do not create a temporary file for MEMORY keytabsAndreas Schneider2019-10-161-8/+8
| | | | | | | | | | | | | | The autobuild cleanup script fails with: The tree has 3 new uncommitted files!!! git clean -n Would remove MEMORY:tmp_smb_creds_SK98Lv Would remove MEMORY:tmp_smb_creds_kornU6 Would remove MEMORY:tmp_smb_creds_ljR828 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit d888655244b4d8ec7a69a042e0ff3c074585b0de)
* spnego: fix server handling of no optimistic exchangeIsaac Boukris2019-10-164-4/+13
| | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Sat Oct 12 15:51:42 UTC 2019 on sn-devel-184
* python/tests/gensec: add spnego downgrade python testsIsaac Boukris2019-10-162-1/+25
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python/tests/gensec: make it possible to add knownfail tests for gensec.update()Stefan Metzmacher2019-10-161-2/+8
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: add tests for no optimistic spnego exchangeIsaac Boukris2019-10-162-0/+5
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* spnego: add client option to omit sending an optimistic tokenIsaac Boukris2019-10-161-0/+11
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* selftest: s3: add a test for spnego downgrade from krb5 to ntlmIsaac Boukris2019-10-164-0/+60
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* s3:libsmb: Do not check the SPNEGO neg token for KRB5Andreas Schneider2019-10-161-50/+0
| | | | | | | | | | | | | The list is not protected and this could be a downgrade attack. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Pair-Programmed-With: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* spnego: ignore server mech_types listIsaac Boukris2019-10-161-5/+26
| | | | | | | | | | | | | We should not use the mech list sent by the server in the last 'negotiate' packet in CIFS protocol, as it is not protected and may be subject to downgrade attacks. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Isaac Boukris <iboukris@redhat.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* testprogs: Add test for 'net ads join createcomputer='Andreas Schneider2019-10-161-2/+30
| | | | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Oct 9 08:26:17 UTC 2019 on sn-devel-184 (cherry picked from commit 459b43e5776180dc1540cd845b72ff78747ecd6f)
* s3:libads: Just change the machine password if account already existsAndreas Schneider2019-10-162-22/+146
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884 Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 14f320fa1e40ecc3a43dabb0cecd57430270a521)
* s3:libnet: Improve debug messagesAndreas Schneider2019-10-161-2/+2
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 39b8c8b30a5d5bd70f8da3a02cf77f7592788b94)
* s3:libads: Fix creating machine account using LDAPAndreas Schneider2019-10-163-21/+124
| | | | | | | | | | | | This implements the same behaviour as Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884 Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit ce7762935051c862ecdd3e82d93096aac61dd292)
* s3:libads: Don't set supported encryption types during account creationAndreas Schneider2019-10-161-18/+0
| | | | | | | | | This is already handled by libnet_join_post_processing_ads_modify() which calls libnet_join_set_etypes() if encrytion types should be set. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit b755a6438022579dab1a403c81d60b1ed7efca38)
* s3:libads: Fix detection if acount already exists in ads_find_machine_count()Andreas Schneider2019-10-161-8/+28
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 4f389c1f78cdc2424795e3b2a1ce43818c400c2d)
* s3:libads: Use a talloc_asprintf in ads_find_machine_acct()Andreas Schneider2019-10-161-4/+8
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 35f3e4aed1f1c2ba1c8dc50921f238937f343357)
* s3:libads: Cleanup error code paths in ads_create_machine_acct()Andreas Schneider2019-10-161-11/+23
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 8ed993789f93624b7b60dd5314fe5472e69e903a)
* s3:libnet: Require sealed LDAP SASL connections for joiningAndreas Schneider2019-10-1611-17/+51
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit b84abb3a46211dc84e52ef95750627e4dd081f2f)
* s3:libads: Use ldap_add_ext_s() in ads_gen_add()Andreas Schneider2019-10-161-1/+1
| | | | | | | | ldap_add_s() is marked as deprecated. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 456322a61319a10aaedda5244488ea4e5aa5cb64)
* testprogs: Fix failure count in test_net_ads.shAndreas Schneider2019-10-161-2/+2
| | | | | | | | | | There are missing ` at the end of the line. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 320b5be4dce95d8dac4b3c0847faf5b730754a37)
* s3: smbclient: Stop an SMB2-connection from blundering into SMB1-specific calls.Jeremy Allison2019-10-161-0/+4
| | | | | | | | | | | | | Fix in the same way this was done in SMBC_opendir_ctx() for libsmbclient. This fix means the admin no longer has to remember to set 'min client protocol =' when connecting to an SMB2-only server (MacOSX for example) and trying to list shares. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14152 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit ea82bca8cef0d736305a7a40b3198fc55ea66af8)
* ctdb-vacuum: Process all records not deleted on a remote nodeAmitay Isaacs2019-10-161-1/+1
| | | | | | | | | | | This currently skips the last record. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14147 RN: Avoid potential data loss during recovery after vacuuming error Signed-off-by: Amitay Isaacs <amitay@gmail.com> Reviewed-by: Martin Schwenke <martin@meltin.net> (cherry picked from commit 33f1c9d9654fbdcb99c23f9d23c4bbe2cc596b98)
* s3:libsmb: Link libsmb against pthreadIsaac Boukris2019-10-161-0/+1
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 7259197bf716f8b81dea74beefe6ee3b1239f172)
* nsswitch: Link stress-nss-libwbclient against pthreadIsaac Boukris2019-10-161-1/+1
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit d473f1e38c2822746030516269b4d70032cf9b2e)
* waf:replace: Do not link against libpthread if not necessaryAndreas Schneider2019-10-161-4/+6
| | | | | | | | | | | | | | | | On Linux we should avoid linking everything against libpthread. Symbols used my most application are provided by glibc and code which deals with threads has to explicitly link against libpthread. This avoids setting LDFLAGS=-pthread globally. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 9499db075b72b147e2ff9bb78e9d5edbaac14e69)
* third_party: Link uid_wrapper against pthreadAndreas Schneider2019-10-161-1/+1
| | | | | | | | | | | | | | uid_wrapper uses pthread_atfork() which is only provided by libpthread. │···················· So we need an explicit dependency. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit bd0cd8e13234d684da77a65f6fdaea2572625369)
* third_party: Link nss_wrapper against pthreadAndreas Schneider2019-10-161-1/+1
| | | | | | | | | | | | | | nss_wrapper uses pthread_atfork() which is only provided by libpthread. So we need an explicit dependency. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 68d8a02ef57cce29e4ff3ef1b792adfc10d0b916)
* third_party: Only link cmocka against librt if really neededAndreas Schneider2019-10-161-1/+6
| | | | | | | | | | | | | cmocka also uses clock_gettime(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 36e8d715bc8dc1e8466f5a5c9798df76310b7572)
* pthreadpool: Only link pthreadpool against librt if we have toAndreas Schneider2019-10-161-1/+6
| | | | | | | | | | | | | | | This calls clock_gettime() which is available in glibc on Linux. If the wscript in libreplace detected that librt is needed for clock_gettime() we have to link against it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 4b28239d13b17e42eb5aa4b405342f46347f3de4)
* replace: Only link against librt if really neededAndreas Schneider2019-10-161-3/+21
| | | | | | | | | | | | | | | fdatasync() and clock_gettime() are provided by glibc on Linux, so there is no need to link against librt. Checks have been added so if there are platforms which require it are still functional. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 480152dd6729d4c58faca6f3e4fa91ff4614c272)
* s3:waf: Do not check for nanosleep() as we don't use it anywhereAndreas Schneider2019-10-161-1/+0
| | | | | | | | | | | | | We use usleep() in the meantime. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14140 Signed-off-by: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Pair-Programmed-With: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit 952e1812fa9bdc1bac2a7ae5ebb5532f1ea31447)
* winbind: provide passwd struct for group sid with ID_TYPE_BOTH mapping (again)Michael Adam2019-10-152-6/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | https://git.samba.org/?p=samba.git;a=commitdiff;h=394622ef8c916cf361f8596dba4664dc8d6bfc9e originally introduced the above feature. This functionality was undone as part of "winbind: Restructure get_pwsid" https://git.samba.org/?p=samba.git;a=commitdiff;h=bce19a6efe11980933531f0349c8f5212419366a I think that this semantic change was accidential. This patch undoes the semantic change and re-establishes the functionality. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14141 Signed-off-by: Michael Adam <obnox@samba.org> Reviewed-by: Christof Schmitt <cs@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Christof Schmitt <cs@samba.org> Autobuild-Date(master): Fri Sep 27 17:25:29 UTC 2019 on sn-devel-184 (cherry picked from commit 63c9147f8631d73b52bdd36ff407e0361dcf5178) Autobuild-User(v4-10-test): Stefan Metzmacher <metze@samba.org> Autobuild-Date(v4-10-test): Tue Oct 15 13:28:49 UTC 2019 on sn-devel-144
* selftest: Test ID_TYPE_BOTH with idmap_rid moduleChristof Schmitt2019-10-152-0/+136
| | | | | | | | | | | | | | ID_TYPE_BOTH means that each user and group has two mappings, a uid and gid. In addition the calls to getpwent, getpwuid, getgrent and getgrgid always return some information, so that uid and gid can be mapped to a name. Establish a test to verify that the expected information is returned. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14141 Signed-off-by: Christof Schmitt <cs@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> (cherry picked from commit 485874d6bb328c50c9a98785e85270f28ade7497)
* s3-winbindd: fix forest trusts with additional trust attributes.Günther Deschner2019-10-152-2/+2
| | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14130 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit d78c87e665e23e6470a19a69383ede7137172c26)
* fault.c: improve fault_report message text pointing to our wikiBjörn Jacke2019-09-261-1/+5
| | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14139 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> (cherry picked from commit ec4c5975528f3d3ab9c8813e176c6d1a2f1ca506) Autobuild-User(v4-10-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-10-test): Thu Sep 26 04:49:25 UTC 2019 on sn-devel-144
* selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ↵Stefan Metzmacher2019-09-251-0/+1
| | | | | | | | | | | | | | | | ad_member This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184 (similar to commit 0ee085b594878f5e0e83839f465303754f015459)
* selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_memberStefan Metzmacher2019-09-251-0/+1
| | | | | | | | | | | This demonstrates that we rely on knowning about trusted domains before we can do krb5_auth in winbindd. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (similar to commit e2737a74d4453a3d65e5466ddc4405d68444df27)
View Lorry Controller Status