diff --git a/SOURCES/samba-4.13-redhat.patch b/SOURCES/samba-4.13-redhat.patch
index aa31e80..e3011a1 100644
--- a/SOURCES/samba-4.13-redhat.patch
+++ b/SOURCES/samba-4.13-redhat.patch
@@ -1,7 +1,7 @@
From 2700da00069cd2d1977c291a4f39a2d4733ded7e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 13 Jul 2020 16:15:03 +0200
-Subject: [PATCH 001/108] libcli:smb2: Do not leak ptext on error
+Subject: [PATCH 001/117] libcli:smb2: Do not leak ptext on error
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -22,13 +22,13 @@ index cc03607d789..4d430f56df5 100644
goto out;
}
--
-2.29.2
+2.31.1
From efeefe63206b9663bfc1dc5418c294831a96d1ee Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 13 Jul 2020 17:23:37 +0200
-Subject: [PATCH 002/108] libcli:smb2: Use talloc NULL context if we don't have
+Subject: [PATCH 002/117] libcli:smb2: Use talloc NULL context if we don't have
a stackframe
If we execute this code from python we don't have a talloc stackframe
@@ -106,13 +106,13 @@ index 4d430f56df5..6ece5f2e4d3 100644
TALLOC_FREE(ptext);
status = NT_STATUS_NO_MEMORY;
--
-2.29.2
+2.31.1
From 189ec5ea334188d0473fca9ffe2fe4887c5f804e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 6 Nov 2019 17:37:45 +0100
-Subject: [PATCH 003/108] auth:creds: Introduce CRED_SMB_CONF
+Subject: [PATCH 003/117] auth:creds: Introduce CRED_SMB_CONF
We have several places where we check '> CRED_UNINITIALISED',
so we better don't use CRED_UNINITIALISED for values from
@@ -202,13 +202,13 @@ index d2a81506de3..6454ac9ff7c 100644
self.assertEqual(creds.get_domain(), lp.get("workgroup").upper())
self.assertEqual(creds.get_realm(), realm.upper())
--
-2.29.2
+2.31.1
From 50499847d67b8c7a9f1f95f94f5c4cc0c3c38ab3 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 10 Oct 2019 14:18:23 +0200
-Subject: [PATCH 004/108] param: Add 'server smb encrypt' parameter
+Subject: [PATCH 004/117] param: Add 'server smb encrypt' parameter
And this also makes 'smb encrypt' a synonym of that.
@@ -821,13 +821,13 @@ index 7acde285a90..b745e0906b1 100644
req,
NT_STATUS_NOT_SUPPORTED);
--
-2.29.2
+2.31.1
From 74d2e7f5c8892393ebda43009bbd2c781eed275f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 10:04:19 +0200
-Subject: [PATCH 005/108] param: Create and use enum_smb_encryption_vals
+Subject: [PATCH 005/117] param: Create and use enum_smb_encryption_vals
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -919,13 +919,13 @@ index b424b13cde4..2fb1fd7189e 100644
#define SMB_DATA_BLOCK 0x1
#define SMB_ASCII4 0x4
--
-2.29.2
+2.31.1
From 41d2569830352ad837a7066726870a29657978ac Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 26 May 2020 09:34:54 +0200
-Subject: [PATCH 006/108] s3:smbd: Use 'enum smb_encryption_setting' values
+Subject: [PATCH 006/117] s3:smbd: Use 'enum smb_encryption_setting' values
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -1043,13 +1043,13 @@ index b745e0906b1..2f2fdcb7260 100644
req,
NT_STATUS_NOT_SUPPORTED);
--
-2.29.2
+2.31.1
From c1d582d192afb200c4ad3fc6c8109789c3266a75 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 9 Apr 2020 10:38:41 +0200
-Subject: [PATCH 007/108] docs-xml: Add 'client smb encrypt'
+Subject: [PATCH 007/117] docs-xml: Add 'client smb encrypt'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -1221,13 +1221,13 @@ index 4ad541301b3..6418a42b6eb 100644
apply_lp_set_cmdline();
}
--
-2.29.2
+2.31.1
From ffe01bcd6390b3ca19c6e327175c262f76683aea Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 22 Jul 2020 17:48:25 +0200
-Subject: [PATCH 008/108] lib:param: Add lpcfg_parse_enum_vals()
+Subject: [PATCH 008/117] lib:param: Add lpcfg_parse_enum_vals()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -1288,13 +1288,13 @@ index 323fcf84523..e66ce2324b4 100644
struct loadparm_substitution;
#ifdef LOADPARM_SUBSTITUTION_INTERNALS
--
-2.29.2
+2.31.1
From be3b71c7877bda0e5a578b76bfcf98ab9c8e4894 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 9 Oct 2019 09:38:08 +0200
-Subject: [PATCH 009/108] libcli:smb: Add smb_signing_setting_translate()
+Subject: [PATCH 009/117] libcli:smb: Add smb_signing_setting_translate()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -1461,13 +1461,13 @@ index 6918e1306c3..20981754db4 100644
plantestsuite("samba.unittests.talloc_keep_secret", "none",
[os.path.join(bindir(), "default/lib/util/test_talloc_keep_secret")])
--
-2.29.2
+2.31.1
From 523033ebfca0154cf13fe79796a879797bf61c66 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 26 May 2020 08:39:34 +0200
-Subject: [PATCH 010/108] libcli:smb: Add smb_encryption_setting_translate()
+Subject: [PATCH 010/117] libcli:smb: Add smb_encryption_setting_translate()
Add encryption enum and function to avoid confusion when reading the
code.
@@ -1555,13 +1555,13 @@ index da0e4db2bf3..ac2887ee5c4 100644
+ return encryption_state;
+}
--
-2.29.2
+2.31.1
From b6f83efae214538df1965df7d2577c5ebd2926a3 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 9 Oct 2019 09:47:59 +0200
-Subject: [PATCH 011/108] s3:lib: Use smb_signing_setting_translate for cmdline
+Subject: [PATCH 011/117] s3:lib: Use smb_signing_setting_translate for cmdline
parsing
The function will be removed soon.
@@ -1622,13 +1622,13 @@ index 5a07eddac44..6a08afe4a25 100644
bld.SAMBA3_LIBRARY('cmdline_contexts',
--
-2.29.2
+2.31.1
From f7f4411902cdbfec5358339f4279cca44a9fb181 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 23 Jul 2020 07:47:18 +0200
-Subject: [PATCH 012/108] auth:creds: Remove unused credentials autoproto
+Subject: [PATCH 012/117] auth:creds: Remove unused credentials autoproto
header
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -1702,13 +1702,13 @@ index 7711eac2afa..d9be3562adb 100644
#include "auth/kerberos/kerberos_credentials.h"
#include "auth/kerberos/kerberos_util.h"
--
-2.29.2
+2.31.1
From ae65707b4b6f0bb640ac6e9f5899d5908b6f5ee4 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 26 May 2020 09:32:44 +0200
-Subject: [PATCH 013/108] auth:creds: Add
+Subject: [PATCH 013/117] auth:creds: Add
cli_credentials_(get|set)_smb_signing()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -1844,13 +1844,13 @@ index 68f1f25dce1..9cde0000b5f 100644
#endif /* __CREDENTIALS_INTERNAL_H__ */
--
-2.29.2
+2.31.1
From 7408b2af20c3d3b3bf1a59850e9f4659d9379eed Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Jun 2020 11:56:01 +0200
-Subject: [PATCH 014/108] auth:creds: Add python bindings for
+Subject: [PATCH 014/117] auth:creds: Add python bindings for
(get|set)_smb_signing
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -1970,13 +1970,13 @@ index 6454ac9ff7c..e5f8122fa21 100644
+ creds.set_smb_signing(credentials.SMB_SIGNING_REQUIRED)
+ self.assertEqual(creds.get_smb_signing(), credentials.SMB_SIGNING_REQUIRED)
--
-2.29.2
+2.31.1
From b5753b24a1a8897c55189869c623977bb78430b0 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 16:31:35 +0200
-Subject: [PATCH 015/108] auth:creds: Add
+Subject: [PATCH 015/117] auth:creds: Add
cli_credentials_(get|set)_smb_ipc_signing()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2102,13 +2102,13 @@ index 9cde0000b5f..54e8271471f 100644
#endif /* __CREDENTIALS_INTERNAL_H__ */
--
-2.29.2
+2.31.1
From 1e7031e438992e37cb9324250d21e82c5f5324c6 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Jun 2020 12:32:46 +0200
-Subject: [PATCH 016/108] auth:creds: Add python bindings for
+Subject: [PATCH 016/117] auth:creds: Add python bindings for
(get|set)_smb_ipc_signing
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2207,13 +2207,13 @@ index e5f8122fa21..8edf13ce6ff 100644
+ creds.set_smb_ipc_signing(credentials.SMB_SIGNING_OFF)
+ self.assertEqual(creds.get_smb_ipc_signing(), credentials.SMB_SIGNING_OFF)
--
-2.29.2
+2.31.1
From 8843b4072f5f1d27dea9742518cedbad543e137a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 16:10:52 +0200
-Subject: [PATCH 017/108] auth:creds: Add
+Subject: [PATCH 017/117] auth:creds: Add
cli_credentials_(get|set)_smb_encryption()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2341,13 +2341,13 @@ index 54e8271471f..3b86b742448 100644
#endif /* __CREDENTIALS_INTERNAL_H__ */
--
-2.29.2
+2.31.1
From fa8fb414c21d7c823eb35130ecf05bd13cec3370 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Jun 2020 12:38:30 +0200
-Subject: [PATCH 018/108] auth:creds: Add python bindings for
+Subject: [PATCH 018/117] auth:creds: Add python bindings for
(get|set)_smb_encryption
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2459,13 +2459,13 @@ index 8edf13ce6ff..e0a6248d37a 100644
+ creds.set_smb_encryption(credentials.SMB_ENCRYPTION_REQUIRED)
+ self.assertEqual(creds.get_smb_encryption(), credentials.SMB_ENCRYPTION_REQUIRED)
--
-2.29.2
+2.31.1
From 9029cd9abb9bbd668f6616821a99e79f31617ccf Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 4 Jun 2020 11:19:53 +0200
-Subject: [PATCH 019/108] auth:creds: Add python bindings for
+Subject: [PATCH 019/117] auth:creds: Add python bindings for
cli_credentials_set_conf()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2587,13 +2587,13 @@ index e0a6248d37a..6187bded0b6 100644
+ creds.set_conf(lp)
+ self.assertEqual(creds.get_smb_encryption(), credentials.SMB_ENCRYPTION_OFF)
--
-2.29.2
+2.31.1
From 3567e45ea254c8b8fd171174833e9a153f88a2ca Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 23 Jul 2020 08:14:23 +0200
-Subject: [PATCH 020/108] auth:creds: Bump library version
+Subject: [PATCH 020/117] auth:creds: Bump library version
We added new functions so bump the version.
@@ -2617,13 +2617,13 @@ index 564a04fe8dd..1e3302e3e48 100644
bld.SAMBA_SUBSYSTEM('CREDENTIALS_KRB5',
--
-2.29.2
+2.31.1
From e4b2962b34affec4cb9a4367faea53fe27c494e7 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 27 May 2020 11:10:30 +0200
-Subject: [PATCH 021/108] s3:lib: Use cli_credential_(get|set)_smb_signing()
+Subject: [PATCH 021/117] s3:lib: Use cli_credential_(get|set)_smb_signing()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -2688,13 +2688,13 @@ index bc1f1c3ed25..6038ec11515 100644
void set_cmdline_auth_info_use_ccache(struct user_auth_info *auth_info, bool b)
--
-2.29.2
+2.31.1
From 1cabf0cd51019ae8d6d37c27b0b5aacc989d5818 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:45:34 +0200
-Subject: [PATCH 022/108] s3:lib: Set smb encryption also via cli creds API
+Subject: [PATCH 022/117] s3:lib: Set smb encryption also via cli creds API
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -2717,13 +2717,13 @@ index 6038ec11515..9c9e2f0ac0f 100644
}
--
-2.29.2
+2.31.1
From 60af05cd7dd38dbb936df530d9255b7e829f5283 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 13 Aug 2020 10:40:23 +0200
-Subject: [PATCH 023/108] python: Remove unused sign argument from
+Subject: [PATCH 023/117] python: Remove unused sign argument from
smb_connection()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -2772,13 +2772,13 @@ index 1e2c2918ebe..ad60cda0690 100644
smb_dir = '\\'.join([self.lp.get('realm').lower(),
'Policies', 'PolicyDefinitions'])
--
-2.29.2
+2.31.1
From 061d5a2ddfe247494ca1bbd601e2eb63d0b26fe8 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Jun 2020 14:02:37 +0200
-Subject: [PATCH 024/108] python: Set smb signing via the creds API
+Subject: [PATCH 024/117] python: Set smb signing via the creds API
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
@@ -2876,13 +2876,13 @@ index ad60cda0690..0f2f6520fc3 100644
--
-2.29.2
+2.31.1
From d6e0f9079047c1832c981a0bf357e5e9415168d4 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 17:22:12 +0200
-Subject: [PATCH 025/108] s3:libsmb: Introduce CLI_FULL_CONNECTION_IPC
+Subject: [PATCH 025/117] s3:libsmb: Introduce CLI_FULL_CONNECTION_IPC
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -3099,13 +3099,13 @@ index 6cea2ee306c..2241beb331f 100644
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status)));
--
-2.29.2
+2.31.1
From 1a928ac9a29329588633058ef226098f118c3f87 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 17:29:25 +0200
-Subject: [PATCH 026/108] s3:pylibsmb: Add ipc=True support for
+Subject: [PATCH 026/117] s3:pylibsmb: Add ipc=True support for
CLI_FULL_CONNECTION_IPC
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -3164,13 +3164,13 @@ index 3fcc3424a57..3579a040830 100644
#ifdef HAVE_PTHREAD
ret = py_cli_state_setup_mt_ev(self);
--
-2.29.2
+2.31.1
From c06aed4a9d30a50c36787c57e091b34610d10a61 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 24 Jul 2020 09:47:11 +0200
-Subject: [PATCH 027/108] python:tests: Mark libsmb connection as an IPC
+Subject: [PATCH 027/117] python:tests: Mark libsmb connection as an IPC
connection
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -3193,13 +3193,13 @@ index ba7440df13b..2c028d381db 100644
DesiredAccess=0x12019f,
ShareAccess=0x7,
--
-2.29.2
+2.31.1
From 94218e70119c343d747808f62c4f8acccabbf7a6 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 17 Aug 2020 12:52:39 +0200
-Subject: [PATCH 028/108] python:tests: Set smb ipc signing via the creds API
+Subject: [PATCH 028/117] python:tests: Set smb ipc signing via the creds API
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -3231,13 +3231,13 @@ index 2c028d381db..d6f5de7440a 100644
DesiredAccess=0x12019f,
ShareAccess=0x7,
--
-2.29.2
+2.31.1
From 44a039e9373f5274a33b6eccfcb82c0a5e538818 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 17:59:19 +0200
-Subject: [PATCH 029/108] s3:libsmb: Use 'enum smb_signing_setting' in
+Subject: [PATCH 029/117] s3:libsmb: Use 'enum smb_signing_setting' in
cliconnect.c
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -3361,13 +3361,13 @@ index d214cdabca4..995187e21b4 100644
void cli_nt_pipes_close(struct cli_state *cli);
void cli_shutdown(struct cli_state *cli);
--
-2.29.2
+2.31.1
From 797c0e55c8521a6788a98ecd405579e2d2d09b46 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 18:11:31 +0200
-Subject: [PATCH 030/108] s3:client: Turn off smb signing for message op
+Subject: [PATCH 030/117] s3:client: Turn off smb signing for message op
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -3513,13 +3513,13 @@ index 3579a040830..f8a4d56cf53 100644
NULL, self->ev, "myname", host, NULL, 0, share, "?????",
cli_creds, flags, signing_state);
--
-2.29.2
+2.31.1
From ae84010726a6a428a1b1ad2ddddbf7dd9fd54d6f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 28 May 2020 18:20:02 +0200
-Subject: [PATCH 031/108] s3:libsmb: Remove signing_state from
+Subject: [PATCH 031/117] s3:libsmb: Remove signing_state from
cli_full_connection_creds_send()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -3612,13 +3612,13 @@ index f8a4d56cf53..c7a2d73afcb 100644
return -1;
}
--
-2.29.2
+2.31.1
From 23dd3d7fd8e120be59bd0b45ea5bccb6812730d6 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 4 Jun 2020 14:59:14 +0200
-Subject: [PATCH 032/108] s3:libsmb: Remove signing_state from
+Subject: [PATCH 032/117] s3:libsmb: Remove signing_state from
cli_full_connection_creds()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -3983,13 +3983,13 @@ index 954d6eba804..fea066ce468 100644
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
return NULL;
--
-2.29.2
+2.31.1
From fba11e893292fbbb03a85617c69326815dfdc996 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 8 Jun 2020 08:04:24 +0200
-Subject: [PATCH 033/108] s3:libsmb: Add encryption support to
+Subject: [PATCH 033/117] s3:libsmb: Add encryption support to
cli_full_connection_creds*()
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
@@ -4200,13 +4200,13 @@ index b24743d789b..abfd18bfaf1 100644
}
--
-2.29.2
+2.31.1
From b6e55cb03a821baf2ed7e7e1e4a4ff8ced9aa549 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 11:26:00 +0200
-Subject: [PATCH 034/108] python: Add a test for SMB encryption
+Subject: [PATCH 034/117] python: Add a test for SMB encryption
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -4274,13 +4274,13 @@ index e8f8e7fe94d..81d4e482644 100644
if __name__ == "__main__":
import unittest
--
-2.29.2
+2.31.1
From 16113fa8ed57b2ec8d75e8ff0e653a264f28b75a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:31:02 +0200
-Subject: [PATCH 035/108] s3:net: Use cli_credentials_set_smb_encryption()
+Subject: [PATCH 035/117] s3:net: Use cli_credentials_set_smb_encryption()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -4323,13 +4323,13 @@ index b139fb2d0da..5829d891075 100644
}
--
-2.29.2
+2.31.1
From fc775b9734466e9454db559b08704c308c5b310d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:40:13 +0200
-Subject: [PATCH 036/108] s3:libsmb: Use cli_credentials_set_smb_encryption()
+Subject: [PATCH 036/117] s3:libsmb: Use cli_credentials_set_smb_encryption()
This also adds a SMBC_ENCRYPTLEVEL_DEFAULT to 'enum
smbc_smb_encrypt_level' in order to use the smb.conf default value.
@@ -4682,13 +4682,13 @@ index ec4a516b2ee..61503d0a98b 100644
+ vnum='0.7.0',
pc_files='smbclient.pc')
--
-2.29.2
+2.31.1
From 4f3adf58dded81470d654b36a6b41f44c97a0c1a Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:43:33 +0200
-Subject: [PATCH 037/108] s3:client: Remove unused smb encryption code
+Subject: [PATCH 037/117] s3:client: Remove unused smb encryption code
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -4718,13 +4718,13 @@ index f56dc323b6e..16a8d44c069 100644
*output_cli = cli;
return NT_STATUS_OK;
--
-2.29.2
+2.31.1
From 98fd48ab6736cbc5321da554cbdade876747c8b2 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:47:05 +0200
-Subject: [PATCH 038/108] s3:utils: Remove obsolete force encryption from
+Subject: [PATCH 038/117] s3:utils: Remove obsolete force encryption from
smbacls
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4755,13 +4755,13 @@ index 5983ebbd0a5..8fd9fcc5780 100644
}
--
-2.29.2
+2.31.1
From 60c9bdb31c4b558cb14a6861ecdb64a019c1a360 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:48:18 +0200
-Subject: [PATCH 039/108] s3:utils: Remove obsolete force encryption from
+Subject: [PATCH 039/117] s3:utils: Remove obsolete force encryption from
mdfind
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4789,13 +4789,13 @@ index 2ac4fde7daf..ef2657e4fa5 100644
NCACN_NP,
&ndr_table_mdssvc,
--
-2.29.2
+2.31.1
From ad636063188db7e3307140edf7d5fdf40d79c0e4 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:49:28 +0200
-Subject: [PATCH 040/108] s3:utils: Remove obsolete force encryption from
+Subject: [PATCH 040/117] s3:utils: Remove obsolete force encryption from
smbcquotas
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4827,13 +4827,13 @@ index fea066ce468..4ceac7b3ab0 100644
}
--
-2.29.2
+2.31.1
From 4b64497f1473661d86b032f2ae82c2c845cf8c8d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 10 Jun 2020 12:51:18 +0200
-Subject: [PATCH 041/108] s3:rpcclient: Remove obsolete force encryption from
+Subject: [PATCH 041/117] s3:rpcclient: Remove obsolete force encryption from
rpcclient
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4865,13 +4865,13 @@ index 2ead6cc7ba5..575a42ebf70 100644
memset(cmdline_auth_info.password,'X',sizeof(cmdline_auth_info.password));
#endif
--
-2.29.2
+2.31.1
From 10c912597ca6a00e62e2756c8b6a83a35fbc2da5 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 6 Jul 2020 10:58:36 +0200
-Subject: [PATCH 042/108] examples: Remove obsolete force encryption from
+Subject: [PATCH 042/117] examples: Remove obsolete force encryption from
smb2mount
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4903,13 +4903,13 @@ index 6206c3a9701..c64be573462 100644
}
--
-2.29.2
+2.31.1
From acc244f893ee415fc572c701af6c9894acbefa93 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 6 Jul 2020 11:05:59 +0200
-Subject: [PATCH 043/108] s3:libsmb: Make cli_cm_force_encryption_creds()
+Subject: [PATCH 043/117] s3:libsmb: Make cli_cm_force_encryption_creds()
static
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -4951,13 +4951,13 @@ index 850cf12c8a6..eeabcaa7463 100644
struct cli_state *referring_cli,
const char *server,
--
-2.29.2
+2.31.1
From 3c37b922596ec55b67942b901dd57abeb30197e8 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 13 Aug 2020 16:16:55 +0200
-Subject: [PATCH 044/108] s4:libcli: Return NTSTATUS errors for
+Subject: [PATCH 044/117] s4:libcli: Return NTSTATUS errors for
smb_composite_connect_send()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -5051,13 +5051,13 @@ index 582d43ef173..ad50ae0ac81 100644
return smb_composite_connect_recv(c, mem_ctx);
}
--
-2.29.2
+2.31.1
From 5b37563928d8f82d90359aeb62b89203895bb480 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 7 Jul 2020 12:54:26 +0200
-Subject: [PATCH 045/108] s4:libcli: Return if encryption is requested for SMB1
+Subject: [PATCH 045/117] s4:libcli: Return if encryption is requested for SMB1
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -5088,13 +5088,13 @@ index 6ee4929e8d7..51e121bdce6 100644
if (composite_nomem(state, c)) return c;
c->private_data = state;
--
-2.29.2
+2.31.1
From 2d46ced85e374a823ecafde16743456eede6ce9e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 7 Jul 2020 12:29:39 +0200
-Subject: [PATCH 046/108] s3:libcli: Split out smb2_connect_tcon_start()
+Subject: [PATCH 046/117] s3:libcli: Split out smb2_connect_tcon_start()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -5141,13 +5141,13 @@ index 6fc3993a4e8..95ff05eac8f 100644
subreq = smb2cli_tcon_send(state, state->ev,
--
-2.29.2
+2.31.1
From 5ee85438a34c78b1ec626002192a7118fb01fdb7 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 7 Jul 2020 12:44:26 +0200
-Subject: [PATCH 047/108] s4:libcli: Add smb2_connect_enc_start()
+Subject: [PATCH 047/117] s4:libcli: Add smb2_connect_enc_start()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -5212,13 +5212,13 @@ index 95ff05eac8f..3a3ecdf20e8 100644
}
--
-2.29.2
+2.31.1
From 7620d79d4aef09bf893ef1823cb3c8a12bdd6977 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 24 Jul 2020 10:18:52 +0200
-Subject: [PATCH 048/108] s4:libcli: Require signing for SMB encryption
+Subject: [PATCH 048/117] s4:libcli: Require signing for SMB encryption
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -5268,13 +5268,13 @@ index 3a3ecdf20e8..9540704491e 100644
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
--
-2.29.2
+2.31.1
From 28403a2791fda77fe9fb73202964a3cea1eb732c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 7 Jul 2020 14:27:07 +0200
-Subject: [PATCH 049/108] python:tests: Add test for SMB encrypted DCERPC
+Subject: [PATCH 049/117] python:tests: Add test for SMB encrypted DCERPC
connection
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -5389,13 +5389,13 @@ index 20981754db4..adcb5b53189 100644
def cmdline(script, *args):
--
-2.29.2
+2.31.1
From 77523b06608555f58f31267a95ae54fd8bc3f495 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 4 Sep 2020 10:47:54 +0200
-Subject: [PATCH 050/108] auth:gensec: Add gensec_security_sasl_names()
+Subject: [PATCH 050/117] auth:gensec: Add gensec_security_sasl_names()
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
@@ -5519,13 +5519,13 @@ index d2d62d6652e..4eb45643714 100644
* Return a unique list of security subsystems from those specified in
* the list of SASL names.
--
-2.29.2
+2.31.1
From 84fb67e29e2e220b6e74067cab4ee986c53d6a0e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 4 Sep 2020 10:48:27 +0200
-Subject: [PATCH 051/108] s4:ldap_server: Use samba_server_gensec_start() in
+Subject: [PATCH 051/117] s4:ldap_server: Use samba_server_gensec_start() in
ldapsrv_backend_Init()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
@@ -5631,13 +5631,13 @@ index 2839082daef..915d9b94f9b 100644
ldb_set_opaque(conn->ldb, "supportedSASLMechanisms", sasl_mechs);
}
--
-2.29.2
+2.31.1
From 79d9d8b597afc5f637039b29dd13a363c8cb9b54 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 4 Sep 2020 14:39:15 +0200
-Subject: [PATCH 052/108] auth:gensec: Make gensec_use_kerberos_mechs() a
+Subject: [PATCH 052/117] auth:gensec: Make gensec_use_kerberos_mechs() a
static function
Signed-off-by: Stefan Metzmacher <metze@samba.org>
@@ -5681,13 +5681,13 @@ index 4eb45643714..ebcab76999a 100644
const struct gensec_security_ops **new_gensec_list;
int i, j, num_mechs_in;
--
-2.29.2
+2.31.1
From 434d9895989832e7f338c565c43ff2f7fa9c514e Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 4 Sep 2020 14:41:43 +0200
-Subject: [PATCH 053/108] auth:gensec: Pass use_kerberos and keep_schannel to
+Subject: [PATCH 053/117] auth:gensec: Pass use_kerberos and keep_schannel to
gensec_use_kerberos_mechs()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
@@ -5755,13 +5755,13 @@ index ebcab76999a..8d1b41fec74 100644
}
--
-2.29.2
+2.31.1
From 0da017218009cce876c3e251beec5ea6958717f4 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 4 Sep 2020 17:00:45 +0200
-Subject: [PATCH 054/108] auth:gensec: If Kerberos is required, keep schannel
+Subject: [PATCH 054/117] auth:gensec: If Kerberos is required, keep schannel
for machine account auth
Signed-off-by: Stefan Metzmacher <metze@samba.org>
@@ -5792,13 +5792,13 @@ index 8d1b41fec74..3f42d611140 100644
if (gensec_security->settings->backends) {
--
-2.29.2
+2.31.1
From 9242884180b1f6bb202f7c5249f8d37a2453141e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 4 Sep 2020 12:21:21 +0200
-Subject: [PATCH 055/108] auth:creds: Add cli_credentials_init_server()
+Subject: [PATCH 055/117] auth:creds: Add cli_credentials_init_server()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -5858,13 +5858,13 @@ index 7d0cf53194b..438bcdce232 100644
bool cli_credentials_wrong_password(struct cli_credentials *cred);
const char *cli_credentials_get_password(struct cli_credentials *cred);
--
-2.29.2
+2.31.1
From 2da8321de6ef2e81378bdb3221a7e9d398eebcc5 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 4 Sep 2020 12:21:36 +0200
-Subject: [PATCH 056/108] s4:rpc_server: Use cli_credentials_init_server()
+Subject: [PATCH 056/117] s4:rpc_server: Use cli_credentials_init_server()
Signed-off-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 6c94ebf77fdb7383be2042f5e20ba2ef598cd4a4)
@@ -5906,13 +5906,13 @@ index 084857a44bf..e64148ef788 100644
call->event_ctx,
imsg_ctx,
--
-2.29.2
+2.31.1
From 5a641937dc9b842a70754950f157ef8a559a49c8 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 7 Sep 2020 09:19:43 +0200
-Subject: [PATCH 057/108] s4:smb_server: Use cli_credentials_init_server() for
+Subject: [PATCH 057/117] s4:smb_server: Use cli_credentials_init_server() for
negprot
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6006,13 +6006,13 @@ index 4aaaf46793b..c433eb194bd 100644
req->smb_conn->negotiate.server_credentials = talloc_steal(req->smb_conn, server_credentials);
--
-2.29.2
+2.31.1
From 1f73660655160daa18acf5943dfd7cc323e801bd Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 8 Sep 2020 10:15:22 +0200
-Subject: [PATCH 058/108] selftest: Rename 'smb encrypt' to 'server smb
+Subject: [PATCH 058/117] selftest: Rename 'smb encrypt' to 'server smb
encrypt'
This makes it more clear what we want. 'smb encrypt' is a synonym for
@@ -6057,13 +6057,13 @@ index e141f102ef1..c070086ca49 100755
[tmpguest]
path = $shrdir
--
-2.29.2
+2.31.1
From a939facd076f75564d1a9e3c4afbb953a67bb6fe Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 8 Sep 2020 12:30:08 +0200
-Subject: [PATCH 059/108] selftest: Move enc_desired to provision to have it in
+Subject: [PATCH 059/117] selftest: Move enc_desired to provision to have it in
'fileserver' too
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6104,13 +6104,13 @@ index c070086ca49..fa3ca8962a5 100755
my $net = Samba::bindir_path($self, "net");
--
-2.29.2
+2.31.1
From 297f6cd53a59a5f7e1bd8e57a791977de64e3f8c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 8 Sep 2020 10:15:20 +0200
-Subject: [PATCH 060/108] s3:tests: Add smbclient tests for 'client smb
+Subject: [PATCH 060/117] s3:tests: Add smbclient tests for 'client smb
encrypt'
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6245,13 +6245,13 @@ index 27dc7587b17..46bf274227c 100755
[os.path.join(samba3srcdir,
"script/tests/test_rpcclient_netsessenum.sh"),
--
-2.29.2
+2.31.1
From 824907ed2e28b77897fef5d50dbc15b5b344c114 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 15:19:27 +0200
-Subject: [PATCH 061/108] s3:client: Remove global smb_encrypt
+Subject: [PATCH 061/117] s3:client: Remove global smb_encrypt
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -6353,13 +6353,13 @@ index 56309efcea7..60d4fb3c5ee 100644
max_protocol = lp_client_max_protocol();
--
-2.29.2
+2.31.1
From 743cf3240680fd7b868dd789fd743ab9ecd66ace Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 15:24:27 +0200
-Subject: [PATCH 062/108] s3:libsmb: Remove force_encrypt from cli_cm_open()
+Subject: [PATCH 062/117] s3:libsmb: Remove force_encrypt from cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -6507,13 +6507,13 @@ index eeabcaa7463..bb3e9e6874e 100644
const struct sockaddr_storage *dest_ss,
int port,
--
-2.29.2
+2.31.1
From 5e0333d93ae6008c37b03deac682ca2d00030913 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 15:26:39 +0200
-Subject: [PATCH 063/108] s3:libsmb: Remove force_encrypt from cli_cm_connect()
+Subject: [PATCH 063/117] s3:libsmb: Remove force_encrypt from cli_cm_connect()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -6569,13 +6569,13 @@ index 4825b8f3fae..b0032005398 100644
NULL, /* dest_ss */
0, /* port */
--
-2.29.2
+2.31.1
From 7e74d7ac8b329aadb5c99a3852d19f4eadde533c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 15:28:28 +0200
-Subject: [PATCH 064/108] s3:libsmb: Remove force_encrypt from clidfs
+Subject: [PATCH 064/117] s3:libsmb: Remove force_encrypt from clidfs
do_connect()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6630,13 +6630,13 @@ index b0032005398..5503506de97 100644
if (!NT_STATUS_IS_OK(status)) {
--
-2.29.2
+2.31.1
From 487deacc65d64eff31211426be7865637bbff3cc Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 15:52:11 +0200
-Subject: [PATCH 065/108] s3:libsmb: Remove force_encrypt from
+Subject: [PATCH 065/117] s3:libsmb: Remove force_encrypt from
cli_check_msdfs_proxy()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6727,13 +6727,13 @@ index bb3e9e6874e..f2b0a8c5ff8 100644
/* The following definitions come from libsmb/clientgen.c */
--
-2.29.2
+2.31.1
From feac38a965b280a8b9b4374597f57ae60db5e6bb Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 18 Aug 2020 17:15:09 +0200
-Subject: [PATCH 066/108] s3:libsmb: Pass cli_credentials to clidfs
+Subject: [PATCH 066/117] s3:libsmb: Pass cli_credentials to clidfs
do_connect()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -6846,13 +6846,13 @@ index 736c565a7a8..d536e0597af 100644
dest_ss, port, name_type, &cli);
--
-2.29.2
+2.31.1
From 46278f0a81f35add7bdb3276c64c9465586c0adf Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 18 Aug 2020 17:18:16 +0200
-Subject: [PATCH 067/108] s3:libsmb: Pass cli_credentials to cli_cm_connect()
+Subject: [PATCH 067/117] s3:libsmb: Pass cli_credentials to cli_cm_connect()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -6917,13 +6917,13 @@ index d536e0597af..a2c6f5fe5ec 100644
NULL, /* dest_ss */
0, /* port */
--
-2.29.2
+2.31.1
From aa2e76ce788a224ea5b52550bf60103db7cf5d0d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 18 Aug 2020 17:26:54 +0200
-Subject: [PATCH 068/108] s3:libsmb: Pass cli_credentials to cli_cm_open()
+Subject: [PATCH 068/117] s3:libsmb: Pass cli_credentials to cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -7128,13 +7128,13 @@ index f2b0a8c5ff8..0b8cf2a6036 100644
struct client_dfs_referral;
NTSTATUS cli_dfs_get_referral_ex(TALLOC_CTX *ctx,
--
-2.29.2
+2.31.1
From c9a6141048f058168d2b1679c3a4bf087d367ee5 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 18 Aug 2020 17:42:25 +0200
-Subject: [PATCH 069/108] s3:libsmb: Pass cli_credentials to
+Subject: [PATCH 069/117] s3:libsmb: Pass cli_credentials to
cli_resolve_path(), using helper variables.
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -8015,13 +8015,13 @@ index 8fd9fcc5780..4989ec633c3 100644
filename,
&targetcli,
--
-2.29.2
+2.31.1
From 915516d0e2f817a6e0169b6c2578c17cd8d9d1fc Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 16:40:49 +0200
-Subject: [PATCH 070/108] s3:client: Remove global max_protocol
+Subject: [PATCH 070/117] s3:client: Remove global max_protocol
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -8097,13 +8097,13 @@ index 13e48f80a01..902cdec8b64 100644
if (cmdstr)
process_command_string(cmdstr);
--
-2.29.2
+2.31.1
From ac116f4a319a28453416fa30e66d8aa9a608ecc9 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 16:43:46 +0200
-Subject: [PATCH 071/108] s3:libsmb: Remove max_protocol from cli_cm_open()
+Subject: [PATCH 071/117] s3:libsmb: Remove max_protocol from cli_cm_open()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -8222,13 +8222,13 @@ index 517738dbcd7..8aaaff2cb1e 100644
int port,
int name_type,
--
-2.29.2
+2.31.1
From 70e2b7c9bd556f5d8762e86960864f71be357d60 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 16:45:12 +0200
-Subject: [PATCH 072/108] s3:libcmb: Remove max_protocol from cli_cm_connect()
+Subject: [PATCH 072/117] s3:libcmb: Remove max_protocol from cli_cm_connect()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -8275,13 +8275,13 @@ index fb1a0c72e6d..023dd4d2757 100644
0, /* port */
0x20,
--
-2.29.2
+2.31.1
From 68bb1153c9b2f3566f7558adb144f99d0dbbae64 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 27 Aug 2020 16:46:29 +0200
-Subject: [PATCH 073/108] s3:libsmb: Remove max_protocol from clidfs
+Subject: [PATCH 073/117] s3:libsmb: Remove max_protocol from clidfs
do_connect()
The if check for max_protocol == 0 is part of lp_client_max_protocol().
@@ -8338,13 +8338,13 @@ index 023dd4d2757..ee5becf76a6 100644
if (!NT_STATUS_IS_OK(status)) {
--
-2.29.2
+2.31.1
From e11dbff10f7e05de3e0886bb89f97d80f421a7cf Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 10 Aug 2020 15:47:35 +0200
-Subject: [PATCH 074/108] s3:include: Move loadparm prototypes to own header
+Subject: [PATCH 074/117] s3:include: Move loadparm prototypes to own header
file
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -8756,13 +8756,13 @@ index 00000000000..7686877ccf1
+
+#endif /* _S3_LOADPARM_H */
--
-2.29.2
+2.31.1
From aac95c28508e0afbd252579e8bdac8d24f3e5de0 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 11 Aug 2020 10:41:07 +0200
-Subject: [PATCH 075/108] s3:lib: Move interface prototypes to own header file
+Subject: [PATCH 075/117] s3:lib: Move interface prototypes to own header file
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
@@ -8862,13 +8862,13 @@ index 00000000000..f45435b4a81
+
+#endif /* _INTERFACE_H */
--
-2.29.2
+2.31.1
From 8b9b3b04734a2caaf45cf4a4106e20489937dd63 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 7 Feb 2020 16:48:16 +0100
-Subject: [PATCH 076/108] idl: Add SID_SAMBA_SMB3
+Subject: [PATCH 076/117] idl: Add SID_SAMBA_SMB3
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -8892,13 +8892,13 @@ index a92e8f1518e..06bf7449a70 100644
const string NAME_NT_SERVICE = "NT SERVICE";
--
-2.29.2
+2.31.1
From ea7d7d025cb198d787d219d169e0cf01f8ecb8be Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 7 Feb 2020 16:48:29 +0100
-Subject: [PATCH 077/108] s3:smbd: Add SMB3 connection information to session
+Subject: [PATCH 077/117] s3:smbd: Add SMB3 connection information to session
info
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -9049,13 +9049,13 @@ index cf9de185c1f..cd24b7d2ed5 100644
}
--
-2.29.2
+2.31.1
From fd5b1158697117be089d7feb199076a5413239c6 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 12 Mar 2020 14:11:56 +0100
-Subject: [PATCH 078/108] librpc: Add dcerpc helper
+Subject: [PATCH 078/117] librpc: Add dcerpc helper
dcerpc_is_transport_encrypted()
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -9265,13 +9265,13 @@ index 27b180fa63d..109a1834841 100644
source='gen_ndr/ndr_winbind.c',
public_deps='ndr NDR_LSA'
--
-2.29.2
+2.31.1
From 671201a82e2590951f9ac7ff92a17662971bf1c6 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 28 Aug 2020 16:31:17 +0200
-Subject: [PATCH 079/108] s3:smbd: Use defines to set 'srv_smb_encrypt'
+Subject: [PATCH 079/117] s3:smbd: Use defines to set 'srv_smb_encrypt'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -9302,13 +9302,13 @@ index d51a3de9497..785cbb23b5f 100644
char smb3_sid_str[SID_MAX_SIZE];
struct dom_sid smb3_dom_sid;
--
-2.29.2
+2.31.1
From 5d542e9aef4c97cf5747d6580971c64fc81d4853 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 12 Nov 2019 16:56:45 +0100
-Subject: [PATCH 080/108] s3:rpc_server: Allow to use RC4 for setting passwords
+Subject: [PATCH 080/117] s3:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -9539,13 +9539,13 @@ index 2af02ad6fa8..eb91ac09384 100644
bld.SAMBA3_SUBSYSTEM('RPC_SPOOLSS',
source='''spoolss/srv_spoolss_nt.c
--
-2.29.2
+2.31.1
From bd94d3d3a4919616b40cd7306374bee5f244bb71 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 15 Nov 2019 13:49:40 +0100
-Subject: [PATCH 081/108] s4:rpc_server: Allow to use RC4 for setting passwords
+Subject: [PATCH 081/117] s4:rpc_server: Allow to use RC4 for setting passwords
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -9670,13 +9670,13 @@ index de55ad6239a..c9c1978f223 100644
--
-2.29.2
+2.31.1
From d458644e8800fbb312749ac6e496c0b89429d229 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:45:49 +0200
-Subject: [PATCH 082/108] lib:crypto: Add py binding for set_relax/strict fips
+Subject: [PATCH 082/117] lib:crypto: Add py binding for set_relax/strict fips
mode
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
@@ -9728,13 +9728,13 @@ index 32b946eee8f..ad18d3ada0f 100644
};
--
-2.29.2
+2.31.1
From 5f742a16dc55bd76443e7b6f5a6910604102c41b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 28 Oct 2020 17:05:36 +0100
-Subject: [PATCH 083/108] s4:param: Add 'weak crypto' getter to pyparam
+Subject: [PATCH 083/117] s4:param: Add 'weak crypto' getter to pyparam
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -9784,13 +9784,13 @@ index 4023fac4dd6..e15592b5743 100644
};
--
-2.29.2
+2.31.1
From 0851add217d1c5f3c5038fa68b2704fc7f3a073f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 21 Oct 2020 10:09:22 +0200
-Subject: [PATCH 084/108] python:tests: Add SAMR password change tests for fips
+Subject: [PATCH 084/117] python:tests: Add SAMR password change tests for fips
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -10009,13 +10009,13 @@ index adcb5b53189..86cab3f8046 100644
def cmdline(script, *args):
--
-2.29.2
+2.31.1
From d9d570cd7dcd4d8a4fef6b098e7163d6dfe0a85b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 21 Oct 2020 10:09:22 +0200
-Subject: [PATCH 085/108] python:tests: Add SAMR password change tests for fips
+Subject: [PATCH 085/117] python:tests: Add SAMR password change tests for fips
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -10042,13 +10042,13 @@ index 649e923ff9a..1ebdf2a5484 100755
warn("Unable to add '$testallowed_account' user to 'Allowed RODC Password Replication Group': \n$samba_tool_cmd\n");
return undef;
--
-2.29.2
+2.31.1
From f23b2e38a9169b074ca12a24cc91a12bfc582ad9 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 20 Aug 2020 09:40:41 +0200
-Subject: [PATCH 086/108] auth:creds: Rename CRED_USE_KERBEROS values
+Subject: [PATCH 086/117] auth:creds: Rename CRED_USE_KERBEROS values
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -10784,13 +10784,13 @@ index 07c6faebb15..701dfc10a07 100644
torture_skip(tctx, "smb2.session.expire1 requires -k yes!");
}
--
-2.29.2
+2.31.1
From 7f21cee87046f219f0b3cc9874e816f8b7812278 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 1 Sep 2020 12:32:28 +0200
-Subject: [PATCH 087/108] auth:creds:tests: Migrate test to a cmocka unit test
+Subject: [PATCH 087/117] auth:creds:tests: Migrate test to a cmocka unit test
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -11081,13 +11081,13 @@ index 38b6c8f4b6e..f0ab0357986 100644
../../dsdb/schema/tests/schema_syntax.c
../../../lib/util/tests/anonymous_shared.c
--
-2.29.2
+2.31.1
From 286d1baff05b7c1a899ad9d73a41ed4d5b69e0d5 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:09:05 +0200
-Subject: [PATCH 088/108] Add smb2cli_session_get_encryption_cipher()
+Subject: [PATCH 088/117] Add smb2cli_session_get_encryption_cipher()
When 'session->smb2->should_encrypt' is true, the client MUST encrypt
all transport messages (see also MS-SMB2 3.2.4.1.8).
@@ -11138,13 +11138,13 @@ index 2afc7165cd9..db5f5d58799 100644
struct smbXcli_tcon *smbXcli_tcon_create(TALLOC_CTX *mem_ctx);
struct smbXcli_tcon *smbXcli_tcon_copy(TALLOC_CTX *mem_ctx,
--
-2.29.2
+2.31.1
From 34242b72abc65a100f6d19e98369b926ffdd17b9 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:18:21 +0200
-Subject: [PATCH 089/108] Add dcerpc_transport_encrypted()
+Subject: [PATCH 089/117] Add dcerpc_transport_encrypted()
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -11230,13 +11230,13 @@ index bd79a072bc8..6ea27a8d9a3 100644
create a secondary context from a primary connection
--
-2.29.2
+2.31.1
From 3aea4bbd34849aedca16a4a6baf0bdf914ddde81 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:35:01 +0200
-Subject: [PATCH 090/108] Add py binding for dcerpc_transport_encrypted
+Subject: [PATCH 090/117] Add py binding for dcerpc_transport_encrypted
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -11277,13 +11277,13 @@ index be914ed5f14..309a6d72e26 100644
};
--
-2.29.2
+2.31.1
From 0f6af3877dd1f84f2813e491fa3508f5378400cd Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:44:08 +0200
-Subject: [PATCH 091/108] selftest: add a test for py dce transport_encrypted
+Subject: [PATCH 091/117] selftest: add a test for py dce transport_encrypted
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -11342,13 +11342,13 @@ index 8e0d6a5ef0a..24e4ac77d89 100644
objectAttr = lsa.ObjectAttribute()
objectAttr.sec_qos = lsa.QosInfo()
--
-2.29.2
+2.31.1
From 204dbcb972e85497960fffa68b8309f7d28b1c00 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:47:12 +0200
-Subject: [PATCH 092/108] Add CreateTrustedDomainRelax wrapper for fips mode
+Subject: [PATCH 092/117] Add CreateTrustedDomainRelax wrapper for fips mode
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -11428,13 +11428,13 @@ index 00000000000..b4df0fa5bb8
+
+ return lsaconn.CreateTrustedDomainEx2(policy, trust_info, auth_info, mask)
--
-2.29.2
+2.31.1
From 7240d19414330b3cebc0b9633b60b3e07a41110a Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 20 Aug 2020 12:49:17 +0200
-Subject: [PATCH 093/108] Use the new CreateTrustedDomainRelax()
+Subject: [PATCH 093/117] Use the new CreateTrustedDomainRelax()
Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
@@ -11535,13 +11535,13 @@ index 1d12c362911..93a3258d28d 100644
if enc_types:
self.outf.write("Setting supported encryption types on local TDO.\n")
--
-2.29.2
+2.31.1
From 6d8e8f07766fd6b43baff3b9495b927b28c142e6 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Tue, 1 Sep 2020 20:14:29 +0300
-Subject: [PATCH 094/108] selftest: add a test for the CreateTrustedDomainRelax
+Subject: [PATCH 094/117] selftest: add a test for the CreateTrustedDomainRelax
wrapper
Originally copied from 'source4/scripting/devel/createtrust'
@@ -11720,13 +11720,13 @@ index 3a903a7eee0..96f51b68cfc 100755
# Right now ad_dc has mdb and ad_dc_ntvfs has tdb
mdb_testenv = "ad_dc"
--
-2.29.2
+2.31.1
From e4290d0a47d020a726051e67d18f6a5378001bb3 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Thu, 5 Nov 2020 15:38:19 +0200
-Subject: [PATCH 095/108] Remove source4/scripting/devel/createtrust script
+Subject: [PATCH 095/117] Remove source4/scripting/devel/createtrust script
We now have the 'samba-tool domain trust' command.
@@ -11875,13 +11875,13 @@ index 26b0d0dcb68..00000000000
- auth_info,
- security.SEC_STD_DELETE)
--
-2.29.2
+2.31.1
From 840be1b927ac2600f548d9c1e504f77de6c84f96 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 6 Nov 2020 14:30:26 +0100
-Subject: [PATCH 096/108] s3:rpc_server: Use gnutls_cipher_decrypt() in
+Subject: [PATCH 096/117] s3:rpc_server: Use gnutls_cipher_decrypt() in
get_trustdom_auth_blob()
It doesn't matter for RC4, but just to be correct.
@@ -11907,13 +11907,13 @@ index 198387424e6..e749caf2551 100644
auth_blob->length);
gnutls_cipher_deinit(cipher_hnd);
--
-2.29.2
+2.31.1
From e7b7b3f4aec8fb6d37375934f0f193fea6649f18 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 6 Nov 2020 14:33:38 +0100
-Subject: [PATCH 097/108] s4:rpc_server: Use gnutls_cipher_decrypt() in
+Subject: [PATCH 097/117] s4:rpc_server: Use gnutls_cipher_decrypt() in
get_trustdom_auth_blob()
It doesn't matter for RC4, but just to be correct.
@@ -11939,13 +11939,13 @@ index 8333cb149b6..4bb8aaa9592 100644
auth_blob->length);
gnutls_cipher_deinit(cipher_hnd);
--
-2.29.2
+2.31.1
From 3c57cdaa7013bc01ac6b3d65dade151526cacc5b Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 20 Aug 2020 13:40:21 +0200
-Subject: [PATCH 098/108] s3:rpc_server: Allow to use RC4 for creating trusts
+Subject: [PATCH 098/117] s3:rpc_server: Allow to use RC4 for creating trusts
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -12006,13 +12006,13 @@ index e749caf2551..d6d606ddeca 100644
status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
goto out;
--
-2.29.2
+2.31.1
From 2f22b25cb718c70383ed3ba8ebd91d9f317c455e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 20 Aug 2020 13:51:39 +0200
-Subject: [PATCH 099/108] s4:rpc_server: Allow to use RC4 for creating trusts
+Subject: [PATCH 099/117] s4:rpc_server: Allow to use RC4 for creating trusts
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
@@ -12078,13 +12078,13 @@ index 4bb8aaa9592..5b3ef71d458 100644
nt_status = gnutls_error_to_ntstatus(rc, NT_STATUS_CRYPTO_SYSTEM_INVALID);
goto out;
--
-2.29.2
+2.31.1
From 32a6dbc4bca9f104d7d88eaea2afce20416256d1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 6 Nov 2020 10:13:48 +0100
-Subject: [PATCH 100/108] sefltest: Enable the dcerpc.createtrustrelax test
+Subject: [PATCH 100/117] sefltest: Enable the dcerpc.createtrustrelax test
against ad_dc_fips
Signed-off-by: Andreas Schneider <asn@samba.org>
@@ -12108,13 +12108,13 @@ index 80effda8343..00000000000
@@ -1 +0,0 @@
-^samba.tests.dcerpc.createtrustrelax.samba.tests.dcerpc.createtrustrelax.CreateTrustedDomainRelaxTest.test_create_trust_relax_encrypt\(ad_dc_fips\)
--
-2.29.2
+2.31.1
From ce72237a2ac40da4b78afbcceab13d5e58e4fe5e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 11 Nov 2020 13:42:06 +0100
-Subject: [PATCH 101/108] s3:smbd: Fix possible null pointer dereference in
+Subject: [PATCH 101/117] s3:smbd: Fix possible null pointer dereference in
token_contains_name()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14572
@@ -12144,13 +12144,13 @@ index 57754a0f766..694c0c290e8 100644
/* Check if username starts with domain name */
if (domain_len > 0) {
--
-2.29.2
+2.31.1
From 08cd57786058ba735931a166c13375ce8a02e0e9 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <ab@samba.org>
Date: Tue, 10 Nov 2020 17:35:24 +0200
-Subject: [PATCH 102/108] lookup_name: allow lookup names prefixed with DNS
+Subject: [PATCH 102/117] lookup_name: allow lookup names prefixed with DNS
forest root for FreeIPA DC
In FreeIPA deployment with active Global Catalog service, when a two-way
@@ -12254,13 +12254,13 @@ index 82c47b3145b..864246da56e 100644
if ((flags & LOOKUP_NAME_BUILTIN) &&
--
-2.29.2
+2.31.1
From 0f694e82b7504bc902b08cfa1575099963cccd51 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <ab@samba.org>
Date: Wed, 11 Nov 2020 14:42:55 +0200
-Subject: [PATCH 103/108] auth_sam: use pdb_get_domain_info to look up DNS
+Subject: [PATCH 103/117] auth_sam: use pdb_get_domain_info to look up DNS
forest information
When Samba is used as a part of FreeIPA domain controller, Windows
@@ -12477,13 +12477,13 @@ index 3c12f959faf..e8e0d543f8c 100644
DBG_INFO("%s is not our domain name (DC for %s)\n",
effective_domain, lp_workgroup());
--
-2.29.2
+2.31.1
From d1de17ecd572d827f38042d7a17536900b55b889 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Fri, 27 Nov 2020 11:22:15 +0100
-Subject: [PATCH 104/108] docs-xml: Add a section about weak crypto in testparm
+Subject: [PATCH 104/117] docs-xml: Add a section about weak crypto in testparm
manpage
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14583
@@ -12520,13 +12520,13 @@ index 9099cda010f..7c7abf50e8b 100644
--
-2.29.2
+2.31.1
From 87bdffab6eae644d468f0fdc4489667fc21ac3a6 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Tue, 15 Dec 2020 15:17:04 +0100
-Subject: [PATCH 105/108] HACK:s3:winbind: Rely on the domain child for online
+Subject: [PATCH 105/117] HACK:s3:winbind: Rely on the domain child for online
check
---
@@ -12583,13 +12583,13 @@ index 47efe988d65..d2006c95f54 100644
/* Handle online/offline messages. */
--
-2.29.2
+2.31.1
From 6e724a5e7055e1b18e0c7e1a2ceb81729941dc2c Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Feb 2021 10:30:08 +0100
-Subject: [PATCH 106/108] lib:util: Add basic memcache unit test
+Subject: [PATCH 106/117] lib:util: Add basic memcache unit test
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14625
@@ -12761,13 +12761,13 @@ index 4a968cdbe8a..003698a5eb3 100644
[os.path.join(bindir(), "default/libcli/auth/test_ntlm_check")])
plantestsuite("samba.unittests.gnutls", "none",
--
-2.29.2
+2.31.1
From 0f568ce9a376a7743372c502d0afd224e9b2649d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 3 Feb 2021 10:37:12 +0100
-Subject: [PATCH 107/108] lib:util: Add cache oversize test for memcache
+Subject: [PATCH 107/117] lib:util: Add cache oversize test for memcache
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14625
@@ -12845,13 +12845,13 @@ index 00000000000..0a74ace3003
@@ -0,0 +1 @@
+^samba.unittests.memcache.torture_memcache_add_oversize
--
-2.29.2
+2.31.1
From e8698352f3033ca1ce0dcdfe2049bae0bafe0dab Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 2 Feb 2021 18:10:38 +0100
-Subject: [PATCH 108/108] lib:util: Avoid free'ing our own pointer
+Subject: [PATCH 108/117] lib:util: Avoid free'ing our own pointer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14625
@@ -12914,5 +12914,556 @@ index 0a74ace3003..00000000000
@@ -1 +0,0 @@
-^samba.unittests.memcache.torture_memcache_add_oversize
--
-2.29.2
+2.31.1
+
+
+From 612d5086dac1987037aaf9d95936665c165e391c Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@samba.org>
+Date: Thu, 10 Jun 2021 09:45:23 +0200
+Subject: [PATCH 109/117] s3:waf: Fix smbldap so version number
+
+Signed-off-by: Andreas Schneider <asn@samba.org>
+---
+ source3/wscript_build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source3/wscript_build b/source3/wscript_build
+index 6a08afe4a25..de48dffa5b6 100644
+--- a/source3/wscript_build
++++ b/source3/wscript_build
+@@ -501,7 +501,7 @@ bld.SAMBA3_LIBRARY('smbldap',
+ abi_directory='lib/ABI',
+ abi_match='smbldap_*',
+ pc_files=[],
+- vnum='2',
++ vnum='2.0.0',
+ public_headers='include/smbldap.h include/smb_ldap.h')
+
+ bld.SAMBA3_LIBRARY('ads',
+--
+2.31.1
+
+
+From d7e9fb8ddd6f204f46dfbc7e4afa11933fad154c Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Mon, 25 Jan 2021 11:46:30 +0100
+Subject: [PATCH 110/117] vfs_error_inject: add unlinkat hook
+
+Note that a failure is only injected if the owner of the parent directory is not
+the same as the current user.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14617
+
+Back-ported from commit c44dad3ac2eb36fc5eb5a9f80a9ef97183be26ef.
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+---
+ source3/modules/vfs_error_inject.c | 37 ++++++++++++++++++++++++++++++
+ 1 file changed, 37 insertions(+)
+
+diff --git a/source3/modules/vfs_error_inject.c b/source3/modules/vfs_error_inject.c
+index 04880ffd5ab..d8731c29610 100644
+--- a/source3/modules/vfs_error_inject.c
++++ b/source3/modules/vfs_error_inject.c
+@@ -30,6 +30,7 @@ struct unix_error_map {
+ { "ESTALE", ESTALE },
+ { "EBADF", EBADF },
+ { "EINTR", EINTR },
++ { "EACCES", EACCES },
+ };
+
+ static int find_unix_error_from_string(const char *err_str)
+@@ -122,10 +123,46 @@ static int vfs_error_inject_openat(struct vfs_handle_struct *handle,
+ return SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, flags, mode);
+ }
+
++static int vfs_error_inject_unlinkat(struct vfs_handle_struct *handle,
++ struct files_struct *dirfsp,
++ const struct smb_filename *smb_fname,
++ int flags)
++{
++ struct smb_filename *parent_fname = NULL;
++ int error = inject_unix_error("unlinkat", handle);
++ int ret;
++ bool ok;
++
++ if (error == 0) {
++ return SMB_VFS_NEXT_UNLINKAT(handle, dirfsp, smb_fname, flags);
++ }
++
++ ok = parent_smb_fname(talloc_tos(), smb_fname, &parent_fname, NULL);
++ if (!ok) {
++ return -1;
++ }
++
++ ret = SMB_VFS_STAT(handle->conn, parent_fname);
++ if (ret != 0) {
++ TALLOC_FREE(parent_fname);
++ return -1;
++ }
++
++ if (parent_fname->st.st_ex_uid == get_current_uid(dirfsp->conn)) {
++ TALLOC_FREE(parent_fname);
++ return SMB_VFS_NEXT_UNLINKAT(handle, dirfsp, smb_fname, flags);
++ }
++
++ TALLOC_FREE(parent_fname);
++ errno = error;
++ return -1;
++}
++
+ static struct vfs_fn_pointers vfs_error_inject_fns = {
+ .chdir_fn = vfs_error_inject_chdir,
+ .pwrite_fn = vfs_error_inject_pwrite,
+ .openat_fn = vfs_error_inject_openat,
++ .unlinkat_fn = vfs_error_inject_unlinkat,
+ };
+
+ static_decl_vfs;
+--
+2.31.1
+
+
+From 07df52688031c7ce569663a0bae443dd6ac989a5 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Mon, 25 Jan 2021 11:47:45 +0100
+Subject: [PATCH 111/117] selftest: add force_user_error_inject share in
+ maptoguest env
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14617
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+(cherry picked from commit f3f8fdfbf10f690bc8d972a13d6f74f1fb0fb375)
+---
+ selftest/target/Samba3.pm | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
+index ffc19c7d5a2..e5fcefad6e5 100755
+--- a/selftest/target/Samba3.pm
++++ b/selftest/target/Samba3.pm
+@@ -1722,12 +1722,22 @@ $ret->{USERNAME} = KTEST\\Administrator
+ sub setup_maptoguest
+ {
+ my ($self, $path) = @_;
++ my $prefix_abs = abs_path($path);
++ my $libdir="$prefix_abs/lib";
++ my $share_dir="$prefix_abs/share";
++ my $errorinjectconf="$libdir/error_inject.conf";
+
+ print "PROVISIONING maptoguest...";
+
+ my $options = "
+ map to guest = bad user
+ ntlm auth = yes
++
++[force_user_error_inject]
++ path = $share_dir
++ vfs objects = acl_xattr fake_acls xattr_tdb error_inject
++ force user = user1
++ include = $errorinjectconf
+ ";
+
+ my $vars = $self->provision(
+--
+2.31.1
+
+
+From 54e7e7b05e7444d439ab7e9e14b9fb7c49ffae74 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Mon, 25 Jan 2021 11:48:32 +0100
+Subject: [PATCH 112/117] selftest: add a test that verifies unlink works when
+ "force user" is set
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14617
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+(cherry picked from commit aa1f09cda0a097617e34dd0a8b1b0acc7a37bca8)
+---
+ .../samba3.blackbox.force-user-unlink | 1 +
+ .../script/tests/test_force_user_unlink.sh | 40 +++++++++++++++++++
+ source3/selftest/tests.py | 5 +++
+ 3 files changed, 46 insertions(+)
+ create mode 100644 selftest/knownfail.d/samba3.blackbox.force-user-unlink
+ create mode 100755 source3/script/tests/test_force_user_unlink.sh
+
+diff --git a/selftest/knownfail.d/samba3.blackbox.force-user-unlink b/selftest/knownfail.d/samba3.blackbox.force-user-unlink
+new file mode 100644
+index 00000000000..6761bd8cb61
+--- /dev/null
++++ b/selftest/knownfail.d/samba3.blackbox.force-user-unlink
+@@ -0,0 +1 @@
++^samba3.blackbox.force-user-unlink.test_forced_user_can_delete\(maptoguest:local\)
+diff --git a/source3/script/tests/test_force_user_unlink.sh b/source3/script/tests/test_force_user_unlink.sh
+new file mode 100755
+index 00000000000..86076535497
+--- /dev/null
++++ b/source3/script/tests/test_force_user_unlink.sh
+@@ -0,0 +1,40 @@
++#!/bin/sh
++#
++# Test unlink on share with "force user"
++#
++# Copyright (C) 2021 Ralph Boehme
++
++incdir=$(dirname $0)/../../../testprogs/blackbox
++. $incdir/subunit.sh
++. $incdir/common_test_fns.inc
++
++smbclient="$BINDIR/smbclient"
++error_inject_conf=$(dirname ${SMB_CONF_PATH})/error_inject.conf
++failed=0
++
++test_forced_user_can_delete() {
++ out=$($smbclient -U $DOMAIN/$USERNAME%$PASSWORD //$SERVER_IP/force_user_error_inject -c "rm dir/file")
++ if [ $? -ne 0 ] ; then
++ echo $out
++ return 1
++ fi
++ tmp=$(echo $out | grep NT_STATUS_ )
++ if [ $? -eq 0 ] ; then
++ return 1
++ fi
++ return 0
++}
++
++echo "error_inject:unlinkat = EACCES" > ${error_inject_conf}
++
++$smbclient -U $DOMAIN/$USERNAME%$PASSWORD //$SERVER_IP/force_user_error_inject -c "mkdir dir" || failed=`expr $failed + 1`
++$smbclient -U $DOMAIN/$USERNAME%$PASSWORD //$SERVER_IP/force_user_error_inject -c "put WHATSNEW.txt dir/file" || failed=`expr $failed + 1`
++
++testit "test_forced_user_can_delete" test_forced_user_can_delete || failed=`expr $failed + 1`
++
++rm ${error_inject_conf}
++
++# Clean up after ourselves.
++$smbclient -U $DOMAIN/$USERNAME%$PASSWORD //$SERVER_IP/force_user_error_inject -c "del dir/file; rmdir dir"
++
++testok $0 $failed
+diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
+index 46bf274227c..1d02ea73cdb 100755
+--- a/source3/selftest/tests.py
++++ b/source3/selftest/tests.py
+@@ -1128,6 +1128,11 @@ plantestsuite(
+ "",
+ "-b $PREFIX/clusteredmember_smb1/unclists/tmp.txt -N 5 -o 10"])
+
++plantestsuite("samba3.blackbox.force-user-unlink",
++ "maptoguest:local",
++ [os.path.join(samba3srcdir,
++ "script/tests/test_force_user_unlink.sh")])
++
+ def planclusteredmembertestsuite(tname, prefix):
+ '''Define a clustered test for the clusteredmember environment'''
+
+--
+2.31.1
+
+
+From b1386ee42d509963bafec69937abd650dddd50e6 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Sat, 23 Jan 2021 18:36:23 +0100
+Subject: [PATCH 113/117] smbd: use fsp->conn->session_info for the initial
+ delete-on-close token
+
+There's a correctly set up session_info at fsp->conn->session_info, we can just
+use that.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14617
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Jeremy Allison <jra@samba.org>
+
+Autobuild-User(master): Jeremy Allison <jra@samba.org>
+Autobuild-Date(master): Tue Jan 26 04:04:14 UTC 2021 on sn-devel-184
+
+(cherry picked from commit e06f86bbd93d024c70016e1adcf833db85742aca)
+
+Autobuild-User(v4-13-test): Karolin Seeger <kseeger@samba.org>
+Autobuild-Date(v4-13-test): Mon Feb 1 08:47:05 UTC 2021 on sn-devel-184
+---
+ .../samba3.blackbox.force-user-unlink | 1 -
+ source3/smbd/close.c | 25 +++----------------
+ 2 files changed, 4 insertions(+), 22 deletions(-)
+ delete mode 100644 selftest/knownfail.d/samba3.blackbox.force-user-unlink
+
+diff --git a/selftest/knownfail.d/samba3.blackbox.force-user-unlink b/selftest/knownfail.d/samba3.blackbox.force-user-unlink
+deleted file mode 100644
+index 6761bd8cb61..00000000000
+--- a/selftest/knownfail.d/samba3.blackbox.force-user-unlink
++++ /dev/null
+@@ -1 +0,0 @@
+-^samba3.blackbox.force-user-unlink.test_forced_user_can_delete\(maptoguest:local\)
+diff --git a/source3/smbd/close.c b/source3/smbd/close.c
+index 9974877edc2..43762555b35 100644
+--- a/source3/smbd/close.c
++++ b/source3/smbd/close.c
+@@ -341,21 +341,13 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
+
+ if (fsp->fsp_flags.initial_delete_on_close &&
+ !is_delete_on_close_set(lck, fsp->name_hash)) {
+- struct auth_session_info *session_info = NULL;
+-
+ /* Initial delete on close was set and no one else
+ * wrote a real delete on close. */
+
+- status = smbXsrv_session_info_lookup(conn->sconn->client,
+- fsp->vuid,
+- &session_info);
+- if (!NT_STATUS_IS_OK(status)) {
+- return NT_STATUS_INTERNAL_ERROR;
+- }
+ fsp->fsp_flags.delete_on_close = true;
+ set_delete_on_close_lck(fsp, lck,
+- session_info->security_token,
+- session_info->unix_token);
++ fsp->conn->session_info->security_token,
++ fsp->conn->session_info->unix_token);
+ }
+
+ delete_file = is_delete_on_close_set(lck, fsp->name_hash) &&
+@@ -1176,24 +1168,15 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
+ }
+
+ if (fsp->fsp_flags.initial_delete_on_close) {
+- struct auth_session_info *session_info = NULL;
+-
+ /* Initial delete on close was set - for
+ * directories we don't care if anyone else
+ * wrote a real delete on close. */
+
+- status = smbXsrv_session_info_lookup(fsp->conn->sconn->client,
+- fsp->vuid,
+- &session_info);
+- if (!NT_STATUS_IS_OK(status)) {
+- return NT_STATUS_INTERNAL_ERROR;
+- }
+-
+ send_stat_cache_delete_message(fsp->conn->sconn->msg_ctx,
+ fsp->fsp_name->base_name);
+ set_delete_on_close_lck(fsp, lck,
+- session_info->security_token,
+- session_info->unix_token);
++ fsp->conn->session_info->security_token,
++ fsp->conn->session_info->unix_token);
+ fsp->fsp_flags.delete_on_close = true;
+ }
+
+--
+2.31.1
+
+
+From 9b733424f77ba3195066506ce9e96b56c0b47790 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Tue, 23 Mar 2021 11:40:21 +0100
+Subject: [PATCH 114/117] pidl: set the per-request memory context in the pidl
+ generator
+
+The talloc memory context referenced by the pipe_struct mem_ctx member is used
+as talloc parent for RPC response data by the RPC service implementations.
+
+In Samba versions up to 4.10 all talloc children of p->mem_ctx were freed after
+a RPC response was delivered by calling talloc_free_children(p->mem_ctx). Commit
+60fa8e255254d38e9443bf96f2c0f31430be6ab8 removed this call which resulted in all
+memory allocations on this context not getting released, which can consume
+significant memory in long running RPC connections.
+
+Instead of putting the talloc_free_children(p->mem_ctx) back, just use the
+mem_ctx argument of the ${pipename}_op_dispatch_internal() function which is a
+dcesrv_call_state object created by dcesrv_process_ncacn_packet() and released
+by the RPC server when the RPC request processing is finished.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
+CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+(cherry picked from commit 4c3fb2a5912966a61e7ebdb05eb3231a0e1d6033)
+---
+ pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm | 2 ++
+ source3/rpc_server/rpc_handles.c | 6 ------
+ 2 files changed, 2 insertions(+), 6 deletions(-)
+
+diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm
+index 54feea0a9ef..d1368c3dbca 100644
+--- a/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm
++++ b/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm
+@@ -299,6 +299,7 @@ sub boilerplate_iface($)
+ $self->pidl("/* Update pipes struct opnum */");
+ $self->pidl("p->opnum = opnum;");
+ $self->pidl("p->dce_call = dce_call;");
++ $self->pidl("p->mem_ctx = mem_ctx;");
+ $self->pidl("/* Update pipes struct session info */");
+ $self->pidl("pipe_session_info = p->session_info;");
+ $self->pidl("p->session_info = dce_call->auth_state->session_info;");
+@@ -344,6 +345,7 @@ sub boilerplate_iface($)
+ $self->pidl("");
+
+ $self->pidl("p->dce_call = NULL;");
++ $self->pidl("p->mem_ctx = NULL;");
+ $self->pidl("/* Restore session info */");
+ $self->pidl("p->session_info = pipe_session_info;");
+ $self->pidl("p->auth.auth_type = 0;");
+diff --git a/source3/rpc_server/rpc_handles.c b/source3/rpc_server/rpc_handles.c
+index d897e0caabe..bcf8f240f63 100644
+--- a/source3/rpc_server/rpc_handles.c
++++ b/source3/rpc_server/rpc_handles.c
+@@ -60,12 +60,6 @@ int make_base_pipes_struct(TALLOC_CTX *mem_ctx,
+ return ENOMEM;
+ }
+
+- p->mem_ctx = talloc_named(p, 0, "pipe %s %p", pipe_name, p);
+- if (!p->mem_ctx) {
+- talloc_free(p);
+- return ENOMEM;
+- }
+-
+ p->msg_ctx = msg_ctx;
+ p->transport = transport;
+
+--
+2.31.1
+
+
+From 08f45683f6a4f38d5f3763010ec11cb1dfb30197 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow@samba.org>
+Date: Mon, 22 Mar 2021 12:06:39 +0100
+Subject: [PATCH 115/117] spools: avoid leaking memory into the callers mem_ctx
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
+CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
+
+Signed-off-by: Ralph Boehme <slow@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+(cherry picked from commit 481176ec745c14b78fca68e01a61c83405a4b97b)
+---
+ source3/rpc_server/spoolss/srv_spoolss_nt.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
+index 906fab2adb5..adbc0c9db10 100644
+--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
++++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
+@@ -5739,7 +5739,8 @@ static WERROR construct_printer_driver_info_level(TALLOC_CTX *mem_ctx,
+ }
+
+ if (pinfo2->drivername == NULL || pinfo2->drivername[0] == '\0') {
+- return WERR_UNKNOWN_PRINTER_DRIVER;
++ result = WERR_UNKNOWN_PRINTER_DRIVER;
++ goto done;
+ }
+
+ DBG_INFO("Construct printer driver [%s] for [%s]\n",
+@@ -7031,7 +7032,8 @@ static WERROR update_printer(struct pipes_struct *p,
+ raddr = tsocket_address_inet_addr_string(p->remote_address,
+ p->mem_ctx);
+ if (raddr == NULL) {
+- return WERR_NOT_ENOUGH_MEMORY;
++ result = WERR_NOT_ENOUGH_MEMORY;
++ goto done;
+ }
+
+ /* add_printer_hook() will call reload_services() */
+--
+2.31.1
+
+
+From 88ce65362a980ed9ae4e41b5a387cc51a8ff5179 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke <vl@samba.org>
+Date: Tue, 23 Mar 2021 17:06:15 +0100
+Subject: [PATCH 116/117] rpc_server3: Fix a memleak for internal pipes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+state->call should not be talloc'ed off a long-lived context
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
+CI: https://gitlab.com/samba-team/samba/-/merge_requests/1861
+RN: Memory leak in the RPC server
+
+Signed-off-by: Volker Lendecke <vl@samba.org>
+Reviewed-by: Samuel Cabrero <scabrero@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+
+Autobuild-User(master): Ralph Böhme <slow@samba.org>
+Autobuild-Date(master): Wed Mar 31 12:14:01 UTC 2021 on sn-devel-184
+
+(cherry picked from commit 12f516e4680753460e7fe8811e6c6ff70057580c)
+---
+ source3/rpc_server/rpc_ncacn_np.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c
+index 625b28c9209..11f8a9b0602 100644
+--- a/source3/rpc_server/rpc_ncacn_np.c
++++ b/source3/rpc_server/rpc_ncacn_np.c
+@@ -541,7 +541,7 @@ static struct tevent_req *rpcint_bh_raw_call_send(TALLOC_CTX *mem_ctx,
+ return tevent_req_post(req, ev);
+ }
+
+- state->call = talloc_zero(hs->conn, struct dcesrv_call_state);
++ state->call = talloc_zero(state, struct dcesrv_call_state);
+ if (tevent_req_nomem(state->call, req)) {
+ return tevent_req_post(req, ev);
+ }
+--
+2.31.1
+
+
+From 2db937ad7bba885910faef2dac5069acf044d79f Mon Sep 17 00:00:00 2001
+From: Samuel Cabrero <scabrero@samba.org>
+Date: Thu, 8 Apr 2021 18:45:38 +0200
+Subject: [PATCH 117/117] s3-iremotewinspool: set the per-request memory
+ context
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The iremotewinspool service is not using the pidl autogenerated code.
+Set the per-request memory context following the changes made is commit
+5a7e9ade9a4cdfa68900c6a64b639f53c0da47ad.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=14675
+CI: https://gitlab.com/samba-team/samba/-/merge_requests/1890
+
+Signed-off-by: Samuel Cabrero <scabrero@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+
+Autobuild-User(master): Ralph Böhme <slow@samba.org>
+Autobuild-Date(master): Fri Apr 9 15:20:02 UTC 2021 on sn-devel-184
+
+(cherry picked from commit 1efa9ffd7ae77ebf22b28c12dd642a89991b75d2)
+
+Autobuild-User(v4-13-test): Karolin Seeger <kseeger@samba.org>
+Autobuild-Date(v4-13-test): Mon Apr 19 07:53:48 UTC 2021 on sn-devel-184
+---
+ source3/rpc_server/spoolss/srv_iremotewinspool.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/source3/rpc_server/spoolss/srv_iremotewinspool.c b/source3/rpc_server/spoolss/srv_iremotewinspool.c
+index 26b225818f8..d6a983c722a 100644
+--- a/source3/rpc_server/spoolss/srv_iremotewinspool.c
++++ b/source3/rpc_server/spoolss/srv_iremotewinspool.c
+@@ -100,6 +100,7 @@ static NTSTATUS iremotewinspool__op_dispatch_internal(struct dcesrv_call_state *
+ /* Update pipes struct opnum */
+ p->opnum = opnum;
+ p->dce_call = dce_call;
++ p->mem_ctx = mem_ctx;
+ /* Update pipes struct session info */
+ pipe_session_info = p->session_info;
+ p->session_info = dce_call->auth_state->session_info;
+@@ -1238,6 +1239,7 @@ fail:
+ }
+
+ p->dce_call = NULL;
++ p->mem_ctx = NULL;
+ /* Restore session info */
+ p->session_info = pipe_session_info;
+ p->auth.auth_type = 0;
+--
+2.31.1
diff --git a/SPECS/samba.spec b/SPECS/samba.spec
index 668fd21..571d155 100644
--- a/SPECS/samba.spec
+++ b/SPECS/samba.spec
@@ -96,7 +96,7 @@
%define samba_requires_eq() %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
-%global main_release 3
+%global main_release 4
%global samba_version 4.13.3
%global talloc_version 2.3.1
@@ -3784,6 +3784,11 @@ fi
%endif
%changelog
+* Thu Jun 10 2021 Andreas Schneider <asn@redhat.com> - 4.13.3-4
+- resolves: #1964314 - Fix ldconfig warning about libsmbldap.so.2
+- resolves: #1964398 - Fix smbd trying to delete files with wrong permissions
+- resolves: #1969831 - Fix memory leak in RPC server
+
* Thu Feb 04 2021 Andreas Schneider <asn@redhat.com> - 4.13.3-3
- resolves: #1924615 - Fix a memcache bug when cache is full
- resolves: #1924571 - Ensure that libwbclient has been updated before