1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

512 Commits

Author SHA1 Message Date
Volker Lendecke
b3cae8dcf1 conf: Remove "smb3 unix extensions" parameter
Always offer it, it's a client thing to ask for it or not.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Sep 21 17:43:23 UTC 2023 on atb-devel-224
2023-09-21 17:43:23 +00:00
Andrew Bartlett
b896da351c krb5: Increase the minimum MIT Krb5 version to 1.21
This is the version we test with in CI after the image update
in the next commit.  This addresses the issues that were
fixed in CVE-2022-37967 (KrbtgtFullPacSignature) and ensures
that Samba builds against the MIT version that allows us to
avoid that attack.

The hooks to allow these expectations to be disabled in the tests
are kept for now, to allow this to be reverted or to test
older servers.

With MIT 1.21 as the new test standard for the MIT KDC build
we update the knownfail_mit_kdc - this was required regadless
after the CI image update.

Any update to the CI image, even an unrelated one, brings in
a new MIT Krb5, version 1.21-3 in this case.  This has new
behaviour that needs to be noted in the knownfail files or
else the tests, which haven't changed, will fail and
pipelines won't pass.

(The image generated by the earlier bootstrap commit brought
in krb5-1.21-2 which was buggy with CVE-2023-39975)

Further tweaks to tests or the server should reduce the number
of knownfail entries, but this keeps the pipelines passing for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15231

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-14 03:46:35 +00:00
Andrew Bartlett
8744e5df77 bootstrap: Heimdal no longer requires perl-JSON
Heimdal after lorikeet-heimdal-202307040259
(commit 33d117b8a9c11714ef709e63a005d87e34b9bfde)
includes Heimdal master commit f62e2f278437ff6c03d2d09bd628381c795bba78.

This has PR https://github.com/heimdal/heimdal/pull/1176 and no
longer requires the external JSON module, as JSON::PP is builtin.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15394

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-14 03:46:35 +00:00
Andrew Bartlett
26329a69cd WHATSNEW: Remove unusual box around 'REMOVED FEATURES'
We do not normally put the ==== above the titles, per recent practice.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2023-08-14 03:46:35 +00:00
Stefan Metzmacher
1771ee694f WHATSNEW: Start release notes for Samba 4.20.0pre1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-07-28 10:48:33 +00:00
Jule Anger
6943c1e3cd WHATSNEW: Up to Samba 4.19.0rc1.
Signed-off-by: Jule Anger <janger@samba.org>
2023-07-28 10:48:33 +00:00
Andrew Bartlett
e86e0da9de WHATSNEW: Add TLS cert reload feature
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul 25 21:02:35 UTC 2023 on atb-devel-224
2023-07-25 21:02:35 +00:00
Andrew Bartlett
5e473cba0d WHATSNEW: Mention new unicodePwd only over encrypted LDAP restriction
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:37 +00:00
Andrew Bartlett
3f25300228 WHATSNEW: mention KDC auditing
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:37 +00:00
Andrew Bartlett
b9667bc29a WHATSNEW: FAST support, Claims compression, SID compression
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:37 +00:00
Andrew Bartlett
6844def667 WHATSNEW: Mention Heimdal updates
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:37 +00:00
Andrew Bartlett
fbed6d80b1 WHATSNEW: Expand detail on what of 2012, 2012R2 and 2016 support is implemented
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:37 +00:00
Andrew Bartlett
29310f27d4 WHATSNEW: PKINIT testing
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:36 +00:00
Andrew Bartlett
fb27e01b36 WHATSNEW: Include info on new samba-tool features
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:36 +00:00
Andrew Bartlett
0ee8c263f6 WHATSNEW: Add text on PKINIT Certificate Revocation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9612
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-21 01:25:36 +00:00
Andrew Bartlett
5f69220f0a WHATSNEW: Update minimum GnuTLS version
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2023-07-19 03:31:30 +00:00
Andrew Bartlett
0ef8083cca WHATSNEW: Mention new default schema and Functional Level prep
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 21 20:01:06 UTC 2023 on atb-devel-224
2023-06-21 20:01:06 +00:00
Joseph Sutton
a9d543cdfc s4:kdc: Gate claims, auth policies and NTLM restrctions behind 2012/2016 FLs
Samba security features like AD claims, Authentication Policies and
Authentication Silos are enabled once the DC is at the required functional level.

We comment at the callers of of dsdb_dc_functional_level() to explain
why we do this.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2023-06-21 19:08:37 +00:00
Volker Lendecke
18070a2d65 WHATSNEW: Mention removed "directory name cache size" parameter
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2023-06-16 16:14:30 +00:00
Pavel Filipenský
dc6edc4881 WHATSNEW.txt: Improved winbind logging and samba-log-parser
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jun  7 15:06:07 UTC 2023 on atb-devel-224
2023-06-07 15:06:07 +00:00
David Mulder
c80affe0f1 Add a WHATSNEW entry indicating libgpo py deprecation
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15225

Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-28 02:15:36 +00:00
Andreas Schneider
d0d588558d Update WHATSNEW.txt
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-04-05 01:06:29 +00:00
Jule Anger
6c4775021b WHATSNEW: Start release notes for Samba 4.19.0pre1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-01-18 16:26:36 +00:00
Jule Anger
0c9b310e23 WHATSNEW: Up to Samba 4.18.0rc1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2023-01-18 16:26:36 +00:00
Ralph Boehme
52cdf1d93a wbinfo: Add --change-secret-at=dcname
Add WHATSNEW.txt entry and update wbinfo man page.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2022-12-21 19:10:35 +00:00
Douglas Bagnall
063976fca3 WHATSNEW: samba-tool: fewer tracebacks, more colour
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Sep 19 07:14:31 UTC 2022 on sn-devel-184
2022-09-19 07:14:31 +00:00
Jule Anger
4292cfa4c8 WHATSNEW: Start release notes for Samba 4.18.0pre1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2022-08-08 16:24:21 +02:00
Jule Anger
459107e6ef WHATSNEW: Up to Samba 4.17.0rc1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2022-08-08 16:21:26 +02:00
Andrew Bartlett
e8517ee7c7 WHATSNEW: Announce support for dropping the NT hash
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2022-06-26 22:10:29 +00:00
Jeremy Allison
efcaeff2c3 WHATSNEW.txt: Add explaination of --without-smb1-server and --with-smb1-server configure options.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Mulder <dmulder@suse.com>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr  7 18:33:31 UTC 2022 on sn-devel-184
2022-04-07 18:33:31 +00:00
Martin Schwenke
39f70481bb WHATSNEW: Document some CTDB changes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Apr  6 07:32:04 UTC 2022 on sn-devel-184
2022-04-06 07:32:04 +00:00
Andrew Bartlett
d7a91a855c s4-auth: Remove last traces of LanMan authentiation support in the AD DC.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Mar 29 03:32:57 UTC 2022 on sn-devel-184
2022-03-29 03:32:57 +00:00
Thomas Debesse
206909d52b s4: dns: Add customizable dns port option
Signed-off-by: Thomas Debesse <dev@illwieckz.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Mar 25 20:25:28 UTC 2022 on sn-devel-184
2022-03-25 20:25:28 +00:00
Andrew Bartlett
59e67dc848 WHATSNEW: Mention our matrix room as well
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Jule Anger <janger@samba.org>
Autobuild-Date(master): Mon Mar 21 13:52:06 UTC 2022 on sn-devel-184
2022-03-21 13:52:06 +00:00
Thomas Debesse
c88938b3b0 WHATSNEW: IRC is irc.libera.chat according to https://www.samba.org/samba/irc.html
Signed-off-by: Thomas Debesse <dev@illwieckz.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-03-21 12:57:33 +00:00
Andreas Schneider
e25d6c89be WHATSNEW: Bronze bit, S4U and RBDC support with MIT Kerberos 1.20
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Mar  4 14:58:20 UTC 2022 on sn-devel-184
2022-03-04 14:58:20 +00:00
Stefan Metzmacher
be1935dac8 WHATSNEW: Start release notes for Samba 4.17.0pre1.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2022-01-24 15:25:36 +00:00
Jule Anger
c6bc927ac8 WHATSNEW: Up to Samba 4.16.0rc1.
Signed-off-by: Jule Anger <janger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2022-01-24 11:21:32 +00:00
Martin Schwenke
da2e1047f1 WHATSNEW: Document CTDB leader and cluster lock changes
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jan 17 11:16:14 UTC 2022 on sn-devel-184
2022-01-17 11:16:14 +00:00
Jeremy Allison
ea2ec7ea5e WHATSNEW. Added section about samba-dcerpcd.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Dec 10 14:52:54 UTC 2021 on sn-devel-184
2021-12-10 14:52:54 +00:00
Jeremy Allison
bd98e040d4 Update WHATSNEW.txt with removal of wildcard copy, rename and unlink.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Dec  9 18:57:15 UTC 2021 on sn-devel-184
2021-12-09 18:57:15 +00:00
Uri Simchoni
c26fcef50d WHATSNEW: document dns forwarder change
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2021-09-28 09:44:35 +00:00
Christof Schmitt
d40f57321a WHATSNEW: Document changes for "kernel share modes"
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 15 00:04:47 UTC 2021 on sn-devel-184
2021-09-15 00:04:47 +00:00
David Mulder
f813f8a54a Update WHATSNEW for Certificate Auto Enrollment
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 15 20:03:45 UTC 2021 on sn-devel-184
2021-07-15 20:03:45 +00:00
Karolin Seeger
cca9ce5977 WHATSNEW: Start release notes for Samba 4.16.0pre1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>
2021-07-15 09:43:05 +02:00
Karolin Seeger
47c5075535 WHATSNEW: Up to Samba 4.15.0rc1.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>
2021-07-15 09:18:02 +02:00
Karolin Seeger
961548296e WHATSNEW: Fix typos.
Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>
2021-07-15 09:17:51 +02:00
Stefan Metzmacher
c5cd5c9d57 WHATSNEW: add client/server smb3 signing/encryption algorithms
We can add more about this in the final 4.15.0 release notes later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 15 00:57:24 UTC 2021 on sn-devel-184
2021-07-15 00:57:24 +00:00
Stefan Metzmacher
4a7bd4c0c5 WHATNEW: document "server multi channel support" change
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00
Stefan Metzmacher
e25a9e8f4e WHATSNEW: document the removal of SMB2_22, SMB2_24 and SMB3_10
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-07-15 00:06:31 +00:00