=================================
- Release Notes for Samba 3.2.0pre2
- Jan 16, 2008
+ Release Notes for Samba 3.2.0pre3
+ Mar 28, 2008
=================================
-This is the second preview release of Samba 3.2.0. This is *not*
+This is the third preview release of Samba 3.2.0. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
o Introduction of a registry based configuration system.
o Improved CIFS Unix Extensions support.
o Experimental support for file serving clusters.
- o Support for IPv6 connections.
-
+ o Support for IPv6 in the server, and client tools and libraries.
+ o Support for storing alternate data streams in xattrs.
+ o Encrypted SMB transport in client tools and libraries, and server.
+ o Support for Vista clients authenticating via Kerberos.
Winbind and Active Directory Integration:
o Full support for Windows 2003 cross-forest, transitive trusts
- and one-way domain trusts
+ and one-way domain trusts.
o Support for userPrincipalName logons via pam_winbind and NSS
lookups.
- o Support in pam_winbind for logging on using the userPrincipalName.
o Expansion of nested domain groups via NSS calls.
o Support for Active Directory LDAP Signing policy.
- o New LGPL Winbind client library (libwbclient.so)
+ o New LGPL Winbind client library (libwbclient.so).
+ Joining:
+ o New NetApi library for domain join related queries (libnetapi.so)
+ and example GTK+ Domain join gui.
+ o New client and server support for remotely joining and unjoining
+ Domains.
+ o Support for joining into Windows 2008 domains.
Users & Groups:
o New ldb backend for local group mapping tables
updated.
-
Registry Configuration Backend
==============================
Samba is now able to use a registry based configuration backed to
supplement smb.conf setting. This feature may be enabled by setting
-"include = registry" and "registry shares = yes" in the [global]
+"config backend = registry" and "registry shares = yes" in the [global]
section of smb.conf and may be managed using the "net conf" command.
More information may be obtained from the smb.conf(5) and net(8) man
Both the Python bindings and the libmsrpc shared library have been
removed from the tree due to lack of an official maintainer.
+As smbfs is no longer supported in current kernel versions, smbmount has
+been removed in this Samba version. Please use cifs (mount.cifs) instead.
+See examples/scripts/mount/mount.smbfs as an example for a wrapper which
+calls mount.cifs instead of smbmount/mount.smbfs.
+
+
+Modified API for libsmbclient
+==============================================================================
+
+Maintaining ABI compatibility for libsmbclient has become increasingly
+difficult to accomplish, while also keeping the code organization such that it
+is easily readable. Towards the goal of maintaining ABI compatibility and
+also keeping the code easy to maintain and enhance, the API has been enhanced.
+In particular, the fields in the SMBCCTX context structure are no longer
+intended to be read/write by the user, and are marked as deprecated. An
+application that previously accessed the members of the SMBCCTX context
+structure will now encounter warnings if recompiled. This is intentional, to
+encourage implementation of the small changes required for the new interface.
+The number of changes is expected to be quite small for the vast majority of
+applications, and no changes need be made for many applications. The changes
+required for KDE (konqueror) to conform to the new interface, for example, are
+only four lines in only one file.
+
+Instead of the application manually changing or reading values in the context
+structure, there are now setter and getter functions for each configurable
+member in that structure. Similarly, the smbc_option_get() and
+smbc_option_set() functions are deprecated in favor of the setter/getter
+interface. The setters and getters are all documented in libsmbclient.h
+under these comment blocks:
+
+ Getters and setters for CONFIGURATION
+ Getters and setters for OPTIONS
+ Getters and setters for FUNCTIONS
+ Callable functions for files
+ Callable functions for directories
+ Callable functions applicable to both files and directories
+
+Example changes that may be required to eliminate "deprecated" warnings:
+
+ /* Set the debug level */
+ context->debug = 99;
+changes to:
+ smbc_setDebug(context, 99);
+
+ /* Specify the authentication callback function */
+ context->callbacks.auth_fn = auth_smbc_get_data;
+changes to:
+ smbc_setFunctionAuthData(context, auth_smbc_get_data);
+
+ /* Specify the new-style authentication callback with context parameter */
+ smbc_option_set("auth_function", auth_smbc_get_data_with_ctx);
+changes to:
+ smbc_setFunctionAuthDataWithContext(context, auth_smbc_get_data_with_ctx);
+
+ /* Set kerberos flags */
+ context->flags = (SMB_CTX_FLAG_USE_KERBEROS |
+ SMB_CTX_FLAG_FALLBACK_AFTER_KERBEROS);
+changes to:
+ smbc_setOptionUseKerberos(context, 1);
+ smbc_setOptionFallbackAfterKerberos(context, 1);
+
+
######################################################################
client plaintext auth Changed Default No
clustering New No
cluster addresses New ""
+ config backend New file
ctdb socket New ""
+ debug class New No
+ administrative share New No
lanman auth Changed Default No
- mangle map Removed
- min receive file size New 0
- open files database hash size Removed
- read bmpx Removed
+ ldap debug level New 0
+ ldap debug threshold New 10
+ mangle map Removed
+ min receive file size New 0
+ open files database hashsize Removed
+ read bmpx Removed
registry shares New No
- winbind expand groups New 1
- winbind rpc only New No
+ winbind expand groups New 1
+ winbind rpc only New No
+
+
+Changes since 3.2.0pre2:
+-----------------------
+
+
+o Michael Adam <obnox@samba.org>
+ * Fix session setup with security = share.
+ * Fix segfault in testparm.
+ * Fix several Makefile issues.
+ * Fix build of bin/net on Solaris.
+ * Reformat the parm table of loadparm to use named initializers.
+ * Fix %I macro expansion for IPv4 mapped IPv6 addresses.
+
+
+o Jeremy Allison <jra@samba.org>
+ * BUG 5311: Fix IPv6 issue with hosts allow/deny settings.
+
+
+o Kai Blin <kai@samba.org>
+ * BUG 4235: Prevent ntlm_auth from sending BH responses without a message.
+ * Fix one BH message.
+
+
+o Gerald (Jerry) Carter <jerry@samba.org>
+ * Fix libtdb some to move back towards allowing out of tree builds.
+ * Ignore port when pulling IP addr from struct sockaddr_storage..
+
+
+o Guenther Deschner <gd@samba.org>
+ * Fix build of pam_smbpass.
+ * Fix lp_load with an empty registry and "config backend = registry".
+ * Fix build targets for bin/net.
+ * Fix _dssetup_DsRoleGetPrimaryDomainInformation().
+ * Fix the build of cifs.spnego.
+
+
+o Volker Lendecke <vl@samba.org>
+ * Add support for async SMB requests.
+ * Add transactions to the dbwrap API.
+ * Add "net idmap aclmapset".
+ * Change default bufsize to 512k.
+ * Fix Coverity IDs 473, 481, 506, 507, 525, 526, 527, 528, 529, 530, 537,
+ 538, 547, 548, 551, 552, 553, 554, 555, 557, 558, 559, 563, 564, 567.
+ * Fix some warnings in the tsmsm module.
+ * Fix warnings.
+ * BUG 4901: Fix "ldap passwd sync = only".
+ * BUG 5334: Fix download of empty files using smbclient.
+ * BUG 5307: Fix notify changes.
+ * BUG 5317: Fix debug output in domain_client_validate.
+ * BUG 5338: Fix format string issue in rpcclient.
+
+
+o Derrell Lipman <derrell@samba.org>
+ * Check for NULL pointers before dereferencing them.
+ * Fix use of AuthDataWithContext capability.
+
+
+o Karolin Seeger <kseeger@samba.org>
+ * Fix usage message for "net idmap dump".
+
+
+o Andrew Tridgell <tridge@samba.org>
+ * Suppress superfluous message.
+
+
+o Marc VanHeyningen <marc.vanheyningen@isilon.com>
+ * Coverity fixes.
Changes since 3.2.0pre1:
-----------------------
o Michael Adam <obnox@samba.org>
- * Add vfs_zfsacl plugin.
+ * Add library for access to the registry configuration data.
+ * BUG 5023: Separate NFS4 and POSIX ACL code in file access checks.
+ * BUG 4308: Fix Excel save operation ACL bug.
* Refactor and consolidate logic for retrieving the machine
trust password information.
+ * VFS API cleanup (remove redundant parameter).
* BUG 4801: Correctly implement LSA lookup levels for LookupNames.
+ * Add new option "debug class" to control printing of the debug class.
+ in debug headers.
+ * Enable building of the zfsacl and notify_fam vfs modules.
+ * BUG 5083: Fix memleak in solarisacl module.
+ * BUG 5063: Fix build on RHEL5.
+ * New smb.conf parameter "config backend = registry" to enable registry
+ only configuration.
+ * Move "net conf" functionality into a separate module libnet_conf.c
+ * Restructure registry code, eliminating the dynamic overlay.
+ Make use of reg_api instead of backend code in most places.
+ * Add support for intercepting LDAP libraries' debug output and print
+ it in Samba's debugging system.
+ * Libreplace fixes.
+ * Build fixes.
+ * Initial support for using subsystems as shared libraries.
+ Use talloc, tdb, and libnetapi as shared libraries internally.
o Jeremy Allison <jra@samba.org>
* Remove unused utilities: smbctool and rpctorture.
* Fix service principal detection to match Windows Vista
(based on work from Andreas Schneider).
- * Additional work on the session data privacy for clients
- implementing the Unix CIFS Extensions.
+ * Encrypted SMB transport in client tools and libraries, and server.
+
+
+o Kai Blin <kai@samba.org>
+ * Added support for an SMB_CONF_PATH environment variable
+ containing the path to smb.conf.
+ * Various fixes to ntlm_auth.
+ * make test now supports more extensive SPOOLSS testing using vlp.
+ * Correctly handle mixed-case hostnames in NTLMv2 authentication.
o Gerald (Jerry) Carter <jerry@samba.org>
(including calls from "net dom" command).
* Add libnetapi.so library for joining domains including
sample GTK+ app.
+ * Fixes for Vista SP1 Kerberos authdata handling to only pickup
+ the PAC.
+ * Various error code and error message fixes.
+ * Add initial draft of libnetconf to allow programmatic
+ configuration changes.
+ * Add libnet_join internal library for programmatically joining
+ and unjoining Domains.
+ * Add various fixes and new calls to libnetapi.so library.
+ * Various fixes for DsGetDcName and conversion to IDL based
+ structures.
+ * Fixes for pidl to correctly generate WERROR based client calls.
+ * Fixes for pidl to generate output that complies to coding
+ conventions.
+ * Various IDL fixes.
+ * Add ads_get_joinable_ous() to libads to get list of joinable ous.
+ * Add get_logon_hours_from_pdb() to comply with new IDL based
+ structures.
+ * Add debugging capabilities to dump AD connections to libads
+ (using ndr_print).
+ * Add "dump-domain-list" command for smbcontrol to retrieve better
+ debugging information out of winbindd.
+ * Migration of the entire client and server DCE/RPC code to IDL
+ based structures and autogenerated code for DSSETUP, LSA, SAMR
+ and NETLOGON.
+ * Started migration of client and server DCE/RPC code to IDL based
+ structures and autogenerated code for NTSSVC, SVCCTL and
+ EVENTLOG.
+ * Use IDL and autogenerated code for samlogoncache and Kerberos
+ PAC handling.
+ * Various fixes and cleanup of Kerberos PAC handling.
+ * Fix segfault in _srv_net_file_enum.
+ * Conversion of client join and unjoin code to libnet_join.
+ * Add remote join/unjoin server-side implementation.
+ * Removed a lot of code which has become obsolete.
o Steve Langasek <vorlon@debian.org>
* Add generic a in-memory cache.
* Import the Linux red-black tree implementation.
* Remove large amount of global variables.
- * Add vfs_ea_tdb module for file systems that do not implement xattrs.
-
+ * Support for storing xattrs in tdb files.
+ * Support for storing alternate data streams in xattrs.
+ * Implement a generic in-memory cache based on rb-trees.
+ * Add implicit temporary talloc contexts via talloc_stack().
+ * Speed up the smbclient "get" command
+ * Add the aio_fork module
+ * Fix bug 4901
+
+o Derrell Lipman <derrell@samba.org>
+ * Modified libsmbclient API for more easily maintaining ABI compatibility
+ while adding new features to libsmbclient.
o Stefan Metzmacher <metze@samba.org>
* Refactor Winbind internal parent-child interface tables
* Networking fixes to the libreplace library.
* Pidl fixes.
* Remove unused Winbind pipe calls.
+ * Build fixes.
+ * Fix for a crash bug in pidl generated client code.
+ This could have happend with [in,out,unique] pointers
+ when the client sends a valid pointer, but the server
+ responds with a NULL pointer (as samba-3.0.26a does for some calls).
+ * Change NTSTATUS into enum ndr_err_code in librpc/ndr.
+ * Remove unused calls in the struct based winbindd protocol.
+ * Add --configfile option to wbinfo.
+ * Convert winbind_env_set(), winbind_on() and winbind_off() into macros.
+ * Return rids and other_sids arrays in WBFLAG_PAM_INFO3_TEXT mode.
+ * Implement wbcErrorString() and wbcAuthenticateUserEx().
+ * Convert auth_winbind to use wbcAuthenticateUserEx().
o James Peach <jpeach@samba.org>
o Andreas Schneider <anschneider@suse.de>
* Don't restart winbind if a corrupted tdb is found during
initialization.
+ * Fix Windows 2008 (Longhorn) join.
+ * Fix crashbug in winbindd.
+ * Add share parameter "administrative share".
o Karolin Seeger <ks@sernet.de>
- * Add net rap file user.
+ * Improve error messages of net subcommands.
+ * Add 'net rap file user'.
+ * Change LDAP search filter to find machine accounts which
+ are not located in the user suffix.
+ * Remove smbmount.
o David Shaw <dshaw@jabberwocky.com>
* Additional portability support for building shared libraries.
+o Corinna Vinschen <corinna@vinschen.de>
+ * Get Samba version or capability information from Windows user space.
+
Original 3.2.0pre1 commits:
---------------------------
o Steve French <sfrench@samba.org>
- * Fixes for mount.cfs Linux utility.
+ * Fixes for mount.cifs Linux utility.
o Stefan Metzmacher <metze@samba.org>
o Jiri Sasek <Jiri.Sasek@Sun.COM>
- * Added vfs_vfsacl module.
+ * Added vfs_zfsacl module.
o Karolin Seeger <ks@sernet.de>
git.samba.org / ira / wip.git / blobdiff