VERSION: Disable GIT_SNAPSHOTS for the 4.6.7 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.6.7.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

s4-cldap/netlogon: Match Windows 2012R2 and return NETLOGON_NT_VERSION_5 when version unspecified

The previous patch set this incorrectly to NETLOGON_NT_VERSION_1

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
(cherry picked from commit 0554bc237f1b84d672d36781bead8b2c33f2e5a4)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Aug  1 12:15:22 CEST 2017 on sn-devel-144

s4-dsdb/netlogon: allow missing ntver in cldap ping

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392

Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 88db634ed84647e5105c4b4fdf37d5892bebfd8d)

s4:torture/ldap: Test netlogon without NtVer

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11392

Signed-off-by: Arvid Requate <requate@univention.de>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 22a94b728bd5d513b2002b62c129271d2210ed73)

s3/utils: smbcacls failed to detect DIRECTORIES using SMB2 (windows only)

uint16_t get_fileinfo(...) returns file attributes, this function
called

     cli_qfileinfo_basic(cli, fnum, &mode, NULL, NULL, NULL,
                     NULL, NULL, NULL);

which was failing with NT_STATUS_ACCESS_DENIED errors when fnum above
was obtained via (when using protocol > SMB). Note: This only seems to be
an issue when run against a windows server, with smbd SMB1 & SMB2 work fine.

    status = cli_ntcreate(cli, filename, 0, CREATE_ACCESS_READ,
                  0, FILE_SHARE_READ|FILE_SHARE_WRITE,
                  FILE_OPEN, 0x0, 0x0, &fnum, NULL);

The failing cli_qfileinfo_basic call above is unnecessary as we can already
obtain the required information from the cli_ntcreate call

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12937

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
(cherry picked from commit c57dcafb150823b00fd873046e65a966a8488fa8)

vfs_ceph: fix cephwrap_chdir()

When provided a '/' path (i.e. CephFS root), vfs_ceph does a *local*
chdir() to the share path. This breaks smb client directory listings.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12911

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jul 21 19:10:46 CEST 2017 on sn-devel-144

(cherry picked from commit 1dcacff083019810e207a3d123a81fe32d9dde1a)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Jul 25 19:51:08 CEST 2017 on sn-devel-144

s3: smbd: Fix a read after free if a chained SMB1 call goes async.

Reported to the Samba Team by Yihan Lian <lianyihan@360.cn>, a security
researcher of Qihoo 360 GearTeam. Thanks a lot!

smb1_parse_chain() incorrectly used talloc_tos() for the memory
context of the chained smb1 requests. This gets freed between
requests so if a chained request goes async, the saved request
array also is freed, which causes a crash on resume.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12836

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5fe76a5474823ed7602938a07c9c43226a7882a3)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Tue Jul 25 06:16:37 CEST 2017 on sn-devel-144

s3: libsmb: Fix use-after-free when accessing pointer *p.

talloc_asprintf_append() might call realloc()
and therefore move the memory address of "path".

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12927

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jul 22 22:45:05 CEST 2017 on sn-devel-144

(cherry picked from commit 890137cffedcaf88a9ff808c01335ee14fcfd8da)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jul 24 02:24:33 CEST 2017 on sn-devel-144

smbd: Fix a connection run-down race condition

When we do a server exit with active aio jobs, we need to keep the
aio state active for the helper thread. Right now I don't see another
chance than to leak memory in this case. And, I don't really oversee
how cancelling requests works in this case, but this does fix crashes
seen at a customer site.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12925

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0181fcc4aaa730e3a88ff5d397145332f4013950)

s3/notifyd: ensure notifyd doesn't return from smbd_notifyd_init

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12910

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 7f4e7cfd1b0bd917395c631a1a8195fffd13bbad)

ctdb-common: Set close-on-exec when creating PID file

Otherwise, for example, the file descriptor for the main PID file will
leak all the way down to event scripts.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12898

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 3e85cbfd7541d8f30ce1f3244ebcc44332b394fe)

vfs_fruit: don't use MS NFS ACEs with Windows clients

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12897

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Jul 13 22:21:08 CEST 2017 on sn-devel-144

(cherry picked from commit df0db9d8f893f9245c6289200303b94a6e2d48d0)

s3:client: The smbspool krb5 wrapper needs negotiate for authentication

If you create a new printer it doesn't have AuthInfoRequired set and so
cups calls the backend with:

  AUTH_INFO_REQUIRED=none

In this case we need to return:

  ATTR: auth-info-required=negotiate

and return an error that we require authentication.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12886

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4cced4da4ca97f0c6db227e6b2c7e03c2e5c1f28)

vfs_fruit: add fruit:model = <modelname> parametric option

fruit:model = iMac
fruit:model = MacBook
fruit:model = MacPro
fruit:model = Xserve

will all display a different icon inside Finder.

Formerly, we used "Samba" which resulted in a "?" icon in Finder, with
the new default "MacSamba" we appear with a computer box icon at least.

Guenther

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12840

Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Jul 12 03:17:57 CEST 2017 on sn-devel-144

(cherry picked from commit 259e1706e3206b215e136ea9d5beef4c9e3fcdee)

idmap_ad: Retry query_user exactly once if we get TLDAP_SERVER_DOWN

All other ldap-querying methods in idmap_ad make a single retry attempt if they get
TLDAP_SERVER_DOWN. This patch brings idmap_ad_query_user in line with that design.

This fixes the symptom described in 12720 at the cost of an additional reconnect per
failed lookup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12720

Signed-off-by: Dustin L. Howett <dustin@howett.net>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fe7020b0d1b6fe1ca9add4815e20c2e2262cb6c9)

selftest: Do not force run of kcc at start of selftest

This should help to avoid clashes between periodic and manual runs of
the KCC during autobuild.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12869

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c0a7d2bacdacc7a43e04f3b450ea069c000b3d8d)

Autobuild-User(v4-6-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-6-test): Thu Jul 20 01:54:41 CEST 2017 on sn-devel-144

selftest:Samba3: call "net primarytrust dumpinfo" setup_nt4_member() after the join

Here we check that we get 'REDACTED SECRET VALUES' printed, in order
to avoid regression on the non '-f' behavior.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 9530284383f252efd64bfdf138579964c6500eba)

Autobuild-User(v4-6-test): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(v4-6-test): Fri Jul 14 00:00:12 CEST 2017 on sn-devel-144

s3:secrets: remove unused secrets_store_[prev_]machine_password()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit f513c20ee04fe896900c99ae804753d445414d7d)

s3:libads: make use of secrets_*_password_change() in ads_change_trust_account_password()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b874dc90c91dd41c35e99bf7c4fe04220465edca)

net: make use of secrets_*_password_change() for "net changesecretpw"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 4ae6a3ffb233c9b9576a3b5bb15a51ee56e4dbc3)

s3:trusts_util: make use the workstation password change more robust

We use secrets_{prepare,failed,defer,finish}_password_change() to make
the process more robust.

Even if we just just verified the current password with the DC
it can still happen that the remote password change will fail.

If a server has the RefusePasswordChange=1 under
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters,
it will reject NetrServerPasswordSet2() with NT_STATUS_WRONG_PASSWORD.

This results in a successful local change, but a failing remote change,
which means the domain membership is broken (as we don't fallback to
the previous password for ntlmssp nor kerberos yet).

An (at least Samba) RODC will also reject a password change,
see https://bugzilla.samba.org/show_bug.cgi?id=12773.

Even with this change we still have open problems, e.g. if the password was
changed, but we didn't get the servers response. In order to fix that we need
to use only netlogon and lsa over unprotected transports, just using schannel
authentication (which supports the fallback to the old password).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 40c42af11fda062fef9df96a9b5ae3e02709f07c)

s3:libnet: make use of secrets_store_JoinCtx()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c3ad8be5d5192070c599350d6ab28c064206b6cf)

net: add "net primarytrust dumpinfo" command that dumps the details of the workstation trust

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c7c17d9f503d6037aa8ed0bd7ab7cf52f5f28382)

s3:secrets: add infrastructure to use secrets_domain_infoB to store credentials

We now store various hashed keys at change time and maintain a lot of details
that will help debugging failed password changes.

We keep storing the legacy values:
 SECRETS/SID/
 SECRETS/DOMGUID/
 SECRETS/MACHINE_LAST_CHANGE_TIME/
 SECRETS/MACHINE_PASSWORD/
 SECRETS/MACHINE_PASSWORD.PREV/
 SECRETS/SALTING_PRINCIPAL/DES/

This allows downgrades to older Samba versions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5f0038fba612afd7fc15b7ab321df979891170d8)

secrets.idl: add secrets_domain_info that will be used in secrets.tdb for machine account trusts

This blob will be store in secrets.tdb. It makes it possible to store much
more useful details about the workstation trust.

The key feature that that triggered this change is the ability
to store details for the next password change before doing
the remote change. This will allow us to recover from failures.

While being there I also thought about possible new features,
which we may implement in the near future.

We also store the raw UTF16 like cleartext buffer as well as derived
keys like the NTHASH (arcfour-hmac-md5 key) and other kerberos keys.
This will allow us to avoid recalculating the keys for an in memory
keytab in future.

I also added pointer to an optional lsa_ForestTrustInformation structure,
which might be useful to implement multi-tenancy in future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit a59c9cba31a801d90db06b767cfd44776f4ede77)

netlogon.idl: use lsa_TrustType and lsa_TrustAttributes in netr_trust_extension

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 28ac10503476de3c000b3deee2c1f67e0b305578)

netlogon.idl: make netr_TrustFlags [public]

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 60274475332dafdfb829a7c086ea09cd9ed00540)

lsa.idl: make lsa_DnsDomainInfo [public]

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ea0798881a7aaf5897a3a3806149536d3d54fc3b)

s3:trusts_util: also pass the previous_nt_hash to netlogon_creds_cli_auth()

Even in the case where only the password is known to the server, we should
try to leave a valid authentication behind.

We have better ways to indentify which password worked than only using
the current one.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d60404b032eca5384d889352f52b9b129861b4af)

libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 0f5945a06df4bef501ca5085c621294057007225)

libcli/auth: add const to set_pw_in_buffer()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1b48c8515ed8fd29204c82cc47f958f4636cd494)

libcli/auth: pass an array of nt_hashes to netlogon_creds_cli_auth*()

This way the caller can pass more than 2 hashes and can only
know which hash was used for a successful connection.

We allow up to 4 hashes (next, current, old, older).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ddd7ac68ccae8b4df6c6a65b3dad20e21924f538)

s3:trusts_util: pass dcname to trust_pw_change()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1421abfc733247a6b71eefd819dfeae7151a6d78)

s3:secrets: use secrets_delete for all keys in secrets_delete_machine_password_ex()

We just want all values to be removed at the end, it doesn't matter
if they didn't existed before.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit bfe35abc1fb15e70a99fa74d064051a1ad541ed0)

s3:secrets: let secrets_delete_machine_password_ex() also remove the des_salt key

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit dfaadc81925e313901c9b30cd98a4b4fd2404f9d)

s3:secrets: let secrets_delete_machine_password_ex() remove SID and GUID too

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit cf8a4646fe71a974b6a5ee13ae7d7751a5a0adc9)

s3:secrets: rewrite secrets_delete_machine_password_ex() using helper variables

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5bc2764fe517748c03a57b61f2f7ef889c92825d)

s3:secrets: replace secrets_delete_prev_machine_password() by secrets_delete()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5b95cb74e7b2838d228f9773c0e20982b81d1e7d)

s3:secrets: let secrets_store_machine_pw_sync() delete the des_salt_key when there's no value

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 45eea321a6faa6db1c9c706a27527cc0766dc831)

s3:secrets: make use of secrets_delete() in secrets_store_machine_pw_sync()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c5ded1123797b2bd152b0989e24eba7cae6a5792)

s3:secrets: re-add secrets_delete() helper to simplify deleting optional keys

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit fde4af1c329655d7ef3f55727632b3f026a3ea73)

s3:secrets: rename secrets_delete() to secrets_delete_entry()

secrets_delete_entry() fails if the key doesn't exist.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit cd1e888773c4fd3db63ce38a496fc3d54eb8e021)

s3:secrets: make use of des_salt_key() in secrets_store_machine_pw_sync()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 4e37d7805b345d80ca6e8a598e39fc81f72a27ce)

s3:secrets: add some const to secrets_store_domain_guid()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 99013685a1114829579e420df3625ed79eb7ee94)

s3:secrets: split out a domain_guid_keystr() function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d37e30cef7906b7b2b14351ad81d0d884811557b)

s3:secrets: rework des_salt_key() to take the realm as argument

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 072dd87e639d7dbfc583ede5ddf6559d9d433b8b)

s3:secrets: move kerberos_secrets_*salt related functions to machine_account_secrets.c

These don't use any krb5_context related functions and they just
work on secrets.tdb, so they really belong to machine_account_secrets.c.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 504b446d8dc7410ad63eba9d214e9cf271cf3b2f)

s3:libads: remove unused kerberos_fetch_salt_princ_for_host_princ()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1a26805ad9f19f02a52d9eaa4f2f11ff20ee76ac)

s3:libads: make use of kerberos_secrets_fetch_salt_princ() in ads_keytab_add_entry()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit b0928a2687a9ffe92ebdce7b5252781d62e7e02d)

s3:libnet: make use of kerberos_secrets_fetch_salt_princ()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 51ae7b42d4d52016b39b79447a3e28d473e676cb)

s3:gse_krb5: simplify fill_keytab_from_password() by using kerberos_fetch_salt_princ()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 1d1cf9792f9227e65857c85ff66a961331e3c16e)

s3:libads: provide a simpler kerberos_fetch_salt_princ() function

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5fe939e32cdaf7bb5b6dac67e7b0118ce65846be)

s3:libads: remove kerberos_secrets_fetch_salting_principal() fallback

The handling for per encryption type salts was removed in
Samba 3.0.23a (Jul 21, 2006). It's very unlikely that someone
has such an installation that got constantly upgraded over 10 years
with an automatic password change nor rejoin. It also means
that the KDC only has salt-less arcfour-hmac-md5 key together
with the salted des keys. So there would only be a problem
if the client whould try to use a des key to contact the smb server.

Having this legacy code adds quite some complexity for no
good reason.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 487b4717b58a6f1ba913708ce8419145b7f4fac8)

s3:libnet_join: move kerberos_secrets_store_des_salt() to libnet_join_joindomain_store_secrets()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 7d2eea39112fd69d2b710181b23301562efea387)

s3:libnet_join: move libnet_join_joindomain_store_secrets() to libnet_join_post_processing()

We should not store the secrets before we did all remote changes
(except the optional dns updates).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit a922e01baeccedc3ffc8a893f1d6072bb203220f)

s3:libnet_join: call do_JoinConfig() after we did remote changes on the server

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 559de1e7236fd4a38f2a1f9980216db95d0430ce)

s3:libnet_join: split libnet_join_post_processing_ads() into modify/sync

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 0ab7944a2b00df4aa155a239c86f97e4e731b864)

s3:libnet_join: move kerberos_secrets_store_des_salt() out of libnet_join_derive_salting_principal()

We should separate the calculation and the storing steps.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 0c65d5f41023076fd201c3a179df77dd615cdb01)

s3:libnet_join: remember r->out.krb5_salt in libnet_join_derive_salting_principal()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 549c9d9a07d3002442cbbb7a90d0a7fef4a92bff)

s3:libnet_join.idl: add krb5_salt to libnet_JoinCtx

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 3b13e4d2d0f73c6374ffdae57528cd1a7f333792)

s3:libnet_join: remember the domain_guid for AD domains

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit fc2bad0cf34fca5e65fba7e036acf1d8c61f05c0)

s3:libnet_join.idl: return the domain_guid in libnet_JoinCtx

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 03e455f5a815ce2134e216dc28929646a964384f)

s3:libnet_join: calculate r->out.account_name in libnet_join_pre_processing()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 826223cc8d36871c2bcb37fe23241f1dbe99a0db)

s3:libnet_join: remove dead code from libnet_join_connect_ads()

username[strlen(username)] is *always* '\0'!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5958c6790fbceb39065353c07fe25f74ddf09ef0)

krb5_wrap: add smb_krb5_salt_principal2data()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit ec2da944d304852d76137e8f9d234462bc807c6b)

krb5_wrap: add smb_krb5_salt_principal()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 5df46700cfb0a15fec2d366e12728cd497188741)

s3:libads: remove unused kerberos_secrets_store_salting_principal()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit c56043a94a10c76a220ce3c7eb7cb8cf2e992cab)

s3:librpc: let NDR_SECRETS depend on NDR_SECURITY

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 4260b52a399667bcdbaa375a20952237ff68449c)

idl_types.h: add NDR_SECRET shortcut

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 969ab12c56cd12dcc0e63e9b662397c1604a0cc0)

librpc/ndr: add LIBNDR_FLAG_IS_SECRET handling

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 32aa3a199dfd61eb5982e158008964b4747599b8)

librpc/ndr: align the definition of LIBNDR_STRING_FLAGS with currently defined flags

The range included the unused (1<<14) before.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 91d8272e8604b5d87bcc0ce365b553bc760c8ed3)

pidl:NDR/Parser: add missing {start,end}_flags() to ParseElementPrint()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 81bbfb010599b65308aca89cc50532372ca4cb00)

s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface()

The result is only used temporary and should not be leaked on a long term
memory context as 'conn'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12890

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 77cbced5d2f8bf65c8d02f5edfaba8cbad519d08)

selftest: add a test for accessing previous version of directories with snapdirseverywhere

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12885

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Sat Jul  8 00:33:51 CEST 2017 on sn-devel-144

(cherry picked from commit cc9ba98c08665e0ed6927fd81fa43a7bb7842e45)

s3/smbd: let non_widelink_open() chdir() to directories directly

If the caller passes O_DIRECTORY we just try to chdir() to smb_fname
directly, not to the parent directory.

The security check in check_reduced_name() will continue to work, but
this fixes the case of an open() for a previous version of a
subdirectory that contains snapshopt.

Eg:

[share]
    path = /shares/test
    vfs objects = shadow_copy2
    shadow:snapdir = .snapshots
    shadow:snapdirseverywhere = yes

Directory tree with fake snapshots:

$ tree -a /shares/test/
/shares/test/
├── dir
│   ├── file
│   └── .snapshots
│       └── @GMT-2017.07.04-04.30.12
│           └── file
├── dir2
│   └── file
├── file
├── .snapshots
│   └── @GMT-2001.01.01-00.00.00
│       ├── dir2
│       │   └── file
│       └── file
└── testfsctl.dat

./bin/smbclient -U slow%x //localhost/share -c 'ls @GMT-2017.07.04-04.30.12/dir/*'
NT_STATUS_OBJECT_NAME_NOT_FOUND listing \@GMT-2017.07.04-04.30.12\dir\*

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12885

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b886a9443d49f6e27fa3863d87c9e24d12e62874)

dnsserver: Stop dns_name_equal doing OOB read

This has been the cause of a large number of flakey autobuilds. Every
now and again dns_name_equal would not be equal between two empty
strings, thus causing failures.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12813

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun  1 19:34:38 CEST 2017 on sn-devel-144

(cherry picked from commit 5ccfd38156ddf2435df15600638cde8ed020958f)

selftest: Do not enable inbound replication during replica_sync

Instead we should use the forced=True to only do a very specific
replication, and so avoid noise from any other DC also live
on the network.  This extra replication in turn causes (and this
patch fixes) flapping replica_sync tests.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12753

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Apr 22 05:19:11 CEST 2017 on sn-devel-144

(cherry picked from commit 52349a7e69a933cbfe410241c7ad80d012886e02)

VERSION: Bump version up to 4.6.7...

and re-enable GIT_SNAPSHOTS.

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Merge branch 'v4-6-stable' into v4-6-test

VERSION: Release Samba 4.6.6 for CVE-2017-11103

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

WHATSNEW: Add release notes for Samba 4.6.6.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation

In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.

Change-Id: I45ef61e8a46e0f6588d64b5bd572a24c7432547c

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12894
(based on heimdal commit 6dd3eb836bbb80a00ffced4ad57077a1cdf227ea)

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

s3:tests: Do *NOT* flush the complete gencache!

This removes important entries winbindd created during startup!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12868

Pair-Programmed-With: Ralph Boehme <slow@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 45da755430c6b124335c9dfeb8a252060823ac4c)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Thu Jul  6 13:17:19 CEST 2017 on sn-devel-144

selftest: Do *NOT* flush the complete gencache!

This removes *IMPORTANT* entries from the gencache winbindd creates on
startup.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12868

Pair-Programmed-With: Ralph Boehme <slow@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 0a0fbaacbcbaa52ed5008e84958e2aea90cdba7c)

ldb: protect Samba < 4.7 against incompatible ldb versions and require ldb < 1.2.0

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12859

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Mon Jul  3 15:15:14 CEST 2017 on sn-devel-144

wafsamba: add maxversion and version_blacklist to CHECK_BUNDLED_SYSTEM[_PKG]()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12859

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4ca48ee4d060f773dcdf9f78a5e4c1b1263b61f4)

s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()

If the keytab file isn't readable, we may call
krb5_kt_end_seq_get() with an invalid kt_cursor.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10490

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Michael Saxl <mike@mwsys.mine.bz>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit a9780a2eaa9cba4ab87cc3371d97fa494fa0198c)

selftest: Also wait for winbindd to start

This ensures that the posixacl.py test does not race against winbindd starting up and so
give wrong mappings

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12843

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1b88c5d4c0e5da2e4092a06f6cd6bf3c8b767883)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Fri Jun 30 14:53:30 CEST 2017 on sn-devel-144

s3:smb2_create: avoid reusing the 'tevent_req' within smbd_smb2_create_send()

As the caller ("smbd_smb2_request_process_create()") already sets the callback,
the first time, it's not safe to reuse the tevent_req structure.

The typical 'tevent_req_nterror(); return tevent_req_post()' will
crash as the tevent_req_nterror() already triggered the former callback,
which calls smbd_smb2_create_recv(), were tevent_req_received() invalidates
the tevent_req structure, so that tevent_req_post() will crash.

We just remember the required values from the old state
and move them to the new state.

We tried to write reproducers for this, but sadly weren't able to trigger
the backtrace we had from a create a customer (using recent code)
with commit 6beba782f1bf951236813e0b46115b8102212c03
included. And this patch fixed the situation for the
customer.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12832

Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 02146ea5ee729de0e49ecf617e6983f4e61fbe59)

auth/spnego: fix gensec_update_ev() argument order for the SPNEGO_FALLBACK case

This went unnoticed so long as we don't use -Wc++-compat
and gensec_update_ev() used the sync update() hook for all
NTLMSSP and Kerberos.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12788

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 31691963b3d9ac460df0c56d36f81ec815db0225)

s3:smbd: unimplement FSCTL_VALIDATE_NEGOTIATE_INFO with "server max protocol = SMB2_02"

A client that supports SMB3 will do a signed FSCTL_VALIDATE_NEGOTIATE_INFO
after a tree connect. This FSCTL_VALIDATE_NEGOTIATE_INFO call contains
the client capabilities, client guid, security mode and the array of supported
dialects. But if SMB 2.02 is negotiated the doesn't send these values to the
server in the first connection attempt (when the client starts with a SMB1 Negotiate).

Windows servers that only support SMB2 just return NT_STATUS_FILE_CLOSED
as answer to FSCTL_VALIDATE_NEGOTIATE_INFO.

We should do the same if we just pretend to support SMB 2.02,
as SMB 2.10 always include an SMB2 Negotiate request we can leave it as is.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12772

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 295c9f7b322e6377d0df1b49cb26597d66e80eda)

samba-tool: fix log message of 'samba-tool user syncpasswords'

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12768

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri May  5 01:37:45 CEST 2017 on sn-devel-144

(cherry picked from commit 4c17850ae7b6c85e99e5d4d5bc5d8e89a9ba6d47)

s3:tests: Do not delete the contets of LOCAL_PATH with tarmode test

The test_smbclient_tarmode.pl test operates on $LOCAL_PATH by default
and removes everything. So it deletes all precreated files and
directories which the setup_fileserver() function initially set up.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12867

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 4f5cfe2713294462b9dc68afbec2ea2c72230885)

auth/ntlmssp: enforce NTLMSSP_NEGOTIATE_NTLM2 for the NTLMv2 client case

Some servers may not announce the NTLMSSP_NEGOTIATE_NTLM2
(a.k.a. NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) bit.

But if we're acting as a client using NTLMv2 we need to
enforce this flag, because it's not really a negotiationable
in that case.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12862

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 8ee4f8236830eb3fa1b273fa6927792a800f86bd)

Autobuild-User(v4-6-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-6-test): Wed Jun 28 15:19:53 CEST 2017 on sn-devel-144

s3: smbd: fix regression with non-wide symlinks to directories over SMB3.

The errno returned by open() is ambiguous when called with flags O_NOFOLLOW and
O_DIRECTORY on a symlink. With ELOOP, we know for certain that we've tried to
open a symlink. With ENOTDIR, we might have hit a symlink, and need to perform
further checks to be sure. Adjust non_widelink_open() accordingly. This fixes
a regression where symlinks to directories within the same share were no
longer followed for some call paths on systems returning ENOTDIR in the above
case.

Also remove the knownfail added in previous commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860

Signed-off-by: Daniel Kobras <d.kobras@science-computing.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit acc16592b451905dabc093f1d261e93cd3b59520)

s3: smbd: Add regression test for non-wide symlinks to directories fail over SMB3.

Mark as knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12860

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit f1f388ef80a6516c2f44b7778420f8ffe28c6471)

docs-xml: Sort input file list

because filesystems return entries in undeterministic order
and that ends up in index.xml and influences index.html
preventing reproducible builds of samba packages (e.g. for openSUSE)

See https://reproducible-builds.org/ for why this matters

Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Tue Jun 27 16:56:06 CEST 2017 on sn-devel-144

(cherry picked from commit eedebe2ef1b6ff92975289b6076f236650744621)

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12854

s3: libsmb: Correctly save and restore connection tcon in smbclient, smbcacls and smbtorture3.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit bd31d538a26bb21cbb53986a6105204da4392e2d)

s3: libsmb: Correctly do lifecycle management on cli->smb1.tcon and cli->smb2.tcon.

Treat them identically. Create them on demand after for a tcon call,
and delete them on a tdis call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12831

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
(cherry picked from commit 50f50256aa8805921c42d0f9f2f8f89d06d9bd93)