tdb: version 1.4.5

* fix standalone usage of tdb.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Tue Jul 20 11:48:38 UTC 2021 on sn-devel-184

tdb: Fix invalid syntax in tdb.h

Defining _PUBLIC_ in the same way as in talloc.h resolves an issue with
a previous fix for Solaris Studio compiler 12.4 that prefixed all calls
in tdb.h with _PUBLIC_.  Thanks to Lukas Slebodnik
<lslebodn@redhat.com>.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14762

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

utils: Avoid pylint warning

pylint warns:

  Use lazy % formatting in logging functions

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>
Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Tue Jul 20 05:29:18 UTC 2021 on sn-devel-184

utils: Reformat lines that are longer than 80 columns

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Tweak exception handling to stop flake8 complaining

Don't bother with "as e" to avoid warning about unused variable.
Don't use bare "except:" (though pylint still complains about this
version).

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Simplify log level logic, drop global variable

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Inline defaults and help strings

Removes an unnecessary level of indirection: defaults and help strings
are now where they are expected.  Also removes some global variables.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Move argument processing into function and call from main()

Removes the need for the global variables currently associated with
this processing.  Also removes unnecessarily double-handling the
defaults, which are assigned to the global variables and set via
add_argument().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Reorder imports so that standard imports are first

Avoids numerous pylint warnings.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Clean up ctdb_etcd_lock using autopep8

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

utils: Use Python 3

Due to the number of flake8 and pylint warnings it is unclear if the
source has Python 3 incompatibilities.  These will be cleaned up in
subsequent commits.

Signed-off-by: "L.P.H. van Belle" <belle@bazuin.nl>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jose A. Rivera <jarrpa@samba.org>

examples: Make winreg.py sample work with python3 in current master

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jul 19 17:44:08 UTC 2021 on sn-devel-184

gitignore: Add .cache directory

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 19 15:27:14 UTC 2021 on sn-devel-184

selftest: Add PYTHONPATH for lsp servers to devel_env.sh

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

s3:utils: Use better error message for smbtree

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jul 16 03:45:19 UTC 2021 on sn-devel-184

libcli/smb: allow unexpected padding in SMB2 READ responses

Make use of smb2cli_parse_dyn_buffer() in smb2cli_read_done()
as it was exactly introduced for a similar problem see:

    commit 4c6c71e1378401d66bf2ed230544a75f7b04376f
    Author:     Stefan Metzmacher <metze@samba.org>
    AuthorDate: Thu Jan 14 17:32:15 2021 +0100
    Commit:     Volker Lendecke <vl@samba.org>
    CommitDate: Fri Jan 15 08:36:34 2021 +0000

        libcli/smb: allow unexpected padding in SMB2 IOCTL responses

        A NetApp Ontap 7.3.7 SMB server add 8 padding bytes to an
        offset that's already 8 byte aligned.

        RN: Work around special SMB2 IOCTL response behavior of NetApp Ontap 7.3.7
        BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

        Pair-Programmed-With: Volker Lendecke <vl@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
        Autobuild-User(master): Volker Lendecke <vl@samba.org>
        Autobuild-Date(master): Fri Jan 15 08:36:34 UTC 2021 on sn-devel-184

RN: Work around special SMB2 READ response behavior of NetApp Ontap 7.3.7
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 15 23:53:55 UTC 2021 on sn-devel-184

libcli/smb: make smb2cli_ioctl_parse_buffer() available as smb2cli_parse_dyn_buffer()

It will be used in smb2cli_read.c soon...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: implement FSCTL_SMBTORTURE_GLOBAL_READ_RESPONSE_BODY_PADDING8

This turns the 'smb2.read.bug14607' test from 'skip' into 'xfailure',
as the 2nd smb2cli_read() function will now return
NT_STATUS_INVALID_NETWORK_RESPONSE.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: introduce a body_size variable in smbd_smb2_request_read_done

This will simplify the following changes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture/smb2: add smb2.read.bug14607 test

This test will use a FSCTL_SMBTORTURE_GLOBAL_READ_RESPONSE_BODY_PADDING8
in order to change the server behavior of READ responses regarding
the data offset.

It will demonstrate the problem in smb2cli_read*() triggered
by NetApp Ontap servers.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14607

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Update WHATSNEW for Certificate Auto Enrollment

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 15 20:03:45 UTC 2021 on sn-devel-184

gpo: Test Certificate Auto Enrollment Policy

Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

gpo: Fix up rsop output of ca certificate

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

gpo: Add Certificate Auto Enrollment Policy

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>

WHATSNEW: Start release notes for Samba 4.16.0pre1.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>

VERSION: Bump version up to 4.16.0pre1...

and re-enable GIT_SNAPSHOT.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>

VERSION: Disable GIT_SNAPSHOT for the Samba 4.15.0rc1 release.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>

WHATSNEW: Up to Samba 4.15.0rc1.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>

WHATSNEW: Fix typos.

Signed-off-by: Karolin Seeger <kseeger@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jule Anger <janger@samba.org>

s3: VFS: default. In vfswrap_getxattrat_do_async() always use the pathref fsp.

This is always called via a path that mandates
smb_fname->fsp is valid.

https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Jul 15 05:48:05 UTC 2021 on sn-devel-184

s3: VFS: default. In vfswrap_getxattrat_do_sync() always use the pathref fsp.

This is always called via a path that mandates
smb_fname->fsp is valid.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: VFS: default: Add 'handle' member to struct vfswrap_getxattrat_state

Not yet used.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: VFS: default: Move vfswrap_fgetxattr() before the async versions.

We want to re-use this and don't want to have to add forward
declarations.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: smbd: Allow "smbd async dosmode = yes" to return valid DOS attributes again.

We already have a valid smb_fname->fsp, don't drop
it when returning from smbd_dirptr_lanman2_entry()
to allow it to be reused inside dos_mode_at_send().

Remove knownfail.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: tests: Add "SMB2-LIST-DIR-ASYNC" test.

Add as knownfail.

Shows our "smbd async dosmode" code wasn't working.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

s3: tests: Our tests for "smbd async dosmode = yes" haven't been working correctly as the parameter has been set incorrectly.

If must be "smbd async dosmode", not "smbd:async dosmode"

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14758

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

WHATSNEW: add client/server smb3 signing/encryption algorithms

We can add more about this in the final 4.15.0 release notes later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jul 15 00:57:24 UTC 2021 on sn-devel-184

s3:smbd: improve the error returns for invalid session binding requests

This brings us closer to what a Windows Server with GMAC signing
returns.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture: more smb2.session.bind_negative_smb3* combinations

This tests all kind of signing/encryption algorithm mismatches
and passes against Windows with GMAC signing support.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: offer aes-128-gmac by default

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add support for SMB2_SIGNING_AES128_GMAC

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture: force AES_CMAC or HMAC_SHA256 for some SMB 3.1.1 tests

Allowing GMAC in future will generate different results, so
make sure the tests keep working as is.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: actually make use of "client/server smb3 signing algorithms"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: add "client/server smb3 signing algorithms" options

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: prepare support for SMB2_SIGNING_CAPABILITIES

But notice that srv_sign_algos->num_algos is always 0 for now,
but that'll change in the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: prepare support for SMB2_SIGNING_CAPABILITIES negotiation

For now client_sign_algos->num_algos will always be 0,
but that'll change in the next commits.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: make sure smb2_signing_calc_signature() never generates a signature without a valid MID

This is important as AES-128-GMAC signing will derive the NONCE from the MID.

It also means a STATUS_PENDING response must never be signed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: make sure we always send a valid MID in cancel PDUs

This is important as with AES-128-GMAC signing, the nonce will be
derived from the MID.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: skip session setup signing for REQUEST_OUT_OF_SEQUENCE, NOT_SUPPORTED and ACCESS_DENIED

We should propagate these errors to the caller instead of masking them
with ACCESS_DENIED. And for ACCESS_DENIED we should not disconnect the
connection.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add smb2cli_conn_server_{signing,encryption}_algo()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: make sure we don't try to sign CANCEL response PDUs

Normally these are never generated, but it can happen when the
signing check fails.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: make sure STATUS_PENDING responses are never signed

It's important to match Windows here in order to avoid reusing
a NONCE for AES-128-GMAC signing.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbstatus: pretty print the use of new signing/encryption algorithms

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: only allow cancel with the same session

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add SMB2_SIGNING_CAPABILITIES related defines to smb2_constants.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add SMB2_RDMA_TRANSFORM_CAPABILITIES related defines to smb2_constants.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add SMB2_TRANSPORT_CAPABILITIES related defines to smb2_constants.h

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib/param: offer aes-256-{gcm,ccm} encryption by default

We match Windows and keep aes-128-{gcm,ccm} first...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add aes-256-{gcm,ccm} support to smb2_signing_[en|de]crypt_pdu()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: let 'server smb3 encryption algorithms' disable aes-128-ccm for SMB3_0*

SMB 3.0 and 3.0.2 require aes-128-ccm, so we need to reject them unless
'client smb3 encryption algorithms' allows them.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add smb311_capabilities_check() helper

It checks that the resulting algorithms (most likely for
dialects < 3.1.1) are actually allowed.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: let 'client smb3 encryption algorithms' disable aes-128-ccm for SMB3_0*

SMB 3.0 and 3.0.2 require aes-128-ccm, so we need to reject them unless
'client smb3 encryption algorithms' allows them.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: make use of 'server smb3 encryption algorithms'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:param: make use of 'client smb3 encryption algorithms'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:libsmb: make use of 'client smb3 encryption algorithms'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: add helpers to parse client/server smb3 encryption algorithms into struct smb311_capabilities

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: add "client/server smb3 encryption algorithms" options

This gives administrators more control over the used algorithms.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smb2_negprot: make use of struct smb311_capabilities.encryption

This makes the code more generic and allow the supported ciphers
to be easily added or depend on the configuration later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

WHATNEW: document "server multi channel support" change

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib/param: enable "server multi channel support" by default on Linux and FreeBSD

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

lib/param: add lpcfg_parm_is_unspecified() helper

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: fallback to smb2srv_session_lookup_global() for session setups with failed signing

The motivation is to get the same error responses as a windows server.

We already fallback to smb2srv_session_lookup_global() in other places
where we don't have a valid session in the current smbd process.

If signing is failing while verifying a session setup request,
we should do the same if we don't have a valid channel binding
for the connection yet.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: remove dead code from smbd_smb2_request_dispatch()

We have '} else if (signing_required || (flags & SMB2_HDR_FLAG_SIGNED)) {'
before...

Use 'git show -U52' to see the whole story...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: make sure smbXsrv_session_update() doesn't segfault with table == NULL

There might be other places than smb2srv_update_crypto_flags(), which
may call smbXsrv_session_update() with a fake session, they should
return in error instead of segfaulting.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: fix a NULL pointer deference caused by smb2srv_update_crypto_flags()

When we used a fake session structure from
smb2srv_session_lookup_global() there's no point in updating
any database.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: let smb2srv_session_lookup_global() clear the signing/encryption_flags

When we make use of this we only in order to provide the correct
error codes anyway.

This actually fixes even more error codes.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture: let smb2.session.bind_negative_* tests also use a different client guid

Testing also with a different client guid between channels
triggers (at least in samba) a different code path compaired
to the tests using the same client guid.

Testing both already revealed a bug.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture: let smb2.session.bind_negative_* also test without session keys

This checks the result of a 2nd session setup without the BIND flags
and also without signing being already enabled.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

WHATSNEW: document the removal of SMB2_22, SMB2_24 and SMB3_10

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: remove unused PROTOCOL_SMB3_10 definition

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: remove support for "SMB3_10"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: replace PROTOCOL_SMB3_10 with PROTOCOL_SMB3_11

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: replace PROTOCOL_SMB3_10 with PROTOCOL_SMB3_11

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: remove unused PROTOCOL_SMB2_24 definition

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: remove support for "SMB2_24"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: replace PROTOCOL_SMB2_24 with PROTOCOL_SMB3_00

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: replace PROTOCOL_SMB2_24 with PROTOCOL_SMB3_00

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: remove unused PROTOCOL_SMB2_22 definition

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

docs-xml: remove support for "SMB2_22"

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: replace PROTOCOL_SMB2_22 with PROTOCOL_SMB3_00

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:smbd: replace PROTOCOL_SMB2_22 with PROTOCOL_SMB3_00

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s3:torture: replace PROTOCOL_SMB2_22 with PROTOCOL_SMB3_00

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

smb2_negprot: no longer use experimental dialects 2.2.2, 2.2.4, 3.1.0 on the wire

These were only used in Windows development versions but not in
production.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

libcli/smb: no longer use experimental dialects 2.2.2, 2.2.4, 3.1.0 on the wire

These were only used in Windows development versions but not in
production.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

s4:torture:libsmbclient: make use of PROTOCOL_* enum values instead of of hardcoded int values

We should also test protocol versions which are not our default.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

selftest: use SAMBA_DEPRECATED_SUPPRESS=1 for all tests

The deprecation warnings are filling the logs and make it hard to
find/see real problems.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Jul 14 21:57:11 UTC 2021 on sn-devel-184

s3:tests: use SAMBA_DEPRECATED_SUPPRESS=1 for backbox tests

These tests should not depend on the number of deprecation warnings

Signed-off-by: Stefan Metzmacher <metze@samba.org>

ldb: version 2.4 will be used for Samba 4.15

- Improve calculate_popt_array_length()
- Use C99 initializers for builtin_popt_options[]
- pyldb: Fix Message.items() for a message containing elements
- pyldb: Add test for Message.items()
- tests: Use ldbsearch '--scope instead of '-s'
- pyldb: fix a typo
- Change page size of guidindexpackv1.ldb
- Use a 1MiB lmdb so the test also passes on aarch64 CentOS stream
- attrib_handler casefold: simplify space dropping
- fix ldb_comparison_fold off-by-one overrun
- CVE-2020-27840: pytests: move Dn.validate test to ldb
- CVE-2020-27840 ldb_dn: avoid head corruption in ldb_dn_explode
- CVE-2021-20277 ldb/attrib_handlers casefold: stay in bounds
- CVE-2021-20277 ldb tests: ldb_match tests with extra spaces
- improve comments for ldb_module_connect_backend()
- test/ldb_tdb: correct introductory comments
- ldb.h: remove undefined async_ctx function signatures
- correct comments in attrib_handers val_to_int64
- dn tests use cmocka print functions
- ldb_match: remove redundant check
- add tests for ldb_wildcard_compare
- ldb_match: trailing chunk must match end of string
- pyldb: catch potential overflow error in py_timestring
- ldb: remove some 'if PY3's in tests
- Add missing break in switch statement

Signed-off-by: Stefan Metzmacher <metze@samba.org>

tdb: version 1.4.4

- Fix a memory leak on error
- python: remove all 'from __future__ import print_function'
- Fix CID 1471761 String not null terminated
- Use hex_byte() in parse_hex()
- Use hex_byte() in read_data()
- fix studio compiler build
- Fix some signed/unsigned comparisons
- also use __has_attribute macro to check for attribute support
- Fix clang 9 missing-field-initializer warnings
- pytdb tests: add test for storev()
- pytdb: add python binding for storev()
- tdbtorture: Use ARRAY_DEL_ELEMENT()
- py3: Remove #define PyInt_FromLong PyLong_FromLong
- py3: Remove #define PyInt_AsLong PyLong_AsLong
- py3: Remove #define PyInt_Check PyLong_Check
- tdb: Align integer types

Signed-off-by: Stefan Metzmacher <metze@samba.org>

talloc: version 2.3.3

- python: Ensure reference counts are properly incremented
- Bug 9931: change pytalloc source to LGPL

Signed-off-by: Stefan Metzmacher <metze@samba.org>