Samba 4.16 Features added/changed: Difference between revisions

From SambaWiki
(12 intermediate revisions by the same user not shown)
Line 1: Line 1:
Samba 4.16 is [[Samba_Release_Planning#Maintenance_Mode|'''Maintenance Mode''']].
==Samba 4.16.0rc3==
<onlyinclude>
:Release Notes for Samba 4.16.0rc3
:February 15, 2022


==Samba 4.16.7==
===Release Announcements===
:Release Notes for Samba 4.16.7
:November 15, 2022


===This is a security release in order to address the following defects:===
This is the third release candidate of Samba 4.16. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/.
* [https://www.samba.org/samba/security/CVE-2022-42898.html CVE-2022-42898]
:: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap.


===Changes since 4.16.6===
Samba 4.16 will be the next version of the Samba suite.
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15203 BUG 15203]: [https://www.samba.org/samba/security/CVE-2022-42898.html CVE-2022-42898]
* Nicolas Williams <nico@twosigma.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15203 BUG 15203]: [https://www.samba.org/samba/security/CVE-2022-42898.html CVE-2022-42898]

[https://www.samba.org/samba/history/samba-4.16.7.html Release Notes Samba 4.16.7]

==Samba 4.16.6==
:Release Notes for Samba 4.16.6
:October 25, 2022

===This is a security release in order to address the following defect:===

* [https://www.samba.org/samba/security/CVE-2022-3437.html CVE-2022-3437]: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba).
===Changes since 4.16.5===
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15134 BUG 15134]: [https://www.samba.org/samba/security/CVE-2022-3437.html CVE-2022-3437].

[https://www.samba.org/samba/history/samba-4.16.6.html Release Notes Samba 4.16.6]

==Samba 4.16.5==
:Release Notes for Samba 4.16.5
September 07, 2022

===This is the latest stable release of the Samba 4.16 release series.===

===Changes since 4.16.4===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15128 BUG 15128]: Possible use after free of connection_struct when iterating smbd_server_connection->connections.
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15086 BUG 15086]: Spotlight RPC service returns wrong response when Spotlight is disabled on a share.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15126 BUG 15126]: acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15153 BUG 15153]: Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15161 BUG 15161]: assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15148 BUG 15148]: Missing READ_LEASE break could cause data corruption.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15124 BUG 15124]: rpcclient can crash using setuserinfo(2).
:* [https://bugzilla.samba.org/show_bug.cgi?id=15132 BUG 15132]: Samba fails to build with glibc 2.36 caused by including <sys/mount.h> in libreplace.
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15152 BUG 15152]: SMB1 negotiation can fail to handle connection errors.
* Michael Tokarev <mjt@tls.msk.ru>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15078 BUG 15078]: samba-tool domain join segfault when joining a samba ad domain.

[https://www.samba.org/samba/history/samba-4.16.5.html Release Notes Samba 4.16.5]

==Samba 4.16.4==
:Release Notes for Samba 4.16.4
:July 27, 2022

===This is a security release in order to address the following defects:===
* [https://www.samba.org/samba/security/CVE-2022-2031.html CVE-2022-2031]
:: Samba AD users can bypass certain restrictions associated with changing passwords.
* [https://www.samba.org/samba/security/CVE-2022-32744.html CVE-2022-32744]
::Samba AD users can forge password change requests for any user.
* [https://www.samba.org/samba/security/CVE-2022-32745.html CVE-2022-32745]
::Samba AD users can crash the server process with an LDAP add or modify request.
* [https://www.samba.org/samba/security/CVE-2022-32746.html CVE-2022-32746]
:: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request.
* [https://www.samba.org/samba/security/CVE-2022-32742.html CVE-2022-32742]
:: Server memory information leak via SMB1.


===Changes since 4.16.3===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15085 BUG 15085]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742 CVE-2022-32742].
* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15009 BUG 15009]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 CVE-2022-32746].
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15047 BUG 15047]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 CVE-2022-2031].
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15008 BUG 15008]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745 CVE-2022-32745].
:* [https://bugzilla.samba.org/show_bug.cgi?id=15009 BUG 15009]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 CVE-2022-32746].
:* [https://bugzilla.samba.org/show_bug.cgi?id=15047 BUG 15047]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 CVE-2022-2031].
:* [https://bugzilla.samba.org/show_bug.cgi?id=15074 BUG 15074]: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744 CVE-2022-32744].

[https://www.samba.org/samba/history/samba-4.16.4.html Release Notes Samba 4.16.4]

==Samba 4.16.3==
:Release Notes for Samba 4.16.3
:July 18, 2022

===This is the latest stable release of the Samba 4.16 release series.===

===Changes since 4.16.2===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15099 BUG 15099]: Using vfs_streams_xattr and deleting a file causes a panic.
* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14986 BUG 14986]: Add support for bind 9.18.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15076 BUG 15076]: logging dsdb audit to specific files does not work.
* Samuel Cabrero <scabrero@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14979 BUG 14979]: Problem when winbind renews Kerberos.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15095 BUG 15095]: Samba with new lorikeet-heimdal fails to build on gcc 12.1 in developer mode.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15105 BUG 15105]: Crash in streams_xattr because fsp->base_fsp->fsp_name is NULL.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15118 BUG 15118]: Crash in rpcd_classic - NULL pointer deference in mangle_is_mangled().
* Noel Power <noel.power@suse.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15100 BUG 15100]: smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15120 BUG 15120]: Fix check for chown when processing NFSv4 ACL.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15082 BUG 15082]: The pcap background queue process should not be stopped.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15097 BUG 15097]: testparm: Fix typo in idmap rangesize check.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15106 BUG 15106]: net ads info returns LDAP server and LDAP server name as null.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15108 BUG 15108]: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15090 BUG 15090]: CTDB child process logging does not work as expected.

[https://www.samba.org/samba/history/samba-4.16.3.html Release Notes Samba 4.16.3]

==Samba 4.16.2==
:Release Notes for Samba 4.16.2
:June 13, 2022

===This is the latest stable release of the Samba 4.16 release series.===

===Changes since 4.16.1===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15042 BUG 15042]: Use pathref fd instead of io fd in vfs_default_durable_cookie.
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15069 BUG 15069]: vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted.
* Samuel Cabrero <scabrero@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15087 BUG 15087]: netgroups support removed.
* Samuel Cabrero <scabrero@suse.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14674 BUG 14674]: net ads info shows LDAP Server: 0.0.0.0 depending on contacted server.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15062 BUG 15062]: Update from 4.15 to 4.16 breaks discovery of [homes] on standalone server from Win and IOS.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15071 BUG 15071]: waf produces incorrect names for python extensions with Python 3.11.
* Noel Power <noel.power@suse.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15075 BUG 15075]: smbclient -E doesn't work as advertised.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15071 BUG 15071]: waf produces incorrect names for python extensions with Python 3.11.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15081 BUG 15081]: The samba background daemon doesn't refresh the printcap cache on startup.
o Robert Sprowson <webpages@sprow.co.uk>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14443 BUG 14443]: Out-by-4 error in smbd read reply max_send clamp..

[https://www.samba.org/samba/history/samba-4.16.2.html Release Notes Samba 4.16.2]

==Samba 4.16.1==
:Release Notes for Samba 4.16.1
:May 02, 2022

===This is the latest stable release of the Samba 4.16 release series.===

===Changes since 4.16.0===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14831 BUG 14831]: Share and server swapped in smbget password prompt.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15022 BUG 15022]: Durable handles won't reconnect if the leased file is written to.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15023 BUG 15023]: rmdir silently fails if directory contains unreadable files and hide unreadable is yes.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15038 BUG 15038]: SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle.
* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=8731 BUG 8731]: Need to describe --builtin-libraries= better (compare with --bundled-libraries).
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14957 BUG 14957]: vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15035 BUG 15035]: shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes.
* Samuel Cabrero <scabrero@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15046 BUG 15046]: PAM Kerberos authentication incorrectly fails with a clock skew error.
* Pavel Filipenský <pfilipen@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15041 15041]: Username map - samba erroneously applies unix group memberships to user account entries.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14951 BUG 14951]: KVNO off by 100000.
* Christof Schmitt <cs@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15027 BUG 15027]: Uninitialized litemask in variable in vfs_gpfs module.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15055 BUG 15055]: vfs_gpfs recalls=no option prevents listing files.
* Andreas Schneider <asn@cryptomilk.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15054 BUG 15054]: smbd doesn't handle UPNs for looking up names.

[https://www.samba.org/samba/history/samba-4.16.1.html Release Notes Samba 4.16.1]

==Samba 4.16.0==
<onlyinclude>
:Release Notes for Samba 4.16.0
:March 21, 2022

===Release Announcements===


This is the first stable release of the Samba 4.16 release series.
===UPGRADING===
Please read the release notes carefully before upgrading.


===NEW FEATURES/CHANGES===
===NEW FEATURES/CHANGES===
Line 27: Line 211:


samba-dcerpcd can also be useful for use outside of the Samba framework, for example, use with the Linux kernel SMB2 server ksmbd or possibly other SMB2 server implementations.
samba-dcerpcd can also be useful for use outside of the Samba framework, for example, use with the Linux kernel SMB2 server ksmbd or possibly other SMB2 server implementations.

====Heimdal-8.0pre used for Samba Internal Kerberos, adds FAST support====

Samba has since Samba 4.0 included a snapshot of the Heimdal Kerberos implementation. This snapshot has now been updated and will closely match what will be released as Heimdal 8.0 shortly.

This is a major update, previously we used a snapshot of Heimdal from 2011, and brings important new Kerberos security features such as Kerberos request armoring, known as FAST. This tunnels ticket requests and replies that might be encrypted with a weak password inside a wrapper built with a stronger password, say from a machine account.

In Heimdal and MIT modes Samba's KDC now supports FAST, for the support of non-Windows clients.

Windows clients will not use this feature however, as they do not attempt to do so against a server not advertising domain Functional Level 2012. Samba users are of course free to modify how Samba advertises itself, but use with Windows clients is not supported "out of the box".

Finally, Samba also uses a per-KDC, not per-realm 'cookie' to secure part of the FAST protocol. A future version will align this more closely with Microsoft AD behaviour.

If FAST needs to be disabled on your Samba KDC, set

kdc enable fast = no

in the smb.conf.

The Samba project wishes to thank the numerous developers who have put in a massive effort to make this possible over many years. In particular we thank Stefan Metzmacher, Joseph Sutton, Gary Lockyer, Isaac Boukris and Andrew Bartlett. Samba's developers in turn thank their employers and in turn their customers who have supported this effort over many years.


====Certificate Auto Enrollment====
====Certificate Auto Enrollment====
Line 75: Line 279:


::This specifies the number of seconds without leader broadcasts before a node calls an election. The default is 5.
::This specifies the number of seconds without leader broadcasts before a node calls an election. The default is 5.



===REMOVED FEATURES===
===REMOVED FEATURES===


====SMB1 CORE and LANMAN1 protocol wildcard copy, unlink and rename removed====
====Older SMB1 protocol SMBCopy command removed====

SMB is a nearly 30-year old protocol, and some protocol commands that while supported in all versions, have not seen widespread use.

One of those is SMBCopy, a feature for a server-side copy of a file. This feature has been so unmaintained that Samba has no testsuite for it.

The SMB1 command SMB_COM_COPY (SMB1 command number 0x29) was introduced in the LAN Manager 1.0 dialect and it was rendered obsolete in the NT LAN Manager dialect.

Therefore it has been removed from the Samba smbd server.

We do note that a fully supported and tested server-side copy is present in SMB2, and can be accessed with "scopy" subcommand in smbclient)

====SMB1 server-side wildcard expansion removed====

Server-side wildcard expansion is another feature that sounds useful, but is also rarely used and has become problematic - imposing extra work on the server (both in terms of code and CPU time).

In actual OS design, wildcard expansion is handled in the local shell, not at the remote server using SMB wildcard syntax (which is not shell syntax).

In Samba 4.16 the ability to process file name wildcards in requests using the SMB1 commands SMB_COM_RENAME (SMB1 command number 0x7), SMB_COM_NT_RENAME (SMB1 command number 0xA5) and SMB_COM_DELETE (SMB1 command number 0x6) has been removed.

====SMB1 protocol has been deprecated, particularly older dialects====

We take this opportunity to remind that we have deprecated and disabled by default, but not removed, the whole SMB1 protocol since Samba 4.11. If needed for security purposes or code maintenance we will continue to remove older protocol commands and dialects that are unused or have been replaced in more modern SMB1 versions.

We specifically deprecate the older dialects older than "NT LM 0.12" (also known as "NT LANMAN 1.0" and "NT1").

Please note that "NT LM 0.12" is the dialect used by software as old as Windows 95, Windows NT and Samba 2.0, so this deprecation applies to DOS and similar era clients.

We do reassure that that 'simple' operation of older clients than these (eg DOS) will, while untested, continue for the near future, our purpose is not to cripple use of Samba in unique situations, but to reduce the maintaince burden.


Eventually SMB1 as a whole will be removed, but no broader change is announced for 4.16.
In preparation for the removal of the SMB1 server, the unused SMB1 command SMB_COM_COPY (SMB1 command number 0x29) has been removed from the Samba smbd server. In addition, the ability to process file name wildcards in requests using the SMB1 commands SMB_COM_COPY (SMB1 command number 0x2A), SMB_COM_RENAME (SMB1 command number 0x7), SMB_COM_NT_RENAME (SMB1 command number 0xA5) and SMB_COM_DELETE (SMB1 command number 0x6) have been removed.


This only affects clients using MS-DOS based versions of SMB1, the last release of which was Windows 98. Users requiring support for these features will need to use older versions of Samba.
In the rare case where the above changes cause incompatibilities, users requiring support for these features will need to use older versions of Samba.


====No longer using Linux mandatory locks for sharemodes====
====No longer using Linux mandatory locks for sharemodes====
Line 100: Line 331:
rpc start on demand helpers Added true
rpc start on demand helpers Added true
</onlyinclude>
</onlyinclude>

===CHANGES SINCE 4.16.0rc5===

* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15000 BUG 15000]: Memory leak in FAST cookie handling.
* Elia Geretto <elia.f.geretto@gmail.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14983 BUG 14983]: NT_STATUS_ACCESS_DENIED translates into EPERM instead of EACCES in SMBC_server_internal.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13879 BUG 13879]: Simple bind doesn't work against an RODC (with non-preloaded users).
:* [https://bugzilla.samba.org/show_bug.cgi?id=14641 BUG 14641]: Crash of winbind on RODC.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15001 BUG 15001]: LDAP simple binds should honour "old password allowed period".
:* [https://bugzilla.samba.org/show_bug.cgi?id=15002 BUG 15002]: S4U2Self requests don't work against servers without FAST support.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15003 BUG 15003]: wbinfo -a doesn't work reliable with upn names.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15005 BUG 15005]: A cross-realm kerberos client exchanges fail using KDCs with and without FAST.
:* [https://bugzilla.samba.org/show_bug.cgi?id=15015 BUG 15015]: PKINIT: hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR.
* Garming Sam <garming@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13879 BUG 13879]: Simple bind doesn't work against an RODC (with non-preloaded users).
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15016 BUG 15016]: Regression: create krb5 conf = yes doesn't work with a single KDC.
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=15015 BUG 15015]: PKINIT: hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR.

===CHANGES SINCE 4.16.0rc4===

* Jeremy Allison <jra@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14737 BUG 14737]: Samba does not response STATUS_INVALID_PARAMETER when opening 2 objects with same lease key.
* Jule Anger <janger@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14999 BUG 14999]: Listing shares with smbstatus no longer works.
* Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14996 BUG 14996]: Fix ldap simple bind with TLS auditing.
* Andrew Bartlett <abartlet@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14995 BUG 14995]: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
* Volker Lendecke <vl@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14989 BUG 14989]: Fix a use-after-free in SMB1 server.
* Stefan Metzmacher <metze@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14865 BUG 14865]: Uncached logon on RODC always fails once.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14984 BUG 14984]: Changing the machine password against an RODC likely destroys the domain join.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14993 BUG 14993]: authsam_make_user_info_dc() steals memory from its struct ldb_message *msg argument.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14995 BUG 14995]: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
* Joseph Sutton <josephsutton@catalyst.net.nz>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14995 BUG 14995]: Use Heimdal 8.0 (pre) rather than an earlier snapshot.

===CHANGES SINCE 4.16.0rc3===

* Samuel Cabrero <scabrero@suse.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14979 BUG 14979]: Problem when winbind renews Kerberos.
* Björn Jacke <bj@sernet.de>
:* [https://bugzilla.samba.org/show_bug.cgi?id=13631 BUG 13631]: DFS fix for AIX broken.
:*[https://bugzilla.samba.org/show_bug.cgi?id=14974 BUG 14974] : Solaris and AIX acl modules: wrong function arguments.
:* [https://bugzilla.samba.org/show_bug.cgi?id=7239 BUG 7239]: Function aixacl_sys_acl_get_file not declared / coredump.
* Andreas Schneider <asn@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14967 BUG 14967]: Samba autorid fails to map AD users if id rangesize fits in the id range only once.
* Martin Schwenke <martin@meltin.net>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14958 BUG 14958]: CTDB can get stuck in election and recovery.


===CHANGES SINCE 4.16.0rc2===
===CHANGES SINCE 4.16.0rc2===
Line 108: Line 393:
* Ralph Boehme <slow@samba.org>
* Ralph Boehme <slow@samba.org>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14674 BUG 14674]: net ads info shows LDAP Server: 0.0.0.0 depending on contacted server.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14674 BUG 14674]: net ads info shows LDAP Server: 0.0.0.0 depending on contacted server.
* Pavel Filipenský <pfilipen@redhat.com>
* Pavel Filipenský <pfilipen@redhat.com>
:* [https://bugzilla.samba.org/show_bug.cgi?id=14971 BUG 14971]: virusfilter_vfs_openat: Not scanned: Directory or special file.
:* [https://bugzilla.samba.org/show_bug.cgi?id=14971 BUG 14971]: virusfilter_vfs_openat: Not scanned: Directory or special file.
* Volker Lendecke <vl@samba.org>
* Volker Lendecke <vl@samba.org>
Line 137: Line 422:
[[Release_Planning_for_Samba_4.16#Release_blocking_bugs]]
[[Release_Planning_for_Samba_4.16#Release_blocking_bugs]]


https://download.samba.org/pub/samba/rc/samba-4.16.0rc3.WHATSNEW.txt
https://www.samba.org/samba/history/samba-4.16.0.html

Revision as of 17:36, 24 November 2022

Samba 4.16 is Maintenance Mode.

Samba 4.16.7

Release Notes for Samba 4.16.7
November 15, 2022

This is a security release in order to address the following defects:

Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap.

Changes since 4.16.6

  • Joseph Sutton <josephsutton@catalyst.net.nz>
  • Nicolas Williams <nico@twosigma.com>
Release Notes Samba 4.16.7

Samba 4.16.6

Release Notes for Samba 4.16.6
October 25, 2022

This is a security release in order to address the following defect:

  • CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba).

Changes since 4.16.5

  • Joseph Sutton <josephsutton@catalyst.net.nz>
 Release Notes Samba 4.16.6

Samba 4.16.5

Release Notes for Samba 4.16.5

September 07, 2022

This is the latest stable release of the Samba 4.16 release series.

Changes since 4.16.4

  • Jeremy Allison <jra@samba.org>
  • BUG 15128: Possible use after free of connection_struct when iterating smbd_server_connection->connections.
  • Ralph Boehme <slow@samba.org>
  • BUG 15086: Spotlight RPC service returns wrong response when Spotlight is disabled on a share.
  • BUG 15126: acl_xattr VFS module may unintentionally use filesystem permissions instead of ACL from xattr.
  • BUG 15153: Missing SMB2-GETINFO access checks from MS-SMB2 3.3.5.20.1.
  • BUG 15161: assert failed: !is_named_stream(smb_fname)") at ../../lib/util/fault.c:197.
  • Stefan Metzmacher <metze@samba.org>
  • BUG 15148: Missing READ_LEASE break could cause data corruption.
  • Andreas Schneider <asn@samba.org>
  • BUG 15124: rpcclient can crash using setuserinfo(2).
  • BUG 15132: Samba fails to build with glibc 2.36 caused by including <sys/mount.h> in libreplace.
  • Joseph Sutton <josephsutton@catalyst.net.nz>
  • BUG 15152: SMB1 negotiation can fail to handle connection errors.
  • Michael Tokarev <mjt@tls.msk.ru>
  • BUG 15078: samba-tool domain join segfault when joining a samba ad domain.
 Release Notes Samba 4.16.5

Samba 4.16.4

Release Notes for Samba 4.16.4
July 27, 2022

This is a security release in order to address the following defects:

Samba AD users can bypass certain restrictions associated with changing passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify request.
Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request.
Server memory information leak via SMB1.


Changes since 4.16.3

  • Jeremy Allison <jra@samba.org>
  • Andrew Bartlett <abartlet@samba.org>
  • Andreas Schneider <asn@samba.org>
  • Joseph Sutton <josephsutton@catalyst.net.nz>
 Release Notes Samba 4.16.4

Samba 4.16.3

Release Notes for Samba 4.16.3
July 18, 2022

This is the latest stable release of the Samba 4.16 release series.

Changes since 4.16.2

  • Jeremy Allison <jra@samba.org>
  • BUG 15099: Using vfs_streams_xattr and deleting a file causes a panic.
  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • BUG 14986: Add support for bind 9.18.
  • BUG 15076: logging dsdb audit to specific files does not work.
  • Samuel Cabrero <scabrero@samba.org>
  • BUG 14979: Problem when winbind renews Kerberos.
  • BUG 15095: Samba with new lorikeet-heimdal fails to build on gcc 12.1 in developer mode.
  • Volker Lendecke <vl@samba.org>
  • BUG 15105: Crash in streams_xattr because fsp->base_fsp->fsp_name is NULL.
  • BUG 15118: Crash in rpcd_classic - NULL pointer deference in mangle_is_mangled().
  • Noel Power <noel.power@suse.com>
  • BUG 15100: smbclient commands del & deltree fail with NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS.
  • Christof Schmitt <cs@samba.org>
  • BUG 15120: Fix check for chown when processing NFSv4 ACL.
  • Andreas Schneider <asn@samba.org>
  • BUG 15082: The pcap background queue process should not be stopped.
  • BUG 15097: testparm: Fix typo in idmap rangesize check.
  • BUG 15106: net ads info returns LDAP server and LDAP server name as null.
  • BUG 15108: ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link.
  • Martin Schwenke <martin@meltin.net>
  • BUG 15090: CTDB child process logging does not work as expected.
 Release Notes Samba 4.16.3

Samba 4.16.2

Release Notes for Samba 4.16.2
June 13, 2022

This is the latest stable release of the Samba 4.16 release series.

Changes since 4.16.1

  • Jeremy Allison <jra@samba.org>
  • BUG 15042: Use pathref fd instead of io fd in vfs_default_durable_cookie.
  • Ralph Boehme <slow@samba.org>
  • BUG 15069: vfs_gpfs with vfs_shadowcopy2 fail to restore file if original file had been deleted.
  • Samuel Cabrero <scabrero@samba.org>
  • Samuel Cabrero <scabrero@suse.de>
  • BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted server.
  • Volker Lendecke <vl@samba.org>
  • BUG 15062: Update from 4.15 to 4.16 breaks discovery of [homes] on standalone server from Win and IOS.
  • Stefan Metzmacher <metze@samba.org>
  • BUG 15071: waf produces incorrect names for python extensions with Python 3.11.
  • Noel Power <noel.power@suse.com>
  • BUG 15075: smbclient -E doesn't work as advertised.
  • Andreas Schneider <asn@samba.org>
  • BUG 15071: waf produces incorrect names for python extensions with Python 3.11.
  • BUG 15081: The samba background daemon doesn't refresh the printcap cache on startup.

o Robert Sprowson <webpages@sprow.co.uk>

  • BUG 14443: Out-by-4 error in smbd read reply max_send clamp..
Release Notes Samba 4.16.2

Samba 4.16.1

Release Notes for Samba 4.16.1
May 02, 2022

This is the latest stable release of the Samba 4.16 release series.

Changes since 4.16.0

  • Jeremy Allison <jra@samba.org>
  • BUG 14831: Share and server swapped in smbget password prompt.
  • BUG 15022: Durable handles won't reconnect if the leased file is written to.
  • BUG 15023: rmdir silently fails if directory contains unreadable files and hide unreadable is yes.
  • BUG 15038: SMB2_CLOSE_FLAGS_FULL_INFORMATION fails to return information on renamed file handle.
  • Andrew Bartlett <abartlet@samba.org>
  • BUG 8731: Need to describe --builtin-libraries= better (compare with --bundled-libraries).
  • Ralph Boehme <slow@samba.org>
  • BUG 14957: vfs_shadow_copy2 breaks "smbd async dosmode" sync fallback.
  • BUG 15035: shadow_copy2 fails listing snapshotted dirs with shadow:fixinodes.
  • Samuel Cabrero <scabrero@samba.org>
  • BUG 15046: PAM Kerberos authentication incorrectly fails with a clock skew error.
  • Pavel Filipenský <pfilipen@redhat.com>
  • 15041: Username map - samba erroneously applies unix group memberships to user account entries.
  • Stefan Metzmacher <metze@samba.org>
  • Christof Schmitt <cs@samba.org>
  • BUG 15027: Uninitialized litemask in variable in vfs_gpfs module.
  • BUG 15055: vfs_gpfs recalls=no option prevents listing files.
  • Andreas Schneider <asn@cryptomilk.org>
  • BUG 15054: smbd doesn't handle UPNs for looking up names.
Release Notes Samba 4.16.1

Samba 4.16.0

Release Notes for Samba 4.16.0
March 21, 2022

Release Announcements

This is the first stable release of the Samba 4.16 release series. Please read the release notes carefully before upgrading.

NEW FEATURES/CHANGES

New samba-dcerpcd binary to provide DCERPC in the member server setup

In order to make it much easier to break out the DCERPC services from smbd, a new samba-dcerpcd binary has been created.

samba-dcerpcd can be used in two ways. In the normal case without startup script modification it is invoked on demand from smbd or winbind --np-helper to serve DCERPC over named pipes. Note that in order to run in this mode the smb.conf [global] section has a new parameter "rpc start on demand helpers = [true|false]". This parameter is set to "true" by default, meaning no changes to smb.conf files are needed to run samba-dcerpcd on demand as a named pipe helper.

It can also be used in a standalone mode where it is started separately from smbd or winbind but this requires changes to system startup scripts, and in addition a change to smb.conf, setting the new [global] parameter "rpc start on demand helpers = false". If "rpc start on demand helpers" is not set to false, samba-dcerpcd will refuse to start in standalone mode.

Note that when Samba is run in the Active Directory Domain Controller mode the samba binary that provides the AD code will still provide its normal DCERPC services whilst allowing samba-dcerpcd to provide services like SRVSVC in the same way that smbd used to in this configuration.

The parameters that allowed some smbd-hosted services to be started externally are now gone (detailed below) as this is now the default setting.

samba-dcerpcd can also be useful for use outside of the Samba framework, for example, use with the Linux kernel SMB2 server ksmbd or possibly other SMB2 server implementations.

Heimdal-8.0pre used for Samba Internal Kerberos, adds FAST support

Samba has since Samba 4.0 included a snapshot of the Heimdal Kerberos implementation. This snapshot has now been updated and will closely match what will be released as Heimdal 8.0 shortly.

This is a major update, previously we used a snapshot of Heimdal from 2011, and brings important new Kerberos security features such as Kerberos request armoring, known as FAST. This tunnels ticket requests and replies that might be encrypted with a weak password inside a wrapper built with a stronger password, say from a machine account.

In Heimdal and MIT modes Samba's KDC now supports FAST, for the support of non-Windows clients.

Windows clients will not use this feature however, as they do not attempt to do so against a server not advertising domain Functional Level 2012. Samba users are of course free to modify how Samba advertises itself, but use with Windows clients is not supported "out of the box".

Finally, Samba also uses a per-KDC, not per-realm 'cookie' to secure part of the FAST protocol. A future version will align this more closely with Microsoft AD behaviour.

If FAST needs to be disabled on your Samba KDC, set

kdc enable fast = no

in the smb.conf.

The Samba project wishes to thank the numerous developers who have put in a massive effort to make this possible over many years. In particular we thank Stefan Metzmacher, Joseph Sutton, Gary Lockyer, Isaac Boukris and Andrew Bartlett. Samba's developers in turn thank their employers and in turn their customers who have supported this effort over many years.

Certificate Auto Enrollment

Certificate Auto Enrollment allows devices to enroll for certificates from Active Directory Certificate Services. It is enabled by Group Policy. To enable Certificate Auto Enrollment, Samba's group policy will need to be enabled by setting the smb.conf option `apply group policies` to Yes. Samba Certificate Auto Enrollment depends on certmonger, the cepces certmonger plugin, and sscep. Samba uses sscep to download the CA root chain, then uses certmonger paired with cepces to monitor the host certificate templates. Certificates are installed in /var/lib/samba/certs and private keys are installed in /var/lib/samba/private/certs.

Ability to add ports to dns forwarder addresses in internal DNS backend

The internal DNS server of Samba forwards queries non-AD zones to one or more configured forwarders. Up until now it has been assumed that these forwarders listen on port 53. Starting with this version it is possible to configure the port using host:port notation. See smb.conf for more details. Existing setups are not affected, as the default port is 53.

CTDB changes

  • The "recovery master" role has been renamed "leader"
Documentation and logs now refer to "leader".
The following ctdb tool command names have changed:
   recmaster -> leader
   setrecmasterrole -> setleaderrole
Command output has changed for the following commands:
   status
   getcapabilities
The "[legacy] -> recmaster capability" configuration option has been renamed and moved to the cluster section, so this is now:
   [cluster] -> leader capability
  • The "recovery lock" has been renamed "cluster lock"
Documentation and logs now refer to "cluster lock".
The "[cluster] -> recovery lock" configuration option has been deprecated and will be removed in a future version. Please use "[cluster] -> cluster lock" instead.
If the cluster lock is enabled then traditional elections are not done and leader elections use a race for the cluster lock. This avoids various conditions where a node is elected leader but can not take the cluster lock. Such conditions included:
  • At startup, a node elects itself leader of its own cluster before connecting to other nodes
  • Cluster filesystem failover is slow
The abbreviation "reclock" is still used in many places, because a better abbreviation eludes us (i.e. "clock" is obvious bad) and changing all instances would require a lot of churn. If the abbreviation "reclock" for "cluster lock" is confusing, please consider mentally prefixing it with "really excellent".
  • CTDB now uses leader broadcasts and an associated timeout to determine if an election is required
The leader broadcast timeout can be configured via new configuration option
   [cluster] -> leader timeout
This specifies the number of seconds without leader broadcasts before a node calls an election. The default is 5.

REMOVED FEATURES

Older SMB1 protocol SMBCopy command removed

SMB is a nearly 30-year old protocol, and some protocol commands that while supported in all versions, have not seen widespread use.

One of those is SMBCopy, a feature for a server-side copy of a file. This feature has been so unmaintained that Samba has no testsuite for it.

The SMB1 command SMB_COM_COPY (SMB1 command number 0x29) was introduced in the LAN Manager 1.0 dialect and it was rendered obsolete in the NT LAN Manager dialect.

Therefore it has been removed from the Samba smbd server.

We do note that a fully supported and tested server-side copy is present in SMB2, and can be accessed with "scopy" subcommand in smbclient)

SMB1 server-side wildcard expansion removed

Server-side wildcard expansion is another feature that sounds useful, but is also rarely used and has become problematic - imposing extra work on the server (both in terms of code and CPU time).

In actual OS design, wildcard expansion is handled in the local shell, not at the remote server using SMB wildcard syntax (which is not shell syntax).

In Samba 4.16 the ability to process file name wildcards in requests using the SMB1 commands SMB_COM_RENAME (SMB1 command number 0x7), SMB_COM_NT_RENAME (SMB1 command number 0xA5) and SMB_COM_DELETE (SMB1 command number 0x6) has been removed.

SMB1 protocol has been deprecated, particularly older dialects

We take this opportunity to remind that we have deprecated and disabled by default, but not removed, the whole SMB1 protocol since Samba 4.11. If needed for security purposes or code maintenance we will continue to remove older protocol commands and dialects that are unused or have been replaced in more modern SMB1 versions.

We specifically deprecate the older dialects older than "NT LM 0.12" (also known as "NT LANMAN 1.0" and "NT1").

Please note that "NT LM 0.12" is the dialect used by software as old as Windows 95, Windows NT and Samba 2.0, so this deprecation applies to DOS and similar era clients.

We do reassure that that 'simple' operation of older clients than these (eg DOS) will, while untested, continue for the near future, our purpose is not to cripple use of Samba in unique situations, but to reduce the maintaince burden.

Eventually SMB1 as a whole will be removed, but no broader change is announced for 4.16.

In the rare case where the above changes cause incompatibilities, users requiring support for these features will need to use older versions of Samba.

No longer using Linux mandatory locks for sharemodes

smbd mapped sharemodes to Linux mandatory locks. This code in the Linux kernel was broken for a long time, and is planned to be removed with Linux 5.15. This Samba release removes the usage of mandatory locks for sharemodes and the "kernel share modes" config parameter is changed to default to "no". The Samba VFS interface is kept, so that file-system specific VFS modules can still use private calls for enforcing sharemodes.


smb.conf changes

 Parameter Name                          Description     Default
 --------------                          -----------     -------
 kernel share modes                      New default     No
 dns forwarder                           Changed
 rpc_daemon                              Removed
 rpc_server                              Removed
 rpc start on demand helpers             Added           true


CHANGES SINCE 4.16.0rc5

  • Andrew Bartlett <abartlet@samba.org>
  • BUG 15000: Memory leak in FAST cookie handling.
  • Elia Geretto <elia.f.geretto@gmail.com>
  • BUG 14983: NT_STATUS_ACCESS_DENIED translates into EPERM instead of EACCES in SMBC_server_internal.
  • Stefan Metzmacher <metze@samba.org>
  • BUG 13879: Simple bind doesn't work against an RODC (with non-preloaded users).
  • BUG 14641: Crash of winbind on RODC.
  • BUG 15001: LDAP simple binds should honour "old password allowed period".
  • BUG 15002: S4U2Self requests don't work against servers without FAST support.
  • BUG 15003: wbinfo -a doesn't work reliable with upn names.
  • BUG 15005: A cross-realm kerberos client exchanges fail using KDCs with and without FAST.
  • BUG 15015: PKINIT: hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR.
  • Garming Sam <garming@catalyst.net.nz>
  • BUG 13879: Simple bind doesn't work against an RODC (with non-preloaded users).
  • Andreas Schneider <asn@samba.org>
  • BUG 15016: Regression: create krb5 conf = yes doesn't work with a single KDC.
  • Joseph Sutton <josephsutton@catalyst.net.nz>
  • BUG 15015: PKINIT: hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR.

CHANGES SINCE 4.16.0rc4

  • Jeremy Allison <jra@samba.org>
  • BUG 14737: Samba does not response STATUS_INVALID_PARAMETER when opening 2 objects with same lease key.
  • Jule Anger <janger@samba.org>
  • BUG 14999: Listing shares with smbstatus no longer works.
  • Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
  • BUG 14996: Fix ldap simple bind with TLS auditing.
  • Andrew Bartlett <abartlet@samba.org>
  • BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
  • Volker Lendecke <vl@samba.org>
  • BUG 14989: Fix a use-after-free in SMB1 server.
  • Stefan Metzmacher <metze@samba.org>
  • BUG 14865: Uncached logon on RODC always fails once.
  • BUG 14984: Changing the machine password against an RODC likely destroys the domain join.
  • BUG 14993: authsam_make_user_info_dc() steals memory from its struct ldb_message *msg argument.
  • BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot.
  • Joseph Sutton <josephsutton@catalyst.net.nz>
  • BUG 14995: Use Heimdal 8.0 (pre) rather than an earlier snapshot.

CHANGES SINCE 4.16.0rc3

  • Samuel Cabrero <scabrero@suse.de>
  • BUG 14979: Problem when winbind renews Kerberos.
  • Björn Jacke <bj@sernet.de>
  • BUG 13631: DFS fix for AIX broken.
  • BUG 14974 : Solaris and AIX acl modules: wrong function arguments.
  • BUG 7239: Function aixacl_sys_acl_get_file not declared / coredump.
  • Andreas Schneider <asn@samba.org>
  • BUG 14967: Samba autorid fails to map AD users if id rangesize fits in the id range only once.
  • Martin Schwenke <martin@meltin.net>
  • BUG 14958: CTDB can get stuck in election and recovery.

CHANGES SINCE 4.16.0rc2

  • Jeremy Allison <jra@samba.org>
  • BUG 14169: Renaming file on DFS root fails with NT_STATUS_OBJECT_PATH_NOT_FOUND.
  • BUG 14938: NT error code is not set when overwriting a file during rename in libsmbclient.
  • Ralph Boehme <slow@samba.org>
  • BUG 14674: net ads info shows LDAP Server: 0.0.0.0 depending on contacted server.
  • Pavel Filipenský <pfilipen@redhat.com>
  • BUG 14971: virusfilter_vfs_openat: Not scanned: Directory or special file.
  • Volker Lendecke <vl@samba.org>
  • BUG 14900: Regression: Samba 4.15.2 on macOS segfaults intermittently during strcpy in tdbsam_getsampwnam.
  • BUG 14975: Fix a crash in vfs_full_audit - CREATE_FILE can free a used fsp.
  • Stefan Metzmacher <metze@samba.org>
  • BUG 14968: smb2_signing_decrypt_pdu() may not decrypt with gnutls_aead_cipher_decrypt() from gnutls before 3.5.2.
  • Andreas Schneider <asn@samba.org>
  • BUG 14960: SDB uses HDB flags directly which can lead to unwanted side effects.

CHANGES SINCE 4.16.0rc1

  • Jeremy Allison <jra at samba.org>
  • Ralph Boehme <slow at samba.org>
  • FeRD (Frank Dana) <ferdnyc at gmail.com>
  • BUG 14947: samba-bgqd still notifying systemd, triggering log warnings without NotifyAccess=all.
  • Stefan Metzmacher <metze at samba.org>
  • BUG 14867: Printing no longer works on Windows 7 with 2021-10 monthly rollup patch.
  • BUG 14956: ndr_push_string() adds implicit termination for STR_NOTERM|REMAINING empty strings.
  • Joseph Sutton <josephsutton at catalyst.net.nz>

KNOWN ISSUES

Release_Planning_for_Samba_4.16#Release_blocking_bugs

https://www.samba.org/samba/history/samba-4.16.0.html