rpms/samba
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to Samba 4.1.0rc3.

Browse Source
This commit is contained in:
Andreas Schneider 2013-09-11 14:38:36 +02:00
parent 0fc9d86f52
commit fcef634c79
6 changed files with 141 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -28,3 +28,4 @@ samba-3.6.0pre1.tar.gz
/samba-4.0.7.tar.xz
/samba-4.1.0rc1.tar.xz
/samba-4.1.0rc2.tar.xz
/samba-4.1.0rc3.tar.xz

52
samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
View File

@ -1,52 +0,0 @@
From 187e520b96c5ae3a7fd7bfd24df4c67b1528ded9 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 12 Aug 2013 20:22:04 +0200
Subject: [PATCH] s3-winbind: Fix a segfault passing NULL to a fstring
argument.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10082
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Aug 13 13:58:26 CEST 2013 on sn-devel-104
---
source3/winbindd/winbindd_cm.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 50728a5..48322cb 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1127,6 +1127,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
uint32_t nt_version = NETLOGON_NT_VERSION_1;
NTSTATUS status;
const char *dc_name;
+ fstring nbtname;
ip_list.ss = *pss;
ip_list.port = 0;
@@ -1210,9 +1211,17 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
/* try node status request */
- if (name_status_find(domain->name, 0x1c, 0x20, pss, *name) ) {
+ if (name_status_find(domain->name, 0x1c, 0x20, pss, nbtname) ) {
namecache_store(*name, 0x20, 1, &ip_list);
- return True;
+
+ if (name != NULL) {
+ *name = talloc_strdup(mem_ctx, nbtname);
+ if (*name == NULL) {
+ return false;
+ }
+ }
+
+ return true;
}
return False;
}
--
1.8.3.1

292
samba-4.1.0rc3-winbind-ads.patch
View File

@ -1,292 +0,0 @@
From 48ccd15ba80c35a3f3595c8dddcf063efa6d3444 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Thu, 22 Aug 2013 15:39:08 +0200
Subject: [PATCH 1/6] s3-winbindd: remove pointless variable assigment, see the
strdup below.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_ads.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 1e45ad9..5e6bb92 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -101,7 +101,6 @@ static ADS_STATUS ads_cached_connection_connect(ADS_STRUCT **adsp,
ads->auth.renewable = renewable;
ads->auth.password = password;
- ads->auth.realm = realm;
ads->auth.realm = SMB_STRDUP(realm);
if (!strupper_m(ads->auth.realm)) {
--
1.8.3.1
From 21099d6a30904e0d7aa076d9e494c61b6c70e658 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Fri, 23 Aug 2013 12:33:53 +0200
Subject: [PATCH 2/6] s3-winbindd: Fix memory leak in ads_cached_connection().
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_ads.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 5e6bb92..924bc83 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -220,7 +220,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
domain->name, NULL,
password, realm,
WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
-
+ SAFE_FREE(realm);
if (!ADS_ERR_OK(status)) {
/* if we get ECONNREFUSED then it might be a NT4
--
1.8.3.1
From a2e83d0b0b2fbb6c46a762d19bbf7d4dc3111778 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Thu, 22 Aug 2013 16:36:27 +0200
Subject: [PATCH 3/6] s3-winbindd: Fix winbind on DC crash with trusted AD
domains.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_ads.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 924bc83..d6eb4b4 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -193,7 +193,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
NULL ) ) {
return NULL;
}
- realm = NULL;
+ realm = SMB_STRDUP(domain->alt_name);
}
else {
struct winbindd_domain *our_domain = domain;
--
1.8.3.1
From f1db526d94c2dc7f94f535feabab3e1a3e5bb815 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Wed, 28 Aug 2013 15:00:06 +0200
Subject: [PATCH 4/6] s3-winbindd: use find_domain_from_name() instead of
find_domain_from_name_no_init().
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Otherwise there is a good chance the domain has not been connected and we don't
know the realm name yet.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_ads.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index d6eb4b4..7aa936b 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -151,12 +151,12 @@ ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name)
DEBUG(10, ("ldap_server from saf cache: '%s'\n",
ldap_server ? ldap_server : ""));
- wb_dom = find_domain_from_name_noinit(dom_name);
+ wb_dom = find_domain_from_name(dom_name);
if (wb_dom == NULL) {
DEBUG(10, ("could not find domain '%s'\n", dom_name));
realm = NULL;
} else {
- DEBUG(10, ("find_domain_from_name_noinit found realm '%s' for "
+ DEBUG(10, ("find_domain_from_name found realm '%s' for "
" domain '%s'\n", wb_dom->alt_name, dom_name));
realm = wb_dom->alt_name;
}
--
1.8.3.1
From 42f8df74231d085000e24809bb03e868c1e9bd30 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Fri, 23 Aug 2013 14:56:17 +0200
Subject: [PATCH 5/6] s3-winbindd: make sure also the idmap code can deal with
trusted domains.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_ads.c | 40 +++++++++++++++++++++++++++++++---------
1 file changed, 31 insertions(+), 9 deletions(-)
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 7aa936b..fc44158 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -136,6 +136,7 @@ ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name)
{
char *ldap_server, *realm, *password;
struct winbindd_domain *wb_dom;
+ ADS_STATUS status;
ads_cached_connection_reuse(adsp);
if (*adsp != NULL) {
@@ -154,19 +155,40 @@ ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name)
wb_dom = find_domain_from_name(dom_name);
if (wb_dom == NULL) {
DEBUG(10, ("could not find domain '%s'\n", dom_name));
- realm = NULL;
- } else {
- DEBUG(10, ("find_domain_from_name found realm '%s' for "
+ return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ }
+
+ DEBUG(10, ("find_domain_from_name found realm '%s' for "
" domain '%s'\n", wb_dom->alt_name, dom_name));
- realm = wb_dom->alt_name;
+
+ if (!get_trust_pw_clear(dom_name, &password, NULL, NULL)) {
+ return ADS_ERROR_NT(NT_STATUS_CANT_ACCESS_DOMAIN_INFO);
}
- /* the machine acct password might have change - fetch it every time */
- password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
- realm = SMB_STRDUP(lp_realm());
+ if (IS_DC) {
+ realm = SMB_STRDUP(wb_dom->alt_name);
+ } else {
+ struct winbindd_domain *our_domain = wb_dom;
- return ads_cached_connection_connect(adsp, realm, dom_name, ldap_server,
- password, realm, 0);
+ /* always give preference to the alt_name in our
+ primary domain if possible */
+
+ if (!wb_dom->primary) {
+ our_domain = find_our_domain();
+ }
+
+ if (our_domain->alt_name != NULL) {
+ realm = SMB_STRDUP(our_domain->alt_name);
+ } else {
+ realm = SMB_STRDUP(lp_realm());
+ }
+ }
+
+ status = ads_cached_connection_connect(adsp, realm, dom_name, ldap_server,
+ password, realm, 0);
+ SAFE_FREE(realm);
+
+ return status;
}
/*
--
1.8.3.1
From aeb6a0f932174f9259a04f95701bb8360d777cb5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
Date: Wed, 28 Aug 2013 14:53:08 +0200
Subject: [PATCH 6/6] s3-winbindd: use get_trust_pw_clear() wrapper for AD
connection code.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This avoids calling secrets functions directly.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
---
source3/winbindd/idmap_ad.c | 1 -
source3/winbindd/winbindd_ads.c | 11 ++++-------
2 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index 1ed6570..8b63801 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -31,7 +31,6 @@
#include "ads.h"
#include "libads/ldap_schema.h"
#include "nss_info.h"
-#include "secrets.h"
#include "idmap.h"
#include "../libcli/ldap/ldap_ndr.h"
#include "../libcli/security/security.h"
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index fc44158..c33b1bc 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -27,7 +27,6 @@
#include "../librpc/gen_ndr/ndr_netlogon_c.h"
#include "../libds/common/flags.h"
#include "ads.h"
-#include "secrets.h"
#include "../libcli/ldap/ldap_ndr.h"
#include "../libcli/security/security.h"
#include "../libds/common/flag_mapping.h"
@@ -209,20 +208,18 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
/* the machine acct password might have change - fetch it every time */
+ if (!get_trust_pw_clear(domain->name, &password, NULL, NULL)) {
+ return NULL;
+ }
+
if ( IS_DC ) {
- if ( !pdb_get_trusteddom_pw( domain->name, &password, NULL,
- NULL ) ) {
- return NULL;
- }
realm = SMB_STRDUP(domain->alt_name);
}
else {
struct winbindd_domain *our_domain = domain;
- password = secrets_fetch_machine_password(lp_workgroup(), NULL,
- NULL);
/* always give preference to the alt_name in our
primary domain if possible */
--
1.8.3.1

122
samba-4.1.0rc4-add_support_for_krb5_keyring.patch Normal file
View File

@ -0,0 +1,122 @@
From d0279ff5b87a40ea2e59d9f4ca96b2d4c8189d26 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 10 Sep 2013 09:28:50 +0200
Subject: [PATCH 1/3] s3-winbind: Don't set a default directory for DIR.
There is not default so you should always have to specify a directory in
the config file.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_pam.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 7b67154..957dde3 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -492,10 +492,6 @@ static const char *generate_krb5_ccache(TALLOC_CTX *mem_ctx,
gen_cc = talloc_asprintf(
mem_ctx, "WRFILE:/tmp/krb5cc_%d", uid);
}
- if (strequal(type, "DIR")) {
- gen_cc = talloc_asprintf(
- mem_ctx, "DIR:/run/user/%d/krb5cc", uid);
- }
if (strnequal(type, "FILE:/", 6) ||
strnequal(type, "WRFILE:/", 8) ||
--
1.8.4
From 266e5cea14109530b513ba7f48fa18f370333de3 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 10 Sep 2013 09:30:04 +0200
Subject: [PATCH 2/3] s3-winbind: Add support for the kernel krb5 keyring
buffer.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
---
source3/winbindd/winbindd_pam.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 957dde3..c356686 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -492,6 +492,10 @@ static const char *generate_krb5_ccache(TALLOC_CTX *mem_ctx,
gen_cc = talloc_asprintf(
mem_ctx, "WRFILE:/tmp/krb5cc_%d", uid);
}
+ if (strequal(type, "KEYRING")) {
+ gen_cc = talloc_asprintf(
+ mem_ctx, "KEYRING:persistent:%d", uid);
+ }
if (strnequal(type, "FILE:/", 6) ||
strnequal(type, "WRFILE:/", 8) ||
--
1.8.4
From 3884f6bb3e7c1e0a4445231f0c2bb7f3335a5b79 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Tue, 10 Sep 2013 09:43:32 +0200
Subject: [PATCH 3/3] doc: Update documentation of pam_winbind krb5 support.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 10 15:35:20 CEST 2013 on sn-devel-104
---
docs-xml/manpages/pam_winbind.conf.5.xml | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
diff --git a/docs-xml/manpages/pam_winbind.conf.5.xml b/docs-xml/manpages/pam_winbind.conf.5.xml
index be7f684..725e809 100644
--- a/docs-xml/manpages/pam_winbind.conf.5.xml
+++ b/docs-xml/manpages/pam_winbind.conf.5.xml
@@ -106,16 +106,24 @@
<term>krb5_ccache_type = [type]</term>
<listitem><para>
- When pam_winbind is configured to try kerberos authentication by
- enabling the <parameter>krb5_auth</parameter> option, it can
- store the retrieved Ticket Granting Ticket (TGT) in a credential
- cache. The type of credential cache can be controlled with this
- option. The supported values are: <parameter>FILE</parameter>
- and <parameter>DIR</parameter> (when the DIR type is supported
- by the system's Kerberos library). In case of FILE a credential
+ When pam_winbind is configured to try kerberos authentication
+ by enabling the <parameter>krb5_auth</parameter> option, it can
+ store the retrieved Ticket Granting Ticket (TGT) in a
+ credential cache. The type of credential cache can be
+ controlled with this option. The supported values are:
+ <parameter>KEYRING</parameter> (when supported by the system's
+ Kerberos library and Kernel), <parameter>FILE</parameter> and
+ <parameter>DIR</parameter> (when the DIR type is supported by
+ the system's Kerberos library). In case of FILE a credential
cache in the form of /tmp/krb5cc_UID will be created - in case
- of DIR it will be located under the /run/user/UID/krb5cc
- directory. UID is replaced with the numeric user id.</para>
+ of DIR you NEED to specify a directory. UID is replaced with
+ the numeric user id.</para>
+
+ <para>When using the KEYRING type, the supported mechanism is
+ <quote>KEYRING:persistent:UID</quote>, which uses the Linux
+ kernel keyring to store credentials on a per-UID basis. This is
+ the recommended choice on latest Linux distributions, as it is
+ the most secure and predictable method.</para>
<para>It is also possible to define custom filepaths and use the "%u"
pattern in order to substitue the numeric user id.
--
1.8.4

25
samba.spec
View File

@ -1,7 +1,7 @@
# Set --with testsuite or %bcond_without to run the Samba torture testsuite.
%bcond_with testsuite
%define main_release 6
%define main_release 7
%define samba_version 4.1.0
%define talloc_version 2.0.8
@ -10,7 +10,7 @@
%define tevent_version 0.9.18
%define ldb_version 1.1.16
# This should be rc1 or nil
%define pre_release rc2
%define pre_release rc3
%if "x%{?pre_release}" != "x"
%define samba_release 0.%{main_release}.%{pre_release}%{?dist}
@ -77,8 +77,7 @@ Source6: samba.pamd
Source200: README.dc
Source201: README.downgrade
Patch0: samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
Patch1: samba-4.1.0rc3-winbind-ads.patch
Patch0: samba-4.1.0rc4-add_support_for_krb5_keyring.patch
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@ -437,8 +436,7 @@ the local kerberos library to use the same KDC as samba and winbind use
%prep
%setup -q -n samba-%{version}%{pre_release}
%patch0 -p1 -b .samba-4.1.0rc3-fix_winbind_nbtname_segfault.patch
%patch1 -p1 -b .samba-4.1.0rc3-winbind_ads.patch
%patch0 -p1 -b .samba-4.1.0rc4-add_support_for_krb5_keyring.patch
%build
%global _talloc_lib ,talloc,pytalloc,pytalloc-util
@ -782,6 +780,7 @@ rm -rf %{buildroot}
%{_mandir}/man8/vfs_fileid.8*
%{_mandir}/man8/vfs_full_audit.8*
%{_mandir}/man8/vfs_gpfs.8*
%{_mandir}/man8/vfs_linux_xfs_sgid.8*
%{_mandir}/man8/vfs_media_harmony.8*
%{_mandir}/man8/vfs_netatalk.8*
%{_mandir}/man8/vfs_notify_fam.8*
@ -796,12 +795,11 @@ rm -rf %{buildroot}
%{_mandir}/man8/vfs_smb_traffic_analyzer.8*
%{_mandir}/man8/vfs_streams_depot.8*
%{_mandir}/man8/vfs_streams_xattr.8*
%{_mandir}/man8/vfs_syncops.8*
%{_mandir}/man8/vfs_time_audit.8*
%{_mandir}/man8/vfs_tsmsm.8*
%{_mandir}/man8/vfs_xattr_tdb.8*
%exclude %{_mandir}/man8/swat.8*
### CLIENT
%files client
%defattr(-,root,root)
@ -846,9 +844,15 @@ rm -rf %{buildroot}
%{_mandir}/man1/smbclient.1*
%{_mandir}/man1/smbcquotas.1*
%{_mandir}/man1/smbget.1*
%{_mandir}/man3/ntdb.3*
%{_mandir}/man5/smbgetrc.5*
%exclude %{_mandir}/man1/smbtar.1*
%{_mandir}/man1/smbtree.1*
%{_mandir}/man8/ntdbbackup.8*
%{_mandir}/man8/ntdbdump.8*
%{_mandir}/man8/ntdbrestore.8*
%{_mandir}/man8/ntdbtool.8*
%{_mandir}/man8/samba-regedit.8*
%{_mandir}/man8/smbpasswd.8*
%{_mandir}/man8/smbspool.8*
%{_mandir}/man8/smbta-util.8*
@ -945,6 +949,7 @@ rm -rf %{buildroot}
%{_sbindir}/samba_spnupdate
%{_sbindir}/samba_upgradedns
%{_libdir}/mit_samba.so
%{_libdir}/samba/auth/samba4.so
%{_libdir}/samba/bind9/dlz_bind9.so
%{_libdir}/samba/libheimntlm-samba4.so.1
%{_libdir}/samba/libheimntlm-samba4.so.1.0.1
@ -1470,6 +1475,10 @@ rm -rf %{buildroot}
%{_mandir}/man7/winbind_krb5_locator.7*
%changelog
* Wed Sep 11 2013 - Andreas Schneider <asn@redhat.com> - 2:4.1.0-0.7
- related: #985609 - Update to Samba 4.1.0rc3.
- resolves: #1005422 - Add support for KEYRING ccache type in pam_winbindd.
* Wed Sep 04 2013 - Andreas Schneider <asn@redhat.com> - 2:4.1.0-0.6
- resolves: #717484 - Enable profiling data support.

2
sources
View File

@ -1 +1 @@
ee14addf3363d93ce8c62dcc5d6dc94b samba-4.1.0rc2.tar.xz
be61e2c8dbd728dc1539548f4b082b04 samba-4.1.0rc3.tar.xz