cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move samba4 to samba, and tweak the ports tree to use it.

Browse Source 
ok ajacoutot@

Upcoming commits will add additional tweaks.

Many thanks to Vadim Zhukov (who did most of the work), Ian McWilliam
(co-maintainer), Stuart Henderson who provided lots of support and
feedback, Antoine Jacoutot who patiently dealt with my broken diffs,
and more generally all the people involved.  Most of the recent work was
done during p2k15 and c2k15.
This commit is contained in:
jca 2015-08-25 11:04:38 +00:00
parent 73d42d8389
commit 4b1d388711
82 changed files with 2221 additions and 2503 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
multimedia/mpv/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.13 2015/05/30 07:27:40 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.14 2015/08/25 11:04:38 jca Exp $
ONLY_FOR_ARCHS = alpha amd64 i386 powerpc sparc64
@ -46,7 +46,7 @@ LIB_DEPENDS = audio/libcdio \
RUN_DEPENDS = devel/desktop-file-utils \
x11/gtk+3,-guic
CFLAGS += -I. -I.. -I${LOCALBASE}/include
CFLAGS += -I. -I.. -I${LOCALBASE}/include `pkg-config --cflags smbclient`
CONFIGURE_STYLE = simple
CONFIGURE_SCRIPT = old-configure

3
net/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.921 2015/08/24 20:47:28 sthen Exp $
# $OpenBSD: Makefile,v 1.922 2015/08/25 11:04:38 jca Exp $
SUBDIR =
SUBDIR += GeoIP
@ -569,7 +569,6 @@
SUBDIR += ruby-stomp
SUBDIR += ruby-xmpp4r
SUBDIR += samba
SUBDIR += samba,ldap
SUBDIR += scamper
SUBDIR += scapy
SUBDIR += seafile

359
net/samba/Makefile
View File

@ -1,175 +1,252 @@
# $OpenBSD: Makefile,v 1.201 2015/07/07 14:43:36 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.202 2015/08/25 11:04:39 jca Exp $
SHARED_ONLY= Yes
SHARED_ONLY = Yes
VERSION = 4.1.19
DISTNAME = samba-${VERSION}
DOCSVERSION = v3-5-test-4c5a1b6b
DISTFILES = ${DISTNAME}${EXTRACT_SUFX} \
samba-docs-${DOCSVERSION}.tar.bz2:0
COMMENT-main= SMB and CIFS client and server for UNIX
COMMENT-docs= additional documentation and examples for Samba
COMMENT-main = SMB and CIFS client and server for UNIX
COMMENT-ldb = LDAP-like embedded database
COMMENT-tevent = event system based on talloc
COMMENT-util = common libraries for Samba suite
COMMENT-docs = additional documentation and examples for Samba
DISTNAME= samba-3.6.15
PKGNAME-main= ${DISTNAME}
FULLPKGNAME-docs= ${DISTNAME:S/-/-docs-/}
FULLPKGPATH-docs= net/samba,-docs
REVISION-main= 15
REVISION-docs= 1
PKGNAME-main = ${PKGNAME}
PKGNAME-ldb = ldb-${LDB_V}
PKGNAME-tevent = tevent-${TEVENT_V}
PKGNAME-util = samba-util-${VERSION}
PKGNAME-docs = samba-docs-${VERSION}
SHARED_LIBS= smbclient 3.0 \
smbsharemodes 1.0 \
netapi 1.0 \
wbclient 1.0
REVISION-main = 4
REVISION-ldb = 4
REVISION-tevent = 2
REVISION-util = 2
REVISION-docs = 1
CATEGORIES= net
PKG_ARCH-docs = *
HOMEPAGE= http://www.samba.org/
LDB_V = 1.1.17
TEVENT_V = 0.9.18
MAINTAINER= Ian McWilliam <kaosagnt@tpg.com.au>
SHARED_LIBS = asn1-samba4 0.0 \
dcerpc 0.0 \
dcerpc-atsvc 0.0 \
dcerpc-binding 0.0 \
dcerpc-samr 0.0 \
dcerpc-server 0.0 \
gensec 0.0 \
gssapi-samba4 0.0 \
hcrypto-samba4 0.0 \
hdb-samba4 0.0 \
heimbase-samba4 0.0 \
heimntlm-samba4 0.0 \
hx509-samba4 0.0 \
kdc-samba4 0.0 \
krb5-samba4 0.0 \
ldb 0.0 \
mit_samba 0.0 \
ndr 0.0 \
ndr-krb5pac 0.0 \
ndr-nbt 0.0 \
ndr-standard 0.0 \
netapi 2.0 \
ntdb 0.0 \
pdb 0.0 \
pyldb-util 0.0 \
registry 0.0 \
roken-samba4 0.0 \
samba-credentials 0.0 \
samba-hostconfig 0.0 \
samba-policy 0.0 \
samba-util 0.0 \
samdb 0.0 \
smbclient 4.0 \
smbclient-raw 0.0 \
smbconf 0.0 \
smbldap 0.0 \
smbsharemodes 2.0 \
tevent 0.0 \
tevent-util 0.0 \
torture 0.0 \
wbclient 2.0 \
wind-samba4 0.0 \
winbind_krb5_locator 0.0 \
nss_wrapper 0.0 \
socket_wrapper 0.0 \
uid_wrapper 0.0 \
replace 0.0 \
util_setid 0.0
# GPLv3+
PERMIT_PACKAGE_CDROM= Yes
CATEGORIES = net sysutils security
WANTLIB += c cups execinfo iniparser ncurses popt pthread readline talloc
WANTLIB += tdb z
HOMEPAGE = https://www.samba.org/
MASTER_SITES= http://ftp.samba.org/pub/samba/stable/ \
http://ftp.samba.org/pub/samba/old-versions/
#MAINTAINER = ???
MODULES= converters/libiconv
# GPLv3, LGPLv3
PERMIT_PACKAGE_CDROM = Yes
BUILD_DEPENDS= ${MODGNU_AUTOCONF_DEPENDS}
LIB_DEPENDS= databases/tdb>=1.2.7 \
devel/iniparser \
devel/libexecinfo \
devel/libtalloc \
devel/popt \
print/cups,-libs
UTIL_LIBS = nss_wrapper socket_wrapper uid_wrapper replace
UTIL_LIBS += util_setid
# TODO WAF scripts link to those without version info, but those are
# not "plugins" or such.
UTIL_WANTLIB = ${UTIL_LIBS:S@^@lib/samba/@}
MAKE_FLAGS+= PASSWD_PROGRAM="/usr/bin/passwd" \
LIBSMBCLIENT_SHARED_TARGET_SONAME="bin/libsmbclient.so.${LIBsmbclient_VERSION}" \
LIBSMBSHAREMODES_SHARED_TARGET_SONAME="bin/libsmbsharemodes.so.${LIBsmbsharemodes_VERSION}" \
LIBNETAPI_SHARED_TARGET_SONAME="bin/libnetapi.so.${LIBnetapi_VERSION}" \
LIBADDNS_SHARED_TARGET_SONAME="bin/libaddns.so.${LIBaddns_VERSION}" \
LIBWBCLIENT_SHARED_TARGET_SONAME="bin/libwbclient.so.${LIBwbclient_VERSION}"
WANTLIB-common = m pthread util ${MODPY_WANTLIB}
CONFDIR= ${SYSCONFDIR}/samba
SAMBA_LOGDIR= /var/log/samba
SUBST_VARS= CONFDIR
WANTLIB-main = ${WANTLIB-common} ${MODGETTEXT_WANTLIB}
WANTLIB-main += c com_err ncurses z
WANTLIB-main += avahi-client avahi-common cups execinfo fam iniparser
WANTLIB-main += lber ldap pam popt sasl2 gcrypt gnutls
WANTLIB-main += ldb pyldb-util pytalloc-util tdb talloc tevent
WANTLIB-main += ${UTIL_WANTLIB}
USE_GMAKE= Yes
USE_GROFF= Yes
CONFIGURE_STYLE= gnu
AUTOCONF_VERSION= 2.69
WANTLIB-ldb = ${WANTLIB-common}
WANTLIB-ldb += c popt tdb talloc tevent
WANTLIB-ldb += ${UTIL_WANTLIB}
CONFIGURE_ARGS= --disable-fam \
--without-ads \
--without-pam \
--libdir="${PREFIX}/lib/samba" \
--sbindir="${PREFIX}/libexec" \
--with-configdir="${CONFDIR}" \
--with-modulesdir="${PREFIX}/lib/samba" \
--with-lockdir="/var/spool/samba" \
--with-piddir="/var/run" \
--with-logfilebase="${SAMBA_LOGDIR}" \
--with-privatedir="${CONFDIR}" \
--with-libsmbclient \
--with-swatdir="${PREFIX}/share/swat" \
--with-syslog \
--with-utmp \
--with-winbind \
--with-wbclient \
--enable-avahi=no \
--enable-external-libtdb=yes \
--enable-external-libtalloc=yes \
--enable-pthreadpool
WANTLIB-tevent = ${WANTLIB-common}
WANTLIB-tevent += talloc
WANTLIB-tevent += ${UTIL_WANTLIB}
# Uncomment to enable debugging symbols.
#CONFIGURE_ARGS+= --enable-debug
WANTLIB-util = ${WANTLIB-common}
WANTLIB-util += pytalloc-util talloc
CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib"
WANTLIB-docs =
FLAVORS= ldap
FLAVOR?=
MASTER_SITES = https://download.samba.org/pub/samba/stable/ \
https://download.samba.org/pub/samba/old-versions/
MULTI_PACKAGES= -main -docs
MASTER_SITES0 = https://www.samba.org/~samba-bugs/docs/v3-5-test/
.if ${FLAVOR:Mldap}
LIB_DEPENDS+= databases/openldap
WANTLIB += ldap lber
.else
CONFIGURE_ARGS+= --without-ldap
.endif
MULTI_PACKAGES = -main -ldb -tevent -util -docs
PKG_ARCH-docs= *
LIB_DEPENDS-docs=
WANTLIB-docs=
RUN_DEPENDS-docs=
MODULES = devel/gettext lang/python perl
# REGRESSION testing is currently borked. Builds, runs
# tests fail. Fix one day.
NO_TEST= Yes
#TEST_TARGET= test
#.ifmake test
#CONFIGURE_ARGS+= --enable-socket-wrapper \
# --enable-nss-wrapper
#.endif
BUILD_DEPENDS = devel/p5-Parse-Yapp>=1.0.5 \
net/py-dnspython \
textproc/docbook-xsl \
textproc/libxslt
WRKSRC= ${WRKDIR}/${DISTNAME}/source3
RUN_DEPENDS-main = net/py-dnspython
SAMBA_DOCS= ${WRKDIST}/README \
${WRKDIST}/docs/history \
${WRKDIST}/docs/registry/*.reg
RUN_DEPENDS-docs =
SAMPLE_CONFIG= ${PREFIX}/share/examples/samba/smb.conf.default
LIB_DEPENDS-main = ${BUILD_PKGPATH},-ldb>=${LDB_V} \
${BUILD_PKGPATH},-util>=${VERSION} \
${MODGETTEXT_LIB_DEPENDS} \
databases/openldap \
databases/tdb>=1.2.12 \
devel/iniparser \
devel/libexecinfo \
devel/libtalloc>=2.1.2 \
net/avahi \
print/cups,-libs \
security/cyrus-sasl2 \
security/gnutls \
security/libgcrypt \
security/openpam \
sysutils/e2fsprogs \
sysutils/gamin
SAMBA_MANPAGES= ${WRKDIST}/docs/manpages
LIB_DEPENDS-ldb = ${BUILD_PKGPATH},-tevent>=${TEVENT_V} \
${BUILD_PKGPATH},-util>=${VERSION} \
databases/tdb>=1.2.12 \
devel/libtalloc>=2.1.2 \
devel/popt
LIB_DEPENDS-tevent = ${BUILD_PKGPATH},-util>=${VERSION} \
devel/libtalloc>=2.1.2
LIB_DEPENDS-util = ${MODPY_LIB_DEPENDS} \
devel/libtalloc>=2.1.2
LIB_DEPENDS-docs =
CONFIGURE_STYLE = simple
CONFIGURE_ARGS = --enable-fhs \
--abi-check-disable \
--bundled-libraries="!crypto,ldb,ntdb,!talloc,!tdb,tevent" \
--prefix=${PREFIX} \
--destdir=${WRKINST} \
--docdir=${PREFIX}/share/doc \
--mandir=${PREFIX}/man \
--localedir=${PREFIX}/share/locale \
--localstatedir=${BASELOCALSTATEDIR} \
--private-libraries="NONE" \
--sharedstatedir=${VARBASE} \
--sysconfdir=${SYSCONFDIR} \
--with-configdir=${SYSCONFDIR}/samba \
--with-statedir=${VARBASE}/samba \
--with-privatedir=${VARBASE}/samba/private \
--with-lockdir=${VARBASE}/run/samba \
--with-privileged-socket-dir=${VARBASE}/samba \
--without-pie \
--enable-selftest \
--pedantic \
--without-regedit
# XXX Remember to remove --enable-developer, it prints passwords in logs.
#CONFIGURE_ARGS += --enable-developer
WAF = ${WRKSRC}/buildtools/bin/waf
WAF_ARGS = -v -j ${MAKE_JOBS}
CONFIGURE_ENV = LC_ALL=en_US.UTF-8
MAKE_ENV = LC_ALL=en_US.UTF-8 \
PYTHON=${MODPY_BIN} \
WAF_ARGS="${WAF_ARGS}"
.for _l _v in ${SHARED_LIBS}
MAKE_ENV += LIB${_l:S/-/_/g}_VERSION=${_v}
.endfor
SAMBA_CONFIG = ${PREFIX}/share/examples/samba/smb.conf.default
SAMBA_LOGDIR = ${VARBASE}/log/samba
SUBST_VARS = SAMBA_LOGDIR
post-patch:
@cd ${WRKSRC}; \
AUTOCONF_VERSION=${AUTOCONF_VERSION} \
./autogen.sh
find ${WRKSRC} -type f | xargs ${MODPY_BIN_ADJ}
${SUBST_CMD} ${WRKSRC}/lib/testtools/testtools/tests/test_compat.py
pre-configure:
@${SUBST_CMD} ${SAMBA_MANPAGES}/swat.8
# Avoid bogus -L/usr/local/lib at the start of linker options
post-configure:
perl -pi.ldflags -e 's/^LINKFLAGS_PYEMBED.*/LINKFLAGS_PYEMBED = []/' \
${WRKBUILD}/bin/c4che/default.cache.py
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/samba/pdf
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/samba/htmldocs
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/samba
${INSTALL_DATA_DIR} ${PREFIX}/lib/pkgconfig
${INSTALL_DATA} ${WRKSRC}/pkgconfig/*.pc \
${PREFIX}/lib/pkgconfig
@cp -R ${WRKDIST}/examples/* ${PREFIX}/share/examples/samba
@chown -R ${SHAREOWN}:${SHAREGRP} ${PREFIX}/share/examples/samba
@find ${PREFIX}/share/examples/samba -type f | \
xargs chmod ${SHAREMODE}
@find ${PREFIX}/share/examples/samba -type d | \
xargs chmod ${DIRMODE}
@for i in ${SAMBA_DOCS}; do \
${INSTALL_DATA} $$i ${PREFIX}/share/doc/samba ; \
done
@for i in ${WRKDIST}/docs/*.pdf ; do \
${INSTALL_DATA} $$i ${PREFIX}/share/doc/samba/pdf ; \
done
@for i in ${WRKDIST}/docs/htmldocs/* ; do \
if [ -f $$i ]; then \
${INSTALL_DATA} $$i ${PREFIX}/share/doc/samba/htmldocs ;\
fi \
done
@sed -e 's:/usr/spool/samba:/var/spool/samba:g' \
-e 's:/usr/local/samba/var/log:${SAMBA_LOGDIR}/smbd:g' \
-e 's:MYGROUP:WORKGROUP:' \
${WRKDIST}/examples/smb.conf.default > ${SAMPLE_CONFIG}
${INSTALL_SCRIPT} ${WRKSRC}/script/mksmbpasswd.sh \
${PREFIX}/bin/mksmbpasswd
@chown ${BINOWN}:${BINGRP} ${PREFIX}/bin/smbpasswd
@ln -s samba/libsmbclient.so.${LIBsmbclient_VERSION} \
${PREFIX}/lib/libsmbclient.so.${LIBsmbclient_VERSION}
@ln -s samba/libsmbsharemodes.so.${LIBsmbsharemodes_VERSION} \
${PREFIX}/lib/libsmbsharemodes.so.${LIBsmbsharemodes_VERSION}
@ln -s samba/libnetapi.so.${LIBnetapi_VERSION} \
${PREFIX}/lib/libnetapi.so.${LIBnetapi_VERSION}
@ln -s samba/libwbclient.so.${LIBwbclient_VERSION} \
${PREFIX}/lib/libwbclient.so.${LIBwbclient_VERSION}
@rmdir ${WRKINST}${SYSCONFDIR}/samba
@rmdir ${WRKINST}/var/spool/samba
# removing extra files
find ${PREFIX} \
-name '*${PATCHORIG}' -or \
-name '*.beforesubst' -or \
-name '*.deconforig' | \
xargs -rt rm --
# fix path to perl modules
mv ${PREFIX}/share/perl5/* ${PREFIX}/${P5SITE}
# precompiling Python modules
${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py ${WRKINST}${MODPY_SITEPKG}
${MODPY_BIN} -O ${MODPY_LIBDIR}/compileall.py ${WRKINST}${MODPY_SITEPKG}
# creating library symlinks
.for _l in ${UTIL_LIBS}
cd ${PREFIX}/lib && ln -fs samba/lib${_l}.so.${LIB${_l}_VERSION}
.endfor
# install samba docs and sample config
${INSTALL_DATA_DIR} ${PREFIX}/share/{doc,examples}/samba
${INSTALL_DATA} ${WRKDIR}/samba-docs-${DOCSVERSION}/*.pdf \
${PREFIX}/share/doc/samba
cp -R ${WRKDIST}/examples/* ${PREFIX}/share/examples/samba
chown -R ${SHAREOWN}:${SHAREGRP} ${PREFIX}/share/examples/samba
find ${PREFIX}/share/examples/samba -type f | xargs chmod ${SHAREMODE}
find ${PREFIX}/share/examples/samba -type d | xargs chmod ${DIRMODE}
sed -e 's:/usr/spool/samba:/var/spool/samba:g' \
-e 's:/usr/local/samba/var/log:${SAMBA_LOGDIR}/smbd:g' \
-e 's:MYGROUP:WORKGROUP:' \
${WRKDIST}/examples/smb.conf.default > ${SAMBA_CONFIG}.tmp && \
mv ${SAMBA_CONFIG}.tmp ${SAMBA_CONFIG}
.include <bsd.port.mk>

6
net/samba/distinfo
View File

@ -1,2 +1,4 @@
SHA256 (samba-3.6.15.tar.gz) = QrmssT+HYKF2eCnrqkw3HkYqrVKHyvkoh+ZJMM8n2mA=
SIZE (samba-3.6.15.tar.gz) = 34111211
SHA256 (samba-4.1.19.tar.gz) = YvI9/6zU+visVX+c8BoVleOdsLvdlZxMGJD0YVXJ+TY=
SHA256 (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) = bsF0WP1KT1M3jMx3Z88MbsEQ1QEq9catijXpnPm7hZA=
SIZE (samba-4.1.19.tar.gz) = 19558250
SIZE (samba-docs-v3-5-test-4c5a1b6b.tar.bz2) = 8070761

14
net/samba/patches/patch-Makefile Normal file
View File

@ -0,0 +1,14 @@
$OpenBSD: patch-Makefile,v 1.1 2015/08/25 11:04:39 jca Exp $
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9886
--- Makefile.orig Fri Apr 26 00:49:58 2013
+++ Makefile Fri Apr 26 00:50:45 2013
@@ -2,7 +2,8 @@
PYTHON?=python
WAF_BINARY=$(PYTHON) ./buildtools/bin/waf
-WAF=WAF_MAKE=1 $(WAF_BINARY)
+WAF_ARGS?=
+WAF=WAF_MAKE=1 $(WAF_BINARY) $(WAF_ARGS)
all:
$(WAF) build

70
net/samba/patches/patch-buildtools_wafadmin_Tools_ccroot_py Normal file
View File

@ -0,0 +1,70 @@
$OpenBSD: patch-buildtools_wafadmin_Tools_ccroot_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Make Samba4 WAF respect OpenBSD shared libraries versioning conventions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9774
--- buildtools/wafadmin/Tools/ccroot.py.orig Mon May 27 17:48:53 2013
+++ buildtools/wafadmin/Tools/ccroot.py Mon May 27 18:06:35 2013
@@ -568,7 +568,7 @@ def apply_implib(self):
@before('apply_lib_vars', 'default_link_install')
def apply_vnum(self):
"""
- libfoo.so is installed as libfoo.so.1.2.3
+ libfoo.so is installed as libfoo.so.1.2.3, unless there is OS-specific scheme
"""
if not getattr(self, 'vnum', '') or not 'cshlib' in self.features or os.name != 'posix' or self.env.DEST_BINFMT not in ('elf', 'mac-o'):
return
@@ -576,19 +576,33 @@ def apply_vnum(self):
self.meths.remove('default_link_install')
link = self.link_task
- nums = self.vnum.split('.')
node = link.outputs[0]
-
libname = node.name
+
+ # OpenBSD-like library handling:
+ # * each shared library should be named libfoo.so.MAJOR.MINOR
+ # * no symlinks should be created
+ target_name = self.target
+ osvnum = os.getenv('LIB' + target_name.replace('-', '_') + '_VERSION')
+ if osvnum:
+ self.vnum = osvnum
+ nums = self.vnum.split('.')
+
+ name2 = None
if libname.endswith('.dylib'):
name3 = libname.replace('.dylib', '.%s.dylib' % self.vnum)
- name2 = libname.replace('.dylib', '.%s.dylib' % nums[0])
+ if not osvnum:
+ name2 = libname.replace('.dylib', '.%s.dylib' % nums[0])
else:
name3 = libname + '.' + self.vnum
- name2 = libname + '.' + nums[0]
+ if not osvnum:
+ name2 = libname + '.' + nums[0]
if self.env.SONAME_ST:
- v = self.env.SONAME_ST % name2
+ if name2:
+ v = self.env.SONAME_ST % name2
+ else:
+ v = self.env.SONAME_ST % name3
self.env.append_value('LINKFLAGS', v.split())
bld = self.bld
@@ -598,11 +612,11 @@ def apply_vnum(self):
if not path: return
bld.install_as(path + os.sep + name3, node, env=self.env)
- bld.symlink_as(path + os.sep + name2, name3)
- bld.symlink_as(path + os.sep + libname, name3)
-
- # the following task is just to enable execution from the build dir :-/
- self.create_task('vnum', node, [node.parent.find_or_declare(name2), node.parent.find_or_declare(name3)])
+ if not osvnum:
+ bld.symlink_as(path + os.sep + name2, name3)
+ bld.symlink_as(path + os.sep + libname, name3)
+ # the following task is just to enable execution from the build dir :-/
+ self.create_task('vnum', node, [node.parent.find_or_declare(name2), node.parent.find_or_declare(name3)])
def exec_vnum_link(self):
for x in self.outputs:

17
net/samba/patches/patch-buildtools_wafadmin_Tools_gcc_py Normal file
View File

@ -0,0 +1,17 @@
$OpenBSD: patch-buildtools_wafadmin_Tools_gcc_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Disable SONAME write on OpenBSD.
--- buildtools/wafadmin/Tools/gcc.py.orig Sun May 4 00:00:13 2014
+++ buildtools/wafadmin/Tools/gcc.py Sun May 4 00:00:15 2014
@@ -43,7 +43,11 @@ def gcc_common_flags(conf):
v['RPATH_ST'] = '-Wl,-rpath,%s'
v['CCDEFINES_ST'] = '-D%s'
- v['SONAME_ST'] = '-Wl,-h,%s'
+ if sys.platform.startswith('openbsd'):
+ # OpenBSD relies on version info in file names
+ v['SONAME_ST'] = ''
+ else:
+ v['SONAME_ST'] = '-Wl,-h,%s'
v['SHLIB_MARKER'] = '-Wl,-Bdynamic'
v['STATICLIB_MARKER'] = '-Wl,-Bstatic'
v['FULLSTATIC_MARKER'] = '-static'

17
net/samba/patches/patch-buildtools_wafadmin_Tools_gxx_py Normal file
View File

@ -0,0 +1,17 @@
$OpenBSD: patch-buildtools_wafadmin_Tools_gxx_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Disable SONAME write on OpenBSD.
--- buildtools/wafadmin/Tools/gxx.py.orig Sun May 4 00:00:22 2014
+++ buildtools/wafadmin/Tools/gxx.py Sun May 4 00:01:00 2014
@@ -41,7 +41,11 @@ def gxx_common_flags(conf):
v['RPATH_ST'] = '-Wl,-rpath,%s'
v['CXXDEFINES_ST'] = '-D%s'
- v['SONAME_ST'] = '-Wl,-h,%s'
+ if sys.platform.startswith('openbsd'):
+ # OpenBSD relies on version info in file names
+ v['SONAME_ST'] = ''
+ else:
+ v['SONAME_ST'] = '-Wl,-h,%s'
v['SHLIB_MARKER'] = '-Wl,-Bdynamic'
v['STATICLIB_MARKER'] = '-Wl,-Bstatic'
v['FULLSTATIC_MARKER'] = '-static'

32
net/samba/patches/patch-buildtools_wafsamba_samba_autoconf_py Normal file
View File

@ -0,0 +1,32 @@
$OpenBSD: patch-buildtools_wafsamba_samba_autoconf_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Sort -L flags to unbreak linking when any other version of Samba is installed.
--- buildtools/wafsamba/samba_autoconf.py.orig Sat May 11 12:20:52 2013
+++ buildtools/wafsamba/samba_autoconf.py Sat May 11 13:04:26 2013
@@ -716,6 +716,27 @@ def ADD_LDFLAGS(conf, flags, testflags=False):
if not 'EXTRA_LDFLAGS' in conf.env:
conf.env['EXTRA_LDFLAGS'] = []
conf.env['EXTRA_LDFLAGS'].extend(TO_LIST(flags))
+
+ ''' Make sure things go in order:
+ 1. Local -L and -rpath flags
+ 2. External -L and -rpath flags
+ 3. Others
+ '''
+ localL = []
+ extL = []
+ other = []
+ for f in conf.env['EXTRA_LDFLAGS']:
+ if f.startswith("-L%s" % "/usr/ports"):
+ localL.extend( [ f ] )
+ elif f.startswith("-L"):
+ extL.extend( [ f ] )
+ else:
+ other.extend( [ f ] )
+ conf.env['EXTRA_LDFLAGS'] = []
+ conf.env['EXTRA_LDFLAGS'].extend(localL)
+ conf.env['EXTRA_LDFLAGS'].extend(extL)
+ conf.env['EXTRA_LDFLAGS'].extend(other)
+
return flags

32
net/samba/patches/patch-buildtools_wafsamba_samba_bundled_py Normal file
View File

@ -0,0 +1,32 @@
$OpenBSD: patch-buildtools_wafsamba_samba_bundled_py,v 1.1 2015/08/25 11:04:39 jca Exp $
--- buildtools/wafsamba/samba_bundled.py.orig Fri Jul 17 23:56:31 2015
+++ buildtools/wafsamba/samba_bundled.py Sat Jul 18 00:00:08 2015
@@ -70,19 +70,24 @@ def minimum_library_version(conf, libname, default):
@conf
def LIB_MAY_BE_BUNDLED(conf, libname):
- return ('NONE' not in conf.env.BUNDLED_LIBS and
+ r = ('NONE' not in conf.env.BUNDLED_LIBS and
'!%s' % libname not in conf.env.BUNDLED_LIBS)
+ print >> sys.stderr, "LIB_MAY_BE_BUNDLED(%s), BUNDLED_LIBS=%s, result=%s" % (libname, str(conf.env.BUNDLED_LIBS), r)
+ return r
-
@conf
def LIB_MUST_BE_BUNDLED(conf, libname):
- return ('ALL' in conf.env.BUNDLED_LIBS or
+ r = ('ALL' in conf.env.BUNDLED_LIBS or
libname in conf.env.BUNDLED_LIBS)
+ print >> sys.stderr, "LIB_MUST_BE_BUNDLED(%s), BUNDLED_LIBS=%s, result=%s" % (libname, str(conf.env.BUNDLED_LIBS), r)
+ return r
@conf
def LIB_MUST_BE_PRIVATE(conf, libname):
- return ('ALL' in conf.env.PRIVATE_LIBS or
+ r = ('ALL' in conf.env.PRIVATE_LIBS or
libname in conf.env.PRIVATE_LIBS)
+ print >> sys.stderr, "LIB_MUST_BE_PRIVATE(%s), PRIVATE_LIBS=%s, result=%s" % (libname, str(conf.env.PRIVATE_LIBS), r)
+ return r
@conf
def CHECK_PREREQUISITES(conf, prereqs):

17
net/samba/patches/patch-buildtools_wafsamba_samba_conftests_py Normal file
View File

@ -0,0 +1,17 @@
$OpenBSD: patch-buildtools_wafsamba_samba_conftests_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Reverse order of paths added to get reliable builds.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9890
--- buildtools/wafsamba/samba_conftests.py.orig Tue May 14 21:50:32 2013
+++ buildtools/wafsamba/samba_conftests.py Tue May 14 21:53:28 2013
@@ -39,9 +39,9 @@ def check(self, *k, **kw):
def add_options_dir(dirs, env):
for x in dirs:
if not x in env.CPPPATH:
- env.CPPPATH = [os.path.join(x, 'include')] + env.CPPPATH
+ env.CPPPATH = env.CPPPATH + [os.path.join(x, 'include')]
if not x in env.LIBPATH:
- env.LIBPATH = [os.path.join(x, 'lib')] + env.LIBPATH
+ env.LIBPATH = env.LIBPATH + [os.path.join(x, 'lib')]
add_options_dir(additional_dirs, kw['env'])

70
net/samba/patches/patch-buildtools_wafsamba_samba_install_py Normal file
View File

@ -0,0 +1,70 @@
$OpenBSD: patch-buildtools_wafsamba_samba_install_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Make Samba4 WAF respect OpenBSD shared libraries versioning conventions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9774
--- buildtools/wafsamba/samba_install.py.orig Thu May 1 16:31:00 2014
+++ buildtools/wafsamba/samba_install.py Thu May 1 16:31:00 2014
@@ -67,6 +67,11 @@ def install_library(self):
self.env.RPATH = build_ldflags
return
+ target_name = self.target
+
+ # OpenBSD-like library handling
+ osvnum = os.getenv('LIB' + target_name.replace('-', '_') + '_VERSION')
+
# setup the install path, expanding variables
install_path = getattr(self, 'samba_inst_path', None)
if install_path is None:
@@ -76,8 +81,6 @@ def install_library(self):
install_path = '${LIBDIR}'
install_path = bld.EXPAND_VARIABLES(install_path)
- target_name = self.target
-
if install_ldflags != build_ldflags:
# we will be creating a new target name, and using that for the
# install link. That stops us from overwriting the existing build
@@ -103,23 +106,37 @@ def install_library(self):
if getattr(self, 'samba_realname', None):
install_name = self.samba_realname
install_link = None
- if getattr(self, 'soname', ''):
+ if osvnum:
+ if getattr(self, 'soname', ''):
+ osname = self.soname
+ else:
+ osname = install_name
+ osname = re.sub(r'(\.[0-9]+)+$', '', osname) + '.' + osvnum
+ # OpenBSD requires "lib" prefix for all versioned shared libraries
+ osname = re.sub(r'^(.*/|)(?:lib)?(([^l]|l[^i]|li[^b])[^/]+)$', r'\1lib\2', osname)
+ install_name = osname
+ if getattr(self, 'soname', ''):
+ self.soname = osname
+ elif getattr(self, 'soname', ''):
install_link = self.soname
if getattr(self, 'samba_type', None) == 'PYTHON':
inst_name = bld.make_libname(t.target, nolibprefix=True, python=True)
else:
inst_name = bld.make_libname(t.target)
elif self.vnum:
- vnum_base = self.vnum.split('.')[0]
- install_name = bld.make_libname(target_name, version=self.vnum)
- install_link = bld.make_libname(target_name, version=vnum_base)
+ install_link = None
+ if osvnum:
+ install_name = bld.make_libname(target_name, version=osvnum)
+ else:
+ install_name = bld.make_libname(target_name, version=self.vnum)
+ vnum_base = self.vnum.split('.')[0]
inst_name = bld.make_libname(t.target)
- if not self.private_library:
+ if not self.private_library and not osvnum:
# only generate the dev link for non-bundled libs
dev_link = bld.make_libname(target_name)
elif getattr(self, 'soname', ''):
install_name = bld.make_libname(target_name)
- install_link = self.soname
+ install_link = None
inst_name = bld.make_libname(t.target)
else:
install_name = bld.make_libname(target_name)

38
net/samba/patches/patch-buildtools_wafsamba_symbols_py Normal file
View File

@ -0,0 +1,38 @@
$OpenBSD: patch-buildtools_wafsamba_symbols_py,v 1.1 2015/08/25 11:04:39 jca Exp $
1. Our nm(1) defaults to show dynamic symbol table, unless there are many.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9891
2. Add a bunch of common symbols to allow tests to run. Those that added in
safe_symbols initially should probably go upstream, _Jv_RegisterClasses is
a strange one (weak symbol everywhere in the whole system) and others are
coming from libgcc.a.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9892
--- buildtools/wafsamba/symbols.py.orig Tue May 14 17:30:33 2013
+++ buildtools/wafsamba/symbols.py Tue May 14 19:58:59 2013
@@ -46,8 +46,8 @@ def symbols_extract(bld, objfiles, dynamic=False):
return ret
cmd = ["nm"]
- if dynamic:
- # needed for some .so files
+ if dynamic and not sys.platform.startswith("openbsd"):
+ # needed for some .so files on non-OpenBSD platforms
cmd.append("-D")
cmd.extend(list(objfiles))
@@ -569,7 +569,14 @@ def symbols_whyneeded(task):
def report_duplicate(bld, binname, sym, libs, fail_on_error):
'''report duplicated symbols'''
- if sym in ['_init', '_fini', '_edata', '_end', '__bss_start']:
+
+ safe_symbols = ['_init', '_fini', '_edata', '_end', '__bss_start', '__cxa_finalize', '__got_start', '__got_end', '__data_start', '__data_end']
+
+ if sys.platform.startswith("openbsd"):
+ safe_symbols.extend('__udiv_w_sdiv __fixxfdi __fixunsxfdi __divdi3 __udivmoddi4 __floatundidf __floatundixf __floatdixf __divdc3 __umoddi3 __fixdfdi __fixunsdfdi __divxc3 __negdi2 __popcountdi2 __divsc3 __muldi3 __udivdi3 __mulvsi3 __clear_cache __powisf2 __mulvdi3 __powixf2 __gcc_personality_v0 _Unwind_Backtrace _Unwind_DeleteException _Unwind_FindEnclosingFunction _Unwind_ForcedUnwind _Unwind_GetCFA _Unwind_GetDataRelBase _Unwind_GetGR _Unwind_GetIP _Unwind_GetIPInfo _Unwind_GetLanguageSpecificData _Unwind_GetRegionStart _Unwind_GetTextRelBase _Unwind_RaiseException _Unwind_Resume _Unwind_Resume_or_Rethrow _Unwind_SetGR _Unwind_SetIP __frame_state_for _Unwind_Find_FDE __deregister_frame __deregister_frame_info __deregister_frame_info_bases __register_frame __register_frame_info __register_frame_info_bases __register_frame_info_table __register_frame_info_table_bases __register_frame_table __absvdi2 __mulxc3 __floatundisf __ashrdi3 __fixsfdi __fixunssfdi __fixunsdfsi __paritydi2 __paritysi2 __ucmpdi2 __muldc3 __fixunsxfsi __negvdi2 __floatdisf __ffsdi2 __negvsi2 __ffssi2 __moddi3 __ashldi3 __floatdidf __ctzdi2 __gnat_default_lock __gnat_default_unlock __gnat_install_locks __gthread_active_p __gthread_mutex_lock __gthread_mutex_unlock __absvsi2 __popcountsi2 __ctzsi2 __addvsi3 __fixunssfsi __powidf2 __cmpdi2 __lshrdi3 __clzdi2 __addvdi3 __subvsi3 __clzsi2 __subvdi3 __mulsc3 __enable_execute_stack'.split(' '))
+ safe_symbols.append('_Jv_RegisterClasses')
+
+ if sym in safe_symbols:
return
libnames = []
for lib in libs:

19
net/samba/patches/patch-buildtools_wafsamba_wafsamba_py Normal file
View File

@ -0,0 +1,19 @@
$OpenBSD: patch-buildtools_wafsamba_wafsamba_py,v 1.1 2015/08/25 11:04:39 jca Exp $
Make Samba4 WAF respect OpenBSD shared libraries versioning conventions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9774
--- buildtools/wafsamba/wafsamba.py.orig Thu Jun 4 13:43:26 2015
+++ buildtools/wafsamba/wafsamba.py Thu Jun 4 13:43:26 2015
@@ -194,6 +194,13 @@ def SAMBA_LIBRARY(bld, libname, source,
deps = TO_LIST(deps)
deps.append(obj_target)
+ osvnum = os.getenv('LIB' + libname.replace('-', '_') + '_VERSION')
+ if osvnum:
+ vnum = osvnum
+ if realname: realname = re.sub(r'(\.[0-9]+)+$', '.' + osvnum, realname)
+ if link_name: link_name = re.sub(r'(\.[0-9]+)+$', '.' + osvnum, link_name)
+ if soname: soname = re.sub(r'(\.[0-9]+)+$', '.' + osvnum, soname)
+
realname = bld.map_shlib_extension(realname, python=(target_type=='PYTHON'))
link_name = bld.map_shlib_extension(link_name, python=(target_type=='PYTHON'))

16
net/samba/patches/patch-buildtools_wafsamba_wscript Normal file
View File

@ -0,0 +1,16 @@
$OpenBSD: patch-buildtools_wafsamba_wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
Add a hack to force addition of -I/usr/include before any other include path discovered.
--- buildtools/wafsamba/wscript.orig Thu May 1 16:31:00 2014
+++ buildtools/wafsamba/wscript Thu May 1 16:31:00 2014
@@ -85,6 +85,11 @@ def set_options(opt):
help=("Disable use of gettext"),
action="store_true", dest='disable_gettext', default=False)
+ opt.add_option('--with-dummy',
+ help='dummy option to inject /usr/include',
+ action='store', dest='libc_location', default='/usr',
+ match = ['Checking for header sys/types.h'])
+
gr = opt.option_group('developer options')
gr.add_option('-C',

35
net/samba/patches/patch-examples_libsmbclient_teststat2_c Normal file
View File

@ -0,0 +1,35 @@
$OpenBSD: patch-examples_libsmbclient_teststat2_c,v 1.1 2015/08/25 11:04:39 jca Exp $
Use safe and generic approach for time_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9889
--- examples/libsmbclient/teststat2.c.orig Mon Apr 8 20:44:21 2013
+++ examples/libsmbclient/teststat2.c Mon Apr 8 20:44:59 2013
@@ -47,10 +47,10 @@ static int gettime(const char * pUrl,
return 1;
}
- printf("SAMBA\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("SAMBA\n mtime:%lld/%s ctime:%lld/%s atime:%lld/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
/* check the stat on this file */
@@ -60,10 +60,10 @@ static int gettime(const char * pUrl,
return 1;
}
- printf("LOCAL\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("LOCAL\n mtime:%lld/%s ctime:%lld/%s atime:%lld/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
return 0;

35
net/samba/patches/patch-examples_libsmbclient_teststat_c Normal file
View File

@ -0,0 +1,35 @@
$OpenBSD: patch-examples_libsmbclient_teststat_c,v 1.1 2015/08/25 11:04:39 jca Exp $
Use safe and generic approach for time_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9889
--- examples/libsmbclient/teststat.c.orig Mon Apr 8 20:06:15 2013
+++ examples/libsmbclient/teststat.c Mon Apr 8 20:08:46 2013
@@ -47,10 +47,10 @@ int main(int argc, char * argv[])
return 1;
}
- printf("\nSAMBA\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("\nSAMBA\n mtime:%lld/%s ctime:%lld/%s atime:%llu/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
if (pLocalPath != NULL)
{
@@ -60,10 +60,10 @@ int main(int argc, char * argv[])
return 1;
}
- printf("LOCAL\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("LOCAL\n mtime:%lld/%s ctime:%lld/%s atime:%lld/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
}
return 0;

35
net/samba/patches/patch-examples_libsmbclient_testutime_c Normal file
View File

@ -0,0 +1,35 @@
$OpenBSD: patch-examples_libsmbclient_testutime_c,v 1.1 2015/08/25 11:04:39 jca Exp $
Use safe and generic approach for time_t.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9889
--- examples/libsmbclient/testutime.c.orig Mon Apr 8 20:45:07 2013
+++ examples/libsmbclient/testutime.c Mon Apr 8 20:45:33 2013
@@ -47,10 +47,10 @@ int main(int argc, char * argv[])
return 1;
}
- printf("Before\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("Before\n mtime:%lld/%s ctime:%lld/%s atime:%lld/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
utimbuf.actime = t; /* unchangable (wont change) */
utimbuf.modtime = t; /* this one should succeed */
@@ -66,10 +66,10 @@ int main(int argc, char * argv[])
return 1;
}
- printf("After\n mtime:%lu/%s ctime:%lu/%s atime:%lu/%s\n",
- st.st_mtime, ctime_r(&st.st_mtime, m_time),
- st.st_ctime, ctime_r(&st.st_ctime, c_time),
- st.st_atime, ctime_r(&st.st_atime, a_time));
+ printf("After\n mtime:%lld/%s ctime:%lld/%s atime:%lld/%s\n",
+ (long long)st.st_mtime, ctime_r(&st.st_mtime, m_time),
+ (long long)st.st_ctime, ctime_r(&st.st_ctime, c_time),
+ (long long)st.st_atime, ctime_r(&st.st_atime, a_time));
return 0;
}

19
net/samba/patches/patch-lib_async_req_async_sock_c
View File

@ -1,19 +0,0 @@
$OpenBSD: patch-lib_async_req_async_sock_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- lib/async_req/async_sock.c.orig Wed May 8 04:16:26 2013
+++ lib/async_req/async_sock.c Tue Jan 28 02:16:43 2014
@@ -635,6 +635,11 @@ static void read_packet_handler(struct tevent_context
return;
}
+ if (total + more < total) {
+ tevent_req_error(req, EMSGSIZE);
+ return;
+ }
+
tmp = talloc_realloc(state, state->buf, uint8_t, total+more);
if (tevent_req_nomem(tmp, req)) {
return;

12
net/samba/patches/patch-lib_ldb_wscript Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-lib_ldb_wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
Force building standalone library (e.g., put headers in apporiate place).
--- lib/ldb/wscript.orig Mon May 27 16:42:26 2013
+++ lib/ldb/wscript Mon May 27 20:45:07 2013
@@ -44,6 +44,7 @@ def configure(conf):
conf.CONFIG_PATH('LDB_MODULESDIR', conf.SUBST_ENV_VAR('MODULESDIR') + '/ldb')
conf.env.standalone_ldb = conf.IN_LAUNCH_DIR()
+ conf.env.standalone_ldb = True
if not conf.env.standalone_ldb:
if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', minversion=VERSION,

12
net/samba/patches/patch-lib_ntdb_wscript Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-lib_ntdb_wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
Force building standalone library (e.g., put headers in apporiate place).
--- lib/ntdb/wscript.orig Thu Dec 5 10:16:48 2013
+++ lib/ntdb/wscript Wed Jun 17 13:18:09 2015
@@ -102,6 +102,7 @@ def configure(conf):
'test/tap-interface.c']
conf.env.standalone_ntdb = conf.IN_LAUNCH_DIR()
+ conf.env.standalone_ntdb = True
conf.env.disable_python = getattr(Options.options, 'disable_python', False)
if not conf.env.standalone_ntdb:

16
net/samba/patches/patch-lib_replace_replace_h Normal file
View File

@ -0,0 +1,16 @@
$OpenBSD: patch-lib_replace_replace_h,v 1.1 2015/08/25 11:04:39 jca Exp $
Avoid extra warnings.
XXX Probably there should be added another configure time check that <stdlib.h> is enough.
--- lib/replace/replace.h.orig Mon Sep 8 11:26:14 2014
+++ lib/replace/replace.h Wed Jun 17 13:18:09 2015
@@ -56,10 +56,6 @@
#undef HAVE_INTTYPES_H
#endif
-#ifdef HAVE_MALLOC_H
-#include <malloc.h>
-#endif
-
#ifndef __PRI64_PREFIX
# if __WORDSIZE == 64 && ! defined __APPLE__
# define __PRI64_PREFIX "l"

65
net/samba/patches/patch-lib_testtools_testtools_tests_test_compat_py Normal file
View File

@ -0,0 +1,65 @@
$OpenBSD: patch-lib_testtools_testtools_tests_test_compat_py,v 1.1 2015/08/25 11:04:39 jca Exp $
--- lib/testtools/testtools/tests/test_compat.py.orig Mon Apr 8 15:52:50 2013
+++ lib/testtools/testtools/tests/test_compat.py Mon Apr 8 15:56:38 2013
@@ -45,15 +45,15 @@ class TestDetectEncoding(testtools.TestCase):
"""
# With interpreter binary and using Emacs style file encoding comment:
self._check_encoding("latin-1", (
- "#!/usr/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# -*- coding: latin-1 -*-\n",
"import os, sys\n"))
self._check_encoding("iso-8859-15", (
- "#!/usr/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# -*- coding: iso-8859-15 -*-\n",
"import os, sys\n"))
self._check_encoding("ascii", (
- "#!/usr/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# -*- coding: ascii -*-\n",
"import os, sys\n"))
# Without interpreter line, using plain text:
@@ -63,28 +63,28 @@ class TestDetectEncoding(testtools.TestCase):
# Text editors might have different ways of defining the file's
# encoding, e.g.
self._check_encoding("latin-1", (
- "#!/usr/local/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# coding: latin-1\n",
"import os, sys\n"))
# Without encoding comment, Python's parser will assume ASCII text:
self._check_encoding("ascii", (
- "#!/usr/local/bin/python\n",
+ "#!${MODPY_BIN}\n",
"import os, sys\n"))
# Encoding comments which don't work:
# Missing "coding:" prefix:
self._check_encoding("ascii", (
- "#!/usr/local/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# latin-1\n",
"import os, sys\n"))
# Encoding comment not on line 1 or 2:
self._check_encoding("ascii", (
- "#!/usr/local/bin/python\n",
+ "#!${MODPY_BIN}\n",
"#\n",
"# -*- coding: latin-1 -*-\n",
"import os, sys\n"))
# Unsupported encoding:
self._check_encoding("ascii", (
- "#!/usr/local/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# -*- coding: utf-42 -*-\n",
"import os, sys\n"),
possibly_invalid=True)
@@ -114,7 +114,7 @@ class TestDetectEncoding(testtools.TestCase):
"# Or is it coding: iso-8859-2\n"),
possibly_invalid=True)
self._check_encoding("iso-8859-1", (
- "#!/usr/bin/python\n",
+ "#!${MODPY_BIN}\n",
"# Is the coding: iso-8859-1\n",
"# Or is it coding: iso-8859-2\n"))
self._check_encoding("iso-8859-1", (

12
net/samba/patches/patch-lib_tevent_wscript Normal file
View File

@ -0,0 +1,12 @@
$OpenBSD: patch-lib_tevent_wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
Force building standalone library (e.g., put headers in appropriate place).
--- lib/tevent/wscript.orig Mon May 27 20:46:20 2013
+++ lib/tevent/wscript Mon May 27 20:46:32 2013
@@ -33,6 +33,7 @@ def configure(conf):
conf.RECURSE('lib/talloc')
conf.env.standalone_tevent = conf.IN_LAUNCH_DIR()
+ conf.env.standalone_tevent = True
if not conf.env.standalone_tevent:
if conf.CHECK_BUNDLED_SYSTEM_PKG('tevent', minversion=VERSION,

19
net/samba/patches/patch-libcli_auth_schannel_state_tdb_c
View File

@ -1,19 +0,0 @@
$OpenBSD: patch-libcli_auth_schannel_state_tdb_c,v 1.1 2015/02/25 01:37:49 jca Exp $
- CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon
server could lead to remote-code execution
https://bugzilla.samba.org/show_bug.cgi?id=11077#c32
--- libcli/auth/schannel_state_tdb.c.orig Wed May 8 10:16:26 2013
+++ libcli/auth/schannel_state_tdb.c Mon Feb 23 19:52:53 2015
@@ -285,6 +285,10 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ct
NTSTATUS status;
int ret;
+ if (creds_out != NULL) {
+ *creds_out = NULL;
+ }
+
tmpctx = talloc_named(mem_ctx, 0, "schannel_check_creds_state");
if (!tmpctx) {
return NT_STATUS_NO_MEMORY;

19
net/samba/patches/patch-libcli_util_tstream_c
View File

@ -1,19 +0,0 @@
$OpenBSD: patch-libcli_util_tstream_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- libcli/util/tstream.c.orig Wed May 8 04:16:26 2013
+++ libcli/util/tstream.c Tue Jan 28 02:16:43 2014
@@ -129,6 +129,11 @@ static void tstream_read_pdu_blob_done(struct tevent_r
return;
}
+ if (new_buf_size <= old_buf_size) {
+ tevent_req_nterror(req, NT_STATUS_INVALID_BUFFER_SIZE);
+ return;
+ }
+
buf = talloc_realloc(state, state->pdu_blob.data, uint8_t, new_buf_size);
if (tevent_req_nomem(buf, req)) {
return;

15
net/samba/patches/patch-librpc_idl_dcerpc_idl
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-librpc_idl_dcerpc_idl,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- librpc/idl/dcerpc.idl.orig Wed May 8 04:16:26 2013
+++ librpc/idl/dcerpc.idl Tue Jan 28 02:16:43 2014
@@ -467,6 +467,7 @@ interface dcerpc
const uint8 DCERPC_DREP_OFFSET = 4;
const uint8 DCERPC_FRAG_LEN_OFFSET = 8;
const uint8 DCERPC_AUTH_LEN_OFFSET = 10;
+ const uint8 DCERPC_CALL_ID_OFFSET = 12;
/* little-endian flag */
const uint8 DCERPC_DREP_LE = 0x10;

23
net/samba/patches/patch-librpc_rpc_dcerpc_util_c
View File

@ -1,23 +0,0 @@
$OpenBSD: patch-librpc_rpc_dcerpc_util_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- librpc/rpc/dcerpc_util.c.orig Tue Jan 28 02:16:43 2014
+++ librpc/rpc/dcerpc_util.c Tue Jan 28 02:16:43 2014
@@ -48,6 +48,15 @@ uint16_t dcerpc_get_frag_length(const DATA_BLOB *blob)
}
}
+uint32_t dcerpc_get_call_id(const DATA_BLOB *blob)
+{
+ if (CVAL(blob->data,DCERPC_DREP_OFFSET) & DCERPC_DREP_LE) {
+ return IVAL(blob->data, DCERPC_CALL_ID_OFFSET);
+ } else {
+ return RIVAL(blob->data, DCERPC_CALL_ID_OFFSET);
+ }
+}
+
void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v)
{
if (CVAL(blob->data,DCERPC_DREP_OFFSET) & DCERPC_DREP_LE) {

15
net/samba/patches/patch-librpc_rpc_rpc_common_h
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-librpc_rpc_rpc_common_h,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- librpc/rpc/rpc_common.h.orig Wed May 8 04:16:26 2013
+++ librpc/rpc/rpc_common.h Tue Jan 28 02:16:43 2014
@@ -135,6 +135,7 @@ enum dcerpc_transport_t dcerpc_transport_by_tower(cons
void dcerpc_set_frag_length(DATA_BLOB *blob, uint16_t v);
uint16_t dcerpc_get_frag_length(const DATA_BLOB *blob);
+uint32_t dcerpc_get_call_id(const DATA_BLOB *blob);
void dcerpc_set_auth_length(DATA_BLOB *blob, uint16_t v);
uint8_t dcerpc_get_endian_flag(DATA_BLOB *blob);

21
net/samba/patches/patch-nsswitch_libwbclient_wbc_sid_c
View File

@ -1,21 +0,0 @@
$OpenBSD: patch-nsswitch_libwbclient_wbc_sid_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- nsswitch/libwbclient/wbc_sid.c.orig Wed May 8 04:16:26 2013
+++ nsswitch/libwbclient/wbc_sid.c Tue Jan 28 02:16:43 2014
@@ -421,6 +421,13 @@ wbcErr wbcLookupSids(const struct wbcDomainSid *sids,
for (i=0; i<num_names; i++) {
names[i].domain_index = strtoul(p, &q, 10);
+ if (names[i].domain_index < 0) {
+ goto wbc_err_invalid;
+ }
+ if (names[i].domain_index >= num_domains) {
+ goto wbc_err_invalid;
+ }
+
if (*q != ' ') {
goto wbc_err_invalid;
}

39
net/samba/patches/patch-nsswitch_wbinfo_c
View File

@ -1,39 +0,0 @@
$OpenBSD: patch-nsswitch_wbinfo_c,v 1.5 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- nsswitch/wbinfo.c.orig Wed May 8 04:16:26 2013
+++ nsswitch/wbinfo.c Wed Apr 9 17:25:42 2014
@@ -1380,11 +1380,28 @@ static bool wbinfo_lookup_sids(const char *arg)
}
for (i=0; i<num_sids; i++) {
+ const char *domain = NULL;
+
wbcSidToStringBuf(&sids[i], sidstr, sizeof(sidstr));
- d_printf("%s -> %s\\%s %d\n", sidstr,
- domains[names[i].domain_index].short_name,
- names[i].name, names[i].type);
+ if (names[i].domain_index >= num_domains) {
+ domain = "<none>";
+ } else if (names[i].domain_index < 0) {
+ domain = "<none>";
+ } else {
+ domain = domains[names[i].domain_index].short_name;
+ }
+
+ if (names[i].type == WBC_SID_NAME_DOMAIN) {
+ d_printf("%s -> %s %d\n", sidstr,
+ domain,
+ names[i].type);
+ } else {
+ d_printf("%s -> %s%c%s %d\n", sidstr,
+ domain,
+ winbind_separator(),
+ names[i].name, names[i].type);
+ }
}
return true;
}

15
net/samba/patches/patch-python_samba_provision___init___py Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-python_samba_provision___init___py,v 1.1 2015/08/25 11:04:39 jca Exp $
- net/isc-bind group name
--- python/samba/provision/__init__.py.orig Wed Jul 15 15:25:50 2015
+++ python/samba/provision/__init__.py Wed Jul 15 15:26:06 2015
@@ -1960,7 +1960,7 @@ def provision(logger, session_info, credentials, smbco
root_gid = pwd.getpwuid(root_uid).pw_gid
try:
- bind_gid = findnss_gid(["bind", "named"])
+ bind_gid = findnss_gid(["_bind"])
except KeyError:
bind_gid = None

25
net/samba/patches/patch-source3_Makefile_in
View File

@ -1,25 +0,0 @@
$OpenBSD: patch-source3_Makefile_in,v 1.2 2012/06/27 07:29:17 sthen Exp $
--- source3/Makefile.in.orig Mon Jun 25 03:21:16 2012
+++ source3/Makefile.in Tue Jun 26 12:01:27 2012
@@ -28,7 +28,7 @@ SHLD=@SHLD@
LIB_PATH_VAR=@LIB_PATH_VAR@
## Dynamic shared libraries build settings
-DSO_EXPORTS_CMD=-Wl,--version-script,$(srcdir)/exports/`basename $@ | sed 's:\.@SHLIBEXT@[\.0-9]*$$:.@SYMSEXT@:'`
+DSO_EXPORTS_CMD=-Wl,--version-script,$(srcdir)/exports/`basename $@ | sed 's/@SHLIBEXT@\(.[0-9]\{1,\}\)\{0,1\}\(.[0-9]\{1,\}\)\{0,1\}$$/@SYMSEXT@/'`
DSO_EXPORTS=@DSO_EXPORTS@
SHLD_DSO = $(SHLD) $(LDSHFLAGS) $(DSO_EXPORTS) -o $@
@@ -1675,11 +1675,7 @@ COMPILE = $(COMPILE_CC)
echo "Checking $*.c with '$(CC_CHECKER)'";\
$(CHECK_CC); \
fi
- @echo Compiling $*.c
- @$(COMPILE) && exit 0;\
- echo "The following command failed:" 1>&2;\
- echo "$(subst ",\",$(COMPILE_CC))" 1>&2;\
- $(COMPILE_CC) >/dev/null 2>&1
+ $(COMPILE)
@BROKEN_CC@ -mv `echo $@ | sed 's%^.*/%%g'` $@
PRECOMPILED_HEADER = $(builddir)/include/includes.h.gch

15
net/samba/patches/patch-source3_auth_check_samsec_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-source3_auth_check_samsec_c,v 1.1 2014/04/10 00:50:58 brad Exp $
Password lockout not enforced for SAMR password changes.
CVE-2013-4496
--- source3/auth/check_samsec.c.orig Wed May 8 04:16:26 2013
+++ source3/auth/check_samsec.c Wed Apr 9 17:29:56 2014
@@ -408,6 +408,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge
/* Quit if the account was locked out. */
if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username));
+ TALLOC_FREE(sampass);
return NT_STATUS_ACCOUNT_LOCKED_OUT;
}

68
net/samba/patches/patch-source3_configure_in
View File

@ -1,68 +0,0 @@
$OpenBSD: patch-source3_configure_in,v 1.9 2014/01/05 16:54:04 espie Exp $
--- source3/configure.in.orig Wed May 8 10:16:26 2013
+++ source3/configure.in Sat Jan 4 13:31:08 2014
@@ -1675,8 +1675,7 @@ DSO_EXPORTS=""
;;
*openbsd*) BLDSHARED="true"
LDSHFLAGS="-shared"
- DYNEXP="-Wl,-Bdynamic"
- SONAMEFLAG="-Wl,-soname,"
+ DYNEXP="-Wl,--export-dynamic"
PICFLAG="-fPIC"
AC_DEFINE(STAT_ST_BLOCKSIZE,512,[The size of a block])
AC_DEFINE(BROKEN_GETGRNAM,1,[Does getgrnam work correctly])
@@ -4535,6 +4534,9 @@ if test x"$with_dnsupdate_support" != x"no"; then
with_dnsupdate_support=no
fi
fi
+fi
+
+if test x"$with_dnsupdate_support" != x"no"; then
##################################################################
# then test for uuid.h (necessary to generate unique DNS keynames
# (uuid.h is required for this test)
@@ -6810,13 +6812,43 @@ fi
CFLAGS=$CFLAGS_SAVE
+# Checks for *BSD bsd_statvfs() function
+# Start
+AC_CHECK_HEADERS(sys/param.h sys/mount.h)
+
+AC_MSG_CHECKING([bsd_statvfs: checking for statfs() and struct statfs.bsize])
+AC_CACHE_VAL(bsdstatvfs_cv_statfs,[
+ AC_TRY_RUN([
+ #ifdef HAVE_SYS_PARAM_H
+ #include <sys/param.h>
+ #endif
+ #ifdef HAVE_SYS_MOUNT_H
+ #include <sys/mount.h>
+ #endif
+ int main (void)
+ {
+ struct statfs fsd;
+ fsd.f_bsize = 0;
+ exit (statfs (".", &fsd));
+ }],
+ bsdstatvfs_cv_statfs=yes,
+ bsdstatvfs_cv_statfs=no,
+ bsdstatvfs_cv_statfs=no)])
+AC_MSG_RESULT($bsdstatvfs_cv_statfs)
+
+if test $bsdstatvfs_cv_statfs = yes; then
+ AC_DEFINE(BSD_STATVFS_BSIZE,1,[Whether statfs exists and struct statfs has bsize property])
+fi
+
+# End
+
# Checks for the vfs_fileid module
# Start
AC_CHECK_FUNC(getmntent)
AC_CHECK_HEADERS(sys/statfs.h)
-AC_MSG_CHECKING([vfs_fileid: checking for statfs() and struct statfs.f_fsid)])
+AC_MSG_CHECKING([vfs_fileid: checking for statfs() and struct statfs.f_fsid])
AC_CACHE_VAL(vfsfileid_cv_statfs,[
AC_TRY_RUN([
#include <sys/types.h>

42
net/samba/patches/patch-source3_lib_charcnv_c
View File

@ -1,42 +0,0 @@
$OpenBSD: patch-source3_lib_charcnv_c,v 1.1 2014/06/26 11:43:54 sthen Exp $
- CVE-2014-0244 (Denial of service - CPU loop)
- CVE-2014-3493 (Denial of service - Server crash/memory corruption)
--- source3/lib/charcnv.c.orig Wed Jun 25 14:53:54 2014
+++ source3/lib/charcnv.c Wed Jun 25 14:56:56 2014
@@ -822,7 +822,7 @@ size_t ucs2_align(const void *base_ptr, const void *p,
**/
size_t push_ascii(void *dest, const char *src, size_t dest_len, int flags)
{
- size_t src_len = strlen(src);
+ size_t src_len = 0;
char *tmpbuf = NULL;
size_t ret;
@@ -840,17 +840,21 @@ size_t push_ascii(void *dest, const char *src, size_t
src = tmpbuf;
}
+ src_len = strlen(src);
if (flags & (STR_TERMINATE | STR_TERMINATE_ASCII)) {
src_len++;
}
ret = convert_string(CH_UNIX, CH_DOS, src, src_len, dest, dest_len, True);
- if (ret == (size_t)-1 &&
- (flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
+
+ SAFE_FREE(tmpbuf);
+ if (ret == (size_t)-1) {
+ if ((flags & (STR_TERMINATE | STR_TERMINATE_ASCII))
&& dest_len > 0) {
- ((char *)dest)[0] = '\0';
+ ((char *)dest)[0] = '\0';
+ }
+ return 0;
}
- SAFE_FREE(tmpbuf);
return ret;
}

38
net/samba/patches/patch-source3_lib_netapi_group_c
View File

@ -1,38 +0,0 @@
$OpenBSD: patch-source3_lib_netapi_group_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/lib/netapi/group.c.orig Wed May 8 04:16:26 2013
+++ source3/lib/netapi/group.c Wed Apr 9 17:25:42 2014
@@ -386,7 +386,15 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx,
werr = ntstatus_to_werror(result);
goto done;
}
+ if (names.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
}
+ if (member_types.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
+ }
+ }
for (i=0; i < rid_array->count; i++) {
@@ -1556,6 +1564,14 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx,
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
+ goto done;
+ }
+ if (names.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
+ }
+ if (member_types.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
goto done;
}

29
net/samba/patches/patch-source3_lib_netapi_localgroup_c
View File

@ -1,29 +0,0 @@
$OpenBSD: patch-source3_lib_netapi_localgroup_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/lib/netapi/localgroup.c.orig Wed May 8 04:16:26 2013
+++ source3/lib/netapi/localgroup.c Tue Jan 28 02:16:43 2014
@@ -58,6 +58,12 @@ static NTSTATUS libnetapi_samr_lookup_and_open_alias(T
if (!NT_STATUS_IS_OK(result)) {
return result;
}
+ if (user_rids.count != 1) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+ if (name_types.count != 1) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
switch (name_types.ids[0]) {
case SID_NAME_ALIAS:
@@ -1041,7 +1047,7 @@ static NTSTATUS libnetapi_lsa_lookup_names3(TALLOC_CTX
NT_STATUS_NOT_OK_RETURN(result);
if (count != 1 || sids.count != 1) {
- return NT_STATUS_NONE_MAPPED;
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
sid_copy(sid, sids.sids[0].sid);

37
net/samba/patches/patch-source3_lib_netapi_user_c
View File

@ -1,37 +0,0 @@
$OpenBSD: patch-source3_lib_netapi_user_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/lib/netapi/user.c.orig Wed May 8 04:16:26 2013
+++ source3/lib/netapi/user.c Wed Apr 9 17:25:42 2014
@@ -3081,6 +3081,14 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx,
werr = ntstatus_to_werror(result);
goto done;
}
+ if (names.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
+ }
+ if (types.count != rid_array->count) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
+ }
for (i=0; i < names.count; i++) {
status = add_GROUP_USERS_INFO_X_buffer(ctx,
@@ -3658,6 +3666,14 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *c
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
+ goto done;
+ }
+ if (names.count != num_rids) {
+ werr = WERR_BAD_NET_RESP;
+ goto done;
+ }
+ if (types.count != num_rids) {
+ werr = WERR_BAD_NET_RESP;
goto done;
}

15
net/samba/patches/patch-source3_lib_sysquotas_nfs_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-source3_lib_sysquotas_nfs_c,v 1.1 2015/08/25 11:04:39 jca Exp $
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9889
--- source3/lib/sysquotas_nfs.c.orig Thu Dec 5 10:16:48 2013
+++ source3/lib/sysquotas_nfs.c Wed Jun 17 13:18:09 2015
@@ -154,8 +154,8 @@ int sys_get_nfs_quota(const char *path, const char *bd
gq_args.gqa_uid = id.uid;
DEBUG(10, ("sys_get_nfs_quotas: Asking for quota of path '%s' on "
- "host '%s', rpcprog '%i', rpcvers '%i', network '%s'\n",
- host, testpath+1, RQUOTAPROG, RQUOTAVERS, "udp"));
+ "host '%s', rpcprog '%lld', rpcvers '%lld', network '%s'\n",
+ host, testpath+1, (long long)RQUOTAPROG, (long long)RQUOTAVERS, "udp"));
clnt = clnt_create(host, RQUOTAPROG, RQUOTAVERS, "udp");
if (clnt == NULL) {

20
net/samba/patches/patch-source3_lib_system_c
View File

@ -1,20 +0,0 @@
$OpenBSD: patch-source3_lib_system_c,v 1.1 2014/06/26 11:43:54 sthen Exp $
- CVE-2014-0244 (Denial of service - CPU loop)
- CVE-2014-3493 (Denial of service - Server crash/memory corruption).
--- source3/lib/system.c.orig Wed May 8 18:16:26 2013
+++ source3/lib/system.c Wed Jun 25 15:06:22 2014
@@ -286,11 +286,7 @@ ssize_t sys_recvfrom(int s, void *buf, size_t len, int
do {
ret = recvfrom(s, buf, len, flags, from, fromlen);
-#if defined(EWOULDBLOCK)
- } while (ret == -1 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK));
-#else
- } while (ret == -1 && (errno == EINTR || errno == EAGAIN));
-#endif
+ } while (ret == -1 && (errno == EINTR));
return ret;
}

19
net/samba/patches/patch-source3_lib_util_tsock_c
View File

@ -1,19 +0,0 @@
$OpenBSD: patch-source3_lib_util_tsock_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/lib/util_tsock.c.orig Wed May 8 04:16:26 2013
+++ source3/lib/util_tsock.c Tue Jan 28 02:16:43 2014
@@ -110,6 +110,11 @@ static void tstream_read_packet_done(struct tevent_req
return;
}
+ if (total + more < total) {
+ tevent_req_error(req, EMSGSIZE);
+ return;
+ }
+
tmp = talloc_realloc(state, state->buf, uint8_t, total+more);
if (tevent_req_nomem(tmp, req)) {
return;

37
net/samba/patches/patch-source3_libnet_libnet_join_c
View File

@ -1,37 +0,0 @@
$OpenBSD: patch-source3_libnet_libnet_join_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/libnet/libnet_join.c.orig Wed May 8 04:16:26 2013
+++ source3/libnet/libnet_join.c Tue Jan 28 02:16:43 2014
@@ -996,6 +996,14 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
status = result;
goto done;
}
+ if (user_rids.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (name_types.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
if (name_types.ids[0] != SID_NAME_USER) {
DEBUG(0,("%s is not a user account (type=%d)\n",
@@ -1365,6 +1373,14 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CT
}
if (!NT_STATUS_IS_OK(result)) {
status = result;
+ goto done;
+ }
+ if (user_rids.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (name_types.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
goto done;
}

18
net/samba/patches/patch-source3_librpc_rpc_dcerpc_helpers_c
View File

@ -1,18 +0,0 @@
$OpenBSD: patch-source3_librpc_rpc_dcerpc_helpers_c,v 1.1 2014/02/06 04:33:24 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/librpc/rpc/dcerpc_helpers.c.orig Wed May 8 04:16:26 2013
+++ source3/librpc/rpc/dcerpc_helpers.c Tue Jan 28 02:16:43 2014
@@ -129,6 +129,10 @@ NTSTATUS dcerpc_pull_ncacn_packet(TALLOC_CTX *mem_ctx,
NDR_PRINT_DEBUG(ncacn_packet, r);
}
+ if (r->frag_length != blob->length) {
+ return NT_STATUS_RPC_PROTOCOL_ERROR;
+ }
+
return NT_STATUS_OK;
}

25
net/samba/patches/patch-source3_libsmb_clirap_c
View File

@ -1,25 +0,0 @@
$OpenBSD: patch-source3_libsmb_clirap_c,v 1.1 2014/06/26 11:43:54 sthen Exp $
- CVE-2014-0244 (Denial of service - CPU loop)
- CVE-2014-3493 (Denial of service - Server crash/memory corruption).
--- source3/libsmb/clirap.c.orig Wed Jun 25 14:57:41 2014
+++ source3/libsmb/clirap.c Wed Jun 25 14:59:58 2014
@@ -319,7 +319,7 @@ bool cli_NetServerEnum(struct cli_state *cli, char *wo
sizeof(param) - PTR_DIFF(p,param) - 1,
STR_TERMINATE|STR_UPPER);
- if (len == (size_t)-1) {
+ if (len == 0) {
SAFE_FREE(last_entry);
return false;
}
@@ -331,7 +331,7 @@ bool cli_NetServerEnum(struct cli_state *cli, char *wo
sizeof(param) - PTR_DIFF(p,param) - 1,
STR_TERMINATE);
- if (len == (size_t)-1) {
+ if (len == 0) {
SAFE_FREE(last_entry);
return false;
}

25
net/samba/patches/patch-source3_modules_vfs_default_c
View File

@ -1,25 +0,0 @@
$OpenBSD: patch-source3_modules_vfs_default_c,v 1.1 2012/04/16 21:58:34 sthen Exp $
--- source3/modules/vfs_default.c.orig Sat Apr 7 14:23:20 2012
+++ source3/modules/vfs_default.c Tue Apr 10 23:49:09 2012
@@ -104,15 +104,15 @@ static uint32_t vfswrap_fs_capabilities(struct vfs_han
connection_struct *conn = handle->conn;
uint32_t caps = FILE_CASE_SENSITIVE_SEARCH | FILE_CASE_PRESERVED_NAMES;
struct smb_filename *smb_fname_cpath = NULL;
+ struct vfs_statvfs_struct statbuf;
NTSTATUS status;
- int ret = -1;
+ int ret;
-#if defined(DARWINOS)
- struct vfs_statvfs_struct statbuf;
ZERO_STRUCT(statbuf);
- sys_statvfs(conn->connectpath, &statbuf);
- caps = statbuf.FsCapabilities;
-#endif
+ ret = sys_statvfs(conn->connectpath, &statbuf);
+ if (ret == 0) {
+ caps = statbuf.FsCapabilities;
+ }
*p_ts_res = TIMESTAMP_SET_SECONDS;

42
net/samba/patches/patch-source3_rpc_client_cli_lsarpc_c
View File

@ -1,42 +0,0 @@
$OpenBSD: patch-source3_rpc_client_cli_lsarpc_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/rpc_client/cli_lsarpc.c.orig Wed May 8 04:16:26 2013
+++ source3/rpc_client/cli_lsarpc.c Wed Apr 9 17:25:42 2014
@@ -647,9 +647,19 @@ NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc
struct dom_sid *sid = &(*sids)[i];
if (use_lookupnames4) {
+ if (i >= sid_array3.count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
dom_idx = sid_array3.sids[i].sid_index;
(*types)[i] = sid_array3.sids[i].sid_type;
} else {
+ if (i >= sid_array.count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
dom_idx = sid_array.sids[i].sid_index;
(*types)[i] = sid_array.sids[i].sid_type;
}
@@ -661,6 +671,14 @@ NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc
ZERO_STRUCTP(sid);
(*types)[i] = SID_NAME_UNKNOWN;
continue;
+ }
+ if (domains == NULL) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (dom_idx >= domains->count) {
+ *presult = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
}
if (use_lookupnames4) {

146
net/samba/patches/patch-source3_rpc_client_cli_pipe_c
View File

@ -1,146 +0,0 @@
$OpenBSD: patch-source3_rpc_client_cli_pipe_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/rpc_client/cli_pipe.c.orig Wed May 8 04:16:26 2013
+++ source3/rpc_client/cli_pipe.c Wed Apr 9 17:25:42 2014
@@ -235,6 +235,7 @@ struct get_complete_frag_state {
struct event_context *ev;
struct rpc_pipe_client *cli;
uint16_t frag_len;
+ uint32_t call_id;
DATA_BLOB *pdu;
};
@@ -244,6 +245,7 @@ static void get_complete_frag_got_rest(struct tevent_r
static struct tevent_req *get_complete_frag_send(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct rpc_pipe_client *cli,
+ uint32_t call_id,
DATA_BLOB *pdu)
{
struct tevent_req *req, *subreq;
@@ -259,6 +261,7 @@ static struct tevent_req *get_complete_frag_send(TALLO
state->ev = ev;
state->cli = cli;
state->frag_len = RPC_HEADER_LEN;
+ state->call_id = call_id;
state->pdu = pdu;
received = pdu->length;
@@ -282,6 +285,11 @@ static struct tevent_req *get_complete_frag_send(TALLO
state->frag_len = dcerpc_get_frag_length(pdu);
+ if (state->call_id != dcerpc_get_call_id(pdu)) {
+ tevent_req_nterror(req, NT_STATUS_RPC_PROTOCOL_ERROR);
+ return tevent_req_post(req, ev);
+ }
+
/*
* Ensure we have frag_len bytes of data.
*/
@@ -330,6 +338,11 @@ static void get_complete_frag_got_header(struct tevent
state->frag_len = dcerpc_get_frag_length(state->pdu);
+ if (state->call_id != dcerpc_get_call_id(state->pdu)) {
+ tevent_req_nterror(req, NT_STATUS_RPC_PROTOCOL_ERROR);
+ return;
+ }
+
if (!data_blob_realloc(NULL, state->pdu, state->frag_len)) {
tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
return;
@@ -690,6 +703,7 @@ struct rpc_api_pipe_state {
struct event_context *ev;
struct rpc_pipe_client *cli;
uint8_t expected_pkt_type;
+ uint32_t call_id;
DATA_BLOB incoming_frag;
struct ncacn_packet *pkt;
@@ -708,7 +722,8 @@ static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX
struct event_context *ev,
struct rpc_pipe_client *cli,
DATA_BLOB *data, /* Outgoing PDU */
- uint8_t expected_pkt_type)
+ uint8_t expected_pkt_type,
+ uint32_t call_id)
{
struct tevent_req *req, *subreq;
struct rpc_api_pipe_state *state;
@@ -722,6 +737,7 @@ static struct tevent_req *rpc_api_pipe_send(TALLOC_CTX
state->ev = ev;
state->cli = cli;
state->expected_pkt_type = expected_pkt_type;
+ state->call_id = call_id;
state->incoming_frag = data_blob_null;
state->reply_pdu = data_blob_null;
state->reply_pdu_offset = 0;
@@ -821,6 +837,7 @@ static void rpc_api_pipe_trans_done(struct tevent_req
/* Ensure we have enough data for a pdu. */
subreq = get_complete_frag_send(state, state->ev, state->cli,
+ state->call_id,
&state->incoming_frag);
if (tevent_req_nomem(subreq, req)) {
return;
@@ -940,6 +957,7 @@ static void rpc_api_pipe_got_pdu(struct tevent_req *su
}
subreq = get_complete_frag_send(state, state->ev, state->cli,
+ state->call_id,
&state->incoming_frag);
if (tevent_req_nomem(subreq, req)) {
return;
@@ -1292,7 +1310,8 @@ struct tevent_req *rpc_api_pipe_req_send(TALLOC_CTX *m
if (is_last_frag) {
subreq = rpc_api_pipe_send(state, ev, state->cli,
&state->rpc_out,
- DCERPC_PKT_RESPONSE);
+ DCERPC_PKT_RESPONSE,
+ state->call_id);
if (subreq == NULL) {
goto fail;
}
@@ -1428,7 +1447,8 @@ static void rpc_api_pipe_req_write_done(struct tevent_
if (is_last_frag) {
subreq = rpc_api_pipe_send(state, state->ev, state->cli,
&state->rpc_out,
- DCERPC_PKT_RESPONSE);
+ DCERPC_PKT_RESPONSE,
+ state->call_id);
if (tevent_req_nomem(subreq, req)) {
return;
}
@@ -1667,7 +1687,7 @@ struct tevent_req *rpc_pipe_bind_send(TALLOC_CTX *mem_
}
subreq = rpc_api_pipe_send(state, ev, cli, &state->rpc_out,
- DCERPC_PKT_BIND_ACK);
+ DCERPC_PKT_BIND_ACK, state->rpc_call_id);
if (subreq == NULL) {
goto fail;
}
@@ -1865,7 +1885,8 @@ static NTSTATUS rpc_bind_next_send(struct tevent_req *
}
subreq = rpc_api_pipe_send(state, state->ev, state->cli,
- &state->rpc_out, DCERPC_PKT_ALTER_RESP);
+ &state->rpc_out, DCERPC_PKT_ALTER_RESP,
+ state->rpc_call_id);
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -1897,7 +1918,8 @@ static NTSTATUS rpc_bind_finish_send(struct tevent_req
}
subreq = rpc_api_pipe_send(state, state->ev, state->cli,
- &state->rpc_out, DCERPC_PKT_AUTH3);
+ &state->rpc_out, DCERPC_PKT_AUTH3,
+ state->rpc_call_id);
if (subreq == NULL) {
return NT_STATUS_NO_MEMORY;
}

55
net/samba/patches/patch-source3_rpc_server_netlogon_srv_netlog_nt_c
View File

@ -1,55 +0,0 @@
$OpenBSD: patch-source3_rpc_server_netlogon_srv_netlog_nt_c,v 1.2 2015/02/25 01:37:49 jca Exp $
- CVE-2013-4408: DCE-RPC fragment length field is incorrectly checked.
- CVE-2015-0240: talloc free on uninitialized stack pointer in netlogon
server could lead to remote-code execution.
https://bugzilla.samba.org/show_bug.cgi?id=11077
--- source3/rpc_server/netlogon/srv_netlog_nt.c.orig Wed May 8 10:16:26 2013
+++ source3/rpc_server/netlogon/srv_netlog_nt.c Mon Feb 23 19:51:23 2015
@@ -586,7 +586,7 @@ static NTSTATUS samr_find_machine_account(TALLOC_CTX *
status = NT_STATUS_NO_SUCH_USER;
goto out;
}
- if (rids.count != types.count) {
+ if (types.count != 1) {
status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
@@ -1070,6 +1070,10 @@ static NTSTATUS netr_creds_server_step_check(struct pi
NTSTATUS status;
bool schannel_global_required = (lp_server_schannel() == true) ? true:false;
+ if (creds_out != NULL) {
+ *creds_out = NULL;
+ }
+
if (schannel_global_required) {
status = schannel_check_required(&p->auth,
computer_name,
@@ -1205,7 +1209,7 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *
{
NTSTATUS status = NT_STATUS_OK;
int i;
- struct netlogon_creds_CredentialState *creds;
+ struct netlogon_creds_CredentialState *creds = NULL;
DEBUG(5,("_netr_ServerPasswordSet: %d\n", __LINE__));
@@ -1218,9 +1222,14 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *
unbecome_root();
if (!NT_STATUS_IS_OK(status)) {
+ const char *computer_name = "<unknown>";
+
+ if (creds != NULL && creds->computer_name != NULL) {
+ computer_name = creds->computer_name;
+ }
DEBUG(2,("_netr_ServerPasswordSet: netlogon_creds_server_step failed. Rejecting auth "
"request from client %s machine account %s\n",
- r->in.computer_name, creds->computer_name));
+ r->in.computer_name, computer_name));
TALLOC_FREE(creds);
return status;
}

83
net/samba/patches/patch-source3_rpc_server_samr_srv_samr_chgpasswd_c
View File

@ -1,83 +0,0 @@
$OpenBSD: patch-source3_rpc_server_samr_srv_samr_chgpasswd_c,v 1.3 2014/04/10 00:50:58 brad Exp $
Password lockout not enforced for SAMR password changes.
CVE-2013-4496
--- source3/rpc_server/samr/srv_samr_chgpasswd.c.orig Wed May 8 04:16:26 2013
+++ source3/rpc_server/samr/srv_samr_chgpasswd.c Wed Apr 9 17:29:56 2014
@@ -1106,6 +1106,8 @@ NTSTATUS pass_oem_change(char *user, const char *rhost
struct samu *sampass = NULL;
NTSTATUS nt_status;
bool ret = false;
+ bool updated_badpw = false;
+ NTSTATUS update_login_attempts_status;
if (!(sampass = samu_new(NULL))) {
return NT_STATUS_NO_MEMORY;
@@ -1121,6 +1123,13 @@ NTSTATUS pass_oem_change(char *user, const char *rhost
return NT_STATUS_NO_SUCH_USER;
}
+ /* Quit if the account was locked out. */
+ if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
+ DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", user));
+ TALLOC_FREE(sampass);
+ return NT_STATUS_ACCOUNT_LOCKED_OUT;
+ }
+
nt_status = check_oem_password(user,
password_encrypted_with_lm_hash,
old_lm_hash_encrypted,
@@ -1128,6 +1137,52 @@ NTSTATUS pass_oem_change(char *user, const char *rhost
old_nt_hash_encrypted,
sampass,
&new_passwd);
+
+ /*
+ * Notify passdb backend of login success/failure. If not
+ * NT_STATUS_OK the backend doesn't like the login
+ */
+ update_login_attempts_status = pdb_update_login_attempts(sampass,
+ NT_STATUS_IS_OK(nt_status));
+
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ bool increment_bad_pw_count = false;
+
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) &&
+ (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) &&
+ NT_STATUS_IS_OK(update_login_attempts_status))
+ {
+ increment_bad_pw_count = true;
+ }
+
+ if (increment_bad_pw_count) {
+ pdb_increment_bad_password_count(sampass);
+ updated_badpw = true;
+ } else {
+ pdb_update_bad_password_count(sampass,
+ &updated_badpw);
+ }
+ } else {
+
+ if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) &&
+ (pdb_get_bad_password_count(sampass) > 0)){
+ pdb_set_bad_password_count(sampass, 0, PDB_CHANGED);
+ pdb_set_bad_password_time(sampass, 0, PDB_CHANGED);
+ updated_badpw = true;
+ }
+ }
+
+ if (updated_badpw) {
+ NTSTATUS update_status;
+ become_root();
+ update_status = pdb_update_sam_account(sampass);
+ unbecome_root();
+
+ if (!NT_STATUS_IS_OK(update_status)) {
+ DEBUG(1, ("Failed to modify entry: %s\n",
+ nt_errstr(update_status)));
+ }
+ }
if (!NT_STATUS_IS_OK(nt_status)) {
TALLOC_FREE(sampass);

130
net/samba/patches/patch-source3_rpc_server_samr_srv_samr_nt_c
View File

@ -1,130 +0,0 @@
$OpenBSD: patch-source3_rpc_server_samr_srv_samr_nt_c,v 1.1 2014/04/10 00:50:58 brad Exp $
Password lockout not enforced for SAMR password changes.
CVE-2013-4496
--- source3/rpc_server/samr/srv_samr_nt.c.orig Wed Apr 9 17:39:42 2014
+++ source3/rpc_server/samr/srv_samr_nt.c Wed Apr 9 17:39:30 2014
@@ -1706,114 +1706,19 @@ NTSTATUS _samr_LookupNames(struct pipes_struct *p,
}
/****************************************************************
- _samr_ChangePasswordUser
+ _samr_ChangePasswordUser.
+
+ So old it is just not worth implementing
+ because it does not supply a plaintext and so we can't do password
+ complexity checking and cannot update other services that use a
+ plaintext password via passwd chat/pam password change/ldap password
+ sync.
****************************************************************/
NTSTATUS _samr_ChangePasswordUser(struct pipes_struct *p,
struct samr_ChangePasswordUser *r)
{
- NTSTATUS status;
- bool ret = false;
- struct samr_user_info *uinfo;
- struct samu *pwd;
- struct samr_Password new_lmPwdHash, new_ntPwdHash, checkHash;
- struct samr_Password lm_pwd, nt_pwd;
-
- uinfo = policy_handle_find(p, r->in.user_handle,
- SAMR_USER_ACCESS_SET_PASSWORD, NULL,
- struct samr_user_info, &status);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- DEBUG(5,("_samr_ChangePasswordUser: sid:%s\n",
- sid_string_dbg(&uinfo->sid)));
-
- if (!(pwd = samu_new(NULL))) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwsid(pwd, &uinfo->sid);
- unbecome_root();
-
- if (!ret) {
- TALLOC_FREE(pwd);
- return NT_STATUS_WRONG_PASSWORD;
- }
-
- {
- const uint8_t *lm_pass, *nt_pass;
-
- lm_pass = pdb_get_lanman_passwd(pwd);
- nt_pass = pdb_get_nt_passwd(pwd);
-
- if (!lm_pass || !nt_pass) {
- status = NT_STATUS_WRONG_PASSWORD;
- goto out;
- }
-
- memcpy(&lm_pwd.hash, lm_pass, sizeof(lm_pwd.hash));
- memcpy(&nt_pwd.hash, nt_pass, sizeof(nt_pwd.hash));
- }
-
- /* basic sanity checking on parameters. Do this before any database ops */
- if (!r->in.lm_present || !r->in.nt_present ||
- !r->in.old_lm_crypted || !r->in.new_lm_crypted ||
- !r->in.old_nt_crypted || !r->in.new_nt_crypted) {
- /* we should really handle a change with lm not
- present */
- status = NT_STATUS_INVALID_PARAMETER_MIX;
- goto out;
- }
-
- /* decrypt and check the new lm hash */
- D_P16(lm_pwd.hash, r->in.new_lm_crypted->hash, new_lmPwdHash.hash);
- D_P16(new_lmPwdHash.hash, r->in.old_lm_crypted->hash, checkHash.hash);
- if (memcmp(checkHash.hash, lm_pwd.hash, 16) != 0) {
- status = NT_STATUS_WRONG_PASSWORD;
- goto out;
- }
-
- /* decrypt and check the new nt hash */
- D_P16(nt_pwd.hash, r->in.new_nt_crypted->hash, new_ntPwdHash.hash);
- D_P16(new_ntPwdHash.hash, r->in.old_nt_crypted->hash, checkHash.hash);
- if (memcmp(checkHash.hash, nt_pwd.hash, 16) != 0) {
- status = NT_STATUS_WRONG_PASSWORD;
- goto out;
- }
-
- /* The NT Cross is not required by Win2k3 R2, but if present
- check the nt cross hash */
- if (r->in.cross1_present && r->in.nt_cross) {
- D_P16(lm_pwd.hash, r->in.nt_cross->hash, checkHash.hash);
- if (memcmp(checkHash.hash, new_ntPwdHash.hash, 16) != 0) {
- status = NT_STATUS_WRONG_PASSWORD;
- goto out;
- }
- }
-
- /* The LM Cross is not required by Win2k3 R2, but if present
- check the lm cross hash */
- if (r->in.cross2_present && r->in.lm_cross) {
- D_P16(nt_pwd.hash, r->in.lm_cross->hash, checkHash.hash);
- if (memcmp(checkHash.hash, new_lmPwdHash.hash, 16) != 0) {
- status = NT_STATUS_WRONG_PASSWORD;
- goto out;
- }
- }
-
- if (!pdb_set_nt_passwd(pwd, new_ntPwdHash.hash, PDB_CHANGED) ||
- !pdb_set_lanman_passwd(pwd, new_lmPwdHash.hash, PDB_CHANGED)) {
- status = NT_STATUS_ACCESS_DENIED;
- goto out;
- }
-
- status = pdb_update_sam_account(pwd);
- out:
- TALLOC_FREE(pwd);
-
- return status;
+ return NT_STATUS_NOT_IMPLEMENTED;
}
/*******************************************************************

27
net/samba/patches/patch-source3_rpcclient_cmd_lsarpc_c
View File

@ -1,27 +0,0 @@
$OpenBSD: patch-source3_rpcclient_cmd_lsarpc_c,v 1.1 2014/02/06 04:33:25 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/rpcclient/cmd_lsarpc.c.orig Tue Jan 28 02:16:43 2014
+++ source3/rpcclient/cmd_lsarpc.c Tue Jan 28 02:16:43 2014
@@ -323,7 +323,7 @@ static NTSTATUS cmd_lsa_lookup_names4(struct rpc_pipe_
uint32_t num_names;
struct lsa_String *names;
- struct lsa_RefDomainList *domains;
+ struct lsa_RefDomainList *domains = NULL;
struct lsa_TransSidArray3 sids;
uint32_t count = 0;
int i;
@@ -359,6 +359,10 @@ static NTSTATUS cmd_lsa_lookup_names4(struct rpc_pipe_
}
if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
+
+ if (sids.count != num_names) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
for (i = 0; i < sids.count; i++) {

22
net/samba/patches/patch-source3_rpcclient_cmd_samr_c
View File

@ -1,22 +0,0 @@
$OpenBSD: patch-source3_rpcclient_cmd_samr_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/rpcclient/cmd_samr.c.orig Wed May 8 04:16:26 2013
+++ source3/rpcclient/cmd_samr.c Wed Apr 9 17:25:42 2014
@@ -2193,6 +2193,14 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_c
goto done;
/* Display results */
+ if (num_rids != names.count) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (num_rids != types.count) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
for (i = 0; i < num_rids; i++) {
printf("rid 0x%x: %s (%d)\n",

312
net/samba/patches/patch-source3_smbd_lanman_c
View File

@ -1,312 +0,0 @@
$OpenBSD: patch-source3_smbd_lanman_c,v 1.3 2014/06/26 11:43:54 sthen Exp $
- DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
- Password lockout not enforced for SAMR password changes.
CVE-2013-4496
- CVE-2014-0244 (Denial of service - CPU loop)
- CVE-2014-3493 (Denial of service - Server crash/memory corruption).
--- source3/smbd/lanman.c.orig Wed May 8 18:16:26 2013
+++ source3/smbd/lanman.c Wed Jun 25 15:01:30 2014
@@ -128,7 +128,7 @@ static int CopyExpanded(connection_struct *conn,
return 0;
}
l = push_ascii(*dst,buf,*p_space_remaining, STR_TERMINATE);
- if (l == -1) {
+ if (l == 0) {
return 0;
}
(*dst) += l;
@@ -143,7 +143,7 @@ static int CopyAndAdvance(char **dst, char *src, int *
return 0;
}
l = push_ascii(*dst,src,*n, STR_TERMINATE);
- if (l == -1) {
+ if (l == 0) {
return 0;
}
(*dst) += l;
@@ -2628,6 +2628,14 @@ static bool api_NetUserGetGroups(struct smbd_server_co
nt_errstr(result)));
goto close_domain;
}
+ if (rid.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto close_domain;
+ }
+ if (type.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto close_domain;
+ }
if (type.ids[0] != SID_NAME_USER) {
DEBUG(10, ("%s is a %s, not a user\n", UserName,
@@ -2939,259 +2947,6 @@ static bool api_NetRemoteTOD(struct smbd_server_connec
}
/****************************************************************************
- Set the user password.
-*****************************************************************************/
-
-static bool api_SetUserPassword(struct smbd_server_connection *sconn,
- connection_struct *conn,uint16 vuid,
- char *param, int tpscnt,
- char *data, int tdscnt,
- int mdrcnt,int mprcnt,
- char **rdata,char **rparam,
- int *rdata_len,int *rparam_len)
-{
- char *np = get_safe_str_ptr(param,tpscnt,param,2);
- char *p = NULL;
- fstring user;
- fstring pass1,pass2;
- TALLOC_CTX *mem_ctx = talloc_tos();
- NTSTATUS status, result;
- struct rpc_pipe_client *cli = NULL;
- struct policy_handle connect_handle, domain_handle, user_handle;
- struct lsa_String domain_name;
- struct dom_sid2 *domain_sid;
- struct lsa_String names;
- struct samr_Ids rids;
- struct samr_Ids types;
- struct samr_Password old_lm_hash;
- struct samr_Password new_lm_hash;
- int errcode = NERR_badpass;
- uint32_t rid;
- int encrypted;
- int min_pwd_length;
- struct dcerpc_binding_handle *b = NULL;
-
- /* Skip 2 strings. */
- p = skip_string(param,tpscnt,np);
- p = skip_string(param,tpscnt,p);
-
- if (!np || !p) {
- return False;
- }
-
- /* Do we have a string ? */
- if (skip_string(param,tpscnt,p) == NULL) {
- return False;
- }
- pull_ascii_fstring(user,p);
-
- p = skip_string(param,tpscnt,p);
- if (!p) {
- return False;
- }
-
- memset(pass1,'\0',sizeof(pass1));
- memset(pass2,'\0',sizeof(pass2));
- /*
- * We use 31 here not 32 as we're checking
- * the last byte we want to access is safe.
- */
- if (!is_offset_safe(param,tpscnt,p,31)) {
- return False;
- }
- memcpy(pass1,p,16);
- memcpy(pass2,p+16,16);
-
- encrypted = get_safe_SVAL(param,tpscnt,p+32,0,-1);
- if (encrypted == -1) {
- errcode = W_ERROR_V(WERR_INVALID_PARAM);
- goto out;
- }
-
- min_pwd_length = get_safe_SVAL(param,tpscnt,p+34,0,-1);
- if (min_pwd_length == -1) {
- errcode = W_ERROR_V(WERR_INVALID_PARAM);
- goto out;
- }
-
- *rparam_len = 4;
- *rparam = smb_realloc_limit(*rparam,*rparam_len);
- if (!*rparam) {
- return False;
- }
-
- *rdata_len = 0;
-
- DEBUG(3,("Set password for <%s> (encrypted: %d, min_pwd_length: %d)\n",
- user, encrypted, min_pwd_length));
-
- ZERO_STRUCT(connect_handle);
- ZERO_STRUCT(domain_handle);
- ZERO_STRUCT(user_handle);
-
- status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id,
- conn->session_info,
- &conn->sconn->client_id,
- conn->sconn->msg_ctx,
- &cli);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("api_SetUserPassword: could not connect to samr: %s\n",
- nt_errstr(status)));
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
-
- b = cli->binding_handle;
-
- status = dcerpc_samr_Connect2(b, mem_ctx,
- global_myname(),
- SAMR_ACCESS_CONNECT_TO_SERVER |
- SAMR_ACCESS_ENUM_DOMAINS |
- SAMR_ACCESS_LOOKUP_DOMAIN,
- &connect_handle,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- init_lsa_String(&domain_name, get_global_sam_name());
-
- status = dcerpc_samr_LookupDomain(b, mem_ctx,
- &connect_handle,
- &domain_name,
- &domain_sid,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- status = dcerpc_samr_OpenDomain(b, mem_ctx,
- &connect_handle,
- SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
- domain_sid,
- &domain_handle,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- init_lsa_String(&names, user);
-
- status = dcerpc_samr_LookupNames(b, mem_ctx,
- &domain_handle,
- 1,
- &names,
- &rids,
- &types,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- if (rids.count != 1) {
- errcode = W_ERROR_V(WERR_NO_SUCH_USER);
- goto out;
- }
- if (rids.count != types.count) {
- errcode = W_ERROR_V(WERR_INVALID_PARAM);
- goto out;
- }
- if (types.ids[0] != SID_NAME_USER) {
- errcode = W_ERROR_V(WERR_INVALID_PARAM);
- goto out;
- }
-
- rid = rids.ids[0];
-
- status = dcerpc_samr_OpenUser(b, mem_ctx,
- &domain_handle,
- SAMR_USER_ACCESS_CHANGE_PASSWORD,
- rid,
- &user_handle,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- if (encrypted == 0) {
- E_deshash(pass1, old_lm_hash.hash);
- E_deshash(pass2, new_lm_hash.hash);
- } else {
- ZERO_STRUCT(old_lm_hash);
- ZERO_STRUCT(new_lm_hash);
- memcpy(old_lm_hash.hash, pass1, MIN(strlen(pass1), 16));
- memcpy(new_lm_hash.hash, pass1, MIN(strlen(pass2), 16));
- }
-
- status = dcerpc_samr_ChangePasswordUser(b, mem_ctx,
- &user_handle,
- true, /* lm_present */
- &old_lm_hash,
- &new_lm_hash,
- false, /* nt_present */
- NULL, /* old_nt_crypted */
- NULL, /* new_nt_crypted */
- false, /* cross1_present */
- NULL, /* nt_cross */
- false, /* cross2_present */
- NULL, /* lm_cross */
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- errcode = W_ERROR_V(ntstatus_to_werror(status));
- goto out;
- }
- if (!NT_STATUS_IS_OK(result)) {
- errcode = W_ERROR_V(ntstatus_to_werror(result));
- goto out;
- }
-
- errcode = NERR_Success;
- out:
-
- if (b && is_valid_policy_hnd(&user_handle)) {
- dcerpc_samr_Close(b, mem_ctx, &user_handle, &result);
- }
- if (b && is_valid_policy_hnd(&domain_handle)) {
- dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result);
- }
- if (b && is_valid_policy_hnd(&connect_handle)) {
- dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result);
- }
-
- memset((char *)pass1,'\0',sizeof(fstring));
- memset((char *)pass2,'\0',sizeof(fstring));
-
- SSVAL(*rparam,0,errcode);
- SSVAL(*rparam,2,0); /* converter word */
- return(True);
-}
-
-/****************************************************************************
Set the user password (SamOEM version - gets plaintext).
****************************************************************************/
@@ -5782,7 +5537,6 @@ static const struct {
{"NetServerEnum2", RAP_NetServerEnum2, api_RNetServerEnum2}, /* anon OK */
{"NetServerEnum3", RAP_NetServerEnum3, api_RNetServerEnum3}, /* anon OK */
{"WAccessGetUserPerms",RAP_WAccessGetUserPerms,api_WAccessGetUserPerms},
- {"SetUserPassword", RAP_WUserPasswordSet2, api_SetUserPassword},
{"WWkstaUserLogon", RAP_WWkstaUserLogon, api_WWkstaUserLogon},
{"PrintJobInfo", RAP_WPrintJobSetInfo, api_PrintJobInfo},
{"WPrintDriverEnum", RAP_WPrintDriverEnum, api_WPrintDriverEnum},

27
net/samba/patches/patch-source3_smbd_nttrans_c
View File

@ -1,27 +0,0 @@
$OpenBSD: patch-source3_smbd_nttrans_c,v 1.1 2013/10/06 22:00:48 brad Exp $
Missing integer wrap protection in EA list reading can cause server to loop with
DoS. CVE-2013-4124
--- source3/smbd/nttrans.c.orig Wed May 8 04:16:26 2013
+++ source3/smbd/nttrans.c Thu Sep 26 21:53:10 2013
@@ -989,7 +989,19 @@ struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx,
if (next_offset == 0) {
break;
}
+
+ /* Integer wrap protection for the increment. */
+ if (offset + next_offset < offset) {
+ break;
+ }
+
offset += next_offset;
+
+ /* Integer wrap protection for while loop. */
+ if (offset + 4 < offset) {
+ break;
+ }
+
}
return ea_list_head;

82
net/samba/patches/patch-source3_smbd_open_c
View File

@ -1,82 +0,0 @@
$OpenBSD: patch-source3_smbd_open_c,v 1.1 2014/02/06 04:33:25 brad Exp $
ACLs are not checked on opening an alternate data stream on a file or directory.
CVE-2013-4475
--- source3/smbd/open.c.orig Wed May 8 04:16:26 2013
+++ source3/smbd/open.c Tue Jan 28 02:16:16 2014
@@ -152,6 +152,48 @@ NTSTATUS smbd_check_open_rights(struct connection_stru
}
/****************************************************************************
+ Ensure when opening a base file for a stream open that we have permissions
+ to do so given the access mask on the base file.
+****************************************************************************/
+
+static NTSTATUS check_base_file_access(struct connection_struct *conn,
+ struct smb_filename *smb_fname,
+ uint32_t access_mask)
+{
+ uint32_t access_granted = 0;
+ NTSTATUS status;
+
+ status = smbd_calculate_access_mask(conn, smb_fname,
+ false,
+ access_mask,
+ &access_mask);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("smbd_calculate_access_mask "
+ "on file %s returned %s\n",
+ smb_fname_str_dbg(smb_fname),
+ nt_errstr(status)));
+ return status;
+ }
+
+ if (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) {
+ uint32_t dosattrs;
+ if (!CAN_WRITE(conn)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ dosattrs = dos_mode(conn, smb_fname);
+ if (IS_DOS_READONLY(dosattrs)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ }
+
+
+ return smbd_check_open_rights(conn,
+ smb_fname,
+ access_mask,
+ &access_granted);
+}
+
+/****************************************************************************
fd support routines - attempt to do a dos_open.
****************************************************************************/
@@ -3226,6 +3268,25 @@ static NTSTATUS create_file_unixpath(connection_struct
if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
DEBUG(10, ("Unable to stat stream: %s\n",
smb_fname_str_dbg(smb_fname_base)));
+ } else {
+ /*
+ * https://bugzilla.samba.org/show_bug.cgi?id=10229
+ * We need to check if the requested access mask
+ * could be used to open the underlying file (if
+ * it existed), as we're passing in zero for the
+ * access mask to the base filename.
+ */
+ status = check_base_file_access(conn,
+ smb_fname_base,
+ access_mask);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("Permission check "
+ "for base %s failed: "
+ "%s\n", smb_fname->base_name,
+ nt_errstr(status)));
+ goto fail;
+ }
}
/* Open the base file. */

70
net/samba/patches/patch-source3_smbd_statvfs_c
View File

@ -1,70 +0,0 @@
$OpenBSD: patch-source3_smbd_statvfs_c,v 1.1 2012/04/16 21:58:34 sthen Exp $
--- source3/smbd/statvfs.c.orig Sat Apr 7 14:23:20 2012
+++ source3/smbd/statvfs.c Tue Apr 10 23:49:12 2012
@@ -49,10 +49,8 @@ static int linux_statvfs(const char *path, vfs_statvfs
}
return result;
}
-#endif
+#elif defined(DARWINOS)
-#if defined(DARWINOS)
-
#include <sys/attr.h>
static int darwin_fs_capabilities(const char * path)
@@ -125,8 +123,45 @@ static int darwin_statvfs(const char *path, vfs_statvf
return 0;
}
+#elif defined(BSD) && defined(BSD_STATVFS_BSIZE)
+static int bsd_statvfs(const char *path, vfs_statvfs_struct *statbuf)
+{
+ struct statfs statfs_buf;
+ int result;
+
+ result = statfs(path, &statfs_buf);
+ if (result != 0) {
+ return result;
+ }
+
+ statbuf->OptimalTransferSize = statfs_buf.f_iosize;
+ statbuf->BlockSize = statfs_buf.f_bsize;
+ statbuf->TotalBlocks = statfs_buf.f_blocks;
+ statbuf->BlocksAvail = statfs_buf.f_bfree;
+ statbuf->UserBlocksAvail = statfs_buf.f_bavail;
+ statbuf->TotalFileNodes = statfs_buf.f_files;
+ statbuf->FreeFileNodes = statfs_buf.f_ffree;
+ statbuf->FsIdentifier =
+ (((uint64_t) statfs_buf.f_fsid.val[0] << 32) & 0xffffffff00000000LL) |
+ (uint64_t) statfs_buf.f_fsid.val[1];
+ /* Try to extrapolate some of the fs flags into the
+ * capabilities
+ */
+ statbuf->FsCapabilities =
+ FILE_CASE_SENSITIVE_SEARCH | FILE_CASE_PRESERVED_NAMES;
+#ifdef MNT_ACLS
+ if (statfs_buf.f_flags & MNT_ACLS)
+ statbuf->FsCapabilities |= FILE_PERSISTENT_ACLS;
#endif
+ if (statfs_buf.f_flags & MNT_QUOTA)
+ statbuf->FsCapabilities |= FILE_VOLUME_QUOTAS;
+ if (statfs_buf.f_flags & MNT_RDONLY)
+ statbuf->FsCapabilities |= FILE_READ_ONLY_VOLUME;
+ return 0;
+}
+#endif
+
/*
sys_statvfs() is an abstraction layer over system-dependent statvfs()/statfs()
for particular POSIX systems. Due to controversy of what is considered more important
@@ -139,6 +174,8 @@ int sys_statvfs(const char *path, vfs_statvfs_struct *
return linux_statvfs(path, statbuf);
#elif defined(DARWINOS)
return darwin_statvfs(path, statbuf);
+#elif defined(BSD) && defined(BSD_STATVFS_BSIZE)
+ return bsd_statvfs(path, statbuf);
#else
/* BB change this to return invalid level */
#ifdef EOPNOTSUPP

65
net/samba/patches/patch-source3_smbd_utmp_c
View File

@ -1,65 +0,0 @@
$OpenBSD: patch-source3_smbd_utmp_c,v 1.2 2012/09/25 20:11:11 brad Exp $
--- source3/smbd/utmp.c.orig Mon Jul 30 13:13:16 2012
+++ source3/smbd/utmp.c Thu Sep 13 20:29:38 2012
@@ -253,14 +253,59 @@ static char *uw_pathname(TALLOC_CTX *ctx,
}
#ifndef HAVE_PUTUTLINE
+#include <ttyent.h>
+
/****************************************************************************
Update utmp file directly. No subroutine interface: probably a BSD system.
****************************************************************************/
static void pututline_my(const char *uname, struct utmp *u, bool claim)
{
- DEBUG(1,("pututline_my: not yet implemented\n"));
- /* BSD implementor: may want to consider (or not) adjusting "lastlog" */
+ int fd, topslot;
+ struct utmp ubuf;
+
+ if ((fd = open(uname, O_RDWR, 0)) < 0)
+ return;
+
+ if (!setttyent())
+ goto error;
+
+ for (topslot = 0; getttyent() != (struct ttyent *)NULL; )
+ topslot++;
+
+ if (!endttyent())
+ goto error;
+
+ (void) lseek(fd, (off_t)(topslot * sizeof(struct utmp)), SEEK_SET);
+
+ DEBUG(1,("pututline(%s, %s, %d); topslot=%d\n",
+ u->ut_line, u->ut_name, claim, topslot));
+
+ while (1) {
+ if (read(fd, &ubuf, sizeof(ubuf)) == sizeof(ubuf)) {
+ if ((claim && !ubuf.ut_name[0]) ||
+ (!claim && ubuf.ut_name[0] &&
+ !strncmp(ubuf.ut_line, u->ut_line, UT_LINESIZE))) {
+ (void) lseek(fd, -(off_t)sizeof(struct utmp),
+ SEEK_CUR);
+ break;
+ }
+ topslot++;
+ } else {
+ (void) lseek(fd, (off_t)(topslot *
+ sizeof(struct utmp)), SEEK_SET);
+ break;
+ }
+ }
+
+ if (!claim) {
+ memset((char *)&u->ut_name, '\0', sizeof(u->ut_name));
+ memset((char *)&u->ut_host, '\0', sizeof(u->ut_host));
+ }
+ (void) write(fd, u, sizeof(struct utmp));
+
+error:
+ (void) close(fd);
}
#endif /* HAVE_PUTUTLINE */

21
net/samba/patches/patch-source3_utils_net_rpc_c
View File

@ -1,21 +0,0 @@
$OpenBSD: patch-source3_utils_net_rpc_c,v 1.2 2014/04/10 00:50:58 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/utils/net_rpc.c.orig Wed May 8 04:16:26 2013
+++ source3/utils/net_rpc.c Wed Apr 9 17:25:43 2014
@@ -2865,7 +2865,12 @@ static NTSTATUS rpc_list_group_members(struct net_cont
if (!NT_STATUS_IS_OK(result)) {
return result;
}
-
+ if (names.count != this_time) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
+ if (types.count != this_time) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
/* We only have users as members, but make the output
the same as the output of alias members */

23
net/samba/patches/patch-source3_utils_net_rpc_join_c
View File

@ -1,23 +0,0 @@
$OpenBSD: patch-source3_utils_net_rpc_join_c,v 1.1 2014/02/06 04:33:25 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/utils/net_rpc_join.c.orig Wed May 8 04:16:26 2013
+++ source3/utils/net_rpc_join.c Tue Jan 28 02:16:43 2014
@@ -367,6 +367,15 @@ int net_rpc_join_newstyle(struct net_context *c, int a
("error looking up rid for user %s: %s/%s\n",
acct_name, nt_errstr(status), nt_errstr(result)));
+ if (user_rids.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+ if (name_types.count != 1) {
+ status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+ goto done;
+ }
+
if (name_types.ids[0] != SID_NAME_USER) {
DEBUG(0, ("%s is not a user account (type=%d)\n", acct_name, name_types.ids[0]));
goto done;

16
net/samba/patches/patch-source3_web_swat_c
View File

@ -1,16 +0,0 @@
$OpenBSD: patch-source3_web_swat_c,v 1.2 2013/01/30 23:22:05 brad Exp $
--- source3/web/swat.c.orig Tue Jan 29 03:49:31 2013
+++ source3/web/swat.c Wed Jan 30 06:24:32 2013
@@ -245,8 +245,10 @@ static int include_html(const char *fname)
fd = web_open(fname, O_RDONLY, 0);
if (fd == -1) {
- printf(_("ERROR: Can't open %s"), fname);
- printf("\n");
+ if (strcmp(fname, "help/welcome.html")) {
+ printf(_("ERROR: Can't open %s"), fname);
+ printf("\n");
+ }
return 0;
}

17
net/samba/patches/patch-source3_winbindd_wb_lookupsids_c
View File

@ -1,17 +0,0 @@
$OpenBSD: patch-source3_winbindd_wb_lookupsids_c,v 1.1 2014/02/06 04:33:25 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/winbindd/wb_lookupsids.c.orig Wed May 8 04:16:26 2013
+++ source3/winbindd/wb_lookupsids.c Tue Jan 28 02:16:43 2014
@@ -402,6 +402,9 @@ static bool wb_lookupsids_move_name(struct lsa_RefDoma
uint32_t src_domain_index, dst_domain_index;
src_domain_index = src_name->sid_index;
+ if (src_domain_index >= src_domains->count) {
+ return false;
+ }
src_domain = &src_domains->domains[src_domain_index];
if (!wb_lookupsids_find_dom_idx(

29
net/samba/patches/patch-source3_winbindd_winbindd_msrpc_c
View File

@ -1,29 +0,0 @@
$OpenBSD: patch-source3_winbindd_winbindd_msrpc_c,v 1.1 2014/02/06 04:33:25 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/winbindd/winbindd_msrpc.c.orig Wed May 8 04:16:26 2013
+++ source3/winbindd/winbindd_msrpc.c Tue Jan 28 02:16:43 2014
@@ -744,13 +744,19 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_
/* Copy result into array. The talloc system will take
care of freeing the temporary arrays later on. */
- if (tmp_names.count != tmp_types.count) {
- return NT_STATUS_UNSUCCESSFUL;
+ if (tmp_names.count != num_lookup_rids) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
+ if (tmp_types.count != num_lookup_rids) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
for (r=0; r<tmp_names.count; r++) {
if (tmp_types.ids[r] == SID_NAME_UNKNOWN) {
continue;
+ }
+ if (total_names >= *num_names) {
+ break;
}
(*names)[total_names] = fill_domain_username_talloc(
mem_ctx, domain->name,

29
net/samba/patches/patch-source3_winbindd_winbindd_rpc_c
View File

@ -1,29 +0,0 @@
$OpenBSD: patch-source3_winbindd_winbindd_rpc_c,v 1.1 2014/02/06 04:33:25 brad Exp $
DCE-RPC fragment length field is incorrectly checked.
CVE-2013-4408
--- source3/winbindd/winbindd_rpc.c.orig Tue Jan 28 02:16:43 2014
+++ source3/winbindd/winbindd_rpc.c Tue Jan 28 02:16:43 2014
@@ -871,13 +871,19 @@ NTSTATUS rpc_lookup_groupmem(TALLOC_CTX *mem_ctx,
/* Copy result into array. The talloc system will take
care of freeing the temporary arrays later on. */
- if (tmp_names.count != tmp_types.count) {
- return NT_STATUS_UNSUCCESSFUL;
+ if (tmp_names.count != num_names) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
}
+ if (tmp_types.count != num_names) {
+ return NT_STATUS_INVALID_NETWORK_RESPONSE;
+ }
for (r = 0; r < tmp_names.count; r++) {
if (tmp_types.ids[r] == SID_NAME_UNKNOWN) {
continue;
+ }
+ if (total_names >= num_names) {
+ break;
}
names[total_names] = fill_domain_username_talloc(names,
domain_name,

13
net/samba/patches/patch-source3_wscript Normal file
View File

@ -0,0 +1,13 @@
$OpenBSD: patch-source3_wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
Use more generic check for OpenBSD.
--- source3/wscript.orig Mon Dec 1 13:48:32 2014
+++ source3/wscript Wed Jun 17 13:18:09 2015
@@ -72,7 +72,7 @@ def configure(conf):
conf.ADD_CFLAGS('-DDEVELOPER -DDEBUG_PASSWORD')
conf.env.developer = True
- if sys.platform != 'openbsd5':
+ if not sys.platform.startswith('openbsd'):
conf.ADD_LDFLAGS("-Wl,--export-dynamic", testflags=True)
conf.CHECK_HEADERS('execinfo.h libexc.h libunwind.h netdb.h')

17
net/samba/patches/patch-source4_heimdal_build_wscript_build Normal file
View File

@ -0,0 +1,17 @@
$OpenBSD: patch-source4_heimdal_build_wscript_build,v 1.1 2015/08/25 11:04:39 jca Exp $
Make Samba4 WAF respect OpenBSD shared libraries versioning conventions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9774
--- source4/heimdal_build/wscript_build.orig Thu Dec 5 10:16:48 2013
+++ source4/heimdal_build/wscript_build Wed Jun 17 13:28:09 2015
@@ -243,6 +243,11 @@ def HEIMDAL_LIBRARY(libname, source, deps, vnum, versi
features = 'cc cshlib symlink_lib install_lib'
+ # OpenBSD-like library version handling
+ osvnum = os.getenv('LIB' + bundled_name.replace('-', '_') + '_VERSION')
+ if osvnum:
+ vnum = osvnum
+
bld.set_group('main')
t = bld(
features = features,

15
net/samba/patches/patch-source4_scripting_bin_samba_upgradedns Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-source4_scripting_bin_samba_upgradedns,v 1.1 2015/08/25 11:04:39 jca Exp $
- net/isc-bind group name
--- source4/scripting/bin/samba_upgradedns.orig Wed Jul 15 15:24:50 2015
+++ source4/scripting/bin/samba_upgradedns Wed Jul 15 15:25:05 2015
@@ -75,7 +75,7 @@ __docformat__ = 'restructuredText'
def find_bind_gid():
"""Find system group id for bind9
"""
- for name in ["bind", "named"]:
+ for name in ["_bind"]:
try:
return grp.getgrnam(name)[2]
except KeyError:

18
net/samba/patches/patch-source4_torture_smbtorture_c Normal file
View File

@ -0,0 +1,18 @@
$OpenBSD: patch-source4_torture_smbtorture_c,v 1.1 2015/08/25 11:04:39 jca Exp $
This code isn't needed at all because lib/replace/system/readline.h
automatically includes <readline/history.h> if supported, and it
breaks the build when devel/readline is installed.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9885
--- source4/torture/smbtorture.c.orig Mon May 13 00:27:51 2013
+++ source4/torture/smbtorture.c Mon May 13 00:31:00 2013
@@ -34,10 +34,6 @@
#include "param/param.h"
#include "lib/util/samba_modules.h"
-#if HAVE_READLINE_HISTORY_H
-#include <readline/history.h>
-#endif
-
static char *prefix_name(TALLOC_CTX *mem_ctx, const char *prefix, const char *name)
{
if (prefix == NULL)

17
net/samba/patches/patch-wscript Normal file
View File

@ -0,0 +1,17 @@
$OpenBSD: patch-wscript,v 1.1 2015/08/25 11:04:39 jca Exp $
- samba is unusable (slow startup) without --as-needed; no visible drawback yet
--- wscript.orig Wed Jul 15 17:52:28 2015
+++ wscript Wed Jul 15 18:27:29 2015
@@ -154,9 +154,7 @@ def configure(conf):
# strict as the strictest OS we support, so adding this here
# allows us to find problems on our development hosts faster.
# It also results in faster load time.
-
- if not sys.platform.startswith("openbsd"):
- conf.env.asneeded_ldflags = conf.ADD_LDFLAGS('-Wl,--as-needed', testflags=True)
+ conf.env.asneeded_ldflags = conf.ADD_LDFLAGS('-Wl,--as-needed', testflags=True)
if not conf.CHECK_NEED_LC("-lc not needed"):
conf.ADD_LDFLAGS('-lc', testflags=False)

10
net/samba/pkg/DESCR-ldb Normal file
View File

@ -0,0 +1,10 @@
ldb is a LDAP-like embedded database. It is not at all LDAP standards
compliant, so if you want a standards compliant database then please
see the openldap package.
What ldb does is provide a fast database with an LDAP-like API
designed to be used within an application. In some ways it can be seen
as a intermediate solution between key-value pair databases and a real
LDAP database.
ldb is the database engine used in Samba4.

18
net/samba/pkg/DESCR-main
View File

@ -1,17 +1,3 @@
The Samba suite is a set of programs that implement a server for the
Windows file- and printer-sharing protocols (SMB/CIFS).
Samba allows Windows clients to use filesystem space and printers of
your OpenBSD system as if they were local drives or printers.
While configuration for larger sites can be quite complex, the default
installation of this package allows for immediate use of your OpenBSD
machine as a server for Windows clients.
Available flavors:
ldap Enable LDAP support
Available subpackage:
docs Documentation in HTML and PDF (man pages are part of the base package)
Windows file- and printer-sharing protocols (SMB/CIFS) and Active
Directory compatible Domain Controller.

8
net/samba/pkg/DESCR-tevent Normal file
View File

@ -0,0 +1,8 @@
Tevent is an event system based on the talloc memory management library.
It is the core event system used in Samba.
The low level tevent has support for many event types, including timers,
signals, and the classic file descriptor events.
Tevent also provide helpers to deal with asynchronous code providing the
tevent_req (tevent request) functions.

14
net/samba/pkg/DESCR-util Normal file
View File

@ -0,0 +1,14 @@
This package includes the following Samba4 components:
nss_wrapper:
Wrapper for system NSS library.
libreplace:
Wrapper for some other required system components. Contains
implementation of routines not found in system.
uid_wrapper:
TODO
util_setid:
TODO

502
net/samba/pkg/PLIST-docs
View File

@ -1,52 +1,46 @@
@comment $OpenBSD: PLIST-docs,v 1.21 2015/02/05 02:04:00 jca Exp $
@conflict samba-<=3.6.15p11
@pkgpath net/samba,-docs,ads
@pkgpath net/samba,-docs,cups
@pkgpath net/samba,-docs,cups,ads
@pkgpath net/samba,-docs,cups,ldap
@pkgpath net/samba,-docs,ldap
@comment $OpenBSD: PLIST-docs,v 1.22 2015/08/25 11:04:39 jca Exp $
@pkgpath net/samba,-docs
share/doc/samba/
share/doc/samba/NT4-Locking.reg
share/doc/samba/NT4_PlainPassword.reg
share/doc/samba/Win-2Kx-XPP-DeleteCachedProfiles.reg
share/doc/samba/Win-2Kx-XPP-ForceLocalProfile.reg
share/doc/samba/Win-NT-DeleteRoamingProfile.reg
share/doc/samba/Win2000_PlainPassword.reg
share/doc/samba/Win7_Samba3DomainMember.reg
share/doc/samba/Win95_PlainPassword.reg
share/doc/samba/Win98_PlainPassword.reg
share/doc/samba/Win9X-CacheHandling.reg
share/doc/samba/WinME_PlainPassword.reg
share/doc/samba/WinXP_PlainPassword.reg
share/doc/samba/WindowsTerminalServer.reg
share/doc/samba/history
share/doc/samba/htmldocs/
share/doc/samba/htmldocs/index.html
share/doc/samba/htmldocs/samba.css
share/doc/samba/pdf/
share/doc/samba/pdf/Samba3-ByExample.pdf
share/doc/samba/pdf/Samba3-Developers-Guide.pdf
share/doc/samba/pdf/Samba3-HOWTO.pdf
share/doc/samba/Samba3-ByExample.pdf
share/doc/samba/Samba3-Developers-Guide.pdf
share/doc/samba/Samba3-HOWTO.pdf
share/examples/samba/LDAP/
share/examples/samba/LDAP/README
share/examples/samba/LDAP/get_next_oid
share/examples/samba/LDAP/ol-schema-migrate.pl
share/examples/samba/LDAP/samba-nds.schema
share/examples/samba/LDAP/samba-schema-FDS.ldif
share/examples/samba/LDAP/samba-schema-netscapeds5.x.README
share/examples/samba/LDAP/samba-schema.IBMSecureWay
share/examples/samba/LDAP/samba.ldif
share/examples/samba/LDAP/samba.schema
share/examples/samba/LDAP/samba.schema.at.IBM-DS
share/examples/samba/LDAP/samba.schema.oc.IBM-DS
share/examples/samba/README
share/examples/samba/VFS/
share/examples/samba/VFS/Makefile.in
share/examples/samba/VFS/README
share/examples/samba/VFS/autogen.sh
share/examples/samba/VFS/config.guess
share/examples/samba/VFS/config.sub
share/examples/samba/VFS/configure
share/examples/samba/VFS/configure.in
share/examples/samba/VFS/install-sh
share/examples/samba/VFS/module_config.h.in
share/examples/samba/VFS/shadow_copy_test.c
share/examples/samba/VFS/skel_opaque.c
share/examples/samba/VFS/skel_transparent.c
share/examples/samba/VFS/wscript_build
share/examples/samba/ad-bench/
share/examples/samba/ad-bench/README
share/examples/samba/ad-bench/ad-bench.sh
share/examples/samba/ad-bench/settings.sh
share/examples/samba/ad-bench/test_utils.sh
share/examples/samba/ad-bench/time_group.sh
share/examples/samba/ad-bench/time_join.sh
share/examples/samba/ad-bench/time_kinit.sh
share/examples/samba/ad-bench/time_ldap.sh
share/examples/samba/ad-bench/time_user.sh
share/examples/samba/ad-bench/utils.sh
share/examples/samba/auth/
share/examples/samba/auth/Makefile
share/examples/samba/auth/auth_skel.c
share/examples/samba/auth/crackcheck/
share/examples/samba/auth/crackcheck/Makefile
share/examples/samba/auth/crackcheck/crackcheck.c
share/examples/samba/auth/wscript_build
share/examples/samba/autofs/
share/examples/samba/autofs/auto.smb
share/examples/samba/dce-dfs/
@ -54,28 +48,9 @@ share/examples/samba/dce-dfs/README
share/examples/samba/dce-dfs/smb.conf
share/examples/samba/libsmbclient/
share/examples/samba/libsmbclient/Makefile
share/examples/samba/libsmbclient/Makefile.internal
share/examples/samba/libsmbclient/Makefile.internal.in
share/examples/samba/libsmbclient/README
share/examples/samba/libsmbclient/get_auth_data_fn.h
share/examples/samba/libsmbclient/smbwrapper/
share/examples/samba/libsmbclient/smbwrapper/Makefile
share/examples/samba/libsmbclient/smbwrapper/README
share/examples/samba/libsmbclient/smbwrapper/bsd-strlcat.c
share/examples/samba/libsmbclient/smbwrapper/bsd-strlcpy.c
share/examples/samba/libsmbclient/smbwrapper/bsd-strlfunc.h
share/examples/samba/libsmbclient/smbwrapper/opendir_smbsh.c
share/examples/samba/libsmbclient/smbwrapper/select.c
share/examples/samba/libsmbclient/smbwrapper/smbsh.1
share/examples/samba/libsmbclient/smbwrapper/smbsh.1.html
share/examples/samba/libsmbclient/smbwrapper/smbsh.1.xml
share/examples/samba/libsmbclient/smbwrapper/smbsh.c
share/examples/samba/libsmbclient/smbwrapper/smbw.c
share/examples/samba/libsmbclient/smbwrapper/smbw.h
share/examples/samba/libsmbclient/smbwrapper/smbw_dir.c
share/examples/samba/libsmbclient/smbwrapper/smbw_stat.c
share/examples/samba/libsmbclient/smbwrapper/wrapper.c
share/examples/samba/libsmbclient/smbwrapper/wrapper.h
share/examples/samba/libsmbclient/testacl.c
share/examples/samba/libsmbclient/testacl2.c
share/examples/samba/libsmbclient/testacl3.c
@ -87,13 +62,17 @@ share/examples/samba/libsmbclient/testfstatvfs.c
share/examples/samba/libsmbclient/testread.c
share/examples/samba/libsmbclient/testsmbc.c
share/examples/samba/libsmbclient/teststat.c
@comment share/examples/samba/libsmbclient/teststat.c.orig
share/examples/samba/libsmbclient/teststat2.c
@comment share/examples/samba/libsmbclient/teststat2.c.orig
share/examples/samba/libsmbclient/teststat3.c
share/examples/samba/libsmbclient/teststatvfs.c
share/examples/samba/libsmbclient/testtruncate.c
share/examples/samba/libsmbclient/testutime.c
@comment share/examples/samba/libsmbclient/testutime.c.orig
share/examples/samba/libsmbclient/testwrite.c
share/examples/samba/libsmbclient/tree.c
share/examples/samba/libsmbclient/wscript_build
share/examples/samba/logon/
share/examples/samba/logon/genlogon/
share/examples/samba/logon/genlogon/genlogon.pl
@ -109,7 +88,6 @@ share/examples/samba/misc/adssearch.pl
share/examples/samba/misc/check_multiple_LDAP_entries.pl
share/examples/samba/misc/cldap.pl
share/examples/samba/misc/extra_smbstatus
share/examples/samba/misc/swat.pl
share/examples/samba/misc/wall.perl
share/examples/samba/nss/
share/examples/samba/nss/nss_winbind.c
@ -145,6 +123,7 @@ share/examples/samba/pdb/
share/examples/samba/pdb/Makefile
share/examples/samba/pdb/README
share/examples/samba/pdb/test.c
share/examples/samba/pdb/wscript_build
share/examples/samba/perfcounter/
share/examples/samba/perfcounter/Makefile
share/examples/samba/perfcounter/perf.h
@ -166,8 +145,7 @@ share/examples/samba/printing/
share/examples/samba/printing/VampireDriversFunctions
share/examples/samba/printing/prtpub.c
share/examples/samba/printing/readme.prtpub
share/examples/samba/printing/smbprint
share/examples/samba/printing/smbprint.sysv
@comment share/examples/samba/printing/smbprint.sysv
share/examples/samba/scripts/
@comment share/examples/samba/scripts/debugging/
@comment share/examples/samba/scripts/debugging/linux/
@ -198,6 +176,9 @@ share/examples/samba/scripts/shares/python/smbparm.py
share/examples/samba/scripts/users_and_groups/
share/examples/samba/scripts/users_and_groups/adduserstogroups.pl
share/examples/samba/scripts/users_and_groups/createdomobj.pl
share/examples/samba/scripts/vfs/
share/examples/samba/scripts/vfs/media_harmony/
share/examples/samba/scripts/vfs/media_harmony/trigger_avid_update.py
share/examples/samba/scripts/wins_hook/
share/examples/samba/scripts/wins_hook/README
share/examples/samba/scripts/wins_hook/dns_update
@ -214,408 +195,3 @@ share/examples/samba/validchars/nwdos70.out
share/examples/samba/validchars/readme
share/examples/samba/validchars/validchr.c
share/examples/samba/validchars/validchr.com
share/locale/
share/locale/ar/
share/locale/ar/LC_MESSAGES/
@comment share/locale/ar/LC_MESSAGES/pam_winbind.mo
share/locale/cs/
share/locale/cs/LC_MESSAGES/
@comment share/locale/cs/LC_MESSAGES/pam_winbind.mo
share/locale/da/
share/locale/da/LC_MESSAGES/
@comment share/locale/da/LC_MESSAGES/pam_winbind.mo
share/locale/de/
share/locale/de/LC_MESSAGES/
share/locale/de/LC_MESSAGES/net.mo
@comment share/locale/de/LC_MESSAGES/pam_winbind.mo
share/locale/es/
share/locale/es/LC_MESSAGES/
@comment share/locale/es/LC_MESSAGES/pam_winbind.mo
share/locale/fi/
share/locale/fi/LC_MESSAGES/
@comment share/locale/fi/LC_MESSAGES/pam_winbind.mo
share/locale/fr/
share/locale/fr/LC_MESSAGES/
@comment share/locale/fr/LC_MESSAGES/pam_winbind.mo
share/locale/hu/
share/locale/hu/LC_MESSAGES/
@comment share/locale/hu/LC_MESSAGES/pam_winbind.mo
share/locale/it/
share/locale/it/LC_MESSAGES/
@comment share/locale/it/LC_MESSAGES/pam_winbind.mo
share/locale/ja/
share/locale/ja/LC_MESSAGES/
@comment share/locale/ja/LC_MESSAGES/pam_winbind.mo
share/locale/ko/
share/locale/ko/LC_MESSAGES/
@comment share/locale/ko/LC_MESSAGES/pam_winbind.mo
share/locale/nb/
share/locale/nb/LC_MESSAGES/
@comment share/locale/nb/LC_MESSAGES/pam_winbind.mo
share/locale/nl/
share/locale/nl/LC_MESSAGES/
@comment share/locale/nl/LC_MESSAGES/pam_winbind.mo
share/locale/pl/
share/locale/pl/LC_MESSAGES/
@comment share/locale/pl/LC_MESSAGES/pam_winbind.mo
share/locale/pt_BR/
share/locale/pt_BR/LC_MESSAGES/
@comment share/locale/pt_BR/LC_MESSAGES/pam_winbind.mo
share/locale/ru/
share/locale/ru/LC_MESSAGES/
@comment share/locale/ru/LC_MESSAGES/pam_winbind.mo
share/locale/sv/
share/locale/sv/LC_MESSAGES/
@comment share/locale/sv/LC_MESSAGES/pam_winbind.mo
share/locale/zh_CN/
share/locale/zh_CN/LC_MESSAGES/
@comment share/locale/zh_CN/LC_MESSAGES/pam_winbind.mo
share/locale/zh_TW/
share/locale/zh_TW/LC_MESSAGES/
@comment share/locale/zh_TW/LC_MESSAGES/pam_winbind.mo
share/swat/help/Samba3-ByExample/
share/swat/help/Samba3-ByExample/Big500users.html
share/swat/help/Samba3-ByExample/DMSMig.html
share/swat/help/Samba3-ByExample/DomApps.html
share/swat/help/Samba3-ByExample/ExNetworks.html
share/swat/help/Samba3-ByExample/HA.html
share/swat/help/Samba3-ByExample/RefSection.html
share/swat/help/Samba3-ByExample/apa.html
share/swat/help/Samba3-ByExample/appendix.html
share/swat/help/Samba3-ByExample/ch14.html
share/swat/help/Samba3-ByExample/go01.html
share/swat/help/Samba3-ByExample/happy.html
share/swat/help/Samba3-ByExample/images/
share/swat/help/Samba3-ByExample/images/AccountingNetwork.png
share/swat/help/Samba3-ByExample/images/Charity-Network.png
share/swat/help/Samba3-ByExample/images/Domain-WorkgroupAnnouncement.png
share/swat/help/Samba3-ByExample/images/HostAnnouncment.png
share/swat/help/Samba3-ByExample/images/LocalMasterAnnouncement.png
share/swat/help/Samba3-ByExample/images/NullConnect.png
share/swat/help/Samba3-ByExample/images/UNIX-Samba-and-LDAP.png
share/swat/help/Samba3-ByExample/images/UserConnect.png
share/swat/help/Samba3-ByExample/images/UserMgrNT4.png
share/swat/help/Samba3-ByExample/images/WINREPRESSME-Capture.png
share/swat/help/Samba3-ByExample/images/WINREPRESSME-Capture2.png
share/swat/help/Samba3-ByExample/images/Windows-ME-WINEPRESSME-Startup-30min-ProtocolStats.png
share/swat/help/Samba3-ByExample/images/Windows-ME-WINEPRESSME-Startup-30min-TraceStats.png
share/swat/help/Samba3-ByExample/images/WindowsXP-NullConnection.png
share/swat/help/Samba3-ByExample/images/WindowsXP-UserConnection.png
share/swat/help/Samba3-ByExample/images/XP-screen001.png
share/swat/help/Samba3-ByExample/images/acct2net.png
share/swat/help/Samba3-ByExample/images/ch7-dual-additive-LDAP-Ok.png
share/swat/help/Samba3-ByExample/images/ch7-dual-additive-LDAP.png
share/swat/help/Samba3-ByExample/images/ch7-fail-overLDAP.png
share/swat/help/Samba3-ByExample/images/ch7-singleLDAP.png
share/swat/help/Samba3-ByExample/images/ch8-migration.png
share/swat/help/Samba3-ByExample/images/chap4-net.png
share/swat/help/Samba3-ByExample/images/chap5-net.png
share/swat/help/Samba3-ByExample/images/chap6-net.png
share/swat/help/Samba3-ByExample/images/chap7-idresol.png
share/swat/help/Samba3-ByExample/images/chap7-net-A.png
share/swat/help/Samba3-ByExample/images/chap7-net-Ar.png
share/swat/help/Samba3-ByExample/images/chap7-net.png
share/swat/help/Samba3-ByExample/images/chap7-net2-B.png
share/swat/help/Samba3-ByExample/images/chap7-net2-Br.png
share/swat/help/Samba3-ByExample/images/chap7-net2.png
share/swat/help/Samba3-ByExample/images/chap7-net2r.png
share/swat/help/Samba3-ByExample/images/chap7-netr.png
share/swat/help/Samba3-ByExample/images/chap9-ADSDC.png
share/swat/help/Samba3-ByExample/images/chap9-SambaDC.png
share/swat/help/Samba3-ByExample/images/imc-usermanager2.png
share/swat/help/Samba3-ByExample/images/lam-config.png
share/swat/help/Samba3-ByExample/images/lam-group-members.png
share/swat/help/Samba3-ByExample/images/lam-groups.png
share/swat/help/Samba3-ByExample/images/lam-hosts.png
share/swat/help/Samba3-ByExample/images/lam-login.png
share/swat/help/Samba3-ByExample/images/lam-users.png
share/swat/help/Samba3-ByExample/images/openmag.png
share/swat/help/Samba3-ByExample/images/wxpp001.png
share/swat/help/Samba3-ByExample/images/wxpp004.png
share/swat/help/Samba3-ByExample/images/wxpp006.png
share/swat/help/Samba3-ByExample/images/wxpp007.png
share/swat/help/Samba3-ByExample/images/wxpp008.png
share/swat/help/Samba3-ByExample/images/wxpp010.png
share/swat/help/Samba3-ByExample/images/wxpp011.png
share/swat/help/Samba3-ByExample/images/wxpp012.png
share/swat/help/Samba3-ByExample/images/wxpp013.png
share/swat/help/Samba3-ByExample/images/wxpp015.png
share/swat/help/Samba3-ByExample/index.html
share/swat/help/Samba3-ByExample/ix01.html
share/swat/help/Samba3-ByExample/kerberos.html
share/swat/help/Samba3-ByExample/net2000users.html
share/swat/help/Samba3-ByExample/ntmigration.html
share/swat/help/Samba3-ByExample/nw4migration.html
share/swat/help/Samba3-ByExample/pr01.html
share/swat/help/Samba3-ByExample/pr02.html
share/swat/help/Samba3-ByExample/pr03.html
share/swat/help/Samba3-ByExample/preface.html
share/swat/help/Samba3-ByExample/primer.html
share/swat/help/Samba3-ByExample/secure.html
share/swat/help/Samba3-ByExample/simple.html
share/swat/help/Samba3-ByExample/small.html
share/swat/help/Samba3-ByExample/unixclients.html
share/swat/help/Samba3-ByExample/upgrades.html
share/swat/help/Samba3-Developers-Guide/
share/swat/help/Samba3-Developers-Guide/CodingSuggestions.html
share/swat/help/Samba3-Developers-Guide/Packaging.html
share/swat/help/Samba3-Developers-Guide/architecture.html
share/swat/help/Samba3-Developers-Guide/contributing.html
share/swat/help/Samba3-Developers-Guide/debug.html
share/swat/help/Samba3-Developers-Guide/devprinting.html
share/swat/help/Samba3-Developers-Guide/index.html
share/swat/help/Samba3-Developers-Guide/internals.html
share/swat/help/Samba3-Developers-Guide/modules.html
share/swat/help/Samba3-Developers-Guide/ntdomain.html
share/swat/help/Samba3-Developers-Guide/parsing.html
share/swat/help/Samba3-Developers-Guide/pr01.html
share/swat/help/Samba3-Developers-Guide/pt01.html
share/swat/help/Samba3-Developers-Guide/pt02.html
share/swat/help/Samba3-Developers-Guide/pt03.html
share/swat/help/Samba3-Developers-Guide/pt04.html
share/swat/help/Samba3-Developers-Guide/pt05.html
share/swat/help/Samba3-Developers-Guide/pwencrypt.html
share/swat/help/Samba3-Developers-Guide/rpc-plugin.html
share/swat/help/Samba3-Developers-Guide/tracing.html
share/swat/help/Samba3-Developers-Guide/unix-smb.html
share/swat/help/Samba3-Developers-Guide/vfs.html
share/swat/help/Samba3-Developers-Guide/wins.html
share/swat/help/Samba3-HOWTO/
share/swat/help/Samba3-HOWTO/AccessControls.html
share/swat/help/Samba3-HOWTO/AdvancedNetworkManagement.html
share/swat/help/Samba3-HOWTO/Appendix.html
share/swat/help/Samba3-HOWTO/Backup.html
share/swat/help/Samba3-HOWTO/CUPS-printing.html
share/swat/help/Samba3-HOWTO/ChangeNotes.html
share/swat/help/Samba3-HOWTO/ClientConfig.html
share/swat/help/Samba3-HOWTO/DNSDHCP.html
share/swat/help/Samba3-HOWTO/FastStart.html
share/swat/help/Samba3-HOWTO/InterdomainTrusts.html
share/swat/help/Samba3-HOWTO/IntroSMB.html
share/swat/help/Samba3-HOWTO/NT4Migration.html
share/swat/help/Samba3-HOWTO/NetCommand.html
share/swat/help/Samba3-HOWTO/NetworkBrowsing.html
share/swat/help/Samba3-HOWTO/Other-Clients.html
share/swat/help/Samba3-HOWTO/PolicyMgmt.html
share/swat/help/Samba3-HOWTO/Portability.html
share/swat/help/Samba3-HOWTO/ProfileMgmt.html
share/swat/help/Samba3-HOWTO/SWAT.html
share/swat/help/Samba3-HOWTO/SambaHA.html
share/swat/help/Samba3-HOWTO/ServerType.html
share/swat/help/Samba3-HOWTO/StandAloneServer.html
share/swat/help/Samba3-HOWTO/TOSHpreface.html
share/swat/help/Samba3-HOWTO/VFS.html
share/swat/help/Samba3-HOWTO/apa.html
share/swat/help/Samba3-HOWTO/bugreport.html
share/swat/help/Samba3-HOWTO/cfgsmarts.html
share/swat/help/Samba3-HOWTO/ch-ldap-tls.html
share/swat/help/Samba3-HOWTO/ch47.html
share/swat/help/Samba3-HOWTO/classicalprinting.html
share/swat/help/Samba3-HOWTO/compiling.html
share/swat/help/Samba3-HOWTO/diagnosis.html
share/swat/help/Samba3-HOWTO/domain-member.html
share/swat/help/Samba3-HOWTO/go01.html
share/swat/help/Samba3-HOWTO/groupmapping.html
share/swat/help/Samba3-HOWTO/idmapper.html
share/swat/help/Samba3-HOWTO/images/
share/swat/help/Samba3-HOWTO/images/10small.png
share/swat/help/Samba3-HOWTO/images/11small.png
share/swat/help/Samba3-HOWTO/images/12small.png
share/swat/help/Samba3-HOWTO/images/13small.png
share/swat/help/Samba3-HOWTO/images/14small.png
share/swat/help/Samba3-HOWTO/images/1small.png
share/swat/help/Samba3-HOWTO/images/2small.png
share/swat/help/Samba3-HOWTO/images/3small.png
share/swat/help/Samba3-HOWTO/images/4small.png
share/swat/help/Samba3-HOWTO/images/5small.png
share/swat/help/Samba3-HOWTO/images/6small.png
share/swat/help/Samba3-HOWTO/images/7small.png
share/swat/help/Samba3-HOWTO/images/8small.png
share/swat/help/Samba3-HOWTO/images/9small.png
share/swat/help/Samba3-HOWTO/images/WME001.png
share/swat/help/Samba3-HOWTO/images/WME002.png
share/swat/help/Samba3-HOWTO/images/WME003.png
share/swat/help/Samba3-HOWTO/images/WME004.png
share/swat/help/Samba3-HOWTO/images/WME005.png
share/swat/help/Samba3-HOWTO/images/WME006.png
share/swat/help/Samba3-HOWTO/images/WME007.png
share/swat/help/Samba3-HOWTO/images/WME008.png
share/swat/help/Samba3-HOWTO/images/WME009.png
share/swat/help/Samba3-HOWTO/images/WME010.png
share/swat/help/Samba3-HOWTO/images/WME011.png
share/swat/help/Samba3-HOWTO/images/WME012.png
share/swat/help/Samba3-HOWTO/images/WME013.png
share/swat/help/Samba3-HOWTO/images/WME014.png
share/swat/help/Samba3-HOWTO/images/WXPP002.png
share/swat/help/Samba3-HOWTO/images/WXPP003.png
share/swat/help/Samba3-HOWTO/images/WXPP005.png
share/swat/help/Samba3-HOWTO/images/WXPP009.png
share/swat/help/Samba3-HOWTO/images/WXPP014.png
share/swat/help/Samba3-HOWTO/images/a_small.png
share/swat/help/Samba3-HOWTO/images/access1.png
share/swat/help/Samba3-HOWTO/images/browsing1.png
share/swat/help/Samba3-HOWTO/images/cups1.png
share/swat/help/Samba3-HOWTO/images/cups2.png
share/swat/help/Samba3-HOWTO/images/domain.png
share/swat/help/Samba3-HOWTO/images/ethereal1.png
share/swat/help/Samba3-HOWTO/images/ethereal2.png
share/swat/help/Samba3-HOWTO/images/idmap-gid2sid.png
share/swat/help/Samba3-HOWTO/images/idmap-groups.png
share/swat/help/Samba3-HOWTO/images/idmap-sid2gid.png
share/swat/help/Samba3-HOWTO/images/idmap-sid2uid.png
share/swat/help/Samba3-HOWTO/images/idmap-store-gid2sid.png
share/swat/help/Samba3-HOWTO/images/idmap-uid2sid.png
share/swat/help/Samba3-HOWTO/images/idmap.png
share/swat/help/Samba3-HOWTO/images/idmap_winbind_no_loop.png
share/swat/help/Samba3-HOWTO/images/pdftoepsonusb.png
share/swat/help/Samba3-HOWTO/images/pdftosocket.png
share/swat/help/Samba3-HOWTO/images/trusts1.png
share/swat/help/Samba3-HOWTO/images/w2kp001.png
share/swat/help/Samba3-HOWTO/images/w2kp002.png
share/swat/help/Samba3-HOWTO/images/w2kp003.png
share/swat/help/Samba3-HOWTO/images/w2kp004.png
share/swat/help/Samba3-HOWTO/images/w2kp005.png
share/swat/help/Samba3-HOWTO/images/w2kp006.png
share/swat/help/Samba3-HOWTO/images/wxpp001.png
share/swat/help/Samba3-HOWTO/images/wxpp004.png
share/swat/help/Samba3-HOWTO/images/wxpp006.png
share/swat/help/Samba3-HOWTO/images/wxpp007.png
share/swat/help/Samba3-HOWTO/images/wxpp008.png
share/swat/help/Samba3-HOWTO/images/wxpp010.png
share/swat/help/Samba3-HOWTO/images/wxpp011.png
share/swat/help/Samba3-HOWTO/images/wxpp012.png
share/swat/help/Samba3-HOWTO/images/wxpp013.png
share/swat/help/Samba3-HOWTO/images/wxpp015.png
share/swat/help/Samba3-HOWTO/index.html
share/swat/help/Samba3-HOWTO/install.html
share/swat/help/Samba3-HOWTO/integrate-ms-networks.html
share/swat/help/Samba3-HOWTO/introduction.html
share/swat/help/Samba3-HOWTO/ix01.html
share/swat/help/Samba3-HOWTO/largefile.html
share/swat/help/Samba3-HOWTO/locking.html
share/swat/help/Samba3-HOWTO/migration.html
share/swat/help/Samba3-HOWTO/msdfs.html
share/swat/help/Samba3-HOWTO/optional.html
@comment share/swat/help/Samba3-HOWTO/pam.html
share/swat/help/Samba3-HOWTO/passdb.html
share/swat/help/Samba3-HOWTO/pr01.html
share/swat/help/Samba3-HOWTO/pr02.html
share/swat/help/Samba3-HOWTO/pr03.html
share/swat/help/Samba3-HOWTO/problems.html
share/swat/help/Samba3-HOWTO/rights.html
share/swat/help/Samba3-HOWTO/samba-bdc.html
share/swat/help/Samba3-HOWTO/samba-pdc.html
share/swat/help/Samba3-HOWTO/securing-samba.html
share/swat/help/Samba3-HOWTO/speed.html
share/swat/help/Samba3-HOWTO/tdb.html
share/swat/help/Samba3-HOWTO/troubleshooting.html
share/swat/help/Samba3-HOWTO/type.html
share/swat/help/Samba3-HOWTO/unicode.html
share/swat/help/Samba3-HOWTO/upgrading-to-3.0.html
share/swat/help/Samba3-HOWTO/winbind.html
share/swat/help/manpages/
share/swat/help/manpages/eventlogadm.8.html
share/swat/help/manpages/findsmb.1.html
share/swat/help/manpages/idmap_ad.8.html
share/swat/help/manpages/idmap_adex.8.html
share/swat/help/manpages/idmap_autorid.8.html
share/swat/help/manpages/idmap_hash.8.html
share/swat/help/manpages/idmap_ldap.8.html
share/swat/help/manpages/idmap_nss.8.html
share/swat/help/manpages/idmap_rid.8.html
share/swat/help/manpages/idmap_tdb.8.html
share/swat/help/manpages/idmap_tdb2.8.html
share/swat/help/manpages/index.html
share/swat/help/manpages/libsmbclient.7.html
share/swat/help/manpages/lmhosts.5.html
share/swat/help/manpages/log2pcap.1.html
share/swat/help/manpages/net.8.html
share/swat/help/manpages/nmbd.8.html
share/swat/help/manpages/nmblookup.1.html
share/swat/help/manpages/ntlm_auth.1.html
@comment share/swat/help/manpages/pam_winbind.8.html
@comment share/swat/help/manpages/pam_winbind.conf.5.html
share/swat/help/manpages/pdbedit.8.html
share/swat/help/manpages/profiles.1.html
share/swat/help/manpages/rpcclient.1.html
share/swat/help/manpages/samba.7.html
share/swat/help/manpages/sharesec.1.html
share/swat/help/manpages/smb.conf.5.html
share/swat/help/manpages/smbcacls.1.html
share/swat/help/manpages/smbclient.1.html
share/swat/help/manpages/smbcontrol.1.html
share/swat/help/manpages/smbcquotas.1.html
share/swat/help/manpages/smbd.8.html
share/swat/help/manpages/smbget.1.html
share/swat/help/manpages/smbgetrc.5.html
share/swat/help/manpages/smbpasswd.5.html
share/swat/help/manpages/smbpasswd.8.html
share/swat/help/manpages/smbspool.8.html
share/swat/help/manpages/smbstatus.1.html
share/swat/help/manpages/smbta-util.8.html
share/swat/help/manpages/smbtar.1.html
share/swat/help/manpages/smbtree.1.html
share/swat/help/manpages/swat.8.html
share/swat/help/manpages/tdbbackup.8.html
share/swat/help/manpages/tdbdump.8.html
share/swat/help/manpages/tdbtool.8.html
share/swat/help/manpages/testparm.1.html
share/swat/help/manpages/vfs_acl_tdb.8.html
share/swat/help/manpages/vfs_acl_xattr.8.html
share/swat/help/manpages/vfs_aio_fork.8.html
share/swat/help/manpages/vfs_aio_pthread.8.html
share/swat/help/manpages/vfs_audit.8.html
share/swat/help/manpages/vfs_cacheprime.8.html
share/swat/help/manpages/vfs_cap.8.html
share/swat/help/manpages/vfs_catia.8.html
share/swat/help/manpages/vfs_commit.8.html
share/swat/help/manpages/vfs_crossrename.8.html
share/swat/help/manpages/vfs_default_quota.8.html
share/swat/help/manpages/vfs_dirsort.8.html
share/swat/help/manpages/vfs_extd_audit.8.html
share/swat/help/manpages/vfs_fake_perms.8.html
share/swat/help/manpages/vfs_fileid.8.html
share/swat/help/manpages/vfs_full_audit.8.html
share/swat/help/manpages/vfs_gpfs.8.html
share/swat/help/manpages/vfs_netatalk.8.html
share/swat/help/manpages/vfs_notify_fam.8.html
share/swat/help/manpages/vfs_prealloc.8.html
share/swat/help/manpages/vfs_preopen.8.html
share/swat/help/manpages/vfs_readahead.8.html
share/swat/help/manpages/vfs_readonly.8.html
share/swat/help/manpages/vfs_recycle.8.html
share/swat/help/manpages/vfs_scannedonly.8.html
share/swat/help/manpages/vfs_shadow_copy.8.html
share/swat/help/manpages/vfs_shadow_copy2.8.html
share/swat/help/manpages/vfs_smb_traffic_analyzer.8.html
share/swat/help/manpages/vfs_streams_depot.8.html
share/swat/help/manpages/vfs_streams_xattr.8.html
share/swat/help/manpages/vfs_time_audit.8.html
share/swat/help/manpages/vfs_xattr_tdb.8.html
share/swat/help/manpages/vfstest.1.html
share/swat/help/manpages/wbinfo.1.html
share/swat/help/manpages/winbind_krb5_locator.7.html
share/swat/help/manpages/winbindd.8.html
share/swat/help/welcome.html
@comment share/swat/js/
@comment share/swat/lang/
@comment share/swat/lang/ja/
@comment share/swat/lang/ja/help/
@comment share/swat/lang/ja/help/welcome.html
@comment share/swat/lang/ja/images/
@comment share/swat/lang/ja/include/
@comment share/swat/lang/ja/js/
@comment share/swat/lang/tr/
@comment share/swat/lang/tr/help/
@comment share/swat/lang/tr/help/welcome.html
@comment share/swat/lang/tr/images/
@comment share/swat/lang/tr/images/globals.gif
@comment share/swat/lang/tr/images/home.gif
@comment share/swat/lang/tr/images/passwd.gif
@comment share/swat/lang/tr/images/printers.gif
@comment share/swat/lang/tr/images/samba.gif
@comment share/swat/lang/tr/images/shares.gif
@comment share/swat/lang/tr/images/status.gif
@comment share/swat/lang/tr/images/viewconfig.gif
@comment share/swat/lang/tr/include/
@comment share/swat/lang/tr/js/

27
net/samba/pkg/PLIST-ldb Normal file
View File

@ -0,0 +1,27 @@
@comment $OpenBSD: PLIST-ldb,v 1.1 2015/08/25 11:04:39 jca Exp $
@bin bin/ldbadd
@bin bin/ldbdel
@bin bin/ldbedit
@bin bin/ldbmodify
@bin bin/ldbrename
@bin bin/ldbsearch
include/samba-4.0/ldb.h
include/samba-4.0/ldb_errors.h
include/samba-4.0/ldb_handlers.h
include/samba-4.0/ldb_module.h
include/samba-4.0/ldb_version.h
include/samba-4.0/pyldb.h
@lib lib/libldb.so.${LIBldb_VERSION}
@lib lib/libpyldb-util.so.${LIBpyldb-util_VERSION}
lib/pkgconfig/ldb.pc
lib/pkgconfig/pyldb-util.pc
lib/python${MODPY_VERSION}/site-packages/ldb.so
lib/samba/ldb/
lib/samba/libldb-cmdline.so
@man man/man1/ldbadd.1
@man man/man1/ldbdel.1
@man man/man1/ldbedit.1
@man man/man1/ldbmodify.1
@man man/man1/ldbrename.1
@man man/man1/ldbsearch.1
@man man/man3/ldb.3

1277
net/samba/pkg/PLIST-main
View File

File diff suppressed because it is too large Load Diff

8
net/samba/pkg/PLIST-tevent Normal file
View File

@ -0,0 +1,8 @@
@comment $OpenBSD: PLIST-tevent,v 1.1 2015/08/25 11:04:39 jca Exp $
include/samba-4.0/tevent.h
@lib lib/libtevent.so.${LIBtevent_VERSION}
lib/pkgconfig/tevent.pc
lib/python${MODPY_VERSION}/site-packages/_tevent.so
lib/python${MODPY_VERSION}/site-packages/tevent.py
lib/python${MODPY_VERSION}/site-packages/tevent.pyc
lib/python${MODPY_VERSION}/site-packages/tevent.pyo

12
net/samba/pkg/PLIST-util Normal file
View File

@ -0,0 +1,12 @@
@comment $OpenBSD: PLIST-util,v 1.1 2015/08/25 11:04:39 jca Exp $
@lib lib/libnss_wrapper.so.${LIBnss_wrapper_VERSION}
@lib lib/libreplace.so.${LIBreplace_VERSION}
@lib lib/libsocket_wrapper.so.${LIBsocket_wrapper_VERSION}
@lib lib/libuid_wrapper.so.${LIBuid_wrapper_VERSION}
@lib lib/libutil_setid.so.${LIButil_setid_VERSION}
lib/python${MODPY_VERSION}/site-packages/samba/socket_wrapper.so
@lib lib/samba/libnss_wrapper.so.${LIBnss_wrapper_VERSION}
@lib lib/samba/libreplace.so.${LIBreplace_VERSION}
@lib lib/samba/libsocket_wrapper.so.${LIBsocket_wrapper_VERSION}
@lib lib/samba/libuid_wrapper.so.${LIBuid_wrapper_VERSION}
@lib lib/samba/libutil_setid.so.${LIButil_setid_VERSION}

8
sysutils/usmb/Makefile
View File

@ -1,9 +1,9 @@
# $OpenBSD: Makefile,v 1.2 2015/04/21 18:19:27 sthen Exp $
# $OpenBSD: Makefile,v 1.3 2015/08/25 11:04:38 jca Exp $
COMMENT= mount SMB shares from userland via FUSE
DISTNAME= usmb-20130204
REVISION= 0
REVISION= 1
CATEGORIES= sysutils
@ -12,7 +12,7 @@ HOMEPAGE= http://ametros.net/code.html
# GPLv3
PERMIT_PACKAGE_CDROM= Yes
WANTLIB += c fuse glib-2.0 lib/samba/smbclient pthread xml2
WANTLIB += c fuse glib-2.0 smbclient pthread xml2
# http://repo.or.cz/w/usmb.git/snapshot/aa94e132c12faf1a00f547ea4a96b5728612dea6.tar.gz
MASTER_SITES= http://spacehopper.org/mirrors/
@ -27,6 +27,8 @@ SEPARATE_BUILD= Yes
USE_GMAKE= Yes
CONFIGURE_STYLE= gnu
CONFIGURE_ARGS+= --with-samba=${LOCALBASE}
CONFIGURE_ENV = CFLAGS="`pkg-config --cflags smbclient`" \
LDFLAGS="`pkg-config --libs smbclient`"
NO_TEST= Yes

10
x11/gnome/gvfs/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.138 2015/08/25 06:42:14 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.139 2015/08/25 11:04:38 jca Exp $
SHARED_ONLY= Yes
@ -15,6 +15,8 @@ PKGNAME-smb= ${GNOME_PROJECT}-smb-${GNOME_VERSION}
PKGNAME-goa= ${GNOME_PROJECT}-goa-${GNOME_VERSION}
PKGNAME-nfs= ${GNOME_PROJECT}-nfs-${GNOME_VERSION}
REVISION-smb= 0
# LGPLv2
PERMIT_PACKAGE_CDROM= Yes
@ -37,7 +39,7 @@ WANTLIB-main += soup-2.4 sqlite3 gthread-2.0 xcb xcb-render
WANTLIB-main += gcrypt gpg-error secret-1 epoxy lzo2
WANTLIB-smb += ${WANTLIB}
WANTLIB-smb += smbclient execinfo talloc tdb wbclient
WANTLIB-smb += smbclient
WANTLIB-smb += gcrypt gpg-error secret-1
WANTLIB-goa += ${WANTLIB}
@ -48,6 +50,10 @@ WANTLIB-nfs += gcrypt gpg-error nfs secret-1
MODGNOME_TOOLS= docbook
# XXX base libtool errors out since it can't find libs in local/lib/samba
# brought in by libsmbclient
USE_LIBTOOL= gnu
LIB_DEPENDS-main= ${LIB_DEPENDS} \
archivers/libarchive \
devel/libsoup \

14
x11/kde/base3/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.132 2015/07/07 14:49:50 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.133 2015/08/25 11:04:39 jca Exp $
COMMENT-main = K Desktop Environment, basic applications
COMMENT-samba = K Desktop Environment, samba support
@ -14,7 +14,7 @@ PKGNAME-locale = kde3-locale-${VERSION}
PKG_ARCH-en_US = *
PKG_ARCH-locale = *
REVISION-main = 39
REVISION-samba = 15
REVISION-samba = 16
REVISION-en_US = 2
REVISION-locale = 2
@ -62,7 +62,7 @@ LIB_DEPENDS-main = ${LIB_DEPENDS} \
devel/glib2
LIB_DEPENDS-samba = ${LIB_DEPENDS} \
x11/kde/libs3 \
net/samba>=3
net/samba
WANTLIB = crypto expat m pthread pthread-stubs ssl stdc++ util z
WANTLIB += ICE SM X11 Xext Xfixes Xrender Xt freetype fontconfig xcb
@ -88,12 +88,16 @@ WANTLIB-main += glib-2.0 gmodule-2.0 gthread-2.0 jpeg lcms mad mcop mng
WANTLIB-main += ogg pcre pcreposix qtmcop usb usb-1.0 vorbis vorbisenc
WANTLIB-main += vorbisfile
WANTLIB-samba = ${WANTLIB} execinfo
WANTLIB-samba += lib/samba/smbclient talloc tdb lib/samba/wbclient
WANTLIB-samba = ${WANTLIB}
WANTLIB-samba += execinfo ndr ndr-standard nss_wrapper replace samba-hostconfig
WANTLIB-samba += samba-util smbclient smbconf socket_wrapper talloc tdb tevent
WANTLIB-samba += tevent-util uid_wrapper util_setid
WANTLIB-en_US =
WANTLIB-locale =
CONFIGURE_ENV += CPPFLAGS="`pkg-config --cflags smbclient`"
SEPARATE_BUILD = flavored
SUBST_VARS = PREFIX

6
x11/kde4/runtime/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.25 2015/06/26 09:18:39 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.26 2015/08/25 11:04:39 jca Exp $
COMMENT-main = KDE core run-time components
COMMENT-locale = KDE locale data files
@ -6,7 +6,7 @@ DISTNAME = kde-runtime-${MODKDE4_VERSION}
PKGNAME-main = ${DISTNAME}
PKGNAME-locale = kde4-locale-${MODKDE4_VERSION}
PKG_ARCH-locale = *
REVISION-main = 4
REVISION-main = 5
REVISION-locale = 1
DPB_PROPERTIES = parallel
@ -36,7 +36,7 @@ WANTLIB-main += ${KDE4LIB}/kxmlrpcclient ${KDE4LIB}/nepomuk
WANTLIB-main += ${KDE4LIB}/nepomukutils
WANTLIB-main += ${KDE4LIB}/plasma ${KDE4LIB}/qgpgme ${KDE4LIB}/solid
WANTLIB-main += attica canberra exiv2 glib-2.0 jpeg pulse
WANTLIB-main += pulse-mainloop-glib lib/samba/smbclient ssh soprano webp
WANTLIB-main += pulse-mainloop-glib smbclient ssh soprano webp
WANTLIB-main += assuan gcrypt gpg-error gpgme++-pthread gpgme-pthread
WANTLIB-locale =