cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
76,359 Commits 1 Branch 0 Tags 554 MiB
1883325b00
Commit Graph

216 Commits

Author SHA1 Message Date
ajacoutot
771ed9034f Add comment that daemon_flags, daemon_user and daemon_class are not passed 
to the child scripts.
 2012-07-04 13:00:46 +00:00
sthen
cf0fe9c493 Update to Samba 3.6.6, from maintainer Ian McWilliam. 
o  Fix possible memory leaks in the Samba master process (bug #8970).
o  Fix uninitialized memory read in talloc_free().
o  Fix joining of XP Pro workstations to 3.6 DCs (bug #8373).
 2012-06-27 07:29:17 +00:00
sthen
4a8788c3d1 samba autoconf picks up uuid/uuid.h if installed; set BUILD_DEPENDS on 
e2fsprogs to make sure dpb doesn't junk it. unclear if it actually changes
anything in the package but bumping anyway to be sure.
 2012-05-22 11:43:31 +00:00
sthen
2314056268 SECURITY update to Samba 3.6.5, from maintainer Ian McWilliam 
http://www.samba.org/samba/security/CVE-2012-2111

Samba versions 3.4.x to 3.6.4 inclusive are affected by a
vulnerability that allows arbitrary users to modify privileges on a
file server.

Security checks were incorrectly applied to the Local Security
Authority (LSA) remote proceedure calls (RPC) CreateAccount,
OpenAccount, AddAccountRights and RemoveAccountRights allowing any
authenticated user to modify the privileges database.

This is a serious error, as it means that authenticated users can
connect to the LSA and grant themselves the "take ownership"
privilege. This privilege is used by the smbd file server to grant the
ability to change ownership of a file or directory which means users
could take ownership of files or directories they do not own.
 2012-05-03 07:40:05 +00:00
ajacoutot
689f54b24a --localstatedir=/var is the default now. 2012-04-28 10:52:08 +00:00
ajacoutot
3231d150e9 /etc/rc.d -> RCDIR 2012-04-22 13:44:09 +00:00
sthen
de35723980 add patches to samba, from Brad, ok with maintainer, also tested by nigel@ 
- backport *BSD sys_statvfs() wrapper
- tweak autoconf check for cups
 2012-04-16 21:58:34 +00:00
sthen
02b481b58a *NASTY* security update to samba 3.6.4: remote code execution as root by 
anonymous user.  https://www.samba.org/samba/security/CVE-2012-1182

Note when MFC'ing: do not sync the new entries in PLIST-main back to
stable, they depend on dirfd being a function.
 2012-04-10 22:37:02 +00:00
sthen
c0b02f0089 fix WRKSRC/WRKDIST insanity 2012-04-10 22:01:20 +00:00
sthen
88ea72915d Change SEPARATE_BUILD=(concurrent|simple) to Yes; bsd.port.mk doesn't 
make a distinction between these.  ok aja@ dcoppa@
 2012-03-29 13:38:12 +00:00
sthen
a2c92de30c fix MASTER_SITES; eloshinsky at gmail 2012-03-02 08:22:20 +00:00
sthen
c3bc9562f0 Update to samba 3.6.3; various bugfixes. From maintainer Ian McWilliam, 
also tested by nigel@.

This rolls in the DoS fix which we previously handled via a patch.
 2012-02-16 21:36:08 +00:00
sthen
98a844eafa SECURITY fix for CVE-2012-0817, memory leak affecting samba 3.6.0 to 3.6.2 
can cause DoS. Pointed out by maintainer.

http://ftp.samba.org/pub/samba/patches/security/samba-3.6.2-CVE-2012-0817.patch

ok ajacoutot@
 2012-01-31 09:12:58 +00:00
sthen
91faa22c52 Where a program with an rc script _requires_ a certain command line 
parameter to daemonize, move the parameter from daemon to daemon_flags,
so that the user cannot inadvertently prevent it from daemonizing by
adjusting the flags.

Discussed with ajacoutot and schwarze, this method was suggested
by schwarze@ as a simpler alternative to my diff. ok aja@
 2011-12-17 22:01:12 +00:00
sthen
f3fcca9da2 update to samba 3.6.1; lots of bugfixes. 
similar diff / ok Ian McWilliam (maintainer).
also tested by dhill, thanks!
 2011-10-21 20:10:51 +00:00
sthen
49ee02f207 update to samba 3.6.0, from Ian McWilliam / Stefan Rinkes 
tweaks/testing from me and nigel@
 2011-09-26 09:32:12 +00:00
espie
d0fa01c846 normalize pkgpath 2011-09-16 11:13:37 +00:00
sthen
3f4b7ec902 don't install manpages for non-existing programs; from Pascal Stumpf, feedback 
from nigel@ espie@, earlier version ok maintainer.
 2011-09-13 10:54:15 +00:00
giovanni
a9df1a858a Bugfix update to 3.5.11, from maintainer Ian McWilliam 2011-08-22 10:03:24 +00:00
giovanni
62f5f7f26e Update to 3.5.10 
Fixes:
CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and
CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT).

From maintainer Ian McWilliam
 2011-07-29 08:13:51 +00:00
sthen
75699dfd96 Add missing directory in PLIST-main (share/doc/samba/), pointed out by fgsch@ 2011-07-14 08:42:02 +00:00
ajacoutot
70ac96c395 rc_scripts -> pkg_scripts 2011-07-08 02:14:58 +00:00
sthen
2426dbb54a update to samba 3.5.9, from maintainer Ian McWilliam 2011-06-15 19:34:45 +00:00
sthen
340ee33451 Change the sample cap_mkdb command so it only runs if login.conf.db is present. 
ok Ian McWilliam, aja@, landry@
 2011-06-03 10:21:54 +00:00
ajacoutot
f982995f2b Add a consistent header that substitutes FULLPKGNAME for the READMEs. 
ok jasper@ sthen@
 2011-06-02 13:41:36 +00:00
gsoares
cf9171530b - use TRUEPREFIX instead of hardcoding it; ok aja@ sthen@ 2011-05-19 20:44:51 +00:00
sthen
b5eebd96b7 - remove libutf8 build dependency for the ldap flavours, locale support 
in base is good enough.

- remove NULL casts which are no longer needed.

ok Ian McWilliam
 2011-04-17 08:33:14 +00:00
ajacoutot
72c5e6c88d Rewrite samba.rc and make it a wrapper script that calls the provided 
rc.d(8) script. This is much more simple, makes much more sense and
allow for proper debugging.

discussed with robert@
 2011-04-03 18:07:52 +00:00
sthen
8925982cf3 bsd.port.mk now specifies groff 1.21, no need to force the version in 
BUILD_DEPENDS here. bump not needed.
 2011-03-21 09:40:04 +00:00
sthen
318f27f121 - remove workaround for old groff 
- remove MESSAGE-main referring to a config change, people upgrading
have had plenty of time to adapt

ok Ian McWilliam (maintainer)
 2011-03-21 09:20:35 +00:00
ajacoutot
1ffbcaa750 Remove all redirections -- rc.subr(8) now takes care of it. 2011-03-17 16:49:27 +00:00
sthen
0a351afcc7 update to 3.5.8, ok aja@ giovanni@ Ian McWilliam (maintainer) 2011-03-15 13:49:44 +00:00
ajacoutot
073e9e6b72 These aren't needed either. 2011-03-09 19:37:47 +00:00
sthen
fe2f364ef0 SECURITY update to 3.5.7; fixes CVE-2011-0719 FD_SET overflow 
Same diff from maintainer Ian McWilliam
 2011-03-02 08:24:03 +00:00
ajacoutot
242a7d4483 Add rc scripts. 
While here, fix the LOCALBASE vs PREFIX and SYSCONFDIR vs /etc mess.

ok robert@
 2011-01-17 17:58:03 +00:00
ajacoutot
0c8e6ae42f Remove a left-over powerpc optimization workaround. 
from Brad.
 2010-12-06 19:41:54 +00:00
espie
0397d65db0 new depends 2010-11-19 22:31:32 +00:00
espie
96dca66106 finish net WANTLIB 2010-11-11 17:20:27 +00:00
ajacoutot
e89b9beb0f Cosmetic, be consistent with how we set the rcs id in other files. 2010-11-06 07:56:48 +00:00
ajacoutot
9bb8edc168 Add RCS IDs and remove useless MESSAGEs. 2010-10-29 12:41:58 +00:00
espie
ef750600b5 convert to new pkg-readmes. This one keeps a MESSAGE because it says 
something.
(wanted to check multi-packages...)
 2010-10-29 09:40:41 +00:00
sthen
6cef8065dc update Samba to 3.5.6; various bugfixes. From maintainer Ian McWilliam. 2010-10-18 19:07:19 +00:00
espie
47ff75aa46 USE_GROFF=Yes 2010-10-18 18:36:45 +00:00
sthen
25b242a580 new-style WANTLIB/LIB_DEPENDS 2010-09-18 12:36:27 +00:00
sthen
b437d42ac1 SECURITY update to samba 3.5.5; fixes CVE-2010-3069, CVE-2010-3069. 
From maintainer Ian McWilliam.
 2010-09-18 12:35:55 +00:00
sthen
1f144cbcbf Run README.OpenBSD through SUBST_CMD, bump REVISION-main. 2010-08-28 18:55:18 +00:00
ajacoutot
a53a178cf0 Remove obsolete powerpc workaround, from Brad. 2010-07-26 20:28:00 +00:00
ajacoutot
3e3c60a22a Use "WORKGROUP" as a default workgroup name. It is the default in Mac OS 
as well as previous Windows versions. At least it gives you a chance to
browse and mount smb shares with gvfs (or any other application using
smb.conf to get the workgroup name) without the need to configure
anything.

input and ok sthen@ on a previous version of this diff
 2010-07-23 12:01:47 +00:00
sthen
1b229bc319 Rather than use Makefile workarounds for the broken shared lib handling, 
fix it in configure.in so it can be sent upstream. From Brad, looks ok to
Ian McWilliam (maintainer).
 2010-07-14 07:20:18 +00:00
sthen
d1c6f80880 use REVISION, checked with before/after make show=PKGNAMES (plus some 
extra-careful checking where there are complicated PSEUDO_FLAVORS).
 2010-07-12 22:07:37 +00:00