Update samba to 3.6.17, security release. ============================== Release Notes for Samba 3.6.17 August 05, 2013 ============================== This is a security release in order to address CVE-2013-4124 (Missing integer wrap protection in EA list reading can cause server to loop with DOS). o CVE-2013-4124: All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local account is needed to exploit this problem, either authenticated or unauthenticated if guest connections are allowed. This flaw is not exploitable beyond causing the code to loop allocating memory, which may cause the machine to exceed memory limits. Changes since 3.6.16: --------------------- o Jeremy Allison <jra@samba.org> * BUG 10010: CVE-2013-4124: Missing integer wrap protection in EA list reading can cause server to loop with DOS.diff -r1.236 -r1.237 pkgsrc/net/samba/Makefile
(taca)
@@ -1,25 +1,25 @@ | @@ -1,25 +1,25 @@ | |||
1 | # $NetBSD: Makefile,v 1.236 2013/07/15 02:02:27 ryoon Exp $ | 1 | # $NetBSD: Makefile,v 1.237 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | DISTNAME= samba-${VERSION} | 3 | DISTNAME= samba-${VERSION} | |
4 | CATEGORIES= net | 4 | CATEGORIES= net | |
5 | MASTER_SITES= ${SAMBA_MIRRORS:=stable/} | 5 | MASTER_SITES= ${SAMBA_MIRRORS:=stable/} | |
6 | 6 | |||
7 | MAINTAINER= pkgsrc-users@NetBSD.org | 7 | MAINTAINER= pkgsrc-users@NetBSD.org | |
8 | HOMEPAGE= http://www.samba.org/ | 8 | HOMEPAGE= http://www.samba.org/ | |
9 | COMMENT= SMB/CIFS protocol server suite | 9 | COMMENT= SMB/CIFS protocol server suite | |
10 | LICENSE= gnu-gpl-v3 | 10 | LICENSE= gnu-gpl-v3 | |
11 | 11 | |||
12 | VERSION= 3.6.16 | 12 | VERSION= 3.6.17 | |
13 | CONFLICTS+= ja-samba-[0-9]* pam-smbpass-[0-9]* winbind-[0-9]* | 13 | CONFLICTS+= ja-samba-[0-9]* pam-smbpass-[0-9]* winbind-[0-9]* | |
14 | 14 | |||
15 | FILESDIR= ${PKGDIR}/../../net/samba/files | 15 | FILESDIR= ${PKGDIR}/../../net/samba/files | |
16 | DESCR_SRC= ${PKGDIR}/../../net/samba/DESCR | 16 | DESCR_SRC= ${PKGDIR}/../../net/samba/DESCR | |
17 | MESSAGE_SRC= ${PKGDIR}/../../net/samba/MESSAGE | 17 | MESSAGE_SRC= ${PKGDIR}/../../net/samba/MESSAGE | |
18 | WRKSRC= ${WRKDIR}/${DISTNAME}/source3 | 18 | WRKSRC= ${WRKDIR}/${DISTNAME}/source3 | |
19 | BUILD_DEFS+= VARBASE | 19 | BUILD_DEFS+= VARBASE | |
20 | 20 | |||
21 | .include "../../mk/bsd.prefs.mk" | 21 | .include "../../mk/bsd.prefs.mk" | |
22 | 22 | |||
23 | PKG_SYSCONFSUBDIR= samba | 23 | PKG_SYSCONFSUBDIR= samba | |
24 | SAMBA_ETCDIR?= ${PKG_SYSCONFDIR} | 24 | SAMBA_ETCDIR?= ${PKG_SYSCONFDIR} | |
25 | SAMBA_LIBDIR?= ${PREFIX}/lib | 25 | SAMBA_LIBDIR?= ${PREFIX}/lib |
@@ -1,32 +1,32 @@ | @@ -1,32 +1,32 @@ | |||
1 | $NetBSD: distinfo,v 1.91 2013/07/03 20:00:47 adam Exp $ | 1 | $NetBSD: distinfo,v 1.92 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (samba-3.6.16.tar.gz) = 6d17b6b1c5f2d9fe7f6a98786f7d61f65fa7859a | 3 | SHA1 (samba-3.6.17.tar.gz) = e0e9921e87328667e7379c72130c5c800737846f | |
4 | RMD160 (samba-3.6.16.tar.gz) = e5e26a43d435a1bd2a8b91be762eef3380b3a794 | 4 | RMD160 (samba-3.6.17.tar.gz) = 0280da9cd7fa97e3e0d8121a0d7cdc1228d6d9d3 | |
5 | Size (samba-3.6.16.tar.gz) = 34108738 bytes | 5 | Size (samba-3.6.17.tar.gz) = 34110538 bytes | |
6 | SHA1 (patch-aa) = 6c8497adce78e8b1dea2a0402d4a980b67b57b8e | 6 | SHA1 (patch-aa) = 6c8497adce78e8b1dea2a0402d4a980b67b57b8e | |
7 | SHA1 (patch-ab) = 0372ff2e3caca866dacd6ed25ae1d02e34a5b567 | 7 | SHA1 (patch-ab) = 0372ff2e3caca866dacd6ed25ae1d02e34a5b567 | |
8 | SHA1 (patch-ac) = 5b1c0fdb781cb75f81af71ed2695144d4a35e032 | 8 | SHA1 (patch-ac) = 25edbd616199b7dcb41f87aa1374d0bdf19cafec | |
9 | SHA1 (patch-ad) = 447aaf4ea4cc98f0ccd5a3a22e1ffec0e69a3971 | 9 | SHA1 (patch-ad) = 750b0c08d9975a257bec09088cb38414a1299070 | |
10 | SHA1 (patch-ae) = 6698c698dc64c0f3df159157d182eae6aaa70958 | 10 | SHA1 (patch-ae) = de70580b293f4b964bc39b95c6a27511faaf088a | |
11 | SHA1 (patch-af) = c76fa31b80d2a0686fe2c42ab6e860d794b4f111 | 11 | SHA1 (patch-af) = 433379f00214ef066043c6c6763cab41a39f3e18 | |
12 | SHA1 (patch-ag) = d84aeab73f22e372f0d275276f4a1160b240199c | 12 | SHA1 (patch-ag) = d84aeab73f22e372f0d275276f4a1160b240199c | |
13 | SHA1 (patch-ah) = a75ab50dbdb2de48915e55e43d06e713275b23e2 | 13 | SHA1 (patch-ah) = d4dc5c01fae6b72fb8902b32c0c5b668a918ce49 | |
14 | SHA1 (patch-ai) = 0a12dcfabcab7986968493d5f06701d06c3d5386 | 14 | SHA1 (patch-ai) = 2161f55d4f1ffe13fa24387349bb9ac71dae5521 | |
15 | SHA1 (patch-aj) = c83d02c15bcb359809c4558885a706cd5c1a686b | 15 | SHA1 (patch-aj) = bb9ad5a44922eb067d1d84cd9ea444b671297e5c | |
16 | SHA1 (patch-ak) = cb51a96310eb7dde14351e4f12b68ce8d52c92c3 | 16 | SHA1 (patch-ak) = 0c4e6c9f80e3ae5ecc71054ffacf39eba5c2d439 | |
17 | SHA1 (patch-am) = c4054a6923c2a599f3c9e56a06dbde2b8fc59335 | 17 | SHA1 (patch-am) = c4054a6923c2a599f3c9e56a06dbde2b8fc59335 | |
18 | SHA1 (patch-an) = a9b31b791d979a1062006bbe55375aaab69210a1 | 18 | SHA1 (patch-an) = d486b7a05ebaaeb494f8c66d11ad2012053713f8 | |
19 | SHA1 (patch-ao) = bc31d3003bdaad141652daff2e0b6b3cafcee8c1 | 19 | SHA1 (patch-ao) = 688f4180eb728363a1e616320464a6410f1ffced | |
20 | SHA1 (patch-aq) = c3d1a3045364bebaa6c90967837907bd1de0964b | 20 | SHA1 (patch-aq) = 1eef65b3a798b3f80cc71f5d1f43b54c11782c0f | |
21 | SHA1 (patch-ar) = 5213b0a3d95d106939c2e268a8538c5e2901079a | 21 | SHA1 (patch-ar) = 5213b0a3d95d106939c2e268a8538c5e2901079a | |
22 | SHA1 (patch-as) = a9fcb1813d55d598bf1226cf004de85701c93e61 | 22 | SHA1 (patch-as) = 98db2b3242bd4f6b41284d418acdcebb7f42d36f | |
23 | SHA1 (patch-at) = dcfbe79496065559380e5713a758816e538e728b | 23 | SHA1 (patch-at) = dcfbe79496065559380e5713a758816e538e728b | |
24 | SHA1 (patch-au) = f94b27a5792acfa3742b4c07b23b3395b73eba84 | 24 | SHA1 (patch-au) = f94b27a5792acfa3742b4c07b23b3395b73eba84 | |
25 | SHA1 (patch-av) = fccde3e48f2b3de3b1adfaa488a67c57696d1a83 | 25 | SHA1 (patch-av) = ee4652f6278eea9b2208dacfba9b075bd60dd54b | |
26 | SHA1 (patch-aw) = 36cb31313cdbd1e4670f33924371df5ed3390420 | 26 | SHA1 (patch-aw) = 772678763cfc9df298eb6d0a65c24a8372852309 | |
27 | SHA1 (patch-ba) = 87799a62831b45e6cde8c36fbafbc08596411f98 | 27 | SHA1 (patch-ba) = 64d88570f2e15db4f8769c7865e0793eb8909c2b | |
28 | SHA1 (patch-bb) = 6283ffa8781d0c069f81e80704a018028e6b2b50 | 28 | SHA1 (patch-bb) = bfc730bc2f82aff61bdf1000ab33333368a162bd | |
29 | SHA1 (patch-bc) = 857e2400c8852f3c878f8d82857e80f214be2aea | 29 | SHA1 (patch-bc) = 857e2400c8852f3c878f8d82857e80f214be2aea | |
30 | SHA1 (patch-bd) = b78324305bbf67fa4a7dd627e0af1618d2bf7b47 | 30 | SHA1 (patch-bd) = b78324305bbf67fa4a7dd627e0af1618d2bf7b47 | |
31 | SHA1 (patch-be) = 2b298e596f2f57a595b83619ba68f6ad95febaaa | 31 | SHA1 (patch-be) = 2b298e596f2f57a595b83619ba68f6ad95febaaa | |
32 | SHA1 (patch-bf) = 19932332d11ce447293b061cd47506fef3d01853 | 32 | SHA1 (patch-bf) = 19932332d11ce447293b061cd47506fef3d01853 |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-ac,v 1.14 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ac,v 1.15 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- libads/kerberos.c.orig 2010-12-05 21:57:18.000000000 +0000 | 3 | --- libads/kerberos.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ libads/kerberos.c | 4 | +++ libads/kerberos.c | |
5 | @@ -460,7 +460,7 @@ char* kerberos_secrets_fetch_des_salt( v | 5 | @@ -411,7 +411,7 @@ char* kerberos_secrets_fetch_des_salt( v | |
6 | 6 | |||
7 | if ( (key = des_salt_key()) == NULL ) { | 7 | if ( (key = des_salt_key()) == NULL ) { | |
8 | DEBUG(0,("kerberos_secrets_fetch_des_salt: failed to generate key!\n")); | 8 | DEBUG(0,("kerberos_secrets_fetch_des_salt: failed to generate key!\n")); | |
9 | - return False; | 9 | - return False; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | } | 11 | } | |
12 | 12 | |||
13 | salt = (char*)secrets_fetch( key, NULL ); | 13 | salt = (char*)secrets_fetch( key, NULL ); |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-ad,v 1.18 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ad,v 1.19 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- VERSION.orig 2010-01-14 10:12:10.000000000 +0000 | 3 | --- VERSION.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ VERSION | 4 | +++ VERSION | |
5 | @@ -84,7 +84,7 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT= | 5 | @@ -84,7 +84,7 @@ SAMBA_VERSION_IS_GIT_SNAPSHOT=no | |
6 | # SAMBA_VERSION_VENDOR_FUNCTION # | 6 | # SAMBA_VERSION_VENDOR_FUNCTION # | |
7 | # # | 7 | # # | |
8 | ######################################################## | 8 | ######################################################## | |
9 | -SAMBA_VERSION_VENDOR_SUFFIX= | 9 | -SAMBA_VERSION_VENDOR_SUFFIX= | |
10 | +SAMBA_VERSION_VENDOR_SUFFIX="pkgsrc" | 10 | +SAMBA_VERSION_VENDOR_SUFFIX="pkgsrc" | |
11 | SAMBA_VERSION_VENDOR_PATCH= | 11 | SAMBA_VERSION_VENDOR_PATCH= | |
12 | 12 | |||
13 | ######################################################## | 13 | ######################################################## |
@@ -1,15 +1,15 @@ | @@ -1,15 +1,15 @@ | |||
1 | $NetBSD: patch-ae,v 1.10 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ae,v 1.11 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- auth/pampass.c.orig 2010-01-14 10:12:10.000000000 +0000 | 3 | --- auth/pampass.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ auth/pampass.c | 4 | +++ auth/pampass.c | |
5 | @@ -46,6 +46,10 @@ | 5 | @@ -48,6 +48,10 @@ | |
6 | #include <pam/pam_appl.h> | 6 | #include <pam/pam_appl.h> | |
7 | #endif | 7 | #endif | |
8 | 8 | |||
9 | +#if defined(PAM_AUTHTOK_RECOVERY_ERR) && !defined(PAM_AUTHTOK_RECOVER_ERR) | 9 | +#if defined(PAM_AUTHTOK_RECOVERY_ERR) && !defined(PAM_AUTHTOK_RECOVER_ERR) | |
10 | +#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR | 10 | +#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR | |
11 | +#endif | 11 | +#endif | |
12 | + | 12 | + | |
13 | /* | 13 | /* | |
14 | * Structure used to communicate between the conversation function | 14 | * Structure used to communicate between the conversation function | |
15 | * and the server_login/change password functions. | 15 | * and the server_login/change password functions. |
@@ -1,16 +1,16 @@ | @@ -1,16 +1,16 @@ | |||
1 | $NetBSD: patch-ba,v 1.10 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ba,v 1.11 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- configure.in.orig 2011-08-03 18:24:05.000000000 +0000 | 3 | --- configure.in.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ configure.in | 4 | +++ configure.in | |
5 | @@ -6239,6 +6239,11 @@ AC_CHECK_MEMBER(struct passwd.pw_age, | 5 | @@ -6541,6 +6541,11 @@ AC_CHECK_MEMBER(struct passwd.pw_age, | |
6 | AC_DEFINE(HAVE_PASSWD_PW_AGE, 1, [Defined if struct passwd has pw_age field]),, | 6 | AC_DEFINE(HAVE_PASSWD_PW_AGE, 1, [Defined if struct passwd has pw_age field]),, | |
7 | [#include <pwd.h>]) | 7 | [#include <pwd.h>]) | |
8 | 8 | |||
9 | +# NetBSD | 9 | +# NetBSD | |
10 | +AC_CHECK_MEMBER(struct passwd.pw_class, | 10 | +AC_CHECK_MEMBER(struct passwd.pw_class, | |
11 | + AC_DEFINE(HAVE_PASSWD_PW_CLASS, 1, [Defined if struct passwd has pw_class field]),, | 11 | + AC_DEFINE(HAVE_PASSWD_PW_CLASS, 1, [Defined if struct passwd has pw_class field]),, | |
12 | + [#include <pwd.h>]) | 12 | + [#include <pwd.h>]) | |
13 | + | 13 | + | |
14 | # AIX 4.3.x and 5.1 do not have as many members in | 14 | # AIX 4.3.x and 5.1 do not have as many members in | |
15 | # struct secmethod_table as AIX 5.2 | 15 | # struct secmethod_table as AIX 5.2 | |
16 | AC_CHECK_MEMBERS([struct secmethod_table.method_attrlist], , , | 16 | AC_CHECK_MEMBERS([struct secmethod_table.method_attrlist], , , |
@@ -1,48 +1,48 @@ | @@ -1,48 +1,48 @@ | |||
1 | $NetBSD: patch-af,v 1.11 2012/12/14 07:39:35 adam Exp $ | 1 | $NetBSD: patch-af,v 1.12 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- configure.orig 2012-12-06 10:40:30.000000000 +0000 | 3 | --- configure.orig 2013-07-29 18:57:14.000000000 +0000 | |
4 | +++ configure | 4 | +++ configure | |
5 | @@ -19487,6 +19487,7 @@ $as_echo "#define DARWINOS 1" >>confdefs | 5 | @@ -19513,6 +19513,7 @@ $as_echo "#define DARWINOS 1" >>confdefs | |
6 | 6 | |||
7 | BLDSHARED="true" | 7 | BLDSHARED="true" | |
8 | LDSHFLAGS="-dynamiclib -flat_namespace -undefined suppress" | 8 | LDSHFLAGS="-dynamiclib -flat_namespace -undefined suppress" | |
9 | + SONAMEFLAG="-install_name \$(LIBDIR)/" | 9 | + SONAMEFLAG="-install_name \$(LIBDIR)/" | |
10 | CFLAGS="$CFLAGS -fno-common" | 10 | CFLAGS="$CFLAGS -fno-common" | |
11 | SHLD="\${CC}" | 11 | SHLD="\${CC}" | |
12 | SHLIBEXT="dylib" | 12 | SHLIBEXT="dylib" | |
13 | @@ -19536,7 +19537,7 @@ fi | 13 | @@ -19562,7 +19563,7 @@ fi | |
14 | 14 | |||
15 | if test "x$enable_as_needed" != xno; then | 15 | if test "x$enable_as_needed" != xno; then | |
16 | saved_before_as_needed_ldflags="$LDFLAGS" | 16 | saved_before_as_needed_ldflags="$LDFLAGS" | |
17 | - for flags in "-Wl,--as-needed" "-Wl,-z,ignore" "-z ignore" ; do | 17 | - for flags in "-Wl,--as-needed" "-Wl,-z,ignore" "-z ignore" ; do | |
18 | + for flags in "-Wl,-z,ignore" "-z ignore" ; do | 18 | + for flags in "-Wl,-z,ignore" "-z ignore" ; do | |
19 | saved_ldflags="$LDFLAGS" | 19 | saved_ldflags="$LDFLAGS" | |
20 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $flags works" >&5 | 20 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $flags works" >&5 | |
21 | $as_echo_n "checking if $flags works... " >&6; } | 21 | $as_echo_n "checking if $flags works... " >&6; } | |
22 | @@ -26337,9 +26338,9 @@ LIBS="-lcrypto $KRB5_LIBS $LIBS" | 22 | @@ -26638,9 +26639,9 @@ LIBS="-lcrypto $KRB5_LIBS $LIBS" | |
23 | 23 | |||
24 | 24 | |||
25 | 25 | |||
26 | - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5 | 26 | - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5 | |
27 | -$as_echo_n "checking for des_set_key in -lcrypto... " >&6; } | 27 | -$as_echo_n "checking for des_set_key in -lcrypto... " >&6; } | |
28 | -if ${ac_cv_lib_ext_crypto_des_set_key+:} false; then : | 28 | -if ${ac_cv_lib_ext_crypto_des_set_key+:} false; then : | |
29 | + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5 | 29 | + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5 | |
30 | +$as_echo_n "checking for EVP_des_cbc in -lcrypto... " >&6; } | 30 | +$as_echo_n "checking for EVP_des_cbc in -lcrypto... " >&6; } | |
31 | +if ${ac_cv_lib_ext_crypto_EVP_des_cbc+:} false; then : | 31 | +if ${ac_cv_lib_ext_crypto_EVP_des_cbc+:} false; then : | |
32 | $as_echo_n "(cached) " >&6 | 32 | $as_echo_n "(cached) " >&6 | |
33 | else | 33 | else | |
34 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | 34 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | |
35 | @@ -26351,31 +26352,31 @@ else | 35 | @@ -26652,31 +26653,31 @@ else | |
36 | #ifdef __cplusplus | 36 | #ifdef __cplusplus | |
37 | extern "C" | 37 | extern "C" | |
38 | #endif | 38 | #endif | |
39 | -char des_set_key (); | 39 | -char des_set_key (); | |
40 | +char EVP_des_cbc (); | 40 | +char EVP_des_cbc (); | |
41 | int | 41 | int | |
42 | main () | 42 | main () | |
43 | { | 43 | { | |
44 | -return des_set_key (); | 44 | -return des_set_key (); | |
45 | +return EVP_des_cbc (); | 45 | +return EVP_des_cbc (); | |
46 | ; | 46 | ; | |
47 | return 0; | 47 | return 0; | |
48 | } | 48 | } | |
@@ -62,27 +62,27 @@ $NetBSD: patch-af,v 1.11 2012/12/14 07:3 | @@ -62,27 +62,27 @@ $NetBSD: patch-af,v 1.11 2012/12/14 07:3 | |||
62 | fi | 62 | fi | |
63 | -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5 | 63 | -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5 | |
64 | -$as_echo "$ac_cv_lib_ext_crypto_des_set_key" >&6; } | 64 | -$as_echo "$ac_cv_lib_ext_crypto_des_set_key" >&6; } | |
65 | - if test $ac_cv_lib_ext_crypto_des_set_key = yes; then : | 65 | - if test $ac_cv_lib_ext_crypto_des_set_key = yes; then : | |
66 | +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5 | 66 | +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5 | |
67 | +$as_echo "$ac_cv_lib_ext_crypto_EVP_des_cbc" >&6; } | 67 | +$as_echo "$ac_cv_lib_ext_crypto_EVP_des_cbc" >&6; } | |
68 | + if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then : | 68 | + if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then : | |
69 | cat >>confdefs.h <<_ACEOF | 69 | cat >>confdefs.h <<_ACEOF | |
70 | -#define HAVE_DES_SET_KEY 1 | 70 | -#define HAVE_DES_SET_KEY 1 | |
71 | +#define HAVE_EVP_DES_CBC 1 | 71 | +#define HAVE_EVP_DES_CBC 1 | |
72 | _ACEOF | 72 | _ACEOF | |
73 | 73 | |||
74 | fi | 74 | fi | |
75 | @@ -35742,31 +35743,39 @@ case "$host_os" in | 75 | @@ -36043,31 +36044,39 @@ case "$host_os" in | |
76 | NSSSONAMEVERSIONSUFFIX=".2" | 76 | NSSSONAMEVERSIONSUFFIX=".2" | |
77 | WINBIND_NSS_EXTRA_OBJS="../nsswitch/winbind_nss_linux.o" | 77 | WINBIND_NSS_EXTRA_OBJS="../nsswitch/winbind_nss_linux.o" | |
78 | ;; | 78 | ;; | |
79 | - *freebsd[5-9]*) | 79 | - *freebsd[5-9]*) | |
80 | - # FreeBSD winbind client is implemented as a wrapper around | 80 | - # FreeBSD winbind client is implemented as a wrapper around | |
81 | - # the Linux version. | 81 | - # the Linux version. | |
82 | - NSSSONAMEVERSIONSUFFIX=".1" | 82 | - NSSSONAMEVERSIONSUFFIX=".1" | |
83 | - WINBIND_NSS_EXTRA_OBJS="../nsswitch/winbind_nss_freebsd.o \ | 83 | - WINBIND_NSS_EXTRA_OBJS="../nsswitch/winbind_nss_freebsd.o \ | |
84 | - ../nsswitch/winbind_nss_linux.o" | 84 | - ../nsswitch/winbind_nss_linux.o" | |
85 | - WINBIND_NSS="../nsswitch/nss_winbind.$SHLIBEXT" | 85 | - WINBIND_NSS="../nsswitch/nss_winbind.$SHLIBEXT" | |
86 | - WINBIND_WINS_NSS="../nsswitch/nss_wins.$SHLIBEXT" | 86 | - WINBIND_WINS_NSS="../nsswitch/nss_wins.$SHLIBEXT" | |
87 | - ;; | 87 | - ;; | |
88 | - | 88 | - |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-ah,v 1.6 2011/12/16 22:32:06 asau Exp $ | 1 | $NetBSD: patch-ah,v 1.7 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- libsmb/cliconnect.c.orig 2011-08-09 15:17:47.000000000 +0400 | 3 | --- libsmb/cliconnect.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ libsmb/cliconnect.c 2011-08-23 16:04:27.000000000 +0400 | 4 | +++ libsmb/cliconnect.c | |
5 | @@ -3523,7 +3523,7 @@ | 5 | @@ -3538,7 +3538,7 @@ struct cli_state *get_ipc_connect_master | |
6 | if (!NT_STATUS_IS_OK(status)) { | 6 | if (!NT_STATUS_IS_OK(status)) { | |
7 | DEBUG(99, ("No master browsers responded: %s\n", | 7 | DEBUG(99, ("No master browsers responded: %s\n", | |
8 | nt_errstr(status))); | 8 | nt_errstr(status))); | |
9 | - return False; | 9 | - return False; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | } | 11 | } | |
12 | 12 | |||
13 | for (i = 0; i < count; i++) { | 13 | for (i = 0; i < count; i++) { |
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | $NetBSD: patch-ai,v 1.6 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ai,v 1.7 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- include/local.h.orig 2010-10-07 16:41:16.000000000 +0000 | 3 | --- include/local.h.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ include/local.h | 4 | +++ include/local.h | |
5 | @@ -189,10 +189,10 @@ | 5 | @@ -175,10 +175,10 @@ | |
6 | * Default passwd chat script. | 6 | * Default passwd chat script. | |
7 | */ | 7 | */ | |
8 | 8 | |||
9 | -#define DEFAULT_PASSWD_CHAT "*new*password* %n\\n *new*password* %n\\n *changed*" | 9 | -#define DEFAULT_PASSWD_CHAT "*new*password* %n\\n *new*password* %n\\n *changed*" | |
10 | +#define DEFAULT_PASSWD_CHAT "*\\n*ew\\spassword* %n\\n *ew\\spassword* %n\\n *updating\\sthe\\sdatabase...\\npasswd:\\sdone\\n" | 10 | +#define DEFAULT_PASSWD_CHAT "*\\n*ew\\spassword* %n\\n *ew\\spassword* %n\\n *updating\\sthe\\sdatabase...\\npasswd:\\sdone\\n" | |
11 | 11 | |||
12 | /* Minimum length of allowed password when changing UNIX password. */ | 12 | /* Minimum length of allowed password when changing UNIX password. */ | |
13 | -#define MINPASSWDLENGTH 5 | 13 | -#define MINPASSWDLENGTH 5 | |
14 | +#define MINPASSWDLENGTH 6 | 14 | +#define MINPASSWDLENGTH 6 | |
15 | 15 | |||
16 | /* maximum ID number used for session control. This cannot be larger | 16 | /* maximum ID number used for session control. This cannot be larger | |
17 | than 62*62 for the current code */ | 17 | than 62*62 for the current code */ |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-aj,v 1.6 2011/12/16 22:32:06 asau Exp $ | 1 | $NetBSD: patch-aj,v 1.7 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- smbd/dir.c.orig 2011-08-09 15:17:47.000000000 +0400 | 3 | --- smbd/dir.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ smbd/dir.c 2011-08-23 16:05:42.000000000 +0400 | 4 | +++ smbd/dir.c | |
5 | @@ -200,7 +200,7 @@ | 5 | @@ -202,7 +202,7 @@ static struct dptr_struct *dptr_get(stru | |
6 | dptr->wcard, dptr->attr))) { | 6 | dptr->wcard, dptr->attr))) { | |
7 | DEBUG(4,("dptr_get: Failed to open %s (%s)\n",dptr->path, | 7 | DEBUG(4,("dptr_get: Failed to open %s (%s)\n",dptr->path, | |
8 | strerror(errno))); | 8 | strerror(errno))); | |
9 | - return False; | 9 | - return False; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | } | 11 | } | |
12 | } | 12 | } | |
13 | DLIST_PROMOTE(sconn->searches.dirptrs,dptr); | 13 | DLIST_PROMOTE(sconn->searches.dirptrs,dptr); |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-ak,v 1.5 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ak,v 1.6 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- intl/lang_tdb.c.orig 2010-01-14 10:12:10.000000000 +0000 | 3 | --- intl/lang_tdb.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ intl/lang_tdb.c | 4 | +++ intl/lang_tdb.c | |
5 | @@ -139,7 +139,7 @@ bool lang_tdb_init(const char *lang) | 5 | @@ -142,7 +142,7 @@ bool lang_tdb_init(const char *lang) | |
6 | goto done; | 6 | goto done; | |
7 | } | 7 | } | |
8 | 8 | |||
9 | - if (asprintf(&path, "%s%s.tdb", lock_path("lang_"), lang) == -1) { | 9 | - if (asprintf(&path, "%s%s.tdb", lock_path("lang_"), lang) == -1) { | |
10 | + if (asprintf(&path, "%s%s.tdb", state_path("lang_"), lang) == -1) { | 10 | + if (asprintf(&path, "%s%s.tdb", state_path("lang_"), lang) == -1) { | |
11 | DEBUG(0, ("asprintf failed\n")); | 11 | DEBUG(0, ("asprintf failed\n")); | |
12 | goto done; | 12 | goto done; | |
13 | } | 13 | } |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-an,v 1.3 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-an,v 1.4 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- smbd/ntquotas.c.orig 2010-12-05 21:00:36.000000000 +0000 | 3 | --- smbd/ntquotas.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ smbd/ntquotas.c | 4 | +++ smbd/ntquotas.c | |
5 | @@ -234,7 +234,7 @@ void *init_quota_handle(TALLOC_CTX *mem_ | 5 | @@ -239,7 +239,7 @@ void *init_quota_handle(TALLOC_CTX *mem_ | |
6 | SMB_NTQUOTA_HANDLE *qt_handle; | 6 | SMB_NTQUOTA_HANDLE *qt_handle; | |
7 | 7 | |||
8 | if (!mem_ctx) | 8 | if (!mem_ctx) | |
9 | - return False; | 9 | - return False; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | 11 | |||
12 | qt_handle = TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_HANDLE); | 12 | qt_handle = TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_HANDLE); | |
13 | if (qt_handle==NULL) { | 13 | if (qt_handle==NULL) { |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-ao,v 1.3 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-ao,v 1.4 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- libsmb/samlogon_cache.c.orig 2010-12-05 21:01:38.000000000 +0000 | 3 | --- libsmb/samlogon_cache.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ libsmb/samlogon_cache.c | 4 | +++ libsmb/samlogon_cache.c | |
5 | @@ -217,7 +217,7 @@ struct netr_SamInfo3 *netsamlogon_cache_ | 5 | @@ -212,7 +212,7 @@ struct netr_SamInfo3 *netsamlogon_cache_ | |
6 | if (!netsamlogon_cache_init()) { | 6 | if (!netsamlogon_cache_init()) { | |
7 | DEBUG(0,("netsamlogon_cache_get: cannot open %s for write!\n", | 7 | DEBUG(0,("netsamlogon_cache_get: cannot open %s for write!\n", | |
8 | NETSAMLOGON_TDB)); | 8 | NETSAMLOGON_TDB)); | |
9 | - return false; | 9 | - return false; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | } | 11 | } | |
12 | 12 | |||
13 | /* Prepare key as DOMAIN-SID/USER-RID string */ | 13 | /* Prepare key as DOMAIN-SID/USER-RID string */ |
@@ -1,46 +1,46 @@ | @@ -1,46 +1,46 @@ | |||
1 | $NetBSD: patch-aq,v 1.3 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-aq,v 1.4 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | Add support for passwd expand gecos | 3 | Add support for passwd expand gecos | |
4 | 4 | |||
5 | --- param/loadparm.c.orig 2011-06-14 11:17:28.000000000 +0000 | 5 | --- param/loadparm.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
6 | +++ param/loadparm.c | 6 | +++ param/loadparm.c | |
7 | @@ -310,6 +310,7 @@ struct global { | 7 | @@ -325,6 +325,7 @@ struct global { | |
8 | bool bUnixPasswdSync; | 8 | bool bUnixPasswdSync; | |
9 | bool bPasswdChatDebug; | 9 | bool bPasswdChatDebug; | |
10 | int iPasswdChatTimeout; | 10 | int iPasswdChatTimeout; | |
11 | + bool bPasswdExpandGecos; | 11 | + bool bPasswdExpandGecos; | |
12 | bool bTimestampLogs; | 12 | bool bTimestampLogs; | |
13 | bool bNTSmbSupport; | 13 | bool bNTSmbSupport; | |
14 | bool bNTPipeSupport; | 14 | bool bNTPipeSupport; | |
15 | @@ -1297,6 +1298,15 @@ static struct parm_struct parm_table[] = | 15 | @@ -1310,6 +1311,15 @@ static struct parm_struct parm_table[] = | |
16 | .flags = FLAG_ADVANCED, | 16 | .flags = FLAG_ADVANCED, | |
17 | }, | 17 | }, | |
18 | { | 18 | { | |
19 | + .label = "passwd expand gecos", | 19 | + .label = "passwd expand gecos", | |
20 | + .type = P_BOOL, | 20 | + .type = P_BOOL, | |
21 | + .p_class = P_GLOBAL, | 21 | + .p_class = P_GLOBAL, | |
22 | + .ptr = &Globals.bPasswdExpandGecos, | 22 | + .ptr = &Globals.bPasswdExpandGecos, | |
23 | + .special = NULL, | 23 | + .special = NULL, | |
24 | + .enum_list = NULL, | 24 | + .enum_list = NULL, | |
25 | + .flags = FLAG_ADVANCED, | 25 | + .flags = FLAG_ADVANCED, | |
26 | + }, | 26 | + }, | |
27 | + { | 27 | + { | |
28 | .label = "check password script", | 28 | .label = "check password script", | |
29 | .type = P_STRING, | 29 | .type = P_STRING, | |
30 | .p_class = P_GLOBAL, | 30 | .p_class = P_GLOBAL, | |
31 | @@ -5074,6 +5084,7 @@ static void init_globals(bool first_time | 31 | @@ -5327,6 +5337,7 @@ static void init_globals(bool reinit_glo | |
32 | Globals.bPamPasswordChange = False; | 32 | Globals.bPamPasswordChange = False; | |
33 | Globals.bPasswdChatDebug = False; | 33 | Globals.bPasswdChatDebug = False; | |
34 | Globals.iPasswdChatTimeout = 2; /* 2 second default. */ | 34 | Globals.iPasswdChatTimeout = 2; /* 2 second default. */ | |
35 | + Globals.bPasswdExpandGecos = False; | 35 | + Globals.bPasswdExpandGecos = False; | |
36 | Globals.bNTPipeSupport = True; /* Do NT pipes by default. */ | 36 | Globals.bNTPipeSupport = True; /* Do NT pipes by default. */ | |
37 | Globals.bNTStatusSupport = True; /* Use NT status by default. */ | 37 | Globals.bNTStatusSupport = True; /* Use NT status by default. */ | |
38 | Globals.bStatCache = True; /* use stat cache by default */ | 38 | Globals.bStatCache = True; /* use stat cache by default */ | |
39 | @@ -5528,6 +5539,7 @@ FN_GLOBAL_BOOL(lp_pam_password_change, & | 39 | @@ -5809,6 +5820,7 @@ FN_GLOBAL_BOOL(lp_pam_password_change, & | |
40 | FN_GLOBAL_BOOL(lp_unix_password_sync, &Globals.bUnixPasswdSync) | 40 | FN_GLOBAL_BOOL(lp_unix_password_sync, &Globals.bUnixPasswdSync) | |
41 | FN_GLOBAL_BOOL(lp_passwd_chat_debug, &Globals.bPasswdChatDebug) | 41 | FN_GLOBAL_BOOL(lp_passwd_chat_debug, &Globals.bPasswdChatDebug) | |
42 | FN_GLOBAL_INTEGER(lp_passwd_chat_timeout, &Globals.iPasswdChatTimeout) | 42 | FN_GLOBAL_INTEGER(lp_passwd_chat_timeout, &Globals.iPasswdChatTimeout) | |
43 | +FN_GLOBAL_BOOL(lp_passwd_expand_gecos, &Globals.bPasswdExpandGecos) | 43 | +FN_GLOBAL_BOOL(lp_passwd_expand_gecos, &Globals.bPasswdExpandGecos) | |
44 | FN_GLOBAL_BOOL(lp_nt_pipe_support, &Globals.bNTPipeSupport) | 44 | FN_GLOBAL_BOOL(lp_nt_pipe_support, &Globals.bNTPipeSupport) | |
45 | FN_GLOBAL_BOOL(lp_nt_status_support, &Globals.bNTStatusSupport) | 45 | FN_GLOBAL_BOOL(lp_nt_status_support, &Globals.bNTStatusSupport) | |
46 | FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache) | 46 | FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache) |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-as,v 1.3 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-as,v 1.4 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- script/installmodules.sh.orig 2010-01-14 10:12:10.000000000 +0000 | 3 | --- script/installmodules.sh.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ script/installmodules.sh | 4 | +++ script/installmodules.sh | |
5 | @@ -11,7 +11,7 @@ shift | 5 | @@ -11,7 +11,7 @@ shift | |
6 | 6 | |||
7 | for d in $prefix $LIBDIR; do | 7 | for d in $prefix $LIBDIR; do | |
8 | if [ ! -d $DESTDIR/$d ]; then | 8 | if [ ! -d $DESTDIR/$d ]; then | |
9 | -mkdir $DESTDIR/$d | 9 | -mkdir $DESTDIR/$d | |
10 | +mkdir -p $DESTDIR/$d | 10 | +mkdir -p $DESTDIR/$d | |
11 | if [ ! -d $DESTDIR/$d ]; then | 11 | if [ ! -d $DESTDIR/$d ]; then | |
12 | echo Failed to make directory $DESTDIR/$d | 12 | echo Failed to make directory $DESTDIR/$d | |
13 | exit 1 | 13 | exit 1 |
@@ -1,13 +1,13 @@ | @@ -1,13 +1,13 @@ | |||
1 | $NetBSD: patch-aw,v 1.3 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-aw,v 1.4 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- winbindd/winbindd_cache.c.orig 2010-12-05 21:02:29.000000000 +0000 | 3 | --- winbindd/winbindd_cache.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ winbindd/winbindd_cache.c | 4 | +++ winbindd/winbindd_cache.c | |
5 | @@ -4438,7 +4438,7 @@ struct winbindd_tdc_domain * wcache_tdc_ | 5 | @@ -4623,7 +4623,7 @@ struct winbindd_tdc_domain * wcache_tdc_ | |
6 | DEBUG(10,("wcache_tdc_fetch_domain: Searching for domain %s\n", name)); | 6 | DEBUG(10,("wcache_tdc_fetch_domain: Searching for domain %s\n", name)); | |
7 | 7 | |||
8 | if ( !init_wcache() ) { | 8 | if ( !init_wcache() ) { | |
9 | - return false; | 9 | - return false; | |
10 | + return NULL; | 10 | + return NULL; | |
11 | } | 11 | } | |
12 | 12 | |||
13 | /* fetch the list */ | 13 | /* fetch the list */ |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | $NetBSD: patch-av,v 1.4 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-av,v 1.5 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- smbd/server.c.orig 2010-10-07 16:41:16.000000000 +0000 | 3 | --- smbd/server.c.orig 2013-07-29 18:55:18.000000000 +0000 | |
4 | +++ smbd/server.c | 4 | +++ smbd/server.c | |
5 | @@ -1210,6 +1210,9 @@ extern void build_options(bool screen); | 5 | @@ -1154,6 +1154,9 @@ extern void build_options(bool screen); | |
6 | if (!directory_exist(lp_lockdir())) | 6 | if (!directory_exist(lp_lockdir())) | |
7 | mkdir(lp_lockdir(), 0755); | 7 | mkdir(lp_lockdir(), 0755); | |
8 | 8 | |||
9 | + if (!directory_exist(lp_statedir())) | 9 | + if (!directory_exist(lp_statedir())) | |
10 | + mkdir(lp_statedir(), 0755); | 10 | + mkdir(lp_statedir(), 0755); | |
11 | + | 11 | + | |
12 | if (is_daemon) | 12 | if (is_daemon) | |
13 | pidfile_create("smbd"); | 13 | pidfile_create("smbd"); | |
14 | 14 |
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | $NetBSD: patch-bb,v 1.4 2011/12/16 11:05:24 asau Exp $ | 1 | $NetBSD: patch-bb,v 1.5 2013/08/12 02:45:55 taca Exp $ | |
2 | 2 | |||
3 | --- include/config.h.in.orig 2011-08-03 18:25:13.000000000 +0000 | 3 | --- include/config.h.in.orig 2013-07-29 18:57:13.000000000 +0000 | |
4 | +++ include/config.h.in | 4 | +++ include/config.h.in | |
5 | @@ -1688,6 +1688,9 @@ | 5 | @@ -1598,6 +1598,9 @@ | |
6 | /* Defined if struct passwd has pw_age field */ | 6 | /* Defined if struct passwd has pw_age field */ | |
7 | #undef HAVE_PASSWD_PW_AGE | 7 | #undef HAVE_PASSWD_PW_AGE | |
8 | 8 | |||
9 | +/* Defined if struct passwd has pw_class field */ | 9 | +/* Defined if struct passwd has pw_class field */ | |
10 | +#undef HAVE_PASSWD_PW_CLASS | 10 | +#undef HAVE_PASSWD_PW_CLASS | |
11 | + | 11 | + | |
12 | /* Defined if struct passwd has pw_comment field */ | 12 | /* Defined if struct passwd has pw_comment field */ | |
13 | #undef HAVE_PASSWD_PW_COMMENT | 13 | #undef HAVE_PASSWD_PW_COMMENT | |
14 | 14 |