diff options
| author |   Tiziano Müller <dev-zero@gentoo.org> | 2007-05-26 12:50:43 +0000 |
|---|---|---|
| committer | Tiziano Müller <dev-zero@gentoo.org> | 2007-05-26 12:50:43 +0000 |
| commit | 0fc0c38d98d18da67210e3dcb8976732cee42a3a (patch) | |
| tree | 9ead58a7b4d2ec493fda739e7f5de9e1355d3fdf /net-fs | |
| parent | Add calls to java-pkg-2_pkg_setup, see bug #179788. (diff) | |
| download | historical-0fc0c38d98d18da67210e3dcb8976732cee42a3a.tar.gz historical-0fc0c38d98d18da67210e3dcb8976732cee42a3a.tar.bz2 historical-0fc0c38d98d18da67210e3dcb8976732cee42a3a.zip | |
Updated security patches (bug #179867, thanks to Rafael Antonio Porras)
Package-Manager: portage-2.1.2.7
Diffstat (limited to 'net-fs')
| -rw-r--r-- | net-fs/samba/ChangeLog | 9 | ||||
| -rw-r--r-- | net-fs/samba/Manifest | 23 | ||||
| -rw-r--r-- | net-fs/samba/files/3.0.24-heap_overflow_v2.patch | 785 | ||||
| -rw-r--r-- | net-fs/samba/files/3.0.24-sid2name_elevation_v2.patch | 168 | ||||
| -rw-r--r-- | net-fs/samba/files/digest-samba-3.0.24-r3 | 9 | ||||
| -rw-r--r-- | net-fs/samba/samba-3.0.24-r3.ebuild | 304 |
6 files changed, 1293 insertions, 5 deletions
diff --git a/net-fs/samba/ChangeLog b/net-fs/samba/ChangeLog index a485913cdbf5..2b53eaf4a8b2 100644 --- a/net-fs/samba/ChangeLog +++ b/net-fs/samba/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-fs/samba # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.285 2007/05/15 12:38:57 armin76 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.286 2007/05/26 12:50:43 dev-zero Exp $ + +*samba-3.0.24-r3 (26 May 2007) + + 26 May 2007; Tiziano Müller <dev-zero@gentoo.org> + +files/3.0.24-heap_overflow_v2.patch, + +files/3.0.24-sid2name_elevation_v2.patch, +samba-3.0.24-r3.ebuild: + Updated security patches (bug #179867, thanks to Rafael Antonio Porras) 15 May 2007; Raúl Porcel <armin76@gentoo.org> samba-3.0.24-r2.ebuild: alpha stable wrt security bug 177029 diff --git a/net-fs/samba/Manifest b/net-fs/samba/Manifest index c561d915da3e..347a9e79e419 100644 --- a/net-fs/samba/Manifest +++ b/net-fs/samba/Manifest @@ -2,6 +2,10 @@ AUX 3.0.24-heap_overflow.patch 8427 RMD160 b0638a084e7c8f8d570b42ff4b599908223f9 MD5 e24f5354cb5cb1d8c7cf4939399932d7 files/3.0.24-heap_overflow.patch 8427 RMD160 b0638a084e7c8f8d570b42ff4b599908223f9ec2 files/3.0.24-heap_overflow.patch 8427 SHA256 0bf2b93b3680e493175b39b6b11da1c0d05f2feeeed63a17575732464d7a942e files/3.0.24-heap_overflow.patch 8427 +AUX 3.0.24-heap_overflow_v2.patch 24130 RMD160 460c29604bbd621ee3d62a3ebba559291821885c SHA1 a3caceb5ab08dcdf5bf5784243422ef16b3978b1 SHA256 6eb325db790dd5ace66a309c0f03d405b8d7af1a8a9dcc5ff1f1a90fb698fa94 +MD5 00aacadad79fe3e1c11a9807a5b61bc1 files/3.0.24-heap_overflow_v2.patch 24130 +RMD160 460c29604bbd621ee3d62a3ebba559291821885c files/3.0.24-heap_overflow_v2.patch 24130 +SHA256 6eb325db790dd5ace66a309c0f03d405b8d7af1a8a9dcc5ff1f1a90fb698fa94 files/3.0.24-heap_overflow_v2.patch 24130 AUX 3.0.24-shell_escape.patch 6234 RMD160 96af89d98f71bda674e92e57c0afb867dbda9252 SHA1 15e4061e4883c195101078bbcf772be9c23d75e2 SHA256 2d2bbf5abe60ec9623a5573cf6b3355ac277a6967f06631a7bd52907dc28b98b MD5 7fd8aaf555636af132ebc88a9c3be140 files/3.0.24-shell_escape.patch 6234 RMD160 96af89d98f71bda674e92e57c0afb867dbda9252 files/3.0.24-shell_escape.patch 6234 @@ -10,6 +14,10 @@ AUX 3.0.24-sid2name_elevation.patch 3026 RMD160 2bd5ed0106441097fe50bab91a342575 MD5 9e83f4af1742a064fbc44580d61b180b files/3.0.24-sid2name_elevation.patch 3026 RMD160 2bd5ed0106441097fe50bab91a34257584e16950 files/3.0.24-sid2name_elevation.patch 3026 SHA256 681e270c19256e4b6b2bf79a756147030294034453a21819073b3d0c8ed070fe files/3.0.24-sid2name_elevation.patch 3026 +AUX 3.0.24-sid2name_elevation_v2.patch 4776 RMD160 8a0e4c444fbe12a4487d02953026c8182cd4da8b SHA1 42bec6aa048ac4fa0ea178449ae3354212c8a790 SHA256 069954e3dbcc2904a673a19269b65f1f8b6b64d08de7d8d44d3462f349aa3c85 +MD5 af06739a1ad5efad42cc240d2d754156 files/3.0.24-sid2name_elevation_v2.patch 4776 +RMD160 8a0e4c444fbe12a4487d02953026c8182cd4da8b files/3.0.24-sid2name_elevation_v2.patch 4776 +SHA256 069954e3dbcc2904a673a19269b65f1f8b6b64d08de7d8d44d3462f349aa3c85 files/3.0.24-sid2name_elevation_v2.patch 4776 AUX README.gentoo 3208 RMD160 858aee78e07bdc0ebee7bc6c2212d4c528325633 SHA1 819ae809566e967cdc03024adae4443c5833dfc5 SHA256 9e87efa3fcea73becdfad4adb0fe677e1969c2951f03c47d1b0f4aeb00999578 MD5 2c134a0ccc3f2cc76669edd86d7476df files/README.gentoo 3208 RMD160 858aee78e07bdc0ebee7bc6c2212d4c528325633 files/README.gentoo 3208 @@ -40,14 +48,18 @@ EBUILD samba-3.0.24-r2.ebuild 8557 RMD160 b8e6c85903bc69ebc9d3cf374bf83044d00620 MD5 5020501cb010c2ad03c1440763cc5a25 samba-3.0.24-r2.ebuild 8557 RMD160 b8e6c85903bc69ebc9d3cf374bf83044d006207b samba-3.0.24-r2.ebuild 8557 SHA256 7b935b393d506ffd5e9d52c49444591723f5ab8389c4a888f8cb0e33fd35317b samba-3.0.24-r2.ebuild 8557 +EBUILD samba-3.0.24-r3.ebuild 8572 RMD160 8094e0a32e561533b39128922fab3094a7c0bfc0 SHA1 9f3d03c3595c56471f6cfc6dd4127b2f9030d873 SHA256 ed7a2cb79283edb73e7dcde5ad06af1581e0b18b19574d8bd4c2d327d3ea2956 +MD5 df14345b4c97a465af68114a383f4c6a samba-3.0.24-r3.ebuild 8572 +RMD160 8094e0a32e561533b39128922fab3094a7c0bfc0 samba-3.0.24-r3.ebuild 8572 +SHA256 ed7a2cb79283edb73e7dcde5ad06af1581e0b18b19574d8bd4c2d327d3ea2956 samba-3.0.24-r3.ebuild 8572 EBUILD samba-3.0.24.ebuild 8398 RMD160 17aeb15083511266669b9540efc759abd0a502ce SHA1 fac6a194c357f973d1af87ee85b383c1ffe79ffb SHA256 6504f5ed334fe870610140b09008ead2bc0f6ac250f29682203119dcebccdcfb MD5 1e846cf8caf46a3ea8a6798358d974bd samba-3.0.24.ebuild 8398 RMD160 17aeb15083511266669b9540efc759abd0a502ce samba-3.0.24.ebuild 8398 SHA256 6504f5ed334fe870610140b09008ead2bc0f6ac250f29682203119dcebccdcfb samba-3.0.24.ebuild 8398 -MISC ChangeLog 48584 RMD160 4e99e59db51fd28414809bcb8552a4b178a93d79 SHA1 f3d9cc7b684d2ef0d067c056288b46bd51c60cd7 SHA256 9ececff32d66eba53d1f28a0a747429218cdc9136fe30830c9de8381695d7fa8 -MD5 26721799504a2465c32f193d7d2d0582 ChangeLog 48584 -RMD160 4e99e59db51fd28414809bcb8552a4b178a93d79 ChangeLog 48584 -SHA256 9ececff32d66eba53d1f28a0a747429218cdc9136fe30830c9de8381695d7fa8 ChangeLog 48584 +MISC ChangeLog 48855 RMD160 ce8ff58d927a3efc31f9f452919ba6e54aced97d SHA1 3b0a825b28e4c083d37589fad67f6c27329c07f2 SHA256 41cf2a2f12651c1e6db7337d1f98f16f92d3bff53c6855194f0415617dba36fe +MD5 a4bce53253038a7991ef680909c81710 ChangeLog 48855 +RMD160 ce8ff58d927a3efc31f9f452919ba6e54aced97d ChangeLog 48855 +SHA256 41cf2a2f12651c1e6db7337d1f98f16f92d3bff53c6855194f0415617dba36fe ChangeLog 48855 MISC metadata.xml 489 RMD160 36eed0edca609c521314ae415efd57ca9acfecb4 SHA1 317e61704a10a3bd888d32c6834721f5d40d00ff SHA256 6f35f13dd39bb51d304fd59b5352c92bc35a957c9c9412c5c1f3f58e98519792 MD5 324855d88a5c326d1b45b5c7719d5536 metadata.xml 489 RMD160 36eed0edca609c521314ae415efd57ca9acfecb4 metadata.xml 489 @@ -64,3 +76,6 @@ SHA256 4b66f0f4c47fbd739eb37e0a4dceb8ffd525131b9034dea75e3802ecdf06a824 files/di MD5 e899de085c153ac07e914eeb6e0d0ecb files/digest-samba-3.0.24-r2 768 RMD160 f62fe0036cb69a6e84304089ec8a83dc8a068199 files/digest-samba-3.0.24-r2 768 SHA256 4b66f0f4c47fbd739eb37e0a4dceb8ffd525131b9034dea75e3802ecdf06a824 files/digest-samba-3.0.24-r2 768 +MD5 e899de085c153ac07e914eeb6e0d0ecb files/digest-samba-3.0.24-r3 768 +RMD160 f62fe0036cb69a6e84304089ec8a83dc8a068199 files/digest-samba-3.0.24-r3 768 +SHA256 4b66f0f4c47fbd739eb37e0a4dceb8ffd525131b9034dea75e3802ecdf06a824 files/digest-samba-3.0.24-r3 768 diff --git a/net-fs/samba/files/3.0.24-heap_overflow_v2.patch b/net-fs/samba/files/3.0.24-heap_overflow_v2.patch new file mode 100644 index 000000000000..54b5cbbc2dae --- /dev/null +++ b/net-fs/samba/files/3.0.24-heap_overflow_v2.patch @@ -0,0 +1,785 @@ +Index: samba-3.0.24/source/include/smb_macros.h +=================================================================== +--- samba-3.0.24.orig/source/include/smb_macros.h 2006-04-19 21:29:39.000000000 -0500 ++++ samba-3.0.24/source/include/smb_macros.h 2007-05-25 12:40:05.000000000 -0500 +@@ -310,7 +310,6 @@ + #if defined(PARANOID_MALLOC_CHECKER) + + #define PRS_ALLOC_MEM(ps, type, count) (type *)prs_alloc_mem_((ps),sizeof(type),(count)) +-#define PRS_ALLOC_MEM_VOID(ps, size) prs_alloc_mem_((ps),(size),1) + + /* Get medieval on our ass about malloc.... */ + +@@ -354,7 +353,6 @@ + #define __location__ __FILE__ ":" __LINESTR__ + + #define PRS_ALLOC_MEM(ps, type, count) (type *)prs_alloc_mem((ps),sizeof(type),(count)) +-#define PRS_ALLOC_MEM_VOID(ps, size) prs_alloc_mem((ps),(size),1) + + /* Regular malloc code. */ + +Index: samba-3.0.24/source/rpc_parse/parse_dfs.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_dfs.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_dfs.c 2007-05-25 12:40:05.000000000 -0500 +@@ -325,7 +325,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->stores = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->stores)*v->num_stores); ++ v->stores = PRS_ALLOC_MEM(ps,NETDFS_DFS_STORAGEINFO,v->num_stores); ++ if (!v->stores) ++ return False; + } + for (i_stores_1=0; i_stores_1<v->num_stores;i_stores_1++) { + if (!netdfs_io_dfs_StorageInfo_p("stores", &v->stores[i_stores_1], ps, depth)) +@@ -447,7 +449,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->stores = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->stores)*v->num_stores); ++ v->stores = PRS_ALLOC_MEM(ps,NETDFS_DFS_STORAGEINFO,v->num_stores); ++ if (!v->stores) ++ return False; + } + for (i_stores_1=0; i_stores_1<v->num_stores;i_stores_1++) { + if (!netdfs_io_dfs_StorageInfo_p("stores", &v->stores[i_stores_1], ps, depth)) +@@ -920,7 +924,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO1,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info1_p("s", &v->s[i_s_1], ps, depth)) +@@ -986,7 +992,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO2,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info2_p("s", &v->s[i_s_1], ps, depth)) +@@ -1052,7 +1060,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO3,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info3_p("s", &v->s[i_s_1], ps, depth)) +@@ -1118,7 +1128,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO4,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info4_p("s", &v->s[i_s_1], ps, depth)) +@@ -1184,7 +1196,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO200,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info200_p("s", &v->s[i_s_1], ps, depth)) +@@ -1250,7 +1264,9 @@ + return False; + + if (UNMARSHALLING(ps)) { +- v->s = (void *)PRS_ALLOC_MEM_VOID(ps,sizeof(*v->s)*v->count); ++ v->s = PRS_ALLOC_MEM(ps,NETDFS_DFS_INFO300,v->count); ++ if (!v->s) ++ return False; + } + for (i_s_1=0; i_s_1<v->count;i_s_1++) { + if (!netdfs_io_dfs_Info300_p("s", &v->s[i_s_1], ps, depth)) +Index: samba-3.0.24/source/rpc_parse/parse_lsa.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_lsa.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_lsa.c 2007-05-25 12:41:06.000000000 -0500 +@@ -1171,7 +1171,7 @@ + + /* Mallocate memory if we're unpacking from the wire */ + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && sen->num_entries) { + if ((sen->ptr_sid = PRS_ALLOC_MEM( ps, uint32, sen->num_entries)) == NULL) { + DEBUG(3, ("init_lsa_sid_enum(): out of memory for " + "ptr_sid\n")); +@@ -1349,12 +1349,17 @@ + &trn->num_entries2)) + return False; + +- if (UNMARSHALLING(ps)) { +- if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME, trn->num_entries)) == NULL) { ++ if (trn->num_entries2 != trn->num_entries) { ++ /* RPC fault */ ++ return False; ++ } ++ ++ if (UNMARSHALLING(ps) && trn->num_entries2) { ++ if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME, trn->num_entries2)) == NULL) { + return False; + } + +- if ((trn->uni_name = PRS_ALLOC_MEM(ps, UNISTR2, trn->num_entries)) == NULL) { ++ if ((trn->uni_name = PRS_ALLOC_MEM(ps, UNISTR2, trn->num_entries2)) == NULL) { + return False; + } + } +@@ -1406,12 +1411,17 @@ + &trn->num_entries2)) + return False; + +- if (UNMARSHALLING(ps)) { +- if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME2, trn->num_entries)) == NULL) { ++ if (trn->num_entries2 != trn->num_entries) { ++ /* RPC fault */ ++ return False; ++ } ++ ++ if (UNMARSHALLING(ps) && trn->num_entries2) { ++ if ((trn->name = PRS_ALLOC_MEM(ps, LSA_TRANS_NAME2, trn->num_entries2)) == NULL) { + return False; + } + +- if ((trn->uni_name = PRS_ALLOC_MEM(ps, UNISTR2, trn->num_entries)) == NULL) { ++ if ((trn->uni_name = PRS_ALLOC_MEM(ps, UNISTR2, trn->num_entries2)) == NULL) { + return False; + } + } +@@ -1678,7 +1688,7 @@ + return False; + } + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && out->num_entries2) { + if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID, out->num_entries2)) + == NULL) { + DEBUG(3, ("lsa_io_r_lookup_names(): out of memory\n")); +@@ -1803,7 +1813,7 @@ + return False; + } + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && out->num_entries2) { + if ((out->dom_rid = PRS_ALLOC_MEM(ps, DOM_RID2, out->num_entries2)) + == NULL) { + DEBUG(3, ("lsa_io_r_lookup_names2(): out of memory\n")); +@@ -1956,7 +1966,7 @@ + return False; + } + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && out->num_entries2) { + if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2)) + == NULL) { + DEBUG(3, ("lsa_io_r_lookup_names3(): out of memory\n")); +@@ -2085,7 +2095,7 @@ + return False; + } + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && out->num_entries2) { + if ((out->trans_sids = PRS_ALLOC_MEM(ps, LSA_TRANSLATED_SID3, out->num_entries2)) + == NULL) { + DEBUG(3, ("lsa_io_r_lookup_names4(): out of memory\n")); +@@ -2324,7 +2334,7 @@ + if(!prs_uint32("count1", ps, depth, &out->count1)) + return False; + +- if (UNMARSHALLING(ps)) ++ if (UNMARSHALLING(ps) && out->count1) + if (!(out->privs = PRS_ALLOC_MEM(ps, LSA_PRIV_ENTRY, out->count1))) + return False; + +@@ -2759,7 +2769,7 @@ + + static BOOL lsa_io_privilege_set(const char *desc, PRIVILEGE_SET *out, prs_struct *ps, int depth) + { +- uint32 i; ++ uint32 i, dummy; + + prs_debug(ps, depth, desc, "lsa_io_privilege_set"); + depth++; +@@ -2767,7 +2777,7 @@ + if(!prs_align(ps)) + return False; + +- if(!prs_uint32("count", ps, depth, &out->count)) ++ if(!prs_uint32("count", ps, depth, &dummy)) + return False; + if(!prs_uint32("control", ps, depth, &out->control)) + return False; +@@ -3886,7 +3896,7 @@ + prs_debug(ps, depth, desc, "smb_io_lsa_data_buf"); + depth++; + +- if ( UNMARSHALLING(ps) ) { ++ if ( UNMARSHALLING(ps) && length ) { + if ( !(buf->data = PRS_ALLOC_MEM( ps, uint8, length )) ) + return False; + } +@@ -3900,7 +3910,7 @@ + if (!prs_uint32("length", ps, depth, &buf->length)) + return False; + +- if(!prs_uint8s(False, "data", ps, depth, buf->data, size)) ++ if(!prs_uint8s(False, "data", ps, depth, buf->data, length)) + return False; + + return True; +Index: samba-3.0.24/source/rpc_parse/parse_prs.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_prs.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_prs.c 2007-05-25 12:41:06.000000000 -0500 +@@ -156,7 +156,7 @@ + { + char *ret = NULL; + +- if (size) { ++ if (size && count) { + /* We can't call the type-safe version here. */ + ret = _talloc_zero_array(ps->mem_ctx, size, count, "parse_prs"); + } +@@ -642,9 +642,13 @@ + return True; + + if (UNMARSHALLING(ps)) { +- if ( !(*data = PRS_ALLOC_MEM_VOID(ps, data_size)) ) +- return False; +- } ++ if (data_size) { ++ if ( !(*data = (void *)PRS_ALLOC_MEM(ps, char, data_size)) ) ++ return False; ++ } else { ++ *data = NULL; ++ } ++ } + + return prs_fn(name, ps, depth, *data); + } +@@ -1014,16 +1018,16 @@ + if (q == NULL) + return False; + ++ /* If the string is empty, we don't have anything to stream */ ++ if (str->buf_len==0) ++ return True; ++ + if (UNMARSHALLING(ps)) { + str->buffer = PRS_ALLOC_MEM(ps,uint16,str->buf_len); + if (str->buffer == NULL) + return False; + } + +- /* If the string is empty, we don't have anything to stream */ +- if (str->buf_len==0) +- return True; +- + p = (char *)str->buffer; + + dbg_rw_punival(charmode, name, depth, ps, q, p, str->buf_len); +@@ -1053,6 +1057,8 @@ + buf->buffer = PRS_ALLOC_MEM(ps, uint16, buf->buf_max_len); + if ( buf->buffer == NULL ) + return False; ++ } else { ++ buf->buffer = NULL; + } + } + +@@ -1080,9 +1086,13 @@ + if (str->str_str_len > str->str_max_len) { + return False; + } +- str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); +- if (str->buffer == NULL) +- return False; ++ if (str->str_max_len) { ++ str->buffer = PRS_ALLOC_MEM(ps,unsigned char, str->str_max_len); ++ if (str->buffer == NULL) ++ return False; ++ } else { ++ str->buffer = NULL; ++ } + } + + if (UNMARSHALLING(ps)) { +@@ -1127,9 +1137,13 @@ + if (str->uni_str_len > str->uni_max_len) { + return False; + } +- str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); +- if (str->buffer == NULL) +- return False; ++ if (str->uni_max_len) { ++ str->buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_max_len); ++ if (str->buffer == NULL) ++ return False; ++ } else { ++ str->buffer = NULL; ++ } + } + + p = (char *)str->buffer; +@@ -1154,9 +1168,13 @@ + return False; + + if (UNMARSHALLING(ps)) { +- str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); +- if (str->str.buffer == NULL) +- return False; ++ if (str->uni_str_len) { ++ str->str.buffer = PRS_ALLOC_MEM(ps,uint16,str->uni_str_len); ++ if (str->str.buffer == NULL) ++ return False; ++ } else { ++ str->str.buffer = NULL; ++ } + } + + p = (char *)str->str.buffer; +Index: samba-3.0.24/source/rpc_parse/parse_sec.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_sec.c 2005-04-18 11:38:20.000000000 -0500 ++++ samba-3.0.24/source/rpc_parse/parse_sec.c 2007-05-25 12:40:05.000000000 -0500 +@@ -122,7 +122,7 @@ + for you as it reads them. + ********************************************************************/ + +-BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth) ++static BOOL sec_io_acl(const char *desc, SEC_ACL **ppsa, prs_struct *ps, int depth) + { + unsigned int i; + uint32 old_offset; +@@ -165,13 +165,10 @@ + return False; + + if (UNMARSHALLING(ps)) { +- /* +- * Even if the num_aces is zero, allocate memory as there's a difference +- * between a non-present DACL (allow all access) and a DACL with no ACE's +- * (allow no access). +- */ +- if((psa->ace = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces+1)) == NULL) +- return False; ++ if (psa->num_aces) { ++ if((psa->ace = PRS_ALLOC_MEM(ps, SEC_ACE, psa->num_aces)) == NULL) ++ return False; ++ } + } + + for (i = 0; i < psa->num_aces; i++) { +Index: samba-3.0.24/source/rpc_parse/parse_spoolss.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_spoolss.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_spoolss.c 2007-05-25 12:41:06.000000000 -0500 +@@ -227,8 +227,13 @@ + if(!prs_uint32("count2", ps, depth, &type->count2)) + return False; + +- if (type->count2 != type->count) ++ if (type->count2 != type->count) { + DEBUG(4,("What a mess, count was %x now is %x !\n", type->count, type->count2)); ++ return False; ++ } ++ if (type->count2 > MAX_NOTIFY_TYPE_FOR_NOW) { ++ return False; ++ } + + /* parse the option type data */ + for(i=0;i<type->count2;i++) +@@ -252,7 +257,7 @@ + return False; + + /* reading */ +- if (UNMARSHALLING(ps)) ++ if (UNMARSHALLING(ps) && ctr->count) + if((ctr->type=PRS_ALLOC_MEM(ps,SPOOL_NOTIFY_OPTION_TYPE,ctr->count)) == NULL) + return False; + +@@ -411,7 +416,7 @@ + if(!prs_uint32("string length", ps, depth, &data->notify_data.data.length)) + return False; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && data->notify_data.data.length) { + data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, + data->notify_data.data.length); + +@@ -430,7 +435,7 @@ + + case NOTIFY_POINTER: + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && data->notify_data.data.length) { + data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, + data->notify_data.data.length); + +@@ -490,9 +495,13 @@ + + /* Tallocate memory for string */ + +- data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2); +- if (!data->notify_data.data.string) +- return False; ++ if (x) { ++ data->notify_data.data.string = PRS_ALLOC_MEM(ps, uint16, x * 2); ++ if (!data->notify_data.data.string) ++ return False; ++ } else { ++ data->notify_data.data.string = NULL; ++ } + + if(!prs_uint16uni(True,"string",ps,depth,data->notify_data.data.string,x)) + return False; +@@ -5931,14 +5940,14 @@ + case REG_BINARY: + case REG_DWORD: + case REG_MULTI_SZ: +- if (q_u->max_len) { +- if (UNMARSHALLING(ps)) +- q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len); +- if(q_u->data == NULL) +- return False; +- if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len)) +- return False; +- } ++ if (q_u->max_len) { ++ if (UNMARSHALLING(ps)) ++ q_u->data=PRS_ALLOC_MEM(ps, uint8, q_u->max_len); ++ if(q_u->data == NULL) ++ return False; ++ if(!prs_uint8s(False,"data", ps, depth, q_u->data, q_u->max_len)) ++ return False; ++ } + if(!prs_align(ps)) + return False; + break; +@@ -6956,7 +6965,7 @@ + + /* first loop to write basic enum_value information */ + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && ctr->size_of_array) { + ctr->values = PRS_ALLOC_MEM(ps, PRINTER_ENUM_VALUES, ctr->size_of_array); + if (!ctr->values) + return False; +Index: samba-3.0.24/source/libads/authdata.c +=================================================================== +--- samba-3.0.24.orig/source/libads/authdata.c 2006-02-23 10:29:34.000000000 -0600 ++++ samba-3.0.24/source/libads/authdata.c 2007-05-25 12:41:06.000000000 -0500 +@@ -120,10 +120,14 @@ + return False; + + if (UNMARSHALLING(ps)) { +- array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num); +- if (!array->krb_sid_and_attrs) { +- DEBUG(3, ("No memory available\n")); +- return False; ++ if (num) { ++ array->krb_sid_and_attrs = PRS_ALLOC_MEM(ps, KRB_SID_AND_ATTRS, num); ++ if (!array->krb_sid_and_attrs) { ++ DEBUG(3, ("No memory available\n")); ++ return False; ++ } ++ } else { ++ array->krb_sid_and_attrs = NULL; + } + } + +@@ -184,10 +188,14 @@ + return False; + + if (UNMARSHALLING(ps)) { +- array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num); +- if (!array->group_membership) { +- DEBUG(3, ("No memory available\n")); +- return False; ++ if (num) { ++ array->group_membership = PRS_ALLOC_MEM(ps, GROUP_MEMBERSHIP, num); ++ if (!array->group_membership) { ++ DEBUG(3, ("No memory available\n")); ++ return False; ++ } ++ } else { ++ array->group_membership = NULL; + } + } + +@@ -456,10 +464,14 @@ + return False; + + if (UNMARSHALLING(ps) && length) { +- data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen); +- if (!data->signature.buffer) { +- DEBUG(3, ("No memory available\n")); +- return False; ++ if (siglen) { ++ data->signature.buffer = PRS_ALLOC_MEM(ps, uint8, siglen); ++ if (!data->signature.buffer) { ++ DEBUG(3, ("No memory available\n")); ++ return False; ++ } ++ } else { ++ data->signature.buffer = NULL; + } + } + +Index: samba-3.0.24/source/registry/regfio.c +=================================================================== +--- samba-3.0.24.orig/source/registry/regfio.c 2007-02-04 12:59:26.000000000 -0600 ++++ samba-3.0.24/source/registry/regfio.c 2007-05-25 12:41:06.000000000 -0500 +@@ -642,8 +642,12 @@ + return False; + + if ( UNMARSHALLING(&hbin->ps) ) { +- if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) ) +- return False; ++ if (lf->num_keys) { ++ if ( !(lf->hashes = PRS_ALLOC_MEM( &hbin->ps, REGF_HASH_REC, lf->num_keys )) ) ++ return False; ++ } else { ++ lf->hashes = NULL; ++ } + } + + for ( i=0; i<lf->num_keys; i++ ) { +Index: samba-3.0.24/source/rpc_parse/parse_net.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_net.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_net.c 2007-05-25 12:41:06.000000000 -0500 +@@ -1721,9 +1721,13 @@ + } + + if (UNMARSHALLING(ps)) { +- usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups); +- if (usr->gids == NULL) +- return False; ++ if (usr->num_groups) { ++ usr->gids = PRS_ALLOC_MEM(ps, DOM_GID, usr->num_groups); ++ if (usr->gids == NULL) ++ return False; ++ } else { ++ usr->gids = NULL; ++ } + } + + for (i = 0; i < usr->num_groups; i++) { +@@ -1756,10 +1760,15 @@ + return False; + + if (UNMARSHALLING(ps)) { +- usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids); +- usr->other_sids_attrib = +- PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids); +- ++ if (usr->num_other_sids) { ++ usr->other_sids = PRS_ALLOC_MEM(ps, DOM_SID2, usr->num_other_sids); ++ usr->other_sids_attrib = ++ PRS_ALLOC_MEM(ps, uint32, usr->num_other_sids); ++ } else { ++ usr->other_sids = NULL; ++ usr->other_sids_attrib = NULL; ++ } ++ + if ((num_other_sids != 0) && + ((usr->other_sids == NULL) || + (usr->other_sids_attrib == NULL))) +Index: samba-3.0.24/source/rpc_parse/parse_samr.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_samr.c 2007-02-04 12:59:22.000000000 -0600 ++++ samba-3.0.24/source/rpc_parse/parse_samr.c 2007-05-25 12:41:06.000000000 -0500 +@@ -3337,7 +3337,7 @@ + if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3)) + return False; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && r_u->num_entries2) { + r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2); + r_u->uni_dom_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2); + } +@@ -3476,7 +3476,7 @@ + if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3)) + return False; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && r_u->num_entries2) { + r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2); + r_u->uni_grp_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2); + } +@@ -4980,12 +4980,13 @@ + return False; + } + +- if (UNMARSHALLING(ps)) ++ if (UNMARSHALLING(ps) && r_u->num_rids2) { + r_u->rids = PRS_ALLOC_MEM(ps, uint32, r_u->num_rids2); + +- if (!r_u->rids) { +- DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n")); +- return False; ++ if (!r_u->rids) { ++ DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n")); ++ return False; ++ } + } + + for (i = 0; i < r_u->num_rids2; i++) { +@@ -5009,12 +5010,13 @@ + return False; + } + +- if (UNMARSHALLING(ps)) ++ if (UNMARSHALLING(ps) && r_u->num_types2) { + r_u->types = PRS_ALLOC_MEM(ps, uint32, r_u->num_types2); + +- if (!r_u->types) { +- DEBUG(0, ("NULL types in samr_io_r_lookup_names\n")); +- return False; ++ if (!r_u->types) { ++ DEBUG(0, ("NULL types in samr_io_r_lookup_names\n")); ++ return False; ++ } + } + + for (i = 0; i < r_u->num_types2; i++) { +Index: samba-3.0.24/source/rpc_parse/parse_srv.c +=================================================================== +--- samba-3.0.24.orig/source/rpc_parse/parse_srv.c 2005-04-18 11:38:20.000000000 -0500 ++++ samba-3.0.24/source/rpc_parse/parse_srv.c 2007-05-25 12:41:06.000000000 -0500 +@@ -782,7 +782,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info0 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_0, num_entries))) + return False; + ctr->share.info0 = info0; +@@ -808,7 +808,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_1, num_entries))) + return False; + ctr->share.info1 = info1; +@@ -834,7 +834,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info2 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_2,num_entries))) + return False; + ctr->share.info2 = info2; +@@ -859,7 +859,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info501 = PRS_ALLOC_MEM(ps, SRV_SHARE_INFO_501, num_entries))) + return False; + ctr->share.info501 = info501; +@@ -884,7 +884,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info502 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_502,num_entries))) + return False; + ctr->share.info502 = info502; +@@ -910,7 +910,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1004 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1004,num_entries))) + return False; + ctr->share.info1004 = info1004; +@@ -936,7 +936,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1005 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1005,num_entries))) + return False; + ctr->share.info1005 = info1005; +@@ -956,7 +956,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1006 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1006,num_entries))) + return False; + ctr->share.info1006 = info1006; +@@ -976,7 +976,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1007 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1007,num_entries))) + return False; + ctr->share.info1007 = info1007; +@@ -1002,7 +1002,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info1501 = PRS_ALLOC_MEM(ps,SRV_SHARE_INFO_1501,num_entries))) + return False; + ctr->share.info1501 = info1501; +@@ -2558,7 +2558,7 @@ + int num_entries = ctr->num_entries; + int i; + +- if (UNMARSHALLING(ps)) { ++ if (UNMARSHALLING(ps) && num_entries) { + if (!(info3 = PRS_ALLOC_MEM(ps, SRV_FILE_INFO_3, num_entries))) + return False; + ctr->file.info3 = info3; +@@ -3377,7 +3377,7 @@ + + r_n->disk_enum_ctr.entries_read = entries_read3; + +- if(UNMARSHALLING(ps)) { ++ if(UNMARSHALLING(ps) && entries_read3) { + + DISK_INFO *dinfo; + +@@ -3386,7 +3386,7 @@ + r_n->disk_enum_ctr.disk_info = dinfo; + } + +- for(i=0; i < r_n->disk_enum_ctr.entries_read; i++) { ++ for(i=0; i < entries_read3; i++) { + + if(!prs_uint32("unknown", ps, depth, &r_n->disk_enum_ctr.disk_info[i].unknown)) + return False; diff --git a/net-fs/samba/files/3.0.24-sid2name_elevation_v2.patch b/net-fs/samba/files/3.0.24-sid2name_elevation_v2.patch new file mode 100644 index 000000000000..7bf5a1a4ca04 --- /dev/null +++ b/net-fs/samba/files/3.0.24-sid2name_elevation_v2.patch @@ -0,0 +1,168 @@ +Index: samba-3.0.24/source/lib/util_sec.c +=================================================================== +--- samba-3.0.24.orig/source/lib/util_sec.c 2007-05-25 12:36:10.000000000 -0500 ++++ samba-3.0.24/source/lib/util_sec.c 2007-05-25 12:36:38.000000000 -0500 +@@ -286,28 +286,6 @@ + } + + /**************************************************************************** +- Lightweight become root - no group change. +-****************************************************************************/ +- +-void become_root_uid_only(void) +-{ +- save_re_uid(); +- set_effective_uid(0); +-} +- +-/**************************************************************************** +- Lightweight unbecome root - no group change. Expects we are root already, +- saves errno across call boundary. +-****************************************************************************/ +- +-void unbecome_root_uid_only(void) +-{ +- int saved_errno = errno; +- restore_re_uid_fromroot(); +- errno = saved_errno; +-} +- +-/**************************************************************************** + save the real and effective gid for later restoration. Used by the + getgroups code + ****************************************************************************/ +Index: samba-3.0.24/source/passdb/lookup_sid.c +=================================================================== +--- samba-3.0.24.orig/source/passdb/lookup_sid.c 2007-05-25 12:36:10.000000000 -0500 ++++ samba-3.0.24/source/passdb/lookup_sid.c 2007-05-25 12:36:38.000000000 -0500 +@@ -421,10 +421,10 @@ + return False; + } + +- become_root_uid_only(); ++ become_root(); + result = pdb_lookup_rids(domain_sid, num_rids, rids, + *names, *types); +- unbecome_root_uid_only(); ++ unbecome_root(); + + return (NT_STATUS_IS_OK(result) || + NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) || +@@ -1085,9 +1085,9 @@ + goto done; + } + +- become_root_uid_only(); ++ become_root(); + ret = pdb_uid_to_rid(uid, &rid); +- unbecome_root_uid_only(); ++ unbecome_root(); + + if (ret) { + /* This is a mapped user */ +@@ -1131,9 +1131,9 @@ + goto done; + } + +- become_root_uid_only(); ++ become_root(); + ret = pdb_gid_to_sid(gid, psid); +- unbecome_root_uid_only(); ++ unbecome_root(); + + if (ret) { + /* This is a mapped group */ +@@ -1179,9 +1179,9 @@ + union unid_t id; + BOOL ret; + +- become_root_uid_only(); ++ become_root(); + ret = pdb_sid_to_id(psid, &id, &type); +- unbecome_root_uid_only(); ++ unbecome_root(); + + if (ret) { + if (type != SID_NAME_USER) { +@@ -1259,9 +1259,9 @@ + sid_check_is_in_wellknown_domain(psid))) { + BOOL ret; + +- become_root_uid_only(); ++ become_root(); + ret = pdb_getgrsid(&map, *psid); +- unbecome_root_uid_only(); ++ unbecome_root(); + + if (ret) { + *pgid = map.gid; +@@ -1273,9 +1273,9 @@ + if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) { + BOOL ret; + +- become_root_uid_only(); ++ become_root(); + ret = pdb_sid_to_id(psid, &id, &type); +- unbecome_root_uid_only(); ++ unbecome_root(); + + if (ret) { + if ((type != SID_NAME_DOM_GRP) && +Index: samba-3.0.24/source/smbd/uid.c +=================================================================== +--- samba-3.0.24.orig/source/smbd/uid.c 2007-05-25 12:36:28.000000000 -0500 ++++ samba-3.0.24/source/smbd/uid.c 2007-05-25 12:36:46.000000000 -0500 +@@ -151,7 +151,9 @@ + char group_c; + BOOL must_free_token = False; + NT_USER_TOKEN *token = NULL; +- ++ int num_groups = 0; ++ gid_t *group_list = NULL; ++ + if (!conn) { + DEBUG(2,("change_to_user: Connection not open\n")); + return(False); +@@ -190,14 +192,14 @@ + if (conn->force_user) /* security = share sets this too */ { + uid = conn->uid; + gid = conn->gid; +- current_user.ut.groups = conn->groups; +- current_user.ut.ngroups = conn->ngroups; ++ group_list = conn->groups; ++ num_groups = conn->ngroups; + token = conn->nt_user_token; + } else if (vuser) { + uid = conn->admin_user ? 0 : vuser->uid; + gid = vuser->gid; +- current_user.ut.ngroups = vuser->n_groups; +- current_user.ut.groups = vuser->groups; ++ num_groups = vuser->n_groups; ++ group_list = vuser->groups; + token = vuser->nt_user_token; + } else { + DEBUG(2,("change_to_user: Invalid vuid used %d in accessing " +@@ -230,8 +232,8 @@ + */ + + int i; +- for (i = 0; i < current_user.ut.ngroups; i++) { +- if (current_user.ut.groups[i] == conn->gid) { ++ for (i = 0; i < num_groups; i++) { ++ if (group_list[i] == conn->gid) { + gid = conn->gid; + gid_to_sid(&token->user_sids[1], gid); + break; +@@ -243,6 +245,12 @@ + } + } + ++ /* Now set current_user since we will immediately also call ++ set_sec_ctx() */ ++ ++ current_user.ut.ngroups = num_groups; ++ current_user.ut.groups = group_list; ++ + set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups, + token); + diff --git a/net-fs/samba/files/digest-samba-3.0.24-r3 b/net-fs/samba/files/digest-samba-3.0.24-r3 new file mode 100644 index 000000000000..00360d37af2c --- /dev/null +++ b/net-fs/samba/files/digest-samba-3.0.24-r3 @@ -0,0 +1,9 @@ +MD5 ca3b7f83de0204ab79a9f0aea5a5051d samba-3-gentoo-0.3.16.tar.bz2 14291 +RMD160 c8388239352e981c03f7e99ff02dbaa13ad77e2a samba-3-gentoo-0.3.16.tar.bz2 14291 +SHA256 fe0ae6f8c2833cfdbab82a5ae2087045da4f27f6f07daba6fdc829a93b4e6508 samba-3-gentoo-0.3.16.tar.bz2 14291 +MD5 89273f67a6d8067cbbecefaa13747153 samba-3.0.24.tar.gz 17708128 +RMD160 f208dca645d07a195169e005a50fb4c4879254eb samba-3.0.24.tar.gz 17708128 +SHA256 c4e8de3426fbbcee7f338f5cf09052cbdf9a36ae638aeeeca10498ef8d5343e2 samba-3.0.24.tar.gz 17708128 +MD5 900502ba36b80620229b94e5129bc856 samba-vscan-0.3.6b.tar.bz2 164471 +RMD160 5cd81345b06f44b2febf3f24e62325322b1c6a3b samba-vscan-0.3.6b.tar.bz2 164471 +SHA256 14f78b624b047b90ddf4965998e7115d3b3ac97b3229154a302637d8e49adcd4 samba-vscan-0.3.6b.tar.bz2 164471 diff --git a/net-fs/samba/samba-3.0.24-r3.ebuild b/net-fs/samba/samba-3.0.24-r3.ebuild new file mode 100644 index 000000000000..c7888c742504 --- /dev/null +++ b/net-fs/samba/samba-3.0.24-r3.ebuild @@ -0,0 +1,304 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-3.0.24-r3.ebuild,v 1.1 2007/05/26 12:50:43 dev-zero Exp $ + +WANT_AUTOCONF="latest" +WANT_AUTOMAKE="none" + +inherit eutils autotools versionator pam + +IUSE_LINGUAS="ja pl" +IUSE="acl async automount caps cups doc examples kerberos kernel_linux ldap fam + linguas_ja linguas_pl + oav pam python quotas readline selinux swat syslog winbind" + +VSCAN_VER="0.3.6b" +PATCH_VER="0.3.16" +MY_P=${PN}-${PV/_/} +MY_PP=${PN}-$(get_major_version)-gentoo-${PATCH_VER} +S2=${WORKDIR}/${MY_P} +S=${S2}/source +PFVSCAN=${PN}-vscan-${VSCAN_VER} + +DESCRIPTION="SAMBA is a suite of SMB and CIFS client/server programs for UNIX" +HOMEPAGE="http://www.samba.org/ http://www.openantivirus.org/projects.php" +SRC_URI="mirror://gentoo/${MY_PP}.tar.bz2 + mirror://samba/${MY_P}.tar.gz + mirror://samba/old-versions/${MY_P}.tar.gz + oav? ( mirror://sourceforge/openantivirus/${PFVSCAN}.tar.bz2 )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" + +RDEPEND="dev-libs/popt + virtual/libiconv + acl? ( kernel_linux? ( sys-apps/acl ) ) + cups? ( net-print/cups ) + ldap? ( kerberos? ( virtual/krb5 ) net-nds/openldap ) + pam? ( virtual/pam ) + python? ( dev-lang/python ) + readline? ( sys-libs/readline ) + selinux? ( sec-policy/selinux-samba ) + swat? ( sys-apps/xinetd ) + syslog? ( virtual/logger ) + fam? ( virtual/fam ) + caps? ( sys-libs/libcap )" +DEPEND="${RDEPEND}" + +PRIVATE_DST=/var/lib/samba/private +PATCHDIR=${WORKDIR}/patches +CONFDIR=${WORKDIR}/configs + +src_unpack() { + unpack ${A} + cd "${S2}" + + epatch "${FILESDIR}/${PV}-sid2name_elevation_v2.patch" + epatch "${FILESDIR}/${PV}-shell_escape.patch" + epatch "${FILESDIR}/${PV}-heap_overflow_v2.patch" + + export EPATCH_SUFFIX="patch" + epatch ${PATCHDIR}/general + + if use oav ; then + cd ${WORKDIR} + if [[ -d ${PATCHDIR}/vscan ]] ; then + epatch ${PATCHDIR}/vscan + fi + cp -pPR ${WORKDIR}/${PFVSCAN} ${S2}/examples/VFS + fi + + # patches screw with autotool files + cd "${S}" + eautoconf +} + +src_compile() { + local myconf + local mylangs + local mymod_shared + + mylangs="--with-manpages-langs=en" + use linguas_ja && mylangs="${mylangs},ja" + use linguas_pl && mylangs="${mylangs},pl" + + use winbind && mymod_shared="--with-shared-modules=idmap_rid" + if use ldap ; then + myconf="${myconf} $(use_with kerberos ads)" + use winbind && mymod_shared="${mymod_shared},idmap_ad" + fi + + [[ ${CHOST} == *-*bsd* ]] && myconf="${myconf} --disable-pie" + use hppa && myconf="${myconf} --disable-pie" + + use fam && export ac_cv_header_fam_h=yes || export ac_cv_header_fam_h=no + use caps && export ac_cv_header_sys_capability_h=yes || export ac_cv_header_sys_capability_h=no + + econf \ + --with-fhs \ + --sysconfdir=/etc/samba \ + --localstatedir=/var \ + --with-configdir=/etc/samba \ + --with-libdir=/usr/$(get_libdir)/samba \ + --with-swatdir=/usr/share/doc/${PF}/swat \ + --with-piddir=/var/run/samba \ + --with-lockdir=/var/cache/samba \ + --with-logfilebase=/var/log/samba \ + --with-privatedir=${PRIVATE_DST} \ + --with-libsmbclient \ + --without-spinlocks \ + --enable-socket-wrapper \ + $(use_with acl acl-support) \ + $(use_with async aio-support) \ + $(use_with automount) \ + $(use_enable cups) \ + $(use_with kerberos krb5) \ + $(use_with ldap) \ + $(use_with pam) $(use_with pam pam_smbpass) \ + $(use_with python) \ + $(use_with quotas) $(use_with quotas sys-quotas) \ + $(use_with readline) \ + $(use_with kernel_linux smbmount) \ + $(use_with syslog) \ + $(use_with winbind) \ + ${myconf} ${mylangs} ${mymod_shared} || die + + emake proto || die "SAMBA make proto error" + emake everything || die "SAMBA make everything error" + + emake rpctorture >& rpctorture.log || ewarn "rpctorture didn't build [that's ok!]" + + if use python ; then + python python/setup.py build + fi + + # Build samba-vscan plugins + if use oav ; then + cd ${S2}/examples/VFS/${PFVSCAN} + econf \ + --with-fhs \ + --libdir=/usr/$(get_libdir)/samba \ + || die "${PFVSCAN} ./configure failed" + emake || die "Failed to make ${PFVSCAN}" + fi + +} + +src_install() { + local extra_bins="rpctorture" + + emake DESTDIR="${D}" install-everything || die + + # Extra rpctorture progs + for i in ${extra_bins} ; do + [[ -x ${S}/bin/${i} ]] && dobin "${S}"/bin/${i} + done + + # remove .old stuff from /usr/bin: + rm -f "${D}"/usr/bin/*.old + + # Nsswitch extensions. Make link for wins and winbind resolvers + if use winbind ; then + dolib.so "${S}"/nsswitch/libnss_wins.so || die + dosym libnss_wins.so /usr/$(get_libdir)/libnss_wins.so.2 + dolib.so "${S}"/nsswitch/libnss_winbind.so || die + dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2 + fi + + if use pam ; then + exeinto /$(get_libdir)/security + doexe "${S}"/bin/pam_smbpass.so || die + if use winbind ; then + exeinto /$(get_libdir)/security + doexe "${S}"/bin/pam_winbind.so || die + fi + fi + + if use kernel_linux ; then + # mount backend + dodir /sbin + dosym ../usr/bin/smbmount /sbin/mount.smbfs + dosym ../usr/bin/mount.cifs /sbin/mount.cifs + fi + + # bug #46389: samba doesn't create symlink anymore + # beaviour seems to be changed in 3.0.6, see bug #61046 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so.0 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so + + # make the smb backend symlink for cups printing support (bug #133133) + if use cups ; then + dodir $(cups-config --serverbin)/backend + dosym /usr/bin/smbspool $(cups-config --serverbin)/backend/smb + fi + + # VFS plugin modules + if use oav ; then + cd ${S2}/examples/VFS/${PFVSCAN} + make install DESTDIR=${D} || die "VFS: vscan error" + insinto /etc/samba + doins ${S2}/examples/VFS/${PFVSCAN}/openantivirus/*conf + fi + + # Python extensions + if use python ; then + cd ${S} + python python/setup.py install --root=${D} || die + fi + + # General config files + insinto /etc/samba + doins ${CONFDIR}/smbusers + newins ${CONFDIR}/smb.conf.example-samba3 smb.conf.example + doins ${CONFDIR}/lmhosts + + newpamd ${CONFDIR}/samba.pam samba + use winbind && doins ${CONFDIR}/system-auth-winbind + if use swat ; then + insinto /etc/xinetd.d + newins ${CONFDIR}/swat.xinetd swat + else + rm -f "${D}"/usr/sbin/swat + rm -f "${D}"/usr/share/man/man8/swat.8 + fi + newinitd "${FILESDIR}/samba-init" samba + newconfd "${FILESDIR}/samba-conf" samba + if use ldap ; then + insinto /etc/openldap/schema + doins ${S2}/examples/LDAP/samba.schema + fi + + # dirs + diropts -m0700 ; keepdir ${PRIVATE_DST} + diropts -m1777 ; keepdir /var/spool/samba + + diropts -m0755 + keepdir /var/{log,run,cache}/samba + keepdir /var/lib/samba/{netlogon,profiles} + keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC} + keepdir /usr/$(get_libdir)/samba/{rpc,idmap,auth} + + # docs + dodoc ${FILESDIR}/README.gentoo + dodoc ${S2}/{COPYING,Manifest,README,Roadmap,WHATSNEW.txt} + dodoc ${CONFDIR}/nsswitch.conf-wins + use winbind && dodoc ${CONFDIR}/nsswitch.conf-winbind + + if use oav ; then + docinto ${PFVSCAN} + cd ${WORKDIR}/${PFVSCAN} + dodoc AUTHORS COPYING ChangeLog FAQ INSTALL NEWS README TODO + dodoc */*.conf + fi + + if use examples ; then + docinto examples + cp -pPR ${S2}/examples/* "${D}"/usr/share/doc/${PF}/examples + find "${D}"/usr/share/doc/${PF} -type d -print0 | xargs -0 chmod 755 + find "${D}"/usr/share/doc/${PF}/examples ! -type d -print0 | xargs -0 chmod 644 + fi + + if ! use doc ; then + if ! use swat ; then + rm -rf "${D}"/usr/share/doc/${PF}/swat + else + rm -rf "${D}"/usr/share/doc/${PF}/swat/help/{guide,howto,devel} + rm -rf "${D}"/usr/share/doc/${PF}/swat/using_samba + fi + fi + + # Patch ChangeLog + docinto gentoo + dodoc ${PATCHDIR}/ChangeLog +} + +pkg_preinst() { + local PRIVATE_SRC=/etc/samba/private + if [[ ! -r ${ROOT}/${PRIVATE_DST}/secrets.tdb \ + && -r ${ROOT}/${PRIVATE_SRC}/secrets.tdb ]] ; then + ebegin "Copying ${ROOT}/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/" + mkdir -p "${D}"/${PRIVATE_DST} + cp -pPRf "${ROOT}"/${PRIVATE_SRC}/* "${D}"/${PRIVATE_DST}/ + eend $? + fi + + if [[ ! -f ${ROOT}/etc/samba/smb.conf ]] ; then + touch "${D}"/etc/samba/smb.conf + fi +} + +pkg_postinst() { + if use swat ; then + einfo "swat must be enabled by xinetd:" + einfo " change the /etc/xinetd.d/swat configuration" + fi + einfo "Latest info: README.gentoo in documentation directory" +} + +pkg_postrm(){ + # If stale docs, and one isn't re-emerging the latest version, removes + # (this is actually a portage bug, though) + [[ -n ${PF} && ! -f ${ROOT}/usr/lib/${PN}/en.msg ]] && \ + rm -rf "${ROOT}"/usr/share/doc/${PF} +} |