OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 05-Jul-2004 10:38:43
Branch: OPENPKG_2_1_SOLID Handle: 2004070509384201
Added files: (Branch: OPENPKG_2_1_SOLID)
openpkg-src/samba samba.patch
Modified files: (Branch: OPENPKG_2_1_SOLID)
openpkg-src/samba samba.spec
Log:
MFC: upgrade to latest status from CURRENT
Summary:
Revision Changes Path
1.3.2.1 +228 -0 openpkg-src/samba/samba.patch
1.68.2.2 +2 -1 openpkg-src/samba/samba.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/samba/samba.patch
============================================================================
$ cvs diff -u -r0 -r1.3.2.1 samba.patch
--- /dev/null 2004-07-05 10:38:43.000000000 +0200
+++ samba.patch 2004-07-05 10:38:43.000000000 +0200
@@ -0,0 +1,228 @@
+Some vendor patches for Samba 3.0.4.
+
+Index: source/include/rpc_dce.h
+--- source/include/rpc_dce.h.orig 2004-04-20 22:42:57 +0200
++++ source/include/rpc_dce.h 2004-07-04 10:07:30 +0200
+@@ -63,7 +63,9 @@
+ #define NETSEC_AUTH_TYPE 0x44
+ #define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 }
+ #define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 }
+-#define RPC_AUTH_NETSEC_CHK_LEN 0x20
++
++#define RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN 0x20
++#define RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN 0x18
+
+ /* The 7 here seems to be required to get Win2k not to downgrade us
+ to NT4. Actually, anything other than 1ff would seem to do... */
+Index: source/lib/util_str.c
+--- source/lib/util_str.c.orig 2004-04-20 22:42:55 +0200
++++ source/lib/util_str.c 2004-07-04 10:07:30 +0200
+@@ -1980,10 +1980,16 @@
+ {
+ int bits = 0;
+ int char_count = 0;
+- size_t out_cnt = 0;
+- size_t len = data.length;
+- size_t output_len = data.length * 2;
+- char *result = malloc(output_len); /* get us plenty of space */
++ size_t out_cnt, len, output_len;
++ char *result;
++
++ if (!data.length || !data.data)
++ return NULL;
++
++ out_cnt = 0;
++ len = data.length;
++ output_len = data.length * 2;
++ result = malloc(output_len); /* get us plenty of space */
+
+ while (len-- && out_cnt < (data.length * 2) - 5) {
+ int c = (unsigned char) *(data.data++);
+Index: source/rpc_client/cli_pipe.c
+--- source/rpc_client/cli_pipe.c.orig 2004-04-04 09:37:16 +0200
++++ source/rpc_client/cli_pipe.c 2004-07-04 10:07:30 +0200
+@@ -332,13 +332,24 @@
+ if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) {
+ RPC_AUTH_NETSEC_CHK chk;
+
+- if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) {
++ if ( (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN)
++ && (auth_len != RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN) )
++ {
+ DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n",
auth_len));
+ return False;
+ }
+
+- if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign",
+- &chk, &auth_verf, 0)) {
++ /* can't seal with no nonce */
++ if ( (cli->pipe_auth_flags & AUTH_PIPE_SEAL)
++ && (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) )
++ {
++ DEBUG(0,("rpc_auth_pipe: sealing not supported with schannel
auth len %d\n", auth_len));
++ return False;
++ }
++
++
++ if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", auth_len, &chk,
&auth_verf, 0))
++ {
+ DEBUG(0, ("rpc_auth_pipe: schannel unmarshalling "
+ "RPC_AUTH_NETSECK_CHK failed\n"));
+ return False;
+@@ -918,7 +929,7 @@
+ auth_len = RPC_AUTH_NTLMSSP_CHK_LEN;
+ }
+ if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) {
+- auth_len = RPC_AUTH_NETSEC_CHK_LEN;
++ auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN;
+ }
+ auth_hdr_len = RPC_HDR_AUTH_LEN;
+ }
+@@ -1034,8 +1045,9 @@
+ /* write auth footer onto the packet */
+
+ parse_offset_marker = prs_offset(&sec_blob);
+- if (!smb_io_rpc_auth_netsec_chk("", &verf,
+- &sec_blob, 0)) {
++ if (!smb_io_rpc_auth_netsec_chk("",
RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN,
++ &verf, &sec_blob, 0))
++ {
+ prs_mem_free(&sec_blob);
+ return False;
+ }
+Index: source/rpc_parse/parse_rpc.c
+--- source/rpc_parse/parse_rpc.c.orig 2004-04-20 22:42:57 +0200
++++ source/rpc_parse/parse_rpc.c 2004-07-04 10:07:30 +0200
+@@ -1189,7 +1189,8 @@
+ /*******************************************************************
+ reads or writes an RPC_AUTH_NETSEC_CHK structure.
+ ********************************************************************/
+-BOOL smb_io_rpc_auth_netsec_chk(const char *desc, RPC_AUTH_NETSEC_CHK * chk,
++BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len,
++ RPC_AUTH_NETSEC_CHK * chk,
+ prs_struct *ps, int depth)
+ {
+ if (chk == NULL)
+@@ -1198,10 +1199,19 @@
+ prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk");
+ depth++;
+
+- prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig));
+- prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num));
+- prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest,
sizeof(chk->packet_digest));
+- prs_uint8s(False, "confounder", ps, depth, chk->confounder,
sizeof(chk->confounder));
++ if ( !prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)) )
++ return False;
++
++ if ( !prs_uint8s(False, "seq_num", ps, depth, chk->seq_num,
sizeof(chk->seq_num)) )
++ return False;
++
++ if ( !prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest,
sizeof(chk->packet_digest)) )
++ return False;
++
++ if ( auth_len == RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN ) {
++ if ( !prs_uint8s(False, "confounder", ps, depth, chk->confounder,
sizeof(chk->confounder)) )
++ return False;
++ }
+
+ return True;
+ }
+Index: source/rpc_server/srv_pipe.c
+--- source/rpc_server/srv_pipe.c.orig 2004-05-07 21:27:34 +0200
++++ source/rpc_server/srv_pipe.c 2004-07-04 10:07:30 +0200
+@@ -124,7 +124,7 @@
+ if(p->ntlmssp_auth_validated) {
+ data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN);
+ } else if(p->netsec_auth_validated) {
+- data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN);
++ data_space_available -= (RPC_HDR_AUTH_LEN +
RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN);
+ }
+
+ /*
+@@ -177,8 +177,8 @@
+ } else if (p->netsec_auth_validated) {
+ p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN +
+ data_len + ss_padding_len +
+- RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN;
+- p->hdr.auth_len = RPC_AUTH_NETSEC_CHK_LEN;
++ RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN;
++ p->hdr.auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN;
+ } else {
+ p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len;
+ p->hdr.auth_len = 0;
+@@ -309,7 +309,8 @@
+ SENDER_IS_ACCEPTOR,
+ &verf, data, data_len + ss_padding_len);
+
+- smb_io_rpc_auth_netsec_chk("", &verf, &outgoing_pdu, 0);
++ smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN,
++ &verf, &outgoing_pdu, 0);
+
+ p->netsec_auth.seq_num++;
+ }
+@@ -1339,7 +1340,7 @@
+
+ auth_len = p->hdr.auth_len;
+
+- if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) {
++ if (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) {
+ DEBUG(0,("Incorrect auth_len %d.\n", auth_len ));
+ return False;
+ }
+@@ -1384,7 +1385,9 @@
+ return False;
+ }
+
+- if(!smb_io_rpc_auth_netsec_chk("", &netsec_chk, rpc_in, 0)) {
++ if(!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN,
++ &netsec_chk, rpc_in, 0))
++ {
+ DEBUG(0,("failed to unmarshal RPC_AUTH_NETSEC_CHK.\n"));
+ return False;
+ }
+Index: source/smbd/filename.c
+--- source/smbd/filename.c.orig 2004-04-04 09:37:31 +0200
++++ source/smbd/filename.c 2004-07-04 10:07:30 +0200
+@@ -137,6 +137,10 @@
+ if (!*name) {
+ name[0] = '.';
+ name[1] = '\0';
++ if (SMB_VFS_STAT(conn,name,&st) == 0) {
++ *pst = st;
++ }
++ DEBUG(5,("conversion finished %s -> %s\n",orig_path, name));
+ return(True);
+ }
+
+Index: source/smbd/uid.c
+--- source/smbd/uid.c.orig 2004-04-04 09:37:31 +0200
++++ source/smbd/uid.c 2004-07-04 10:07:30 +0200
+@@ -189,20 +189,26 @@
+
+ snum = SNUM(conn);
+
++ if ((vuser) && !check_user_ok(conn, vuser, snum)) {
++ DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not
permitted access to share %s.\n",
++ vuser->user.smb_name, vuser->user.unix_name, vuid,
lp_servicename(snum)));
++ return False;
++ }
++
+ if (conn->force_user) /* security = share sets this too */ {
+ uid = conn->uid;
+ gid = conn->gid;
+ current_user.groups = conn->groups;
+ current_user.ngroups = conn->ngroups;
+ token = conn->nt_user_token;
+- } else if ((vuser) && check_user_ok(conn, vuser, snum)) {
++ } else if (vuser) {
+ uid = conn->admin_user ? 0 : vuser->uid;
+ gid = vuser->gid;
+ current_user.ngroups = vuser->n_groups;
+ current_user.groups = vuser->groups;
+ token = vuser->nt_user_token;
+ } else {
+- DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted
access to share.\n",vuid));
++ DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share
%s.\n",vuid, lp_servicename(snum) ));
+ return False;
+ }
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/samba/samba.spec
============================================================================
$ cvs diff -u -r1.68.2.1 -r1.68.2.2 samba.spec
--- openpkg-src/samba/samba.spec 2 Jul 2004 15:27:41 -0000 1.68.2.1
+++ openpkg-src/samba/samba.spec 5 Jul 2004 08:38:43 -0000 1.68.2.2
@@ -47,6 +47,7 @@
Source1: smb.conf
Source2: smb.hosts
Source3: rc.samba
+Patch0: samba.patch
# build information
Prefix: %{l_prefix}
@@ -86,7 +87,7 @@
%prep
%setup -q
- %{l_patch} -p1 <packaging/Mandrake/samba-3.0-smbmount-sbin.patch
+ %patch -p0
%build
cd source
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
