diff options
Diffstat (limited to 'net-fs/samba/files')
| -rw-r--r-- | net-fs/samba/files/digest-samba-3.0.4-r1 | 3 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-3.0.4-python-setup.patch | 31 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-3.0.4.patch | 223 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-conf | 27 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-init | 58 |
5 files changed, 319 insertions, 23 deletions
diff --git a/net-fs/samba/files/digest-samba-3.0.4-r1 b/net-fs/samba/files/digest-samba-3.0.4-r1 new file mode 100644 index 000000000000..ca2f2b880262 --- /dev/null +++ b/net-fs/samba/files/digest-samba-3.0.4-r1 @@ -0,0 +1,3 @@ +MD5 0156265c1e95ac662deef386f615504f samba-3.0.4.tar.gz 15046252 +MD5 5f173d549014985d681478897135915b samba-vscan-0.3.5.tar.bz2 161982 +MD5 34ef159fc49a2c30ff27b481dc8e1215 smbldap-tools-0.8.4.tgz 286290 diff --git a/net-fs/samba/files/samba-3.0.4-python-setup.patch b/net-fs/samba/files/samba-3.0.4-python-setup.patch new file mode 100644 index 000000000000..55de92bb585a --- /dev/null +++ b/net-fs/samba/files/samba-3.0.4-python-setup.patch @@ -0,0 +1,31 @@ +--- source/python/setup.py 2004-04-04 09:37:15.000000000 +0200 ++++ source/python/setup.py.new 2004-05-09 12:38:43.196926688 +0200 +@@ -50,16 +50,25 @@ + libraries = [] + library_dirs = [] + ++next_is_path = 0 + for lib in string.split(samba_libs): +- if lib[0:2] == "-l": ++ if next_is_path <> 0: ++ library_dirs.append(lib); ++ next_is_path = 0; ++ continue ++ if lib == "-Wl,-rpath": ++ next_is_path = 1; ++ continue ++ elif lib[0:2] == "-l": + libraries.append(lib[2:]) + continue +- if lib[0:2] == "-L": ++ elif lib[0:2] == "-L": + library_dirs.append(lib[2:]) + continue +- if lib[0:2] == "-W": ++ elif lib[0:2] == "-W": + # Skip linker flags + continue ++ + print "Unknown entry '%s' in $LIBS variable passed to setup.py" % lib + sys.exit(1) + diff --git a/net-fs/samba/files/samba-3.0.4.patch b/net-fs/samba/files/samba-3.0.4.patch new file mode 100644 index 000000000000..8d67df280e16 --- /dev/null +++ b/net-fs/samba/files/samba-3.0.4.patch @@ -0,0 +1,223 @@ +################################################################## +# Recommended patchset for Samba 3.0.4 +# +# This patchset fixes the following bugs: +# * BUG 1315 - wbinfo -t unsuccessful on 3.0.4 +# * BUG 1319 - Cannot write to a share with write-list users +# * BUG 1345 - Macromedia Homesite cannot connect anymore +# after upgrade to 3.0.4 +# +# Please refer to https://bugzilla.samba.org/ for specific +# details regarding the actual bug reports. +################################################################## + + +Index: source/rpc_client/cli_pipe.c +=================================================================== +--- source/rpc_client/cli_pipe.c (revision 842) ++++ source/rpc_client/cli_pipe.c (working copy) +@@ -332,13 +332,24 @@ + if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { + RPC_AUTH_NETSEC_CHK chk; + +- if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { ++ if ( (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) ++ && (auth_len != RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN) ) ++ { + DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n", auth_len)); + return False; + } + +- if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", +- &chk, &auth_verf, 0)) { ++ /* can't seal with no nonce */ ++ if ( (cli->pipe_auth_flags & AUTH_PIPE_SEAL) ++ && (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) ) ++ { ++ DEBUG(0,("rpc_auth_pipe: sealing not supported with schannel auth len %d\n", auth_len)); ++ return False; ++ } ++ ++ ++ if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", auth_len, &chk, &auth_verf, 0)) ++ { + DEBUG(0, ("rpc_auth_pipe: schannel unmarshalling " + "RPC_AUTH_NETSECK_CHK failed\n")); + return False; +@@ -918,7 +929,7 @@ + auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; + } + if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { +- auth_len = RPC_AUTH_NETSEC_CHK_LEN; ++ auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; + } + auth_hdr_len = RPC_HDR_AUTH_LEN; + } +@@ -1034,8 +1045,9 @@ + /* write auth footer onto the packet */ + + parse_offset_marker = prs_offset(&sec_blob); +- if (!smb_io_rpc_auth_netsec_chk("", &verf, +- &sec_blob, 0)) { ++ if (!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, ++ &verf, &sec_blob, 0)) ++ { + prs_mem_free(&sec_blob); + return False; + } +Index: source/smbd/filename.c +=================================================================== +--- source/smbd/filename.c (revision 842) ++++ source/smbd/filename.c (working copy) +@@ -137,6 +137,10 @@ + if (!*name) { + name[0] = '.'; + name[1] = '\0'; ++ if (SMB_VFS_STAT(conn,name,&st) == 0) { ++ *pst = st; ++ } ++ DEBUG(5,("conversion finished %s -> %s\n",orig_path, name)); + return(True); + } + +Index: source/smbd/uid.c +=================================================================== +--- source/smbd/uid.c (revision 842) ++++ source/smbd/uid.c (working copy) +@@ -189,20 +189,26 @@ + + snum = SNUM(conn); + ++ if ((vuser) && !check_user_ok(conn, vuser, snum)) { ++ DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not permitted access to share %s.\n", ++ vuser->user.smb_name, vuser->user.unix_name, vuid, lp_servicename(snum))); ++ return False; ++ } ++ + if (conn->force_user) /* security = share sets this too */ { + uid = conn->uid; + gid = conn->gid; + current_user.groups = conn->groups; + current_user.ngroups = conn->ngroups; + token = conn->nt_user_token; +- } else if ((vuser) && check_user_ok(conn, vuser, snum)) { ++ } else if (vuser) { + uid = conn->admin_user ? 0 : vuser->uid; + gid = vuser->gid; + current_user.ngroups = vuser->n_groups; + current_user.groups = vuser->groups; + token = vuser->nt_user_token; + } else { +- DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid)); ++ DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share %s.\n",vuid, lp_servicename(snum) )); + return False; + } + +Index: source/rpc_server/srv_pipe.c +=================================================================== +--- source/rpc_server/srv_pipe.c (revision 842) ++++ source/rpc_server/srv_pipe.c (working copy) +@@ -124,7 +124,7 @@ + if(p->ntlmssp_auth_validated) { + data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN); + } else if(p->netsec_auth_validated) { +- data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN); ++ data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN); + } + + /* +@@ -177,8 +177,8 @@ + } else if (p->netsec_auth_validated) { + p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + + data_len + ss_padding_len + +- RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN; +- p->hdr.auth_len = RPC_AUTH_NETSEC_CHK_LEN; ++ RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; ++ p->hdr.auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; + } else { + p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len; + p->hdr.auth_len = 0; +@@ -309,7 +309,8 @@ + SENDER_IS_ACCEPTOR, + &verf, data, data_len + ss_padding_len); + +- smb_io_rpc_auth_netsec_chk("", &verf, &outgoing_pdu, 0); ++ smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, ++ &verf, &outgoing_pdu, 0); + + p->netsec_auth.seq_num++; + } +@@ -1339,7 +1340,7 @@ + + auth_len = p->hdr.auth_len; + +- if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { ++ if (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) { + DEBUG(0,("Incorrect auth_len %d.\n", auth_len )); + return False; + } +@@ -1384,7 +1385,9 @@ + return False; + } + +- if(!smb_io_rpc_auth_netsec_chk("", &netsec_chk, rpc_in, 0)) { ++ if(!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, ++ &netsec_chk, rpc_in, 0)) ++ { + DEBUG(0,("failed to unmarshal RPC_AUTH_NETSEC_CHK.\n")); + return False; + } +Index: source/rpc_parse/parse_rpc.c +=================================================================== +--- source/rpc_parse/parse_rpc.c (revision 842) ++++ source/rpc_parse/parse_rpc.c (working copy) +@@ -1189,7 +1189,8 @@ + /******************************************************************* + reads or writes an RPC_AUTH_NETSEC_CHK structure. + ********************************************************************/ +-BOOL smb_io_rpc_auth_netsec_chk(const char *desc, RPC_AUTH_NETSEC_CHK * chk, ++BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len, ++ RPC_AUTH_NETSEC_CHK * chk, + prs_struct *ps, int depth) + { + if (chk == NULL) +@@ -1198,10 +1199,19 @@ + prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk"); + depth++; + +- prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)); +- prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)); +- prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)); +- prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)); ++ if ( !prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)) ) ++ return False; ++ ++ if ( !prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)) ) ++ return False; ++ ++ if ( !prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)) ) ++ return False; ++ ++ if ( auth_len == RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN ) { ++ if ( !prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)) ) ++ return False; ++ } + + return True; + } +Index: source/include/rpc_dce.h +=================================================================== +--- source/include/rpc_dce.h (revision 842) ++++ source/include/rpc_dce.h (working copy) +@@ -63,8 +63,10 @@ + #define NETSEC_AUTH_TYPE 0x44 + #define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } + #define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } +-#define RPC_AUTH_NETSEC_CHK_LEN 0x20 + ++#define RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN 0x20 ++#define RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN 0x18 ++ + /* The 7 here seems to be required to get Win2k not to downgrade us + to NT4. Actually, anything other than 1ff would seem to do... */ + #define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff diff --git a/net-fs/samba/files/samba-conf b/net-fs/samba/files/samba-conf new file mode 100644 index 000000000000..62324db674a4 --- /dev/null +++ b/net-fs/samba/files/samba-conf @@ -0,0 +1,27 @@ +daemon_list="smbd nmbd winbind" + +#---------------------------------------------------------------------------- +# Daemons calls: <daemon_name>_<command_option> +#---------------------------------------------------------------------------- +my_service_name="samba" +my_service_PRE="unset TMP TMPDIR" +my_service_POST="" + +#---------------------------------------------------------------------------- +# Daemons calls: <daemon_name>_<command_option> +#---------------------------------------------------------------------------- +smbd_start_options="-D" +smbd_start="start-stop-daemon --start --quiet --exec /usr/sbin/smbd -- ${smbd_start_options}" +smbd_stop="start-stop-daemon --stop --quiet --pidfile /var/run/samba/smbd.pid" +smbd_reload="killall -HUP smbd" + +nmbd_start_options="-D" +nmbd_start="start-stop-daemon --start --quiet --exec /usr/sbin/nmbd -- ${nmbd_start_options}" +nmbd_stop="start-stop-daemon --stop --quiet --pidfile /var/run/samba/nmbd.pid" +nmbd_reload="killall -HUP nmbd" + +winbind_start_options="" +winbind_start="start-stop-daemon --start --quiet --exec /usr/sbin/winbindd -- ${winbind_start_options}" +winbind_stop="start-stop-daemon --stop --quiet --oknodo --exec /usr/sbin/winbindd" +winbind_reload="killall -HUP winbindd" + diff --git a/net-fs/samba/files/samba-init b/net-fs/samba/files/samba-init index f8c38384776b..61080d9333fa 100644 --- a/net-fs/samba/files/samba-init +++ b/net-fs/samba/files/samba-init @@ -1,7 +1,7 @@ #!/sbin/runscript -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/samba-init,v 1.4 2004/03/04 19:25:50 vapier Exp $ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/samba-init,v 1.5 2004/06/11 14:30:14 satya Exp $ opts="${opts} reload" @@ -10,29 +10,41 @@ depend() { use cupsd } +function signal_do { + local signal + signal="$1" + if [ -n "${signal}" ]; then + result=0 + last_result=0 + for daemon in ${daemon_list} + do + cmd=${daemon}_${signal} + cmd_exec="${!cmd}" + if [ -n "${cmd_exec}" ]; then + ebegin "${my_service_name} -> ${signal}: ${daemon} " + #echo ${cmd} '->' ${!cmd} + ${cmd_exec} > /dev/null + last_result=$? + eend ${last_result} + fi + result=$(( ${result} + ${last_result} )) + done + fi + return ${result} +} start() { - ebegin "Starting samba" - start-stop-daemon --start --quiet --exec /usr/sbin/smbd - result=$? - start-stop-daemon --start --quiet --exec /usr/sbin/nmbd - result=$(( $result + $? )) - eend $result + ${my_service_PRE} + signal_do start + eend $? } - stop() { - ebegin "Stopping samba" - start-stop-daemon --stop --quiet --pidfile /var/run/samba/smbd.pid - result=$? - start-stop-daemon --stop --quiet --pidfile /var/run/samba/nmbd.pid - result=$(( $result + $? )) - eend $result + ${my_service_PRE} + signal_do stop + ${my_service_POST} + eend $? } - reload() { - ebegin "Reloading samba" - killall -HUP smbd &>/dev/null - result=$? - killall -HUP nmbd &>/dev/null - result=$(( $result + $? )) - eend $result + ${my_service_PRE} + signal_do reload + eend $? } |