[Midnightbsd-cvs] mports: net/samba3: Update to 3.28a + a CVE security patch (as part of
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Fri May 30 12:15:07 EDT 2008
Log Message:
-----------
Update to 3.28a + a CVE security patch (as part of 3.30) This port is still a work in progress, so some of the options may not work yet
Modified Files:
--------------
mports/net/samba3:
Makefile (r1.7 -> r1.8)
distinfo (r1.2 -> r1.3)
pkg-descr (r1.1 -> r1.2)
pkg-plist (r1.3 -> r1.4)
pkg-plist.swat (r1.1 -> r1.2)
mports/net/samba3/files:
patch-Makefile.in (r1.1 -> r1.2)
patch-configure.in (r1.2 -> r1.3)
patch-include_includes.h (r1.1 -> r1.2)
patch-nsswitch_pam_winbind.c (r1.1 -> r1.2)
patch-pam_smbpass_pam_smb_auth.c (r1.1 -> r1.2)
patch-pam_smbpass_pam_smb_passwd.c (r1.1 -> r1.2)
patch-pam_smbpass_support.c (r1.1 -> r1.2)
patch-script_installbin.sh.in (r1.1 -> r1.2)
patch-script_installswat.sh (r1.1 -> r1.2)
patch-smbd_aio.c (r1.1 -> r1.2)
patch-smbd_statvfs.c (r1.1 -> r1.2)
patch-utils_net_time.c (r1.1 -> r1.2)
pkg-message.in (r1.1 -> r1.2)
samba.in (r1.2 -> r1.3)
Added Files:
-----------
mports/net/samba3/files:
patch-CVE-2008-1105 (r1.1)
patch-aclocal.m4 (r1.1)
patch-client_client.c (r1.1)
patch-lib__replace__repdir_getdirentries.c (r1.1)
patch-lib__system.c (r1.1)
patch-lib__system_smbd.c (r1.1)
patch-lib_iconv.c (r1.1)
patch-lib_replace_libreplace_cc.m4 (r1.1)
patch-libaddns__dnsgss.c (r1.1)
patch-nsswitch__wins_freebsd.c (r1.1)
patch-samba3-undo_the_right_thing2.patch (r1.1)
patch-smbd_sec_ctx.c (r1.1)
patch-utils_ntlm_auth.c (r1.1)
patch-vfs_zfsacl.c (r1.1)
Removed Files:
-------------
mports/net/samba3/files:
patch-zb
-------------- next part --------------
Index: pkg-descr
===================================================================
RCS file: /home/cvs/mports/net/samba3/pkg-descr,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/pkg-descr -L net/samba3/pkg-descr -u -r1.1 -r1.2
--- net/samba3/pkg-descr
+++ net/samba3/pkg-descr
@@ -1,4 +1,4 @@
-The Samba suite is a set of programs which run under the FreeBSD
+The Samba suite is a set of programs which run under the MidnightBSD
operating system. These programs deliver most of the important
functionality of a Microsoft Lan Manager server. That is, they support
remote access to MidnightBSD filespace and MidnightBSD printers from Lan Manager
Index: pkg-plist.swat
===================================================================
RCS file: /home/cvs/mports/net/samba3/pkg-plist.swat,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/pkg-plist.swat -L net/samba3/pkg-plist.swat -u -r1.1 -r1.2
--- net/samba3/pkg-plist.swat
+++ net/samba3/pkg-plist.swat
@@ -75,6 +75,7 @@
share/swat/help/Samba3-Developers-Guide/modules.html
share/swat/help/Samba3-Developers-Guide/ntdomain.html
share/swat/help/Samba3-Developers-Guide/parsing.html
+share/swat/help/Samba3-Developers-Guide/pr01.html
share/swat/help/Samba3-Developers-Guide/pt01.html
share/swat/help/Samba3-Developers-Guide/pt02.html
share/swat/help/Samba3-Developers-Guide/pt03.html
@@ -202,7 +203,13 @@
share/swat/help/Samba3-HOWTO/unicode.html
share/swat/help/Samba3-HOWTO/upgrading-to-3.0.html
share/swat/help/Samba3-HOWTO/winbind.html
+share/swat/help/manpages/eventlogadm.8.html
share/swat/help/manpages/findsmb.1.html
+share/swat/help/manpages/idmap_ad.8.html
+share/swat/help/manpages/idmap_ldap.8.html
+share/swat/help/manpages/idmap_nss.8.html
+share/swat/help/manpages/idmap_rid.8.html
+share/swat/help/manpages/idmap_tdb.8.html
share/swat/help/manpages/index.html
share/swat/help/manpages/lmhosts.5.html
share/swat/help/manpages/log2pcap.1.html
@@ -237,8 +244,26 @@
share/swat/help/manpages/swat.8.html
share/swat/help/manpages/tdbbackup.8.html
share/swat/help/manpages/tdbdump.8.html
+share/swat/help/manpages/tdbtool.8.html
share/swat/help/manpages/testparm.1.html
share/swat/help/manpages/umount.cifs.8.html
+share/swat/help/manpages/vfs_audit.8.html
+share/swat/help/manpages/vfs_cacheprime.8.html
+share/swat/help/manpages/vfs_cap.8.html
+share/swat/help/manpages/vfs_catia.8.html
+share/swat/help/manpages/vfs_commit.8.html
+share/swat/help/manpages/vfs_default_quota.8.html
+share/swat/help/manpages/vfs_extd_audit.8.html
+share/swat/help/manpages/vfs_fake_perms.8.html
+share/swat/help/manpages/vfs_full_audit.8.html
+share/swat/help/manpages/vfs_gpfs.8.html
+share/swat/help/manpages/vfs_netatalk.8.html
+share/swat/help/manpages/vfs_notify_fam.8.html
+share/swat/help/manpages/vfs_prealloc.8.html
+share/swat/help/manpages/vfs_readahead.8.html
+share/swat/help/manpages/vfs_readonly.8.html
+share/swat/help/manpages/vfs_recycle.8.html
+share/swat/help/manpages/vfs_shadow_copy.8.html
share/swat/help/manpages/vfstest.1.html
share/swat/help/manpages/wbinfo.1.html
share/swat/help/manpages/winbindd.8.html
Index: pkg-plist
===================================================================
RCS file: /home/cvs/mports/net/samba3/pkg-plist,v
retrieving revision 1.3
retrieving revision 1.4
diff -L net/samba3/pkg-plist -L net/samba3/pkg-plist -u -r1.3 -r1.4
--- net/samba3/pkg-plist
+++ net/samba3/pkg-plist
@@ -22,6 +22,7 @@
bin/tdbtool
bin/testparm
%%SMBSH%%bin/smbsh
+%%SMBTORTURE%%bin/smbtorture
%%WINBIND%%bin/wbinfo
sbin/smbd
sbin/nmbd
@@ -32,6 +33,7 @@
%%SMBPASS%%%%EXAMPLESDIR%%/pam_smbpass/password-mature
%%SMBPASS%%%%EXAMPLESDIR%%/pam_smbpass/password-migration
%%SMBPASS%%%%EXAMPLESDIR%%/pam_smbpass/password-sync
+%%EXAMPLESDIR%%/%%SAMBA_CONFIG%%.sample
%%EXAMPLESDIR%%/LDAP/README
%%EXAMPLESDIR%%/LDAP/convertSambaAccount
%%EXAMPLESDIR%%/LDAP/get_next_oid
@@ -46,6 +48,8 @@
%%EXAMPLESDIR%%/VFS/Makefile.in
%%EXAMPLESDIR%%/VFS/README
%%EXAMPLESDIR%%/VFS/autogen.sh
+%%EXAMPLESDIR%%/VFS/config.guess
+%%EXAMPLESDIR%%/VFS/config.sub
%%EXAMPLESDIR%%/VFS/configure.in
%%EXAMPLESDIR%%/VFS/install-sh
%%EXAMPLESDIR%%/VFS/shadow_copy_test.c
@@ -66,6 +70,7 @@
%%EXAMPLESDIR%%/logon/ntlogon/ntlogon.py
%%EXAMPLESDIR%%/misc/adssearch.pl
%%EXAMPLESDIR%%/misc/check_multiple_LDAP_entries.pl
+%%EXAMPLESDIR%%/misc/cldap.pl
%%EXAMPLESDIR%%/misc/extra_smbstatus
%%EXAMPLESDIR%%/misc/swat.pl
%%EXAMPLESDIR%%/misc/wall.perl
@@ -73,6 +78,29 @@
%%EXAMPLESDIR%%/nss/nss_winbind.h
%%EXAMPLESDIR%%/nss/wbtest.c
%%EXAMPLESDIR%%/pam_winbind/pam_winbind.conf
+%%EXAMPLESDIR%%/pcap2nbench/COPYING
+%%EXAMPLESDIR%%/pcap2nbench/Makefile
+%%EXAMPLESDIR%%/pcap2nbench/README
+%%EXAMPLESDIR%%/pcap2nbench/closerequest.cpp
+%%EXAMPLESDIR%%/pcap2nbench/closerequest.hpp
+%%EXAMPLESDIR%%/pcap2nbench/ethernet.cpp
+%%EXAMPLESDIR%%/pcap2nbench/ethernet.hpp
+%%EXAMPLESDIR%%/pcap2nbench/ip.cpp
+%%EXAMPLESDIR%%/pcap2nbench/ip.hpp
+%%EXAMPLESDIR%%/pcap2nbench/main.cpp
+%%EXAMPLESDIR%%/pcap2nbench/ntcreateandxrequest.cpp
+%%EXAMPLESDIR%%/pcap2nbench/ntcreateandxrequest.hpp
+%%EXAMPLESDIR%%/pcap2nbench/ntcreateandxresponse.cpp
+%%EXAMPLESDIR%%/pcap2nbench/ntcreateandxresponse.hpp
+%%EXAMPLESDIR%%/pcap2nbench/readandxrequest.cpp
+%%EXAMPLESDIR%%/pcap2nbench/readandxrequest.hpp
+%%EXAMPLESDIR%%/pcap2nbench/readandxresponse.hpp
+%%EXAMPLESDIR%%/pcap2nbench/smb.cpp
+%%EXAMPLESDIR%%/pcap2nbench/smb.hpp
+%%EXAMPLESDIR%%/pcap2nbench/tcp.cpp
+%%EXAMPLESDIR%%/pcap2nbench/tcp.hpp
+%%EXAMPLESDIR%%/pcap2nbench/writeandxrequest.cpp
+%%EXAMPLESDIR%%/pcap2nbench/writeandxrequest.hpp
%%EXAMPLESDIR%%/pdb/Makefile
%%EXAMPLESDIR%%/pdb/README
%%EXAMPLESDIR%%/pdb/test.c
@@ -110,7 +138,6 @@
%%EXAMPLESDIR%%/scripts/shares/python/smbparm.py
%%EXAMPLESDIR%%/scripts/wins_hook/README
%%EXAMPLESDIR%%/scripts/wins_hook/dns_update
-%%EXAMPLESDIR%%/%%SAMBA_CONFIG%%.sample
%%EXAMPLESDIR%%/smb.conf.default
%%EXAMPLESDIR%%/tridge/README
%%EXAMPLESDIR%%/tridge/smb.conf
@@ -141,6 +168,7 @@
@dirrm %%EXAMPLESDIR%%/printer-accounting
@dirrm %%EXAMPLESDIR%%/perfcounter
@dirrm %%EXAMPLESDIR%%/pdb
+ at dirrm %%EXAMPLESDIR%%/pcap2nbench
@dirrm %%EXAMPLESDIR%%/pam_winbind
@dirrm %%EXAMPLESDIR%%/nss
@dirrm %%EXAMPLESDIR%%/misc
Index: Makefile
===================================================================
RCS file: /home/cvs/mports/net/samba3/Makefile,v
retrieving revision 1.7
retrieving revision 1.8
diff -L net/samba3/Makefile -L net/samba3/Makefile -u -r1.7 -r1.8
--- net/samba3/Makefile
+++ net/samba3/Makefile
@@ -7,8 +7,8 @@
#
PORTNAME= samba
-PORTVERSION?= 3.0.24
-PORTREVISION?= 1
+PORTVERSION?= 3.0.28a
+PORTREVISION?= 0
PORTEPOCH?= 1
CATEGORIES?= net
MASTER_SITES= ${MASTER_SITE_SAMBA}
@@ -18,11 +18,13 @@
MAINTAINER?= ports at MidnightBSD.org
COMMENT?= A free SMB and CIFS client and server for UNIX
-CONFLICTS?= ja-samba-2.* ja-samba-3.* samba-2.* sharity-light-1.*
+CONFLICTS?= sharity-light-1.* tdb-1.*
USE_ICONV= yes
GNU_CONFIGURE= yes
USE_AUTOTOOLS= autoconf:261 autoheader:261
+AUTOHEADER_ARGS= -I${WRKSRC} -I${WRKSRC}/lib/replace
+AUTOCONF_ARGS= -I${WRKSRC} -I${WRKSRC}/lib/replace
LATEST_LINK?= ${PKGNAMEPREFIX}${PORTNAME}3${PKGNAMESUFFIX}
EXAMPLESDIR= ${PREFIX}/share/examples/${PKGNAMEPREFIX}${PORTNAME}${PKGNAMESUFFIX}
@@ -69,12 +71,14 @@
SYSLOG "With Syslog support" off \
QUOTAS "With Disk quota support" off \
UTMP "With UTMP accounting support" on \
- MSDFS "With MSDFS support" off \
+ MSDFS "With MSDFS support" on \
PAM_SMBPASS "With PAM authentication vs passdb backends" off \
CLUSTER "With experimental cluster support" off \
+ DNSUPDATE "With dynamic DNS update" off \
EXP_MODULES "With experimental modules" off \
POPT "With system-wide POPT library" on \
- MAX_DEBUG "With maximum debuging" off
+ MAX_DEBUG "With maximum debuging" off \
+ SMBTORTURE "With smbtorture" off
.endif
.include <bsd.port.pre.mk>
@@ -99,7 +103,16 @@
CONFIGURE_ARGS+= --with-pam --with-readline --with-sendfile-support \
--without-libsmbclient --without-libmsrpc \
--without-libsmbsharemodes --without-python \
- --with-included-iniparser
+ --without-libaddns --with-included-iniparser \
+ --enable-largefile
+
+# Sanity checks
+.if exists(${LOCALBASE}/include/tdb.h)
+IGNORE= doesn't compile when tdb is installed. Uninstall databases/tdb port
+.endif
+
+# Let process generate meaningful backtrace on core dump
+LIB_DEPENDS+= execinfo.1:${PORTSDIR}/devel/libexecinfo
.if !defined(WITHOUT_LDAP)
SAMBA_WANT_LDAP= yes
@@ -116,12 +129,16 @@
.if defined(WITH_MAX_DEBUG)
LIB_DEPENDS+= dmalloc.1:${PORTSDIR}/devel/dmalloc
-CPPFLAGS+= "-I${LOCALBASE}/include"
-LDFLAGS+= "-L${LOCALBASE}/lib"
+CPPFLAGS+= -g -I${LOCALBASE}/include
+LDFLAGS+= -g -L${LOCALBASE}/lib
CONFIGURE_ENV+= CPPFLAGS="${CPPFLAGS}" LDFLAGS="${LDFLAGS}"
-CONFIGURE_ARGS+= --enable-debug --enable-developer --enable-krb5developer --enable-dmalloc --with-profiling-data
-.else
-CONFIGURE_ARGS+= --disable-debug --disable-developer --disable-krb5developer --disable-dmalloc --without-profiling-data
+CONFIGURE_ARGS+= --enable-debug --enable-socket-wrapper \
+ --enable-developer --enable-krb5developer \
+ --enable-dmalloc --with-profiling-data
+.else
+CONFIGURE_ARGS+= --disable-debug --disable-socket-wrapper \
+ --disable-developer --disable-krb5developer \
+ --disable-dmalloc --without-profiling-data
.endif
.if defined(WITH_SYSLOG)
@@ -160,13 +177,6 @@
SUB_LIST+= WINBIND="@comment "
.endif
-.if defined(WITH_FAM_SUPPORT)
-USE_FAM= yes
-CONFIGURE_ARGS+= --enable-fam
-.else
-CONFIGURE_ARGS+= --disable-fam
-.endif
-
.if defined(WITH_EXP_MODULES)
. if !defined(WANT_EXP_MODULES) || empty(WANT_EXP_MODULES)
WANT_EXP_MODULES= idmap_ad idmap_rid charset_weird
@@ -174,8 +184,20 @@
WANT_EXP_MODULES+= rpc_echo
. endif
. endif
-WANT_EXP_MODULES!= ${ECHO_CMD} ${WANT_EXP_MODULES} | ${SED} -E 's/ +/,/g'
-CONFIGURE_ARGS+= --with-shared-modules="${WANT_EXP_MODULES}"
+WANT_EXP_MODULES+= vfs_catia vfs_cacheprime vfs_commit
+.endif
+
+.if defined(WITH_FAM_SUPPORT)
+USE_FAM= yes
+CONFIGURE_ARGS+= --enable-fam
+WANT_EXP_MODULES+= vfs_notify_fam
+.else
+CONFIGURE_ARGS+= --disable-fam
+.endif
+
+.if defined(WANT_EXP_MODULES) && !empty(WANT_EXP_MODULES)
+USE_EXP_MODULES!= ${ECHO_CMD} ${WANT_EXP_MODULES} | ${SED} -E 's/ +/,/g'
+CONFIGURE_ARGS+= --with-shared-modules="${USE_EXP_MODULES}"
.endif
.if defined(WITH_PAM_SMBPASS)
@@ -207,6 +229,16 @@
CONFIGURE_ARGS+= --without-cluster-support
.endif
+.if defined(WITH_DNSUPDATE)
+. if !defined(WITH_ADS)
+IGNORE= dynamic DNS updates require ADS support. Disable DNSUPDATE support
+. endif
+LIB_DEPENDS+= uuid.1:${PORTSDIR}/misc/e2fsprogs-libuuid
+CONFIGURE_ARGS+= --with-dnsupdate
+.else
+CONFIGURE_ARGS+= --without-dnsupdate
+.endif
+
.if defined(WITH_AIO_SUPPORT)
IGNORE= broken kernel API until now (7-CURRENT). Disable AIO support
CONFIGURE_ARGS+= --with-aio-support
@@ -249,6 +281,16 @@
CONFIGURE_ARGS+= --without-krb5
.endif
+.if defined(WITH_SMBTORTURE)
+PLIST_SUB+= SMBTORTURE=""
+.else
+PLIST_SUB+= SMBTORTURE="@comment "
+.endif
+
+.if defined(WITH_SMBTORTURE4_PATH) && exists(${WITH_SMBTORTURE4_PATH})
+CONFIGURE_ARGS+= --with-smbtorture4-path=${WITH_SMBTORTURE4_PATH}
+.endif
+
.if defined(SAMBA_WANT_LDAP)
USE_OPENLDAP= yes
CONFIGURE_ARGS+= --with-ldap
@@ -263,17 +305,52 @@
smbget.1 smbstatus.1 smbtar.1 smbtree.1 testparm.1 vfstest.1
MAN5= lmhosts.5 smb.conf.5 smbgetrc.5 smbpasswd.5
MAN7= samba.7
-MAN8= net.8 nmbd.8 pdbedit.8 smbd.8 smbpasswd.8 smbspool.8 \
- swat.8 tdbbackup.8 tdbdump.8
+MAN8= eventlogadm.8 net.8 nmbd.8 pdbedit.8 smbd.8 smbpasswd.8 \
+ smbspool.8 swat.8 tdbbackup.8 tdbdump.8 tdbtool.8 \
+ idmap_nss.8 idmap_tdb.8 \
+ vfs_audit.8 vfs_cap.8 vfs_default_quota.8 vfs_extd_audit.8 \
+ vfs_fake_perms.8 vfs_full_audit.8 vfs_netatalk.8 \
+ vfs_readahead.8 vfs_readonly.8 vfs_recycle.8 \
+ vfs_shadow_copy.8
+
.if defined(WITH_SMBSH)
MAN1+= smbsh.1
.endif
+
.if !defined(WITHOUT_WINBIND)
MAN1+= wbinfo.1
MAN7+= pam_winbind.7
MAN8+= winbindd.8
.endif
+.if defined(WITH_FAM_SUPPORT)
+MAN8+= vfs_notify_fam.8
+.endif
+
+.if defined(SAMBA_WANT_LDAP)
+MAN8+= idmap_ldap.8
+.endif
+
+.if !empty(WANT_EXP_MODULES:Midmap_ad)
+MAN8+= idmap_ad.8
+.endif
+
+.if !empty(WANT_EXP_MODULES:Midmap_rid)
+MAN8+= idmap_rid.8
+.endif
+
+.if !empty(WANT_EXP_MODULES:Mvfs_cacheprime)
+MAN8+= vfs_cacheprime.8
+.endif
+
+.if !empty(WANT_EXP_MODULES:Mvfs_catia)
+MAN8+= vfs_catia.8
+.endif
+
+.if !empty(WANT_EXP_MODULES:Mvfs_commit)
+MAN8+= vfs_commit.8
+.endif
+
PLIST_SUB+= SAMBA_LOGDIR="${SAMBA_LOGDIR}" \
SAMBA_LOCKDIR="${SAMBA_LOCKDIR}" \
SAMBA_CONFDIR="${SAMBA_CONFDIR}" \
@@ -322,6 +399,14 @@
@${FIND} ${WRKDIR}/${DISTNAME} -type d | ${XARGS} ${CHMOD} u+w,a+rx
@${FIND} ${WRKDIR}/${DISTNAME} -type f | ${XARGS} ${CHMOD} u+w,a+r
+pre-build:
+ cd ${WRKSRC} && ${MAKE} pch
+
+.if defined(WITH_SMBTORTURE)
+post-build:
+ cd ${WRKSRC} && ${MAKE} smbtorture
+.endif
+
pre-install:
-@${FIND} "${SAMBA_MODULEDIR}" -type f 2>/dev/null | ${SORT} | ${SED} -E 's|^${PREFIX}/?||;' >> ${WRKDIR}/.PLIST.exclude
@${CAT} ${PKGDIR}/pkg-plist > ${PLIST}
@@ -358,13 +443,17 @@
${INSTALL_PROGRAM} "${WRKSRC}/bin/pam_smbpass.so" "${SAMBA_LIBDIR}"
@${ECHO_CMD} "${SAMBA_LIB}/pam_smbpass.so" >> ${TMPPLIST};
.endif
+# smbtorture
+.if defined(WITH_SMBTORTURE)
+ ${INSTALL_PROGRAM} "${WRKSRC}/bin/smbtorture" "${PREFIX}/bin"
+.endif
# smbwrapper.so
.if defined(WITH_SMBSH)
${INSTALL_PROGRAM} "${WRKSRC}/bin/smbsh" "${PREFIX}/bin"
${INSTALL_PROGRAM} "${WRKSRC}/bin/smbwrapper.so" "${SAMBA_MODULEDIR}"
.endif
# Lib
- @${FIND} "${SAMBA_MODULEDIR}" -type f | ${SED} -E 's|^${PREFIX}/?||;' | ${EGREP} -F -v -f ${WRKDIR}/.PLIST.exclude | ${SORT} >> ${TMPPLIST}
+ @${FIND} "${SAMBA_MODULEDIR}" -type f -o -type l | ${SED} -E 's|^${PREFIX}/?||;' | ${EGREP} -F -v -f ${WRKDIR}/.PLIST.exclude | ${SORT} >> ${TMPPLIST}
@for d in `${FIND} "${SAMBA_MODULEDIR}" -type d | ${SORT} -r`; do \
${ECHO_CMD} "@unexec ${RMDIR} \"$$d\" 2>/dev/null || true" >> ${TMPPLIST}; \
done
Index: distinfo
===================================================================
RCS file: /home/cvs/mports/net/samba3/distinfo,v
retrieving revision 1.2
retrieving revision 1.3
diff -L net/samba3/distinfo -L net/samba3/distinfo -u -r1.2 -r1.3
--- net/samba3/distinfo
+++ net/samba3/distinfo
@@ -1,3 +1,3 @@
-MD5 (samba-3.0.24.tar.gz) = 89273f67a6d8067cbbecefaa13747153
-SHA256 (samba-3.0.24.tar.gz) = c4e8de3426fbbcee7f338f5cf09052cbdf9a36ae638aeeeca10498ef8d5343e2
-SIZE (samba-3.0.24.tar.gz) = 17708128
+MD5 (samba-3.0.28a.tar.gz) = 59754cb0c19da6e65c42d0a163c5885a
+SHA256 (samba-3.0.28a.tar.gz) = 9dc9ecb26017b1831cb1e0b212e1eb8c0b6176df6513fc737b585f453181d9de
+SIZE (samba-3.0.28a.tar.gz) = 18172643
Index: patch-utils_net_time.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-utils_net_time.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-utils_net_time.c -L net/samba3/files/patch-utils_net_time.c -u -r1.1 -r1.2
--- net/samba3/files/patch-utils_net_time.c
+++ net/samba3/files/patch-utils_net_time.c
@@ -1,6 +1,6 @@
---- utils/net_time.c.orig Fri Jun 23 15:16:53 2006
-+++ utils/net_time.c Thu Aug 24 01:30:57 2006
-@@ -79,9 +79,16 @@
+--- ./utils/net_time.c.orig Thu Mar 1 05:54:59 2007
++++ ./utils/net_time.c Tue Apr 17 02:06:59 2007
+@@ -83,9 +83,16 @@
return "unknown";
}
--- /dev/null
+++ net/samba3/files/patch-lib_replace_libreplace_cc.m4
@@ -0,0 +1,13 @@
+--- lib/replace/libreplace_cc.m4.orig Thu Mar 1 05:54:23 2007
++++ lib/replace/libreplace_cc.m4 Mon Jun 4 21:20:13 2007
+@@ -131,6 +131,10 @@
+ AC_CHECK_TYPE(intptr_t, unsigned long long)
+ AC_CHECK_TYPE(ptrdiff_t, unsigned long long)
+
++if test x"$ac_cv_type_intptr_t" = x"yes"; then
++ AC_DEFINE(HAVE_INTPTR_T,1,[Whether the host has intptr_t])
++fi
++
+ if test x"$ac_cv_type_long_long" != x"yes";then
+ AC_MSG_ERROR([LIBREPLACE needs type 'long long'])
+ fi
--- /dev/null
+++ net/samba3/files/patch-lib__replace__repdir_getdirentries.c
@@ -0,0 +1,15 @@
+--- lib/replace/repdir_getdirentries.c.orig Fri Sep 14 05:21:51 2007
++++ lib/replace/repdir_getdirentries.c Fri Sep 14 05:22:13 2007
+@@ -129,11 +129,7 @@
+ d->ofs = 0;
+ d->nbytes = 0;
+ }
+- /* this relies on seekpos always being a multiple of
+- DIR_BUF_SIZE. Is that always true on BSD systems? */
+- if (d->seekpos & (DIR_BUF_SIZE-1)) {
+- abort();
+- }
++ /* abort() */
+ return d->seekpos + d->ofs;
+ }
+
--- /dev/null
+++ net/samba3/files/patch-samba3-undo_the_right_thing2.patch
@@ -0,0 +1,14 @@
+Index: nsswitch/winbindd_cache.c
+===================================================================
+--- nsswitch/winbindd_cache.c (Revision 15137)
++++ nsswitch/winbindd_cache.c (Arbeitskopie)
+@@ -121,7 +121,8 @@
+ if ( !domain->primary )
+ our_domain = find_our_domain();
+
+- if ( (our_domain->active_directory || IS_DC) && domain->active_directory ) {
++ if ( (our_domain->active_directory || IS_DC) && domain->active_directory &&
++ (lp_security()==SEC_ADS)) {
+ DEBUG(5,("get_cache: Setting ADS methods for domain %s\n", domain->name));
+ domain->backend = &ads_methods;
+ } else {
Index: patch-Makefile.in
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-Makefile.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-Makefile.in -L net/samba3/files/patch-Makefile.in -u -r1.1 -r1.2
--- net/samba3/files/patch-Makefile.in
+++ net/samba3/files/patch-Makefile.in
@@ -1,10 +1,42 @@
---- Makefile.in.orig Thu Apr 20 04:29:46 2006
-+++ Makefile.in Tue Apr 25 01:05:05 2006
-@@ -1410,7 +1410,7 @@
+--- Makefile.in.orig Tue Jun 19 19:11:39 2007
++++ Makefile.in Mon Oct 15 03:26:15 2007
+@@ -424,6 +424,7 @@
+ VFS_HPUXACL_OBJ = modules/vfs_hpuxacl.o
+ VFS_IRIXACL_OBJ = modules/vfs_irixacl.o
+ VFS_TRU64ACL_OBJ = modules/vfs_tru64acl.o
++VFS_ZFSACL_OBJ = modules/vfs_zfsacl.o
+ VFS_CATIA_OBJ = modules/vfs_catia.o
+ VFS_CACHEPRIME_OBJ = modules/vfs_cacheprime.o
+ VFS_PREALLOC_OBJ = modules/vfs_prealloc.o
+@@ -746,8 +747,8 @@
+ $(RPC_NTSVCS_OBJ) $(RPC_INITSHUTDOWN_OBJ) utils/passwd_util.o \
+ $(LIBGPO_OBJ) $(NSS_INFO_OBJ)
+
+-WINBIND_WINS_NSS_OBJ = nsswitch/wins.o $(PARAM_OBJ) \
+- $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) $(NSSWINS_OBJ) $(KRBCLIENT_OBJ) $(SECRETS_OBJ)
++WINBIND_WINS_NSS_OBJ = $(PARAM_OBJ) $(LIBSMB_OBJ) $(LIB_NONSMBD_OBJ) \
++ $(NSSWINS_OBJ) $(KRBCLIENT_OBJ) $(SECRETS_OBJ) @WINBIND_WINS_NSS_EXTRA_OBJS@
+
+ PAM_SMBPASS_OBJ_0 = pam_smbpass/pam_smb_auth.o pam_smbpass/pam_smb_passwd.o \
+ pam_smbpass/pam_smb_acct.o pam_smbpass/support.o
+@@ -1477,6 +1478,11 @@
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_TRU64ACL_OBJ) \
+ @SONAMEFLAG@`basename $@`
+
++bin/zfsacl. at SHLIBEXT@: $(VFS_ZFSACL_OBJ)
++ @echo "Building plugin $@"
++ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_ZFSACL_OBJ) \
++ @SONAMEFLAG@`basename $@`
++
+ bin/catia. at SHLIBEXT@: proto_exists $(VFS_CATIA_OBJ)
+ @echo "Building plugin $@"
+ @$(SHLD) $(LDSHFLAGS) -o $@ $(VFS_CATIA_OBJ) \
+@@ -1566,8 +1572,7 @@
@echo Linking $@
- @$(CC) $(FLAGS) @PIE_LDFLAGS@ -o $@ $(DYNEXP) script/tests/timelimit.o
+ @$(CC) $(FLAGS) -o $@ $(DYNEXP) script/tests/timelimit.o
--install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installswat installmodules @INSTALL_LIBSMBCLIENT@ @INSTALL_LIBMSRPC@ @INSTALL_PAM_MODULES@
+-install: installservers installbin @INSTALL_CIFSMOUNT@ installman installscripts installdat installswat installmodules @INSTALL_LIBSMBCLIENT@ @INSTALL_LIBMSRPC@ @INSTALL_PAM_MODULES@ @INSTALL_LIBSMBSHAREMODES@
+-
+install: installservers installbin installscripts installdat installswat installmodules
install-everything: install installmodules
Index: patch-pam_smbpass_support.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-pam_smbpass_support.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-pam_smbpass_support.c -L net/samba3/files/patch-pam_smbpass_support.c -u -r1.1 -r1.2
--- net/samba3/files/patch-pam_smbpass_support.c
+++ net/samba3/files/patch-pam_smbpass_support.c
@@ -1,5 +1,5 @@
---- pam_smbpass/support.c.orig Tue May 23 20:54:32 2006
-+++ pam_smbpass/support.c Thu Aug 24 01:30:57 2006
+--- ./pam_smbpass/support.c.orig Tue May 23 20:54:32 2006
++++ ./pam_smbpass/support.c Tue Apr 17 02:06:59 2007
@@ -384,7 +384,7 @@
if (newauth != NULL) {
Index: patch-nsswitch_pam_winbind.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-nsswitch_pam_winbind.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-nsswitch_pam_winbind.c -L net/samba3/files/patch-nsswitch_pam_winbind.c -u -r1.1 -r1.2
--- net/samba3/files/patch-nsswitch_pam_winbind.c
+++ net/samba3/files/patch-nsswitch_pam_winbind.c
@@ -1,20 +1,156 @@
---- nsswitch/pam_winbind.c.orig Mon Aug 7 18:46:33 2006
-+++ nsswitch/pam_winbind.c Thu Aug 24 01:30:57 2006
-@@ -1016,7 +1016,7 @@
+--- nsswitch/pam_winbind.c.orig Sat Apr 21 03:48:07 2007
++++ nsswitch/pam_winbind.c Mon Jun 4 02:56:34 2007
+@@ -14,13 +14,13 @@
+
+ #define _PAM_LOG_FUNCTION_ENTER(function, pamh, ctrl, flags) \
+ do { \
+- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%08x] ENTER: " function " (flags: 0x%04x)", (uint32) pamh, flags); \
++ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%p] ENTER: " function " (flags: 0x%04x)", pamh, flags); \
+ _pam_log_state(pamh, ctrl); \
+ } while (0)
+
+ #define _PAM_LOG_FUNCTION_LEAVE(function, pamh, ctrl, retval) \
+ do { \
+- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%08x] LEAVE: " function " returning %d", (uint32) pamh, retval); \
++ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%p] LEAVE: " function " returning %d", pamh, retval); \
+ _pam_log_state(pamh, ctrl); \
+ } while (0)
+
+@@ -32,16 +32,16 @@
+ * Work around the pam API that has functions with void ** as parameters.
+ * These lead to strict aliasing warnings with gcc.
+ */
+-static int _pam_get_item(const pam_handle_t *pamh, int item_type,
++static int _pam_get_item(pam_handle_t *pamh, int item_type,
+ const void *_item)
+ {
+ const void **item = (const void **)_item;
+ return pam_get_item(pamh, item_type, item);
+ }
+-static int _pam_get_data(const pam_handle_t *pamh,
+- const char *module_data_name, const void *_data)
++static int _pam_get_data(pam_handle_t *pamh,
++ const char *module_data_name, void *_data)
+ {
+- const void **data = (const void **)_data;
++ void **data = (void **)_data;
+ return pam_get_data(pamh, module_data_name, data);
+ }
+
+@@ -53,7 +53,7 @@
+ pam_vsyslog(pamh, err, format, args);
+ }
+ #else
+-static void _pam_log_int(const pam_handle_t *pamh, int err, const char *format, va_list args)
++static void _pam_log_int(pam_handle_t *pamh, int err, const char *format, va_list args)
+ {
+ char *format2 = NULL;
+ const char *service;
+@@ -78,8 +78,8 @@
+ return on(ctrl, WINBIND_SILENT);
+ }
+
+-static void _pam_log(const pam_handle_t *pamh, int ctrl, int err, const char *format, ...) PRINTF_ATTRIBUTE(4,5);
+-static void _pam_log(const pam_handle_t *pamh, int ctrl, int err, const char *format, ...)
++static void _pam_log(pam_handle_t *pamh, int ctrl, int err, const char *format, ...) PRINTF_ATTRIBUTE(4,5);
++static void _pam_log(pam_handle_t *pamh, int ctrl, int err, const char *format, ...)
+ {
+ va_list args;
+
+@@ -118,8 +118,8 @@
+ return _pam_log_is_debug_enabled(ctrl);
+ }
+
+-static void _pam_log_debug(const pam_handle_t *pamh, int ctrl, int err, const char *format, ...) PRINTF_ATTRIBUTE(4,5);
+-static void _pam_log_debug(const pam_handle_t *pamh, int ctrl, int err, const char *format, ...)
++static void _pam_log_debug(pam_handle_t *pamh, int ctrl, int err, const char *format, ...) PRINTF_ATTRIBUTE(4,5);
++static void _pam_log_debug(pam_handle_t *pamh, int ctrl, int err, const char *format, ...)
+ {
+ va_list args;
+
+@@ -132,20 +132,20 @@
+ va_end(args);
+ }
+
+-static void _pam_log_state_datum(const pam_handle_t *pamh, int ctrl, int item_type, const char *key, int is_string)
++static void _pam_log_state_datum(pam_handle_t *pamh, int ctrl, int item_type, const char *key, int is_string)
+ {
+- const void *data = NULL;
++ void *data = NULL;
+ if (item_type != 0) {
+- pam_get_item(pamh, item_type, &data);
++ _pam_get_item(pamh, item_type, &data);
+ } else {
+ pam_get_data(pamh, key, &data);
+ }
+ if (data != NULL) {
+ const char *type = (item_type != 0) ? "ITEM" : "DATA";
+ if (is_string != 0) {
+- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%08x] STATE: %s(%s) = \"%s\" (0x%08x)", (uint32) pamh, type, key, (const char *) data, (uint32) data);
++ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%p] STATE: %s(%s) = \"%s\" (0x%p)", pamh, type, key, (const char *) data, data);
+ } else {
+- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%08x] STATE: %s(%s) = 0x%08x", (uint32) pamh, type, key, (uint32) data);
++ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%p] STATE: %s(%s) = 0x%p", pamh, type, key, data);
}
- return PAM_USER_UNKNOWN;
+ }
+ }
+@@ -171,7 +171,7 @@
+ #define _PAM_LOG_STATE_ITEM_PASSWORD(pamh, ctrl, item_type) \
+ _pam_log_state_datum(pamh, ctrl, item_type, #item_type, _LOG_PASSWORD_AS_STRING)
+
+-static void _pam_log_state(const pam_handle_t *pamh, int ctrl)
++static void _pam_log_state(pam_handle_t *pamh, int ctrl)
+ {
+ if (!_pam_log_is_debug_state_enabled(ctrl)) {
+ return;
+@@ -202,7 +202,7 @@
+ _PAM_LOG_STATE_DATA_POINTER(pamh, ctrl, PAM_WINBIND_PWD_LAST_SET);
+ }
+
+-static int _pam_parse(const pam_handle_t *pamh, int flags, int argc, const char **argv, dictionary **result_d)
++static int _pam_parse(pam_handle_t *pamh, int flags, int argc, const char **argv, dictionary **result_d)
+ {
+ int ctrl = 0;
+ const char *config_file = NULL;
+@@ -313,7 +313,7 @@
+ {
+ int ctrl = _pam_parse(pamh, 0, 0, NULL, NULL);
+ if (_pam_log_is_debug_state_enabled(ctrl)) {
+- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%08x] CLEAN: cleaning up PAM data 0x%08x (error_status = %d)", (uint32) pamh, (uint32) data, error_status);
++ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "[pamh: 0x%p] CLEAN: cleaning up PAM data 0x%p (error_status = %d)", pamh, data, error_status);
+ }
+ SAFE_FREE(data);
+ }
+@@ -1441,7 +1441,7 @@
+ return PAM_SUCCESS;
+ }
+
+-const char *get_conf_item_string(const pam_handle_t *pamh,
++const char *get_conf_item_string(pam_handle_t *pamh,
+ int argc,
+ const char **argv,
+ int ctrl,
+@@ -1490,12 +1490,12 @@
+ return parm_opt;
+ }
+
+-const char *get_krb5_cc_type_from_config(const pam_handle_t *pamh, int argc, const char **argv, int ctrl, dictionary *d)
++const char *get_krb5_cc_type_from_config(pam_handle_t *pamh, int argc, const char **argv, int ctrl, dictionary *d)
+ {
+ return get_conf_item_string(pamh, argc, argv, ctrl, d, "krb5_ccache_type", WINBIND_KRB5_CCACHE_TYPE);
+ }
+
+-const char *get_member_from_config(const pam_handle_t *pamh, int argc, const char **argv, int ctrl, dictionary *d)
++const char *get_member_from_config(pam_handle_t *pamh, int argc, const char **argv, int ctrl, dictionary *d)
+ {
+ const char *ret = NULL;
+ ret = get_conf_item_string(pamh, argc, argv, ctrl, d, "require_membership_of", WINBIND_REQUIRED_MEMBERSHIP);
+@@ -1735,7 +1735,7 @@
+ ret = PAM_USER_UNKNOWN;
+ goto out;
case 0:
- pam_get_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (const void **)&tmp);
+ pam_get_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (void **)&tmp);
if (tmp != NULL) {
- retval = atoi(tmp);
- switch (retval) {
-@@ -1319,7 +1319,7 @@
- * By reaching here we have approved the passwords and must now
- * rebuild the password database file.
- */
-- pam_get_data( pamh, PAM_WINBIND_PWD_LAST_SET, (const void **)&pwdlastset_update);
-+ pam_get_data( pamh, PAM_WINBIND_PWD_LAST_SET, (void **)&pwdlastset_update);
-
- retval = winbind_chauthtok_request(pamh, ctrl, user, pass_old, pass_new, pwdlastset_update);
- if (retval) {
+ ret = atoi((const char *)tmp);
+ switch (ret) {
--- /dev/null
+++ net/samba3/files/patch-lib_iconv.c
@@ -0,0 +1,11 @@
+--- lib/iconv.c.orig Tue Jun 5 01:45:05 2007
++++ lib/iconv.c Tue Jun 5 01:46:09 2007
+@@ -137,7 +137,7 @@
+ char **outbuf, size_t *outbytesleft)
+ {
+ size_t ret = iconv((iconv_t)cd,
+- (char **)inbuf, inbytesleft,
++ inbuf, inbytesleft,
+ outbuf, outbytesleft);
+ if (ret == (size_t)-1) {
+ int saved_errno = errno;
--- /dev/null
+++ net/samba3/files/patch-aclocal.m4
@@ -0,0 +1,138 @@
+--- aclocal.m4.orig Thu Aug 30 21:19:57 2007
++++ aclocal.m4 Thu Aug 30 21:40:52 2007
+@@ -307,84 +307,79 @@
+ dnl those with the standalone portable libiconv installed).
+ AC_MSG_CHECKING(for iconv in $1)
+ jm_cv_func_iconv="no"
++ jm_cv_include=""
+ jm_cv_lib_iconv=""
+- jm_cv_giconv=no
++ jm_cv_giconv="no"
+ jm_save_LIBS="$LIBS"
+
+ dnl Check for include in funny place but no lib needed
+ if test "$jm_cv_func_iconv" != yes; then
+ AC_TRY_LINK([#include <stdlib.h>
+ #include <giconv.h>],
+- [iconv_t cd = iconv_open("","");
+- iconv(cd,NULL,NULL,NULL,NULL);
+- iconv_close(cd);],
+- jm_cv_func_iconv=yes
+- jm_cv_include="giconv.h"
+- jm_cv_giconv="yes"
+- jm_cv_lib_iconv="")
++ [iconv_t cd = iconv_open("","");
++ iconv(cd,NULL,NULL,NULL,NULL);
++ iconv_close(cd);],
++ jm_cv_func_iconv=yes
++ jm_cv_include="giconv.h"
++ jm_cv_lib_iconv=""
++ jm_cv_giconv="yes")
+
+ dnl Standard iconv.h include, lib in glibc or libc ...
+ if test "$jm_cv_func_iconv" != yes; then
+- AC_TRY_LINK([#include <stdlib.h>
++ AC_TRY_LINK([#include <stdlib.h>
+ #include <iconv.h>],
+- [iconv_t cd = iconv_open("","");
++ [iconv_t cd = iconv_open("","");
++ iconv(cd,NULL,NULL,NULL,NULL);
++ iconv_close(cd);],
++ jm_cv_func_iconv=yes
++ jm_cv_include="iconv.h"
++ jm_cv_lib_iconv="")
++
++ if test "$jm_cv_func_iconv" != yes; then
++ jm_save_LIBS="$LIBS"
++ LIBS="$LIBS -lgiconv"
++ AC_TRY_LINK([#include <stdlib.h>
++#include <giconv.h>],
++ [iconv_t cd = iconv_open("","");
+ iconv(cd,NULL,NULL,NULL,NULL);
+ iconv_close(cd);],
+- jm_cv_include="iconv.h"
+- jm_cv_func_iconv=yes
+- jm_cv_lib_iconv="")
+-
+- if test "$jm_cv_lib_iconv" != yes; then
+- jm_save_LIBS="$LIBS"
+- LIBS="$LIBS -lgiconv"
+- AC_TRY_LINK([#include <stdlib.h>
+-#include <giconv.h>],
+- [iconv_t cd = iconv_open("","");
+- iconv(cd,NULL,NULL,NULL,NULL);
+- iconv_close(cd);],
+- jm_cv_lib_iconv=yes
+- jm_cv_func_iconv=yes
+- jm_cv_include="giconv.h"
+- jm_cv_giconv=yes
+- jm_cv_lib_iconv="giconv")
+-
+- LIBS="$jm_save_LIBS"
+-
+- if test "$jm_cv_func_iconv" != yes; then
+- jm_save_LIBS="$LIBS"
+- LIBS="$LIBS -liconv"
+- AC_TRY_LINK([#include <stdlib.h>
++ jm_cv_func_iconv=yes
++ jm_cv_include="giconv.h"
++ jm_cv_lib_iconv="giconv"
++ jm_cv_giconv=yes)
++
++ LIBS="$jm_save_LIBS"
++
++ if test "$jm_cv_func_iconv" != yes; then
++ jm_save_LIBS="$LIBS"
++ LIBS="$LIBS -liconv"
++ AC_TRY_LINK([#include <stdlib.h>
+ #include <iconv.h>],
+- [iconv_t cd = iconv_open("","");
+- iconv(cd,NULL,NULL,NULL,NULL);
+- iconv_close(cd);],
+- jm_cv_include="iconv.h"
+- jm_cv_func_iconv=yes
+- jm_cv_lib_iconv="iconv")
+- LIBS="$jm_save_LIBS"
+- fi
++ [iconv_t cd = iconv_open("","");
++ iconv(cd,NULL,NULL,NULL,NULL);
++ iconv_close(cd);],
++ jm_cv_func_iconv=yes
++ jm_cv_include="iconv.h"
++ jm_cv_lib_iconv="iconv")
++
++ LIBS="$jm_save_LIBS"
++ fi
++ fi
+ fi
+ fi
+- fi
+- if test "$jm_cv_func_iconv" = yes; then
+- if test "$jm_cv_giconv" = yes; then
+- AC_DEFINE(HAVE_GICONV, 1, [What header to include for iconv() function: giconv.h])
+- AC_MSG_RESULT(yes)
+- ICONV_FOUND=yes
+- else
+- if test "$jm_cv_biconv" = yes; then
+- AC_DEFINE(HAVE_BICONV, 1, [What header to include for iconv() function: biconv.h])
+- AC_MSG_RESULT(yes)
+- ICONV_FOUND=yes
++ if test "$jm_cv_func_iconv" = yes; then
++ if test "$jm_cv_giconv" = yes; then
++ AC_DEFINE(HAVE_GICONV, 1, [What header to include for iconv() function: giconv.h])
++ AC_MSG_RESULT(yes)
++ ICONV_FOUND=yes
+ else
+ AC_DEFINE(HAVE_ICONV, 1, [What header to include for iconv() function: iconv.h])
+ AC_MSG_RESULT(yes)
+ ICONV_FOUND=yes
+ fi
++ else
++ AC_MSG_RESULT(no)
+ fi
+- else
+- AC_MSG_RESULT(no)
+- fi
+ ])
+
+ AC_DEFUN(rjs_CHARSET,[
Index: patch-smbd_aio.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-smbd_aio.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-smbd_aio.c -L net/samba3/files/patch-smbd_aio.c -u -r1.1 -r1.2
--- net/samba3/files/patch-smbd_aio.c
+++ net/samba3/files/patch-smbd_aio.c
@@ -1,5 +1,5 @@
---- smbd/aio.c.orig Tue Jan 3 03:03:05 2006
-+++ smbd/aio.c Tue Jan 3 03:06:52 2006
+--- ./smbd/aio.c.orig Thu Mar 1 05:54:07 2007
++++ ./smbd/aio.c Tue Apr 17 02:06:59 2007
@@ -25,7 +25,17 @@
/* The signal we'll use to signify aio done. */
@@ -19,7 +19,7 @@
#endif
/****************************************************************************
-@@ -497,6 +507,11 @@
+@@ -531,6 +541,11 @@
static BOOL handle_aio_completed(struct aio_extra *aio_ex, int *perr)
{
int err;
Index: patch-script_installswat.sh
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-script_installswat.sh,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-script_installswat.sh -L net/samba3/files/patch-script_installswat.sh -u -r1.1 -r1.2
--- net/samba3/files/patch-script_installswat.sh
+++ net/samba3/files/patch-script_installswat.sh
@@ -1,5 +1,5 @@
---- script/installswat.sh.orig Thu Apr 20 04:29:42 2006
-+++ script/installswat.sh Tue Apr 25 02:12:10 2006
+--- ./script/installswat.sh.orig Thu Mar 1 05:55:02 2007
++++ ./script/installswat.sh Tue Apr 17 02:06:59 2007
@@ -21,8 +21,7 @@
;;
esac
--- /dev/null
+++ net/samba3/files/patch-nsswitch__wins_freebsd.c
@@ -0,0 +1,116 @@
+--- /dev/null Mon Oct 15 03:11:01 2007
++++ nsswitch/wins_freebsd.c Mon Oct 15 03:18:44 2007
+@@ -0,0 +1,113 @@
++/*
++ Unix SMB/CIFS implementation.
++
++ Copyright (C) Timur I. Bakeyev 2007
++
++ This library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Library General Public
++ License as published by the Free Software Foundation; either
++ version 2 of the License, or (at your option) any later version.
++
++ This library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Library General Public License for more details.
++
++ You should have received a copy of the GNU Library General Public
++ License along with this library; if not, write to the
++ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
++ Boston, MA 02111-1307, USA.
++*/
++
++#include "winbind_client.h"
++
++NSS_STATUS _nss_wins_gethostbyname_r(const char *hostname, struct hostent *he,
++ char *buffer, size_t buflen, int *h_errnop);
++
++NSS_STATUS _nss_wins_gethostbyname2_r(const char *name, int af, struct hostent *he,
++ char *buffer, size_t buflen, int *h_errnop);
++
++NSS_METHOD_PROTOTYPE(__nss_wins_freebsd_gethostbyname_r);
++NSS_METHOD_PROTOTYPE(__nss_wins_freebsd_gethostbyname2_r);
++
++static ns_mtab methods[] =
++{
++/*
++ { NSDB_HOSTS, "getaddrinfo", NULL, NULL },
++ { NSDB_HOSTS, "ghbyname", NULL, NULL },
++ { NSDB_HOSTS, "ghbyaddr", NULL, NULL },
++*/
++ { NSDB_HOSTS, "gethostbyaddr_r", __nss_wins_freebsd_gethostbyname_r, _nss_wins_gethostbyname_r },
++ { NSDB_HOSTS, "gethostbyname2_r", __nss_wins_freebsd_gethostbyname2_r, _nss_wins_gethostbyname2_r },
++/*
++ { NSDB_HOSTS, "getnetbyname_r", NULL, NULL },
++ { NSDB_HOSTS, "getnetbyaddr_r", NULL, NULL },
++ { NSDB_HOSTS, "gethostbyname", NULL, NULL },
++ { NSDB_HOSTS, "gethostbyaddr", NULL, NULL },
++ { NSDB_HOSTS, "getnetbyname", NULL, NULL },
++ { NSDB_HOSTS, "getnetbyaddr", NULL, NULL }
++*/
++};
++
++int
++__nss_wins_freebsd_gethostbyname_r(void *retval, void *mdata, va_list ap)
++{
++ int (*fn)(const char *, struct hostent *, char *, size_t, int *);
++ const char *hostname;
++ struct hostent *he;
++ char *buffer;
++ size_t buflen;
++ int *h_errnop;
++ enum nss_status status;
++
++ fn = mdata;
++ hostname = va_arg(ap, const char *);
++ he = va_arg(ap, struct hostent *);
++ buffer = va_arg(ap, char *);
++ buflen = va_arg(ap, size_t);
++ h_errnop = va_arg(ap, int *);
++
++ status = fn(hostname, he, buffer, buflen, h_errnop);
++ status = __nss_compat_result(status, *h_errnop);
++ if (status == NS_SUCCESS)
++ *(struct hostent **)retval = he;
++
++ return (status);
++}
++
++int
++__nss_wins_freebsd_gethostbyname2_r(void *retval, void *mdata, va_list ap)
++{
++ int (*fn)(const char *, int, struct hostent *, char *, size_t, int *);
++ const char *hostname;
++ int af;
++ struct hostent *he;
++ char *buffer;
++ size_t buflen;
++ int *h_errnop;
++ enum nss_status status;
++
++ fn = mdata;
++ hostname = va_arg(ap, const char *);
++ af = va_arg(ap, int);
++ he = va_arg(ap, struct hostent *);
++ buffer = va_arg(ap, char *);
++ buflen = va_arg(ap, size_t);
++ h_errnop = va_arg(ap, int *);
++
++ status = fn(hostname, af, he, buffer, buflen, h_errnop);
++ status = __nss_compat_result(status, *h_errnop);
++ if (status == NS_SUCCESS)
++ *(struct hostent **)retval = he;
++
++ return (status);
++}
++
++ns_mtab *
++nss_module_register(const char *source __unused, unsigned int *mtabsize,
++ nss_module_unregister_fn *unreg)
++{
++ *mtabsize = sizeof(methods) / sizeof(methods[0]);
++ *unreg = NULL;
++ return (methods);
++}
Index: patch-configure.in
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-configure.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -L net/samba3/files/patch-configure.in -L net/samba3/files/patch-configure.in -u -r1.2 -r1.3
--- net/samba3/files/patch-configure.in
+++ net/samba3/files/patch-configure.in
@@ -1,6 +1,6 @@
---- configure.in.orig Tue Nov 14 15:42:15 2006
-+++ configure.in Sat Nov 18 03:19:57 2006
-@@ -1088,6 +1088,21 @@
+--- configure.in.orig 2008-03-08 16:56:26.000000000 +0100
++++ configure.in 2008-05-01 04:24:05.000000000 +0200
+@@ -1052,6 +1052,21 @@
AC_DEFINE(HAVE_SIG_ATOMIC_T_TYPE,1,[Whether we have the atomic_t variable type])
fi
@@ -22,67 +22,194 @@
AC_CACHE_CHECK([for struct timespec type],samba_cv_struct_timespec, [
AC_TRY_COMPILE([
#include <sys/types.h>
-@@ -2463,32 +2478,40 @@
- # Check if FAM notifications are available. For FAM info, see
- # http://oss.sgi.com/projects/fam/
- # http://savannah.nongnu.org/projects/fam/
-+AC_ARG_ENABLE(fam,
-+[ --enable-fam Turn on FAM support (default=auto)])
-
--AC_CHECK_HEADERS(fam.h, [samba_cv_HAVE_FAM_H=yes], [samba_cv_HAVE_FAM_H=no])
--if test x"$samba_cv_HAVE_FAM_H" = x"yes"; then
-- # On IRIX, libfam requires libC, but other FAM implementations might not
-- # need it.
-- AC_CHECK_LIB(fam, FAMOpen2,
-- [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam"],
-- [samba_cv_HAVE_LIBFAM=no])
--
-- if test x"$samba_cv_HAVE_LIBFAM" = x"no" ; then
-- samba_fam_xtra=-lC
-- AC_CHECK_LIB_EXT(fam, samba_fam_xtra, FAMOpen2,
-- [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam -lC"],
-- [samba_cv_HAVE_LIBFAM=no])
-- unset samba_fam_xtra
-+if test x$enable_fam != xno; then
-+ AC_CHECK_HEADERS(fam.h, [samba_cv_HAVE_FAM_H=yes], [samba_cv_HAVE_FAM_H=no])
-+ if test x"$samba_cv_HAVE_FAM_H" = x"yes"; then
-+ # On IRIX, libfam requires libC, but other FAM implementations
-+ # might not need it.
-+ AC_CHECK_LIB(fam, FAMOpen2,
-+ [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam"],
-+ [samba_cv_HAVE_LIBFAM=no])
-+
-+ if test x"$samba_cv_HAVE_LIBFAM" = x"no" ; then
-+ samba_fam_xtra=-lC
-+ AC_CHECK_LIB_EXT(fam, samba_fam_xtra, FAMOpen2,
-+ [samba_cv_HAVE_LIBFAM=yes; samba_fam_libs="-lfam -lC"],
-+ [samba_cv_HAVE_LIBFAM=no])
-+ unset samba_fam_xtra
-+ fi
- fi
--fi
-
--if test x"$samba_cv_HAVE_LIBFAM" = x"yes" ; then
-- AC_DEFINE(HAVE_FAM_CHANGE_NOTIFY, 1,
-- [Whether FAM is file notifications are available])
-- AC_TRY_COMPILE([#include <fam.h>],
-- [FAMCodes code = FAMChanged;],
-- AC_DEFINE(HAVE_FAM_H_FAMCODES_TYPEDEF, 1,
-- [Whether fam.h contains a typedef for enum FAMCodes]),
-- [])
-+ if test x"$samba_cv_HAVE_LIBFAM" = x"yes" ; then
-+ AC_DEFINE(HAVE_FAM_CHANGE_NOTIFY, 1,
-+ [Whether FAM file notifications are available])
-+ AC_TRY_COMPILE([#include <fam.h>],
-+ [FAMCodes code = FAMChanged;],
-+ AC_DEFINE(HAVE_FAM_H_FAMCODES_TYPEDEF, 1,
-+ [Whether fam.h contains a typedef for enum FAMCodes]),
-+ [])
-+ fi
-+
-+ if test x$enable_fam = xyes && test x"$samba_cv_HAVE_LIBFAM" != xyes ; then
-+ AC_MSG_ERROR(FAM support requested but FAM library not available )
-+ fi
- fi
+@@ -1255,6 +1270,7 @@
+
+ # Find a method of generating a stack trace
+ AC_CHECK_HEADERS(execinfo.h libexc.h libunwind.h)
++AC_SEARCH_LIBS(backtrace_symbols, [execinfo])
+ AC_CHECK_FUNCS(backtrace_symbols)
+ AC_CHECK_LIB(exc, trace_back_stack)
+
+@@ -4091,10 +4107,10 @@
+ ################################################################
+ # first test for Active Directory support being enabled
+- #if test x"$with_ads_support" = x"no"; then
+- # AC_MSG_ERROR(Active Directory support is required to enable DNS Update support)
+- # with_dnsupdate_support=no
+- #fi
++ if test x"$with_ads_support" = x"no"; then
++ AC_MSG_ERROR(Active Directory support is required to enable DNS Update support)
++ with_dnsupdate_support=no
++ fi
+ ##################################################################
+ # then test for uuid.h (necessary to generate unique DNS keynames
+ # (uuid.h is required for this test)
+@@ -5165,7 +5181,7 @@
#################################################
+ # check for ACL support
+
+-AC_MSG_CHECKING(whether to support ACLs)
++AC_MSG_NOTICE(checking whether to support ACLs...)
+ AC_ARG_WITH(acl-support,
+ [ --with-acl-support Include ACL support (default=no)],
+ [ case "$withval" in
+@@ -5173,43 +5189,37 @@
+
+ case "$host_os" in
+ *sysv5*)
+- AC_MSG_RESULT(Using UnixWare ACLs)
++ AC_MSG_NOTICE(Using UnixWare ACLs)
+ AC_DEFINE(HAVE_UNIXWARE_ACLS,1,[Whether UnixWare ACLs are available])
+ default_static_modules="$default_static_modules vfs_solarisacl"
+ ;;
+ *solaris*)
+- AC_MSG_RESULT(Using solaris ACLs)
+- AC_DEFINE(HAVE_SOLARIS_ACLS,1,[Whether solaris ACLs are available])
++ AC_MSG_NOTICE(Using Solaris ACLs)
++ AC_DEFINE(HAVE_SOLARIS_ACLS,1,[Whether Solaris ACLs are available])
+ ACL_LIBS="$ACL_LIBS -lsec"
+ default_static_modules="$default_static_modules vfs_solarisacl"
+ ;;
+ *hpux*)
+- AC_MSG_RESULT(Using HPUX ACLs)
++ AC_MSG_NOTICE(Using HPUX ACLs)
+ AC_DEFINE(HAVE_HPUX_ACLS,1,[Whether HPUX ACLs are available])
+ default_static_modules="$default_static_modules vfs_hpuxacl"
+ ;;
+ *irix*)
+- AC_MSG_RESULT(Using IRIX ACLs)
++ AC_MSG_NOTICE(Using IRIX ACLs)
+ AC_DEFINE(HAVE_IRIX_ACLS,1,[Whether IRIX ACLs are available])
+ default_static_modules="$default_static_modules vfs_irixacl"
+ ;;
+ *aix*)
+- AC_MSG_RESULT(Using AIX ACLs)
++ AC_MSG_NOTICE(Using AIX ACLs)
+ AC_DEFINE(HAVE_AIX_ACLS,1,[Whether AIX ACLs are available])
+ default_static_modules="$default_static_modules vfs_aixacl"
+ ;;
+ *osf*)
+- AC_MSG_RESULT(Using Tru64 ACLs)
++ AC_MSG_NOTICE(Using Tru64 ACLs)
+ AC_DEFINE(HAVE_TRU64_ACLS,1,[Whether Tru64 ACLs are available])
+ ACL_LIBS="$ACL_LIBS -lpacl"
+ default_static_modules="$default_static_modules vfs_tru64acl"
+ ;;
+- *freebsd[[5-9]]*)
+- AC_MSG_RESULT(Using FreeBSD posix ACLs)
+- AC_DEFINE(HAVE_POSIX_ACLS,1,[Whether FreeBSD POSIX ACLs are available])
+- AC_DEFINE(HAVE_ACL_GET_PERM_NP,1,[Whether acl_get_perm_np() is available])
+- default_static_modules="$default_static_modules vfs_posixacl"
+- ;;
+ *linux*)
+ AC_CHECK_LIB(attr,getxattr,[ACL_LIBS="$ACL_LIBS -lattr"])
+ AC_CHECK_LIB(acl,acl_get_file,[ACL_LIBS="$ACL_LIBS -lacl"])
+@@ -5230,7 +5240,7 @@
+ LIBS=$acl_LIBS
+ ])
+ if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
+- AC_MSG_RESULT(Using posix ACLs)
++ AC_MSG_NOTICE(Using posix ACLs)
+ AC_DEFINE(HAVE_POSIX_ACLS,1,[Whether POSIX ACLs are available])
+ AC_CACHE_CHECK([for acl_get_perm_np],samba_cv_HAVE_ACL_GET_PERM_NP,[
+ acl_LIBS=$LIBS
+@@ -5251,12 +5261,18 @@
+ AC_DEFINE(HAVE_ACL_GET_PERM_NP,1,[Whether acl_get_perm_np() is available])
+ fi
+ fi
+- ;;
++ ;;
+ *)
+- AC_CHECK_LIB(acl,acl_get_file,[ACL_LIBS="$ACL_LIBS -lacl"])
+- AC_CACHE_CHECK([for ACL support],samba_cv_HAVE_POSIX_ACLS,[
++ AC_CHECK_LIB(acl,acl_get_file,[
++ ACL_LIBS="$ACL_LIBS -lacl"
++ samba_cv_acl_get_file=yes
++ ],[
++ AC_CHECK_FUNC(acl_get_file,[samba_cv_acl_get_file=yes])
++ ])
++ if test x"$samba_cv_acl_get_file" = x"yes"; then
++ AC_CACHE_CHECK([for POSIX ACL support],samba_cv_HAVE_POSIX_ACLS,[
+ acl_LIBS=$LIBS
+- LIBS="$LIBS -lacl"
++ LIBS="$LIBS $ACL_LIBS"
+ AC_TRY_LINK([
+ #include <sys/types.h>
+ #include <sys/acl.h>
+@@ -5269,20 +5285,20 @@
+ [samba_cv_HAVE_POSIX_ACLS=yes],
+ [samba_cv_HAVE_POSIX_ACLS=no])
+ LIBS=$acl_LIBS
+- ])
+- if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
+- AC_MSG_RESULT(Using posix ACLs)
++ ])
++ if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
++ AC_MSG_NOTICE(Using POSIX ACLs)
+ AC_DEFINE(HAVE_POSIX_ACLS,1,[Whether POSIX ACLs are available])
+ AC_CACHE_CHECK([for acl_get_perm_np],samba_cv_HAVE_ACL_GET_PERM_NP,[
+ acl_LIBS=$LIBS
+- LIBS="$LIBS -lacl"
++ LIBS="$LIBS $ACL_LIBS"
+ AC_TRY_LINK([
+ #include <sys/types.h>
+ #include <sys/acl.h>
+ ],[
+ acl_permset_t permset_d;
+ acl_perm_t perm;
+- return acl_get_perm_np( permset_d, perm);
++ return acl_get_perm_np(permset_d, perm);
+ ],
+ [samba_cv_HAVE_ACL_GET_PERM_NP=yes],
+ [samba_cv_HAVE_ACL_GET_PERM_NP=no])
+@@ -5291,17 +5307,22 @@
+ if test x"$samba_cv_HAVE_ACL_GET_PERM_NP" = x"yes"; then
+ AC_DEFINE(HAVE_ACL_GET_PERM_NP,1,[Whether acl_get_perm_np() is available])
+ fi
++ fi
++ fi
++ if test x"$samba_cv_HAVE_POSIX_ACLS" != x"yes"; then
++ AC_MSG_NOTICE(No POSIX ACLs support is availble)
++ AC_DEFINE(HAVE_NO_ACLS,1,[Whether no ACLs support is available])
+ fi
+ ;;
+ esac
+ ;;
+ *)
+- AC_MSG_RESULT(no)
++ AC_MSG_NOTICE(No ACLs support is availble)
+ AC_DEFINE(HAVE_NO_ACLS,1,[Whether no ACLs support is available])
+ ;;
+ esac ],
++ AC_MSG_NOTICE(No ACLs support is built in)
+ AC_DEFINE(HAVE_NO_ACLS,1,[Whether no ACLs support should be built in])
+- AC_MSG_RESULT(no)
+ )
+
+ if test x"$samba_cv_HAVE_POSIX_ACLS" = x"yes"; then
+@@ -5775,6 +5796,7 @@
+ NSSSONAMEVERSIONSUFFIX=".1"
+ WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_freebsd.o \
+ nsswitch/winbind_nss_linux.o"
++ WINBIND_WINS_NSS_EXTRA_OBJS="nsswitch/wins_freebsd.o nsswitch/wins.o"
+ WINBIND_NSS="nsswitch/nss_winbind.$SHLIBEXT"
+ WINBIND_WINS_NSS="nsswitch/nss_wins.$SHLIBEXT"
+ ;;
+@@ -5831,6 +5853,8 @@
+ AC_SUBST(WINBIND_NSS_LDSHFLAGS)
+ AC_SUBST(WINBIND_NSS_EXTRA_OBJS)
+ AC_SUBST(WINBIND_NSS_EXTRA_LIBS)
++AC_SUBST(WINBIND_WINS_NSS_EXTRA_OBJS)
++AC_SUBST(WINBIND_WINS_NSS_EXTRA_LIBS)
+ AC_SUBST(NSSSONAMEVERSIONSUFFIX)
+
+ AC_SUBST(SMB_KRB5_LOCATOR)
+@@ -6132,6 +6156,7 @@
+ SMB_MODULE(vfs_irixacl, \$(VFS_IRIXACL_OBJ), "bin/irixacl.$SHLIBEXT", VFS)
+ SMB_MODULE(vfs_hpuxacl, \$(VFS_HPUXACL_OBJ), "bin/hpuxacl.$SHLIBEXT", VFS)
+ SMB_MODULE(vfs_tru64acl, \$(VFS_TRU64ACL_OBJ), "bin/tru64acl.$SHLIBEXT", VFS)
++SMB_MODULE(vfs_zfsacl, \$(VFS_ZFSACL_OBJ), "bin/zfsacl.$SHLIBEXT", VFS)
+ SMB_MODULE(vfs_catia, \$(VFS_CATIA_OBJ), "bin/catia.$SHLIBEXT", VFS)
+ SMB_MODULE(vfs_cacheprime, \$(VFS_CACHEPRIME_OBJ), "bin/cacheprime.$SHLIBEXT", VFS)
+ SMB_MODULE(vfs_prealloc, \$(VFS_PREALLOC_OBJ), "bin/prealloc.$SHLIBEXT", VFS)
Index: patch-pam_smbpass_pam_smb_passwd.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-pam_smbpass_pam_smb_passwd.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-pam_smbpass_pam_smb_passwd.c -L net/samba3/files/patch-pam_smbpass_pam_smb_passwd.c -u -r1.1 -r1.2
--- net/samba3/files/patch-pam_smbpass_pam_smb_passwd.c
+++ net/samba3/files/patch-pam_smbpass_pam_smb_passwd.c
@@ -1,5 +1,5 @@
---- pam_smbpass/pam_smb_passwd.c.orig Thu Apr 20 04:29:22 2006
-+++ pam_smbpass/pam_smb_passwd.c Thu Aug 24 01:30:57 2006
+--- ./pam_smbpass/pam_smb_passwd.c.orig Thu Apr 20 04:29:22 2006
++++ ./pam_smbpass/pam_smb_passwd.c Tue Apr 17 02:06:59 2007
@@ -226,7 +226,7 @@
(const void **)&pass_old );
} else {
--- /dev/null
+++ net/samba3/files/patch-CVE-2008-1105
@@ -0,0 +1,187 @@
+commit 7e191387d64de2c965fc2c999bc7d1ccf4aae010
+Author: Gerald W. Carter <jerry at samba.org>
+Date: Wed May 28 07:30:19 2008 -0500
+
+ Security: Patche for CVE-2008-1105.
+
+ -- Summary --
+ Specifically crafted SMB responses can result
+ in a heap overflow in the Samba client code.
+ Because the server process, smbd, can itself
+ act as a client during operations such as
+ printer notification and domain authentication,
+ this issue affects both Samba client and server
+ installations.
+
+ Ensure that we specify the buffer size used to store incoming SMB
+ packets. This bug was originally introduced in Samba 2.2.4. Patch from
+ Jeremy Allison.
+
+diff --git client/client.c client/client.c
+index 3f96f63..e87623a 100644
+--- client/client.c
++++ client/client.c
+@@ -3626,7 +3626,7 @@ static void readline_callback(void)
+ session keepalives and then drop them here.
+ */
+ if (FD_ISSET(cli->fd,&fds)) {
+- if (!receive_smb(cli->fd,cli->inbuf,0)) {
++ if (!receive_smb(cli->fd,cli->inbuf,cli->bufsize,0)) {
+ DEBUG(0, ("Read from server failed, maybe it closed the "
+ "connection\n"));
+ return;
+diff --git client/smbctool.c client/smbctool.c
+index 2063418..a18505b 100644
+--- client/smbctool.c
++++ client/smbctool.c
+@@ -3304,7 +3304,7 @@ static void readline_callback(void)
+ session keepalives and then drop them here.
+ */
+ if (FD_ISSET(cli->fd,&fds)) {
+- receive_smb(cli->fd,cli->inbuf,0);
++ receive_smb(cli->fd,cli->inbuf,cli->bufsize,0);
+ goto again;
+ }
+
+diff --git lib/util_sock.c lib/util_sock.c
+index 94c5e82..4715ca7 100644
+--- lib/util_sock.c
++++ lib/util_sock.c
+@@ -654,14 +654,13 @@ ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout)
+ }
+
+ /****************************************************************************
+- Read an smb from a fd. Note that the buffer *MUST* be of size
+- BUFFER_SIZE+SAFETY_MARGIN.
++ Read an smb from a fd.
+ The timeout is in milliseconds.
+ This function will return on receipt of a session keepalive packet.
+ Doesn't check the MAC on signed packets.
+ ****************************************************************************/
+
+-BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
++BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout)
+ {
+ ssize_t len,ret;
+
+@@ -682,25 +681,18 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
+ return False;
+ }
+
+- /*
+- * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
+- * of header. Don't print the error if this fits.... JRA.
+- */
+-
+- if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
++ if (len > buflen) {
+ DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));
+- if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) {
+
+- /*
+- * Correct fix. smb_read_error may have already been
+- * set. Only set it here if not already set. Global
+- * variables still suck :-). JRA.
+- */
++ /*
++ * smb_read_error may have already been
++ * set. Only set it here if not already set. Global
++ * variables still suck :-). JRA.
++ */
+
+- if (smb_read_error == 0)
+- smb_read_error = READ_ERROR;
+- return False;
+- }
++ if (smb_read_error == 0)
++ smb_read_error = READ_ERROR;
++ return False;
+ }
+
+ if(len > 0) {
+@@ -730,9 +722,9 @@ BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)
+ Checks the MAC on signed packets.
+ ****************************************************************************/
+
+-BOOL receive_smb(int fd, char *buffer, unsigned int timeout)
++BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout)
+ {
+- if (!receive_smb_raw(fd, buffer, timeout)) {
++ if (!receive_smb_raw(fd, buffer, buflen, timeout)) {
+ return False;
+ }
+
+diff --git libsmb/clientgen.c libsmb/clientgen.c
+index c6cef08..7d7ab9e 100644
+--- libsmb/clientgen.c
++++ libsmb/clientgen.c
+@@ -44,8 +44,7 @@ int cli_set_port(struct cli_state *cli, int port)
+ }
+
+ /****************************************************************************
+- Read an smb from a fd ignoring all keepalive packets. Note that the buffer
+- *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN.
++ Read an smb from a fd ignoring all keepalive packets.
+ The timeout is in milliseconds
+
+ This is exactly the same as receive_smb except that it never returns
+@@ -54,12 +53,12 @@ int cli_set_port(struct cli_state *cli, int port)
+ should never go into a blocking read.
+ ****************************************************************************/
+
+-static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)
++static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout)
+ {
+ BOOL ret;
+
+ for(;;) {
+- ret = receive_smb_raw(fd, buffer, timeout);
++ ret = receive_smb_raw(fd, buffer, bufsize, timeout);
+
+ if (!ret) {
+ DEBUG(10,("client_receive_smb failed\n"));
+@@ -88,7 +87,7 @@ BOOL cli_receive_smb(struct cli_state *cli)
+ return False;
+
+ again:
+- ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout);
++ ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout);
+
+ if (ret) {
+ /* it might be an oplock break request */
+diff --git smbd/process.c smbd/process.c
+index 8dec719..3d31c29 100644
+--- smbd/process.c
++++ smbd/process.c
+@@ -521,7 +521,8 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
+ goto again;
+ }
+
+- return receive_smb(smbd_server_fd(), buffer, 0);
++ return receive_smb(smbd_server_fd(), buffer,
++ BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE, 0);
+ }
+
+ /*
+diff --git utils/smbfilter.c utils/smbfilter.c
+index 97d2223..2152e53 100644
+--- utils/smbfilter.c
++++ utils/smbfilter.c
+@@ -140,7 +140,7 @@ static void filter_child(int c, struct in_addr dest_ip)
+ if (num <= 0) continue;
+
+ if (c != -1 && FD_ISSET(c, &fds)) {
+- if (!receive_smb(c, packet, 0)) {
++ if (!receive_smb(c, packet, BUFFER_SIZE, 0)) {
+ d_printf("client closed connection\n");
+ exit(0);
+ }
+@@ -151,7 +151,7 @@ static void filter_child(int c, struct in_addr dest_ip)
+ }
+ }
+ if (s != -1 && FD_ISSET(s, &fds)) {
+- if (!receive_smb(s, packet, 0)) {
++ if (!receive_smb(s, packet, BUFFER_SIZE, 0)) {
+ d_printf("server closed connection\n");
+ exit(0);
+ }
Index: patch-smbd_statvfs.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-smbd_statvfs.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-smbd_statvfs.c -L net/samba3/files/patch-smbd_statvfs.c -u -r1.1 -r1.2
--- net/samba3/files/patch-smbd_statvfs.c
+++ net/samba3/files/patch-smbd_statvfs.c
@@ -1,5 +1,5 @@
---- smbd/statvfs.c.orig Wed Nov 9 19:28:55 2005
-+++ smbd/statvfs.c Thu Jan 5 04:26:54 2006
+--- ./smbd/statvfs.c.orig Thu Mar 1 05:54:06 2007
++++ ./smbd/statvfs.c Tue Apr 17 02:06:59 2007
@@ -3,6 +3,7 @@
VFS API's statvfs abstraction
Copyright (C) Alexander Bokovoy 2005
@@ -38,7 +38,7 @@
/*
@@ -53,6 +75,8 @@
{
- #if defined(LINUX)
+ #if defined(LINUX) && defined(HAVE_FSID_INT)
return linux_statvfs(path, statbuf);
+#elif defined(FREEBSD)
+ return bsd_statvfs(path, statbuf);
Index: patch-script_installbin.sh.in
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-script_installbin.sh.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-script_installbin.sh.in -L net/samba3/files/patch-script_installbin.sh.in -u -r1.1 -r1.2
--- net/samba3/files/patch-script_installbin.sh.in
+++ net/samba3/files/patch-script_installbin.sh.in
@@ -1,5 +1,5 @@
---- script/installbin.sh.in.orig Sun Jun 25 04:08:55 2006
-+++ script/installbin.sh.in Sun Jun 25 04:10:00 2006
+--- ./script/installbin.sh.in.orig Tue Jun 13 03:52:17 2006
++++ ./script/installbin.sh.in Tue Apr 17 02:06:59 2007
@@ -13,11 +13,7 @@
for p in $*; do
p2=`basename $p`
--- /dev/null
+++ net/samba3/files/patch-smbd_sec_ctx.c
@@ -0,0 +1,157 @@
+--- smbd/sec_ctx.c.orig Thu Mar 1 05:54:08 2007
++++ smbd/sec_ctx.c Sat Sep 15 02:49:24 2007
+@@ -5,7 +5,7 @@
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+- the Free Software Foundation; either version 2 of the License, or
++ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+@@ -14,8 +14,7 @@
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+- along with this program; if not, write to the Free Software
+- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ #include "includes.h"
+@@ -192,7 +191,7 @@
+
+ if (sec_ctx_stack_ndx == MAX_SEC_CTX_DEPTH) {
+ DEBUG(0, ("Security context stack overflow!\n"));
+- smb_panic("Security context stack overflow!\n");
++ smb_panic("Security context stack overflow!");
+ }
+
+ /* Store previous user context */
+@@ -228,6 +227,73 @@
+ }
+
+ /****************************************************************************
++ Change UNIX security context. Calls panic if not successful so no return value.
++****************************************************************************/
++
++#ifndef HAVE_DARWIN_INITGROUPS
++
++/* Normal credential switch path. */
++
++static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
++{
++ /* Start context switch */
++ gain_root();
++#ifdef HAVE_SETGROUPS
++ if (sys_setgroups(gid, ngroups, groups) != 0 && !non_root_mode()) {
++ smb_panic("sys_setgroups failed");
++ }
++#endif
++ become_id(uid, gid);
++ /* end context switch */
++}
++
++#else /* HAVE_DARWIN_INITGROUPS */
++
++/* The Darwin groups implementation is a little unusual. The list of
++* groups in the kernel credential is not exhaustive, but more like
++* a cache. The full group list is held in userspace and checked
++* dynamically.
++*
++* This is an optional mechanism, and setgroups(2) opts out
++* of it. That is, if you call setgroups, then the list of groups you
++* set are the only groups that are ever checked. This is not what we
++* want. We want to opt in to the dynamic resolution mechanism, so we
++* need to specify the uid of the user whose group list (cache) we are
++* setting.
++*
++* The Darwin rules are:
++* 1. Thou shalt setegid, initgroups and seteuid IN THAT ORDER
++* 2. Thou shalt not pass more that NGROUPS_MAX to initgroups
++* 3. Thou shalt leave the first entry in the groups list well alone
++*/
++
++#include <sys/syscall.h>
++
++static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
++{
++ int max = groups_max();
++
++ /* Start context switch */
++ gain_root();
++
++ become_gid(gid);
++
++
++ if (syscall(SYS_initgroups, (ngroups > max) ? max : ngroups,
++ groups, uid) == -1 && !non_root_mode()) {
++ DEBUG(0, ("WARNING: failed to set group list "
++ "(%d groups) for UID %ld: %s\n",
++ ngroups, uid, strerror(errno)));
++ smb_panic("sys_setgroups failed");
++ }
++
++ become_uid(uid);
++ /* end context switch */
++}
++
++#endif /* HAVE_DARWIN_INITGROUPS */
++
++/****************************************************************************
+ Set the current security context to a given user.
+ ****************************************************************************/
+
+@@ -243,11 +309,8 @@
+ debug_nt_user_token(DBGC_CLASS, 5, token);
+ debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
+
+- gain_root();
+-
+-#ifdef HAVE_SETGROUPS
+- sys_setgroups(ngroups, groups);
+-#endif
++ /* Change uid, gid and supplementary group list. */
++ set_unix_security_ctx(uid, gid, ngroups, groups);
+
+ ctx_p->ut.ngroups = ngroups;
+
+@@ -277,8 +340,6 @@
+ ctx_p->token = NULL;
+ }
+
+- become_id(uid, gid);
+-
+ ctx_p->ut.uid = uid;
+ ctx_p->ut.gid = gid;
+
+@@ -315,7 +376,7 @@
+
+ if (sec_ctx_stack_ndx == 0) {
+ DEBUG(0, ("Security context stack underflow!\n"));
+- smb_panic("Security context stack underflow!\n");
++ smb_panic("Security context stack underflow!");
+ }
+
+ ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
+@@ -334,15 +395,13 @@
+
+ sec_ctx_stack_ndx--;
+
+- gain_root();
+-
+ prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
+
+-#ifdef HAVE_SETGROUPS
+- sys_setgroups(prev_ctx_p->ut.ngroups, prev_ctx_p->ut.groups);
+-#endif
+-
+- become_id(prev_ctx_p->ut.uid, prev_ctx_p->ut.gid);
++ /* Change uid, gid and supplementary group list. */
++ set_unix_security_ctx(prev_ctx_p->ut.uid,
++ prev_ctx_p->ut.gid,
++ prev_ctx_p->ut.ngroups,
++ prev_ctx_p->ut.groups);
+
+ /* Update current_user stuff */
+
Index: patch-pam_smbpass_pam_smb_auth.c
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-pam_smbpass_pam_smb_auth.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-pam_smbpass_pam_smb_auth.c -L net/samba3/files/patch-pam_smbpass_pam_smb_auth.c -u -r1.1 -r1.2
--- net/samba3/files/patch-pam_smbpass_pam_smb_auth.c
+++ net/samba3/files/patch-pam_smbpass_pam_smb_auth.c
@@ -1,5 +1,5 @@
---- pam_smbpass/pam_smb_auth.c.orig Fri Jun 23 15:16:50 2006
-+++ pam_smbpass/pam_smb_auth.c Thu Aug 24 01:30:57 2006
+--- ./pam_smbpass/pam_smb_auth.c.orig Fri Jun 23 15:16:50 2006
++++ ./pam_smbpass/pam_smb_auth.c Tue Apr 17 02:06:59 2007
@@ -167,7 +167,7 @@
retval = PAM_SUCCESS;
--- /dev/null
+++ net/samba3/files/patch-client_client.c
@@ -0,0 +1,20 @@
+--- client/client.c.orig Tue Jun 5 02:42:29 2007
++++ client/client.c Tue Jun 5 02:54:19 2007
+@@ -2443,7 +2443,7 @@
+ break;
+ case SMB_POSIX_ACL_GROUP:
+ uorg = IVAL(retbuf,SMB_POSIX_ACL_HEADER_SIZE+(i*SMB_POSIX_ACL_ENTRY_SIZE)+2);
+- d_printf("group:%u", uorg);
++ d_printf("group:%u:", uorg);
+ break;
+ case SMB_POSIX_ACL_MASK:
+ d_printf("mask::");
+@@ -2480,7 +2480,7 @@
+ break;
+ case SMB_POSIX_ACL_GROUP:
+ uorg = IVAL(retbuf,SMB_POSIX_ACL_HEADER_SIZE+((i+num_file_acls)*SMB_POSIX_ACL_ENTRY_SIZE)+2);
+- d_printf("default:group:%u", uorg);
++ d_printf("default:group:%u:", uorg);
+ break;
+ case SMB_POSIX_ACL_MASK:
+ d_printf("default:mask::");
--- /dev/null
+++ net/samba3/files/patch-vfs_zfsacl.c
@@ -0,0 +1,190 @@
+--- /dev/null Thu Aug 30 22:11:01 2007
++++ modules/vfs_zfsacl.c Thu Aug 30 16:33:06 2007
+@@ -0,0 +1,187 @@
++/*
++ * Convert ZFS/NFSv4 acls to NT acls and vice versa.
++ *
++ * Copyright (C) Jiri Sasek, 2007
++ * based on the foobar.c module which is copyrighted by Volker Lendecke
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 2 of the License, or
++ * (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++ *
++ */
++
++#include "includes.h"
++#include "nfs4_acls.h"
++
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_VFS
++
++#define ZFSACL_MODULE_NAME "zfsacl"
++
++/* zfs_get_nt_acl()
++ * read the local file's acls and return it in NT form
++ * using the NFSv4 format conversion
++ */
++static size_t zfs_get_nt_acl(struct files_struct *fsp, uint32 security_info,
++ struct security_descriptor **ppdesc)
++{
++ int naces, i;
++ ace_t *acebuf;
++ SMB4ACL_T *pacl;
++ TALLOC_CTX *mem_ctx;
++
++ /* read the number of file aces */
++ if((naces = acl(fsp->fsp_name, ACE_GETACLCNT, 0, NULL)) == -1) {
++ if(errno == ENOSYS) {
++ DEBUG(9, ("acl(ACE_GETACLCNT, %s): Operation is not supported on the filesystem where the file reside"));
++ } else {
++ DEBUG(9, ("acl(ACE_GETACLCNT, %s): %s ", fsp->fsp_name,
++ strerror(errno)));
++ }
++ return 0;
++ }
++ /* allocate the field of ZFS aces */
++ mem_ctx = main_loop_talloc_get();
++ acebuf = (ace_t *) talloc_size(mem_ctx, sizeof(ace_t)*naces);
++ if(acebuf == NULL) {
++ errno = ENOMEM;
++ return 0;
++ }
++ /* read the aces into the field */
++ if(acl(fsp->fsp_name, ACE_GETACL, naces, acebuf) < 0) {
++ DEBUG(9, ("acl(ACE_GETACL, %s): %s ", fsp->fsp_name,
++ strerror(errno)));
++ return 0;
++ }
++ /* create SMB4ACL data */
++ if((pacl = smb_create_smb4acl()) == NULL) return 0;
++ for(i=0; i<naces; i++) {
++ SMB_ACE4PROP_T aceprop;
++
++ aceprop.aceType = (uint32) acebuf[i].a_type;
++ aceprop.aceFlags = (uint32) acebuf[i].a_flags;
++ aceprop.aceMask = (uint32) acebuf[i].a_access_mask;
++ aceprop.who.id = (uint32) acebuf[i].a_who;
++ aceprop.flags = 0;
++ if(smb_add_ace4(pacl, &aceprop) == NULL) return 0;
++ }
++
++ return smb_get_nt_acl_nfs4(fsp, security_info, ppdesc, pacl);
++}
++
++/* call-back function processing the NT acl -> ZFS acl using NFSv4 conv. */
++static BOOL zfs_process_smbacl(files_struct *fsp, SMB4ACL_T *smbacl)
++{
++ int naces = smb_get_naces(smbacl), i;
++ ace_t *acebuf;
++ SMB4ACE_T *smbace;
++ TALLOC_CTX *mem_ctx;
++
++ /* allocate the field of ZFS aces */
++ mem_ctx = main_loop_talloc_get();
++ acebuf = (ace_t *) talloc_size(mem_ctx, sizeof(ace_t)*naces);
++ if(acebuf == NULL) {
++ errno = ENOMEM;
++ return False;
++ }
++ /* handle all aces */
++ for(smbace = smb_first_ace4(smbacl), i = 0;
++ smbace!=NULL;
++ smbace = smb_next_ace4(smbace), i++) {
++ SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
++
++ acebuf[i].a_type = aceprop->aceType;
++ acebuf[i].a_flags = aceprop->aceFlags;
++ acebuf[i].a_access_mask = aceprop->aceMask;
++ acebuf[i].a_who = aceprop->who.id;
++ }
++ SMB_ASSERT(i == naces);
++
++ /* store acl */
++ if(acl(fsp->fsp_name, ACE_SETACL, naces, acebuf)) {
++ if(errno == ENOSYS) {
++ DEBUG(9, ("acl(ACE_SETACL, %s): Operation is not supported on the filesystem where the file reside"));
++ } else {
++ DEBUG(9, ("acl(ACE_SETACL, %s): %s ", fsp->fsp_name,
++ strerror(errno)));
++ }
++ return 0;
++ }
++
++ return True;
++}
++
++/* zfs_set_nt_acl()
++ * set the local file's acls obtaining it in NT form
++ * using the NFSv4 format conversion
++ */
++static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp,
++ uint32 security_info_sent,
++ struct security_descriptor *psd)
++{
++ return smb_set_nt_acl_nfs4(fsp, security_info_sent, psd,
++ zfs_process_smbacl);
++}
++
++static size_t zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
++ struct files_struct *fsp,
++ int fd, uint32 security_info,
++ struct security_descriptor **ppdesc)
++{
++ return zfs_get_nt_acl(fsp, security_info, ppdesc);
++}
++
++static size_t zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
++ struct files_struct *fsp,
++ const char *name, uint32 security_info,
++ struct security_descriptor **ppdesc)
++{
++ return zfs_get_nt_acl(fsp, security_info, ppdesc);
++}
++
++static NTSTATUS zfsacl_fset_nt_acl(vfs_handle_struct *handle,
++ files_struct *fsp,
++ int fd, uint32 security_info_sent,
++ SEC_DESC *psd)
++{
++ return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
++}
++
++static NTSTATUS zfsacl_set_nt_acl(vfs_handle_struct *handle,
++ files_struct *fsp,
++ const char *name, uint32 security_info_sent,
++ SEC_DESC *psd)
++{
++ return zfs_set_nt_acl(handle, fsp, security_info_sent, psd);
++}
++
++/* VFS operations structure */
++
++static vfs_op_tuple zfsacl_ops[] = {
++ {SMB_VFS_OP(zfsacl_fget_nt_acl), SMB_VFS_OP_FGET_NT_ACL,
++ SMB_VFS_LAYER_OPAQUE},
++ {SMB_VFS_OP(zfsacl_get_nt_acl), SMB_VFS_OP_GET_NT_ACL,
++ SMB_VFS_LAYER_OPAQUE},
++ {SMB_VFS_OP(zfsacl_fset_nt_acl), SMB_VFS_OP_FSET_NT_ACL,
++ SMB_VFS_LAYER_OPAQUE},
++ {SMB_VFS_OP(zfsacl_set_nt_acl), SMB_VFS_OP_SET_NT_ACL,
++ SMB_VFS_LAYER_OPAQUE},
++ {SMB_VFS_OP(NULL), SMB_VFS_OP_NOOP, SMB_VFS_LAYER_NOOP}
++};
++
++NTSTATUS vfs_zfsacl_init(void);
++NTSTATUS vfs_zfsacl_init(void)
++{
++ return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "zfsacl",
++ zfsacl_ops);
++}
--- /dev/null
+++ net/samba3/files/patch-lib__system_smbd.c
@@ -0,0 +1,17 @@
+--- lib/system_smbd.c.orig Sun Sep 16 04:29:55 2007
++++ lib/system_smbd.c Sun Sep 16 04:31:21 2007
+@@ -104,12 +104,10 @@
+
+ restore_re_gid();
+
+- if (sys_setgroups(ngrp_saved, gids_saved) != 0) {
++ if (sys_setgroups(gid, ngrp_saved, gids_saved) != 0) {
+ /* yikes! */
+ DEBUG(0,("ERROR: getgrouplist: failed to reset group list!\n"));
+- smb_panic("getgrouplist: failed to reset group list!\n");
+- free(gids_saved);
+- return -1;
++ smb_panic("getgrouplist: failed to reset group list!");
+ }
+
+ free(gids_saved);
--- net/samba3/files/patch-zb
+++ /dev/null
@@ -1,26 +0,0 @@
---- param/loadparm.c.orig Fri Aug 25 13:40:09 2006
-+++ param/loadparm.c Fri Aug 25 13:46:28 2006
-@@ -3852,7 +3852,7 @@
-
- BOOL dump_a_parameter(int snum, char *parm_name, FILE * f, BOOL isGlobal)
- {
-- service * pService = ServicePtrs[snum];
-+ service * pService = NULL;
- int i;
- BOOL result = False;
- parm_class p_class;
-@@ -3883,8 +3883,13 @@
- if (isGlobal) {
- p_class = P_GLOBAL;
- flag = FLAG_GLOBAL;
-- } else
-+ } else {
-+ if (!VALID_SNUM(snum)) {
-+ return False;
-+ }
-+ pService = ServicePtrs[snum];
- p_class = P_LOCAL;
-+ }
-
- for (i = 0; parm_table[i].label; i++) {
- if (strwicmp(parm_table[i].label, parm_name) == 0 &&
Index: patch-include_includes.h
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/patch-include_includes.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/patch-include_includes.h -L net/samba3/files/patch-include_includes.h -u -r1.1 -r1.2
--- net/samba3/files/patch-include_includes.h
+++ net/samba3/files/patch-include_includes.h
@@ -1,6 +1,6 @@
---- include/includes.h.orig Wed Aug 23 18:16:38 2006
-+++ include/includes.h Fri Sep 8 00:12:44 2006
-@@ -475,10 +475,10 @@
+--- ./include/includes.h.orig Mon Apr 9 19:30:59 2007
++++ ./include/includes.h Tue Apr 17 02:06:59 2007
+@@ -209,10 +209,10 @@
#undef HAVE_LDAP
#endif
Index: pkg-message.in
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/pkg-message.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -L net/samba3/files/pkg-message.in -L net/samba3/files/pkg-message.in -u -r1.1 -r1.2
--- net/samba3/files/pkg-message.in
+++ net/samba3/files/pkg-message.in
@@ -1,11 +1,5 @@
-===============================================================================
-NOTICE: This version of port has changed location of Samba password
-NOTICE: (smbpasswd) directory. Files in '%%SAMBA_PRIVATE%%'
-NOTICE: have moved to '%%SAMBA_PRIVATEDIR%%'.
-===============================================================================
Samba3 *package* now doesn't include ADS support due the portability problems
with Kerberos5 libraries on different installations. You need to compile port
yourself to get this functionality.
For additional hints and directions, please, look into the README.FreeBSD file.
-===============================================================================
--- /dev/null
+++ net/samba3/files/patch-utils_ntlm_auth.c
@@ -0,0 +1,295 @@
+--- utils/ntlm_auth.c.orig Sun Jun 3 04:28:29 2007
++++ utils/ntlm_auth.c Sun Jun 3 04:47:26 2007
+@@ -689,8 +689,8 @@
+ NTSTATUS nt_status;
+
+ if (strlen(buf) < 2) {
+- DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH NTLMSSP query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -714,7 +714,7 @@
+
+ if (opt_password == NULL) {
+ DEBUG(1, ("Out of memory\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Out of memory\n");
+ data_blob_free(&request);
+ return;
+ }
+@@ -741,14 +741,14 @@
+ x_fprintf(x_stdout, "GK %s\n", key64?key64:"<NULL>");
+ SAFE_FREE(key64);
+ } else {
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH missing NTLMSSP session key\n");
+ }
+
+ data_blob_free(&request);
+ return;
+ } else {
+- DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH NTLMSSP query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -817,8 +817,8 @@
+ }
+
+ if (strlen(buf) < 2) {
+- DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH NTLMSSP query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -842,7 +842,7 @@
+
+ if (opt_password == NULL) {
+ DEBUG(1, ("Out of memory\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Out of memory\n");
+ data_blob_free(&request);
+ return;
+ }
+@@ -892,14 +892,14 @@
+ SAFE_FREE(key64);
+ }
+ else {
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH missing session key\n");
+ }
+
+ data_blob_free(&request);
+ return;
+ } else {
+- DEBUG(1, ("NTLMSSP query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("NTLMSSP query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH NTLMSSP query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -1027,7 +1027,7 @@
+
+ if (len == -1) {
+ DEBUG(1, ("Could not write SPNEGO data blob\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Could not write SPNEGO data blob\n");
+ return;
+ }
+
+@@ -1057,8 +1057,8 @@
+ pstring reply_argument;
+
+ if (strlen(buf) < 2) {
+- DEBUG(1, ("SPENGO query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("SPNEGO query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH SPNEGO query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -1068,8 +1068,8 @@
+ } else if (strncmp(buf, "KK", 2) == 0) {
+
+ } else {
+- DEBUG(1, ("SPENGO query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("SPNEGO query [%s] invalid\n", buf));
++ x_fprintf(x_stdout, "BH SPNEGO query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -1086,7 +1086,7 @@
+
+ if (strlen(buf) <= 3) {
+ DEBUG(1, ("GSS-SPNEGO query [%s] invalid\n", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH GSS-SPENEGO query [%s] invalid\n", buf);
+ return;
+ }
+
+@@ -1096,7 +1096,7 @@
+
+ if (len == -1) {
+ DEBUG(1, ("GSS-SPNEGO query [%s] invalid", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH GSS-SPNEGO query [%s] invalid", buf);
+ return;
+ }
+
+@@ -1107,8 +1107,8 @@
+
+ if ( (request.negTokenInit.mechTypes == NULL) ||
+ (request.negTokenInit.mechTypes[0] == NULL) ) {
+- DEBUG(1, ("Client did not offer any mechanism"));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("Client did not offer any mechanism\n"));
++ x_fprintf(x_stdout, "BH Client did not offer any mechanism\n");
+ return;
+ }
+
+@@ -1116,15 +1116,15 @@
+ if (strcmp(request.negTokenInit.mechTypes[0], OID_NTLMSSP) == 0) {
+
+ if ( request.negTokenInit.mechToken.data == NULL ) {
+- DEBUG(1, ("Client did not provide NTLMSSP data\n"));
+- x_fprintf(x_stdout, "BH\n");
++ DEBUG(1, ("Client did not provide NTLMSSP data\n"));
++ x_fprintf(x_stdout, "BH Client did not provide NTLMSSP data\n");
+ return;
+ }
+
+ if ( ntlmssp_state != NULL ) {
+ DEBUG(1, ("Client wants a new NTLMSSP challenge, but "
+ "already got one\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Client wants a new NTLMSSP challenge, but already got one\n");
+ ntlmssp_end(&ntlmssp_state);
+ return;
+ }
+@@ -1157,7 +1157,7 @@
+
+ if ( request.negTokenInit.mechToken.data == NULL ) {
+ DEBUG(1, ("Client did not provide Kerberos data\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Client did not provide Kerberos data\n");
+ return;
+ }
+
+@@ -1183,7 +1183,7 @@
+ if (domain == NULL) {
+ DEBUG(1, ("Did not get a valid principal "
+ "from ads_verify_ticket\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Did not get a valid principal from ads_verify_ticket\n");
+ return;
+ }
+
+@@ -1206,13 +1206,14 @@
+ is the only one we support that sends this stuff */
+ DEBUG(1, ("Got a negTokenTarg for something non-NTLMSSP: %s\n",
+ request.negTokenTarg.supportedMech));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got a negTokenTarg for something non-NTLMSSP: %s\n",
++ request.negTokenTarg.supportedMech);
+ return;
+ }
+
+ if (request.negTokenTarg.responseToken.data == NULL) {
+ DEBUG(1, ("Got a negTokenTarg without a responseToken!\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got a negTokenTarg without a responseToken!\n");
+ return;
+ }
+
+@@ -1256,7 +1257,7 @@
+
+ if (len == -1) {
+ DEBUG(1, ("Could not write SPNEGO data blob\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Could not write SPNEGO data blob\n");
+ return;
+ }
+
+@@ -1346,7 +1347,7 @@
+
+ if (client_ntlmssp_state == NULL) {
+ DEBUG(1, ("Got NTLMSSP tArg without a client state\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got NTLMSSP tArg without a client state\n");
+ return;
+ }
+
+@@ -1370,7 +1371,9 @@
+ DEBUG(1, ("Expected MORE_PROCESSING_REQUIRED from "
+ "ntlmssp_client_update, got: %s\n",
+ nt_errstr(status)));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Expected MORE_PROCESSING_REQUIRED from "
++ "ntlmssp_client_update, got: %s\n",
++ nt_errstr(status));
+ data_blob_free(&request);
+ ntlmssp_end(&client_ntlmssp_state);
+ return;
+@@ -1486,7 +1489,7 @@
+ switch (spnego.negTokenTarg.negResult) {
+ case SPNEGO_ACCEPT_INCOMPLETE:
+ DEBUG(1, ("Got a Kerberos negTokenTarg with ACCEPT_INCOMPLETE\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got a Kerberos negTokenTarg with ACCEPT_INCOMPLETE\n");
+ break;
+ case SPNEGO_ACCEPT_COMPLETED:
+ DEBUG(10, ("Accept completed\n"));
+@@ -1518,7 +1521,7 @@
+
+ if (strlen(buf) <= 3) {
+ DEBUG(1, ("SPNEGO query [%s] too short\n", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH SPNEGO query [%s] too short\n", buf);
+ return;
+ }
+
+@@ -1532,7 +1535,7 @@
+
+ if (opt_password == NULL) {
+ DEBUG(1, ("Out of memory\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Out of memory\n");
+ data_blob_free(&request);
+ return;
+ }
+@@ -1546,7 +1549,7 @@
+ (strncmp(buf, "AF ", 3) != 0) &&
+ (strncmp(buf, "NA ", 3) != 0) ) {
+ DEBUG(1, ("SPNEGO request [%s] invalid\n", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH SPNEGO request [%s] invalid\n", buf);
+ data_blob_free(&request);
+ return;
+ }
+@@ -1559,7 +1562,7 @@
+
+ if (len == -1) {
+ DEBUG(1, ("Could not read SPNEGO data for [%s]\n", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Could not read SPNEGO data for [%s]\n", buf);
+ return;
+ }
+
+@@ -1588,7 +1591,7 @@
+ }
+
+ DEBUG(1, ("Server offered no compatible mechanism\n"));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Server offered no compatible mechanism\n");
+ return;
+ }
+
+@@ -1610,7 +1613,9 @@
+ DEBUG(1, ("Got a negTokenTarg with no mech and an "
+ "unknown negResult: %d\n",
+ spnego.negTokenTarg.negResult));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got a negTokenTarg with no mech and an "
++ "unknown negResult: %d\n",
++ spnego.negTokenTarg.negResult);
+ }
+
+ ntlmssp_end(&client_ntlmssp_state);
+@@ -1634,7 +1639,7 @@
+ }
+
+ DEBUG(1, ("Got an SPNEGO token I could not handle [%s]!\n", buf));
+- x_fprintf(x_stdout, "BH\n");
++ x_fprintf(x_stdout, "BH Got an SPNEGO token I could not handle [%s]!\n", buf);
+ return;
+
+ out:
--- /dev/null
+++ net/samba3/files/patch-libaddns__dnsgss.c
@@ -0,0 +1,55 @@
+Index: libaddns/dnsgss.c
+===================================================================
+--- libaddns/dnsgss.c (revision 25080)
++++ libaddns/dnsgss.c (working copy)
+@@ -219,11 +219,8 @@ DNS_ERROR dns_negotiate_sec_ctx( const c
+
+ gss_name_t targ_name;
+
+- krb5_principal host_principal;
+- krb5_context krb_ctx = NULL;
+-
+ gss_OID_desc nt_host_oid_desc =
+- { 10, (char *)"\052\206\110\206\367\022\001\002\002\002" };
++ {10, (char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"};
+
+ TALLOC_CTX *mem_ctx;
+
+@@ -247,23 +244,13 @@ DNS_ERROR dns_negotiate_sec_ctx( const c
+ goto error;
+ }
+
+- krb5_init_context( &krb_ctx );
+- krb5_parse_name( krb_ctx, targetname, &host_principal );
+-
+- /* don't free the principal until after you call
+- gss_release_name() or else you'll get a segv
+- as the krb5_copy_principal() does a structure
+- copy and not a deep copy. --jerry*/
+-
+- input_name.value = &host_principal;
+- input_name.length = sizeof( host_principal );
++ input_name.value = targetname;
++ input_name.length = strlen(targetname);
+
+ major = gss_import_name( &minor, &input_name,
+ &nt_host_oid_desc, &targ_name );
+
+ if (major) {
+- krb5_free_principal( krb_ctx, host_principal );
+- krb5_free_context( krb_ctx );
+ err = ERROR_DNS_GSS_ERROR;
+ goto error;
+ }
+@@ -273,11 +260,6 @@ DNS_ERROR dns_negotiate_sec_ctx( const c
+
+ gss_release_name( &minor, &targ_name );
+
+- /* now we can free the principal */
+-
+- krb5_free_principal( krb_ctx, host_principal );
+- krb5_free_context( krb_ctx );
+-
+ error:
+ TALLOC_FREE(mem_ctx);
+
Index: samba.in
===================================================================
RCS file: /home/cvs/mports/net/samba3/files/samba.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -L net/samba3/files/samba.in -L net/samba3/files/samba.in -u -r1.2 -r1.3
--- net/samba3/files/samba.in
+++ net/samba3/files/samba.in
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $FreeBSD: ports/net/samba3/files/samba.in,v 1.5 2007/02/07 08:40:44 sem Exp $
+# $FreeBSD: ports/net/samba3/files/samba.in,v 1.6 2007/06/05 10:55:06 tdb Exp $
#
# PROVIDE: nmbd smbd
@@ -135,7 +135,7 @@
debug "reloading ${name} configuration"
echo "Reloading ${name}."
# XXX: Hack with pid_extra
- "${smbcontrol_command}" "${name}${pid_extra}" 'reload-config' ${command_args}
+ "${smbcontrol_command}" "${name}${pid_extra}" 'reload-config' ${command_args} >/dev/null 2>&1
fi
fi
done
--- /dev/null
+++ net/samba3/files/patch-lib__system.c
@@ -0,0 +1,212 @@
+--- lib/system.c.orig Mon Aug 20 15:04:50 2007
++++ lib/system.c Sun Sep 16 04:25:55 2007
+@@ -574,7 +574,11 @@
+ {
+ char *wd;
+ #ifdef HAVE_GETCWD
++#ifdef PATH_MAX
++ wd = (char *)getcwd(s, PATH_MAX);
++#else
+ wd = (char *)getcwd(s, sizeof (pstring));
++#endif
+ #else
+ wd = (char *)getwd(s);
+ #endif
+@@ -643,6 +647,25 @@
+ }
+
+ /*******************************************************************
++ Wrapper for lchown.
++********************************************************************/
++
++int sys_lchown(const char *fname,uid_t uid,gid_t gid)
++{
++#ifndef HAVE_LCHOWN
++ static int done;
++ if (!done) {
++ DEBUG(1,("WARNING: no lchown!\n"));
++ done=1;
++ }
++ errno = ENOSYS;
++ return -1;
++#else
++ return(lchown(fname,uid,gid));
++#endif
++}
++
++/*******************************************************************
+ os/2 also doesn't have chroot
+ ********************************************************************/
+ int sys_chroot(const char *dname)
+@@ -871,15 +894,13 @@
+ }
+
+ /**************************************************************************
+- Wrapper for getgroups. Deals with broken (int) case.
++ Wrap setgroups and getgroups for systems that declare getgroups() as
++ returning an array of gid_t, but actuall return an array of int.
+ ****************************************************************************/
+
+-int sys_getgroups(int setlen, gid_t *gidset)
++#if defined(HAVE_BROKEN_GETGROUPS)
++static int sys_broken_getgroups(int setlen, gid_t *gidset)
+ {
+-#if !defined(HAVE_BROKEN_GETGROUPS)
+- return getgroups(setlen, gidset);
+-#else
+-
+ GID_T gid;
+ GID_T *group_list;
+ int i, ngroups;
+@@ -901,7 +922,7 @@
+ if (setlen == 0)
+ setlen = groups_max();
+
+- if((group_list = (GID_T *)malloc(setlen * sizeof(GID_T))) == NULL) {
++ if((group_list = SMB_MALLOC_ARRAY(GID_T, setlen)) == NULL) {
+ DEBUG(0,("sys_getgroups: Malloc fail.\n"));
+ return -1;
+ }
+@@ -918,26 +939,10 @@
+
+ SAFE_FREE(group_list);
+ return ngroups;
+-#endif /* HAVE_BROKEN_GETGROUPS */
+ }
+
+-
+-/**************************************************************************
+- Wrapper for setgroups. Deals with broken (int) case. Automatically used
+- if we have broken getgroups.
+-****************************************************************************/
+-
+-int sys_setgroups(int setlen, gid_t *gidset)
++static int sys_broken_setgroups(int setlen, gid_t *gidset)
+ {
+-#if !defined(HAVE_SETGROUPS)
+- errno = ENOSYS;
+- return -1;
+-#endif /* HAVE_SETGROUPS */
+-
+-#if !defined(HAVE_BROKEN_GETGROUPS)
+- return setgroups(setlen, gidset);
+-#else
+-
+ GID_T *group_list;
+ int i ;
+
+@@ -954,7 +959,7 @@
+ * GID_T array of size setlen.
+ */
+
+- if((group_list = (GID_T *)malloc(setlen * sizeof(GID_T))) == NULL) {
++ if((group_list = SMB_MALLOC_ARRAY(GID_T, setlen)) == NULL) {
+ DEBUG(0,("sys_setgroups: Malloc fail.\n"));
+ return -1;
+ }
+@@ -971,7 +976,105 @@
+
+ SAFE_FREE(group_list);
+ return 0 ;
++}
++
+ #endif /* HAVE_BROKEN_GETGROUPS */
++
++/* This is a list of systems that require the first GID passed to setgroups(2)
++ * to be the effective GID. If your system is one of these, add it here.
++ */
++#if defined (FREEBSD) || defined (DARWINOS)
++#define USE_BSD_SETGROUPS
++#endif
++
++#if defined(USE_BSD_SETGROUPS)
++/* Depending on the particular BSD implementation, the first GID that is
++ * passed to setgroups(2) will either be ignored or will set the credential's
++ * effective GID. In either case, the right thing to do is to guarantee that
++ * gidset[0] is the effective GID.
++ */
++static int sys_bsd_setgroups(gid_t primary_gid, int setlen, const gid_t *gidset)
++{
++ gid_t *new_gidset = NULL;
++ int max;
++ int ret;
++
++ /* setgroups(2) will fail with EINVAL if we pass too many groups. */
++ max = groups_max();
++
++ /* No group list, just make sure we are setting the efective GID. */
++ if (setlen == 0) {
++ return setgroups(1, &primary_gid);
++ }
++
++ /* If the primary gid is not the first array element, grow the array
++ * and insert it at the front.
++ */
++ if (gidset[0] != primary_gid) {
++ new_gidset = SMB_MALLOC_ARRAY(gid_t, setlen + 1);
++ if (new_gidset == NULL) {
++ return -1;
++ }
++
++ memcpy(new_gidset + 1, gidset, (setlen * sizeof(gid_t)));
++ new_gidset[0] = primary_gid;
++ setlen++;
++ }
++
++ if (setlen > max) {
++ DEBUG(3, ("forced to truncate group list from %d to %d\n",
++ setlen, max));
++ setlen = max;
++ }
++
++#if defined(HAVE_BROKEN_GETGROUPS)
++ ret = sys_broken_setgroups(setlen, new_gidset ? new_gidset : gidset);
++#else
++ ret = setgroups(setlen, new_gidset ? new_gidset : gidset);
++#endif
++
++ if (new_gidset) {
++ int errsav = errno;
++ SAFE_FREE(new_gidset);
++ errno = errsav;
++ }
++
++ return ret;
++}
++
++#endif /* USE_BSD_SETGROUPS */
++
++/**************************************************************************
++ Wrapper for getgroups. Deals with broken (int) case.
++****************************************************************************/
++
++int sys_getgroups(int setlen, gid_t *gidset)
++{
++#if defined(HAVE_BROKEN_GETGROUPS)
++ return sys_broken_getgroups(setlen, gidset);
++#else
++ return getgroups(setlen, gidset);
++#endif
++}
++
++/**************************************************************************
++ Wrapper for setgroups. Deals with broken (int) case and BSD case.
++****************************************************************************/
++
++int sys_setgroups(gid_t UNUSED(primary_gid), int setlen, gid_t *gidset)
++{
++#if !defined(HAVE_SETGROUPS)
++ errno = ENOSYS;
++ return -1;
++#endif /* HAVE_SETGROUPS */
++
++#if defined(USE_BSD_SETGROUPS)
++ return sys_bsd_setgroups(primary_gid, setlen, gidset);
++#elif defined(HAVE_BROKEN_GETGROUPS)
++ return sys_broken_setgroups(setlen, gidset);
++#else
++ return setgroups(setlen, gidset);
++#endif
+ }
+
+ /**************************************************************************
More information about the Midnightbsd-cvs
mailing list