head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.18 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.16 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.14 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.12 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.10 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.8 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.6 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.4 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.2 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2008.06.28.22.51.22; author tron; state dead; branches; next 1.1; 1.1 date 2008.05.28.15.39.55; author drochner; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2008.05.28.15.39.55; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.05.29.14.14.53; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update "samba" package to version 3.0.30. Changes since 3.0.28a: - Fix for CVE-2008-1105. - Remove man pages for ldb tools not included in Samba 3.0. - Fix build for pam_smbpass. - Fix a crash in tdb_wrap_log(). - BUG 5267: Fix for nmbd termination problems when no interfaces found. - BUG 5326: OS/2 servers give strange "high word" replies for print jobs. - Remove MS-DFS check that required the target host be ourself. - BUG 5372: Fix high CPU usage of cupsd on large print servers by using more efficient CUPS queries in smbd. - Rewrite integer wrap checks to deal with gcc 4.x optimizations. - BUG 5095: Fix the enforcement of the "Manage Documents" access right. - Don't free memory from getpass() in mount.cifs. - BUG 5460: Fix MS-DFS referral problem in server code. - Fix bug in Winbind that caused the parent to ignore dead children. - Fix compile warnings. - Fix build for pam_smbpass. - Document build fixes. - BUG 4235: Improve compliance to the Squid helper protocol. - BUG 5107: Fix handling of large DNS replies on AIX and Solaris. - Prevent cycle in Wibind's list of children when reaping dead processes. - BUG 5419: Fix memory leak in ads_do_search_all_args() (merge from v3-2). - Fix winbind NETLOGON credential chain on a samba dc for w2k8 trusts. - Fix client connections and negotiation with Windows 2008 DCs in member server code. - Add NT_STATUS_DOWNGRADE_DETECTED error code (merge from v3-2). - BUG 5430: Fix pam_winbind.so on Solaris (requires -lsocket). - Re-add samr getdispinfoindex parsing which got lost in the glue commit. - BUG 5461: Implement a very basic _samr_GetDisplayEnumerationIndex(). Corrects interop problem between Citrix PM and a Samba DC. - BUG 3840: Fix smbclient connecting to NetApp filers when using whitespace in the user's password. - BUG 4901: Fix behavior of "ldap passwd sync = only". - BUG 5317: Fix debug output from domain_client_validate(). - BUG 5338: Fix format string bug in rpcclient. - Ensure that "wbinfo -a trusted\\user%password" works correctly on a Samba DC with trusts. - BUG 5336: Fix SetUsetrInfo(level 25) to update the pwdLastSet attribute. - BUG 5350: Fallback to anonymous sessions if not trust password could be obtained on Samba DCs and member servers. - BUG 5366: Fix password chat on Sun OpenSolaris (Nevada). - Fix signing problem in the client with trans requests. - Fix alignment bug hitting Solaris with "reset in zero vc" activated. - Fix build with glibc 2.8. - Enable winbind child processes to do something with signals, in particular closing and reopening logs on SIGHUP. - Documentation cleanup after r emerging docs from svn to git and back-porting from the v3-2 branch. - Add implementation of machine-authenticated connection to netlogon pipe used when connecting to win2k and newer domain controllers. - Fix trusted users on a DC that uses the old idmap syntax. - Only have Winbind cache domain password policies that were successfully retrieved. - Fix alignment bug when marshalling printer data replies. - Fix DeleteDriverDriverEx() checks to prevent removing in use files. @ text @$NetBSD: patch-ed,v 1.1 2008/05/28 15:39:55 drochner Exp $ --- libsmb/clientgen.c.orig 2008-03-08 16:33:35.000000000 +0100 +++ libsmb/clientgen.c @@@@ -44,8 +44,7 @@@@ int cli_set_port(struct cli_state *cli, } /**************************************************************************** - Read an smb from a fd ignoring all keepalive packets. Note that the buffer - *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. + Read an smb from a fd ignoring all keepalive packets. The timeout is in milliseconds This is exactly the same as receive_smb except that it never returns @@@@ -54,12 +53,12 @@@@ int cli_set_port(struct cli_state *cli, should never go into a blocking read. ****************************************************************************/ -static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) +static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout) { BOOL ret; for(;;) { - ret = receive_smb_raw(fd, buffer, timeout); + ret = receive_smb_raw(fd, buffer, bufsize, timeout); if (!ret) { DEBUG(10,("client_receive_smb failed\n")); @@@@ -88,7 +87,7 @@@@ BOOL cli_receive_smb(struct cli_state *c return False; again: - ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout); + ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout); if (ret) { /* it might be an oplock break request */ @ 1.1 log @add patches from redhat bugzilla (#446724) to fix CVE-2008-1105 (heap buffer overflow in client code) bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ed was added on branch pkgsrc-2008Q1 on 2008-05-29 14:14:53 +0000 @ text @d1 38 @ 1.1.2.2 log @Pullup ticket #2403 - requested by drochner Security patch for samba Revisions pulled up: - net/samba/Makefile 1.182 - net/samba/distinfo 1.62 - net/samba/patches/patch-ea 1.1 - net/samba/patches/patch-eb 1.1 - net/samba/patches/patch-ec 1.1 - net/samba/patches/patch-ed 1.1 - net/samba/patches/patch-ee 1.1 - net/samba/patches/patch-ef 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Wed May 28 15:39:55 UTC 2008 Modified Files: pkgsrc/net/samba: Makefile distinfo Added Files: pkgsrc/net/samba/patches: patch-ea patch-eb patch-ec patch-ed patch-ee patch-ef Log Message: add patches from redhat bugzilla (#446724) to fix CVE-2008-1105 (heap buffer overflow in client code) bump PKGREVISION @ text @a0 38 $NetBSD: patch-ed,v 1.1 2008/05/28 15:39:55 drochner Exp $ --- libsmb/clientgen.c.orig 2008-03-08 16:33:35.000000000 +0100 +++ libsmb/clientgen.c @@@@ -44,8 +44,7 @@@@ int cli_set_port(struct cli_state *cli, } /**************************************************************************** - Read an smb from a fd ignoring all keepalive packets. Note that the buffer - *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN. + Read an smb from a fd ignoring all keepalive packets. The timeout is in milliseconds This is exactly the same as receive_smb except that it never returns @@@@ -54,12 +53,12 @@@@ int cli_set_port(struct cli_state *cli, should never go into a blocking read. ****************************************************************************/ -static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout) +static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout) { BOOL ret; for(;;) { - ret = receive_smb_raw(fd, buffer, timeout); + ret = receive_smb_raw(fd, buffer, bufsize, timeout); if (!ret) { DEBUG(10,("client_receive_smb failed\n")); @@@@ -88,7 +87,7 @@@@ BOOL cli_receive_smb(struct cli_state *c return False; again: - ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout); + ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout); if (ret) { /* it might be an oplock break request */ @