head 1.3; access; symbols pkgsrc-2013Q2:1.3.0.2 pkgsrc-2013Q2-base:1.3 pkgsrc-2012Q4:1.2.0.12 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.10 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.8 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.6 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.2 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.1.1.1.0.12 pkgsrc-2011Q2-base:1.1.1.1 pkgsrc-2011Q1:1.1.1.1.0.10 pkgsrc-2011Q1-base:1.1.1.1 pkgsrc-2010Q4:1.1.1.1.0.8 pkgsrc-2010Q4-base:1.1.1.1 pkgsrc-2010Q3:1.1.1.1.0.6 pkgsrc-2010Q3-base:1.1.1.1 pkgsrc-2010Q2:1.1.1.1.0.4 pkgsrc-2010Q2-base:1.1.1.1 pkgsrc-2010Q1:1.1.1.1.0.2 pkgsrc-2010Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.3 date 2013.02.05.07.45.46; author wiz; state dead; branches; next 1.2; 1.2 date 2011.07.27.00.53.37; author taca; state Exp; branches; next 1.1; 1.1 date 2010.02.16.16.24.16; author taca; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2010.02.16.16.24.16; author taca; state Exp; branches 1.1.1.1.12.1; next ; 1.1.1.1.12.1 date 2011.07.27.06.38.30; author sbd; state Exp; branches; next ; desc @@ 1.3 log @Remove samba30 and samba33, as stated by Aleksej Saushev on Jul 7, 2012. @ text @$NetBSD: patch-af,v 1.2 2011/07/27 00:53:37 taca Exp $ --- configure.orig 2011-07-24 19:11:21.000000000 +0000 +++ configure @@@@ -857,6 +857,7 @@@@ with_fhs with_privatedir with_rootsbindir with_lockdir +with_statedir with_piddir with_swatdir with_configdir @@@@ -1584,6 +1585,8 @@@@ Optional Packages: ($ac_default_prefix/sbin) --with-lockdir=DIR Where to put lock files ($ac_default_prefix/var/locks) + --with-statedir=DIR Where to put state files + ($ac_default_prefix/var/locks) --with-piddir=DIR Where to put pid files ($ac_default_prefix/var/locks) --with-swatdir=DIR Where to put SWAT files ($ac_default_prefix/swat) @@@@ -2989,6 +2992,7 @@@@ echo "LIBREPLACE_LOCATION_CHECKS: END" rootsbindir="\${SBINDIR}" lockdir="\${VARDIR}/locks" +statedir="\${VARDIR}/locks" piddir="\${VARDIR}/locks" test "${mandir}" || mandir="\${prefix}/man" logfilebase="\${VARDIR}" @@@@ -3008,7 +3012,7 @@@@ localedir="\${prefix}/share/locale" if test "${with_fhs+set}" = set; then : withval=$with_fhs; case "$withval" in yes) - lockdir="\${VARDIR}/lib/samba" + lockdir="\${VARDIR}/run/samba" piddir="\${VARDIR}/run" mandir="\${prefix}/share/man" logfilebase="\${VARDIR}/log/samba" @@@@ -3018,8 +3022,8 @@@@ if test "${with_fhs+set}" = set; then : configdir="\${sysconfdir}/samba" swatdir="\${DATADIR}/samba/swat" codepagedir="\${MODULESDIR}" - statedir="\${VARDIR}/lib/samba" - cachedir="\${VARDIR}/lib/samba" + statedir="\${VARDIR}/db/samba" + cachedir="\${VARDIR}/db/samba" $as_echo "#define FHS_COMPATIBLE 1" >>confdefs.h @@@@ -3089,6 +3093,26 @@@@ fi ################################################# +# set state directory location + +# Check whether --with-statedir was given. +if test "${with_statedir+set}" = set; then + withval=$with_statedir; case "$withval" in + yes|no) + # + # Just in case anybody calls it without argument + # + { $as_echo "$as_me:$LINENO: WARNING: --with-statedir called without argument - will use default" >&5 +$as_echo "$as_me: WARNING: --with-statedir called without argument - will use default" >&2;} + ;; + * ) + statedir="$withval" + ;; + esac +fi + + +################################################# # set pid directory location # Check whether --with-piddir was given. @@@@ -14426,7 +14450,7 @@@@ _ACEOF fi done -for ac_func in getdents getdents64 +for ac_func in getdents getdents64 getpwent_r do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@@@ -23165,9 +23189,9 @@@@ LIBS="-lcrypto $KRB5_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5 -$as_echo_n "checking for des_set_key in -lcrypto... " >&6; } -if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5 +$as_echo_n "checking for EVP_des_cbc in -lcrypto... " >&6; } +if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@@@ -23179,31 +23203,31 @@@@ else #ifdef __cplusplus extern "C" #endif -char des_set_key (); +char EVP_des_cbc (); int main () { -return des_set_key (); +return EVP_des_cbc (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_ext_crypto_des_set_key=yes; + ac_cv_lib_ext_crypto_EVP_des_cbc=yes; ac_cv_lib_ext_crypto=yes else - ac_cv_lib_ext_crypto_des_set_key=no; + ac_cv_lib_ext_crypto_EVP_des_cbc=no; ac_cv_lib_ext_crypto=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5 -$as_echo "$ac_cv_lib_ext_crypto_des_set_key" >&6; } - if test $ac_cv_lib_ext_crypto_des_set_key = yes; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5 +$as_echo "$ac_cv_lib_ext_crypto_EVP_des_cbc" >&6; } + if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_DES_SET_KEY 1 +#define HAVE_EVP_DES_CBC 1 _ACEOF fi @@@@ -32397,31 +32421,39 @@@@ case "$host_os" in NSSSONAMEVERSIONSUFFIX=".2" WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_linux.o" ;; - *freebsd[5-9]*) - # FreeBSD winbind client is implemented as a wrapper around - # the Linux version. - NSSSONAMEVERSIONSUFFIX=".1" - WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_freebsd.o \ - nsswitch/winbind_nss_linux.o" - WINBIND_NSS="nsswitch/nss_winbind.$SHLIBEXT" - WINBIND_WINS_NSS="nsswitch/nss_wins.$SHLIBEXT" - ;; - - *netbsd*[3-9]*) - # NetBSD winbind client is implemented as a wrapper - # around the Linux version. It needs getpwent_r() to - # indicate libc's use of the correct nsdispatch API. - # - if test x"$ac_cv_func_getpwent_r" = x"yes"; then - WINBIND_NSS_EXTRA_OBJS="\ - nsswitch/winbind_nss_netbsd.o \ + *freebsd*) + case "$UNAME_R" in + [5-9]*) + # FreeBSD winbind client is implemented as a wrapper + # around the Linux version. + NSSSONAMEVERSIONSUFFIX=".1" + WINBIND_NSS_EXTRA_OBJS="nsswitch/winbind_nss_freebsd.o \ nsswitch/winbind_nss_linux.o" WINBIND_NSS="nsswitch/nss_winbind.$SHLIBEXT" WINBIND_WINS_NSS="nsswitch/nss_wins.$SHLIBEXT" - else - HAVE_WINBIND=no - winbind_no_reason=", getpwent_r is missing on $host_os so winbind is unsupported" - fi + ;; + esac + ;; + + *netbsd*) + case "$UNAME_R" in + [3-9]*) + # NetBSD winbind client is implemented as a wrapper + # around the Linux version. It needs getpwent_r() to + # indicate libc's use of the correct nsdispatch API. + # + if test x"$ac_cv_func_getpwent_r" = x"yes"; then + WINBIND_NSS_EXTRA_OBJS="\ + nsswitch/winbind_nss_netbsd.o \ + nsswitch/winbind_nss_linux.o" + WINBIND_NSS="nsswitch/nss_winbind.$SHLIBEXT" + WINBIND_WINS_NSS="nsswitch/nss_wins.$SHLIBEXT" + else + HAVE_WINBIND=no + winbind_no_reason=", getpwent_r is missing on $host_os so winbind is unsupported" + fi + ;; + esac ;; *irix*) # IRIX has differently named shared libraries @ 1.2 log @Update samba33 package to 3.3.16; security fix for swat. ============================== Release Notes for Samba 3.3.16 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.3.15 -------------------- o Kai Blin * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT. @ text @d1 1 a1 1 $NetBSD: patch-af,v 1.1.1.1 2010/02/16 16:24:16 taca Exp $ @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- configure.orig 2010-01-14 10:38:54.000000000 +0000 d5 1 a5 1 @@@@ -899,6 +899,7 @@@@ with_fhs d13 1 a13 1 @@@@ -1637,6 +1638,8 @@@@ Optional Packages: d22 1 a22 1 @@@@ -2403,6 +2406,7 @@@@ echo "LIBREPLACE_LOCATION_CHECKS: END" d30 2 a31 2 @@@@ -2422,7 +2426,8 @@@@ localedir="\${prefix}/share/locale" if test "${with_fhs+set}" = set; then a35 1 + statedir="\${VARDIR}/db/samba" d39 12 a50 1 @@@@ -2505,6 +2510,26 @@@@ fi d77 3 a79 3 @@@@ -40236,7 +40261,7 @@@@ done d83 4 a86 4 do as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` { $as_echo "$as_me:$LINENO: checking for $ac_func" >&5 @@@@ -60703,9 +60728,9 @@@@ LIBS="-lcrypto $KRB5_LIBS $LIBS" d90 1 a90 1 - { $as_echo "$as_me:$LINENO: checking for des_set_key in -lcrypto" >&5 d92 2 a93 2 -if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then + { $as_echo "$as_me:$LINENO: checking for EVP_des_cbc -lcrypto" >&5 d95 1 a95 1 +if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then d98 2 a99 2 cat >conftest.$ac_ext <<_ACEOF @@@@ -60721,11 +60746,11 @@@@ cat >>conftest.$ac_ext <<_ACEOF d113 2 a114 4 @@@@ -60751,13 +60776,13 @@@@ $as_echo "$ac_try_echo") >&5 test "$cross_compiling" = yes || $as_test_x conftest$ac_exeext }; then d119 2 a120 5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_cv_lib_ext_crypto_des_set_key=no; + ac_cv_lib_ext_crypto_EVP_des_cbc=no; d123 2 a124 3 @@@@ -60766,11 +60791,11 @@@@ rm -f core conftest.err conftest.$ac_obj conftest$ac_exeext conftest.$ac_ext d127 1 a127 1 -{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_des_set_key" >&5 d129 2 a130 2 - if test $ac_cv_lib_ext_crypto_des_set_key = yes; then +{ $as_echo "$as_me:$LINENO: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5 d132 1 a132 1 + if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then d139 1 a139 1 @@@@ -76724,31 +76749,39 @@@@ case "$host_os" in @ 1.1.1.1 log @Importing Samba 3.3.10 as net/samba33. This isn't latest release, but diffrence from current package is minimal supported release. Since changes are too huge to write here, please refer each release notes: http://www.samba.org/samba/history/ And this pacakge already contain fix for CVE-2009-3297. @ text @@ 1.1.1.1.12.1 log @Pullup ticket #3479 - requested by taca net/samba33 security update. Revisions pulled up: - net/samba33/Makefile 1.15 - net/samba33/distinfo 1.7 - net/samba33/patches/patch-af 1.2 --- Module Name: pkgsrc Committed By: taca Date: Wed Jul 27 00:53:37 UTC 2011 Modified Files: pkgsrc/net/samba33: Makefile distinfo pkgsrc/net/samba33/patches: patch-af Log Message: Update samba33 package to 3.3.16; security fix for swat. ============================== Release Notes for Samba 3.3.16 July 26, 2011 ============================== This is a security release in order to address CVE-2011-2522 (Cross-Site Request Forgery in SWAT) and CVE-2011-2694 (Cross-Site Scripting vulnerability in SWAT). o CVE-2011-2522: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site request forgery. o CVE-2011-2694: The Samba Web Administration Tool (SWAT) in Samba versions 3.0.x to 3.5.9 are affected by a cross-site scripting vulnerability. Please note that SWAT must be enabled in order for these vulnerabilities to be exploitable. By default, SWAT is *not* enabled on a Samba install. Changes since 3.3.15 -------------------- o Kai Blin * BUG 8289: SWAT contains a cross-site scripting vulnerability. * BUG 8290: CSRF vulnerability in SWAT. @ text @d3 1 a3 1 --- configure.orig 2011-07-24 19:11:21.000000000 +0000 d5 1 a5 1 @@@@ -857,6 +857,7 @@@@ with_fhs d13 1 a13 1 @@@@ -1584,6 +1585,8 @@@@ Optional Packages: d22 1 a22 1 @@@@ -2989,6 +2992,7 @@@@ echo "LIBREPLACE_LOCATION_CHECKS: END" d30 2 a31 2 @@@@ -3008,7 +3012,7 @@@@ localedir="\${prefix}/share/locale" if test "${with_fhs+set}" = set; then : d36 1 d40 1 a40 12 @@@@ -3018,8 +3022,8 @@@@ if test "${with_fhs+set}" = set; then : configdir="\${sysconfdir}/samba" swatdir="\${DATADIR}/samba/swat" codepagedir="\${MODULESDIR}" - statedir="\${VARDIR}/lib/samba" - cachedir="\${VARDIR}/lib/samba" + statedir="\${VARDIR}/db/samba" + cachedir="\${VARDIR}/db/samba" $as_echo "#define FHS_COMPATIBLE 1" >>confdefs.h @@@@ -3089,6 +3093,26 @@@@ fi d67 3 a69 3 @@@@ -14426,7 +14450,7 @@@@ _ACEOF fi done d73 4 a76 4 do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@@@ -23165,9 +23189,9 @@@@ LIBS="-lcrypto $KRB5_LIBS $LIBS" d80 1 a80 1 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_set_key in -lcrypto" >&5 d82 2 a83 2 -if test "${ac_cv_lib_ext_crypto_des_set_key+set}" = set; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EVP_des_cbc in -lcrypto" >&5 d85 1 a85 1 +if test "${ac_cv_lib_ext_crypto_EVP_des_cbc+set}" = set; then : d88 2 a89 2 cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@@@ -23179,31 +23203,31 @@@@ else d103 4 a106 2 _ACEOF if ac_fn_c_try_link "$LINENO"; then : d111 5 a115 2 - ac_cv_lib_ext_crypto_des_set_key=no; + ac_cv_lib_ext_crypto_EVP_des_cbc=no; d118 3 a120 2 rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext d123 1 a123 1 -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_des_set_key" >&5 d125 2 a126 2 - if test $ac_cv_lib_ext_crypto_des_set_key = yes; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ext_crypto_EVP_des_cbc" >&5 d128 1 a128 1 + if test $ac_cv_lib_ext_crypto_EVP_des_cbc = yes; then : d135 1 a135 1 @@@@ -32397,31 +32421,39 @@@@ case "$host_os" in @