head 1.25; access; symbols OPENPKG_E1_MP_HEAD:1.17 OPENPKG_E1_MP:1.17 OPENPKG_E1_MP_2_STABLE:1.14.2.1 OPENPKG_E1_FP:1.14.2.1 OPENPKG_2_STABLE_MP:1.17 OPENPKG_2_STABLE_20061018:1.14.2.1 OPENPKG_2_STABLE_20060622:1.14 OPENPKG_2_STABLE:1.14.0.2 OPENPKG_2_STABLE_BP:1.14 OPENPKG_2_5_RELEASE:1.9 OPENPKG_2_5_SOLID:1.9.0.2 OPENPKG_2_5_SOLID_BP:1.9 OPENPKG_2_4_RELEASE:1.8 OPENPKG_2_4_SOLID:1.8.0.4 OPENPKG_2_4_SOLID_BP:1.8 OPENPKG_CW_FP:1.8 OPENPKG_2_3_RELEASE:1.8 OPENPKG_2_3_SOLID:1.8.0.2 OPENPKG_2_3_SOLID_BP:1.8 OPENPKG_2_2_RELEASE:1.7 OPENPKG_2_2_SOLID:1.7.0.2 OPENPKG_2_2_SOLID_BP:1.7 OPENPKG_2_1_RELEASE:1.3.2.1 OPENPKG_2_1_SOLID:1.3.0.2 OPENPKG_2_1_SOLID_BP:1.3 OPENPKG_2_0_RELEASE:1.1 OPENPKG_2_0_SOLID:1.1.0.12 OPENPKG_2_0_SOLID_BP:1.1 OPENPKG_1_3_RELEASE:1.1 OPENPKG_1_3_SOLID:1.1.0.10 OPENPKG_1_3_SOLID_BP:1.1 OPENPKG_1_2_SOLID:1.1.0.8 OPENPKG_1_2_SOLID_BP:1.1 OPENPKG_1_STABLE:1.1.0.6 OPENPKG_1_STABLE_BP:1.1 OPENPKG_1_0_SOLID:1.1.0.4 OPENPKG_1_1_SOLID:1.1.0.2; locks; strict; comment @# @; 1.25 date 2009.07.19.12.06.32; author rse; state Exp; branches; next 1.24; commitid gT4bLxhKJrsNJjWt; 1.24 date 2009.07.17.22.42.16; author rse; state Exp; branches; next 1.23; commitid L4GPaymlr0FSj7Wt; 1.23 date 2009.02.28.10.23.17; author rse; state Exp; branches; next 1.22; commitid 6TrRl6SNV7lnHbEt; 1.22 date 2008.12.13.16.25.56; author rse; state Exp; branches; next 1.21; commitid tVocm2hRyZMebkut; 1.21 date 2008.07.03.20.28.06; author rse; state Exp; branches; next 1.20; commitid P9VX6zuD44R9Lo9t; 1.20 date 2008.07.02.18.51.36; author rse; state Exp; branches; next 1.19; commitid KJsRu053ZSEYfg9t; 1.19 date 2007.05.26.09.48.28; author rse; state Exp; branches; next 1.18; commitid hKwOH2DYKzeRcqjs; 1.18 date 2007.05.19.06.38.14; author rse; state Exp; branches; next 1.17; commitid gkHC7aH1nvuxnvis; 1.17 date 2006.12.11.08.49.56; author rse; state Exp; branches; next 1.16; commitid dHqsLuOiJegAd5Yr; 1.16 date 2006.07.15.16.26.55; author rse; state Exp; branches; next 1.15; commitid 97VT9G05ZDmjxYEr; 1.15 date 2006.07.11.07.39.11; author thl; state Exp; branches; next 1.14; commitid oHZhba2Cs93fKpEr; 1.14 date 2006.02.25.09.27.13; author rse; state Exp; branches 1.14.2.1; next 1.13; commitid F8g0FrSpiXPkIWmr; 1.13 date 2006.02.01.07.19.42; author rse; state Exp; branches; next 1.12; commitid IN23D6vSHBToMQjr; 1.12 date 2006.01.24.16.28.16; author rse; state Exp; branches; next 1.11; commitid El5I0ChD52Iy4Sir; 1.11 date 2005.12.30.09.01.16; author rse; state Exp; branches; next 1.10; commitid MWUKcIf5W402pCfr; 1.10 date 2005.11.26.16.09.49; author rse; state Exp; branches; next 1.9; commitid EB8IBFWegrDNRhbr; 1.9 date 2005.09.29.21.47.45; author rse; state Exp; branches 1.9.2.1; next 1.8; 1.8 date 2004.11.19.19.16.06; author ms; state Exp; branches; next 1.7; 1.7 date 2004.08.20.13.16.20; author rse; state Exp; branches; next 1.6; 1.6 date 2004.08.20.11.30.23; author ms; state Exp; branches; next 1.5; 1.5 date 2004.07.29.07.48.21; author tho; state Exp; branches; next 1.4; 1.4 date 2004.07.05.08.17.47; author rse; state Exp; branches; next 1.3; 1.3 date 2004.06.30.18.58.38; author rse; state dead; branches 1.3.2.1; next 1.2; 1.2 date 2004.06.03.16.39.03; author ms; state Exp; branches; next 1.1; 1.1 date 2002.11.29.10.03.14; author rse; state dead; branches 1.1.2.1 1.1.4.1 1.1.8.1 1.1.12.1; next ; 1.14.2.1 date 2006.10.16.14.56.00; author rse; state Exp; branches; next 1.14.2.2; commitid iZxwRSmmWscPXUQr; 1.14.2.2 date 2006.12.22.19.13.35; author thl; state Exp; branches; next ; commitid 2LefOfqsS8nsjyZr; 1.9.2.1 date 2006.02.25.18.08.36; author rse; state Exp; branches; next ; commitid ifSaISG98cBcBZmr; 1.3.2.1 date 2004.07.05.08.38.42; author rse; state Exp; branches; next 1.3.2.2; 1.3.2.2 date 2004.07.22.08.40.45; author rse; state Exp; branches; next 1.3.2.3; 1.3.2.3 date 2004.09.15.12.14.17; author rse; state Exp; branches; next ; 1.1.2.1 date 2002.11.29.10.03.14; author rse; state Exp; branches; next 1.1.2.2; 1.1.2.2 date 2003.03.17.19.32.21; author thl; state Exp; branches; next 1.1.2.3; 1.1.2.3 date 2003.04.07.15.25.44; author rse; state Exp; branches; next ; 1.1.4.1 date 2002.11.29.10.13.27; author rse; state Exp; branches; next ; 1.1.8.1 date 2003.03.17.19.32.17; author thl; state Exp; branches; next 1.1.8.2; 1.1.8.2 date 2003.04.07.15.18.40; author rse; state Exp; branches; next ; 1.1.12.1 date 2004.07.22.09.08.32; author rse; state Exp; branches; next ; desc @@ 1.25 log @adjust packaging for new Samba 3.4 world order @ text @Index: source3/configure --- source3/configure.orig 2009-07-03 13:46:28 +0200 +++ source3/configure 2009-07-19 13:39:21 +0200 @@@@ -78688,7 +78689,7 @@@@ LIBWBCLIENT_SHARED_TARGET=bin/libwbclient.$SHLIBEXT LIBWBCLIENT_STATIC_TARGET=bin/libwbclient.a LIBWBCLIENT_SOVER=0 - if test $BLDSHARED = true -a x"$HAVE_WINBIND" = x"yes" -a x"$BUILD_LIBWBCLIENT_SHARED" = x"yes"; then + if false; then NSS_MODULES="${WINBIND_NSS} ${WINBIND_WINS_NSS}" ## Only worry about libwbclient if we have shared # library support Index: source3/lib/sysquotas_4A.c --- source3/lib/sysquotas_4A.c.orig 2009-07-03 13:21:14 +0200 +++ source3/lib/sysquotas_4A.c 2009-07-19 13:37:58 +0200 @@@@ -71,6 +71,10 @@@@ #define dqb_curinodes dqb_curfiles #endif +#if defined(_LINUX_QUOTA_VERSION) && _LINUX_QUOTA_VERSION-0 >= 2 +#define dqb_curblocks dqb_curspace +#endif + #ifdef INITQFNAMES #define USERQUOTAFILE_EXTENSION ".user" #else @ 1.24 log @upgrading package: samba 3.3.5 -> 3.4.0 @ text @d3 10 a12 18 +++ source3/configure 2009-07-18 00:15:39 +0200 @@@@ -12692,6 +12692,7 @@@@ SAMBA_CPPFLAGS="${SAMBA_CPPFLAGS} ${TDB_CFLAGS}" SAMBA_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/libaddns" SAMBA_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/librpc" +SAMBA_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/iniparser/src" SAMBA_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/.." SAMBA_CONFIGURE_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/../lib/popt" @@@@ -75436,6 +75437,8 @@@@ fi +LIBWBCLIENT_STATIC=$LIBWBCLIENT_STATIC_TARGET +LIBWBCLIENT_SHARED=$LIBWBCLIENT_STATIC_TARGET { $as_echo "$as_me:$LINENO: checking for struct ctdb_control_tcp" >&5 d15 1 a15 1 +++ source3/lib/sysquotas_4A.c 2009-07-18 00:14:46 +0200 @ 1.23 log @upgrading package: samba 3.2.7 -> 3.3.1 @ text @d1 4 a4 4 Index: source/configure --- source/configure.orig 2009-01-27 08:53:11 +0100 +++ source/configure 2009-01-27 19:03:11 +0100 @@@@ -11902,6 +11902,7 @@@@ d9 4 a13 1 SAMBA_CONFIGURE_CPPFLAGS="${SAMBA_CPPFLAGS} -I${srcdir-.}/popt" a14 3 @@@@ -75472,6 +75473,8 @@@@ else LIBWBCLIENT_STATIC=$LIBWBCLIENT_STATIC_TARGET d19 5 a23 5 if test x"$HAVE_WINBIND" = x"yes"; then { $as_echo "$as_me:$LINENO: result: yes" >&5 Index: source/lib/sysquotas_4A.c --- source/lib/sysquotas_4A.c.orig 2009-01-26 14:56:34 +0100 +++ source/lib/sysquotas_4A.c 2009-01-27 19:03:11 +0100 @ 1.22 log @upgrading package: samba 3.2.4 -> 3.2.6 @ text @d2 3 a4 3 --- source/configure.orig 2008-07-01 14:39:06 +0200 +++ source/configure 2008-07-03 22:10:38 +0200 @@@@ -11279,6 +11279,7 @@@@ d12 1 a12 1 @@@@ -70080,6 +70080,8 @@@@ d20 1 a20 1 { echo "$as_me:$LINENO: result: yes" >&5 d22 2 a23 2 --- source/lib/sysquotas_4A.c.orig 2008-07-01 14:33:07 +0200 +++ source/lib/sysquotas_4A.c 2008-07-03 22:09:34 +0200 a34 16 Index: source/smbd/uid.c --- source/smbd/uid.c.orig 2008-07-01 14:33:07 +0200 +++ source/smbd/uid.c 2008-07-03 22:09:34 +0200 @@@@ -157,7 +157,11 @@@@ NT_USER_TOKEN *token = NULL; int num_groups = 0; gid_t *group_list = NULL; - + + if (vuser) + DEBUG(9,("change_to_user: SMB user \"%s\" (unix user \"%s\", vuid %d)\n", + vuser->user.smb_name ? vuser->user.smb_name : "?", vuser->user.unix_name ? vuser->user.unix_name : "?", vuid)); + if (!conn) { DEBUG(2,("change_to_user: Connection not open\n")); return(False); @ 1.21 log @once again try to fix building @ text @d4 8 @ 1.20 log @upgrading package: samba 3.0.30 -> 3.2.0 @ text @d1 12 d15 1 a15 1 +++ source/lib/sysquotas_4A.c 2008-07-01 21:00:55 +0200 d29 1 a29 1 +++ source/smbd/uid.c 2008-07-01 21:00:55 +0200 @ 1.19 log @upgrading package: samba 3.0.25 -> 3.0.25a @ text @a0 352 Index: source/Makefile.in --- source/Makefile.in.orig 2007-05-23 17:29:19 +0200 +++ source/Makefile.in 2007-05-26 11:37:01 +0200 @@@@ -92,7 +92,7 @@@@ # or in smb.conf (see smb.conf(5)) LOGFILEBASE = @@logfilebase@@ CONFIGFILE = $(CONFIGDIR)/smb.conf -LMHOSTSFILE = $(CONFIGDIR)/lmhosts +LMHOSTSFILE = $(CONFIGDIR)/smb.hosts # This is where smbpasswd et al go PRIVATEDIR = @@privatedir@@ @@@@ -965,26 +965,26 @@@@ @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \ $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ - $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ + $(ACL_LIBS) $(PASSDB_LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ $(LIBS) bin/nmbd@@EXEEXT@@: proto_exists $(NMBD_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/swat@@EXEEXT@@: proto_exists $(SWAT_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINT_LIBS) \ - $(AUTH_LIBS) $(LIBS) $(PASSDB_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + $(AUTH_LIBS) $(PASSDB_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/rpcclient@@EXEEXT@@: proto_exists $(RPCCLIENT_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \ - $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @@POPTLIBS@@ \ - $(KRB5LIBS) $(LDAP_LIBS) + $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ \ + $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbclient@@EXEEXT@@: proto_exists $(CLIENT_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbctool@@EXEEXT@@: proto_exists $(TOOL_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@@@ -992,19 +992,19 @@@@ bin/net@@EXEEXT@@: proto_exists $(NET_OBJ) @@BUILD_POPT@@ @@BUILD_INIPARSER@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @@INIPARSERLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(UUID_LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(NSCD_LIBS) @@INIPARSERLIBS@@ $(LIBS) bin/profiles@@EXEEXT@@: proto_exists $(PROFILES_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(PROFILES_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(PROFILES_OBJ) $(DYNEXP) $(LDFLAGS) $(LDAP_LIBS) @@POPTLIBS@@ $(LIBS) bin/smbspool@@EXEEXT@@: proto_exists $(CUPS_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbmount@@EXEEXT@@: proto_exists $(MOUNT_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbmnt@@EXEEXT@@: proto_exists $(MNT_OBJ) bin/.dummy @@echo Linking $@@ @@@@ -1024,52 +1024,52 @@@@ bin/testparm@@EXEEXT@@: proto_exists $(TESTPARM_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(LDAP_LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LDAP_LIBS) @@POPTLIBS@@ $(LIBS) bin/smbstatus@@EXEEXT@@: proto_exists $(STATUS_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(LDAP_LIBS) \ - @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LDAP_LIBS) \ + @@POPTLIBS@@ $(LIBS) bin/smbcontrol@@EXEEXT@@: proto_exists $(SMBCONTROL_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@$(CC) -DUSING_SMBCONTROL $(FLAGS) -o $@@ \ $(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) \ - $(LIBS) $(LDAP_LIBS) @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ + $(LDAP_LIBS) @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ $(LIBS) bin/smbtree@@EXEEXT@@: proto_exists $(SMBTREE_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbpasswd@@EXEEXT@@: proto_exists $(SMBPASSWD_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(PASSDB_LIBS) \ - $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/pdbedit@@EXEEXT@@: proto_exists $(PDBEDIT_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) $(LIBS) bin/smbget@@EXEEXT@@: proto_exists $(SMBGET_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) bin/samtest@@EXEEXT@@: $(SAMTEST_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(PASSDB_LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/nmblookup@@EXEEXT@@: proto_exists $(NMBLOOKUP_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(LDAP_LIBS) $(LIBS) bin/smbtorture@@EXEEXT@@: proto_exists $(SMBTORTURE_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/talloctort@@EXEEXT@@: proto_exists $(TALLOCTORT_OBJ) bin/.dummy @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(TALLOCTORT_OBJ) $(LDFLAGS) \ - $(DYNEXP) $(LIBS) $(LDAP_LIBS) + $(DYNEXP) $(LDAP_LIBS) $(LIBS) bin/replacetort@@EXEEXT@@: $(REPLACETORT_OBJ) bin/.dummy @@echo Linking $@@ @@@@ -1078,49 +1078,49 @@@@ bin/masktest@@EXEEXT@@: proto_exists $(MASKTEST_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/msgtest@@EXEEXT@@: proto_exists $(MSGTEST_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/smbcacls@@EXEEXT@@: proto_exists $(SMBCACLS_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ - $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ + $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) bin/smbcquotas@@EXEEXT@@: proto_exists $(SMBCQUOTAS_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ - $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ + $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) bin/eventlogadm@@EXEEXT@@: proto_exists $(EVTLOGADM_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LDAP_LIBS) @@POPTLIBS@@ $(LIBS) bin/sharesec@@EXEEXT@@: proto_exists $(SHARESEC_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SHARESEC_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(LDAP_LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(SHARESEC_OBJ) $(DYNEXP) $(LDFLAGS) $(LDAP_LIBS) @@POPTLIBS@@ $(LIBS) bin/locktest@@EXEEXT@@: proto_exists $(LOCKTEST_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LOCKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(LOCKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/nsstest@@EXEEXT@@: proto_exists $(NSSTEST_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/pdbtest@@EXEEXT@@: proto_exists $(PDBTEST_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(PDBTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ $(LIBS) bin/vfstest@@EXEEXT@@: proto_exists $(VFSTEST_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) $(LIBS) bin/smbiconv@@EXEEXT@@: $(SMBICONV_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) @@POPTLIBS@@ $(LIBS) bin/log2pcap@@EXEEXT@@: proto_exists $(LOG2PCAP_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@@@ -1128,11 +1128,11 @@@@ bin/locktest2@@EXEEXT@@: proto_exists $(LOCKTEST2_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/rpctorture@@EXEEXT@@: $(RPCTORTURE_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/debug2html@@EXEEXT@@: proto_exists $(DEBUG2HTML_OBJ) bin/.dummy @@echo Linking $@@ @@@@ -1140,13 +1140,13 @@@@ bin/smbfilter@@EXEEXT@@: proto_exists $(SMBFILTER_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(SMBFILTER_OBJ) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) bin/libaddns.@@SHLIBEXT@@: proto_exists $(LIBADDNS_OBJ) @@echo Linking libaddns shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBADDNS_OBJ) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBADDNS_OBJ) \ $(KRB5LIBS) $(UUID_LIBS)\ - @@SONAMEFLAG@@`basename $@@`.$(LIBADDNS_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBADDNS_MAJOR) $(LIBS) bin/libaddns.a: proto_exists $(LIBADDNS_OBJ) @@echo Linking libaddns non-shared library $@@ @@@@ -1154,9 +1154,9 @@@@ bin/libsmbclient.@@SHLIBEXT@@: proto_exists $(LIBSMBCLIENT_OBJ) @@echo Linking libsmbclient shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBCLIENT_OBJ) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBCLIENT_OBJ) \ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBSMBCLIENT_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBSMBCLIENT_MAJOR) $(LIBS) bin/libsmbclient.a: proto_exists $(LIBSMBCLIENT_OBJ) @@echo Linking libsmbclient non-shared library $@@ @@@@ -1164,9 +1164,9 @@@@ bin/libsmbsharemodes.@@SHLIBEXT@@: proto_exists $(LIBSMBSHAREMODES_OBJ) @@echo Linking libsmbsharemodes shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBSHAREMODES_OBJ) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBSHAREMODES_OBJ) \ $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) $(LIBS) bin/libsmbsharemodes.a: proto_exists $(LIBSMBSHAREMODES_OBJ) @@echo Linking libsmbsharemodes non-shared library $@@ @@@@ -1174,8 +1174,8 @@@@ bin/libmsrpc.@@SHLIBEXT@@: proto_exists $(CAC_OBJ) @@echo Linking libmsrpc shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_OBJ) $(LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBMSRPC_MAJOR) + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_OBJ) \ + @@SONAMEFLAG@@`basename $@@`.$(LIBMSRPC_MAJOR) $(LIBS) bin/libmsrpc.a: proto_exists $(CAC_OBJ) @@echo Linking libmsrpc non-shared library $@@ @@@@ -1184,9 +1184,9 @@@@ # This is probably wrong for anything other than the GNU linker. bin/libbigballofmud.@@SHLIBEXT@@: proto_exists $(LIBBIGBALLOFMUD_OBJ) @@echo Linking bigballofmud shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBBIGBALLOFMUD_OBJ) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBBIGBALLOFMUD_OBJ) \ $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBBIGBALLOFMUD_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBBIGBALLOFMUD_MAJOR) $(LIBS) ln -snf libbigballofmud.so bin/libbigballofmud.so.0 # It would be nice to build a static bigballofmud too, but when I try @@@@ -1276,8 +1276,8 @@@@ bin/winbindd@@EXEEXT@@: proto_exists $(WINBINDD_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo "Linking $@@" - @@$(CC) $(FLAGS) -o $@@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) + @@$(CC) $(FLAGS) -o $@@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) \ + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) @@WINBIND_NSS@@: $(WINBIND_NSS_OBJ) @@echo "Linking $@@" @@@@ -1287,14 +1287,14 @@@@ @@WINBIND_WINS_NSS@@: proto_exists $(WINBIND_WINS_NSS_OBJ) @@echo "Linking $@@" @@$(SHLD) $(LDSHFLAGS) -o $@@ $(WINBIND_WINS_NSS_OBJ) \ - $(LDAP_LIBS) $(KRB5LIBS) $(LIBS) \ - @@SONAMEFLAG@@`basename $@@`@@NSSSONAMEVERSIONSUFFIX@@ + $(LDAP_LIBS) $(KRB5LIBS) \ + @@SONAMEFLAG@@`basename $@@`@@NSSSONAMEVERSIONSUFFIX@@ $(LIBS) @@SMB_KRB5_LOCATOR@@: proto_exists $(SMB_KRB5_LOCATOR_OBJ) @@echo "Linking $@@" @@$(SHLD) $(LDSHFLAGS) -o $@@ $(SMB_KRB5_LOCATOR_OBJ) \ - $(LDAP_LIBS) $(LIBS) -lcom_err \ - @@SONAMEFLAG@@`basename $@@` + $(LDAP_LIBS) -lcom_err \ + @@SONAMEFLAG@@`basename $@@` $(LIBS) bin/pam_winbind.@@SHLIBEXT@@: $(PAM_WINBIND_OBJ) bin/.dummy @@echo "Linking shared library $@@" @@@@ -1520,30 +1520,30 @@@@ bin/wbinfo@@EXEEXT@@: proto_exists $(WBINFO_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) $(LDAP_LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LDAP_LIBS) @@POPTLIBS@@ $(LIBS) bin/ntlm_auth@@EXEEXT@@: proto_exists $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(NTLM_AUTH_OBJ) \ - $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(LIBS) \ - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) bin/pam_smbpass.@@SHLIBEXT@@: $(PAM_SMBPASS_OBJ) @@echo "Linking shared library $@@" - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_OBJ) -lpam $(DYNEXP) $(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS) $(LIBS) bin/tdbbackup@@EXEEXT@@: proto_exists $(TDBBACKUP_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) + @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBBACKUP_OBJ) $(LIBS) bin/tdbtool@@EXEEXT@@: $(TDBTOOL_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) + @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBTOOL_OBJ) $(LIBS) bin/tdbdump@@EXEEXT@@: $(TDBDUMP_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) + @@$(CC) $(FLAGS) -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBDUMP_OBJ) $(LIBS) bin/t_strcmp@@EXEEXT@@: proto_exists bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strcmp.o $(CC) $(FLAGS) -o $@@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud @@@@ -1666,7 +1666,7 @@@@ fi PYTHON_OBJS="$(PYTHON_OBJ)" \ PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS) $(FLAGS)" \ - LIBS="$(LDFLAGS) $(LIBS) $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS)" \ + LIBS="$(LDFLAGS) $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS)" \ $(PYTHON) python/setup.py build python_install: $(PYTHON_OBJ) d2 3 a4 3 --- source/lib/sysquotas_4A.c.orig 2005-09-29 23:52:43 +0200 +++ source/lib/sysquotas_4A.c 2007-05-26 11:37:01 +0200 @@@@ -72,6 +72,10 @@@@ a14 12 Index: source/nsswitch/winbindd_util.c --- source/nsswitch/winbindd_util.c.orig 2007-05-11 00:09:34 +0200 +++ source/nsswitch/winbindd_util.c 2007-05-26 11:37:01 +0200 @@@@ -936,7 +936,7 @@@@ { if (_winbindd_priv_socket == -1) { _winbindd_priv_socket = create_pipe_sock( - get_winbind_priv_pipe_dir(), WINBINDD_SOCKET_NAME, 0750); + get_winbind_priv_pipe_dir(), WINBINDD_SOCKET_NAME, 0755); DEBUG(10, ("open_winbindd_priv_socket: opened socket fd %d\n", _winbindd_priv_socket)); } d16 3 a18 3 --- source/smbd/uid.c.orig 2007-05-23 17:29:15 +0200 +++ source/smbd/uid.c 2007-05-26 11:38:34 +0200 @@@@ -158,7 +158,11 @@@@ @ 1.18 log @upgrading package: samba 3.0.24 -> 3.0.25 @ text @d2 2 a3 2 --- source/Makefile.in.orig 2007-04-25 11:39:00 +0200 +++ source/Makefile.in 2007-05-17 14:43:04 +0200 d306 1 a306 1 @@@@ -1515,30 +1515,30 @@@@ d344 1 a344 1 @@@@ -1661,7 +1661,7 @@@@ d355 1 a355 1 +++ source/lib/sysquotas_4A.c 2007-05-17 14:40:34 +0200 d369 1 a369 1 +++ source/nsswitch/winbindd_util.c 2007-05-17 14:40:34 +0200 d380 3 a382 4 --- source/smbd/uid.c.orig 2007-03-01 05:54:07 +0100 +++ source/smbd/uid.c 2007-05-17 14:40:34 +0200 @@@@ -157,6 +157,10 @@@@ BOOL must_free_token = False; d384 7 a390 4 + if (vuser) + DEBUG(9,("change_to_user: SMB user \"%s\" (unix user \"%s\", vuid %d)\n", + vuser->user.smb_name ? vuser->user.smb_name : "?", vuser->user.unix_name ? vuser->user.unix_name : "?", vuid)); @ 1.17 log @upgrading package: samba 3.0.23c -> 3.0.23d @ text @d2 3 a4 3 --- source/Makefile.in.orig 2006-11-14 15:42:15 +0100 +++ source/Makefile.in 2006-12-10 17:12:55 +0100 @@@@ -86,7 +86,7 @@@@ d13 1 a13 1 @@@@ -922,46 +922,46 @@@@ d15 1 a15 1 @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \ d17 1 a17 1 - $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ d20 1 a20 1 bin/nmbd@@EXEEXT@@: $(NMBD_OBJ) @@BUILD_POPT@@ bin/.dummy d22 2 a23 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NMBD_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d25 1 a25 1 bin/swat@@EXEEXT@@: $(SWAT_OBJ) @@BUILD_POPT@@ bin/.dummy d27 1 a27 1 @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SWAT_OBJ) $(LDFLAGS) $(DYNEXP) $(PRINT_LIBS) \ d31 1 a31 1 bin/rpcclient@@EXEEXT@@: $(RPCCLIENT_OBJ) @@BUILD_POPT@@ bin/.dummy d33 1 a33 1 @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \ d39 1 a39 1 bin/smbclient@@EXEEXT@@: $(CLIENT_OBJ) @@BUILD_POPT@@ bin/.dummy d41 2 a42 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(CLIENT_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d44 1 a44 1 bin/smbctool@@EXEEXT@@: $(TOOL_OBJ) @@BUILD_POPT@@ bin/.dummy d46 1 a46 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TOOL_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) -Lbin -lsmbclient + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TOOL_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) -Lbin -lsmbclient $(LIBS) d48 1 a48 1 bin/net@@EXEEXT@@: $(NET_OBJ) @@BUILD_POPT@@ bin/.dummy d50 2 a51 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) d53 1 a53 1 bin/profiles@@EXEEXT@@: $(PROFILES_OBJ) @@BUILD_POPT@@ bin/.dummy d55 2 a56 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PROFILES_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PROFILES_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(LIBS) d58 1 a58 1 bin/smbspool@@EXEEXT@@: $(CUPS_OBJ) bin/.dummy d60 2 a61 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(CUPS_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d63 1 a63 1 bin/smbmount@@EXEEXT@@: $(MOUNT_OBJ) bin/.dummy d65 2 a66 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d68 1 a68 1 bin/smbmnt@@EXEEXT@@: $(MNT_OBJ) bin/.dummy d70 1 a70 1 @@@@ -981,47 +981,47 @@@@ d72 1 a72 1 bin/testparm@@EXEEXT@@: $(TESTPARM_OBJ) @@BUILD_POPT@@ bin/.dummy d74 2 a75 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TESTPARM_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(LIBS) d77 1 a77 1 bin/smbstatus@@EXEEXT@@: $(STATUS_OBJ) @@BUILD_POPT@@ bin/.dummy d79 1 a79 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ d81 1 a81 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(STATUS_OBJ) $(LDFLAGS) $(DYNEXP) \ d84 1 a84 1 bin/smbcontrol@@EXEEXT@@: $(SMBCONTROL_OBJ) @@BUILD_POPT@@ bin/.dummy d86 1 a86 1 @@$(CC) -DUSING_SMBCONTROL $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ \ d88 2 a89 2 - $(LIBS) @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ + @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ $(LIBS) d91 1 a91 1 bin/smbtree@@EXEEXT@@: $(SMBTREE_OBJ) @@BUILD_POPT@@ bin/.dummy d93 2 a94 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d96 1 a96 1 bin/smbpasswd@@EXEEXT@@: $(SMBPASSWD_OBJ) @@BUILD_POPT@@ bin/.dummy d98 1 a98 1 @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(PASSDB_LIBS) \ d102 1 a102 1 bin/pdbedit@@EXEEXT@@: $(PDBEDIT_OBJ) @@BUILD_POPT@@ bin/.dummy d104 2 a105 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) $(LIBS) d107 1 a107 1 bin/smbget@@EXEEXT@@: $(SMBGET_OBJ) @@BUILD_POPT@@ bin/.dummy d109 2 a110 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) d114 2 a115 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(PASSDB_LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SAMTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d117 1 a117 1 bin/nmblookup@@EXEEXT@@: $(NMBLOOKUP_OBJ) @@BUILD_POPT@@ bin/.dummy d119 2 a120 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NMBLOOKUP_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(LDAP_LIBS) $(LIBS) d122 1 a122 1 bin/smbtorture@@EXEEXT@@: $(SMBTORTURE_OBJ) bin/.dummy d124 2 a125 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d127 1 a127 1 bin/talloctort@@EXEEXT@@: $(TALLOCTORT_OBJ) bin/.dummy d129 3 a131 1 @@@@ -1029,41 +1029,41 @@@@ d133 1 a133 1 bin/masktest@@EXEEXT@@: $(MASKTEST_OBJ) bin/.dummy d135 1 a135 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MASKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d137 1 a137 1 bin/msgtest@@EXEEXT@@: $(MSGTEST_OBJ) bin/.dummy d139 2 a140 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d142 1 a142 1 bin/smbcacls@@EXEEXT@@: $(SMBCACLS_OBJ) @@BUILD_POPT@@ bin/.dummy d144 6 a149 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ d151 1 a151 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ d154 1 a154 1 bin/smbcquotas@@EXEEXT@@: $(SMBCQUOTAS_OBJ) @@BUILD_POPT@@ bin/.dummy d156 1 a156 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ d158 1 a158 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ d161 1 a161 1 bin/eventlogadm@@EXEEXT@@: $(EVTLOGADM_OBJ) @@BUILD_POPT@@ bin/.dummy d163 2 a164 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(LIBS) d166 1 a166 1 bin/locktest@@EXEEXT@@: $(LOCKTEST_OBJ) bin/.dummy d168 2 a169 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LOCKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LOCKTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d171 1 a171 1 bin/nsstest@@EXEEXT@@: $(NSSTEST_OBJ) bin/.dummy d173 2 a174 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d176 1 a176 1 bin/vfstest@@EXEEXT@@: $(VFSTEST_OBJ) @@BUILD_POPT@@ bin/.dummy d178 2 a179 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) $(LIBS) d181 1 a181 1 bin/smbiconv@@EXEEXT@@: $(SMBICONV_OBJ) @@BUILD_POPT@@ bin/.dummy d183 2 a184 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) @@POPTLIBS@@ $(LIBS) d186 1 a186 1 bin/log2pcap@@EXEEXT@@: $(LOG2PCAP_OBJ) @@BUILD_POPT@@ bin/.dummy d188 2 a189 1 @@@@ -1071,11 +1071,11 @@@@ d191 1 a191 1 bin/locktest2@@EXEEXT@@: $(LOCKTEST2_OBJ) bin/.dummy d193 2 a194 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d196 1 a196 1 bin/rpctorture@@EXEEXT@@: $(RPCTORTURE_OBJ) bin/.dummy d198 1 a198 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(RPCTORTURE_OBJ) $(DYNEXP) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d200 1 a200 1 bin/debug2html@@EXEEXT@@: $(DEBUG2HTML_OBJ) bin/.dummy d202 2 a203 1 @@@@ -1083,11 +1083,11 @@@@ d205 1 a205 1 bin/smbfilter@@EXEEXT@@: $(SMBFILTER_OBJ) bin/.dummy d207 2 a208 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBFILTER_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBFILTER_OBJ) $(LDFLAGS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d210 1 a210 1 bin/smbw_sample@@EXEEXT@@: $(SMBW_OBJ) utils/smbw_sample.o bin/.dummy d212 1 a212 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBW_OBJ) utils/smbw_sample.o $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d214 1 a214 1 bin/smbsh@@EXEEXT@@: $(SMBSH_OBJ) bin/.dummy d216 10 a225 1 @@@@ -1095,15 +1095,15 @@@@ d227 3 a229 7 bin/smbwrapper.@@SHLIBEXT@@: $(PICOBJS) bin/.dummy @@echo Linking shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PICOBJS) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PICOBJS) \ $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@` + @@SONAMEFLAG@@`basename $@@` $(LIBS) d231 1 a231 1 bin/libsmbclient.@@SHLIBEXT@@: $(LIBSMBCLIENT_PICOBJS) d233 3 a235 3 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBCLIENT_PICOBJS) $(LDFLAGS) \ $(KRB5LIBS) $(LDAP_LIBS) \ d239 1 a239 1 bin/libsmbclient.a: $(LIBSMBCLIENT_PICOBJS) d241 1 a241 1 @@@@ -1111,9 +1111,9 @@@@ d243 1 a243 1 bin/libsmbsharemodes.@@SHLIBEXT@@: $(LIBSMBSHAREMODES_PICOBJS) d245 2 a246 2 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBSHAREMODES_PICOBJS) $(LDFLAGS) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBSMBSHAREMODES_PICOBJS) $(LDFLAGS) \ d249 1 a249 1 + @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) $(LIBS) d251 1 a251 1 bin/libsmbsharemodes.a: $(LIBSMBSHAREMODES_PICOBJS) d253 1 a253 1 @@@@ -1121,8 +1121,8 @@@@ d255 1 a255 1 bin/libmsrpc.@@SHLIBEXT@@: $(CAC_PICOBJS) d257 1 a257 1 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_PICOBJS) $(LDFLAGS) $(LIBS) \ d259 1 a259 1 + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_PICOBJS) $(LDFLAGS) \ d262 1 a262 1 bin/libmsrpc.a: $(CAC_PICOBJS) d264 3 a266 3 @@@@ -1131,9 +1131,9 @@@@ # This is probably wrong for anything other than the GNU linker. bin/libbigballofmud.@@SHLIBEXT@@: $(LIBBIGBALLOFMUD_PICOBJS) d268 2 a269 2 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBBIGBALLOFMUD_PICOBJS) $(LIBS) \ + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(LIBBIGBALLOFMUD_PICOBJS) \ d276 1 a276 1 @@@@ -1212,8 +1212,8 @@@@ d278 1 a278 1 bin/winbindd@@EXEEXT@@: $(WINBINDD_OBJ) @@BUILD_POPT@@ bin/.dummy d280 1 a280 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) \ d282 1 a282 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(WINBINDD_OBJ) $(LDFLAGS) $(DYNEXP) \ d285 18 a302 3 # Please don't add .o files to libnss_winbind, libnss_wins, or the pam_winbind # libraries. Add to the appropriate PICOBJ variable instead. @@@@ -1375,54 +1375,54 @@@@ d304 5 a308 1 bin/wbinfo@@EXEEXT@@: $(WBINFO_OBJ) @@BUILD_POPT@@ bin/.dummy d310 2 a311 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) @@POPTLIBS@@ $(LIBS) d313 1 a313 1 bin/ntlm_auth@@EXEEXT@@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ d316 1 a316 1 @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(NTLM_AUTH_OBJ) \ d322 1 a322 1 bin/pam_smbpass.@@SHLIBEXT@@: $(PAM_SMBPASS_PICOOBJ) d324 2 a325 2 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) $(LDAP_LIBS) $(KRB5LIBS) + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LDAP_LIBS) $(KRB5LIBS) $(LIBS) d327 1 a327 1 bin/tdbbackup@@EXEEXT@@: $(TDBBACKUP_OBJ) bin/.dummy d329 2 a330 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ $(LIBS) d334 2 a335 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBTOOL_OBJ) @@SOCKWRAP@@ $(LIBS) d339 2 a340 36 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBDUMP_OBJ) @@SOCKWRAP@@ $(LIBS) bin/t_strcmp@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strcmp.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strcmp.o -L ./bin -lbigballofmud $(LIBS) bin/t_strstr@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strstr.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strstr.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strstr.o -L ./bin -lbigballofmud $(LIBS) bin/t_strappend@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strappend.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strappend.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strappend.o -L ./bin -lbigballofmud $(LIBS) bin/t_stringoverflow@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_stringoverflow.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud $(LIBS) bin/t_doschar@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_doschar.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_doschar.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP)torture/t_doschar.o -L ./bin -lbigballofmud $(LIBS) bin/t_push_ucs2@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_push_ucs2.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_push_ucs2.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_push_ucs2.o -L ./bin -lbigballofmud $(LIBS) bin/t_snprintf@@EXEEXT@@: lib/snprintf.c - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm $(LIBS) bin/timelimit@@EXEEXT@@: script/tests/timelimit.o @@echo Linking $@@ - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) script/tests/timelimit.o + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) script/tests/timelimit.o $(LIBS) install: installservers installbin @@INSTALL_CIFSMOUNT@@ installman installscripts installdat installswat installmodules @@INSTALL_LIBSMBCLIENT@@ @@INSTALL_LIBMSRPC@@ @@INSTALL_PAM_MODULES@@ d342 3 a344 1 @@@@ -1513,7 +1513,7 @@@@ d346 1 a346 1 PYTHON_OBJS="$(PYTHON_PICOBJS)" \ d352 1 a352 1 python_install: $(PYTHON_PICOBJS) d355 1 a355 1 +++ source/lib/sysquotas_4A.c 2006-12-10 17:08:04 +0100 d368 3 a370 3 --- source/nsswitch/winbindd_util.c.orig 2006-11-14 15:42:13 +0100 +++ source/nsswitch/winbindd_util.c 2006-12-10 17:08:04 +0100 @@@@ -935,7 +935,7 @@@@ d380 3 a382 3 --- source/smbd/uid.c.orig 2006-04-20 04:29:19 +0200 +++ source/smbd/uid.c 2006-12-10 17:08:04 +0100 @@@@ -152,6 +152,10 @@@@ @ 1.16 log @re-upgrade from 3.0.22 to 3.0.23 from scratch to unbreak the server parts (which were missing) @ text @d2 2 a3 2 --- source/Makefile.in.orig 2006-07-10 18:27:55 +0200 +++ source/Makefile.in 2006-07-15 18:03:28 +0200 d13 6 a18 1 @@@@ -914,42 +914,42 @@@@ d71 1 a71 1 @@@@ -969,47 +969,47 @@@@ d106 1 a106 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) $(LIBS) d110 2 a111 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d130 1 a130 1 @@@@ -1017,39 +1017,39 @@@@ d144 4 a147 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d151 4 a154 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d169 1 a169 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d173 2 a174 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(LIBS) d183 1 a183 1 @@@@ -1057,11 +1057,11 @@@@ d197 1 a197 1 @@@@ -1069,11 +1069,11 @@@@ d211 1 a211 1 @@@@ -1081,15 +1081,15 @@@@ a215 1 - $(KRB5LIBS) $(LDAP_LIBS) \ d217 3 a219 2 + $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) \ @@SONAMEFLAG@@`basename $@@` d231 1 a231 1 @@@@ -1097,9 +1097,9 @@@@ d243 1 a243 1 @@@@ -1107,8 +1107,8 @@@@ d254 1 a254 1 @@@@ -1117,9 +1117,9 @@@@ d266 1 a266 1 @@@@ -1198,8 +1198,8 @@@@ d271 1 a271 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(NSCD_LIBS) d273 1 a273 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(NSCD_LIBS) $(LIBS) d277 1 a277 1 @@@@ -1361,47 +1361,47 @@@@ d289 1 a289 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) d291 1 a291 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d301 1 a301 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ $(LIBS) d326 2 a327 1 $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud d331 1 a331 1 + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_doschar.o -L ./bin -lbigballofmud $(LIBS) d337 11 a347 2 $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm @@@@ -1499,7 +1499,7 @@@@ d358 1 a358 1 +++ source/lib/sysquotas_4A.c 2006-07-15 17:37:40 +0200 d371 3 a373 3 --- source/nsswitch/winbindd_util.c.orig 2006-06-23 15:16:50 +0200 +++ source/nsswitch/winbindd_util.c 2006-07-15 17:37:40 +0200 @@@@ -920,7 +920,7 @@@@ d384 1 a384 1 +++ source/smbd/uid.c 2006-07-15 17:37:40 +0200 @ 1.15 log @upgrading package: samba 3.0.22 -> 3.0.23 @ text @d3 1 a3 1 +++ source/Makefile.in 2006-07-11 09:16:33 +0200 d13 1 a13 6 @@@@ -910,46 +910,46 @@@@ @@echo Linking $@@ @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \ $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ - $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ + $(ACL_LIBS) $(PASSDB_LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ $(LIBS) d42 1 a42 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TOOL_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) -Lbin -lsmbclient d160 1 a160 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d202 1 a202 1 @@@@ -1081,14 +1081,14 @@@@ a214 1 - $(KRB5LIBS) $(LDAP_LIBS) \ d216 3 a218 2 + $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) \ @@SONAMEFLAG@@`basename $@@`.$(LIBSMBCLIENT_MAJOR) d221 2 a222 1 @@@@ -1097,8 +1097,8 @@@@ a226 1 - $(KRB5LIBS) $(LDAP_LIBS) \ d228 3 a230 2 + $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) \ @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) d233 13 a245 1 @@@@ -1117,8 +1117,8 @@@@ a249 1 - $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ d251 3 a253 2 + $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) \ @@SONAMEFLAG@@`basename $@@`.$(LIBBIGBALLOFMUD_MAJOR) d256 1 d268 1 a268 1 @@@@ -1361,18 +1361,18 @@@@ d291 46 d339 1 a339 1 +++ source/lib/sysquotas_4A.c 2006-02-25 09:39:08 +0100 d352 3 a354 3 --- source/nsswitch/winbindd_util.c.orig 2006-01-25 00:46:34 +0100 +++ source/nsswitch/winbindd_util.c 2006-02-25 09:39:08 +0100 @@@@ -913,7 +913,7 @@@@ d364 3 a366 3 --- source/smbd/uid.c.orig 2006-01-25 00:46:32 +0100 +++ source/smbd/uid.c 2006-02-25 09:39:08 +0100 @@@@ -200,6 +200,10 @@@@ @ 1.14 log @upgrading package: samba 3.0.21b -> 3.0.21c @ text @d2 3 a4 3 --- source/Makefile.in.orig 2006-02-20 21:33:23 +0100 +++ source/Makefile.in 2006-02-25 09:39:49 +0100 @@@@ -77,7 +77,7 @@@@ d13 6 a18 1 @@@@ -885,7 +885,7 @@@@ a24 3 bin/wrepld@@EXEEXT@@: $(WREPL_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ @@@@ -894,37 +894,37 @@@@ d47 1 a47 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(TOOL_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) -Lbin -lsmbclient $(LIBS) d51 2 a52 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) d71 1 a71 1 @@@@ -936,47 +936,47 @@@@ d87 4 a90 5 @@$(CC) -DUSING_SMBCONTROL $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCONTROL_OBJ) $(DYNEXP) \ - $(LDFLAGS) $(LIBS) \ - @@POPTLIBS@@ + $(LDFLAGS) \ + @@POPTLIBS@@ $(LIBS) d94 1 a94 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) d97 1 a97 1 bin/smbpasswd@@EXEEXT@@: $(SMBPASSWD_OBJ) bin/.dummy d100 2 a101 2 - $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) + $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d125 1 a125 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) d130 1 a130 1 @@@@ -984,39 +984,39 @@@@ d139 1 a139 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) d154 1 a154 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ d169 2 a170 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d179 1 a179 1 @@@@ -1024,11 +1024,11 @@@@ d193 1 a193 1 @@@@ -1036,11 +1036,11 @@@@ d207 1 a207 1 @@@@ -1048,14 +1048,14 @@@@ d226 1 a226 1 @@@@ -1064,8 +1064,8 @@@@ d237 1 a237 1 @@@@ -1084,8 +1084,8 @@@@ d248 1 a248 1 @@@@ -1164,8 +1164,8 @@@@ d253 1 a253 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) d255 1 a255 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) d259 8 a266 1 @@@@ -1352,12 +1352,12 @@@@ @ 1.14.2.1 log @Mass merge from CURRENT to 2-STABLE (all packages except those of JUNK class) @ text @d2 3 a4 3 --- source/Makefile.in.orig 2006-07-10 18:27:55 +0200 +++ source/Makefile.in 2006-07-15 18:03:28 +0200 @@@@ -86,7 +86,7 @@@@ d13 1 a13 1 @@@@ -914,42 +914,42 @@@@ d20 3 d49 2 a50 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NET_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) d69 1 a69 1 @@@@ -969,47 +969,47 @@@@ d85 5 a89 4 @@$(CC) -DUSING_SMBCONTROL $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ \ $(SMBCONTROL_OBJ) $(DYNEXP) $(LDFLAGS) \ - $(LIBS) @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ + @@LIBUNWIND_PTRACE@@ @@POPTLIBS@@ $(LIBS) d93 1 a93 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTREE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) d96 1 a96 1 bin/smbpasswd@@EXEEXT@@: $(SMBPASSWD_OBJ) @@BUILD_POPT@@ bin/.dummy d99 2 a100 2 - $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) + $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d124 1 a124 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) d129 1 a129 1 @@@@ -1017,39 +1017,39 @@@@ d138 1 a138 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(MSGTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) $(KRB5LIBS) $(LDAP_LIBS) d153 1 a153 1 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(EVTLOGADM_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ d164 1 a164 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d168 2 a169 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(LIBS) d178 1 a178 1 @@@@ -1057,11 +1057,11 @@@@ d192 1 a192 1 @@@@ -1069,11 +1069,11 @@@@ d206 1 a206 1 @@@@ -1081,15 +1081,15 @@@@ d219 1 d221 2 a222 3 $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBSMBCLIENT_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBSMBCLIENT_MAJOR) $(LIBS) d225 1 a225 2 @@echo Linking libsmbclient non-shared library $@@ @@@@ -1097,9 +1097,9 @@@@ d230 1 d232 2 a233 3 $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBSMBSHAREMODES_MAJOR) $(LIBS) d236 1 a236 13 @@echo Linking libsmbsharemodes non-shared library $@@ @@@@ -1107,8 +1107,8 @@@@ bin/libmsrpc.@@SHLIBEXT@@: $(CAC_PICOBJS) @@echo Linking libmsrpc shared library $@@ - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_PICOBJS) $(LDFLAGS) $(LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBMSRPC_MAJOR) + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(CAC_PICOBJS) $(LDFLAGS) \ + @@SONAMEFLAG@@`basename $@@`.$(LIBMSRPC_MAJOR) $(LIBS) bin/libmsrpc.a: $(CAC_PICOBJS) @@echo Linking libmsrpc non-shared library $@@ @@@@ -1117,9 +1117,9 @@@@ d241 1 d243 2 a244 3 $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@`.$(LIBBIGBALLOFMUD_MAJOR) + @@SONAMEFLAG@@`basename $@@`.$(LIBBIGBALLOFMUD_MAJOR) $(LIBS) d247 1 a247 2 # It would be nice to build a static bigballofmud too, but when I try @@@@ -1198,8 +1198,8 @@@@ d252 1 a252 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(NSCD_LIBS) d254 1 a254 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(NSCD_LIBS) $(LIBS) d258 1 a258 8 @@@@ -1361,47 +1361,47 @@@@ bin/wbinfo@@EXEEXT@@: $(WBINFO_OBJ) @@BUILD_POPT@@ bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) $(LIBS) @@POPTLIBS@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(WBINFO_OBJ) $(DYNEXP) @@POPTLIBS@@ $(LIBS) bin/ntlm_auth@@EXEEXT@@: $(NTLM_AUTH_OBJ) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) \ a273 46 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ $(LIBS) bin/tdbtool@@EXEEXT@@: $(TDBTOOL_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBTOOL_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBTOOL_OBJ) @@SOCKWRAP@@ $(LIBS) bin/tdbdump@@EXEEXT@@: $(TDBDUMP_OBJ) bin/.dummy @@echo Linking $@@ - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(LIBS) $(TDBDUMP_OBJ) @@SOCKWRAP@@ + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBDUMP_OBJ) @@SOCKWRAP@@ $(LIBS) bin/t_strcmp@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strcmp.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strcmp.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strcmp.o -L ./bin -lbigballofmud $(LIBS) bin/t_strstr@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strstr.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strstr.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strstr.o -L ./bin -lbigballofmud $(LIBS) bin/t_strappend@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_strappend.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_strappend.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_strappend.o -L ./bin -lbigballofmud $(LIBS) bin/t_stringoverflow@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_stringoverflow.o $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud bin/t_doschar@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_doschar.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_doschar.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_doschar.o -L ./bin -lbigballofmud $(LIBS) bin/t_push_ucs2@@EXEEXT@@: bin/libbigballofmud.@@SHLIBEXT@@ torture/t_push_ucs2.o - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) $(LIBS) torture/t_push_ucs2.o -L ./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_push_ucs2.o -L ./bin -lbigballofmud $(LIBS) bin/t_snprintf@@EXEEXT@@: lib/snprintf.c $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm @@@@ -1499,7 +1499,7 @@@@ fi PYTHON_OBJS="$(PYTHON_PICOBJS)" \ PYTHON_CFLAGS="$(CFLAGS) $(CPPFLAGS) $(FLAGS)" \ - LIBS="$(LDFLAGS) $(LIBS) $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS)" \ + LIBS="$(LDFLAGS) $(PASSDB_LIBS) $(IDMAP_LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS)" \ $(PYTHON) python/setup.py build python_install: $(PYTHON_PICOBJS) d276 1 a276 1 +++ source/lib/sysquotas_4A.c 2006-07-15 17:37:40 +0200 d289 3 a291 3 --- source/nsswitch/winbindd_util.c.orig 2006-06-23 15:16:50 +0200 +++ source/nsswitch/winbindd_util.c 2006-07-15 17:37:40 +0200 @@@@ -920,7 +920,7 @@@@ d301 3 a303 3 --- source/smbd/uid.c.orig 2006-04-20 04:29:19 +0200 +++ source/smbd/uid.c 2006-07-15 17:37:40 +0200 @@@@ -152,6 +152,10 @@@@ @ 1.14.2.2 log @MFC: make up leeway for 2_STABLE by virtue of build-time results @ text @d2 2 a3 2 --- source/Makefile.in.orig 2006-11-14 15:42:15 +0100 +++ source/Makefile.in 2006-12-10 17:12:55 +0100 d13 1 a13 6 @@@@ -922,46 +922,46 @@@@ @@echo Linking $@@ @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBD_OBJ) $(LDFLAGS) $(LDAP_LIBS) \ $(KRB5LIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) \ - $(ACL_LIBS) $(PASSDB_LIBS) $(LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ + $(ACL_LIBS) $(PASSDB_LIBS) @@POPTLIBS@@ @@SMBD_LIBS@@ $(LIBS) d66 1 a66 1 @@@@ -981,47 +981,47 @@@@ d101 1 a101 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(PASSDB_LIBS) $(LDAP_LIBS) $(LIBS) d105 2 a106 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBGET_OBJ) $(LDFLAGS) $(DYNEXP) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) d125 1 a125 1 @@@@ -1029,41 +1029,41 @@@@ d139 2 a140 4 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ - $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCACLS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ + $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) d144 2 a145 4 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) $(LIBS) @@POPTLIBS@@ \ - $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(SMBCQUOTAS_OBJ) $(DYNEXP) $(LDFLAGS) @@POPTLIBS@@ \ + $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) d160 1 a160 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d164 2 a165 2 - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) $(LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINT_LIBS) $(AUTH_LIBS) $(ACL_LIBS) @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) @@SMBD_LIBS@@ $(NSCD_LIBS) $(LIBS) d174 1 a174 1 @@@@ -1071,11 +1071,11 @@@@ d188 1 a188 1 @@@@ -1083,11 +1083,11 @@@@ d202 1 a202 1 @@@@ -1095,15 +1095,15 @@@@ d207 1 d209 2 a210 3 $(KRB5LIBS) $(LDAP_LIBS) \ - @@SONAMEFLAG@@`basename $@@` + @@SONAMEFLAG@@`basename $@@` $(LIBS) d222 1 a222 1 @@@@ -1111,9 +1111,9 @@@@ d234 1 a234 1 @@@@ -1121,8 +1121,8 @@@@ d245 1 a245 1 @@@@ -1131,9 +1131,9 @@@@ d257 1 a257 1 @@@@ -1212,8 +1212,8 @@@@ d262 1 a262 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) d264 1 a264 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(PASSDB_LIBS) $(LIBS) d268 1 a268 1 @@@@ -1375,54 +1375,54 @@@@ d280 1 a280 1 - @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) d282 1 a282 1 + @@POPTLIBS@@ $(KRB5LIBS) $(LDAP_LIBS) $(NSCD_LIBS) $(LIBS) d292 1 a292 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(LDFLAGS) $(DYNEXP) $(TDBBACKUP_OBJ) @@SOCKWRAP@@ $(LIBS) d317 1 a317 2 - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) torture/t_stringoverflow.o -L./bin -lbigballofmud $(LIBS) d321 1 a321 1 + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP)torture/t_doschar.o -L ./bin -lbigballofmud $(LIBS) d327 2 a328 11 - $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm + $(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) -DTEST_SNPRINTF lib/snprintf.c -lm $(LIBS) bin/timelimit@@EXEEXT@@: script/tests/timelimit.o @@echo Linking $@@ - @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) script/tests/timelimit.o + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(DYNEXP) script/tests/timelimit.o $(LIBS) install: installservers installbin @@INSTALL_CIFSMOUNT@@ installman installscripts installdat installswat installmodules @@INSTALL_LIBSMBCLIENT@@ @@INSTALL_LIBMSRPC@@ @@INSTALL_PAM_MODULES@@ @@@@ -1513,7 +1513,7 @@@@ d339 1 a339 1 +++ source/lib/sysquotas_4A.c 2006-12-10 17:08:04 +0100 d352 3 a354 3 --- source/nsswitch/winbindd_util.c.orig 2006-11-14 15:42:13 +0100 +++ source/nsswitch/winbindd_util.c 2006-12-10 17:08:04 +0100 @@@@ -935,7 +935,7 @@@@ d365 1 a365 1 +++ source/smbd/uid.c 2006-12-10 17:08:04 +0100 @ 1.13 log @upgrading package: samba 3.0.21a -> 3.0.21b @ text @d2 2 a3 2 --- source/Makefile.in.orig 2005-12-14 13:45:49 +0100 +++ source/Makefile.in 2006-01-24 17:06:16 +0100 d13 1 a13 1 @@@@ -884,7 +884,7 @@@@ d22 1 a22 1 @@@@ -893,37 +893,37 @@@@ d69 1 a69 1 @@@@ -935,47 +935,47 @@@@ d129 1 a129 1 @@@@ -983,39 +983,39 @@@@ d178 1 a178 1 @@@@ -1023,11 +1023,11 @@@@ d192 1 a192 1 @@@@ -1035,11 +1035,11 @@@@ d206 1 a206 1 @@@@ -1047,14 +1047,14 @@@@ d225 1 a225 1 @@@@ -1063,8 +1063,8 @@@@ d236 1 a236 1 @@@@ -1083,8 +1083,8 @@@@ d247 1 a247 1 @@@@ -1163,8 +1163,8 @@@@ d258 1 a258 1 @@@@ -1351,12 +1351,12 @@@@ d269 2 a270 2 - @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) $(LIBS) -lc $(LDAP_LIBS) $(KRB5LIBS) + @@$(SHLD) $(LDSHFLAGS) -o $@@ $(PAM_SMBPASS_PICOOBJ) -lpam $(DYNEXP) -lc $(LDAP_LIBS) $(KRB5LIBS) $(LIBS) d276 1 a276 1 +++ source/lib/sysquotas_4A.c 2006-01-24 17:05:44 +0100 d289 3 a291 3 --- source/nsswitch/winbindd_util.c.orig 2005-12-14 13:45:50 +0100 +++ source/nsswitch/winbindd_util.c 2006-01-24 17:05:44 +0100 @@@@ -914,7 +914,7 @@@@ d301 3 a303 3 --- source/smbd/uid.c.orig 2005-07-28 15:19:43 +0200 +++ source/smbd/uid.c 2006-01-27 09:07:19 +0100 @@@@ -195,6 +195,10 @@@@ @ 1.12 log @fix path to hosts file and fix interfaces config entry @ text @d300 14 @ 1.11 log @upgrading package: samba 3.0.20b -> 3.0.21a @ text @d3 10 a12 1 +++ source/Makefile.in 2005-12-30 09:34:52 +0100 d276 1 a276 1 +++ source/lib/sysquotas_4A.c 2005-12-30 09:31:16 +0100 d290 1 a290 1 +++ source/nsswitch/winbindd_util.c 2005-12-30 09:31:16 +0100 @ 1.10 log @fix LDAP support and add LDAP/Kerberos-based ADS support; fix winbindd subst @ text @d2 3 a4 3 --- source/Makefile.in.orig 2005-10-12 19:03:23 +0200 +++ source/Makefile.in 2005-11-26 16:11:16 +0100 @@@@ -833,7 +833,7 @@@@ d13 1 a13 1 @@@@ -842,21 +842,21 @@@@ d33 5 d45 2 a46 1 @@@@ -864,11 +864,11 @@@@ d60 21 a80 1 @@@@ -895,32 +895,32 @@@@ d120 1 a120 1 @@@@ -928,31 +928,31 @@@@ d142 5 d155 1 a155 1 + @@$(CC) $(FLAGS) @@PIE_LDFLAGS@@ -o $@@ $(NSSTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(KRB5LIBS) $(LDAP_LIBS) $(LIBS) d164 6 a169 1 @@@@ -964,11 +964,11 @@@@ d183 1 a183 1 @@@@ -976,11 +976,11 @@@@ d197 1 a197 1 @@@@ -988,14 +988,14 @@@@ d216 1 a216 1 @@@@ -1004,8 +1004,8 @@@@ d227 1 a227 1 @@@@ -1015,8 +1015,8 @@@@ d238 1 a238 1 @@@@ -1090,8 +1090,8 @@@@ d249 1 a249 1 @@@@ -1274,12 +1274,12 @@@@ d263 2 a264 2 bin/libmsrpc.a: $(LIBMSRPC_PICOBJ) @@-$(AR) -rc $@@ $(LIBMSRPC_PICOBJ) d266 2 a267 2 --- source/lib/sysquotas_4A.c.orig 2005-10-12 19:03:31 +0200 +++ source/lib/sysquotas_4A.c 2005-11-26 16:00:22 +0100 d280 3 a282 3 --- source/nsswitch/winbindd_util.c.orig 2005-10-12 19:03:28 +0200 +++ source/nsswitch/winbindd_util.c 2005-11-26 16:00:22 +0100 @@@@ -900,7 +900,7 @@@@ @ 1.9 log @fix building under most recent Linux platforms like Fedora 4 and OpenSUSE 10 @ text @d1 228 a228 14 Allow others to connect to the winbindd(8) socket. Index: source/nsswitch/winbindd_util.c --- source/nsswitch/winbindd_util.c.orig 2004-07-20 18:28:01 +0200 +++ source/nsswitch/winbindd_util.c 2004-07-28 14:54:12 +0200 @@@@ -682,7 +682,7 @@@@ { if (_winbindd_priv_socket == -1) { _winbindd_priv_socket = create_pipe_sock( - get_winbind_priv_pipe_dir(), WINBINDD_SOCKET_NAME, 0750); + get_winbind_priv_pipe_dir(), WINBINDD_SOCKET_NAME, 0755); DEBUG(10, ("open_winbindd_priv_socket: opened socket fd %d\n", _winbindd_priv_socket)); } d230 3 a232 3 --- source/lib/sysquotas_4A.c.orig 2005-08-19 17:16:27.000000000 +0000 +++ source/lib/sysquotas_4A.c 2005-09-29 21:45:33.000000000 +0000 @@@@ -66,6 +66,10 @@@@ d243 12 @ 1.9.2.1 log @MFC: path to smb.hosts file; fixed LDAP support; add Kerberos/ADS support @ text @a28 26 Index: source/Makefile.in --- source/Makefile.in.orig 2006-02-20 21:33:23 +0100 +++ source/Makefile.in 2006-02-25 09:39:49 +0100 @@@@ -77,7 +77,7 @@@@ # or in smb.conf (see smb.conf(5)) LOGFILEBASE = @@logfilebase@@ CONFIGFILE = $(CONFIGDIR)/smb.conf -LMHOSTSFILE = $(CONFIGDIR)/lmhosts +LMHOSTSFILE = $(CONFIGDIR)/smb.hosts # This is where smbpasswd et al go PRIVATEDIR = @@privatedir@@ Index: source/smbd/uid.c --- source/smbd/uid.c.orig 2006-01-25 00:46:32 +0100 +++ source/smbd/uid.c 2006-02-25 09:39:08 +0100 @@@@ -200,6 +200,10 @@@@ BOOL must_free_token = False; NT_USER_TOKEN *token = NULL; + if (vuser) + DEBUG(9,("change_to_user: SMB user \"%s\" (unix user \"%s\", vuid %d)\n", + vuser->user.smb_name ? vuser->user.smb_name : "?", vuser->user.unix_name ? vuser->user.unix_name : "?", vuid)); + if (!conn) { DEBUG(2,("change_to_user: Connection not open\n")); return(False); @ 1.8 log @upgrading package: samba 3.0.8 -> 3.0.9 @ text @d15 14 @ 1.7 log @adjust comment to remove confusion @ text @d6 1 a6 1 @@@@ -680,7 +680,7 @@@@ @ 1.6 log @upgrading package: samba 3.0.5 -> 3.0.6 @ text @d1 1 a1 1 Some vendor patches for Samba 3.0.4. @ 1.5 log @added more flexible way of starting daemons; fixed access privileges to athentication socket of winbindd @ text @a2 226 Index: source/include/rpc_dce.h --- source/include/rpc_dce.h.orig 2004-04-20 22:42:57 +0200 +++ source/include/rpc_dce.h 2004-07-04 10:07:30 +0200 @@@@ -63,7 +63,9 @@@@ #define NETSEC_AUTH_TYPE 0x44 #define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } #define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } -#define RPC_AUTH_NETSEC_CHK_LEN 0x20 + +#define RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN 0x20 +#define RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN 0x18 /* The 7 here seems to be required to get Win2k not to downgrade us to NT4. Actually, anything other than 1ff would seem to do... */ Index: source/lib/util_str.c --- source/lib/util_str.c.orig 2004-04-20 22:42:55 +0200 +++ source/lib/util_str.c 2004-07-04 10:07:30 +0200 @@@@ -1980,10 +1980,16 @@@@ { int bits = 0; int char_count = 0; - size_t out_cnt = 0; - size_t len = data.length; - size_t output_len = data.length * 2; - char *result = malloc(output_len); /* get us plenty of space */ + size_t out_cnt, len, output_len; + char *result; + + if (!data.length || !data.data) + return NULL; + + out_cnt = 0; + len = data.length; + output_len = data.length * 2; + result = malloc(output_len); /* get us plenty of space */ while (len-- && out_cnt < (data.length * 2) - 5) { int c = (unsigned char) *(data.data++); Index: source/rpc_client/cli_pipe.c --- source/rpc_client/cli_pipe.c.orig 2004-04-04 09:37:16 +0200 +++ source/rpc_client/cli_pipe.c 2004-07-04 10:07:30 +0200 @@@@ -332,13 +332,24 @@@@ if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { RPC_AUTH_NETSEC_CHK chk; - if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { + if ( (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) + && (auth_len != RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN) ) + { DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n", auth_len)); return False; } - if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", - &chk, &auth_verf, 0)) { + /* can't seal with no nonce */ + if ( (cli->pipe_auth_flags & AUTH_PIPE_SEAL) + && (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) ) + { + DEBUG(0,("rpc_auth_pipe: sealing not supported with schannel auth len %d\n", auth_len)); + return False; + } + + + if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", auth_len, &chk, &auth_verf, 0)) + { DEBUG(0, ("rpc_auth_pipe: schannel unmarshalling " "RPC_AUTH_NETSECK_CHK failed\n")); return False; @@@@ -918,7 +929,7 @@@@ auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; } if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - auth_len = RPC_AUTH_NETSEC_CHK_LEN; + auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; } auth_hdr_len = RPC_HDR_AUTH_LEN; } @@@@ -1034,8 +1045,9 @@@@ /* write auth footer onto the packet */ parse_offset_marker = prs_offset(&sec_blob); - if (!smb_io_rpc_auth_netsec_chk("", &verf, - &sec_blob, 0)) { + if (!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &verf, &sec_blob, 0)) + { prs_mem_free(&sec_blob); return False; } Index: source/rpc_parse/parse_rpc.c --- source/rpc_parse/parse_rpc.c.orig 2004-04-20 22:42:57 +0200 +++ source/rpc_parse/parse_rpc.c 2004-07-04 10:07:30 +0200 @@@@ -1189,7 +1189,8 @@@@ /******************************************************************* reads or writes an RPC_AUTH_NETSEC_CHK structure. ********************************************************************/ -BOOL smb_io_rpc_auth_netsec_chk(const char *desc, RPC_AUTH_NETSEC_CHK * chk, +BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len, + RPC_AUTH_NETSEC_CHK * chk, prs_struct *ps, int depth) { if (chk == NULL) @@@@ -1198,10 +1199,19 @@@@ prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk"); depth++; - prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)); - prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)); - prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)); - prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)); + if ( !prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)) ) + return False; + + if ( !prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)) ) + return False; + + if ( !prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)) ) + return False; + + if ( auth_len == RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN ) { + if ( !prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)) ) + return False; + } return True; } Index: source/rpc_server/srv_pipe.c --- source/rpc_server/srv_pipe.c.orig 2004-05-07 21:27:34 +0200 +++ source/rpc_server/srv_pipe.c 2004-07-04 10:07:30 +0200 @@@@ -124,7 +124,7 @@@@ if(p->ntlmssp_auth_validated) { data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN); } else if(p->netsec_auth_validated) { - data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN); + data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN); } /* @@@@ -177,8 +177,8 @@@@ } else if (p->netsec_auth_validated) { p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + ss_padding_len + - RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN; - p->hdr.auth_len = RPC_AUTH_NETSEC_CHK_LEN; + RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; + p->hdr.auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; } else { p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len; p->hdr.auth_len = 0; @@@@ -309,7 +309,8 @@@@ SENDER_IS_ACCEPTOR, &verf, data, data_len + ss_padding_len); - smb_io_rpc_auth_netsec_chk("", &verf, &outgoing_pdu, 0); + smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &verf, &outgoing_pdu, 0); p->netsec_auth.seq_num++; } @@@@ -1339,7 +1340,7 @@@@ auth_len = p->hdr.auth_len; - if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { + if (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) { DEBUG(0,("Incorrect auth_len %d.\n", auth_len )); return False; } @@@@ -1384,7 +1385,9 @@@@ return False; } - if(!smb_io_rpc_auth_netsec_chk("", &netsec_chk, rpc_in, 0)) { + if(!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &netsec_chk, rpc_in, 0)) + { DEBUG(0,("failed to unmarshal RPC_AUTH_NETSEC_CHK.\n")); return False; } Index: source/smbd/filename.c --- source/smbd/filename.c.orig 2004-04-04 09:37:31 +0200 +++ source/smbd/filename.c 2004-07-04 10:07:30 +0200 @@@@ -137,6 +137,10 @@@@ if (!*name) { name[0] = '.'; name[1] = '\0'; + if (SMB_VFS_STAT(conn,name,&st) == 0) { + *pst = st; + } + DEBUG(5,("conversion finished %s -> %s\n",orig_path, name)); return(True); } Index: source/smbd/uid.c --- source/smbd/uid.c.orig 2004-04-04 09:37:31 +0200 +++ source/smbd/uid.c 2004-07-04 10:07:30 +0200 @@@@ -189,20 +189,26 @@@@ snum = SNUM(conn); + if ((vuser) && !check_user_ok(conn, vuser, snum)) { + DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not permitted access to share %s.\n", + vuser->user.smb_name, vuser->user.unix_name, vuid, lp_servicename(snum))); + return False; + } + if (conn->force_user) /* security = share sets this too */ { uid = conn->uid; gid = conn->gid; current_user.groups = conn->groups; current_user.ngroups = conn->ngroups; token = conn->nt_user_token; - } else if ((vuser) && check_user_ok(conn, vuser, snum)) { + } else if (vuser) { uid = conn->admin_user ? 0 : vuser->uid; gid = vuser->gid; current_user.ngroups = vuser->n_groups; current_user.groups = vuser->groups; token = vuser->nt_user_token; } else { - DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid)); + DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share %s.\n",vuid, lp_servicename(snum) )); return False; } @ 1.4 log @apply some vendor patches and remove useless smbmnt patch @ text @d229 12 @ 1.3 log @finally move samba3 to samba and remove samba3 (samba 2.2 is now gone at all) @ text @d1 10 a10 13 --- source/lib/snprintf.c.orig 2004-06-03 18:25:15.528789873 +0200 +++ source/lib/snprintf.c 2004-06-03 18:25:23.137645553 +0200 @@@@ -81,6 +81,14 @@@@ #include #endif +#ifndef VA_COPY +#ifdef HAVE_VA_COPY +#define VA_COPY(dest, src) __va_copy(dest, src) +#else +#define VA_COPY(dest, src) (dest) = (src) +#endif +#endif d12 217 a228 18 #if defined(HAVE_SNPRINTF) && defined(HAVE_VSNPRINTF) && defined(HAVE_C99_VSNPRINTF) /* only include stdio.h if we are not re-defining snprintf or vsnprintf */ #include @@@@ -105,14 +113,6 @@@@ #define SAFE_FREE(x) do { if ((x) != NULL) {free((x)); (x)=NULL;} } while(0) #endif -#ifndef VA_COPY -#ifdef HAVE_VA_COPY -#define VA_COPY(dest, src) __va_copy(dest, src) -#else -#define VA_COPY(dest, src) (dest) = (src) -#endif -#endif - static size_t dopr(char *buffer, size_t maxlen, const char *format, va_list args_in); static void fmtstr(char *buffer, size_t *currlen, size_t maxlen, @ 1.3.2.1 log @MFC: upgrade to latest status from CURRENT @ text @d1 13 a13 10 Some vendor patches for Samba 3.0.4. Index: source/include/rpc_dce.h --- source/include/rpc_dce.h.orig 2004-04-20 22:42:57 +0200 +++ source/include/rpc_dce.h 2004-07-04 10:07:30 +0200 @@@@ -63,7 +63,9 @@@@ #define NETSEC_AUTH_TYPE 0x44 #define NETSEC_SIGN_SIGNATURE { 0x77, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00 } #define NETSEC_SEAL_SIGNATURE { 0x77, 0x00, 0x7a, 0x00, 0xff, 0xff, 0x00, 0x00 } -#define RPC_AUTH_NETSEC_CHK_LEN 0x20 d15 18 a32 217 +#define RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN 0x20 +#define RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN 0x18 /* The 7 here seems to be required to get Win2k not to downgrade us to NT4. Actually, anything other than 1ff would seem to do... */ Index: source/lib/util_str.c --- source/lib/util_str.c.orig 2004-04-20 22:42:55 +0200 +++ source/lib/util_str.c 2004-07-04 10:07:30 +0200 @@@@ -1980,10 +1980,16 @@@@ { int bits = 0; int char_count = 0; - size_t out_cnt = 0; - size_t len = data.length; - size_t output_len = data.length * 2; - char *result = malloc(output_len); /* get us plenty of space */ + size_t out_cnt, len, output_len; + char *result; + + if (!data.length || !data.data) + return NULL; + + out_cnt = 0; + len = data.length; + output_len = data.length * 2; + result = malloc(output_len); /* get us plenty of space */ while (len-- && out_cnt < (data.length * 2) - 5) { int c = (unsigned char) *(data.data++); Index: source/rpc_client/cli_pipe.c --- source/rpc_client/cli_pipe.c.orig 2004-04-04 09:37:16 +0200 +++ source/rpc_client/cli_pipe.c 2004-07-04 10:07:30 +0200 @@@@ -332,13 +332,24 @@@@ if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { RPC_AUTH_NETSEC_CHK chk; - if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { + if ( (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) + && (auth_len != RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN) ) + { DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n", auth_len)); return False; } - if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", - &chk, &auth_verf, 0)) { + /* can't seal with no nonce */ + if ( (cli->pipe_auth_flags & AUTH_PIPE_SEAL) + && (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) ) + { + DEBUG(0,("rpc_auth_pipe: sealing not supported with schannel auth len %d\n", auth_len)); + return False; + } + + + if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", auth_len, &chk, &auth_verf, 0)) + { DEBUG(0, ("rpc_auth_pipe: schannel unmarshalling " "RPC_AUTH_NETSECK_CHK failed\n")); return False; @@@@ -918,7 +929,7 @@@@ auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; } if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - auth_len = RPC_AUTH_NETSEC_CHK_LEN; + auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; } auth_hdr_len = RPC_HDR_AUTH_LEN; } @@@@ -1034,8 +1045,9 @@@@ /* write auth footer onto the packet */ parse_offset_marker = prs_offset(&sec_blob); - if (!smb_io_rpc_auth_netsec_chk("", &verf, - &sec_blob, 0)) { + if (!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &verf, &sec_blob, 0)) + { prs_mem_free(&sec_blob); return False; } Index: source/rpc_parse/parse_rpc.c --- source/rpc_parse/parse_rpc.c.orig 2004-04-20 22:42:57 +0200 +++ source/rpc_parse/parse_rpc.c 2004-07-04 10:07:30 +0200 @@@@ -1189,7 +1189,8 @@@@ /******************************************************************* reads or writes an RPC_AUTH_NETSEC_CHK structure. ********************************************************************/ -BOOL smb_io_rpc_auth_netsec_chk(const char *desc, RPC_AUTH_NETSEC_CHK * chk, +BOOL smb_io_rpc_auth_netsec_chk(const char *desc, int auth_len, + RPC_AUTH_NETSEC_CHK * chk, prs_struct *ps, int depth) { if (chk == NULL) @@@@ -1198,10 +1199,19 @@@@ prs_debug(ps, depth, desc, "smb_io_rpc_auth_netsec_chk"); depth++; - prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)); - prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)); - prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)); - prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)); + if ( !prs_uint8s(False, "sig ", ps, depth, chk->sig, sizeof(chk->sig)) ) + return False; + + if ( !prs_uint8s(False, "seq_num", ps, depth, chk->seq_num, sizeof(chk->seq_num)) ) + return False; + + if ( !prs_uint8s(False, "packet_digest", ps, depth, chk->packet_digest, sizeof(chk->packet_digest)) ) + return False; + + if ( auth_len == RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN ) { + if ( !prs_uint8s(False, "confounder", ps, depth, chk->confounder, sizeof(chk->confounder)) ) + return False; + } return True; } Index: source/rpc_server/srv_pipe.c --- source/rpc_server/srv_pipe.c.orig 2004-05-07 21:27:34 +0200 +++ source/rpc_server/srv_pipe.c 2004-07-04 10:07:30 +0200 @@@@ -124,7 +124,7 @@@@ if(p->ntlmssp_auth_validated) { data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN); } else if(p->netsec_auth_validated) { - data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN); + data_space_available -= (RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN); } /* @@@@ -177,8 +177,8 @@@@ } else if (p->netsec_auth_validated) { p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + ss_padding_len + - RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_CHK_LEN; - p->hdr.auth_len = RPC_AUTH_NETSEC_CHK_LEN; + RPC_HDR_AUTH_LEN + RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; + p->hdr.auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; } else { p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len; p->hdr.auth_len = 0; @@@@ -309,7 +309,8 @@@@ SENDER_IS_ACCEPTOR, &verf, data, data_len + ss_padding_len); - smb_io_rpc_auth_netsec_chk("", &verf, &outgoing_pdu, 0); + smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &verf, &outgoing_pdu, 0); p->netsec_auth.seq_num++; } @@@@ -1339,7 +1340,7 @@@@ auth_len = p->hdr.auth_len; - if (auth_len != RPC_AUTH_NETSEC_CHK_LEN) { + if (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) { DEBUG(0,("Incorrect auth_len %d.\n", auth_len )); return False; } @@@@ -1384,7 +1385,9 @@@@ return False; } - if(!smb_io_rpc_auth_netsec_chk("", &netsec_chk, rpc_in, 0)) { + if(!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, + &netsec_chk, rpc_in, 0)) + { DEBUG(0,("failed to unmarshal RPC_AUTH_NETSEC_CHK.\n")); return False; } Index: source/smbd/filename.c --- source/smbd/filename.c.orig 2004-04-04 09:37:31 +0200 +++ source/smbd/filename.c 2004-07-04 10:07:30 +0200 @@@@ -137,6 +137,10 @@@@ if (!*name) { name[0] = '.'; name[1] = '\0'; + if (SMB_VFS_STAT(conn,name,&st) == 0) { + *pst = st; + } + DEBUG(5,("conversion finished %s -> %s\n",orig_path, name)); return(True); } Index: source/smbd/uid.c --- source/smbd/uid.c.orig 2004-04-04 09:37:31 +0200 +++ source/smbd/uid.c 2004-07-04 10:07:30 +0200 @@@@ -189,20 +189,26 @@@@ snum = SNUM(conn); + if ((vuser) && !check_user_ok(conn, vuser, snum)) { + DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not permitted access to share %s.\n", + vuser->user.smb_name, vuser->user.unix_name, vuid, lp_servicename(snum))); + return False; + } + if (conn->force_user) /* security = share sets this too */ { uid = conn->uid; gid = conn->gid; current_user.groups = conn->groups; current_user.ngroups = conn->ngroups; token = conn->nt_user_token; - } else if ((vuser) && check_user_ok(conn, vuser, snum)) { + } else if (vuser) { uid = conn->admin_user ? 0 : vuser->uid; gid = vuser->gid; current_user.ngroups = vuser->n_groups; current_user.groups = vuser->groups; token = vuser->nt_user_token; } else { - DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid)); + DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share %s.\n",vuid, lp_servicename(snum) )); return False; } @ 1.3.2.2 log @apply security fix (OpenPKG-SA-2004-033-samba; CAN-2004-0600; CAN-2004-0686) @ text @a228 178 ------------------------------------------------------------------------------ Security Fixed (OpenPKG-SA-2004-033-samba; CAN-2004-0600; CAN-2004-0686) Index: source/include/mangle.h --- source/include/mangle.h.orig 2004-04-04 09:37:24 +0200 +++ source/include/mangle.h 2004-07-22 10:26:11 +0200 @@@@ -8,7 +8,7 @@@@ BOOL (*is_mangled)(const char *s); BOOL (*is_8_3)(const char *fname, BOOL check_case, BOOL allow_wildcards); void (*reset)(void); - BOOL (*check_cache)(char *s); + BOOL (*check_cache)(char *s, size_t maxlen); void (*name_map)(char *OutName, BOOL need83, BOOL cache83); }; #endif /* _MANGLE_H_ */ Index: source/lib/util_str.c --- source/lib/util_str.c.orig 2004-04-20 22:42:55 +0200 +++ source/lib/util_str.c 2004-07-22 10:26:11 +0200 @@@@ -1951,7 +1951,9 @@@@ s++; i++; } - if (*s == '=') n -= 1; + if ((n > 0) && (*s == '=')) { + n -= 1; + } /* fix up length */ decoded.length = n; @@@@ -1964,9 +1966,15 @@@@ void base64_decode_inplace(char *s) { DATA_BLOB decoded = base64_decode_data_blob(s); - memcpy(s, decoded.data, decoded.length); - /* null terminate */ - s[decoded.length] = '\0'; + + if ( decoded.length != 0 ) { + memcpy(s, decoded.data, decoded.length); + + /* null terminate */ + s[decoded.length] = '\0'; + } else { + *s = '\0'; + } data_blob_free(&decoded); } Index: source/smbd/filename.c --- source/smbd/filename.c.orig 2004-04-04 09:37:31 +0200 +++ source/smbd/filename.c 2004-07-22 10:26:11 +0200 @@@@ -306,7 +306,7 @@@@ */ if (mangle_is_mangled(start)) { - mangle_check_cache( start ); + mangle_check_cache( start, sizeof(pstring) - 1 - (start - name) ); } DEBUG(5,("New file %s\n",start)); @@@@ -455,7 +455,7 @@@@ * (JRA). */ if (mangled) - mangled = !mangle_check_cache( name ); + mangled = !mangle_check_cache( name, maxlength ); /* open the directory */ if (!(cur_dir = OpenDir(conn, path, True))) { Index: source/smbd/mangle.c --- source/smbd/mangle.c.orig 2004-04-04 09:37:30 +0200 +++ source/smbd/mangle.c 2004-07-22 10:26:11 +0200 @@@@ -98,9 +98,9 @@@@ looking for a matching name if it doesn't. It should succeed most of the time or there will be a huge performance penalty */ -BOOL mangle_check_cache(char *s) +BOOL mangle_check_cache(char *s, size_t maxlen) { - return mangle_fns->check_cache(s); + return mangle_fns->check_cache(s, maxlen); } /* Index: source/smbd/mangle_hash.c --- source/smbd/mangle_hash.c.orig 2004-04-04 09:37:29 +0200 +++ source/smbd/mangle_hash.c 2004-07-22 10:27:01 +0200 @@@@ -580,7 +580,7 @@@@ * ************************************************************************** ** */ -static BOOL check_cache( char *s ) +static BOOL check_cache( char *s, size_t maxlen ) { ubi_cacheEntryPtr FoundPtr; char *ext_start = NULL; @@@@ -614,7 +614,7 @@@@ if( !FoundPtr ) { if(saved_ext) { /* Replace the saved_ext as it was truncated. */ - (void)pstrcat( s, saved_ext ); + (void)safe_strcat( s, saved_ext, maxlen ); SAFE_FREE(saved_ext); } return( False ); @@@@ -624,10 +624,10 @@@@ found_name = (char *)(FoundPtr + 1); found_name += (strlen( found_name ) + 1); - (void)pstrcpy( s, found_name ); + (void)safe_strcpy( s, found_name, maxlen ); if( saved_ext ) { /* Replace the saved_ext as it was truncated. */ - (void)pstrcat( s, saved_ext ); + (void)safe_strcat( s, saved_ext, maxlen ); SAFE_FREE(saved_ext); } Index: source/smbd/mangle_hash2.c --- source/smbd/mangle_hash2.c.orig 2004-04-04 09:37:30 +0200 +++ source/smbd/mangle_hash2.c 2004-07-22 10:26:11 +0200 @@@@ -362,10 +362,8 @@@@ /* try to find a 8.3 name in the cache, and if found then replace the string with the original long name. - - The filename must be able to hold at least sizeof(fstring) */ -static BOOL check_cache(char *name) +static BOOL check_cache(char *name, size_t maxlen) { u32 hash, multiplier; unsigned int i; @@@@ -403,10 +401,10 @@@@ if (extension[0]) { M_DEBUG(10,("check_cache: %s -> %s.%s\n", name, prefix, extension)); - slprintf(name, sizeof(fstring), "%s.%s", prefix, extension); + slprintf(name, maxlen, "%s.%s", prefix, extension); } else { M_DEBUG(10,("check_cache: %s -> %s\n", name, prefix)); - fstrcpy(name, prefix); + safe_strcpy(name, prefix, maxlen); } return True; Index: source/smbd/reply.c --- source/smbd/reply.c.orig 2004-04-04 09:37:30 +0200 +++ source/smbd/reply.c 2004-07-22 10:26:11 +0200 @@@@ -1524,7 +1524,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); if (!has_wild) { pstrcat(directory,"/"); @@@@ -3664,7 +3664,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @@@@ -4136,7 +4136,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @ 1.3.2.3 log @apply security fixes (OpenPKG-SA-2004-040-samba; CAN-2004-0807; CAN-2004-0808) @ text @a406 285 ------------------------------------------------------------------------------ Security Fixed (OpenPKG-SA-2004-040-samba; CAN-2004-0807; CAN-2004-0808) Index: source/libsmb/asn1.c --- source/libsmb/asn1.c.orig 2004-04-04 09:37:19 +0200 +++ source/libsmb/asn1.c 2004-09-15 13:59:58 +0200 @@@@ -219,6 +219,9 @@@@ /* read from a ASN1 buffer, advancing the buffer pointer */ BOOL asn1_read(ASN1_DATA *data, void *p, int len) { + if (data->has_error) + return False; + if (len < 0 || data->ofs + len < data->ofs || data->ofs + len < len) { data->has_error = True; return False; @@@@ -309,6 +312,9 @@@@ /* work out how many bytes are left in this nested tag */ int asn1_tag_remaining(ASN1_DATA *data) { + if (data->has_error) + return 0; + if (!data->nesting) { data->has_error = True; return -1; Index: source/libsmb/nmblib.c --- source/libsmb/nmblib.c.orig 2004-04-04 09:37:19 +0200 +++ source/libsmb/nmblib.c 2004-09-15 14:00:03 +0200 @@@@ -475,6 +475,11 @@@@ dgram->datasize = length-offset; memcpy(dgram->data,inbuf+offset,dgram->datasize); + /* Paranioa. Ensure the last 2 bytes in the dgram buffer are + zero. This should be true anyway, just enforce it for paranioa sake. JRA. */ + SMB_ASSERT(dgram->datasize <= (sizeof(dgram->data)-2)); + memset(&dgram->data[sizeof(dgram->data)-2], '\0', 2); + return(True); } Index: source/nmbd/nmbd_packets.c --- source/nmbd/nmbd_packets.c.orig 2004-04-04 09:37:37 +0200 +++ source/nmbd/nmbd_packets.c 2004-09-15 14:00:03 +0200 @@@@ -1203,6 +1203,16 @@@@ return; } + /* Ensure we have a large enough packet before looking inside. */ + if (dgram->datasize < (smb_vwv12 - 2)) { + /* That's the offset minus the 4 byte length + 2 bytes of offset. */ + DEBUG(0,("process_dgram: ignoring too short dgram packet (%u) sent to name %s from IP %s\n", + (unsigned int)dgram->datasize, + nmb_namestr(&dgram->dest_name), + inet_ntoa(p->ip) )); + return; + } + buf = &dgram->data[0]; buf -= 4; /* XXXX for the pseudo tcp length - someday I need to get rid of this */ @@@@ -1212,14 +1222,36 @@@@ len = SVAL(buf,smb_vwv11); buf2 = smb_base(buf) + SVAL(buf,smb_vwv12); - if (len <= 0) + if (len <= 0 || len > dgram->datasize) { + DEBUG(0,("process_dgram: ignoring malformed1 (datasize = %d, len = %d) datagram \ +packet sent to name %s from IP %s\n", + dgram->datasize, + len, + nmb_namestr(&dgram->dest_name), + inet_ntoa(p->ip) )); + return; + } + + if (buf2 < dgram->data || (buf2 >= dgram->data + dgram->datasize)) { + DEBUG(0,("process_dgram: ignoring malformed2 (datasize = %d, len=%d, off=%d) datagram \ +packet sent to name %s from IP %s\n", + dgram->datasize, + len, + PTR_DIFF(buf2, dgram->data), + nmb_namestr(&dgram->dest_name), + inet_ntoa(p->ip) )); return; + } - if (buf2 + len > buf + sizeof(dgram->data)) { - DEBUG(2,("process_dgram: datagram from %s to %s IP %s for %s len=%d too long.\n", - nmb_namestr(&dgram->source_name),nmb_namestr(&dgram->dest_name), - inet_ntoa(p->ip), smb_buf(buf),len)); - len = (buf + sizeof(dgram->data)) - buf; + if ((buf2 + len < dgram->data) || (buf2 + len > dgram->data + dgram->datasize)) { + DEBUG(0,("process_dgram: ignoring malformed3 (datasize = %d, len=%d, off=%d) datagram \ +packet sent to name %s from IP %s\n", + dgram->datasize, + len, + PTR_DIFF(buf2, dgram->data), + nmb_namestr(&dgram->dest_name), + inet_ntoa(p->ip) )); + return; } DEBUG(4,("process_dgram: datagram from %s to %s IP %s for %s of type %d len=%d\n", Index: source/nmbd/nmbd_processlogon.c --- source/nmbd/nmbd_processlogon.c.orig 2004-04-20 22:42:57 +0200 +++ source/nmbd/nmbd_processlogon.c 2004-09-15 14:00:03 +0200 @@@@ -102,8 +102,22 @@@@ char *machine = q; char *user = skip_string(machine,1); + if (PTR_DIFF(user, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } getdc = skip_string(user,1); + + if (PTR_DIFF(getdc, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } q = skip_string(getdc,1); + + if (PTR_DIFF(q + 5, buf) > len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } token = SVAL(q,3); fstrcpy(reply_name,my_name); @@@@ -151,7 +165,17 @@@@ } getdc = skip_string(machine,1); + + if (PTR_DIFF(getdc, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } q = skip_string(getdc,1); + + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } q = ALIGN2(q, buf); /* At this point we can work out if this is a W9X or NT style @@@@ -165,9 +189,19 @@@@ } else { unicomp = q; + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + /* A full length (NT style) request */ q = skip_unibuf(unicomp, PTR_DIFF(buf + len, unicomp)); + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + if (len - PTR_DIFF(q, buf) > 8) { /* with NT5 clients we can sometimes get additional data - a length specificed string @@@@ -180,6 +214,12 @@@@ } q += 16; } + + if (PTR_DIFF(q + 8, buf) > len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + ntversion = IVAL(q, 0); lmnttoken = SVAL(q, 4); lm20token = SVAL(q, 6); @@@@ -240,10 +280,34 @@@@ fstring asccomp; q += 2; + + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + unicomp = q; uniuser = skip_unibuf(unicomp, PTR_DIFF(buf+len, unicomp)); + + if (PTR_DIFF(uniuser, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + getdc = skip_unibuf(uniuser,PTR_DIFF(buf+len, uniuser)); + + if (PTR_DIFF(getdc, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + q = skip_string(getdc,1); + + if (PTR_DIFF(q + 8, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + q += 4; /* Account Control Bits - indicating username type */ domainsidsize = IVAL(q, 0); q += 4; @@@@ -270,6 +334,11 @@@@ q += 16; } + if (PTR_DIFF(q + 8, buf) > len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + ntversion = IVAL(q, 0); lmnttoken = SVAL(q, 4); lm20token = SVAL(q, 6); @@@@ -458,6 +527,11 @@@@ /* Header */ + if (PTR_DIFF(q + 16, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + low_serial = IVAL(q, 0); q += 4; /* Low serial number */ q += 4; /* Date/time */ @@@@ -467,14 +541,42 @@@@ /* Domain info */ q = skip_string(q, 1); /* PDC name */ + + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + q = skip_string(q, 1); /* Domain name */ + + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + q = skip_unibuf(q, PTR_DIFF(buf + len, q)); /* Unicode PDC name */ + + if (PTR_DIFF(q, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + q = skip_unibuf(q, PTR_DIFF(buf + len, q)); /* Unicode domain name */ /* Database info */ + if (PTR_DIFF(q + 2, buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + db_count = SVAL(q, 0); q += 2; + if (PTR_DIFF(q + (db_count*20), buf) >= len) { + DEBUG(0,("process_logon_packet: bad packet\n")); + return; + } + db_info = (struct sam_database_info *) malloc(sizeof(struct sam_database_info) * db_count); @ 1.2 log @do not (possibly not) define the VA_COPY macro conditionally, if we later use it unconditionally @ text @@ 1.1 log @file samba.patch was initially added on branch OPENPKG_1_1_SOLID. @ text @d1 32 @ 1.1.12.1 log @apply security fix (OpenPKG-SA-2004-033-samba; CAN-2004-0600; CAN-2004-0686) plus an important other vendor bugfix @ text @a0 252 Important bugfix from 2.2.8a to 2.2.9 which addresses the problem with user password changes after applying the Microsoft hotfix described in KB282741 to Windows NT 4.0/200x/XP clients. Index: source/rpc_server/srv_pipe.c --- source/rpc_server/srv_pipe.c.orig 2003-03-14 22:34:48 +0100 +++ source/rpc_server/srv_pipe.c 2004-07-22 10:56:00 +0200 @@@@ -77,6 +77,7 @@@@ RPC_HDR_RESP hdr_resp; BOOL auth_verify = ((p->ntlmssp_chal_flags & NTLMSSP_NEGOTIATE_SIGN) != 0); BOOL auth_seal = ((p->ntlmssp_chal_flags & NTLMSSP_NEGOTIATE_SEAL) != 0); + uint32 ss_padding_len = 0; uint32 data_len; uint32 data_space_available; uint32 data_len_left; @@@@ -140,11 +141,24 @@@@ hdr_resp.alloc_hint = data_len_left; /* + * Work out if this PDU will be the last. + */ + + if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) { + p->hdr.flags |= RPC_FLG_LAST; + if ((auth_seal || auth_verify) && (data_len_left % 8)) { + ss_padding_len = 8 - (data_len_left % 8); + DEBUG(10,("create_next_pdu: adding sign/seal padding of %u\n", + ss_padding_len )); + } + } + + /* * Set up the header lengths. */ if (p->ntlmssp_auth_validated) { - p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + + p->hdr.frag_len = RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len + ss_padding_len + RPC_HDR_AUTH_LEN + RPC_AUTH_NTLMSSP_CHK_LEN; p->hdr.auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; } else { @@@@ -153,13 +167,6 @@@@ } /* - * Work out if this PDU will be the last. - */ - - if(p->out_data.data_sent_length + data_len >= prs_offset(&p->out_data.rdata)) - p->hdr.flags |= RPC_FLG_LAST; - - /* * Init the parse struct to point at the outgoing * data. */ @@@@ -192,6 +199,17 @@@@ return False; } + /* Copy the sign/seal padding data. */ + if (ss_padding_len) { + char pad[8]; + memset(pad, '\0', 8); + if (!prs_append_data(&outgoing_pdu, pad, ss_padding_len)) { + DEBUG(0,("create_next_pdu: failed to add %u bytes of pad data.\n", (unsigned int)ss_padding_len)); + prs_mem_free(&outgoing_pdu); + return False; + } + } + /* * Set data to point to where we copied the data into. */ @@@@ -202,18 +220,18 @@@@ uint32 crc32 = 0; DEBUG(5,("create_next_pdu: sign: %s seal: %s data %d auth %d\n", - BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len, p->hdr.auth_len)); + BOOLSTR(auth_verify), BOOLSTR(auth_seal), data_len + ss_padding_len, p->hdr.auth_len)); if (auth_seal) { - crc32 = crc32_calc_buffer(data, data_len); - NTLMSSPcalc_p(p, (uchar*)data, data_len); + crc32 = crc32_calc_buffer(data, data_len + ss_padding_len); + NTLMSSPcalc_p(p, (uchar*)data, data_len + ss_padding_len); } if (auth_seal || auth_verify) { RPC_HDR_AUTH auth_info; init_rpc_hdr_auth(&auth_info, NTLMSSP_AUTH_TYPE, NTLMSSP_AUTH_LEVEL, - (auth_verify ? RPC_HDR_AUTH_LEN : 0), (auth_verify ? 1 : 0)); + (auth_verify ? ss_padding_len : 0), (auth_verify ? 1 : 0)); if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, &outgoing_pdu, 0)) { DEBUG(0,("create_next_pdu: failed to marshall RPC_HDR_AUTH.\n")); prs_mem_free(&outgoing_pdu); ----------------------------------------------------------------------------- Security Fix (OpenPKG-SA-2004-033-samba; CAN-2004-0600; CAN-2004-0686) Index: source/include/mangle.h --- source/include/mangle.h.orig 2002-06-17 05:49:40 +0200 +++ source/include/mangle.h 2004-07-22 11:01:49 +0200 @@@@ -8,7 +8,7 @@@@ BOOL (*is_mangled)(const char *s); BOOL (*is_8_3)(const char *fname, BOOL check_case, BOOL allow_wildcards); void (*reset)(void); - BOOL (*check_cache)(char *s); + BOOL (*check_cache)(char *s, size_t maxlen); void (*name_map)(char *OutName, BOOL need83, BOOL cache83); }; #endif /* _MANGLE_H_ */ Index: source/include/proto.h --- source/include/proto.h.orig 2003-03-14 22:34:47 +0100 +++ source/include/proto.h 2004-07-22 11:01:50 +0200 @@@@ -4475,7 +4475,7 @@@@ BOOL mangle_is_mangled(const char *s); BOOL mangle_is_8_3(const char *fname, BOOL check_case); BOOL mangle_is_8_3_wildcards(const char *fname, BOOL check_case); -BOOL mangle_check_cache(char *s); +BOOL mangle_check_cache(char *s, size_t maxlen); void mangle_map(char *OutName, BOOL need83, BOOL cache83, int snum); /* The following definitions come from smbd/mangle_hash2.c */ Index: source/smbd/filename.c --- source/smbd/filename.c.orig 2003-03-14 22:34:49 +0100 +++ source/smbd/filename.c 2004-07-22 11:01:50 +0200 @@@@ -313,7 +313,7 @@@@ */ if (mangle_is_mangled(start)) { - mangle_check_cache( start ); + mangle_check_cache( start, sizeof(pstring) - 1 - (start - name) ); } DEBUG(5,("New file %s\n",start)); @@@@ -467,7 +467,7 @@@@ * (JRA). */ if (mangled) - mangled = !mangle_check_cache( name ); + mangled = !mangle_check_cache( name, maxlength ); /* open the directory */ if (!(cur_dir = OpenDir(conn, path, True))) { Index: source/smbd/mangle.c --- source/smbd/mangle.c.orig 2003-03-14 22:34:49 +0100 +++ source/smbd/mangle.c 2004-07-22 11:01:50 +0200 @@@@ -97,9 +97,9 @@@@ looking for a matching name if it doesn't. It should succeed most of the time or there will be a huge performance penalty */ -BOOL mangle_check_cache(char *s) +BOOL mangle_check_cache(char *s, size_t maxlen) { - return mangle_fns->check_cache(s); + return mangle_fns->check_cache(s, maxlen); } /* Index: source/smbd/mangle_hash.c --- source/smbd/mangle_hash.c.orig 2003-03-14 22:34:49 +0100 +++ source/smbd/mangle_hash.c 2004-07-22 11:01:50 +0200 @@@@ -616,7 +616,7 @@@@ * ************************************************************************** ** */ -static BOOL check_mangled_cache( char *s ) +static BOOL check_mangled_cache( char *s, size_t maxlen ) { ubi_cacheEntryPtr FoundPtr; char *ext_start = NULL; @@@@ -654,7 +654,7 @@@@ if(saved_ext) { /* Replace the saved_ext as it was truncated. */ - (void)pstrcat( s, saved_ext ); + (void)safe_strcat( s, saved_ext, maxlen ); SAFE_FREE(saved_ext); } return( False ); @@@@ -666,11 +666,11 @@@@ DEBUG( 3, ("Found %s on mangled stack ", s) ); - (void)pstrcpy( s, found_name ); + (void)safe_strcpy( s, found_name, maxlen ); if( saved_ext ) { /* Replace the saved_ext as it was truncated. */ - (void)pstrcat( s, saved_ext ); + (void)safe_strcat( s, saved_ext,maxlen ); SAFE_FREE(saved_ext); } Index: source/smbd/mangle_hash2.c --- source/smbd/mangle_hash2.c.orig 2002-12-10 15:58:17 +0100 +++ source/smbd/mangle_hash2.c 2004-07-22 11:01:50 +0200 @@@@ -350,7 +350,7 @@@@ The filename must be able to hold at least sizeof(fstring) */ -static BOOL check_cache(char *name) +static BOOL check_cache(char *name, size_t maxlen) { u32 hash, multiplier; int i; @@@@ -388,10 +388,10 @@@@ if (extension[0]) { DEBUG(10,("check_cache: %s -> %s.%s\n", name, prefix, extension)); - slprintf(name, sizeof(fstring), "%s.%s", prefix, extension); + slprintf(name, maxlen, "%s.%s", prefix, extension); } else { DEBUG(10,("check_cache: %s -> %s\n", name, prefix)); - fstrcpy(name, prefix); + safe_strcpy(name, prefix, maxlen); } return True; Index: source/smbd/reply.c --- source/smbd/reply.c.orig 2003-04-07 03:54:00 +0200 +++ source/smbd/reply.c 2004-07-22 11:01:50 +0200 @@@@ -2098,7 +2098,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @@@@ -3939,7 +3939,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @@@@ -4347,7 +4347,7 @@@@ */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @ 1.1.8.1 log @SA-2003.021-samba; CAN-2003-0085, CAN-2003-0086 @ text @a0 1419 IMPORTANT: Security bugfix for Samba ------------------------------------ Summary ------- The SuSE security audit team, in particular Sebastian Krahmer , has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. Advice created by Andrew Tridgell, the leader of the Samba Team, on how to protect an unpatched Samba server is given at the end of this section. The SMB/CIFS protocol implemented by Samba is vulnerable to many attacks, even without specific security holes. The TCP ports 139 and the new port 445 (used by Win2k and the Samba 3.0 alpha code in particular) should never be exposed to untrusted networks. Description ----------- A buffer overrun condition exists in the SMB/CIFS packet fragment re-assembly code in smbd which would allow an attacker to cause smbd to overwrite arbitrary areas of memory in its own process address space. This could allow a skilled attacker to inject binary specific exploit code into smbd. This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. In addition, the same checks have been added to the re-assembly functions in the client code, making it safe for use in other services. Credit ------ This security flaw was discovered and reported to the Samba Team by Sebastian Krahmer of the SuSE Security Audit Team. The fix was prepared by Jeremy Allison and reviewed by engineers from the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers on the Linux Vendor security mailing list. The Samba Team would like to thank SuSE and Sebastian Krahmer for their excellent auditing work and for drawing attention to this flaw. Patch Availability ----------------- As this is a security issue, patches for this flaw specific to earlier versions of Samba will be posted on the samba-technical@@samba.org mailing list as requested. The patch below was extracted for OpenPKG from the Samba 2.2.7a to 2.2.8 differences regarding the following files: source/include/client.h source/include/proto.h changes reduced to functions affected by this patch source/client/client.c source/client/clitar.c source/libsmb/clifile.c source/libsmb/clilist.c source/libsmb/clirap.c source/libsmb/clitrans.c source/smbd/ipc.c source/smbd/trans2.c removed "6) Fix delete on close semantics to match W2K") source/smbd/nttrans.c whitespace differences were removed source/smbd/vfs-wrap.c --- samba-2.2.7a/source/include/client.h Mon Mar 17 11:00:11 2003 +++ samba-2.2.8/source/include/client.h Fri Mar 14 22:34:47 2003 @@@@ -103,7 +103,7 @@@@ int max_mux; char *outbuf; char *inbuf; - int bufsize; + unsigned int bufsize; int initialised; int win95; uint32 capabilities; --- samba-2.2.7a/source/include/proto.h Mon Mar 17 11:00:16 2003 +++ samba-2.2.8-patchedonly/source/include/proto.h Fri Mar 14 22:34:47 2003 @@@@ -301,7 +301,7 @@@@ SMB_BIG_UINT offset, SMB_BIG_UINT len, int timeout, enum brl_type lock_type); BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_UINT len); BOOL cli_getattrE(struct cli_state *cli, int fd, - uint16 *attr, size_t *size, + uint16 *attr, SMB_BIG_UINT *size, time_t *c_time, time_t *a_time, time_t *m_time); BOOL cli_getatr(struct cli_state *cli, const char *fname, uint16 *attr, size_t *size, time_t *t); @@@@ -425,7 +425,7 @@@@ /* The following definitions come from libsmb/clirap.c */ -BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, +BOOL cli_api_pipe(struct cli_state *cli, const char *pipe_name, uint16 *setup, uint32 setup_count, uint32 max_setup_count, char *params, uint32 param_count, uint32 max_param_count, char *data, uint32 data_count, uint32 max_data_count, @@@@ -434,8 +434,8 @@@@ BOOL cli_api(struct cli_state *cli, char *param, int prcnt, int mprcnt, char *data, int drcnt, int mdrcnt, - char **rparam, int *rprcnt, - char **rdata, int *rdrcnt); + char **rparam, unsigned int *rprcnt, + char **rdata, unsigned int *rdrcnt); BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation); int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, const char *, void *), void *state); BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, @@@@ -653,21 +653,21 @@@@ BOOL cli_send_trans(struct cli_state *cli, int trans, const char *pipe_name, int fid, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata); BOOL cli_receive_trans(struct cli_state *cli,int trans, - char **param, int *param_len, - char **data, int *data_len); + char **param, unsigned int *param_len, + char **data, unsigned int *data_len); BOOL cli_send_nt_trans(struct cli_state *cli, int function, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata); BOOL cli_receive_nt_trans(struct cli_state *cli, - char **param, int *param_len, - char **data, int *data_len); + char **param, unsigned int *param_len, + char **data, unsigned int *data_len); /* The following definitions come from libsmb/credentials.c */ --- samba-2.2.7a/source/libsmb/clifile.c Mon Mar 17 10:53:21 2003 +++ samba-2.2.8/source/libsmb/clifile.c Fri Mar 14 22:34:48 2003 @@@@ -30,8 +30,8 @@@@ static BOOL cli_link_internal(struct cli_state *cli, const char *fname_src, const char *fname_dst, BOOL hard_link) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_SETPATHINFO; char param[sizeof(pstring)+6]; pstring data; @@@@ -124,8 +124,8 @@@@ static BOOL cli_unix_chmod_chown_internal(struct cli_state *cli, const char *fname, uint32 mode, uint32 uid, uint32 gid) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_SETPATHINFO; char param[sizeof(pstring)+6]; char data[100]; @@@@ -336,8 +336,8 @@@@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag) { - int data_len = 1; - int param_len = 6; + unsigned int data_len = 1; + unsigned int param_len = 6; uint16 setup = TRANSACT2_SETFILEINFO; pstring param; unsigned char data; @@@@ -802,11 +802,11 @@@@ } /**************************************************************************** - Do a SMBgetattrE call. + Do a SMBgetattrE call. The size is 32 bits. ****************************************************************************/ BOOL cli_getattrE(struct cli_state *cli, int fd, - uint16 *attr, size_t *size, + uint16 *attr, SMB_BIG_UINT *size, time_t *c_time, time_t *a_time, time_t *m_time) { memset(cli->outbuf,'\0',smb_size); --- samba-2.2.7a/source/libsmb/clilist.c Mon Mar 17 11:00:18 2003 +++ samba-2.2.8/source/libsmb/clilist.c Fri Mar 14 22:34:48 2003 @@@@ -152,7 +152,7 @@@@ int ff_dir_handle=0; int loop_count = 0; char *rparam=NULL, *rdata=NULL; - int param_len, data_len; + unsigned int param_len, data_len; uint16 setup; pstring param; --- samba-2.2.7a/source/libsmb/clirap.c Mon Mar 17 10:53:23 2003 +++ samba-2.2.8/source/libsmb/clirap.c Fri Mar 14 22:34:48 2003 @@@@ -27,7 +27,7 @@@@ /**************************************************************************** Call a remote api on an arbitrary pipe. takes param, data and setup buffers. ****************************************************************************/ -BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, +BOOL cli_api_pipe(struct cli_state *cli, const char *pipe_name, uint16 *setup, uint32 setup_count, uint32 max_setup_count, char *params, uint32 param_count, uint32 max_param_count, char *data, uint32 data_count, uint32 max_data_count, @@@@ -42,8 +42,8 @@@@ data, data_count, max_data_count); return (cli_receive_trans(cli, SMBtrans, - rparam, (int *)rparam_count, - rdata, (int *)rdata_count)); + rparam, (unsigned int *)rparam_count, + rdata, (unsigned int *)rdata_count)); } /**************************************************************************** @@@@ -52,8 +52,8 @@@@ BOOL cli_api(struct cli_state *cli, char *param, int prcnt, int mprcnt, char *data, int drcnt, int mdrcnt, - char **rparam, int *rprcnt, - char **rdata, int *rdrcnt) + char **rparam, unsigned int *rprcnt, + char **rdata, unsigned int *rdrcnt) { cli_send_trans(cli,SMBtrans, PIPE_LANMAN, /* Name */ @@@@ -176,7 +176,7 @@@@ char *sname = p; int type = SVAL(p,14); int comment_offset = IVAL(p,16) & 0xFFFF; - char *cmnt = comment_offset?(rdata+comment_offset-converter):""; + const char *cmnt = comment_offset?(rdata+comment_offset-converter):""; pstring s1, s2; pstrcpy(s1, dos_to_unix_static(sname)); @@@@ -254,7 +254,7 @@@@ for (i = 0;i < count;i++, p += 26) { char *sname = p; int comment_offset = (IVAL(p,22) & 0xFFFF)-converter; - char *cmnt = comment_offset?(rdata+comment_offset):""; + const char *cmnt = comment_offset?(rdata+comment_offset):""; pstring s1, s2; if (comment_offset < 0 || comment_offset > rdrcnt) continue; @@@@ -289,8 +289,8 @@@@ fstring upper_case_new_pw; unsigned char old_pw_hash[16]; unsigned char new_pw_hash[16]; - int data_len; - int param_len = 0; + unsigned int data_len; + unsigned int param_len = 0; char *rparam = NULL; char *rdata = NULL; int rprcnt, rdrcnt; @@@@ -372,8 +372,8 @@@@ time_t *c_time, time_t *a_time, time_t *m_time, size_t *size, uint16 *mode) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -451,8 +451,8 @@@@ time_t *w_time, size_t *size, uint16 *mode, SMB_INO_T *ino) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -522,8 +522,8 @@@@ time_t *c_time, time_t *a_time, time_t *m_time, time_t *w_time, SMB_INO_T *ino) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QFILEINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -590,8 +590,8 @@@@ ****************************************************************************/ BOOL cli_qfileinfo_test(struct cli_state *cli, int fnum, int level, char *outdata) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QFILEINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -635,8 +635,8 @@@@ NTSTATUS cli_qpathinfo_alt_name(struct cli_state *cli, const char *fname, fstring alt_name) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; --- samba-2.2.7a/source/client/client.c Mon Mar 17 14:49:44 2003 +++ samba-2.2.8/source/client/client.c Mon Mar 17 14:50:19 2003 @@@@ -644,8 +644,9 @@@@ struct timeval tp_start; int read_size = io_bufsize; uint16 attr; - size_t size; - off_t nread = 0; + size_t old_size = 0; + SMB_BIG_UINT size = 0; + SMB_BIG_UINT nread = 0; GetTimeOfDay(&tp_start); @@@@ -671,9 +672,8 @@@@ return; } - if (!cli_qfileinfo(cli, fnum, - &attr, &size, NULL, NULL, NULL, NULL, NULL) && + &attr, &old_size, NULL, NULL, NULL, NULL, NULL) && !cli_getattrE(cli, fnum, &attr, &size, NULL, NULL, NULL)) { DEBUG(0,("getattrib: %s\n",cli_errstr(cli))); --- samba-2.2.7a/source/client/clitar.c Mon Mar 17 14:53:27 2003 +++ samba-2.2.8/source/client/clitar.c Mon Mar 17 14:53:58 2003 @@@@ -45,7 +45,7 @@@@ struct file_info_struct { - size_t size; + SMB_BIG_UINT size; uint16 mode; int uid; int gid; @@@@ -621,7 +621,7 @@@@ static void do_atar(char *rname,char *lname,file_info *finfo1) { int fnum; - uint32 nread=0; + SMB_BIG_UINT nread=0; char ftype; file_info2 finfo; BOOL close_done = False; @@@@ -643,6 +643,7 @@@@ finfo.mtime = finfo1 -> mtime; finfo.atime = finfo1 -> atime; finfo.ctime = finfo1 -> ctime; + finfo.name = finfo1 -> name; } else { finfo.size = def_finfo.size; @@@@ -652,13 +653,14 @@@@ finfo.mtime = def_finfo.mtime; finfo.atime = def_finfo.atime; finfo.ctime = def_finfo.ctime; + finfo.name = def_finfo.name; } if (dry_run) { - DEBUG(3,("skipping file %s of size %d bytes\n", + DEBUG(3,("skipping file %s of size %12.0f bytes\n", finfo.name, - (int)finfo.size)); + (double)finfo.size)); shallitime=0; ttarf+=finfo.size + TBLOCK - (finfo.size % TBLOCK); ntarf++; @@@@ -709,9 +711,9 @@@@ } else { - DEBUG(3,("getting file %s of size %d bytes as a tar file %s", + DEBUG(3,("getting file %s of size %.0f bytes as a tar file %s", finfo.name, - (int)finfo.size, + (double)finfo.size, lname)); /* write a tar header, don't bother with mode - just set to 100644 */ @@@@ -719,7 +721,7 @@@@ while (nread < finfo.size && !close_done) { - DEBUG(3,("nread=%d\n",nread)); + DEBUG(3,("nread=%.0f\n",(double)nread)); datalen = cli_read(cli, fnum, data, nread, read_size); @@@@ -736,7 +738,7 @@@@ if (nread > finfo.size) { datalen -= nread - finfo.size; - DEBUG(0,("File size change - truncating %s to %d bytes\n", finfo.name, (int)finfo.size)); + DEBUG(0,("File size change - truncating %s to %.0f bytes\n", finfo.name, (double)finfo.size)); } /* add received bits of file to buffer - dotarbuf will @@@@ -756,7 +758,7 @@@@ /* pad tar file with zero's if we couldn't get entire file */ if (nread < finfo.size) { - DEBUG(0, ("Didn't get entire file. size=%d, nread=%d\n", (int)finfo.size, (int)nread)); + DEBUG(0, ("Didn't get entire file. size=%.0f, nread=%.0f\n", (double)finfo.size, (double)nread)); if (padit(data, sizeof(data), finfo.size - nread)) DEBUG(0,("Error writing tar file - %s\n", strerror(errno))); } @@@@ -789,8 +791,8 @@@@ if (tar_noisy) { - DEBUG(0, ("%10d (%7.1f kb/s) %s\n", - (int)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), + DEBUG(0, ("%12.0f (%7.1f kb/s) %s\n", + (double)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), finfo.name)); } --- samba-2.2.7a/source/libsmb/clitrans.c Mon Mar 17 10:53:24 2003 +++ samba-2.2.8/source/libsmb/clitrans.c Fri Mar 14 22:34:48 2003 @@@@ -25,18 +25,19 @@@@ /**************************************************************************** - send a SMB trans or trans2 request - ****************************************************************************/ + Send a SMB trans or trans2 request. +****************************************************************************/ + BOOL cli_send_trans(struct cli_state *cli, int trans, const char *pipe_name, int fid, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata) + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata) { int i; - int this_ldata,this_lparam; - int tot_data=0,tot_param=0; + unsigned int this_ldata,this_lparam; + unsigned int tot_data=0,tot_param=0; char *outdata,*outparam; char *p; int pipe_name_len=0; @@@@ -84,14 +85,13 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; if (this_ldata < ldata || this_lparam < lparam) { /* receive interim response */ - if (!cli_receive_smb(cli) || - cli_is_error(cli)) { + if (!cli_receive_smb(cli) || cli_is_error(cli)) return(False); - } tot_data = this_ldata; tot_param = this_lparam; @@@@ -124,7 +124,8 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; tot_data += this_ldata; tot_param += this_lparam; @@@@ -134,17 +135,17 @@@@ return(True); } - /**************************************************************************** - receive a SMB trans or trans2 response allocating the necessary memory - ****************************************************************************/ + Receive a SMB trans or trans2 response allocating the necessary memory. +****************************************************************************/ + BOOL cli_receive_trans(struct cli_state *cli,int trans, - char **param, int *param_len, - char **data, int *data_len) + char **param, unsigned int *param_len, + char **data, unsigned int *data_len) { - int total_data=0; - int total_param=0; - int this_data,this_param; + unsigned int total_data=0; + unsigned int total_param=0; + unsigned int this_data,this_param; NTSTATUS status; char *tdata; char *tparam; @@@@ -171,9 +172,8 @@@@ */ status = cli_nt_error(cli); - if (NT_STATUS_IS_ERR(status)) { + if (NT_STATUS_IS_ERR(status)) return False; - } /* parse out the lengths */ total_data = SVAL(cli->inbuf,smb_tdrcnt); @@@@ -210,21 +210,59 @@@@ return False; } - if (this_data) - memcpy(*data + SVAL(cli->inbuf,smb_drdisp), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_droff), - this_data); - if (this_param) - memcpy(*param + SVAL(cli->inbuf,smb_prdisp), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_proff), - this_param); + if (this_data + *data_len < this_data || + this_data + *data_len < *data_len || + this_param + *param_len < this_param || + this_param + *param_len < *param_len) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + + if (this_data) { + unsigned int data_offset_out = SVAL(cli->inbuf,smb_drdisp); + unsigned int data_offset_in = SVAL(cli->inbuf,smb_droff); + + if (data_offset_out > total_data || + data_offset_out + this_data > total_data || + data_offset_out + this_data < data_offset_out || + data_offset_out + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + if (data_offset_in > cli->bufsize || + data_offset_in + this_data > cli->bufsize || + data_offset_in + this_data < data_offset_in || + data_offset_in + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + + memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); + } + if (this_param) { + unsigned int param_offset_out = SVAL(cli->inbuf,smb_prdisp); + unsigned int param_offset_in = SVAL(cli->inbuf,smb_proff); + + if (param_offset_out > total_param || + param_offset_out + this_param > total_param || + param_offset_out + this_param < param_offset_out || + param_offset_out + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_trans\n")); + return False; + } + if (param_offset_in > cli->bufsize || + param_offset_in + this_param > cli->bufsize || + param_offset_in + this_param < param_offset_in || + param_offset_in + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_trans\n")); + return False; + } + + memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); + } *data_len += this_data; *param_len += this_param; - /* parse out the total lengths again - they can shrink! */ - total_data = SVAL(cli->inbuf,smb_tdrcnt); - total_param = SVAL(cli->inbuf,smb_tprcnt); - if (total_data <= *data_len && total_param <= *param_len) break; @@@@ -243,27 +281,35 @@@@ if (NT_STATUS_IS_ERR(cli_nt_error(cli))) { return(False); } + + /* parse out the total lengths again - they can shrink! */ + if (SVAL(cli->inbuf,smb_tdrcnt) < total_data) + total_data = SVAL(cli->inbuf,smb_tdrcnt); + if (SVAL(cli->inbuf,smb_tprcnt) < total_param) + total_param = SVAL(cli->inbuf,smb_tprcnt); + + if (total_data <= *data_len && total_param <= *param_len) + break; + } return(True); } - - - /**************************************************************************** - send a SMB nttrans request - ****************************************************************************/ + Send a SMB nttrans request. +****************************************************************************/ + BOOL cli_send_nt_trans(struct cli_state *cli, int function, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata) + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata) { - int i; - int this_ldata,this_lparam; - int tot_data=0,tot_param=0; + unsigned int i; + unsigned int this_ldata,this_lparam; + unsigned int tot_data=0,tot_param=0; char *outdata,*outparam; this_lparam = MIN(lparam,cli->max_xmit - (500+lsetup*2)); /* hack */ @@@@ -302,14 +348,13 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; if (this_ldata < ldata || this_lparam < lparam) { /* receive interim response */ - if (!cli_receive_smb(cli) || - cli_is_error(cli)) { + if (!cli_receive_smb(cli) || cli_is_error(cli)) return(False); - } tot_data = this_ldata; tot_param = this_lparam; @@@@ -341,7 +386,8 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; tot_data += this_ldata; tot_param += this_lparam; @@@@ -356,13 +402,14 @@@@ /**************************************************************************** receive a SMB nttrans response allocating the necessary memory ****************************************************************************/ + BOOL cli_receive_nt_trans(struct cli_state *cli, - char **param, int *param_len, - char **data, int *data_len) + char **param, unsigned int *param_len, + char **data, unsigned int *data_len) { - int total_data=0; - int total_param=0; - int this_data,this_param; + unsigned int total_data=0; + unsigned int total_param=0; + unsigned int this_data,this_param; uint8 eclass; uint32 ecode; char *tdata; @@@@ -424,25 +471,65 @@@@ if (this_data + *data_len > total_data || this_param + *param_len > total_param) { - DEBUG(1,("Data overflow in cli_receive_trans\n")); + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); return False; } - if (this_data) - memcpy(*data + SVAL(cli->inbuf,smb_ntr_DataDisplacement), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_ntr_DataOffset), - this_data); - if (this_param) - memcpy(*param + SVAL(cli->inbuf,smb_ntr_ParameterDisplacement), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_ntr_ParameterOffset), - this_param); + if (this_data + *data_len < this_data || + this_data + *data_len < *data_len || + this_param + *param_len < this_param || + this_param + *param_len < *param_len) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + + if (this_data) { + unsigned int data_offset_out = SVAL(cli->inbuf,smb_ntr_DataDisplacement); + unsigned int data_offset_in = SVAL(cli->inbuf,smb_ntr_DataOffset); + + if (data_offset_out > total_data || + data_offset_out + this_data > total_data || + data_offset_out + this_data < data_offset_out || + data_offset_out + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + if (data_offset_in > cli->bufsize || + data_offset_in + this_data > cli->bufsize || + data_offset_in + this_data < data_offset_in || + data_offset_in + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + + memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); + } + + if (this_param) { + unsigned int param_offset_out = SVAL(cli->inbuf,smb_ntr_ParameterDisplacement); + unsigned int param_offset_in = SVAL(cli->inbuf,smb_ntr_ParameterOffset); + + if (param_offset_out > total_param || + param_offset_out + this_param > total_param || + param_offset_out + this_param < param_offset_out || + param_offset_out + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); + return False; + } + if (param_offset_in > cli->bufsize || + param_offset_in + this_param > cli->bufsize || + param_offset_in + this_param < param_offset_in || + param_offset_in + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); + return False; + } + + memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); + } + *data_len += this_data; *param_len += this_param; - /* parse out the total lengths again - they can shrink! */ - total_data = SVAL(cli->inbuf,smb_ntr_TotalDataCount); - total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount); - if (total_data <= *data_len && total_param <= *param_len) break; @@@@ -463,6 +550,14 @@@@ !(eclass == ERRDOS && ecode == ERRmoredata)) return(False); } + /* parse out the total lengths again - they can shrink! */ + if (SVAL(cli->inbuf,smb_ntr_TotalDataCount) < total_data) + total_data = SVAL(cli->inbuf,smb_ntr_TotalDataCount); + if (SVAL(cli->inbuf,smb_ntr_TotalParameterCount) < total_param) + total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount); + + if (total_data <= *data_len && total_param <= *param_len) + break; } return(True); --- samba-2.2.7a/source/smbd/ipc.c Thu Mar 13 23:16:38 2003 +++ samba-2.2.8/source/smbd/ipc.c Fri Mar 14 22:34:49 2003 @@@@ -368,52 +368,69 @@@@ uint16 *setup=NULL; int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); - int tpscnt = SVAL(inbuf,smb_vwv0); - int tdscnt = SVAL(inbuf,smb_vwv1); - int mprcnt = SVAL(inbuf,smb_vwv2); - int mdrcnt = SVAL(inbuf,smb_vwv3); - int msrcnt = CVAL(inbuf,smb_vwv4); + unsigned int tpscnt = SVAL(inbuf,smb_vwv0); + unsigned int tdscnt = SVAL(inbuf,smb_vwv1); + unsigned int mprcnt = SVAL(inbuf,smb_vwv2); + unsigned int mdrcnt = SVAL(inbuf,smb_vwv3); + unsigned int msrcnt = CVAL(inbuf,smb_vwv4); BOOL close_on_completion = BITSETW(inbuf+smb_vwv5,0); BOOL one_way = BITSETW(inbuf+smb_vwv5,1); - int pscnt = SVAL(inbuf,smb_vwv9); - int psoff = SVAL(inbuf,smb_vwv10); - int dscnt = SVAL(inbuf,smb_vwv11); - int dsoff = SVAL(inbuf,smb_vwv12); - int suwcnt = CVAL(inbuf,smb_vwv13); + unsigned int pscnt = SVAL(inbuf,smb_vwv9); + unsigned int psoff = SVAL(inbuf,smb_vwv10); + unsigned int dscnt = SVAL(inbuf,smb_vwv11); + unsigned int dsoff = SVAL(inbuf,smb_vwv12); + unsigned int suwcnt = CVAL(inbuf,smb_vwv13); START_PROFILE(SMBtrans); memset(name, '\0',sizeof(name)); fstrcpy(name,smb_buf(inbuf)); - if (dscnt > tdscnt || pscnt > tpscnt) { - exit_server("invalid trans parameters\n"); - } + if (dscnt > tdscnt || pscnt > tpscnt) + goto bad_param; if (tdscnt) { if((data = (char *)malloc(tdscnt)) == NULL) { - DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt)); + DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt)); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt)) + goto bad_param; + if (smb_base(inbuf)+dsoff+dscnt > inbuf + size) + goto bad_param; + memcpy(data,smb_base(inbuf)+dsoff,dscnt); } if (tpscnt) { if((params = (char *)malloc(tpscnt)) == NULL) { - DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt)); + DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt)); + SAFE_FREE(data); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt)) + goto bad_param; + if (smb_base(inbuf)+psoff+pscnt > inbuf + size) + goto bad_param; + memcpy(params,smb_base(inbuf)+psoff,pscnt); } if (suwcnt) { int i; if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) { - DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16)))); - END_PROFILE(SMBtrans); - return(ERROR_DOS(ERRDOS,ERRnomem)); - } + DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16)))); + SAFE_FREE(data); + SAFE_FREE(params); + END_PROFILE(SMBtrans); + return(ERROR_DOS(ERRDOS,ERRnomem)); + } + if (inbuf+smb_vwv14+(suwcnt*SIZEOFWORD) > inbuf + size) + goto bad_param; + if ((smb_vwv14+(suwcnt*SIZEOFWORD) < smb_vwv14) || (smb_vwv14+(suwcnt*SIZEOFWORD) < (suwcnt*SIZEOFWORD))) + goto bad_param; + for (i=0;i tdscnt || pscnt > tpscnt) { - exit_server("invalid trans parameters\n"); - } + if (dscnt > tdscnt || pscnt > tpscnt) + goto bad_param; - if (pcnt) + if (pcnt) { + if (pdisp+pcnt >= tpscnt) + goto bad_param; + if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt)) + goto bad_param; + if (smb_base(inbuf) + poff + pcnt >= inbuf + bufsize) + goto bad_param; + if (params + pdisp < params) + goto bad_param; + memcpy(params+pdisp,smb_base(inbuf)+poff,pcnt); - if (dcnt) + } + + if (dcnt) { + if (ddisp+dcnt >= tdscnt) + goto bad_param; + if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt)) + goto bad_param; + if (smb_base(inbuf) + doff + dcnt >= inbuf + bufsize) + goto bad_param; + if (data + ddisp < data) + goto bad_param; + memcpy(data+ddisp,smb_base(inbuf)+doff,dcnt); + } } - DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n", + DEBUG(3,("trans <%s> data=%u params=%u setup=%u\n", name,tdscnt,tpscnt,suwcnt)); /* @@@@ -525,4 +565,14 @@@@ END_PROFILE(SMBtrans); return(outsize); + + + bad_param: + + DEBUG(0,("reply_trans: invalid trans parameters\n")); + SAFE_FREE(data); + SAFE_FREE(params); + SAFE_FREE(setup); + END_PROFILE(SMBtrans); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/nttrans.c Mon Mar 17 10:55:36 2003 +++ samba-2.2.8/source/smbd/nttrans.c Fri Mar 14 22:34:49 2003 @@@@ -28,7 +28,7 @@@@ extern BOOL case_preserve; extern BOOL short_case_preserve; -static char *known_nt_pipes[] = { +static const char *known_nt_pipes[] = { "\\LANMAN", "\\srvsvc", "\\samr", @@@@ -1889,8 +1889,7 @@@@ if(CVAL(inbuf, smb_wct) != 19 + (setup_count/2)) { DEBUG(2,("Invalid smb_wct %d in nttrans call (should be %d)\n", CVAL(inbuf, smb_wct), 19 + (setup_count/2))); - END_PROFILE(SMBnttrans); - return ERROR_DOS(ERRSRV,ERRerror); + goto bad_param; } /* Allocate the space for the setup, the maximum needed parameters and data */ @@@@ -1904,9 +1903,9 @@@@ if ((total_parameter_count && !params) || (total_data_count && !data) || (setup_count && !setup)) { - safe_free(setup); - safe_free(params); - safe_free(data); + SAFE_FREE(setup); + SAFE_FREE(params); + SAFE_FREE(data); DEBUG(0,("reply_nttrans : Out of memory\n")); END_PROFILE(SMBnttrans); return ERROR_DOS(ERRDOS,ERRnomem); @@@@ -1918,21 +1917,38 @@@@ num_data_sofar = data_count; if (parameter_count > total_parameter_count || data_count > total_data_count) - exit_server("reply_nttrans: invalid sizes in packet."); + goto bad_param; if(setup) { - memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count); DEBUG(10,("reply_nttrans: setup_count = %d\n", setup_count)); + if ((smb_nt_SetupStart + setup_count < smb_nt_SetupStart) || + (smb_nt_SetupStart + setup_count < setup_count)) + goto bad_param; + if (smb_nt_SetupStart + setup_count > length) + goto bad_param; + + memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count); dump_data(10, setup, setup_count); } if(params) { - memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count); DEBUG(10,("reply_nttrans: parameter_count = %d\n", parameter_count)); + if ((parameter_offset + parameter_count < parameter_offset) || + (parameter_offset + parameter_count < parameter_count)) + goto bad_param; + if (smb_base(inbuf) + parameter_offset + parameter_count > inbuf + length) + goto bad_param; + + memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count); dump_data(10, params, parameter_count); } if(data) { - memcpy( data, smb_base(inbuf) + data_offset, data_count); DEBUG(10,("reply_nttrans: data_count = %d\n",data_count)); + if ((data_offset + data_count < data_offset) || (data_offset + data_count < data_count)) + goto bad_param; + if (smb_base(inbuf) + data_offset + data_count > inbuf + length) + goto bad_param; + + memcpy( data, smb_base(inbuf) + data_offset, data_count); dump_data(10, data, data_count); } @@@@ -1945,6 +1961,8 @@@@ while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) { BOOL ret; + uint32 parameter_displacement; + uint32 data_displacement; ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT); @@@@ -1956,27 +1974,59 @@@@ DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n", (smb_read_error == READ_ERROR) ? "error" : "timeout" )); } - SAFE_FREE(params); - SAFE_FREE(data); - SAFE_FREE(setup); - END_PROFILE(SMBnttrans); - return ERROR_DOS(ERRSRV,ERRerror); - } + goto bad_param; + } - /* Revise total_params and total_data in case they have changed downwards */ - total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount); - total_data_count = IVAL(inbuf, smb_nts_TotalDataCount); - num_params_sofar += (parameter_count = IVAL(inbuf,smb_nts_ParameterCount)); - num_data_sofar += ( data_count = IVAL(inbuf, smb_nts_DataCount)); - if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) - exit_server("reply_nttrans2: data overflow in secondary nttrans packet"); - - memcpy( ¶ms[ IVAL(inbuf, smb_nts_ParameterDisplacement)], - smb_base(inbuf) + IVAL(inbuf, smb_nts_ParameterOffset), parameter_count); - memcpy( &data[IVAL(inbuf, smb_nts_DataDisplacement)], - smb_base(inbuf)+ IVAL(inbuf, smb_nts_DataOffset), data_count); - } - } + /* Revise total_params and total_data in case they have changed downwards */ + if (IVAL(inbuf, smb_nts_TotalParameterCount) < total_parameter_count) + total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount); + if (IVAL(inbuf, smb_nts_TotalDataCount) < total_data_count) + total_data_count = IVAL(inbuf, smb_nts_TotalDataCount); + + parameter_count = IVAL(inbuf,smb_nts_ParameterCount); + parameter_offset = IVAL(inbuf, smb_nts_ParameterOffset); + parameter_displacement = IVAL(inbuf, smb_nts_ParameterDisplacement); + num_params_sofar += parameter_count; + + data_count = IVAL(inbuf, smb_nts_DataCount); + data_displacement = IVAL(inbuf, smb_nts_DataDisplacement); + data_offset = IVAL(inbuf, smb_nts_DataOffset); + num_data_sofar += data_count; + + if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) { + DEBUG(0,("reply_nttrans2: data overflow in secondary nttrans packet")); + goto bad_param; + } + + if (parameter_count) { + if (parameter_displacement + parameter_count >= total_parameter_count) + goto bad_param; + if ((parameter_displacement + parameter_count < parameter_displacement) || + (parameter_displacement + parameter_count < parameter_count)) + goto bad_param; + if (smb_base(inbuf) + parameter_offset + parameter_count >= inbuf + bufsize) + goto bad_param; + if (params + parameter_displacement < params) + goto bad_param; + + memcpy( ¶ms[parameter_displacement], smb_base(inbuf) + parameter_offset, parameter_count); + } + + if (data_count) { + if (data_displacement + data_count >= total_data_count) + goto bad_param; + if ((data_displacement + data_count < data_displacement) || + (data_displacement + data_count < data_count)) + goto bad_param; + if (smb_base(inbuf) + data_offset + data_count >= inbuf + bufsize) + goto bad_param; + if (data + data_displacement < data) + goto bad_param; + + memcpy( &data[data_displacement], smb_base(inbuf)+ data_offset, data_count); + } + } + } if (Protocol >= PROTOCOL_NT1) SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | FLAGS2_IS_LONG_NAME); @@@@ -2051,4 +2101,12 @@@@ return outsize; /* If a correct response was needed the call_nt_transact_xxxx calls have already sent it. If outsize != -1 then it is returning an error packet. */ + + bad_param: + + SAFE_FREE(params); + SAFE_FREE(data); + SAFE_FREE(setup); + END_PROFILE(SMBnttrans); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/trans2.c Mon Mar 17 10:55:35 2003 +++ samba-2.2.8-withoutdeleteonclose/source/smbd/trans2.c Fri Mar 14 22:34:49 2003 @@@@ -3202,7 +3186,7 @@@@ unsigned int suwcnt = SVAL(inbuf, smb_suwcnt); unsigned int tran_call = SVAL(inbuf, smb_setup0); char *params = NULL, *data = NULL; - int num_params, num_params_sofar, num_data, num_data_sofar; + unsigned int num_params, num_params_sofar, num_data, num_data_sofar; START_PROFILE(SMBtrans2); if(global_oplock_break && (tran_call == TRANSACT2_OPEN)) { @@@@ -3241,10 +3225,10 @@@@ (SVAL(inbuf,(smb_setup+6)) == LMFUNC_GETJOBID)) { DEBUG(2,("Got Trans2 DevIOctl jobid\n")); } else { - DEBUG(2,("Invalid smb_sucnt in trans2 call(%d)\n",suwcnt)); + DEBUG(2,("Invalid smb_sucnt in trans2 call(%u)\n",suwcnt)); DEBUG(2,("Transaction is %d\n",tran_call)); END_PROFILE(SMBtrans2); - return ERROR_DOS(ERRSRV,ERRerror); + ERROR_DOS(ERRDOS,ERRinvalidparam); } } @@@@ -3270,10 +3254,22 @@@@ if (num_params > total_params || num_data > total_data) exit_server("invalid params in reply_trans2"); - if(params) - memcpy( params, smb_base(inbuf) + SVAL(inbuf, smb_psoff), num_params); - if(data) - memcpy( data, smb_base(inbuf) + SVAL(inbuf, smb_dsoff), num_data); + if(params) { + unsigned int psoff = SVAL(inbuf, smb_psoff); + if ((psoff + num_params < psoff) || (psoff + num_params < num_params)) + goto bad_param; + if (smb_base(inbuf) + psoff + num_params > inbuf + length) + goto bad_param; + memcpy( params, smb_base(inbuf) + psoff, num_params); + } + if(data) { + unsigned int dsoff = SVAL(inbuf, smb_dsoff); + if ((dsoff + num_data < dsoff) || (dsoff + num_data < num_data)) + goto bad_param; + if (smb_base(inbuf) + dsoff + num_data > inbuf + length) + goto bad_param; + memcpy( data, smb_base(inbuf) + dsoff, num_data); + } if(num_data_sofar < total_data || num_params_sofar < total_params) { /* We need to send an interim response then receive the rest @@@@ -3285,6 +3281,10 @@@@ while (num_data_sofar < total_data || num_params_sofar < total_params) { BOOL ret; + unsigned int param_disp; + unsigned int param_off; + unsigned int data_disp; + unsigned int data_off; ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT); @@@@ -3296,25 +3296,55 @@@@ else DEBUG(0,("reply_trans2: %s in getting secondary trans2 response.\n", (smb_read_error == READ_ERROR) ? "error" : "timeout" )); - SAFE_FREE(params); - SAFE_FREE(data); - END_PROFILE(SMBtrans2); - return ERROR_DOS(ERRSRV,ERRerror); + goto bad_param; } /* Revise total_params and total_data in case they have changed downwards */ - total_params = SVAL(inbuf, smb_tpscnt); - total_data = SVAL(inbuf, smb_tdscnt); - num_params_sofar += (num_params = SVAL(inbuf,smb_spscnt)); - num_data_sofar += ( num_data = SVAL(inbuf, smb_sdscnt)); + if (SVAL(inbuf, smb_tpscnt) < total_params) + total_params = SVAL(inbuf, smb_tpscnt); + if (SVAL(inbuf, smb_tdscnt) < total_data) + total_data = SVAL(inbuf, smb_tdscnt); + + num_params = SVAL(inbuf,smb_spscnt); + param_off = SVAL(inbuf, smb_spsoff); + param_disp = SVAL(inbuf, smb_spsdisp); + num_params_sofar += num_params; + + num_data = SVAL(inbuf, smb_sdscnt); + data_off = SVAL(inbuf, smb_sdsoff); + data_disp = SVAL(inbuf, smb_sdsdisp); + num_data_sofar += num_data; + if (num_params_sofar > total_params || num_data_sofar > total_data) - exit_server("data overflow in trans2"); + goto bad_param; - memcpy( ¶ms[ SVAL(inbuf, smb_spsdisp)], - smb_base(inbuf) + SVAL(inbuf, smb_spsoff), num_params); - memcpy( &data[SVAL(inbuf, smb_sdsdisp)], - smb_base(inbuf)+ SVAL(inbuf, smb_sdsoff), num_data); + if (num_params) { + if (param_disp + num_params >= total_params) + goto bad_param; + if ((param_disp + num_params < param_disp) || + (param_disp + num_params < num_params)) + goto bad_param; + if (smb_base(inbuf) + param_off + num_params >= inbuf + bufsize) + goto bad_param; + if (params + param_disp < params) + goto bad_param; + + memcpy( ¶ms[param_disp], smb_base(inbuf) + param_off, num_params); + } + if (num_data) { + if (data_disp + num_data >= total_data) + goto bad_param; + if ((data_disp + num_data < data_disp) || + (data_disp + num_data < num_data)) + goto bad_param; + if (smb_base(inbuf) + data_off + num_data >= inbuf + bufsize) + goto bad_param; + if (data + data_disp < data) + goto bad_param; + + memcpy( &data[data_disp], smb_base(inbuf) + data_off, num_data); + } } } @@@@ -3427,4 +3457,11 @@@@ return outsize; /* If a correct response was needed the call_trans2xxx calls have already sent it. If outsize != -1 then it is returning */ + + bad_param: + + SAFE_FREE(params); + SAFE_FREE(data); + END_PROFILE(SMBtrans2); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/vfs-wrap.c Mon Mar 17 10:55:37 2003 +++ samba-2.2.8/source/smbd/vfs-wrap.c Fri Mar 14 22:34:49 2003 @@@@ -213,8 +213,9 @@@@ static int copy_reg(const char *source, const char *dest) { SMB_STRUCT_STAT source_stats; - int ifd; - int ofd; + int saved_errno; + int ifd = -1; + int ofd = -1; if (sys_lstat (source, &source_stats) == -1) return -1; @@@@ -222,42 +223,44 @@@@ if (!S_ISREG (source_stats.st_mode)) return -1; - if (unlink (dest) && errno != ENOENT) - return -1; - if((ifd = sys_open (source, O_RDONLY, 0)) < 0) return -1; - if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0 ) { - int saved_errno = errno; - close (ifd); - errno = saved_errno; + if (unlink (dest) && errno != ENOENT) return -1; - } - if (transfer_file(ifd, ofd, (size_t)-1) == -1) { - int saved_errno = errno; - close (ifd); - close (ofd); - unlink (dest); - errno = saved_errno; - return -1; - } +#ifdef O_NOFOLLOW + if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0600)) < 0 ) +#else + if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC , 0600)) < 0 ) +#endif + goto err; - if (close (ifd) == -1) { - int saved_errno = errno; - close (ofd); - errno = saved_errno; - return -1; - } - if (close (ofd) == -1) - return -1; + if (transfer_file(ifd, ofd, (size_t)-1) == -1) + goto err; + + /* + * Try to preserve ownership. For non-root it might fail, but that's ok. + * But root probably wants to know, e.g. if NFS disallows it. + */ + + if ((fchown(ofd, source_stats.st_uid, source_stats.st_gid) == -1) && (errno != EPERM)) + goto err; /* - * chown turns off set[ug]id bits for non-root, + * fchown turns off set[ug]id bits for non-root, * so do the chmod last. */ + if (fchmod (ofd, source_stats.st_mode & 07777)) + goto err; + + if (close (ifd) == -1) + goto err; + + if (close (ofd) == -1) + return -1; + /* Try to copy the old file's modtime and access time. */ { struct utimbuf tv; @@@@ -267,21 +270,19 @@@@ utime (dest, &tv); } - /* - * Try to preserve ownership. For non-root it might fail, but that's ok. - * But root probably wants to know, e.g. if NFS disallows it. - */ - - if ((chown(dest, source_stats.st_uid, source_stats.st_gid) == -1) && (errno != EPERM)) - return -1; - - if (chmod (dest, source_stats.st_mode & 07777)) - return -1; - if (unlink (source) == -1) return -1; return 0; + + err: + saved_errno = errno; + if (ifd != -1) + close(ifd); + if (ofd != -1) + close(ofd); + errno = saved_errno; + return -1; } int vfswrap_rename(connection_struct *conn, const char *oldname, const char *newname) @ 1.1.8.2 log @Add security patch (CAN-2003-0201; CAN-2003-0196) @ text @a1419 76 Additional Security Patch ------------------------- CAN-2003-0201 CAN-2003-0196 diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/password.c samba-2.2.8a/source/smbd/password.c --- samba-2.2.8/source/smbd/password.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/password.c Sun Apr 6 20:54:00 2003 @@@@ -816,7 +816,7 @@@@ if (!ok && lp_username(snum)) { char *auser; pstring user_list; - StrnCpy(user_list,lp_username(snum),sizeof(pstring)); + StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1); pstring_sub(user_list,"%S",lp_servicename(snum)); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/reply.c samba-2.2.8a/source/smbd/reply.c --- samba-2.2.8/source/smbd/reply.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/reply.c Sun Apr 6 20:54:00 2003 @@@@ -1500,6 +1500,9 @@@@ for (i=numentries;(i BUFFER_SIZE ) + break; finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); if (!finished) @@@@ -3528,6 +3531,9 @@@@ for (i=first;i BUFFER_SIZE ) + break; put_dos_date2(p,0,queue[i].time); SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3)); SSVAL(p,5, queue[i].job); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/statcache.c samba-2.2.8a/source/smbd/statcache.c --- samba-2.2.8/source/smbd/statcache.c Thu Oct 11 04:34:37 2001 +++ samba-2.2.8a/source/smbd/statcache.c Sun Apr 6 20:54:00 2003 @@@@ -88,7 +88,7 @@@@ * StrnCpy always null terminates. */ - StrnCpy(orig_name, full_orig_name, namelen); + StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1)); if(!case_sensitive) strupper( orig_name ); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/trans2.c samba-2.2.8a/source/smbd/trans2.c --- samba-2.2.8/source/smbd/trans2.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/trans2.c Sun Apr 6 20:54:00 2003 @@@@ -217,7 +217,6 @@@@ int16 open_ofun; int32 open_size; char *pname; - int16 namelen; pstring fname; mode_t unixmode; @@@@ -247,9 +246,8 @@@@ open_ofun = SVAL(params,12); open_size = IVAL(params,14); pname = ¶ms[28]; - namelen = strlen(pname)+1; - StrnCpy(fname,pname,namelen); + pstrcpy(fname, pname); DEBUG(3,("trans2open %s mode=%d attr=%d ofun=%d size=%d\n", fname,open_mode, open_attr, open_ofun, open_size)); @ 1.1.4.1 log @switch back to 2.2.2 with just the security patch @ text @a0 62 IMPORTANT: Security bugfix for Samba ------------------------------------ Summary ------- A security hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could potentially allow an attacker to gain root access on the target machine. The word "potentially" is used because there is no known exploit of this bug, and the Samba Team has not been able to craft one ourselves. However, the seriousness of the problem warrants this immediate 2.2.7 release. In addition to addressing this security issue, Samba 2.2.7 also includes thirteen unrelated improvements. These improvements result from our process of continuous quality assurance and code review, and are part of the Samba team's commitment to excellence. Details ------- There was a bug in the length checking for encrypted password change requests from clients. A client could potentially send an encrypted password, which, when decrypted with the old hashed password could be used as a buffer overrun attack on the stack of smbd. The attach would have to be crafted such that converting a DOS codepage string to little endian UCS2 unicode would translate into an executable block of code. All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable to this problem. This version of Samba 2.2.7 contains a fix for this problem. Earlier versions of Samba are not vulnerable. There is no known exploit or exploit code for this vulnerability, it was discovered by a code audit by Debian Samba maintainers. Credit ------ Thanks to Steve Langasek and Eloy Paris for bringing this vulnerability to our notice. Patch for Samba versions 2.2.2 to 2.2.6 --------------------------------------- The following patch applies cleanly to the above Samba versions and will fix the vulnerability for sites that do not wish to upgrade to 2.2.7 at this time. --- libsmb/smbencrypt.c.orig Tue Nov 19 17:21:57 2002 +++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002 @@@@ -63,7 +63,7 @@@@ if(len > 128) len = 128; /* Password must be converted to NT unicode - null terminated. */ - dos_struni2((char *)wpwd, (const char *)passwd, 256); + dos_struni2((char *)wpwd, (const char *)passwd, len); /* Calculate length in bytes */ len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16); @ 1.1.2.1 log @switch back to 2.2.5 with just the security patch @ text @a0 62 IMPORTANT: Security bugfix for Samba ------------------------------------ Summary ------- A security hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could potentially allow an attacker to gain root access on the target machine. The word "potentially" is used because there is no known exploit of this bug, and the Samba Team has not been able to craft one ourselves. However, the seriousness of the problem warrants this immediate 2.2.7 release. In addition to addressing this security issue, Samba 2.2.7 also includes thirteen unrelated improvements. These improvements result from our process of continuous quality assurance and code review, and are part of the Samba team's commitment to excellence. Details ------- There was a bug in the length checking for encrypted password change requests from clients. A client could potentially send an encrypted password, which, when decrypted with the old hashed password could be used as a buffer overrun attack on the stack of smbd. The attach would have to be crafted such that converting a DOS codepage string to little endian UCS2 unicode would translate into an executable block of code. All versions of Samba between 2.2.2 to 2.2.6 inclusive are vulnerable to this problem. This version of Samba 2.2.7 contains a fix for this problem. Earlier versions of Samba are not vulnerable. There is no known exploit or exploit code for this vulnerability, it was discovered by a code audit by Debian Samba maintainers. Credit ------ Thanks to Steve Langasek and Eloy Paris for bringing this vulnerability to our notice. Patch for Samba versions 2.2.2 to 2.2.6 --------------------------------------- The following patch applies cleanly to the above Samba versions and will fix the vulnerability for sites that do not wish to upgrade to 2.2.7 at this time. --- libsmb/smbencrypt.c.orig Tue Nov 19 17:21:57 2002 +++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002 @@@@ -63,7 +63,7 @@@@ if(len > 128) len = 128; /* Password must be converted to NT unicode - null terminated. */ - dos_struni2((char *)wpwd, (const char *)passwd, 256); + dos_struni2((char *)wpwd, (const char *)passwd, len); /* Calculate length in bytes */ len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16); @ 1.1.2.2 log @SA-2003.021-samba; CAN-2003-0085, CAN-2003-0086 @ text @d52 2 a53 2 --- samba-2.2.6/source/libsmb/smbencrypt.c Tue Nov 19 17:21:57 2002 +++ samba-2.2.7/source/libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002 a62 1419 IMPORTANT: Security bugfix for Samba ------------------------------------ Summary ------- The SuSE security audit team, in particular Sebastian Krahmer , has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. Advice created by Andrew Tridgell, the leader of the Samba Team, on how to protect an unpatched Samba server is given at the end of this section. The SMB/CIFS protocol implemented by Samba is vulnerable to many attacks, even without specific security holes. The TCP ports 139 and the new port 445 (used by Win2k and the Samba 3.0 alpha code in particular) should never be exposed to untrusted networks. Description ----------- A buffer overrun condition exists in the SMB/CIFS packet fragment re-assembly code in smbd which would allow an attacker to cause smbd to overwrite arbitrary areas of memory in its own process address space. This could allow a skilled attacker to inject binary specific exploit code into smbd. This version of Samba adds explicit overrun and overflow checks on fragment re-assembly of SMB/CIFS packets to ensure that only valid re-assembly is performed by smbd. In addition, the same checks have been added to the re-assembly functions in the client code, making it safe for use in other services. Credit ------ This security flaw was discovered and reported to the Samba Team by Sebastian Krahmer of the SuSE Security Audit Team. The fix was prepared by Jeremy Allison and reviewed by engineers from the Samba Team, SuSE, HP, SGI, Apple, and the Linux vendor engineers on the Linux Vendor security mailing list. The Samba Team would like to thank SuSE and Sebastian Krahmer for their excellent auditing work and for drawing attention to this flaw. Patch Availability ----------------- As this is a security issue, patches for this flaw specific to earlier versions of Samba will be posted on the samba-technical@@samba.org mailing list as requested. The patch below was extracted for OpenPKG from the Samba 2.2.7a to 2.2.8 differences regarding the following files: source/include/client.h source/include/proto.h changes reduced to functions affected by this patch source/client/client.c source/client/clitar.c source/libsmb/clifile.c source/libsmb/clilist.c source/libsmb/clirap.c source/libsmb/clitrans.c source/smbd/ipc.c source/smbd/trans2.c removed "6) Fix delete on close semantics to match W2K") source/smbd/nttrans.c whitespace differences were removed source/smbd/vfs-wrap.c --- samba-2.2.7a/source/include/client.h Mon Mar 17 11:00:11 2003 +++ samba-2.2.8/source/include/client.h Fri Mar 14 22:34:47 2003 @@@@ -103,7 +103,7 @@@@ int max_mux; char *outbuf; char *inbuf; - int bufsize; + unsigned int bufsize; int initialised; int win95; uint32 capabilities; --- samba-2.2.7a/source/include/proto.h Mon Mar 17 11:00:16 2003 +++ samba-2.2.8-patchedonly/source/include/proto.h Fri Mar 14 22:34:47 2003 @@@@ -301,7 +301,7 @@@@ SMB_BIG_UINT offset, SMB_BIG_UINT len, int timeout, enum brl_type lock_type); BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_UINT len); BOOL cli_getattrE(struct cli_state *cli, int fd, - uint16 *attr, size_t *size, + uint16 *attr, SMB_BIG_UINT *size, time_t *c_time, time_t *a_time, time_t *m_time); BOOL cli_getatr(struct cli_state *cli, const char *fname, uint16 *attr, size_t *size, time_t *t); @@@@ -425,7 +425,7 @@@@ /* The following definitions come from libsmb/clirap.c */ -BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, +BOOL cli_api_pipe(struct cli_state *cli, const char *pipe_name, uint16 *setup, uint32 setup_count, uint32 max_setup_count, char *params, uint32 param_count, uint32 max_param_count, char *data, uint32 data_count, uint32 max_data_count, @@@@ -434,8 +434,8 @@@@ BOOL cli_api(struct cli_state *cli, char *param, int prcnt, int mprcnt, char *data, int drcnt, int mdrcnt, - char **rparam, int *rprcnt, - char **rdata, int *rdrcnt); + char **rparam, unsigned int *rprcnt, + char **rdata, unsigned int *rdrcnt); BOOL cli_NetWkstaUserLogon(struct cli_state *cli,char *user, char *workstation); int cli_RNetShareEnum(struct cli_state *cli, void (*fn)(const char *, uint32, const char *, void *), void *state); BOOL cli_NetServerEnum(struct cli_state *cli, char *workgroup, uint32 stype, @@@@ -653,21 +653,21 @@@@ BOOL cli_send_trans(struct cli_state *cli, int trans, const char *pipe_name, int fid, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata); BOOL cli_receive_trans(struct cli_state *cli,int trans, - char **param, int *param_len, - char **data, int *data_len); + char **param, unsigned int *param_len, + char **data, unsigned int *data_len); BOOL cli_send_nt_trans(struct cli_state *cli, int function, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata); + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata); BOOL cli_receive_nt_trans(struct cli_state *cli, - char **param, int *param_len, - char **data, int *data_len); + char **param, unsigned int *param_len, + char **data, unsigned int *data_len); /* The following definitions come from libsmb/credentials.c */ --- samba-2.2.7a/source/libsmb/clifile.c Mon Mar 17 10:53:21 2003 +++ samba-2.2.8/source/libsmb/clifile.c Fri Mar 14 22:34:48 2003 @@@@ -30,8 +30,8 @@@@ static BOOL cli_link_internal(struct cli_state *cli, const char *fname_src, const char *fname_dst, BOOL hard_link) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_SETPATHINFO; char param[sizeof(pstring)+6]; pstring data; @@@@ -124,8 +124,8 @@@@ static BOOL cli_unix_chmod_chown_internal(struct cli_state *cli, const char *fname, uint32 mode, uint32 uid, uint32 gid) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_SETPATHINFO; char param[sizeof(pstring)+6]; char data[100]; @@@@ -336,8 +336,8 @@@@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag) { - int data_len = 1; - int param_len = 6; + unsigned int data_len = 1; + unsigned int param_len = 6; uint16 setup = TRANSACT2_SETFILEINFO; pstring param; unsigned char data; @@@@ -802,11 +802,11 @@@@ } /**************************************************************************** - Do a SMBgetattrE call. + Do a SMBgetattrE call. The size is 32 bits. ****************************************************************************/ BOOL cli_getattrE(struct cli_state *cli, int fd, - uint16 *attr, size_t *size, + uint16 *attr, SMB_BIG_UINT *size, time_t *c_time, time_t *a_time, time_t *m_time) { memset(cli->outbuf,'\0',smb_size); --- samba-2.2.7a/source/libsmb/clilist.c Mon Mar 17 11:00:18 2003 +++ samba-2.2.8/source/libsmb/clilist.c Fri Mar 14 22:34:48 2003 @@@@ -152,7 +152,7 @@@@ int ff_dir_handle=0; int loop_count = 0; char *rparam=NULL, *rdata=NULL; - int param_len, data_len; + unsigned int param_len, data_len; uint16 setup; pstring param; --- samba-2.2.7a/source/libsmb/clirap.c Mon Mar 17 10:53:23 2003 +++ samba-2.2.8/source/libsmb/clirap.c Fri Mar 14 22:34:48 2003 @@@@ -27,7 +27,7 @@@@ /**************************************************************************** Call a remote api on an arbitrary pipe. takes param, data and setup buffers. ****************************************************************************/ -BOOL cli_api_pipe(struct cli_state *cli, char *pipe_name, +BOOL cli_api_pipe(struct cli_state *cli, const char *pipe_name, uint16 *setup, uint32 setup_count, uint32 max_setup_count, char *params, uint32 param_count, uint32 max_param_count, char *data, uint32 data_count, uint32 max_data_count, @@@@ -42,8 +42,8 @@@@ data, data_count, max_data_count); return (cli_receive_trans(cli, SMBtrans, - rparam, (int *)rparam_count, - rdata, (int *)rdata_count)); + rparam, (unsigned int *)rparam_count, + rdata, (unsigned int *)rdata_count)); } /**************************************************************************** @@@@ -52,8 +52,8 @@@@ BOOL cli_api(struct cli_state *cli, char *param, int prcnt, int mprcnt, char *data, int drcnt, int mdrcnt, - char **rparam, int *rprcnt, - char **rdata, int *rdrcnt) + char **rparam, unsigned int *rprcnt, + char **rdata, unsigned int *rdrcnt) { cli_send_trans(cli,SMBtrans, PIPE_LANMAN, /* Name */ @@@@ -176,7 +176,7 @@@@ char *sname = p; int type = SVAL(p,14); int comment_offset = IVAL(p,16) & 0xFFFF; - char *cmnt = comment_offset?(rdata+comment_offset-converter):""; + const char *cmnt = comment_offset?(rdata+comment_offset-converter):""; pstring s1, s2; pstrcpy(s1, dos_to_unix_static(sname)); @@@@ -254,7 +254,7 @@@@ for (i = 0;i < count;i++, p += 26) { char *sname = p; int comment_offset = (IVAL(p,22) & 0xFFFF)-converter; - char *cmnt = comment_offset?(rdata+comment_offset):""; + const char *cmnt = comment_offset?(rdata+comment_offset):""; pstring s1, s2; if (comment_offset < 0 || comment_offset > rdrcnt) continue; @@@@ -289,8 +289,8 @@@@ fstring upper_case_new_pw; unsigned char old_pw_hash[16]; unsigned char new_pw_hash[16]; - int data_len; - int param_len = 0; + unsigned int data_len; + unsigned int param_len = 0; char *rparam = NULL; char *rdata = NULL; int rprcnt, rdrcnt; @@@@ -372,8 +372,8 @@@@ time_t *c_time, time_t *a_time, time_t *m_time, size_t *size, uint16 *mode) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -451,8 +451,8 @@@@ time_t *w_time, size_t *size, uint16 *mode, SMB_INO_T *ino) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -522,8 +522,8 @@@@ time_t *c_time, time_t *a_time, time_t *m_time, time_t *w_time, SMB_INO_T *ino) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QFILEINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -590,8 +590,8 @@@@ ****************************************************************************/ BOOL cli_qfileinfo_test(struct cli_state *cli, int fnum, int level, char *outdata) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QFILEINFO; pstring param; char *rparam=NULL, *rdata=NULL; @@@@ -635,8 +635,8 @@@@ NTSTATUS cli_qpathinfo_alt_name(struct cli_state *cli, const char *fname, fstring alt_name) { - int data_len = 0; - int param_len = 0; + unsigned int data_len = 0; + unsigned int param_len = 0; uint16 setup = TRANSACT2_QPATHINFO; pstring param; char *rparam=NULL, *rdata=NULL; --- samba-2.2.7a/source/client/client.c Mon Mar 17 14:49:44 2003 +++ samba-2.2.8/source/client/client.c Mon Mar 17 14:50:19 2003 @@@@ -644,8 +644,9 @@@@ struct timeval tp_start; int read_size = io_bufsize; uint16 attr; - size_t size; - off_t nread = 0; + size_t old_size = 0; + SMB_BIG_UINT size = 0; + SMB_BIG_UINT nread = 0; GetTimeOfDay(&tp_start); @@@@ -671,9 +672,8 @@@@ return; } - if (!cli_qfileinfo(cli, fnum, - &attr, &size, NULL, NULL, NULL, NULL, NULL) && + &attr, &old_size, NULL, NULL, NULL, NULL, NULL) && !cli_getattrE(cli, fnum, &attr, &size, NULL, NULL, NULL)) { DEBUG(0,("getattrib: %s\n",cli_errstr(cli))); --- samba-2.2.7a/source/client/clitar.c Mon Mar 17 14:53:27 2003 +++ samba-2.2.8/source/client/clitar.c Mon Mar 17 14:53:58 2003 @@@@ -45,7 +45,7 @@@@ struct file_info_struct { - size_t size; + SMB_BIG_UINT size; uint16 mode; int uid; int gid; @@@@ -621,7 +621,7 @@@@ static void do_atar(char *rname,char *lname,file_info *finfo1) { int fnum; - uint32 nread=0; + SMB_BIG_UINT nread=0; char ftype; file_info2 finfo; BOOL close_done = False; @@@@ -643,6 +643,7 @@@@ finfo.mtime = finfo1 -> mtime; finfo.atime = finfo1 -> atime; finfo.ctime = finfo1 -> ctime; + finfo.name = finfo1 -> name; } else { finfo.size = def_finfo.size; @@@@ -652,13 +653,14 @@@@ finfo.mtime = def_finfo.mtime; finfo.atime = def_finfo.atime; finfo.ctime = def_finfo.ctime; + finfo.name = def_finfo.name; } if (dry_run) { - DEBUG(3,("skipping file %s of size %d bytes\n", + DEBUG(3,("skipping file %s of size %12.0f bytes\n", finfo.name, - (int)finfo.size)); + (double)finfo.size)); shallitime=0; ttarf+=finfo.size + TBLOCK - (finfo.size % TBLOCK); ntarf++; @@@@ -709,9 +711,9 @@@@ } else { - DEBUG(3,("getting file %s of size %d bytes as a tar file %s", + DEBUG(3,("getting file %s of size %.0f bytes as a tar file %s", finfo.name, - (int)finfo.size, + (double)finfo.size, lname)); /* write a tar header, don't bother with mode - just set to 100644 */ @@@@ -719,7 +721,7 @@@@ while (nread < finfo.size && !close_done) { - DEBUG(3,("nread=%d\n",nread)); + DEBUG(3,("nread=%.0f\n",(double)nread)); datalen = cli_read(cli, fnum, data, nread, read_size); @@@@ -736,7 +738,7 @@@@ if (nread > finfo.size) { datalen -= nread - finfo.size; - DEBUG(0,("File size change - truncating %s to %d bytes\n", finfo.name, (int)finfo.size)); + DEBUG(0,("File size change - truncating %s to %.0f bytes\n", finfo.name, (double)finfo.size)); } /* add received bits of file to buffer - dotarbuf will @@@@ -756,7 +758,7 @@@@ /* pad tar file with zero's if we couldn't get entire file */ if (nread < finfo.size) { - DEBUG(0, ("Didn't get entire file. size=%d, nread=%d\n", (int)finfo.size, (int)nread)); + DEBUG(0, ("Didn't get entire file. size=%.0f, nread=%.0f\n", (double)finfo.size, (double)nread)); if (padit(data, sizeof(data), finfo.size - nread)) DEBUG(0,("Error writing tar file - %s\n", strerror(errno))); } @@@@ -789,8 +791,8 @@@@ if (tar_noisy) { - DEBUG(0, ("%10d (%7.1f kb/s) %s\n", - (int)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), + DEBUG(0, ("%12.0f (%7.1f kb/s) %s\n", + (double)finfo.size, finfo.size / MAX(0.001, (1.024*this_time)), finfo.name)); } --- samba-2.2.7a/source/libsmb/clitrans.c Mon Mar 17 10:53:24 2003 +++ samba-2.2.8/source/libsmb/clitrans.c Fri Mar 14 22:34:48 2003 @@@@ -25,18 +25,19 @@@@ /**************************************************************************** - send a SMB trans or trans2 request - ****************************************************************************/ + Send a SMB trans or trans2 request. +****************************************************************************/ + BOOL cli_send_trans(struct cli_state *cli, int trans, const char *pipe_name, int fid, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata) + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata) { int i; - int this_ldata,this_lparam; - int tot_data=0,tot_param=0; + unsigned int this_ldata,this_lparam; + unsigned int tot_data=0,tot_param=0; char *outdata,*outparam; char *p; int pipe_name_len=0; @@@@ -84,14 +85,13 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; if (this_ldata < ldata || this_lparam < lparam) { /* receive interim response */ - if (!cli_receive_smb(cli) || - cli_is_error(cli)) { + if (!cli_receive_smb(cli) || cli_is_error(cli)) return(False); - } tot_data = this_ldata; tot_param = this_lparam; @@@@ -124,7 +124,8 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; tot_data += this_ldata; tot_param += this_lparam; @@@@ -134,17 +135,17 @@@@ return(True); } - /**************************************************************************** - receive a SMB trans or trans2 response allocating the necessary memory - ****************************************************************************/ + Receive a SMB trans or trans2 response allocating the necessary memory. +****************************************************************************/ + BOOL cli_receive_trans(struct cli_state *cli,int trans, - char **param, int *param_len, - char **data, int *data_len) + char **param, unsigned int *param_len, + char **data, unsigned int *data_len) { - int total_data=0; - int total_param=0; - int this_data,this_param; + unsigned int total_data=0; + unsigned int total_param=0; + unsigned int this_data,this_param; NTSTATUS status; char *tdata; char *tparam; @@@@ -171,9 +172,8 @@@@ */ status = cli_nt_error(cli); - if (NT_STATUS_IS_ERR(status)) { + if (NT_STATUS_IS_ERR(status)) return False; - } /* parse out the lengths */ total_data = SVAL(cli->inbuf,smb_tdrcnt); @@@@ -210,21 +210,59 @@@@ return False; } - if (this_data) - memcpy(*data + SVAL(cli->inbuf,smb_drdisp), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_droff), - this_data); - if (this_param) - memcpy(*param + SVAL(cli->inbuf,smb_prdisp), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_proff), - this_param); + if (this_data + *data_len < this_data || + this_data + *data_len < *data_len || + this_param + *param_len < this_param || + this_param + *param_len < *param_len) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + + if (this_data) { + unsigned int data_offset_out = SVAL(cli->inbuf,smb_drdisp); + unsigned int data_offset_in = SVAL(cli->inbuf,smb_droff); + + if (data_offset_out > total_data || + data_offset_out + this_data > total_data || + data_offset_out + this_data < data_offset_out || + data_offset_out + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + if (data_offset_in > cli->bufsize || + data_offset_in + this_data > cli->bufsize || + data_offset_in + this_data < data_offset_in || + data_offset_in + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_trans\n")); + return False; + } + + memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); + } + if (this_param) { + unsigned int param_offset_out = SVAL(cli->inbuf,smb_prdisp); + unsigned int param_offset_in = SVAL(cli->inbuf,smb_proff); + + if (param_offset_out > total_param || + param_offset_out + this_param > total_param || + param_offset_out + this_param < param_offset_out || + param_offset_out + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_trans\n")); + return False; + } + if (param_offset_in > cli->bufsize || + param_offset_in + this_param > cli->bufsize || + param_offset_in + this_param < param_offset_in || + param_offset_in + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_trans\n")); + return False; + } + + memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); + } *data_len += this_data; *param_len += this_param; - /* parse out the total lengths again - they can shrink! */ - total_data = SVAL(cli->inbuf,smb_tdrcnt); - total_param = SVAL(cli->inbuf,smb_tprcnt); - if (total_data <= *data_len && total_param <= *param_len) break; @@@@ -243,27 +281,35 @@@@ if (NT_STATUS_IS_ERR(cli_nt_error(cli))) { return(False); } + + /* parse out the total lengths again - they can shrink! */ + if (SVAL(cli->inbuf,smb_tdrcnt) < total_data) + total_data = SVAL(cli->inbuf,smb_tdrcnt); + if (SVAL(cli->inbuf,smb_tprcnt) < total_param) + total_param = SVAL(cli->inbuf,smb_tprcnt); + + if (total_data <= *data_len && total_param <= *param_len) + break; + } return(True); } - - - /**************************************************************************** - send a SMB nttrans request - ****************************************************************************/ + Send a SMB nttrans request. +****************************************************************************/ + BOOL cli_send_nt_trans(struct cli_state *cli, int function, int flags, - uint16 *setup, int lsetup, int msetup, - char *param, int lparam, int mparam, - char *data, int ldata, int mdata) + uint16 *setup, unsigned int lsetup, unsigned int msetup, + char *param, unsigned int lparam, unsigned int mparam, + char *data, unsigned int ldata, unsigned int mdata) { - int i; - int this_ldata,this_lparam; - int tot_data=0,tot_param=0; + unsigned int i; + unsigned int this_ldata,this_lparam; + unsigned int tot_data=0,tot_param=0; char *outdata,*outparam; this_lparam = MIN(lparam,cli->max_xmit - (500+lsetup*2)); /* hack */ @@@@ -302,14 +348,13 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; if (this_ldata < ldata || this_lparam < lparam) { /* receive interim response */ - if (!cli_receive_smb(cli) || - cli_is_error(cli)) { + if (!cli_receive_smb(cli) || cli_is_error(cli)) return(False); - } tot_data = this_ldata; tot_param = this_lparam; @@@@ -341,7 +386,8 @@@@ cli_setup_bcc(cli, outdata+this_ldata); show_msg(cli->outbuf); - cli_send_smb(cli); + if (!cli_send_smb(cli)) + return False; tot_data += this_ldata; tot_param += this_lparam; @@@@ -356,13 +402,14 @@@@ /**************************************************************************** receive a SMB nttrans response allocating the necessary memory ****************************************************************************/ + BOOL cli_receive_nt_trans(struct cli_state *cli, - char **param, int *param_len, - char **data, int *data_len) + char **param, unsigned int *param_len, + char **data, unsigned int *data_len) { - int total_data=0; - int total_param=0; - int this_data,this_param; + unsigned int total_data=0; + unsigned int total_param=0; + unsigned int this_data,this_param; uint8 eclass; uint32 ecode; char *tdata; @@@@ -424,25 +471,65 @@@@ if (this_data + *data_len > total_data || this_param + *param_len > total_param) { - DEBUG(1,("Data overflow in cli_receive_trans\n")); + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); return False; } - if (this_data) - memcpy(*data + SVAL(cli->inbuf,smb_ntr_DataDisplacement), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_ntr_DataOffset), - this_data); - if (this_param) - memcpy(*param + SVAL(cli->inbuf,smb_ntr_ParameterDisplacement), - smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_ntr_ParameterOffset), - this_param); + if (this_data + *data_len < this_data || + this_data + *data_len < *data_len || + this_param + *param_len < this_param || + this_param + *param_len < *param_len) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + + if (this_data) { + unsigned int data_offset_out = SVAL(cli->inbuf,smb_ntr_DataDisplacement); + unsigned int data_offset_in = SVAL(cli->inbuf,smb_ntr_DataOffset); + + if (data_offset_out > total_data || + data_offset_out + this_data > total_data || + data_offset_out + this_data < data_offset_out || + data_offset_out + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + if (data_offset_in > cli->bufsize || + data_offset_in + this_data > cli->bufsize || + data_offset_in + this_data < data_offset_in || + data_offset_in + this_data < this_data) { + DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); + return False; + } + + memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); + } + + if (this_param) { + unsigned int param_offset_out = SVAL(cli->inbuf,smb_ntr_ParameterDisplacement); + unsigned int param_offset_in = SVAL(cli->inbuf,smb_ntr_ParameterOffset); + + if (param_offset_out > total_param || + param_offset_out + this_param > total_param || + param_offset_out + this_param < param_offset_out || + param_offset_out + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); + return False; + } + if (param_offset_in > cli->bufsize || + param_offset_in + this_param > cli->bufsize || + param_offset_in + this_param < param_offset_in || + param_offset_in + this_param < this_param) { + DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); + return False; + } + + memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); + } + *data_len += this_data; *param_len += this_param; - /* parse out the total lengths again - they can shrink! */ - total_data = SVAL(cli->inbuf,smb_ntr_TotalDataCount); - total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount); - if (total_data <= *data_len && total_param <= *param_len) break; @@@@ -463,6 +550,14 @@@@ !(eclass == ERRDOS && ecode == ERRmoredata)) return(False); } + /* parse out the total lengths again - they can shrink! */ + if (SVAL(cli->inbuf,smb_ntr_TotalDataCount) < total_data) + total_data = SVAL(cli->inbuf,smb_ntr_TotalDataCount); + if (SVAL(cli->inbuf,smb_ntr_TotalParameterCount) < total_param) + total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount); + + if (total_data <= *data_len && total_param <= *param_len) + break; } return(True); --- samba-2.2.7a/source/smbd/ipc.c Thu Mar 13 23:16:38 2003 +++ samba-2.2.8/source/smbd/ipc.c Fri Mar 14 22:34:49 2003 @@@@ -368,52 +368,69 @@@@ uint16 *setup=NULL; int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); - int tpscnt = SVAL(inbuf,smb_vwv0); - int tdscnt = SVAL(inbuf,smb_vwv1); - int mprcnt = SVAL(inbuf,smb_vwv2); - int mdrcnt = SVAL(inbuf,smb_vwv3); - int msrcnt = CVAL(inbuf,smb_vwv4); + unsigned int tpscnt = SVAL(inbuf,smb_vwv0); + unsigned int tdscnt = SVAL(inbuf,smb_vwv1); + unsigned int mprcnt = SVAL(inbuf,smb_vwv2); + unsigned int mdrcnt = SVAL(inbuf,smb_vwv3); + unsigned int msrcnt = CVAL(inbuf,smb_vwv4); BOOL close_on_completion = BITSETW(inbuf+smb_vwv5,0); BOOL one_way = BITSETW(inbuf+smb_vwv5,1); - int pscnt = SVAL(inbuf,smb_vwv9); - int psoff = SVAL(inbuf,smb_vwv10); - int dscnt = SVAL(inbuf,smb_vwv11); - int dsoff = SVAL(inbuf,smb_vwv12); - int suwcnt = CVAL(inbuf,smb_vwv13); + unsigned int pscnt = SVAL(inbuf,smb_vwv9); + unsigned int psoff = SVAL(inbuf,smb_vwv10); + unsigned int dscnt = SVAL(inbuf,smb_vwv11); + unsigned int dsoff = SVAL(inbuf,smb_vwv12); + unsigned int suwcnt = CVAL(inbuf,smb_vwv13); START_PROFILE(SMBtrans); memset(name, '\0',sizeof(name)); fstrcpy(name,smb_buf(inbuf)); - if (dscnt > tdscnt || pscnt > tpscnt) { - exit_server("invalid trans parameters\n"); - } + if (dscnt > tdscnt || pscnt > tpscnt) + goto bad_param; if (tdscnt) { if((data = (char *)malloc(tdscnt)) == NULL) { - DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt)); + DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt)); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt)) + goto bad_param; + if (smb_base(inbuf)+dsoff+dscnt > inbuf + size) + goto bad_param; + memcpy(data,smb_base(inbuf)+dsoff,dscnt); } if (tpscnt) { if((params = (char *)malloc(tpscnt)) == NULL) { - DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt)); + DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt)); + SAFE_FREE(data); END_PROFILE(SMBtrans); return(ERROR_DOS(ERRDOS,ERRnomem)); } + if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt)) + goto bad_param; + if (smb_base(inbuf)+psoff+pscnt > inbuf + size) + goto bad_param; + memcpy(params,smb_base(inbuf)+psoff,pscnt); } if (suwcnt) { int i; if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) { - DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16)))); - END_PROFILE(SMBtrans); - return(ERROR_DOS(ERRDOS,ERRnomem)); - } + DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16)))); + SAFE_FREE(data); + SAFE_FREE(params); + END_PROFILE(SMBtrans); + return(ERROR_DOS(ERRDOS,ERRnomem)); + } + if (inbuf+smb_vwv14+(suwcnt*SIZEOFWORD) > inbuf + size) + goto bad_param; + if ((smb_vwv14+(suwcnt*SIZEOFWORD) < smb_vwv14) || (smb_vwv14+(suwcnt*SIZEOFWORD) < (suwcnt*SIZEOFWORD))) + goto bad_param; + for (i=0;i tdscnt || pscnt > tpscnt) { - exit_server("invalid trans parameters\n"); - } + if (dscnt > tdscnt || pscnt > tpscnt) + goto bad_param; - if (pcnt) + if (pcnt) { + if (pdisp+pcnt >= tpscnt) + goto bad_param; + if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt)) + goto bad_param; + if (smb_base(inbuf) + poff + pcnt >= inbuf + bufsize) + goto bad_param; + if (params + pdisp < params) + goto bad_param; + memcpy(params+pdisp,smb_base(inbuf)+poff,pcnt); - if (dcnt) + } + + if (dcnt) { + if (ddisp+dcnt >= tdscnt) + goto bad_param; + if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt)) + goto bad_param; + if (smb_base(inbuf) + doff + dcnt >= inbuf + bufsize) + goto bad_param; + if (data + ddisp < data) + goto bad_param; + memcpy(data+ddisp,smb_base(inbuf)+doff,dcnt); + } } - DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n", + DEBUG(3,("trans <%s> data=%u params=%u setup=%u\n", name,tdscnt,tpscnt,suwcnt)); /* @@@@ -525,4 +565,14 @@@@ END_PROFILE(SMBtrans); return(outsize); + + + bad_param: + + DEBUG(0,("reply_trans: invalid trans parameters\n")); + SAFE_FREE(data); + SAFE_FREE(params); + SAFE_FREE(setup); + END_PROFILE(SMBtrans); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/nttrans.c Mon Mar 17 10:55:36 2003 +++ samba-2.2.8/source/smbd/nttrans.c Fri Mar 14 22:34:49 2003 @@@@ -28,7 +28,7 @@@@ extern BOOL case_preserve; extern BOOL short_case_preserve; -static char *known_nt_pipes[] = { +static const char *known_nt_pipes[] = { "\\LANMAN", "\\srvsvc", "\\samr", @@@@ -1889,8 +1889,7 @@@@ if(CVAL(inbuf, smb_wct) != 19 + (setup_count/2)) { DEBUG(2,("Invalid smb_wct %d in nttrans call (should be %d)\n", CVAL(inbuf, smb_wct), 19 + (setup_count/2))); - END_PROFILE(SMBnttrans); - return ERROR_DOS(ERRSRV,ERRerror); + goto bad_param; } /* Allocate the space for the setup, the maximum needed parameters and data */ @@@@ -1904,9 +1903,9 @@@@ if ((total_parameter_count && !params) || (total_data_count && !data) || (setup_count && !setup)) { - safe_free(setup); - safe_free(params); - safe_free(data); + SAFE_FREE(setup); + SAFE_FREE(params); + SAFE_FREE(data); DEBUG(0,("reply_nttrans : Out of memory\n")); END_PROFILE(SMBnttrans); return ERROR_DOS(ERRDOS,ERRnomem); @@@@ -1918,21 +1917,38 @@@@ num_data_sofar = data_count; if (parameter_count > total_parameter_count || data_count > total_data_count) - exit_server("reply_nttrans: invalid sizes in packet."); + goto bad_param; if(setup) { - memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count); DEBUG(10,("reply_nttrans: setup_count = %d\n", setup_count)); + if ((smb_nt_SetupStart + setup_count < smb_nt_SetupStart) || + (smb_nt_SetupStart + setup_count < setup_count)) + goto bad_param; + if (smb_nt_SetupStart + setup_count > length) + goto bad_param; + + memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count); dump_data(10, setup, setup_count); } if(params) { - memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count); DEBUG(10,("reply_nttrans: parameter_count = %d\n", parameter_count)); + if ((parameter_offset + parameter_count < parameter_offset) || + (parameter_offset + parameter_count < parameter_count)) + goto bad_param; + if (smb_base(inbuf) + parameter_offset + parameter_count > inbuf + length) + goto bad_param; + + memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count); dump_data(10, params, parameter_count); } if(data) { - memcpy( data, smb_base(inbuf) + data_offset, data_count); DEBUG(10,("reply_nttrans: data_count = %d\n",data_count)); + if ((data_offset + data_count < data_offset) || (data_offset + data_count < data_count)) + goto bad_param; + if (smb_base(inbuf) + data_offset + data_count > inbuf + length) + goto bad_param; + + memcpy( data, smb_base(inbuf) + data_offset, data_count); dump_data(10, data, data_count); } @@@@ -1945,6 +1961,8 @@@@ while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) { BOOL ret; + uint32 parameter_displacement; + uint32 data_displacement; ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT); @@@@ -1956,27 +1974,59 @@@@ DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n", (smb_read_error == READ_ERROR) ? "error" : "timeout" )); } - SAFE_FREE(params); - SAFE_FREE(data); - SAFE_FREE(setup); - END_PROFILE(SMBnttrans); - return ERROR_DOS(ERRSRV,ERRerror); - } + goto bad_param; + } - /* Revise total_params and total_data in case they have changed downwards */ - total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount); - total_data_count = IVAL(inbuf, smb_nts_TotalDataCount); - num_params_sofar += (parameter_count = IVAL(inbuf,smb_nts_ParameterCount)); - num_data_sofar += ( data_count = IVAL(inbuf, smb_nts_DataCount)); - if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) - exit_server("reply_nttrans2: data overflow in secondary nttrans packet"); - - memcpy( ¶ms[ IVAL(inbuf, smb_nts_ParameterDisplacement)], - smb_base(inbuf) + IVAL(inbuf, smb_nts_ParameterOffset), parameter_count); - memcpy( &data[IVAL(inbuf, smb_nts_DataDisplacement)], - smb_base(inbuf)+ IVAL(inbuf, smb_nts_DataOffset), data_count); - } - } + /* Revise total_params and total_data in case they have changed downwards */ + if (IVAL(inbuf, smb_nts_TotalParameterCount) < total_parameter_count) + total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount); + if (IVAL(inbuf, smb_nts_TotalDataCount) < total_data_count) + total_data_count = IVAL(inbuf, smb_nts_TotalDataCount); + + parameter_count = IVAL(inbuf,smb_nts_ParameterCount); + parameter_offset = IVAL(inbuf, smb_nts_ParameterOffset); + parameter_displacement = IVAL(inbuf, smb_nts_ParameterDisplacement); + num_params_sofar += parameter_count; + + data_count = IVAL(inbuf, smb_nts_DataCount); + data_displacement = IVAL(inbuf, smb_nts_DataDisplacement); + data_offset = IVAL(inbuf, smb_nts_DataOffset); + num_data_sofar += data_count; + + if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) { + DEBUG(0,("reply_nttrans2: data overflow in secondary nttrans packet")); + goto bad_param; + } + + if (parameter_count) { + if (parameter_displacement + parameter_count >= total_parameter_count) + goto bad_param; + if ((parameter_displacement + parameter_count < parameter_displacement) || + (parameter_displacement + parameter_count < parameter_count)) + goto bad_param; + if (smb_base(inbuf) + parameter_offset + parameter_count >= inbuf + bufsize) + goto bad_param; + if (params + parameter_displacement < params) + goto bad_param; + + memcpy( ¶ms[parameter_displacement], smb_base(inbuf) + parameter_offset, parameter_count); + } + + if (data_count) { + if (data_displacement + data_count >= total_data_count) + goto bad_param; + if ((data_displacement + data_count < data_displacement) || + (data_displacement + data_count < data_count)) + goto bad_param; + if (smb_base(inbuf) + data_offset + data_count >= inbuf + bufsize) + goto bad_param; + if (data + data_displacement < data) + goto bad_param; + + memcpy( &data[data_displacement], smb_base(inbuf)+ data_offset, data_count); + } + } + } if (Protocol >= PROTOCOL_NT1) SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | FLAGS2_IS_LONG_NAME); @@@@ -2051,4 +2101,12 @@@@ return outsize; /* If a correct response was needed the call_nt_transact_xxxx calls have already sent it. If outsize != -1 then it is returning an error packet. */ + + bad_param: + + SAFE_FREE(params); + SAFE_FREE(data); + SAFE_FREE(setup); + END_PROFILE(SMBnttrans); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/trans2.c Mon Mar 17 10:55:35 2003 +++ samba-2.2.8-withoutdeleteonclose/source/smbd/trans2.c Fri Mar 14 22:34:49 2003 @@@@ -3202,7 +3186,7 @@@@ unsigned int suwcnt = SVAL(inbuf, smb_suwcnt); unsigned int tran_call = SVAL(inbuf, smb_setup0); char *params = NULL, *data = NULL; - int num_params, num_params_sofar, num_data, num_data_sofar; + unsigned int num_params, num_params_sofar, num_data, num_data_sofar; START_PROFILE(SMBtrans2); if(global_oplock_break && (tran_call == TRANSACT2_OPEN)) { @@@@ -3241,10 +3225,10 @@@@ (SVAL(inbuf,(smb_setup+6)) == LMFUNC_GETJOBID)) { DEBUG(2,("Got Trans2 DevIOctl jobid\n")); } else { - DEBUG(2,("Invalid smb_sucnt in trans2 call(%d)\n",suwcnt)); + DEBUG(2,("Invalid smb_sucnt in trans2 call(%u)\n",suwcnt)); DEBUG(2,("Transaction is %d\n",tran_call)); END_PROFILE(SMBtrans2); - return ERROR_DOS(ERRSRV,ERRerror); + ERROR_DOS(ERRDOS,ERRinvalidparam); } } @@@@ -3270,10 +3254,22 @@@@ if (num_params > total_params || num_data > total_data) exit_server("invalid params in reply_trans2"); - if(params) - memcpy( params, smb_base(inbuf) + SVAL(inbuf, smb_psoff), num_params); - if(data) - memcpy( data, smb_base(inbuf) + SVAL(inbuf, smb_dsoff), num_data); + if(params) { + unsigned int psoff = SVAL(inbuf, smb_psoff); + if ((psoff + num_params < psoff) || (psoff + num_params < num_params)) + goto bad_param; + if (smb_base(inbuf) + psoff + num_params > inbuf + length) + goto bad_param; + memcpy( params, smb_base(inbuf) + psoff, num_params); + } + if(data) { + unsigned int dsoff = SVAL(inbuf, smb_dsoff); + if ((dsoff + num_data < dsoff) || (dsoff + num_data < num_data)) + goto bad_param; + if (smb_base(inbuf) + dsoff + num_data > inbuf + length) + goto bad_param; + memcpy( data, smb_base(inbuf) + dsoff, num_data); + } if(num_data_sofar < total_data || num_params_sofar < total_params) { /* We need to send an interim response then receive the rest @@@@ -3285,6 +3281,10 @@@@ while (num_data_sofar < total_data || num_params_sofar < total_params) { BOOL ret; + unsigned int param_disp; + unsigned int param_off; + unsigned int data_disp; + unsigned int data_off; ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT); @@@@ -3296,25 +3296,55 @@@@ else DEBUG(0,("reply_trans2: %s in getting secondary trans2 response.\n", (smb_read_error == READ_ERROR) ? "error" : "timeout" )); - SAFE_FREE(params); - SAFE_FREE(data); - END_PROFILE(SMBtrans2); - return ERROR_DOS(ERRSRV,ERRerror); + goto bad_param; } /* Revise total_params and total_data in case they have changed downwards */ - total_params = SVAL(inbuf, smb_tpscnt); - total_data = SVAL(inbuf, smb_tdscnt); - num_params_sofar += (num_params = SVAL(inbuf,smb_spscnt)); - num_data_sofar += ( num_data = SVAL(inbuf, smb_sdscnt)); + if (SVAL(inbuf, smb_tpscnt) < total_params) + total_params = SVAL(inbuf, smb_tpscnt); + if (SVAL(inbuf, smb_tdscnt) < total_data) + total_data = SVAL(inbuf, smb_tdscnt); + + num_params = SVAL(inbuf,smb_spscnt); + param_off = SVAL(inbuf, smb_spsoff); + param_disp = SVAL(inbuf, smb_spsdisp); + num_params_sofar += num_params; + + num_data = SVAL(inbuf, smb_sdscnt); + data_off = SVAL(inbuf, smb_sdsoff); + data_disp = SVAL(inbuf, smb_sdsdisp); + num_data_sofar += num_data; + if (num_params_sofar > total_params || num_data_sofar > total_data) - exit_server("data overflow in trans2"); + goto bad_param; - memcpy( ¶ms[ SVAL(inbuf, smb_spsdisp)], - smb_base(inbuf) + SVAL(inbuf, smb_spsoff), num_params); - memcpy( &data[SVAL(inbuf, smb_sdsdisp)], - smb_base(inbuf)+ SVAL(inbuf, smb_sdsoff), num_data); + if (num_params) { + if (param_disp + num_params >= total_params) + goto bad_param; + if ((param_disp + num_params < param_disp) || + (param_disp + num_params < num_params)) + goto bad_param; + if (smb_base(inbuf) + param_off + num_params >= inbuf + bufsize) + goto bad_param; + if (params + param_disp < params) + goto bad_param; + + memcpy( ¶ms[param_disp], smb_base(inbuf) + param_off, num_params); + } + if (num_data) { + if (data_disp + num_data >= total_data) + goto bad_param; + if ((data_disp + num_data < data_disp) || + (data_disp + num_data < num_data)) + goto bad_param; + if (smb_base(inbuf) + data_off + num_data >= inbuf + bufsize) + goto bad_param; + if (data + data_disp < data) + goto bad_param; + + memcpy( &data[data_disp], smb_base(inbuf) + data_off, num_data); + } } } @@@@ -3427,4 +3457,11 @@@@ return outsize; /* If a correct response was needed the call_trans2xxx calls have already sent it. If outsize != -1 then it is returning */ + + bad_param: + + SAFE_FREE(params); + SAFE_FREE(data); + END_PROFILE(SMBtrans2); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } --- samba-2.2.7a/source/smbd/vfs-wrap.c Mon Mar 17 10:55:37 2003 +++ samba-2.2.8/source/smbd/vfs-wrap.c Fri Mar 14 22:34:49 2003 @@@@ -213,8 +213,9 @@@@ static int copy_reg(const char *source, const char *dest) { SMB_STRUCT_STAT source_stats; - int ifd; - int ofd; + int saved_errno; + int ifd = -1; + int ofd = -1; if (sys_lstat (source, &source_stats) == -1) return -1; @@@@ -222,42 +223,44 @@@@ if (!S_ISREG (source_stats.st_mode)) return -1; - if (unlink (dest) && errno != ENOENT) - return -1; - if((ifd = sys_open (source, O_RDONLY, 0)) < 0) return -1; - if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0 ) { - int saved_errno = errno; - close (ifd); - errno = saved_errno; + if (unlink (dest) && errno != ENOENT) return -1; - } - if (transfer_file(ifd, ofd, (size_t)-1) == -1) { - int saved_errno = errno; - close (ifd); - close (ofd); - unlink (dest); - errno = saved_errno; - return -1; - } +#ifdef O_NOFOLLOW + if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, 0600)) < 0 ) +#else + if((ofd = sys_open (dest, O_WRONLY | O_CREAT | O_TRUNC , 0600)) < 0 ) +#endif + goto err; - if (close (ifd) == -1) { - int saved_errno = errno; - close (ofd); - errno = saved_errno; - return -1; - } - if (close (ofd) == -1) - return -1; + if (transfer_file(ifd, ofd, (size_t)-1) == -1) + goto err; + + /* + * Try to preserve ownership. For non-root it might fail, but that's ok. + * But root probably wants to know, e.g. if NFS disallows it. + */ + + if ((fchown(ofd, source_stats.st_uid, source_stats.st_gid) == -1) && (errno != EPERM)) + goto err; /* - * chown turns off set[ug]id bits for non-root, + * fchown turns off set[ug]id bits for non-root, * so do the chmod last. */ + if (fchmod (ofd, source_stats.st_mode & 07777)) + goto err; + + if (close (ifd) == -1) + goto err; + + if (close (ofd) == -1) + return -1; + /* Try to copy the old file's modtime and access time. */ { struct utimbuf tv; @@@@ -267,21 +270,19 @@@@ utime (dest, &tv); } - /* - * Try to preserve ownership. For non-root it might fail, but that's ok. - * But root probably wants to know, e.g. if NFS disallows it. - */ - - if ((chown(dest, source_stats.st_uid, source_stats.st_gid) == -1) && (errno != EPERM)) - return -1; - - if (chmod (dest, source_stats.st_mode & 07777)) - return -1; - if (unlink (source) == -1) return -1; return 0; + + err: + saved_errno = errno; + if (ifd != -1) + close(ifd); + if (ofd != -1) + close(ofd); + errno = saved_errno; + return -1; } int vfswrap_rename(connection_struct *conn, const char *oldname, const char *newname) @ 1.1.2.3 log @Add security patch (CAN-2003-0201; CAN-2003-0196) @ text @a1481 77 Additional Security Patch ------------------------- CAN-2003-0201 CAN-2003-0196 diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/password.c samba-2.2.8a/source/smbd/password.c --- samba-2.2.8/source/smbd/password.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/password.c Sun Apr 6 20:54:00 2003 @@@@ -816,7 +816,7 @@@@ if (!ok && lp_username(snum)) { char *auser; pstring user_list; - StrnCpy(user_list,lp_username(snum),sizeof(pstring)); + StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1); pstring_sub(user_list,"%S",lp_servicename(snum)); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/reply.c samba-2.2.8a/source/smbd/reply.c --- samba-2.2.8/source/smbd/reply.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/reply.c Sun Apr 6 20:54:00 2003 @@@@ -1500,6 +1500,9 @@@@ for (i=numentries;(i BUFFER_SIZE ) + break; finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); if (!finished) @@@@ -3528,6 +3531,9 @@@@ for (i=first;i BUFFER_SIZE ) + break; put_dos_date2(p,0,queue[i].time); SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3)); SSVAL(p,5, queue[i].job); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/statcache.c samba-2.2.8a/source/smbd/statcache.c --- samba-2.2.8/source/smbd/statcache.c Thu Oct 11 04:34:37 2001 +++ samba-2.2.8a/source/smbd/statcache.c Sun Apr 6 20:54:00 2003 @@@@ -88,7 +88,7 @@@@ * StrnCpy always null terminates. */ - StrnCpy(orig_name, full_orig_name, namelen); + StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1)); if(!case_sensitive) strupper( orig_name ); diff -u -r --new-file --exclude=CVS samba-2.2.8/source/smbd/trans2.c samba-2.2.8a/source/smbd/trans2.c --- samba-2.2.8/source/smbd/trans2.c Fri Mar 14 15:34:49 2003 +++ samba-2.2.8a/source/smbd/trans2.c Sun Apr 6 20:54:00 2003 @@@@ -217,7 +217,6 @@@@ int16 open_ofun; int32 open_size; char *pname; - int16 namelen; pstring fname; mode_t unixmode; @@@@ -247,9 +246,8 @@@@ open_ofun = SVAL(params,12); open_size = IVAL(params,14); pname = ¶ms[28]; - namelen = strlen(pname)+1; - StrnCpy(fname,pname,namelen); + pstrcpy(fname, pname); DEBUG(3,("trans2open %s mode=%d attr=%d ofun=%d size=%d\n", fname,open_mode, open_attr, open_ofun, open_size)); @