net/samba4 has USE_GCC in its Makefile, but it doesn't really need to. The source3/wscript incorrectly assumes that if a compiler (like clang in the base system) can optimize out 'if (0) { some_undefined_function() }', then it can optimize out the more complex methods in lib/util/string_wrappers.h. This is not the case. The attached patch updates source3/wscript to test that the compiler can optimize out the same kind of construct used in lib/util/string_wrapper.h, which correctly detects that clang cannot, and the build succeeds with the base system compiler. Fix: See attached. Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->timur Over to maintainer (via the GNATS Auto Assign Tool)
Author: timur Date: Tue Nov 19 21:49:39 2013 New Revision: 334354 URL: http://svnweb.freebsd.org/changeset/ports/334354 Log: Upgrade port to the 4.0.12 version, closing CVE-2013-4475 and CVE-2013-4476. Remove dependency from gettext. Converted to STAGEDIR. PR: 183872, 183885 Security: CVE-2013-4475 CVE-2013-4476 Sponsored by: my wife Added: head/net/samba4/files/patch-lib__replace__xattr.c (contents, props changed) head/net/samba4/files/patch-source3__client__dnsbrowse.c (contents, props changed) head/net/samba4/files/patch-source3__lib__sysquotas_nfs.c (contents, props changed) head/net/samba4/files/patch-source3__utils__net_lookup.c (contents, props changed) head/net/samba4/files/patch-source4__heimdal__lib__roken__rkpty.c (contents, props changed) Modified: head/net/samba4/Makefile head/net/samba4/distinfo head/net/samba4/files/patch-lib__replace__wscript head/net/samba4/files/patch-source3__smbd__quotas.c head/net/samba4/files/patch-source3__wscript head/net/samba4/files/patch-source3__wscript_build head/net/samba4/files/patch-source4__dns_server__dns_crypto.c head/net/samba4/pkg-plist Modified: head/net/samba4/Makefile ============================================================================== --- head/net/samba4/Makefile Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/Makefile Tue Nov 19 21:49:39 2013 (r334354) @@ -18,7 +18,7 @@ CONFLICTS?= *samba3[2-6]-3.* SAMBA4_BASENAME= samba SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4 -SAMBA4_VERSION= 4.0.8 +SAMBA4_VERSION= 4.0.12 SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|} WRKSRC?= ${WRKDIR}/${DISTNAME} @@ -57,6 +57,8 @@ CONFIGURE_ARGS+= --prefix="${PREFIX}" \ --with-privatedir="${SAMBA4_PRIVATEDIR}" \ --with-logfilebase="${SAMBA4_LOGDIR}" +DESTDIRNAME= --destdir + WAF_TOOL= buildtools/bin/waf HAS_CONFIGURE= yes CONFIGURE_SCRIPT= ${WAF_TOOL} configure @@ -66,33 +68,32 @@ CONFIGURE_ENV+= PTHREAD_CFLAGS="${PTHRE PTHREAD_LDFLAGS="${PTHREAD_LIBS}" USE_PYTHON_BUILD= -2.7 -USE_PERL5= build -USE_GCC= 4.2+ USE_PYTHON= yes -USES= pkgconfig gettext iconv perl5 +USES= compiler perl5 pkgconfig iconv +USE_PERL5= build USE_LDCONFIG= ${SAMBA4_LIBDIR} PKGCONFIGDIR?= ${PREFIX}/libdata/pkgconfig PLIST_SUB+= PKGCONFIGDIR=${PKGCONFIGDIR:S;${PREFIX}/;;} # XXX: Unconditional dependencies which can't be switched off(if present in the system) # popt -LIB_DEPENDS+= popt:${PORTSDIR}/devel/popt +LIB_DEPENDS+= libpopt.so:${PORTSDIR}/devel/popt # XXX: We should try to switch to libunwind, libexecinfo is gcc specific(?) # backtrace -LIB_DEPENDS+= execinfo:${PORTSDIR}/devel/libexecinfo +LIB_DEPENDS+= libexecinfo.so:${PORTSDIR}/devel/libexecinfo # inotify -LIB_DEPENDS+= inotify:${PORTSDIR}/devel/libinotify +LIB_DEPENDS+= libinotify.so:${PORTSDIR}/devel/libinotify # SASL -LIB_DEPENDS+= sasl2:${PORTSDIR}/security/cyrus-sasl2 +LIB_DEPENDS+= libsasl2.so:${PORTSDIR}/security/cyrus-sasl2 # GNUTLS -LIB_DEPENDS+= gcrypt:${PORTSDIR}/security/libgcrypt -LIB_DEPENDS+= gnutls:${PORTSDIR}/security/gnutls +LIB_DEPENDS+= libgcrypt.so:${PORTSDIR}/security/libgcrypt +LIB_DEPENDS+= libgnutls.so:${PORTSDIR}/security/gnutls # NFS4 ACL glue -LIB_DEPENDS+= sunacl:${PORTSDIR}/sysutils/libsunacl +LIB_DEPENDS+= libsunacl.so:${PORTSDIR}/sysutils/libsunacl # External Samba dependencies # IDL compiler -BUILD_DEPENDS+= p5-Parse-Pidl>=${SAMBA4_VERSION}:${PORTSDIR}/devel/p5-Parse-Pidl +BUILD_DEPENDS+= p5-Parse-Pidl>=4.0.0:${PORTSDIR}/devel/p5-Parse-Pidl # talloc BUILD_DEPENDS+= talloc>=2.0.8:${PORTSDIR}/devel/talloc RUN_DEPENDS+= talloc>=2.0.8:${PORTSDIR}/devel/talloc @@ -109,9 +110,11 @@ SAMBA4_BUNDLED_LIBS+= !tdb BUILD_DEPENDS+= ldb>=1.1.15:${PORTSDIR}/databases/ldb RUN_DEPENDS+= ldb>=1.1.15:${PORTSDIR}/databases/ldb SAMBA4_BUNDLED_LIBS+= !ldb +# Don't use external libcom_err +SAMBA4_BUNDLED_LIBS+= com_err ############################################################################## # Options -OPTIONS_DEFINE= ACL_SUPPORT ADS AIO_SUPPORT AVAHI CUPS DEBUG \ +OPTIONS_DEFINE= ACL_SUPPORT ADS AIO_SUPPORT CUPS DEBUG \ DNSUPDATE FAM_SUPPORT LDAP PAM_SMBPASS \ PTHREADPOOL QUOTAS SWAT SYSLOG UTMP WINBIND @@ -141,10 +144,12 @@ OPTIONS_SINGLE_DNS= NSUPDATE BIND98 BIND BIND98_DESC= Use bind98 as a DNS server frontend BIND99_DESC= Use bind99 as a DNS server frontend NSUPDATE_DESC= Use internal DNS with NSUPDATE utility - OPTIONS_DEFAULT+= NSUPDATE -NO_STAGE= yes +OPTIONS_RADIO= ZEROCONF +OPTIONS_RADIO_ZEROCONF= AVAHI MDNSRESPONDER +OPTIONS_DEFAULT+= AVAHI + .include <bsd.port.options.mk> # !SAMBA4_SUBPORT @@ -157,11 +162,15 @@ NO_STAGE= yes CONFIGURE_ARGS+= \ --with-pam \ --with-iconv \ + --without-gettext \ --with-sendfile-support \ --builtin-libraries=smbclient \ - ${ICONV_CONFIGURE_BASE} \ - --with-gettext="${LOCALBASE}" + ${ICONV_CONFIGURE_BASE} +# No fancy error messages +.if ${COMPILER_TYPE} == "clang" +CFLAGS+= -fno-color-diagnostics +.endif # for libexecinfo: (so that __builtin_frame_address() finds the top of the stack) .if ${ARCH} == "amd64" CFLAGS+= -fno-omit-frame-pointer @@ -173,7 +182,7 @@ SUB_LIST+= NSUPDATE="@comment " .elif ${PORT_OPTIONS:MBIND99} RUN_DEPENDS+= bind99>=9.9.0.0:${PORTSDIR}/dns/bind99 SUB_LIST+= NSUPDATE="@comment " -.else +.elif ${PORT_OPTIONS:MNSUPDATE} RUN_DEPENDS+= samba-nsupdate:${PORTSDIR}/dns/samba-nsupdate SUB_LIST+= NSUPDATE="" .endif @@ -187,14 +196,14 @@ CONFIGURE_ARGS+= --enable-debug # https://bugzilla.samba.org/show_bug.cgi?id=8969 .if ${PORT_OPTIONS:MDEVELOPER} -GDB_CMD?= gdb76 +GDB_CMD?= gdb761 BUILD_DEPENDS+= ${GDB_CMD}:${PORTSDIR}/devel/gdb RUN_DEPENDS+= ${GDB_CMD}:${PORTSDIR}/devel/gdb SAMBA4_MODULES+= auth_skel perfcount_test pdb_test vfs_shadow_copy_test vfs_skel_opaque vfs_skel_transparent vfs_fake_acls CONFIGURE_ARGS+= --enable-developer --enable-socket-wrapper --enable-nss-wrapper --enable-selftest PLIST_SUB+= DEVELOPER="" .else -GDB_CMD= /usr/bin/true +GDB_CMD= true PLIST_SUB+= DEVELOPER="@comment " .endif ############################################################################## @@ -228,7 +237,7 @@ WANT_EXP_MODULES= idmap_ad vfs_cacheprim .if ${PORT_OPTIONS:MACL_SUPPORT} . if ${OSVERSION} > 800000 -LIB_DEPENDS+= sunacl:${PORTSDIR}/sysutils/libsunacl +LIB_DEPENDS+= libsunacl.so:${PORTSDIR}/sysutils/libsunacl WANT_EXP_MODULES+= vfs_zfsacl SAMBA4_MODULES+= vfs_zfsacl . endif @@ -250,14 +259,21 @@ CONFIGURE_ARGS+= --without-aio-support .endif .if ${PORT_OPTIONS:MAVAHI} -LIB_DEPENDS+= avahi-client:${PORTSDIR}/net/avahi-app +LIB_DEPENDS+= libavahi-client.so:${PORTSDIR}/net/avahi-app CONFIGURE_ARGS+= --enable-avahi .else CONFIGURE_ARGS+= --disable-avahi .endif +.if ${PORT_OPTIONS:MMDNSRESPONDER} +LIB_DEPENDS+= libdns_sd.so:${PORTSDIR}/net/mDNSResponder +CONFIGURE_ARGS+= --enable-dnssd +.else +CONFIGURE_ARGS+= --disable-dnssd +.endif + .if ${PORT_OPTIONS:MCUPS} -LIB_DEPENDS+= cups:${PORTSDIR}/print/cups-client +LIB_DEPENDS+= libcups.so:${PORTSDIR}/print/cups-client CONFIGURE_ARGS+= --enable-cups --enable-iprint .else CONFIGURE_ARGS+= --disable-cups --disable-iprint @@ -364,7 +380,7 @@ PLIST_REINPLACE_${m:U}= s|^@comment ${m} .endfor ############################################################################## .if ! ${PORT_OPTIONS:MMANPAGES} -CONFIGURE_ENV+= XSLTPROC="/usr/bin/true" +CONFIGURE_ENV+= XSLTPROC="true" .else BUILD_DEPENDS+= ${LOCALBASE}/share/xsl/docbook/manpages/docbook.xsl:${PORTSDIR}/textproc/docbook-xsl \ xsltproc:${PORTSDIR}/textproc/libxslt @@ -392,7 +408,7 @@ CONFIGURE_ARGS+= --jobs=${MAKE_JOBS_NUMB _MAKE_JOBS+= --jobs=${MAKE_JOBS_NUMBER} .endif -MAN1+= dbwrap_tool.1 findsmb.1 gentest.1 locktest.1 \ +SAMBA_MAN1+= dbwrap_tool.1 findsmb.1 gentest.1 locktest.1 \ log2pcap.1 masktest.1 ndrdump.1 nmblookup.1 \ nmblookup4.1 ntlm_auth.1 oLschema2ldif.1 \ profiles.1 regdiff.1 regpatch.1 regshell.1 \ @@ -401,12 +417,12 @@ MAN1+= dbwrap_tool.1 findsmb.1 gentest smbstatus.1 smbtar.1 smbtorture.1 smbtree.1 \ testparm.1 vfstest.1 wbinfo.1 -MAN5+= lmhosts.5 smbgetrc.5 smbpasswd.5 pam_winbind.conf.5 \ +SAMBA_MAN5+= lmhosts.5 smbgetrc.5 smbpasswd.5 pam_winbind.conf.5 \ smb.conf.5 -MAN7+= samba.7 winbind_krb5_locator.7 +SAMBA_MAN7+= samba.7 winbind_krb5_locator.7 -MAN8+= eventlogadm.8 idmap_ad.8 idmap_autorid.8 idmap_hash.8 \ +SAMBA_MAN8+= eventlogadm.8 idmap_ad.8 idmap_autorid.8 idmap_hash.8 \ idmap_ldap.8 idmap_nss.8 idmap_rid.8 idmap_tdb.8 \ idmap_tdb2.8 net.8 nmbd.8 pam_winbind.8 pdbedit.8 \ samba-tool.8 samba.8 smbd.8 smbpasswd.8 smbspool.8 \ @@ -423,8 +439,6 @@ MAN8+= eventlogadm.8 idmap_ad.8 idmap_ vfs_streams_depot.8 vfs_streams_xattr.8 vfs_time_audit.8 \ vfs_tsmsm.8 vfs_xattr_tdb.8 winbindd.8 -MLINKS= smb.conf.5 smb4.conf.5 samba.8 samba4.8 - PORTDOCS= README.FreeBSD ALL_TARGET= build @@ -479,7 +493,7 @@ pre-build: @${INSTALL_MAN} ${FILESDIR}/man/`basename ${man}` ${BUILD_WRKSRC}/bin/default/${man} . endfor -@${MKDIR} ${BUILD_WRKSRC}/bin/default/docs-xml/manpages -. for man in ${MAN1} ${MAN5} ${MAN7} ${MAN8} +. for man in ${SAMBA_MAN1} ${SAMBA_MAN5} ${SAMBA_MAN7} ${SAMBA_MAN8} -@${INSTALL_MAN} ${BUILD_WRKSRC}/docs/manpages/${man} ${BUILD_WRKSRC}/bin/default/docs-xml/manpages . endfor .endif @@ -499,13 +513,12 @@ do-install: post-install: .if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} + @${MKDIR} ${STAGEDIR}${DOCSDIR} . for doc in ${PORTDOCS} - @${INSTALL_DATA} ${WRKDIR}/${doc} ${DOCSDIR} + @${INSTALL_DATA} ${WRKDIR}/${doc} ${STAGEDIR}${DOCSDIR} . endfor + @${LN} -sf smb.conf.5.gz ${STAGEDIR}${PREFIX}/man/man5/smb4.conf.5.gz .endif - @${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL - @${CAT} ${PKGMESSAGE} .if ${PORT_OPTIONS:MDEVELOPER} test: build Modified: head/net/samba4/distinfo ============================================================================== --- head/net/samba4/distinfo Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/distinfo Tue Nov 19 21:49:39 2013 (r334354) @@ -1,2 +1,2 @@ -SHA256 (samba-4.0.8.tar.gz) = 5c6d4ff8249ad4377dc2e854de6744ce0058d1ff28ece6008f5152e922993a88 -SIZE (samba-4.0.8.tar.gz) = 22076951 +SHA256 (samba-4.0.12.tar.gz) = 2f4176a35cbf4d76906592e88d31f6c9479c061439f0e7509a5265b779e68822 +SIZE (samba-4.0.12.tar.gz) = 22099958 Modified: head/net/samba4/files/patch-lib__replace__wscript ============================================================================== --- head/net/samba4/files/patch-lib__replace__wscript Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/files/patch-lib__replace__wscript Tue Nov 19 21:49:39 2013 (r334354) @@ -1,10 +1,11 @@ ---- ./lib/replace/wscript.orig 2013-02-05 12:25:25.000000000 +0000 -+++ ./lib/replace/wscript 2013-02-15 06:29:28.649888344 +0000 -@@ -344,7 +344,6 @@ - conf.CHECK_FUNCS_IN('gettext', 'intl', checklibc=True, headers='libintl.h') +--- lib/replace/wscript.orig 2013-09-06 09:39:57.000000000 +0000 ++++ lib/replace/wscript 2013-10-15 15:11:25.307472084 +0000 +@@ -398,8 +398,6 @@ + 'it with --with-gettext=</path/to/gettext> or ' + + '--without-gettext to build without''') - conf.CHECK_FUNCS_IN('dgettext gettext', 'intl', headers='libintl.h') - conf.CHECK_FUNCS_IN('pthread_create', 'pthread', checklibc=True, headers='pthread.h') - +- conf.CHECK_FUNCS_IN('crypt', 'crypt', checklibc=True) + conf.CHECK_VARIABLE('rl_event_hook', define='HAVE_DECL_RL_EVENT_HOOK', always=True, Added: head/net/samba4/files/patch-lib__replace__xattr.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba4/files/patch-lib__replace__xattr.c Tue Nov 19 21:49:39 2013 (r334354) @@ -0,0 +1,10 @@ +--- lib/replace/xattr.c.orig 2013-11-19 12:05:06.297639060 +0000 ++++ lib/replace/xattr.c 2013-11-19 12:05:15.450326063 +0000 +@@ -25,6 +25,7 @@ + License along with this library; if not, see <http://www.gnu.org/licenses/>. + */ + ++#define UID_WRAPPER_NOT_REPLACE + #include "replace.h" + #include "system/filesys.h" + #include "system/dir.h" Added: head/net/samba4/files/patch-source3__client__dnsbrowse.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba4/files/patch-source3__client__dnsbrowse.c Tue Nov 19 21:49:39 2013 (r334354) @@ -0,0 +1,11 @@ +--- source3/client/dnsbrowse.c.orig 2013-11-12 10:20:03.145351798 +0100 ++++ source3/client/dnsbrowse.c 2013-11-12 10:20:11.762761273 +0100 +@@ -91,7 +91,7 @@ + } + } + +- TALLOC_FREE(fdset); ++ TALLOC_FREE(ctx); + DNSServiceRefDeallocate(mdns_conn_sdref); + } + Added: head/net/samba4/files/patch-source3__lib__sysquotas_nfs.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba4/files/patch-source3__lib__sysquotas_nfs.c Tue Nov 19 21:49:39 2013 (r334354) @@ -0,0 +1,11 @@ +--- source3/lib/sysquotas_nfs.c.orig 2013-11-05 12:08:05.568859038 +0000 ++++ source3/lib/sysquotas_nfs.c 2013-11-05 12:08:28.560058330 +0000 +@@ -154,7 +154,7 @@ + gq_args.gqa_uid = id.uid; + + DEBUG(10, ("sys_get_nfs_quotas: Asking for quota of path '%s' on " +- "host '%s', rpcprog '%i', rpcvers '%i', network '%s'\n", ++ "host '%s', rpcprog '%li', rpcvers '%li', network '%s'\n", + host, testpath+1, RQUOTAPROG, RQUOTAVERS, "udp")); + + clnt = clnt_create(host, RQUOTAPROG, RQUOTAVERS, "udp"); Modified: head/net/samba4/files/patch-source3__smbd__quotas.c ============================================================================== --- head/net/samba4/files/patch-source3__smbd__quotas.c Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/files/patch-source3__smbd__quotas.c Tue Nov 19 21:49:39 2013 (r334354) @@ -1,6 +1,6 @@ ---- ./source3/smbd/quotas.c.orig 2010-04-01 15:26:22.000000000 +0200 -+++ ./source3/smbd/quotas.c 2010-04-23 01:08:35.000000000 +0200 -@@ -1235,6 +1235,7 @@ +--- ./source3/smbd/quotas.c.orig 2012-10-02 08:24:45.000000000 +0000 ++++ ./source3/smbd/quotas.c 2013-11-18 22:45:12.800444516 +0000 +@@ -144,6 +144,7 @@ if (!cutstr) return False; @@ -8,7 +8,7 @@ memset(cutstr, '\0', len+1); host = strncat(cutstr,mnttype, sizeof(char) * len ); DEBUG(5,("nfs_quotas: looking for mount on \"%s\"\n", cutstr)); -@@ -1243,7 +1244,7 @@ +@@ -152,7 +153,7 @@ args.gqa_pathp = testpath+1; args.gqa_uid = uid; Added: head/net/samba4/files/patch-source3__utils__net_lookup.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba4/files/patch-source3__utils__net_lookup.c Tue Nov 19 21:49:39 2013 (r334354) @@ -0,0 +1,11 @@ +--- ./source3/utils/net_lookup.c.orig 2013-11-18 23:13:25.859884543 +0000 ++++ ./source3/utils/net_lookup.c 2013-11-18 23:21:48.283312520 +0000 +@@ -321,7 +321,7 @@ + + print_sockaddr(addr, sizeof(addr), &kdcs[i].ss); + +- d_printf("%s:%hd\n", addr, kdcs[i].port); ++ d_printf("%s:%u\n", addr, kdcs[i].port); + } + + return 0; Modified: head/net/samba4/files/patch-source3__wscript ============================================================================== --- head/net/samba4/files/patch-source3__wscript Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/files/patch-source3__wscript Tue Nov 19 21:49:39 2013 (r334354) @@ -1,6 +1,25 @@ ---- ./source3/wscript.orig 2013-02-05 12:25:26.000000000 +0000 -+++ ./source3/wscript 2013-02-15 17:54:40.099886239 +0000 -@@ -475,7 +475,7 @@ +--- ./source3/wscript.orig 2013-10-07 08:49:10.000000000 +0000 ++++ ./source3/wscript 2013-11-18 22:45:12.808702339 +0000 +@@ -35,6 +35,7 @@ + opt.SAMBA3_ADD_OPTION('utmp') + opt.SAMBA3_ADD_OPTION('pthreadpool', with_name="enable", without_name="disable", default=True) + opt.SAMBA3_ADD_OPTION('avahi', with_name="enable", without_name="disable") ++ opt.SAMBA3_ADD_OPTION('dnssd', with_name="enable", without_name="disable") + opt.SAMBA3_ADD_OPTION('iconv') + opt.SAMBA3_ADD_OPTION('acl-support') + opt.SAMBA3_ADD_OPTION('dnsupdate') +@@ -312,7 +312,9 @@ + + # Check if the compiler will optimize out functions + conf.CHECK_CODE(''' +-if (0) { ++char s = "string"; ++int len = 6; ++if (sizeof(s) != len && sizeof(s) != sizeof(char *)) { + this_function_does_not_exist(); + } else { + return 1; +@@ -502,7 +504,7 @@ conf.CHECK_CODE('struct aiocb a; return aio_return(&a);', 'HAVE_AIO_RETURN', msg='Checking for aio_return', headers='aio.h', lib='aio rt') conf.CHECK_CODE('struct aiocb a; return aio_error(&a);', 'HAVE_AIO_ERROR', msg='Checking for aio_error', headers='aio.h', lib='aio rt') conf.CHECK_CODE('struct aiocb a; return aio_cancel(1, &a);', 'HAVE_AIO_CANCEL', msg='Checking for aio_cancel', headers='aio.h', lib='aio rt') @@ -9,7 +28,25 @@ if not conf.CONFIG_SET('HAVE_AIO'): conf.DEFINE('HAVE_NO_AIO', '1') else: -@@ -1644,26 +1644,8 @@ +@@ -812,6 +813,17 @@ + conf.SET_TARGET_TYPE('avahi-common', 'EMPTY') + conf.SET_TARGET_TYPE('avahi-client', 'EMPTY') + ++ if Options.options.with_dnssd: ++ conf.env.with_dnssd = True ++ if not conf.CHECK_HEADERS('dns_sd.h'): ++ conf.env.with_dnssd = False ++ if not conf.CHECK_FUNCS_IN('DNSServiceRegister', 'dns_sd'): ++ conf.env.with_dnssd = False ++ if conf.env.with_dnssd: ++ conf.DEFINE('WITH_DNSSD_SUPPORT', 1) ++ else: ++ conf.SET_TARGET_TYPE('dns_sd', 'EMPTY') ++ + if Options.options.with_iconv: + conf.env.with_iconv = True + if not conf.CHECK_FUNCS_IN('iconv_open', 'iconv', headers='iconv.h'): +@@ -1670,26 +1670,8 @@ if PTHREAD_LDFLAGS == 'error': if conf.CHECK_FUNCS_IN('pthread_attr_init', 'pthread'): @@ -37,7 +74,7 @@ if PTHREAD_CFLAGS != 'error' and PTHREAD_LDFLAGS != 'error': conf.ADD_CFLAGS(PTHREAD_CFLAGS) -@@ -1693,8 +1675,8 @@ +@@ -1719,8 +1701,8 @@ auth_script vfs_readahead vfs_xattr_tdb vfs_posix_eadb vfs_streams_xattr vfs_streams_depot vfs_acl_xattr vfs_acl_tdb vfs_smb_traffic_analyzer vfs_preopen vfs_catia vfs_scannedonly @@ -48,7 +85,7 @@ vfs_crossrename vfs_linux_xfs_sgid vfs_time_audit idmap_autorid idmap_tdb2 idmap_rid idmap_hash''')) -@@ -1707,7 +1689,7 @@ +@@ -1733,7 +1715,7 @@ if Options.options.enable_selftest or Options.options.developer: default_shared_modules.extend(TO_LIST('vfs_fake_acls')) @@ -57,12 +94,12 @@ if conf.CONFIG_SET('AD_DC_BUILD_IS_ENABLED'): default_static_modules.extend(TO_LIST('pdb_samba_dsdb auth_samba4 vfs_dfs_samba4')) -@@ -1740,7 +1722,7 @@ +@@ -1766,7 +1748,7 @@ default_static_modules.extend(TO_LIST('charset_macosxfs')) if conf.CONFIG_SET('HAVE_GPFS'): - default_shared_modules.extend(TO_LIST('vfs_gpfs')) + default_shared_modules.extend(TO_LIST('vfs_gpfs')) - explicit_shared_modules = TO_LIST(Options.options.shared_modules, delimiter=',') - explicit_static_modules = TO_LIST(Options.options.static_modules, delimiter=',') + if conf.CONFIG_SET('SAMBA_FAM_LIBS'): + default_shared_modules.extend(TO_LIST('vfs_notify_fam')) Modified: head/net/samba4/files/patch-source3__wscript_build ============================================================================== --- head/net/samba4/files/patch-source3__wscript_build Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/files/patch-source3__wscript_build Tue Nov 19 21:49:39 2013 (r334354) @@ -1,5 +1,5 @@ ---- ./source3/wscript_build.orig 2012-12-11 17:10:13.000000000 +0000 -+++ ./source3/wscript_build 2013-02-05 04:25:57.199878484 +0000 +--- source3/wscript_build.orig 2013-07-01 09:15:40.000000000 +0200 ++++ source3/wscript_build 2013-11-12 10:13:36.004046408 +0100 @@ -1,7 +1,8 @@ #!/usr/bin/env python @@ -28,7 +28,7 @@ source=WINBIND_WINS_NSS_SRC, deps='''param libsmb LIBTSOCKET''', realname='libnss_wins.so.2', -@@ -972,10 +982,11 @@ +@@ -972,10 +982,12 @@ LIBAFS_SETTOKEN RPC_SERVER NDR_SMBXSRV @@ -38,10 +38,19 @@ NDR_SMB_ACL netapi + inotify ++ dns_sd ''' + bld.env['dmapi_lib'], private_library=True, vars=locals()) -@@ -1629,7 +1640,7 @@ +@@ -1277,6 +1289,7 @@ + libsmb + msrpc3 + RPC_NDR_SRVSVC ++ dns_sd + cli_smb_common''') + + bld.SAMBA3_BINARY('net', +@@ -1629,7 +1642,7 @@ bld.SAMBA3_PYTHON('pylibsmb', source='libsmb/pylibsmb.c', Modified: head/net/samba4/files/patch-source4__dns_server__dns_crypto.c ============================================================================== --- head/net/samba4/files/patch-source4__dns_server__dns_crypto.c Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/files/patch-source4__dns_server__dns_crypto.c Tue Nov 19 21:49:39 2013 (r334354) @@ -12,9 +12,9 @@ Signed-off-by: Guenter Kukkukk <kukks@sa diff --git a/source4/dns_server/dns_crypto.c b/source4/dns_server/dns_crypto.c index 7604a05..71adf68 100644 ---- ./source4/dns_server/dns_crypto.c -+++ ./source4/dns_server/dns_crypto.c -@@ -244,6 +244,8 @@ WERROR dns_sign_tsig(struct dns_server *dns, +--- ./source4/dns_server/dns_crypto.c.orig 2012-10-02 08:24:46.000000000 +0000 ++++ ./source4/dns_server/dns_crypto.c 2013-11-18 22:45:12.818702284 +0000 +@@ -244,6 +244,8 @@ DATA_BLOB packet_blob, tsig_blob, sig; uint8_t *buffer = NULL; size_t buffer_len = 0; @@ -23,7 +23,7 @@ index 7604a05..71adf68 100644 struct dns_server_tkey * tkey = NULL; struct dns_res_rec *tsig = talloc_zero(mem_ctx, struct dns_res_rec); -@@ -298,16 +300,44 @@ WERROR dns_sign_tsig(struct dns_server *dns, +@@ -298,16 +300,44 @@ return DNS_ERR(SERVER_FAILURE); } @@ -40,18 +40,18 @@ index 7604a05..71adf68 100644 + length bytes of the MIC (here 16 + 12 = 28 bytes) */ + miclen_bytes = sizeof(state->tsig->rdata.tsig_record.mac_size); + mic_size = miclen_bytes + state->tsig->rdata.tsig_record.mac_size; -+ + +- memcpy(buffer, packet_blob.data, packet_blob.length); +- memcpy(buffer+packet_blob.length, tsig_blob.data, tsig_blob.length); + buffer_len = mic_size + packet_blob.length + tsig_blob.length; + buffer = talloc_zero_array(mem_ctx, uint8_t, buffer_len); + if (buffer == NULL) { + return WERR_NOMEM; + } -- memcpy(buffer, packet_blob.data, packet_blob.length); -- memcpy(buffer+packet_blob.length, tsig_blob.data, tsig_blob.length); + /* copy the 2 length bytes of request MIC in big-endian order */ + RSSVAL(buffer,0,state->tsig->rdata.tsig_record.mac_size); - ++ + /* copy the request MIC itself */ + memcpy(buffer + miclen_bytes, state->tsig->rdata.tsig_record.mac, + state->tsig->rdata.tsig_record.mac_size); @@ -65,15 +65,13 @@ index 7604a05..71adf68 100644 + if (buffer == NULL) { + return WERR_NOMEM; + } -+ + + memcpy(buffer, packet_blob.data, packet_blob.length); + memcpy(buffer+packet_blob.length, tsig_blob.data, tsig_blob.length); + } - ++ + /* FIXME: as in the verify case, some padding is wrong */ + buffer_len -=2; status = gensec_sign_packet(tkey->gensec, mem_ctx, buffer, buffer_len, buffer, buffer_len, &sig); if (!NT_STATUS_IS_OK(status)) { --- -1.7.3.4 Added: head/net/samba4/files/patch-source4__heimdal__lib__roken__rkpty.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/samba4/files/patch-source4__heimdal__lib__roken__rkpty.c Tue Nov 19 21:49:39 2013 (r334354) @@ -0,0 +1,11 @@ +--- source4/heimdal/lib/roken/rkpty.c.orig 2013-11-05 12:05:01.120532069 +0000 ++++ source4/heimdal/lib/roken/rkpty.c 2013-11-05 12:05:17.764730404 +0000 +@@ -232,7 +232,7 @@ + errx(1, "timeout waiting for %s (line %u)", + c->str, c->lineno); + else if (alarmset) +- errx(1, "got a signal %d waiting for %s (line %u)", ++ errx(1, "got a signal %ld waiting for %s (line %u)", + alarmset, c->str, c->lineno); + if (sret <= 0) + errx(1, "end command while waiting for %s (line %u)", Modified: head/net/samba4/pkg-plist ============================================================================== --- head/net/samba4/pkg-plist Tue Nov 19 21:44:17 2013 (r334353) +++ head/net/samba4/pkg-plist Tue Nov 19 21:49:39 2013 (r334354) @@ -800,6 +800,7 @@ libdata/pkgconfig/wbclient.pc @dirrm %%PYTHON_SITELIBDIR%%/samba/dcerpc @dirrm %%PYTHON_SITELIBDIR%%/samba @dirrmtry %%PYTHON_SITELIBDIR%% +@dirrmtry %%PYTHON_LIBDIR%% %%DATADIR%%/codepages/de.msg %%DATADIR%%/codepages/en.msg %%DATADIR%%/codepages/fi.msg @@ -956,3 +957,101 @@ libdata/pkgconfig/wbclient.pc @dirrm %%DATADIR%%/setup @dirrm %%DATADIR%%/codepages @dirrm %%DATADIR%% +man/man1/dbwrap_tool.1.gz +man/man1/findsmb.1.gz +man/man1/gentest.1.gz +man/man1/locktest.1.gz +man/man1/log2pcap.1.gz +man/man1/masktest.1.gz +man/man1/ndrdump.1.gz +man/man1/nmblookup.1.gz +man/man1/nmblookup4.1.gz +man/man1/ntlm_auth.1.gz +man/man1/oLschema2ldif.1.gz +man/man1/profiles.1.gz +man/man1/regdiff.1.gz +man/man1/regpatch.1.gz +man/man1/regshell.1.gz +man/man1/regtree.1.gz +man/man1/rpcclient.1.gz +man/man1/sharesec.1.gz +man/man1/smbcacls.1.gz +man/man1/smbclient.1.gz +man/man1/smbcontrol.1.gz +man/man1/smbcquotas.1.gz +man/man1/smbget.1.gz +man/man1/smbstatus.1.gz +man/man1/smbtar.1.gz +man/man1/smbtorture.1.gz +man/man1/smbtree.1.gz +man/man1/testparm.1.gz +man/man1/vfstest.1.gz +man/man1/wbinfo.1.gz +man/man5/lmhosts.5.gz +man/man5/pam_winbind.conf.5.gz +man/man5/smb.conf.5.gz +man/man5/smb4.conf.5.gz +man/man5/smbgetrc.5.gz +man/man5/smbpasswd.5.gz +man/man7/samba.7.gz +man/man7/winbind_krb5_locator.7.gz +man/man8/eventlogadm.8.gz +man/man8/idmap_ad.8.gz +man/man8/idmap_autorid.8.gz +man/man8/idmap_hash.8.gz +man/man8/idmap_ldap.8.gz +man/man8/idmap_nss.8.gz +man/man8/idmap_rid.8.gz +man/man8/idmap_tdb.8.gz +man/man8/idmap_tdb2.8.gz +man/man8/net.8.gz +man/man8/nmbd.8.gz +man/man8/pam_winbind.8.gz +man/man8/pdbedit.8.gz +man/man8/samba-tool.8.gz +man/man8/samba.8.gz +man/man8/smbd.8.gz +man/man8/smbpasswd.8.gz +man/man8/smbspool.8.gz +man/man8/smbta-util.8.gz +man/man8/swat.8.gz +man/man8/vfs_acl_tdb.8.gz +man/man8/vfs_acl_xattr.8.gz +man/man8/vfs_aio_fork.8.gz +man/man8/vfs_aio_linux.8.gz +man/man8/vfs_aio_pthread.8.gz +man/man8/vfs_audit.8.gz +man/man8/vfs_cacheprime.8.gz +man/man8/vfs_cap.8.gz +man/man8/vfs_catia.8.gz +man/man8/vfs_commit.8.gz +man/man8/vfs_crossrename.8.gz +man/man8/vfs_default_quota.8.gz +man/man8/vfs_dirsort.8.gz +man/man8/vfs_extd_audit.8.gz +man/man8/vfs_fake_perms.8.gz +man/man8/vfs_fileid.8.gz +man/man8/vfs_full_audit.8.gz +man/man8/vfs_gpfs.8.gz +man/man8/vfs_media_harmony.8.gz +man/man8/vfs_netatalk.8.gz +man/man8/vfs_notify_fam.8.gz +man/man8/vfs_prealloc.8.gz +man/man8/vfs_preopen.8.gz +man/man8/vfs_readahead.8.gz +man/man8/vfs_readonly.8.gz +man/man8/vfs_recycle.8.gz +man/man8/vfs_scannedonly.8.gz +man/man8/vfs_shadow_copy.8.gz +man/man8/vfs_shadow_copy2.8.gz +man/man8/vfs_smb_traffic_analyzer.8.gz +man/man8/vfs_streams_depot.8.gz +man/man8/vfs_streams_xattr.8.gz +man/man8/vfs_time_audit.8.gz +man/man8/vfs_tsmsm.8.gz +man/man8/vfs_xattr_tdb.8.gz +man/man8/winbindd.8.gz +@dirrmtry /var/run/samba4 +@dirrmtry /var/log/samba4 +@dirrmtry /var/db/samba4/private +@dirrmtry /var/db/samba4 _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
This is fixed in the ports, but I want upstream to accept the patch also.
Given the fix to the issue is already committed and the upstream acceptance of the fixes we have in ports is not a subject of our PR's (unless they're accepted and our fixes can be safely removed) I am closing this PR.