diff options
| author |   Donny Davies <woodchip@gentoo.org> | 2002-11-20 17:16:34 +0000 |
|---|---|---|
| committer | Donny Davies <woodchip@gentoo.org> | 2002-11-20 17:16:34 +0000 |
| commit | 6faaf546c2dd1c2e3368ded692c68897a422991f (patch) | |
| tree | 41f37bbf1b0ceb7f69d577bbf6bd1dcbc1ee6d4d /net-fs | |
| parent | fixed typo (diff) | |
| download | historical-6faaf546c2dd1c2e3368ded692c68897a422991f.tar.gz historical-6faaf546c2dd1c2e3368ded692c68897a422991f.tar.bz2 historical-6faaf546c2dd1c2e3368ded692c68897a422991f.zip | |
chase latest and #10819
Diffstat (limited to 'net-fs')
| -rw-r--r-- | net-fs/samba/ChangeLog | 8 | ||||
| -rw-r--r-- | net-fs/samba/files/digest-samba-2.2.5 | 1 | ||||
| -rw-r--r-- | net-fs/samba/files/digest-samba-2.2.7 | 2 | ||||
| -rw-r--r-- | net-fs/samba/files/samba-2.2.1a-afs.diff | 945 | ||||
| -rw-r--r-- | net-fs/samba/samba-2.2.7.ebuild (renamed from net-fs/samba/samba-2.2.5.ebuild) | 199 |
5 files changed, 149 insertions, 1006 deletions
diff --git a/net-fs/samba/ChangeLog b/net-fs/samba/ChangeLog index 86037307628e..72b462e2fd92 100644 --- a/net-fs/samba/ChangeLog +++ b/net-fs/samba/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-fs/samba # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.20 2002/11/07 06:32:42 woodchip Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.21 2002/11/20 17:16:33 woodchip Exp $ + +*samba-2.2.7 (Nov 20 2002) + + 20 Nov 2002; Donny Davies <woodchip@gentoo.org> : Chase latest. This release + fixes a security problem. --with-lockdir is changed to /var/cache/samba; + thanks Achim for #10819. *samba-2.2.6-r2 (Nov 07 2002) diff --git a/net-fs/samba/files/digest-samba-2.2.5 b/net-fs/samba/files/digest-samba-2.2.5 deleted file mode 100644 index 8e17a3d11b74..000000000000 --- a/net-fs/samba/files/digest-samba-2.2.5 +++ /dev/null @@ -1 +0,0 @@ -MD5 4899dfdca88d86e7809c16f23c24eecc samba-2.2.5.tar.gz 5293193 diff --git a/net-fs/samba/files/digest-samba-2.2.7 b/net-fs/samba/files/digest-samba-2.2.7 new file mode 100644 index 000000000000..abb09e57a39b --- /dev/null +++ b/net-fs/samba/files/digest-samba-2.2.7 @@ -0,0 +1,2 @@ +MD5 66c83e899d3be1bdc80b8ae2a1d20957 samba-vscan-0.2.5e.tar.gz 100072 +MD5 9844529c047cd454fad25a0053994355 samba-2.2.7.tar.bz2 4336955 diff --git a/net-fs/samba/files/samba-2.2.1a-afs.diff b/net-fs/samba/files/samba-2.2.1a-afs.diff deleted file mode 100644 index ef1f1b45904b..000000000000 --- a/net-fs/samba/files/samba-2.2.1a-afs.diff +++ /dev/null @@ -1,945 +0,0 @@ -diff -u -r -N source/Makefile.in source.patched/Makefile.in ---- source/Makefile.in Sun Jul 8 13:29:34 2001 -+++ source.patched/Makefile.in Thu Aug 16 11:59:36 2001 -@@ -8,7 +8,8 @@ - mandir=@mandir@ - sysconfdir=@sysconfdir@ - --LIBS=@LIBS@ -+OPENSSL_DIR=/oper/oper4/jvrobert/scratch/enc/openssl-0.9.6 -+LIBS=-L/usr/afsws/lib -L/usr/afsws/lib/afs @LIBS@ -lkauth -lprot -lubik -lauth -lrxkad -lvolser -lvldb -lcmd -lsys -ldes -lrx -llwp -lcom_err -laudit /usr/afsws/lib/afs/util.a -L$(OPENSSL_DIR) -lcrypto -lresolv - CC=@CC@ - CFLAGS=@CFLAGS@ - CPPFLAGS=@CPPFLAGS@ -@@ -70,7 +71,7 @@ - ISO8859-13 ISO8859-15 - - PASSWD_FLAGS = -DPASSWD_PROGRAM=\"$(PASSWD_PROGRAM)\" -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" -DTDB_PASSWD_FILE=\"$(TDB_PASSWD_FILE)\" --FLAGS1 = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper $(CPPFLAGS) -DLOGFILEBASE=\"$(LOGFILEBASE)\" -+FLAGS1 = $(CFLAGS) -I$(OPENSSL_DIR)/include -I/usr/afsws/include -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper $(CPPFLAGS) -DLOGFILEBASE=\"$(LOGFILEBASE)\" - FLAGS2 = -DCONFIGFILE=\"$(CONFIGFILE)\" -DLMHOSTSFILE=\"$(LMHOSTSFILE)\" - FLAGS3 = -DSWATDIR=\"$(SWATDIR)\" -DSBINDIR=\"$(SBINDIR)\" -DLOCKDIR=\"$(LOCKDIR)\" -DCODEPAGEDIR=\"$(CODEPAGEDIR)\" - FLAGS4 = -DDRIVERFILE=\"$(DRIVERFILE)\" -DBINDIR=\"$(BINDIR)\" -@@ -130,6 +131,7 @@ - RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \ - rpc_server/srv_lsa_hnd.o rpc_server/srv_netlog.o rpc_server/srv_netlog_nt.o \ - rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o rpc_server/srv_reg_nt.o \ -+ rpc_server/srv_afstoken.o \ - rpc_server/srv_samr.o rpc_server/srv_samr_nt.o rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \ - rpc_server/srv_util.o rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o \ - rpc_server/srv_pipe.o rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o \ -diff -u -r -N source/include/ntdomain.h source.patched/include/ntdomain.h ---- source/include/ntdomain.h Thu Jul 5 19:01:26 2001 -+++ source.patched/include/ntdomain.h Thu Aug 16 11:59:36 2001 -@@ -295,6 +295,9 @@ - #include "rpc_wkssvc.h" - #include "rpc_spoolss.h" - #include "rpc_dfs.h" -+#ifdef WITH_AFS -+#include "rpc_afstoken.h" -+#endif - #include "sids.h" - - #endif /* _NT_DOMAIN_H */ -diff -u -r -N source/include/proto.h source.patched/include/proto.h ---- source/include/proto.h Sun Jul 8 13:29:43 2001 -+++ source.patched/include/proto.h Thu Aug 16 11:59:37 2001 -@@ -3611,6 +3611,12 @@ - uint32 _dfs_enum(pipes_struct *p, DFS_Q_DFS_ENUM *q_u, DFS_R_DFS_ENUM *r_u); - uint32 _dfs_get_info(pipes_struct *p, DFS_Q_DFS_GET_INFO *q_u, DFS_R_DFS_GET_INFO *r_u); - -+#ifdef WITH_AFS -+/* The following definitions come from rpc_server/srv_afstoken.c */ -+BOOL api_afstoken_rpc(pipes_struct *p); -+BOOL afstoken_init(); -+#endif /* WITH_AFS */ -+ - /*The following definitions come from rpc_server/srv_lsa.c */ - - BOOL api_ntlsa_rpc(pipes_struct *p); -diff -u -r -N source/include/rpc_afstoken.h source.patched/include/rpc_afstoken.h ---- source/include/rpc_afstoken.h Wed Dec 31 17:00:00 1969 -+++ source.patched/include/rpc_afstoken.h Thu Aug 16 11:59:37 2001 -@@ -0,0 +1,37 @@ -+/* -+ Unix SMB/Netbios implementation. -+ Version 1.9. -+ SMB parameters and setup -+ Copyright (C) Andrew Tridgell 1992-1997 -+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997 -+ Copyright (C) Paul Ashton 1997 -+ -+ This program is free software; you can redistribute it and/or modify -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation; either version 2 of the License, or -+ (at your option) any later version. -+ -+ This program is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ GNU General Public License for more details. -+ -+ You should have received a copy of the GNU General Public License -+ along with this program; if not, write to the Free Software -+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+*/ -+ -+#ifndef _RPC_AFSTOKEN_H /* _RPC_AFSTOKEN_H */ -+#define _RPC_AFSTOKEN_H -+ -+/* afstoken pipe */ -+/* Note: these are definied by the order in the dispatch table -+ Note: in the files generated by the IDL (afstoken_s.c file, afstoken_table) -+*/ -+#define AFSTOKEN_GETPUBLICKEY 0x00 -+#define AFSTOKEN_GETAFSTOKEN 0x01 -+#define AFSTOKEN_LISTAFSTOKENS 0x02 -+#define AFSTOKEN_GETSERVICEVERSION 0x03 -+#define AFSTOKEN_FORGETTOKEN 0x04 -+ -+#endif /* _RPC_AFSTOKEN_H */ -diff -u -r -N source/include/smb.h source.patched/include/smb.h ---- source/include/smb.h Thu Jul 5 19:01:30 2001 -+++ source.patched/include/smb.h Thu Aug 16 11:59:37 2001 -@@ -302,6 +302,9 @@ - #define PIPE_LSARPC "\\PIPE\\lsarpc" - #define PIPE_SPOOLSS "\\PIPE\\spoolss" - #define PIPE_NETDFS "\\PIPE\\netdfs" -+#ifdef WITH_AFS -+#define PIPE_AFSTOKEN "\\PIPE\\afstoken" -+#endif /* WITH_AFS */ - - /* 64 bit time (100usec) since ????? - cifs6.txt, section 3.5, page 30 */ - typedef struct nttime_info -diff -u -r -N source/param/loadparm.c source.patched/param/loadparm.c ---- source/param/loadparm.c Thu Jul 5 19:01:44 2001 -+++ source.patched/param/loadparm.c Thu Aug 16 11:59:38 2001 -@@ -228,6 +228,9 @@ - BOOL sslReqServerCert; - BOOL sslCompatibility; - #endif /* WITH_SSL */ -+#ifdef WITH_AFS -+ int afstokenKeyBits; -+#endif /* WITH_AFS */ - BOOL bMsAddPrinterWizard; - BOOL bDNSproxy; - BOOL bWINSsupport; -@@ -755,6 +758,10 @@ - {"ssl version", P_ENUM, P_GLOBAL, &Globals.sslVersion, NULL, enum_ssl_version, 0}, - {"ssl compatibility", P_BOOL, P_GLOBAL, &Globals.sslCompatibility, NULL, NULL, 0}, - #endif /* WITH_SSL */ -+#ifdef WITH_AFS -+ {"AFS Token Service Options", P_SEP, P_SEPARATOR}, -+ {"afstoken service keybits", P_INTEGER, P_GLOBAL, &Globals.afstokenKeyBits, NULL, NULL, 0}, -+#endif /* WITH_AFS */ - - {"Logging Options", P_SEP, P_SEPARATOR}, - {"log level", P_INTEGER, P_GLOBAL, &DEBUGLEVEL_CLASS[DBGC_ALL], handle_debug_list, NULL, 0}, -@@ -1303,6 +1310,10 @@ - Globals.sslCompatibility = False; - #endif /* WITH_SSL */ - -+#ifdef WITH_AFS -+ Globals.afstokenKeyBits = 768; -+#endif /* WITH_AFS */ -+ - /* these parameters are set to defaults that are more appropriate - for the increasing samba install base: - -@@ -1497,6 +1508,10 @@ - FN_GLOBAL_BOOL(lp_ssl_reqServerCert, &Globals.sslReqServerCert) - FN_GLOBAL_BOOL(lp_ssl_compatibility, &Globals.sslCompatibility) - #endif /* WITH_SSL */ -+ -+#ifdef WITH_AFS -+FN_GLOBAL_INTEGER(lp_afstoken_keybits, &Globals.afstokenKeyBits) -+#endif /* WITH_AFS */ - - FN_GLOBAL_BOOL(lp_ms_add_printer_wizard, &Globals.bMsAddPrinterWizard) - FN_GLOBAL_BOOL(lp_dns_proxy, &Globals.bDNSproxy) -diff -u -r -N source/passdb/pass_check.c source.patched/passdb/pass_check.c ---- source/passdb/pass_check.c Thu Jul 5 19:01:46 2001 -+++ source.patched/passdb/pass_check.c Thu Aug 16 11:59:38 2001 -@@ -33,8 +33,31 @@ - - #ifdef WITH_AFS - -+#define xdr_op BROKEN_AFS5 -+#define xdrproc_t BROKEN_AFS6 -+#define xdr_ops BROKEN_AFS7 -+#define xdr_discrim BROKEN_AFS8 -+#define XDR_ENCODE BROKEN_AFS9 -+#define XDR_DECODE BROKEN_AFS10 -+#define XDR_FREE BROKEN_AFS11 -+#define XDR BROKEN_AFS12 -+#define des_ks_struct BROKEN_AFS13 -+#define des_key_schedule BROKEN_AFS14 -+#define bit_64 BROKEN_AFS15 - #include <afs/stds.h> - #include <afs/kautils.h> -+#undef xdr_op -+#undef xdrproc_t -+#undef xdr_ops -+#undef xdr_discrim -+#undef XDR_ENCODE -+#undef XDR_DECODE -+#undef XDR_FREE -+#undef XDR -+#undef des_ks_struct -+#undef des_key_schedule -+#undef bit_64 -+ - - /******************************************************************* - check on AFS authentication -diff -u -r -N source/rpc_parse/parse_rpc.c source.patched/rpc_parse/parse_rpc.c ---- source/rpc_parse/parse_rpc.c Mon Mar 12 14:09:53 2001 -+++ source.patched/rpc_parse/parse_rpc.c Thu Aug 16 11:59:38 2001 -@@ -132,6 +132,18 @@ - }, 0x03 \ - } - -+#ifdef WITH_AFS -+/* This is from the IDL file, and is in the output .c files as the GUID */ -+#define SYNT_AFSTOKEN_V1 \ -+{ \ -+ { \ -+ 0x328f6b2e, 0x3777, 0x4287, \ -+ { 0xb9, 0x31, 0x9c, 0xdc, \ -+ 0xc5, 0x2c, 0x84, 0x0a } \ -+ }, 0x01 \ -+} -+#endif /* WITH_AFS */ -+ - struct pipe_id_info pipe_names [] = - { - /* client pipe , abstract syntax , server pipe , transfer syntax */ -@@ -143,6 +155,9 @@ - { PIPE_WINREG , SYNT_WINREG_V1 , PIPE_WINREG , TRANS_SYNT_V2 }, - { PIPE_SPOOLSS , SYNT_SPOOLSS_V1 , PIPE_SPOOLSS , TRANS_SYNT_V2 }, - { PIPE_NETDFS , SYNT_NETDFS_V3 , PIPE_NETDFS , TRANS_SYNT_V2 }, -+#ifdef WITH_AFS -+ { PIPE_AFSTOKEN, SYNT_AFSTOKEN_V1, PIPE_AFSTOKEN , TRANS_SYNT_V2 }, -+#endif /* WITH_AFS */ - { NULL , SYNT_NONE_V0 , NULL , SYNT_NONE_V0 } - }; - -diff -u -r -N source/rpc_server/srv_afstoken.c source.patched/rpc_server/srv_afstoken.c ---- source/rpc_server/srv_afstoken.c Wed Dec 31 17:00:00 1969 -+++ source.patched/rpc_server/srv_afstoken.c Thu Aug 16 11:59:38 2001 -@@ -0,0 +1,649 @@ -+#define OLD_NTDOMAIN 1 -+/* -+ Copyright 2001 Intel Corporation -+ -+ Portions Copyright 2000, International Business Machines Corporation and -+ others. All Rights Reserved. From OpenAFS 1.1.1, released under the -+ IBM Public License. For details see: -+ http://www.openafs.org/dl/license10.html -+ -+ This program is free software; you can redistribute it and/or modify -+ it under the terms of the GNU General Public License as published by -+ the Free Software Foundation; either version 2 of the License, or -+ (at your option) any later version. -+ -+ This program is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ GNU General Public License for more details. -+ -+ You should have received a copy of the GNU General Public License -+ along with this program; if not, write to the Free Software -+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -+*/ -+ -+ -+#include <openssl/rsa.h> -+#include <openssl/evp.h> -+#include <openssl/bio.h> -+#include "includes.h" -+/* There's a conflict between AFS includes and OpenSSL includes some des structs */ -+/* These effectively rename the AFS definitions */ -+/* Another conflict with stupid AFS and rpc xdr headers */ -+#define des_cblock BROKEN_AFS1 -+#define des_ks_struct BROKEN_AFS2 -+#define des_key_schedule BROKEN_AFS3 -+#define bit_64 BROKEN_AFS4 -+#define xdr_op BROKEN_AFS5 -+#define xdrproc_t BROKEN_AFS6 -+#define xdr_ops BROKEN_AFS7 -+#define xdr_discrim BROKEN_AFS8 -+#define XDR_ENCODE BROKEN_AFS9 -+#define XDR_DECODE BROKEN_AFS10 -+#define XDR_FREE BROKEN_AFS11 -+#define XDR BROKEN_AFS12 -+#include <afs/stds.h> -+#include <afs/ptint.h> -+#include <afs/ptserver.h> -+#include <afs/kautils.h> -+extern int UV_SetSecurity(); -+#undef des_cblock -+#undef des_ks_struct -+#undef des_key_schedule -+#undef bit_64 -+#undef xdr_op -+#undef xdrproc_t -+#undef xdr_ops -+#undef xdr_discrim -+#undef XDR_ENCODE -+#undef XDR_DECODE -+#undef XDR_FREE -+#undef XDR -+ -+#ifdef SUNOS5 -+#define SAVEME _FILE_OFFSET_BITS -+#undef _FILE_OFFSET_BITS -+#define prheader PROLDHEADER -+#include <procfs.h> -+#undef prheader -+#define _FILE_OFFSET_BITS SAVEME -+#undef SAVEME -+#endif -+ -+#define AFS_CONF_DIR "/usr/vice/etc" -+ -+#define AFSTOKEN_VERSION 2 -+ -+ -+/* AFS functions (from openafs, mostly) */ -+struct tokenInfo { -+ struct ktc_token token; -+ struct ktc_principal service; -+ struct ktc_principal client; -+ int deleted; -+}; -+ -+int id2name(afs_int32 id, char *name, char *cell) { -+ struct idlist tIds; -+ struct namelist tNames; -+ afs_int32 errCode; -+ -+ /* We have to initialize ubik client to work with UBIK */ -+ errCode = pr_Initialize(UV_SetSecurity, AFS_CONF_DIR, cell); -+ if(errCode) { -+ DEBUG(3, ("id2name(): pr_Initialize() failed\n")); -+ return -1; -+ } -+ -+ /* we have to translate name to ID */ -+ tIds.idlist_len = 1; -+ tIds.idlist_val = (afs_int32 *)malloc(sizeof(afs_int32)); -+ tIds.idlist_val[0] = id; -+ tNames.namelist_len = 0; -+ tNames.namelist_val = 0; -+ errCode = pr_IdToName(&tIds, &tNames); -+ pr_End(); -+ strncpy(name,tNames.namelist_val[0],PR_MAXNAMELEN); -+ -+ if(tNames.namelist_val) free(tNames.namelist_val); -+ if(tIds.idlist_val) free(tIds.idlist_val); -+ -+ if(errCode || (id == ANONYMOUSID) ) { -+ DEBUG(3, ("id2name(): can't translate %d to name (error %u)\n", id, errCode)); -+ return -1; -+ } -+ return 0; -+} -+ -+/* From OpenAFS 1.1.1 - Copyright IBM. Released under IBM Public License */ -+/* Modified by Jason Robertson, Intel Corp. */ -+BOOL unlog_NormalizeCellNames(char **list, int size) { -+ char *newCellName, *lcstring(); -+ unsigned index; -+ struct afsconf_dir *conf; -+ int code; -+ struct afsconf_cell cellinfo; -+ -+ if(!(conf = afsconf_Open (AFSDIR_CLIENT_ETC_DIRPATH))) { -+ DEBUG(0, ("unlog_NormalizeCellNameS(): Cannot get cell configuration info!\n")); -+ return False; -+ } -+ -+ for(index = 0; index < size; index++, list++) { -+ newCellName = malloc(MAXKTCREALMLEN); -+ if(!newCellName) { -+ DEBUG(0, ("unlog_NormalizeCellNameS(): malloc failed")); -+ afsconf_Close (conf); -+ return False; -+ } -+ -+ lcstring(newCellName,*list, MAXKTCREALMLEN); -+ code = afsconf_GetCellInfo(conf, newCellName, 0, &cellinfo); -+ if (code) { -+ if(code == AFSCONF_NOTFOUND) { -+ DEBUG(0, ("unlog_NormalizeCellNameS() Unrecognized cell name %s\n", newCellName)); -+ } else { -+ DEBUG(0, ("unlog_NormalizeCellNameS() conf failed code %d\n", code)); -+ } -+ afsconf_Close (conf); -+ return False; -+ } -+ -+ strncpy(newCellName, cellinfo.name, MAXKTCREALMLEN); -+ -+ free(*list); -+ *list = newCellName; -+ } -+ afsconf_Close (conf); -+ return True; -+} -+ -+ -+/* From OpenAFS 1.1.1 - Copyright IBM. Released under IBM Public License */ -+/* Modified by Jason Robertson, Intel Corp. */ -+unlog_ForgetCertainTokens(char **list, int listSize) { -+ unsigned count, index, index2, number; -+ afs_int32 code; -+ struct ktc_principal serviceName; -+ struct tokenInfo *tokenInfoP; -+ -+ if ( ! unlog_NormalizeCellNames(list, listSize)) { -+ DEBUG(0, ("unlog_ForgetCertainTokens: normalize failed")); -+ } -+ /* figure out how many tokens exist */ -+ count = 0; -+ number = 0; -+ do { -+ code = ktc_ListTokens(count, &count, &serviceName); -+ if (! strcmp(serviceName.name, "afs")) { -+ number++; -+ } -+ } while(!code); -+ -+ tokenInfoP = (struct tokenInfo *)malloc((sizeof(struct tokenInfo) * -+ number)); -+ if(!tokenInfoP) { -+ DEBUG(0, ("unlog_ForgetCertainTokens(): Malloc failed")); -+ return 0; -+ } -+ -+ for(code = index = index2 = 0; (!code) && (index2 < count); index++) { -+ code = ktc_ListTokens(index2, &index2, &(tokenInfoP+index)->service); -+ if (strcmp((tokenInfoP+index)->service.name, "afs")) { -+ index--; /* Probably never happen, but... */ -+ continue; -+ } -+ -+ if(!code) { -+ code = ktc_GetToken(&(tokenInfoP+index)->service, -+ &(tokenInfoP+index)->token, -+ sizeof(struct ktc_token), -+ &(tokenInfoP+index)->client); -+ -+ if(!code) { -+ (tokenInfoP+index)->deleted = -+ unlog_CheckUnlogList(list, listSize , -+ &(tokenInfoP+index)->client); -+ } -+ -+ } -+ } -+ -+ unlog_VerifyUnlog(list, listSize, tokenInfoP, number); -+ DEBUG(3, ("unlog: unlogging all tokens")); -+ code = ktc_ForgetAllTokens(); -+ -+ if (code) { -+ DEBUG(0, ("unlog_ForgetCertainTokens(): ktc_ForgetAllTokens() failed: %d", code)); -+ return 0; -+ } -+ -+ for(code = index = 0; index < number ; index++) { -+ if(!((tokenInfoP+index)->deleted)) { -+ code = ktc_SetToken(&(tokenInfoP+index)->service, -+ &(tokenInfoP+index)->token, -+ &(tokenInfoP+index)->client, 0); -+ if(code) { -+ DEBUG(0, ("unlog_ForgetCertainTokens(): Couldn't re-register token, code = %d\n", code)); -+ return 0; -+ } -+ } -+ } -+ -+ free(tokenInfoP); -+ return 1; -+} -+ -+/* From OpenAFS 1.1.1 - Copyright IBM. Released under IBM Public License */ -+/* Modified by Jason Robertson, Intel Corp. */ -+unlog_CheckUnlogList(char **list, int count, struct ktc_principal *principal) { -+ do { -+ if(strcmp(*list, principal->cell) == 0) -+ return 1; -+ list++; -+ --count; -+ } while(count); -+ -+ return 0; -+} -+ -+/* From OpenAFS 1.1.1 - Copyright IBM. Released under IBM Public License */ -+/* Modified by Jason Robertson, Intel Corp. */ -+unlog_VerifyUnlog(char **cellList, int cellListSize, struct tokenInfo *tokenList, int tokenListSize) { -+ int index; -+ -+ for(index = 0; index < cellListSize; index++) { -+ int index2; -+ int found; -+ -+ for(found = index2 = 0; !found && index2 < tokenListSize; index2++) -+ found = -+ strcmp(cellList[index], (tokenList+index2)->client.cell)==0; -+ -+ if(!found) -+ DEBUG(0, ("unlog: Warning - no tokens held for cell %s\n", -+ cellList[index])); -+ } -+} -+ -+ -+/* END AFS Functions */ -+ -+extern int DEBUGLEVEL; -+extern pstring global_myname; -+ -+RSA *rsaKey = NULL; -+EVP_CIPHER *cipher = NULL; -+EVP_PKEY *evp_key = NULL; -+ -+#define NUMCELLS 30 -+ -+/* Decrypt data in *data of length len, and return it in **out -+ **out should be free()'d when finished -+*/ -+int decrypt_data(RSA *key, unsigned char *data, int len, unsigned char *ek, int ekl, unsigned char *iv, unsigned char **out) { -+ EVP_CIPHER_CTX ctx; -+ int outl; -+ int ret = 0; -+ -+ *out = malloc(len + 2 * EVP_CIPHER_block_size(cipher)); -+ -+ if (EVP_OpenInit(&ctx, cipher, ek, ekl, iv, evp_key)) { -+ if (EVP_OpenUpdate(&ctx, *out, &outl, data, len)) { -+ if (EVP_OpenFinal(&ctx, (*out) + outl, &outl)) { -+ ret = 1; -+ } -+ } -+ } -+ -+ return ret; -+} -+ -+/* base64 encode data - you should free the return pointer */ -+char *base64encode(unsigned char *data, int length) { -+ BIO *bio, *b1, *b2; -+ char *p, *ret; -+ long size; -+ -+ b1 = BIO_new(BIO_f_base64()); -+ bio = BIO_push(BIO_new(BIO_f_base64()), BIO_new(BIO_s_mem())); -+ BIO_write(bio, data, length); -+ BIO_flush(bio); -+ size = BIO_get_mem_data(bio, &p); -+ -+ ret = malloc(size + 1); -+ ret[size] = '\0'; -+ memcpy(ret, p, size); -+ BIO_free_all(bio); -+ -+ return ret; -+} -+ -+/* Initialize */ -+BOOL afstoken_init() { -+#ifdef SUNOS5 -+ char seed_file_name[1024]; -+ int seed_fd; -+ struct pstatus seed; -+#endif -+ int bits = lp_afstoken_keybits(); -+ DEBUG(1, ("afstoken_init: Initializing...\n")); -+ ERR_load_crypto_strings(); -+ if (bits != 256 && bits != 512 && bits != 768 && bits != 1024 && bits != 2048) { -+ DEBUG(0, ("afstoken_init: %d is not a supported bitsize - try 256,512,768,1024, or 2048. Defaulting to 768 bits.\n", bits)); -+ bits = 768; -+ } -+ DEBUG(3, ("afstoken_init: Generating RSA key of %d bits...\n", bits)); -+#ifdef SUNOS5 -+#undef sprintf -+ sprintf(seed_file_name, "/proc/%d/status", getpid()); -+ seed_fd = open(seed_file_name, O_RDONLY); -+ if (seed_fd == -1) { -+ DEBUG(0, ("afstoken_init: Error getting random data from %s.")); -+ } -+ else { -+ if (read(seed_fd, &seed, sizeof(seed)) > 0) { -+ DEBUG(3, ("afstoken_init: Random number generator seeded.")); -+ } -+ close(seed_fd); -+ } -+ RAND_seed(&seed, sizeof(seed)); -+#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__; -+#endif -+ rsaKey = RSA_generate_key(bits, RSA_F4, NULL, NULL); -+ if (rsaKey == NULL) { -+ DEBUG(0, ("afstoken_init: Error generating RSA key.\n")); -+ return False; -+ } -+ DEBUG(3, ("afstoken_init: Done generating key.\n")); -+ -+ /* Initialize crypto stuff */ -+ cipher = EVP_bf_cbc(); -+ evp_key = EVP_PKEY_new(); -+ EVP_PKEY_assign_RSA(evp_key, rsaKey); -+ return True; -+} -+ -+BOOL enum_tokens(char *buf, int size, pipes_struct *p) { -+ int cellNum = 0; -+ struct ktc_principal service, client; -+ struct ktc_token tok; -+ int i; -+ int offset = 0; -+ char name[PR_MAXNAMELEN + 64]; -+ -+ buf[0] = '\0'; -+ -+ for (i = 0; i < NUMCELLS && !ktc_ListTokens(cellNum, &cellNum, &service); i++) { -+ if (!ktc_GetToken(&service, &tok, sizeof(tok), &client)) { -+ DEBUG(3, ("enum_tokens: %d cell: %s name: %s instance: %s\n", i, client.cell, client.name, client.instance)); -+ DEBUG(3, ("enum_tokens: SERVICE cell: %s name: %s instance: %s\n", service.cell, service.name, service.instance)); -+ DEBUG(3, ("enum_tokens: start %d end %d\n", tok.startTime, tok.endTime)); -+#undef sprintf -+ if ( ! strcmp(service.name, "afs") ) { -+ afs_int32 id = 0; -+ strncpy(name, client.name, sizeof(name)); -+ DEBUG(3, ("enum_tokens: name pre-scan %s\n", name)); -+ if (sscanf(name, "AFS ID %d", &id) != 0 && id) { -+ DEBUG(3, ("enum_tokens: AFS ID %d\n", id)); -+ id2name(id, name, client.cell); /* we don't care much if it fails */ -+ DEBUG(3, ("enum_tokens: AFS MAPS TO %s\n", name)); -+ -+ } -+ else { -+ DEBUG(3, ("enum_tokens: NO MATCH on SCANF\n")); -+ } -+ safe_strcat(buf + offset, client.cell, size - offset - 1); -+ offset += strlen(buf + offset) + 1; -+ buf[offset] = '\0'; -+ safe_strcat(buf + offset, name, size - offset - 1); -+ offset += strlen(buf + offset) + 1; -+ buf[offset] = '\0'; -+ sprintf(buf + offset, "%d", tok.endTime); -+ offset += strlen(buf + offset) + 2; -+ buf[offset-1] = '\0'; -+ buf[offset] = '\0'; -+ } -+#define sprintf __ERROR__XX__NEVER_USE_SPRINTF__; -+ if (offset >= size) { -+ DEBUG(0, ("AFS enum_tokens: insufficient buffer\n")); -+ return False; -+ } -+ buf[offset] = '\0'; -+ } -+ } -+ -+ return True; -+} -+ -+static BOOL api_afstoken_getafstoken(pipes_struct *p) -+{ -+ unsigned int retval = 0, len; -+ unsigned char *passdata, *ek, *iv, *password, *msg; -+ STRING2 user, cell; -+ prs_struct *rdata = &p->out_data.rdata; -+ prs_struct *indata = &p->in_data.data; -+ int pdl, ekl, ivl, msgl; -+ -+ DEBUG(3, ("api_afstoken_getafstoken: Entering\n")); -+ /* read in user name and cell*/ -+ smb_io_string2("user", &user, 1, indata, 0); -+ smb_io_string2("cell", &cell, 1, indata, 0); -+ -+ DEBUG(3, ("api_afstoken_getafstoken: Request for user %s cell %s\n", user.buffer, cell.buffer)); -+ -+ /* read in encrypted password */ -+ -+ /* data */ -+ prs_align(indata); -+ prs_uint32("passdata_len", indata, 0, &pdl); -+ prs_align(indata); -+ prs_uint32("passdata_len", indata, 0, &pdl); -+ prs_align(indata); -+ passdata = malloc(pdl); -+ prs_uint8s(False, "passdata", indata, 0, passdata, pdl); -+ -+ /* read in encrypted symmetric key */ -+ prs_align(indata); -+ prs_uint32("ek_len", indata, 0, &ekl); -+ prs_align(indata); -+ prs_uint32("ek_len", indata, 0, &ekl); -+ prs_align(indata); -+ ek = malloc(ekl); -+ prs_uint8s(False, "ek", indata, 0, ek, ekl); -+ -+ /* read in IV */ -+ prs_align(indata); -+ prs_uint32("iv_len", indata, 0, &ivl); -+ prs_align(indata); -+ prs_uint32("iv_len", indata, 0, &ivl); -+ prs_align(indata); -+ iv = malloc(ivl); -+ prs_uint8s(False, "iv", indata, 0, iv, ivl); -+ -+ /* read in msg */ -+ prs_align(indata); -+ prs_uint32("msgl", indata, 0, &msgl); -+ DEBUG(3, ("api_afstoken_getafstoken: msglen %d\n", msgl)); -+ msg = malloc(msgl); -+ strncpy(msg, "Success.", msgl); -+ -+ DEBUG(3, ("api_afstoken_getafstoken: read in encrypted password - decrypting.\n")); -+ if (decrypt_data(rsaKey, passdata, pdl, ek, ekl, iv, &password)) { -+ long password_expires = 0; -+ char *reason; -+ DEBUG(3, ("api_afstoken_getafstoken: password decrypted successfully.\n")); -+ if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, user.buffer, (char *) 0, -+ cell.buffer, password, 0, &password_expires, 0, &reason) == 0) { -+ DEBUG(3, ("api_afstoken_getafstoken: got token for %s in cell %s\n", -+ user.buffer, cell.buffer)); -+ retval = 1; -+ } -+ else { -+ DEBUG(3, ("api_afstoken_getafstoken: failed to authenticate %s: %s\n", -+ user.buffer, reason)); -+ strncpy(msg, reason, msgl); -+ retval = 0; -+ } -+ -+ } -+ else { -+ DEBUG(3, ("api_afstoken_getafstoken: failed to dencrypt password\n")); -+ strncpy(msg, "failed to decrypt password from client.", msgl); -+ retval = 0; -+ } -+ prs_align(rdata); -+ prs_uint32("msgl", rdata, 0, &msgl); -+ prs_align(rdata); -+ prs_uint8s(False, "key", rdata, 1, msg, msgl); -+ prs_align(rdata); -+ prs_uint32("retvalue", rdata, 0, &retval); -+ -+ free(passdata); -+ free(ek); -+ free(password); -+ free(iv); -+ free(msg); -+ -+ return True; -+} -+ -+static BOOL api_afstoken_getpublickey(pipes_struct *p) -+{ -+ /* retval is return value */ -+ /* len is the actual public key length */ -+ /* retsize is the buffer size we _always_ send regardless of key length */ -+ unsigned int retval, len, retsize; -+ prs_struct *rdata = &p->out_data.rdata; -+ prs_struct *indata = &p->in_data.data; -+ unsigned char *out, *ptr; -+ -+ if (rsaKey == NULL && ! afstoken_init()) { -+ DEBUG(0, ("api_afstoken_getpublickey: Unable to initialize RSA Key.\n")); -+ retval = 0; -+ len = 0; -+ } -+ else { -+ DEBUG(3, ("api_afstoken_getpublickey: Entering...\n")); -+ prs_uint32("buf_size", indata, 0, &retsize); -+ out = malloc(retsize); -+ -+ len = i2d_RSAPublicKey(rsaKey, NULL); -+ if (len > retsize) { -+ DEBUG(0, ("api_afstoken_getpublickey: Not enough buffer sent.\n")); -+ retval = 0; -+ } -+ else { -+ ptr = out; -+ len = i2d_RSAPublicKey(rsaKey, &ptr); -+ retval = 1; -+ } -+ } -+ -+ prs_align(rdata); -+ prs_uint32("len", rdata, 0, &len); -+ prs_align(rdata); -+ prs_uint8s(False, "key", rdata, 1, out, retsize); -+ prs_align(rdata); -+ prs_uint32("getkey_ret", rdata, 0, &retval); -+ -+ free(out); -+ return True; -+} -+ -+static BOOL api_afstoken_forgettoken(pipes_struct *p) { -+ unsigned int retval = 0; -+ STRING2 cell; -+ prs_struct *rdata = &p->out_data.rdata; -+ prs_struct *indata = &p->in_data.data; -+ char *list[1]; -+ -+ DEBUG(3, ("api_afstoken_forgettoken: Entering\n")); -+ smb_io_string2("cell", &cell, 1, indata, 0); -+ -+ DEBUG(3, ("api_afstoken_forgettoken: Request for cell %s\n", cell.buffer)); -+ -+ list[0] = malloc(MAXKTCREALMLEN); -+ strncpy(list[0], cell.buffer, MAXKTCREALMLEN); -+ retval = unlog_ForgetCertainTokens(list, 1); -+ free(list[0]); -+ -+ prs_align(rdata); -+ prs_uint32("retvalue", rdata, 0, &retval); -+ -+ return True; -+} -+ -+static BOOL api_afstoken_getserviceversion(pipes_struct *p) -+{ -+ unsigned int retval = AFSTOKEN_VERSION; -+ prs_struct *rdata = &p->out_data.rdata; -+ -+ DEBUG(3, ("api_afstoken_getserviceversion: Entering...\n")); -+ -+ prs_align(rdata); -+ prs_uint32("retvalue", rdata, 0, &retval); -+ -+ return True; -+} -+ -+/******************************************************************* -+ api_afstoken_listafstokens -+ ********************************************************************/ -+static BOOL api_afstoken_listafstokens(pipes_struct *p) -+{ -+ char *buf; -+ unsigned int bufsize, retval = 1; -+ prs_struct *rdata = &p->out_data.rdata; -+ prs_struct *indata = &p->in_data.data; -+ -+ DEBUG(3, ("api_afstoken_listafstokens: Entering...\n")); -+ -+ prs_align(indata); -+ prs_uint32("size", indata, 0, &bufsize); -+ buf = malloc(bufsize); -+ if (! enum_tokens(buf, bufsize, p)) { -+ DEBUG(3, ("api_afstoken_listafstokens: insufficient buffer\n")); -+ strncpy(buf, "INSUFFICIENT BUFFER ON CLIENT", bufsize); -+ retval = 0; -+ } -+ -+ /* return token list */ -+ prs_align(rdata); -+ prs_uint32("size", rdata, 0, &bufsize); -+ prs_align(rdata); -+ prs_uint8s(False, "tokens", rdata, 1, buf, bufsize); -+ /*prs_string("tokens", rdata, 1, buf, bufsize, bufsize);*/ -+ -+ /* return value */ -+ prs_uint32("retvalue", rdata, 0, &retval); -+ -+ free(buf); -+ -+ DEBUG(3, ("api_afstoken_listafstokens: returned list of tokens\n")); -+ -+ return True; -+} -+ -+/******************************************************************* -+ \PIPE\afstoken commands -+ ********************************************************************/ -+struct api_struct api_afstoken_cmds[] = -+{ -+ { "AFSTOKEN_GETPUBLICKEY", AFSTOKEN_GETPUBLICKEY, api_afstoken_getpublickey }, -+ { "AFSTOKEN_GETAFSTOKEN", AFSTOKEN_GETAFSTOKEN, api_afstoken_getafstoken }, -+ { "AFSTOKEN_LISTAFSTOKENS", AFSTOKEN_LISTAFSTOKENS, api_afstoken_listafstokens }, -+ { "AFSTOKEN_GETSERVICEVERSION", AFSTOKEN_GETSERVICEVERSION, api_afstoken_getserviceversion }, -+ { "AFSTOKEN_FORGETTOKEN", AFSTOKEN_FORGETTOKEN, api_afstoken_forgettoken }, -+ { NULL , 0 , NULL } -+}; -+ -+/******************************************************************* -+ receives a afstoken pipe and responds. -+ ********************************************************************/ -+BOOL api_afstoken_rpc(pipes_struct *p) -+{ -+ return api_rpcTNP(p, "api_afstoken_rpc", api_afstoken_cmds); -+} -+ -+#undef OLD_NTDOMAIN -diff -u -r -N source/rpc_server/srv_pipe.c source.patched/rpc_server/srv_pipe.c ---- source/rpc_server/srv_pipe.c Thu Jul 5 19:01:53 2001 -+++ source.patched/rpc_server/srv_pipe.c Thu Aug 16 11:59:39 2001 -@@ -496,6 +496,9 @@ - #ifdef WITH_MSDFS - { "netdfs", "netdfs" , api_netdfs_rpc }, - #endif -+#ifdef WITH_AFS -+ { "afstoken", "afstoken", api_afstoken_rpc }, -+#endif /* WITH_AFS */ - { NULL, NULL, NULL } - }; - -diff -u -r -N source/smbd/ipc.c source.patched/smbd/ipc.c ---- source/smbd/ipc.c Thu Jul 5 19:02:00 2001 -+++ source.patched/smbd/ipc.c Thu Aug 16 12:00:07 2001 -@@ -342,6 +342,7 @@ - strequal(name,"SRVSVC") || - strequal(name,"WINREG") || - strequal(name,"SAMR") || -+ strequal(name,"AFSTOKEN") || - strequal(name,"LSARPC")) - { - DEBUG(4,("named pipe command from Win95 (wow!)\n")); -diff -u -r -N source/smbd/nttrans.c source.patched/smbd/nttrans.c ---- source/smbd/nttrans.c Thu Jul 5 19:02:00 2001 -+++ source.patched/smbd/nttrans.c Thu Aug 16 11:59:39 2001 -@@ -44,6 +44,9 @@ - #ifdef WITH_MSDFS - "\\netdfs", - #endif -+#ifdef WITH_AFS -+ "\\afstoken", -+#endif - NULL - }; - -diff -u -r -N source/smbd/process.c source.patched/smbd/process.c ---- source/smbd/process.c Thu Jul 5 19:02:02 2001 -+++ source.patched/smbd/process.c Thu Aug 16 11:59:39 2001 -@@ -1190,6 +1190,10 @@ - time_t last_timeout_processing_time = time(NULL); - unsigned int num_smbs = 0; - -+#ifdef WITH_AFS -+ DEBUG(3, ("smbd_process: creating pagsh for this child. %d\n", getpgrp())); -+ setpag(); -+#endif - InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN); - OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN); - if ((InBuffer == NULL) || (OutBuffer == NULL)) -diff -u -r -N source/smbd/reply.c source.patched/smbd/reply.c ---- source/smbd/reply.c Wed Jul 11 13:08:46 2001 -+++ source.patched/smbd/reply.c Thu Aug 16 11:59:40 2001 -@@ -1030,6 +1030,11 @@ - } - } - -+#ifdef WITH_AFS -+ DEBUG(3, ("afs_auth: calling setpag()\n")); -+ setpag(); -+#endif -+ - if (!smb_getpwnam(user,True)) { - DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); - pstrcpy(user,lp_guestaccount(-1)); diff --git a/net-fs/samba/samba-2.2.5.ebuild b/net-fs/samba/samba-2.2.7.ebuild index 4813051fb22f..263e86409ff6 100644 --- a/net-fs/samba/samba-2.2.5.ebuild +++ b/net-fs/samba/samba-2.2.7.ebuild @@ -1,33 +1,49 @@ # Copyright 1999-2002 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-2.2.5.ebuild,v 1.6 2002/10/05 05:39:18 drobbins Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-2.2.7.ebuild,v 1.1 2002/11/20 17:16:33 woodchip Exp $ -IUSE="tcpd ldap cups ssl acl" +IUSE="pam acl cups ldap ssl tcpd vscan" + +VSCAN_VER=0.2.5e +VSCAN_MODS="fprot mks openantivirus" #kaspersky sophos symantec trend +#need libs/headers/extra support for these ones^; please test! DESCRIPTION="SAMBA is a suite of SMB and CIFS client/server programs for UNIX" HOMEPAGE="http://www.samba.org" S=${WORKDIR}/${P} -SRC_URI="http://us2.samba.org/samba/ftp/${P}.tar.gz" +SRC_URI="vscan? mirror://sourceforge/openantivirus/${PN}-vscan-${VSCAN_VER}.tar.gz + http://us3.samba.org/samba/ftp/${P}.tar.bz2" +DEPEND="pam? >=sys-libs/pam-0.72 + acl? sys-apps/acl + cups? net-print/cups + ldap? =net-nds/openldap-2* + ssl? >=dev-libs/openssl-0.9.6 + tcpd? >=sys-apps/tcp-wrappers-7.6 + vscan? >=dev-libs/popt-1.6.3" +KEYWORDS="~x86 ~ppc ~sparc64" +LICENSE="GPL-2" +SLOT="0" -RDEPEND="virtual/glibc - >=sys-libs/pam-0.72 - acl? ( sys-apps/acl ) - cups? ( net-print/cups ) - ldap? ( =net-nds/openldap-2* ) - ssl? ( >=dev-libs/openssl-0.9.6 )" +src_unpack() { + local i + unpack ${A} || die + cd ${S} || die -DEPEND="${RDEPEND} - sys-devel/autoconf - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" + patch -p0 <${FILESDIR}/samba-2.2.2-smbmount.diff || die + patch -p1 <${FILESDIR}/samba-2.2.5-gp-reloc-fix.patch || die + cd ${S}/source/client + patch -p0 <${FILESDIR}/samba-2.2.6-smbumount_lazy.patch || die -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="x86 ppc sparc64" + if use portldap; then + cd ${S}/source + patch -p0 <$FILESDIR/nonroot-bind.diff || die + fi -src_unpack() { - unpack ${A} ; cd ${S} - patch -p0 < ${FILESDIR}/samba-2.2.2-smbmount.diff || die + if use ldap; then + cd ${S} + patch -p0 <${FILESDIR}/samba-2.2.6-libresolv.patch || die + fi # fix kerberos include file collision.. cd ${S}/source/include @@ -35,20 +51,29 @@ src_unpack() { sed -e "s:profile\.h:smbprofile.h:" includes.h > includes.h.new mv includes.h.new includes.h - #cd ${S}/source - #autoconf || die + # for clean docs packaging sake, make a copy.. + cp -a ${S}/examples ${S}/examples.bin + if use vscan; then + # prep source for selected vscan plugin modules.. + for i in ${VSCAN_MODS} + do + cp -a ${WORKDIR}/${PN}-vscan-${VSCAN_VER}/$i \ + ${S}/examples.bin/VFS + done + fi + + cd ${S}/source + autoconf || die } src_compile() { - local myconf - use acl && myconf="${myconf} --with-acl-support" - use acl || myconf="${myconf} --without-acl-support" - use ssl && myconf="${myconf} --with-ssl" - use ssl || myconf="${myconf} --without-ssl" - use cups && myconf="${myconf} --enable-cups" - use cups || myconf="${myconf} --disable-cups" - use ldap && myconf="${myconf} --with-ldapsam" - use ldap || myconf="${myconf} --without-ldapsam" + local i myconf + use acl && myconf="${myconf} --with-acl-support" || myconf="${myconf} --without-acl-support" + use ssl && myconf="${myconf} --with-ssl" || myconf="${myconf} --without-ssl" + use pam && myconf="${myconf} --with-pam --with-pam_smbpass" || \ + myconf="${myconf} --without-pam --without-pam_smbpass" + use cups && myconf="${myconf} --enable-cups" || myconf="${myconf} --disable-cups" + use ldap && myconf="${myconf} --with-ldapsam" || myconf="${myconf} --without-ldapsam" cd ${S}/source ./configure \ @@ -61,11 +86,11 @@ src_compile() { --with-configdir=/etc/samba \ --with-mandir=/usr/share/man \ --with-piddir=/var/run/samba \ - --with-lockdir=/var/run/samba \ --with-swatdir=/usr/share/swat \ + --with-lockdir=/var/cache/samba \ --with-privatedir=/etc/samba/private \ --with-codepagedir=/var/lib/samba/codepages \ - --with-pam --with-pam_smbpass \ + --with-sendfile-support \ --without-sambabook \ --without-automount \ --without-spinlocks \ @@ -80,10 +105,37 @@ src_compile() { --with-utmp \ --with-vfs \ --host=${CHOST} ${myconf} || die "bad ./configure" + #--with-winbind-ldap-hack - make all smbfilter smbwrapper smbcacls pam_smbpass \ + # compile samba.. + make all smbfilter smbwrapper smbcacls \ nsswitch nsswitch/libnss_wins.so debug2html - assert "compile problem" + assert "samba compile problem" + if use pam; then + make pam_smbpass || die "pam_smbpass compile problem" + fi + + # compile the bundled vfs modules.. + cd ${S}/examples.bin/VFS + ./configure \ + --prefix=/usr \ + --mandir=/usr/share/man || die "bad ./configure" + make || die "VFS modules compile problem" + + # compile mkntpasswd in examples/LDAP/ for smbldaptools.. + if use ldap; then + cd ${S}/examples.bin/LDAP/smbldap-tools/mkntpwd + make || die "mkntpwd compile problem" + fi + + # compile the selected antivirus vfs plugins.. + if use vscan; then + for i in ${VSCAN_MODS} + do + cd ${S}/examples.bin/VFS/$i && make + assert "problem building $i vscan module" + done + fi } src_install() { @@ -116,19 +168,29 @@ src_install() { insinto /usr/lib doins source/bin/libsmbclient.a exeinto /lib/security - doexe source/bin/pam_smbpass.so + use pam && doexe source/bin/pam_smbpass.so doexe source/nsswitch/pam_winbind.so + # vfs modules.. + exeinto /usr/lib/samba/vfs + doexe examples.bin/VFS/audit.so + doexe examples.bin/VFS/block/block.so + doexe examples.bin/VFS/recycle/recycle.so + use vscan && doexe examples.bin/VFS/*/vscan-*.so + + # some utility scripts.. for i in mksmbpasswd.sh smbtar convert_smbpasswd do exeinto /usr/bin doexe source/script/${i} done + # and this handy one.. + doexe packaging/Mandrake/findsmb - # install secure binary files.. + # secure binary files.. for i in smbd nmbd swat smbfilter debug2html smbmnt smbcontrol winbindd do exeinto /usr/sbin @@ -138,11 +200,11 @@ src_install() { fperms 4755 /usr/sbin/smbmnt - # install man pages.. + # man pages.. doman docs/manpages/* - # install codepage source files + # codepage source files for i in 437 737 775 850 852 857 861 862 866 932 936 949 950 1125 1251 do insinto /var/lib/samba/codepages/src @@ -225,12 +287,29 @@ src_install() { done - # too many docs to sort through; install them all! :) + # install the utilities from LDAP/smbldap-tools + if use ldap; then + exeinto /usr/share/samba/smbldap-tools + doexe examples/LDAP/smbldap-tools/*.pl + doexe examples/LDAP/smbldap-tools/smbldap_tools.pm + doexe examples/LDAP/{import,export}_smbpasswd.pl + chmod 0700 ${D}/usr/share/samba/smbldap-tools/{import,export}_smbpasswd.pl + exeinto /usr/sbin + doexe examples.bin/LDAP/smbldap-tools/mkntpwd/mkntpwd + #dodir /usr/lib/perl5/site_perl/5.6.1 + eval `perl '-V:installarchlib'` + dodir ${installarchlib} + dosym /etc/samba/smbldap_conf.pm ${installarchlib} + dosym /usr/share/samba/smbldap-tools/smbldap_tools.pm ${installarchlib} + fi + + + # we don't want two copies of the book or manpages + rm -rf docs/htmldocs/using_samba docs/manpages + # attempt to install all the docs as easily as possible :/ dodoc COPYING Manifest README Roadmap WHATSNEW.txt docinto full_docs cp -a docs/* ${D}/usr/share/doc/${PF}/full_docs - # but we don't want two copies of the book! - rm -rf ${D}/usr/share/doc/${PF}/full_docs/htmldocs/using_samba docinto examples cp -a examples/* ${D}/usr/share/doc/${PF}/examples prepalldocs @@ -239,6 +318,17 @@ src_install() { # and we should unzip the html docs.. gunzip ${D}/usr/share/doc/${PF}/full_docs/faq/* gunzip ${D}/usr/share/doc/${PF}/full_docs/htmldocs/* + if use vscan; then + docinto vscan-modules + cd ${WORKDIR}/${PN}-vscan-${VSCAN_VER} + dodoc AUTHORS COPYING ChangeLog FAQ INSTALL NEWS README TODO + for i in ${VSCAN_MODS} + do + docinto vscan-modules/$i + dodoc $i/INSTALL + done + fi + cd ${S} # hyaah; thems a lotta docs! # link /usr/bin/smbmount to /sbin/mount.smbfs which allows it @@ -248,15 +338,15 @@ src_install() { # make the smb backend symlink for cups printing support.. - if [ -n "`use cups`" ] ; then + if use cups; then dodir /usr/lib/cups/backend dosym /usr/bin/smbspool /usr/lib/cups/backend/smb fi - # make a symlink on /usr/lib/smbwrapper.so in /usr/bin - # to fix smbsh problem (another way to do that, anyone???) - dosym /usr/lib/smbwrapper.so /usr/bin/smbwrapper.so + # make a symlink on /usr/lib/smbwrapper.so in /usr/sbin + # to fix smbsh problem. #6936 + dosym /usr/lib/smbwrapper.so /usr/sbin/smbwrapper.so # now the config files.. @@ -268,6 +358,11 @@ src_install() { doins ${FILESDIR}/smbusers doins ${FILESDIR}/smb.conf.example doins ${FILESDIR}/lmhosts + doins ${FILESDIR}/recycle.conf + if use ldap; then + doins ${FILESDIR}/smbldap_conf.pm + doins ${FILESDIR}/samba-slapd-include.conf + fi insinto /etc/pam.d newins ${FILESDIR}/samba.pam samba @@ -294,22 +389,8 @@ pkg_postinst() { install -m1777 -o root -g root -d ${ROOT}/var/spool/samba install -m0755 -o root -g root -d ${ROOT}/var/log/samba install -m0755 -o root -g root -d ${ROOT}/var/run/samba + install -m0755 -o root -g root -d ${ROOT}/var/cache/samba install -m0755 -o root -g root -d ${ROOT}/var/lib/samba/{netlogon,profiles} install -m0755 -o root -g root -d \ ${ROOT}/var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC} - - - # im guessing people dont need this anymore, it was quite a while ago... - # /etc/smb is changed to /etc/samba, /var/run/smb to /var/run/samba - #ewarn "******************************************************************" - #ewarn "* NOTE: If you upgraded from an earlier version of samba you *" - #ewarn "* must move your /etc/smb files to the more aptly suited *" - #ewarn "* /etc/samba directory. Also, please move the files in *" - #ewarn "* /var/run/smb to /var/run/samba. Lastly, if you have *" - #ewarn "* the string "/etc/smb" in your smb.conf file, please *" - #ewarn "* change that to "/etc/samba". The old /etc/smb/codepages *" - #ewarn "* directory doesn't need to be moved into /etc/samba *" - #ewarn "* because those files are now kept in the *" - #ewarn "* /var/lib/samba/codepages directory. *" - #ewarn "******************************************************************" } |