rpms/samba/devel samba-3.5.2-ipv6.patch, NONE, 1.1 .cvsignore, 1.75, 1.76 nmb.init, 1.3, 1.4 samba.spec, 1.213, 1.214 smb.init, 1.8, 1.9 sources, 1.79, 1.80
Guenther Deschner
gd at fedoraproject.org
Wed May 19 09:59:35 UTC 2010
Author: gd
Update of /cvs/pkgs/rpms/samba/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv31868
Modified Files:
.cvsignore nmb.init samba.spec smb.init sources
Added Files:
samba-3.5.2-ipv6.patch
Log Message:
Update to 3.5.3
Make sure nmb and smb initscripts return LSB compliant return codes
Fix winbind over ipv6
Guenther
samba-3.5.2-ipv6.patch:
b/source3/include/proto.h | 3 ++-
b/source3/libads/kerberos.c | 19 ++++++++++++-------
b/source3/libsmb/namequery_dc.c | 6 ++++--
b/source3/winbindd/winbindd_cm.c | 31 +++++++++++++++++++++++++------
source3/libads/kerberos.c | 26 ++++++++++++++++++++------
source3/winbindd/winbindd_cm.c | 7 ++++---
6 files changed, 67 insertions(+), 25 deletions(-)
--- NEW FILE samba-3.5.2-ipv6.patch ---
>From 841525d4b9dcf167ae114dd656d74c510ef36c13 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd at samba.org>
Date: Fri, 14 May 2010 23:21:47 +0200
Subject: [PATCH 1/3] s3-winbind: make the getpeername() checks in cm_prepare_connection ipv6 aware.
ipv6 gurus, please check.
Guenther
---
source3/winbindd/winbindd_cm.c | 30 +++++++++++++++++++++++++-----
1 files changed, 25 insertions(+), 5 deletions(-)
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 9715363..45747d4 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -808,11 +808,31 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
peeraddr_len = sizeof(peeraddr);
- if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0) ||
- (peeraddr_len != sizeof(struct sockaddr_in)) ||
- (peeraddr_in->sin_family != PF_INET))
- {
- DEBUG(0,("cm_prepare_connection: %s\n", strerror(errno)));
+ if ((getpeername((*cli)->fd, &peeraddr, &peeraddr_len) != 0)) {
+ DEBUG(0,("cm_prepare_connection: getpeername failed with: %s\n",
+ strerror(errno)));
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if ((peeraddr_len != sizeof(struct sockaddr_in))
+#ifdef HAVE_IPV6
+ && (peeraddr_len != sizeof(struct sockaddr_in6))
+#endif
+ ) {
+ DEBUG(0,("cm_prepare_connection: got unexpected peeraddr len %d\n",
+ peeraddr_len));
+ result = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+
+ if ((peeraddr_in->sin_family != PF_INET)
+#ifdef HAVE_IPV6
+ && (peeraddr_in->sin_family != PF_INET6)
+#endif
+ ) {
+ DEBUG(0,("cm_prepare_connection: got unexpected family %d\n",
+ peeraddr_in->sin_family));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
--
1.6.6.1
>From 435ba0625599388f585759738554ddb509ce3c54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd at samba.org>
Date: Fri, 14 May 2010 23:23:34 +0200
Subject: [PATCH 2/3] s3-kerberos: pass down kdc_name to create_local_private_krb5_conf_for_domain().
Guenther
---
source3/include/proto.h | 3 ++-
source3/libads/kerberos.c | 19 ++++++++++++-------
source3/libsmb/namequery_dc.c | 6 ++++--
source3/winbindd/winbindd_cm.c | 6 ++++--
4 files changed, 22 insertions(+), 12 deletions(-)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 91b6bd9..b633d9e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1821,7 +1821,8 @@ int kerberos_kinit_password(const char *principal,
bool create_local_private_krb5_conf_for_domain(const char *realm,
const char *domain,
const char *sitename,
- struct sockaddr_storage *pss);
+ struct sockaddr_storage *pss,
+ const char *kdc_name);
/* The following definitions come from libads/kerberos_keytab.c */
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 7fb4ec3..01a88e8 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -715,7 +715,8 @@ int kerberos_kinit_password(const char *principal,
static char *print_kdc_line(char *mem_ctx,
const char *prev_line,
- const struct sockaddr_storage *pss)
+ const struct sockaddr_storage *pss,
+ const char *kdc_name)
{
char *kdc_str = NULL;
@@ -772,14 +773,15 @@ static char *print_kdc_line(char *mem_ctx,
static char *get_kdc_ip_string(char *mem_ctx,
const char *realm,
const char *sitename,
- struct sockaddr_storage *pss)
+ struct sockaddr_storage *pss,
+ const char *kdc_name)
{
int i;
struct ip_service *ip_srv_site = NULL;
struct ip_service *ip_srv_nonsite = NULL;
int count_site = 0;
int count_nonsite;
- char *kdc_str = print_kdc_line(mem_ctx, "", pss);
+ char *kdc_str = print_kdc_line(mem_ctx, "", pss, kdc_name);
if (kdc_str == NULL) {
return NULL;
@@ -803,7 +805,8 @@ static char *get_kdc_ip_string(char *mem_ctx,
* but not done often. */
kdc_str = print_kdc_line(mem_ctx,
kdc_str,
- &ip_srv_site[i].ss);
+ &ip_srv_site[i].ss,
+ NULL);
if (!kdc_str) {
SAFE_FREE(ip_srv_site);
return NULL;
@@ -840,7 +843,8 @@ static char *get_kdc_ip_string(char *mem_ctx,
/* Append to the string - inefficient but not done often. */
kdc_str = print_kdc_line(mem_ctx,
kdc_str,
- &ip_srv_nonsite[i].ss);
+ &ip_srv_nonsite[i].ss,
+ NULL);
if (!kdc_str) {
SAFE_FREE(ip_srv_site);
SAFE_FREE(ip_srv_nonsite);
@@ -868,7 +872,8 @@ static char *get_kdc_ip_string(char *mem_ctx,
bool create_local_private_krb5_conf_for_domain(const char *realm,
const char *domain,
const char *sitename,
- struct sockaddr_storage *pss)
+ struct sockaddr_storage *pss,
+ const char *kdc_name)
{
char *dname;
char *tmpname = NULL;
@@ -912,7 +917,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
realm_upper = talloc_strdup(fname, realm);
strupper_m(realm_upper);
- kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss);
+ kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss, kdc_name);
if (!kdc_ip_string) {
goto done;
}
diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
index 3b3470d..cebd793 100644
--- a/source3/libsmb/namequery_dc.c
+++ b/source3/libsmb/namequery_dc.c
@@ -109,12 +109,14 @@ static bool ads_dc_name(const char *domain,
create_local_private_krb5_conf_for_domain(realm,
domain,
sitename,
- &ads->ldap.ss);
+ &ads->ldap.ss,
+ ads->config.ldap_server_name);
} else {
create_local_private_krb5_conf_for_domain(realm,
domain,
NULL,
- &ads->ldap.ss);
+ &ads->ldap.ss,
+ ads->config.ldap_server_name);
}
}
#endif
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 45747d4..5ea5196 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1152,7 +1152,8 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
create_local_private_krb5_conf_for_domain(domain->alt_name,
domain->name,
sitename,
- pss);
+ pss,
+ name);
SAFE_FREE(sitename);
} else {
@@ -1160,7 +1161,8 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
create_local_private_krb5_conf_for_domain(domain->alt_name,
domain->name,
NULL,
- pss);
+ pss,
+ name);
}
winbindd_set_locator_kdc_envs(domain);
--
1.6.6.1
>From 06135ae36667c96fe28b69724393323727e82ba6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd at samba.org>
Date: Sat, 15 May 2010 00:34:35 +0200
Subject: [PATCH 3/3] s3-kerberos: temporary fix for ipv6 in print_kdc_line().
Currently no krb5 lib supports "kdc = ipv6 address" at all, so for now just fill
in just the kdc_name if we have it and let the krb5 lib figure out the
appropriate ipv6 address
ipv6 gurus, please check.
Guenther
---
source3/libads/kerberos.c | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 01a88e8..c78b8b8 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -728,6 +728,9 @@ static char *print_kdc_line(char *mem_ctx,
char addr[INET6_ADDRSTRLEN];
uint16_t port = get_sockaddr_port(pss);
+ DEBUG(10,("print_kdc_line: IPV6 case for kdc_name: %s, port: %d\n",
+ kdc_name, port));
+
if (port != 0 && port != DEFAULT_KRB5_PORT) {
/* Currently for IPv6 we can't specify a non-default
krb5 port with an address, as this requires a ':'.
@@ -744,6 +747,7 @@ static char *print_kdc_line(char *mem_ctx,
"Error %s\n.",
print_canonical_sockaddr(mem_ctx, pss),
gai_strerror(ret)));
+ return NULL;
}
/* Success, use host:port */
kdc_str = talloc_asprintf(mem_ctx,
@@ -752,11 +756,22 @@ static char *print_kdc_line(char *mem_ctx,
hostname,
(unsigned int)port);
} else {
- kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
- prev_line,
- print_sockaddr(addr,
- sizeof(addr),
- pss));
+
+ /* no krb5 lib currently supports "kdc = ipv6 address"
+ * at all, so just fill in just the kdc_name if we have
+ * it and let the krb5 lib figure out the appropriate
+ * ipv6 address - gd */
+
+ if (kdc_name) {
+ kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
+ prev_line, kdc_name);
+ } else {
+ kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
+ prev_line,
+ print_sockaddr(addr,
+ sizeof(addr),
+ pss));
+ }
}
}
return kdc_str;
--
1.6.6.1
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/samba/devel/.cvsignore,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -p -r1.75 -r1.76
--- .cvsignore 7 Apr 2010 09:15:45 -0000 1.75
+++ .cvsignore 19 May 2010 09:59:35 -0000 1.76
@@ -1 +1 @@
-samba-3.5.2.tar.gz
+samba-3.5.3.tar.gz
Index: nmb.init
===================================================================
RCS file: /cvs/pkgs/rpms/samba/devel/nmb.init,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- nmb.init 26 Mar 2009 20:26:58 -0000 1.3
+++ nmb.init 19 May 2010 09:59:35 -0000 1.4
@@ -71,7 +71,7 @@ reload() {
}
rhstatus() {
- status nmbd
+ status -l nmb nmbd
return $?
}
Index: samba.spec
===================================================================
RCS file: /cvs/pkgs/rpms/samba/devel/samba.spec,v
retrieving revision 1.213
retrieving revision 1.214
diff -u -p -r1.213 -r1.214
--- samba.spec 7 Apr 2010 09:15:46 -0000 1.213
+++ samba.spec 19 May 2010 09:59:35 -0000 1.214
@@ -1,5 +1,5 @@
-%define main_release 59
-%define samba_version 3.5.2
+%define main_release 60
+%define samba_version 3.5.3
%define tdb_version 1.2.1
%define talloc_version 2.0.1
#%define pre_release rc3
@@ -45,6 +45,7 @@ Patch104: samba-3.0.0rc3-nmbd-netbiosnam
# The passwd part has been applied, but not the group part
Patch107: samba-3.2.0pre1-grouppwd.patch
Patch200: samba-3.2.5-inotify.patch
+Patch201: samba-3.5.2-ipv6.patch
Requires(pre): samba-common = %{epoch}:%{samba_version}-%{release}
Requires: pam >= 0:0.64
@@ -201,6 +202,7 @@ cp %{SOURCE11} packaging/Fedora/
#%patch104 -p1 -b .nmbd-netbiosname # FIXME: does not apply
%patch107 -p1 -b .grouppwd
%patch200 -p0 -b .inotify
+%patch201 -p1 -b .ipv6
mv %samba_source/VERSION %samba_source/VERSION.orig
sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{samba_release}\"/' < %samba_source/VERSION.orig > %samba_source/VERSION
@@ -650,6 +652,11 @@ exit 0
%{_datadir}/pixmaps/samba/logo-small.png
%changelog
+* Wed May 19 2010 Guenther Deschner <gdeschner at redhat.com> - 3.5.3-60
+- Update to 3.5.3
+- Make sure nmb and smb initscripts return LSB compliant return codes
+- Fix winbind over ipv6
+
* Wed Apr 07 2010 Guenther Deschner <gdeschner at redhat.com> - 3.5.2-59
- Update to 3.5.2
Index: smb.init
===================================================================
RCS file: /cvs/pkgs/rpms/samba/devel/smb.init,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -p -r1.8 -r1.9
--- smb.init 25 Jun 2007 13:51:51 -0000 1.8
+++ smb.init 19 May 2010 09:59:35 -0000 1.9
@@ -71,7 +71,7 @@ reload() {
}
rhstatus() {
- status smbd
+ status -l smb smbd
return $?
}
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/samba/devel/sources,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -p -r1.79 -r1.80
--- sources 7 Apr 2010 09:15:46 -0000 1.79
+++ sources 19 May 2010 09:59:35 -0000 1.80
@@ -1 +1 @@
-6f8cf649207ccd8c2c17e28c335f4e9d samba-3.5.2.tar.gz
+7c8d2a34b649380d5df838c3e030dbec samba-3.5.3.tar.gz
More information about the scm-commits
mailing list