Pullup ticket 544 - requested by Lubomir Sedlacik

security fix for samba2

Revisions pulled up:
- pkgsrc/net/samba2/Makefile		1.23
- pkgsrc/net/samba2/Makefile.common	1.7
- pkgsrc/net/samba2/distinfo		1.4, 1.5
- pkgsrc/net/samba2/patches/patch-ap	1.2

    Module Name:    pkgsrc
    Committed By:   wiz
    Date:           Wed May 25 13:15:40 UTC 2005

    Modified Files:
            pkgsrc/net/samba2: distinfo

    Log Message:
    Add RMD160 checksum.
----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Mon Jun  6 13:25:12 UTC 2005

    Modified Files:
            pkgsrc/net/samba2: Makefile Makefile.common distinfo
            pkgsrc/net/samba2/patches: patch-ap

    Log Message:
    Security fixes for CAN-2004-0882, CAN-2004-0930 and CAN-2004-1154.
    Patches adapted from SuSE.

    Functionality not tested beyond simple smbclient operations.
    This package is marked for removal before next stable branch is cut.

4 files changed, 31 insertions, 16 deletions

diff --git a/net/samba2/Makefile b/net/samba2/Makefile
index a2da6aa98ae..cddafe81a52 100644
--- a/net/samba2/Makefile
+++ b/net/samba2/Makefile
@@ -1,11 +1,10 @@
-# $NetBSD: Makefile,v 1.19 2005/02/07 11:35:45 jlam Exp $
+# $NetBSD: Makefile,v 1.19.2.1 2005/06/08 01:29:22 snj Exp $
 
 .include "Makefile.common"
-PKGREVISION=		# empty1
 
 MAINTAINER=		tech-pkg@NetBSD.org
 HOMEPAGE=		http://www.samba.org/
-PKGREVISION=		1
+PKGREVISION=		2
 COMMENT=		SMB/CIFS protocol server suite for UNIX
 
 USE_BUILDLINK3=		yes
diff --git a/net/samba2/Makefile.common b/net/samba2/Makefile.common
index 81f34ab36bb..dda17129e18 100644
--- a/net/samba2/Makefile.common
+++ b/net/samba2/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.5 2004/10/25 17:05:41 jdolecek Exp $
+# $NetBSD: Makefile.common,v 1.5.4.1 2005/06/08 01:29:22 snj Exp $
 #
 # NOTE: This file is included by:
 #
@@ -18,6 +18,12 @@ MASTER_SITES+=		ftp://${COUNTRY}.samba.org/pub/samba/old-versions/
 .endfor
 EXTRACT_SUFX=		.tar.gz
 
+PATCH_SITES=		${MASTER_SITE_LOCAL}
+PATCHFILES=		samba-2.2.12-CAN-2004-0882.diff.gz \
+			samba-2.2.12-CAN-2004-0930.diff.gz \
+			samba-2.2.12-CAN-2004-1154.diff.gz
+PATCH_DIST_STRIP=	-p2
+
 DISTINFO_FILE?=		${.CURDIR}/../../net/samba2/distinfo
 PATCHDIR?=		${.CURDIR}/../../net/samba2/patches
 
diff --git a/net/samba2/distinfo b/net/samba2/distinfo
index dc9ec032be1..1a548317097 100644
--- a/net/samba2/distinfo
+++ b/net/samba2/distinfo
@@ -1,7 +1,17 @@
-$NetBSD: distinfo,v 1.3 2004/10/25 17:05:41 jdolecek Exp $
+$NetBSD: distinfo,v 1.3.4.1 2005/06/08 01:29:22 snj Exp $
 
 SHA1 (samba-2.2.12.tar.gz) = 9f8cf8bef5f7aace692d06c7d1f60be61b046bad
+RMD160 (samba-2.2.12.tar.gz) = a01c42c8d3d44c1de339be3b012cc9d4168b0d3e
 Size (samba-2.2.12.tar.gz) = 5459704 bytes
+SHA1 (samba-2.2.12-CAN-2004-0882.diff.gz) = df1e3e070aa3c2814ab07df5f6fa2d3a286a659b
+RMD160 (samba-2.2.12-CAN-2004-0882.diff.gz) = 0f3ac1329e827d2570eeafe55ab9d26dacc2d55f
+Size (samba-2.2.12-CAN-2004-0882.diff.gz) = 1432 bytes
+SHA1 (samba-2.2.12-CAN-2004-0930.diff.gz) = bfb7398b438f16ead569b3eab263d8066d70f8e5
+RMD160 (samba-2.2.12-CAN-2004-0930.diff.gz) = 2db2e9695eb9c08b5cc598ba75c48aca8e04ad31
+Size (samba-2.2.12-CAN-2004-0930.diff.gz) = 3027 bytes
+SHA1 (samba-2.2.12-CAN-2004-1154.diff.gz) = 5dde5315bf8e7851344322b7d4676774ee5c4a2d
+RMD160 (samba-2.2.12-CAN-2004-1154.diff.gz) = e788027f207bb0481d31e33e5d535dd56e4912b8
+Size (samba-2.2.12-CAN-2004-1154.diff.gz) = 59813 bytes
 SHA1 (patch-aa) = 7f85ab121ffbcb67eb1f1c59f49245dda2eff44d
 SHA1 (patch-ab) = 8be47e3f277f191aff18f77d8ed5ef4d8903ec5f
 SHA1 (patch-ac) = cfde267ffe57046de18691f612e73ecdd1158d86
@@ -10,7 +20,7 @@ SHA1 (patch-ag) = e296e076c6bfe20b839f6f6be83873d7cfcc9d89
 SHA1 (patch-ah) = e87f2e393db68acc7028fe20d4772455379ad7aa
 SHA1 (patch-aj) = e2c5f7580a8c701b6bf35d0d3004f714f2c810cb
 SHA1 (patch-al) = 9507677d964044416802e91597c29310c61c9622
-SHA1 (patch-ap) = cc0b3d73d0c7de4cd46e66b0d66b2c3bbaddeb41
+SHA1 (patch-ap) = 1a8409ba329a18b8b1b8a4ff63f510089465dbdc
 SHA1 (patch-aq) = ea9cd9097cf91dd2b9f1acd9e6ff6f9445505774
 SHA1 (patch-ar) = e5b442fb7eb837bb2771ac71c73e6f95ae6fdfc2
 SHA1 (patch-as) = 019cd56e1a0f3c4517e1701e09d0a7cbd741df93
diff --git a/net/samba2/patches/patch-ap b/net/samba2/patches/patch-ap
index 207e1041f88..9e537b680af 100644
--- a/net/samba2/patches/patch-ap
+++ b/net/samba2/patches/patch-ap
@@ -1,9 +1,9 @@
-$NetBSD: patch-ap,v 1.1.1.1 2004/01/11 00:41:13 jlam Exp $
+$NetBSD: patch-ap,v 1.1.1.1.10.1 2005/06/08 01:29:22 snj Exp $
 
 Expand & in the gecos field to a capitalized login name.
 
---- lib/util_getent.c.orig	Sat Feb  2 19:46:42 2002
-+++ lib/util_getent.c	Sun Oct 13 21:37:56 2002
+--- lib/util_getent.c.orig	2005-04-09 19:27:42.000000000 +0200
++++ lib/util_getent.c	2005-04-09 19:35:09.000000000 +0200
 @@ -155,6 +155,11 @@
  	struct sys_pwent *plist;
  	struct sys_pwent *pent;
@@ -14,7 +14,7 @@ Expand & in the gecos field to a capitalized login name.
 +	int buflen;
 +#endif
  	
- 	pent = (struct sys_pwent *) malloc(sizeof(struct sys_pwent));
+ 	pent = SMB_MALLOC_P(struct sys_pwent);
  	if (pent == NULL) {
 @@ -178,9 +183,38 @@
  		pent->pw_uid = pwd->pw_uid;
@@ -31,10 +31,10 @@ Expand & in the gecos field to a capitalized login name.
 +				if (bp >= &buf[BUFLEN - 1])
 +					/* buffer overflow */
 +					goto gecos_done;
-+				if (*p == '&') {
++                               if (*p == '&') {
 +					/* interpolate full name */
 +					snprintf(bp, BUFLEN - (bp - buf),
-+						 "%s", pwd->pw_name);
++						"%s", pwd->pw_name);
 +					*bp = toupper(*bp);
 +					bp += strlen(bp);
 +				}
@@ -42,16 +42,16 @@ Expand & in the gecos field to a capitalized login name.
 +					*bp++ = *p;
 +			}
 +			*bp = '\0';
-+			if ((pent->pw_name = strdup(buf)) == NULL)
++			if ((pent->pw_name = SMB_STRDUP(buf)) == NULL)
 +				goto err;
 +#else
- 			if ((pent->pw_name = strdup(pwd->pw_gecos)) == NULL)
+ 			if ((pent->pw_name = SMB_STRDUP(pwd->pw_gecos)) == NULL)
  				goto err;
 +#endif
  		}
 +#ifdef BSD
-+  gecos_done:
++	gecos_done:
 +#endif
  		if (pwd->pw_dir) {
- 			if ((pent->pw_name = strdup(pwd->pw_dir)) == NULL)
+ 			if ((pent->pw_name = SMB_STRDUP(pwd->pw_dir)) == NULL)
  				goto err;