- Fix the problem that swat authentication always fail. Noted by

MORI Kouji on tech-pkg-ja mailing list. - merge security fix related change between samba 2.2.9 and 2.2.10. See http://www.samba.org/samba/whatsnew/samba-2.2.10.html or http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686. Bump package revision.
author: taca <taca@pkgsrc.org> 2004-07-23 16:45:42 +0000
committer: taca <taca@pkgsrc.org> 2004-07-23 16:45:42 +0000
commit: afec9150e5b628783379068ef2b96aee83afb01d (patch)
tree: 463ccb56a4999b6e92ef3d81a48be8e75fd4fef1 /net/ja-samba
parent: 90d4244332f2ff5540d7ef12aad383dbbd248014 (diff)
download: pkgsrc-afec9150e5b628783379068ef2b96aee83afb01d.tar.gz
10 files changed, 206 insertions, 36 deletions
diff --git a/net/ja-samba/Makefile b/net/ja-samba/Makefile
index 8a6e28b316b..d760f246191 100644
--- a/net/ja-samba/Makefile
+++ b/net/ja-samba/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.26 2004/06/05 13:16:35 taca Exp $
+# $NetBSD: Makefile,v 1.27 2004/07/23 16:45:42 taca Exp $
 
 .include "Makefile.common"
 
 PKGNAME=		ja-samba-${SAMBA_BASE_VERS}.${SAMBA_JA_VERS}
+PKGREVISION=		1
 CATEGORIES=		net
 
 MAINTAINER=		tech-pkg-ja@jp.NetBSD.org
diff --git a/net/ja-samba/distinfo b/net/ja-samba/distinfo
index 814614913be..70d10e7292b 100644
--- a/net/ja-samba/distinfo
+++ b/net/ja-samba/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2004/06/05 13:16:35 taca Exp $
+$NetBSD: distinfo,v 1.14 2004/07/23 16:45:43 taca Exp $
 
 SHA1 (samba-2.2.9-ja-1.0.tar.bz2) = 982339aaecf4276db0f87e7491c0f4ff039d0d75
 Size (samba-2.2.9-ja-1.0.tar.bz2) = 7474160 bytes
@@ -12,5 +12,12 @@ SHA1 (patch-al) = e7caad8f6743537469866f9b47b0044ec95852ad
 SHA1 (patch-am) = 92aa5e122529a30e05199cbe26620b3ac01adbc5
 SHA1 (patch-an) = 55c7f9785c19d84b8ad74bbf0827162b156e2327
 SHA1 (patch-ao) = cc0b3d73d0c7de4cd46e66b0d66b2c3bbaddeb41
-SHA1 (patch-ap) = 80d0884d5a38c5efeb26c9657baea73564f0daa9
+SHA1 (patch-ap) = 5c5dea7e8b67885e8214210dfff344a9d6102279
 SHA1 (patch-aq) = 73017f99efd1b4e3d93d8f14e63f0c43e391236d
+SHA1 (patch-ba) = c22c70c498d817a3623ac0d11898eed75b4d8d0c
+SHA1 (patch-bb) = cefd6b3041df94543c73b819f905845c6c136786
+SHA1 (patch-bc) = a12df625338827bdec7bb4c2f826660b8d4a57cf
+SHA1 (patch-bd) = 3983dbaa9a5101ed5a978b6efe2f55755a55438d
+SHA1 (patch-be) = a4db1b67ac53b680c6878795faa59f6a017eb83a
+SHA1 (patch-bf) = 1c614db983b4fdab3b0561b301402cb1b231b069
+SHA1 (patch-bg) = 89987dfb2ef7d86f78e6e55ef9ae0fa80684d54e
diff --git a/net/ja-samba/patches/patch-ap b/net/ja-samba/patches/patch-ap
index ca6dd135403..37e625f16ae 100644
--- a/net/ja-samba/patches/patch-ap
+++ b/net/ja-samba/patches/patch-ap
@@ -1,54 +1,59 @@
-$NetBSD: patch-ap,v 1.3 2004/06/05 13:16:35 taca Exp $
+$NetBSD: patch-ap,v 1.4 2004/07/23 16:45:43 taca Exp $
 
 Expand & in the gecos field to a capitalized login name.
 
 --- lib/system.c.orig	2003-07-17 20:23:53.000000000 +0900
 +++ lib/system.c
-@@ -776,12 +776,47 @@ static int num_lookups; /* Counter so we
+@@ -776,6 +776,11 @@ static int num_lookups; /* Counter so we
  
  static void copy_pwent(struct saved_pw *dst, struct passwd *pass)
  {
 +#ifdef BSD
-+# define BUFLEN 1024
-+	char *bp, *gecos, *p, buf[BUFLEN];
-+	int buflen;
++	char *bp, *gecos, *p;
++	pstring buf, buf2;
 +#endif
 +
  	memcpy((char *)&dst->pass, pass, sizeof(struct passwd));
  
  	unix_to_dos(dst->pw_name, pass->pw_name);
- 	dst->pass.pw_name = dst->pw_name;
+@@ -783,9 +788,39 @@ static void copy_pwent(struct saved_pw *
  
+ 	fstrcpy(dst->pw_passwd, pass->pw_passwd);
+ 	dst->pass.pw_passwd = dst->pw_passwd;
 +#ifdef BSD
-+	gecos = pass->pw_gecos;
-+	if (*gecos == '*')
-+		gecos++;
-+	bp = buf;
++	if (pass->pw_gecos) {
++		gecos = pass->pw_gecos;
++		if (*gecos == '*')
++			gecos++;
++		bp = buf;
 +
-+	/* copy gecos, interpolating & to be full name */
-+	for (p = gecos; *p != '\0'; p++) {
-+		if (bp >= &buf[BUFLEN - 1]) {
-+			/* buffer overflow */
-+			gecos = pass->pw_name;
-+			goto gecos_done;
++		/* copy gecos, interpolating & to be full name */
++		for (p = gecos; *p != '\0'; p++) {
++			if (bp >= &buf[PSTRING_LEN - 1]) {
++				/* buffer overflow */
++				gecos = pass->pw_name;
++				goto gecos_done;
++			}
++			if (*p == '&') {
++				/* interpolate full name */
++				snprintf(bp, PSTRING_LEN - (bp - buf), "%s",
++					 pass->pw_name);
++				*bp = toupper(*bp);
++				bp += strlen(bp);
++			}
++			else
++				*bp++ = *p;
 +		}
-+		if (*p == '&') {
-+			/* interpolate full name */
-+			snprintf(bp, BUFLEN - (bp - buf), "%s", pass->pw_name);
-+			*bp = toupper(*bp);
-+			bp += strlen(bp);
-+		}
-+		else
-+			*bp++ = *p;
++		*bp = '\0';
++		gecos = buf;
+ 
+-	unix_to_dos(dst->pw_gecos, pass->pw_gecos);
++	gecos_done:
++		unix_to_dos(buf2, gecos);
++		fstrcpy(dst->pw_gecos, buf2);
 +	}
-+	*bp = '\0';
-+	gecos = buf;
-+
-+  gecos_done:
-+	fstrcpy(dst->pw_gecos, gecos);
-+#else
- 	fstrcpy(dst->pw_passwd, pass->pw_passwd);
+ 	dst->pass.pw_gecos = dst->pw_gecos;
 +#endif
- 	dst->pass.pw_passwd = dst->pw_passwd;
  
- 	unix_to_dos(dst->pw_gecos, pass->pw_gecos);
+ 	unix_to_dos(dst->pw_dir, pass->pw_dir);
+ 	dst->pass.pw_dir = dst->pw_dir;
diff --git a/net/ja-samba/patches/patch-ba b/net/ja-samba/patches/patch-ba
new file mode 100644
index 00000000000..8a4f6e3e449
--- /dev/null
+++ b/net/ja-samba/patches/patch-ba
@@ -0,0 +1,13 @@
+$NetBSD: patch-ba,v 1.3 2004/07/23 16:45:43 taca Exp $
+
+--- include/mangle.h.orig	2002-07-09 11:26:06.000000000 +0900
++++ include/mangle.h
+@@ -8,7 +8,7 @@ struct mangle_fns {
+ 	BOOL (*is_mangled)__P((const char *s));
+ 	BOOL (*is_8_3)__P((const char *fname, BOOL check_case, BOOL allow_wildcards));
+ 	void (*reset)__P((void));
+-	BOOL (*check_cache)__P((char *s));
++	BOOL (*check_cache)(char *s, size_t maxlen);
+ 	void (*name_map)__P((char *OutName, BOOL need83, BOOL cache83));
+ };
+ #endif /* _MANGLE_H_ */
diff --git a/net/ja-samba/patches/patch-bb b/net/ja-samba/patches/patch-bb
new file mode 100644
index 00000000000..7783ce876cf
--- /dev/null
+++ b/net/ja-samba/patches/patch-bb
@@ -0,0 +1,13 @@
+$NetBSD: patch-bb,v 1.7 2004/07/23 16:45:43 taca Exp $
+
+--- include/proto.h.orig	2003-08-04 19:18:25.000000000 +0900
++++ include/proto.h
+@@ -4492,7 +4492,7 @@ void mangle_reset_cache __P((void));
+ BOOL mangle_is_mangled __P((const char *s));
+ BOOL mangle_is_8_3 __P((const char *fname, BOOL check_case));
+ BOOL mangle_is_8_3_wildcards __P((const char *fname, BOOL check_case));
+-BOOL mangle_check_cache __P((char *s));
++BOOL mangle_check_cache __P((char *s, size_t maxlen));
+ void mangle_map __P((char *OutName, BOOL need83, BOOL cache83, int snum));
+ 
+ /* The following definitions come from smbd/mangle_hash.c  */
diff --git a/net/ja-samba/patches/patch-bc b/net/ja-samba/patches/patch-bc
new file mode 100644
index 00000000000..b4b38d13afa
--- /dev/null
+++ b/net/ja-samba/patches/patch-bc
@@ -0,0 +1,22 @@
+$NetBSD: patch-bc,v 1.3 2004/07/23 16:45:43 taca Exp $
+
+--- smbd/filename.c.orig	2003-05-20 11:17:18.000000000 +0900
++++ smbd/filename.c
+@@ -314,7 +314,7 @@ BOOL unix_convert(char *name,connection_
+ 				 */
+ 
+ 				if (mangle_is_mangled(start)) {
+-					mangle_check_cache( start );
++					mangle_check_cache( start, sizeof(pstring) - 1 - (start - name) );
+ 				}
+ 
+ 				DEBUG(5,("New file %s\n",start));
+@@ -472,7 +472,7 @@ static BOOL scan_directory(const char *p
+ 	 * (JRA).
+ 	 */
+ 	if (mangled)
+-		mangled = !mangle_check_cache( name );
++		mangled = !mangle_check_cache( name, maxlength );
+ 
+ 	/* open the directory */
+ 	if (!(cur_dir = OpenDir(conn, path, True))) {
diff --git a/net/ja-samba/patches/patch-bd b/net/ja-samba/patches/patch-bd
new file mode 100644
index 00000000000..3008b828605
--- /dev/null
+++ b/net/ja-samba/patches/patch-bd
@@ -0,0 +1,16 @@
+$NetBSD: patch-bd,v 1.3 2004/07/23 16:45:43 taca Exp $
+
+--- smbd/mangle.c.orig	2003-05-20 11:17:18.000000000 +0900
++++ smbd/mangle.c
+@@ -97,9 +97,9 @@ BOOL mangle_is_8_3_wildcards(const char 
+   looking for a matching name if it doesn't. It should succeed most of the time
+   or there will be a huge performance penalty
+ */
+-BOOL mangle_check_cache(char *s)
++BOOL mangle_check_cache(char *s, size_t maxlen)
+ {
+-	return mangle_fns->check_cache(s);
++	return mangle_fns->check_cache(s, maxlen);
+ }
+ 
+ /* 
diff --git a/net/ja-samba/patches/patch-be b/net/ja-samba/patches/patch-be
new file mode 100644
index 00000000000..cf0954ce285
--- /dev/null
+++ b/net/ja-samba/patches/patch-be
@@ -0,0 +1,36 @@
+$NetBSD: patch-be,v 1.1 2004/07/23 16:45:43 taca Exp $
+
+--- smbd/mangle_hash.c.orig	2003-05-20 11:17:18.000000000 +0900
++++ smbd/mangle_hash.c
+@@ -622,7 +622,7 @@ static void cache_mangled_name( char *ma
+  * ************************************************************************** **
+  */
+ 
+-static BOOL check_mangled_cache( char *s )
++static BOOL check_mangled_cache( char *s, size_t maxlen )
+ {
+   ubi_cacheEntryPtr FoundPtr;
+   char             *ext_start = NULL;
+@@ -660,7 +660,7 @@ static BOOL check_mangled_cache( char *s
+     if(saved_ext)
+     {
+       /* Replace the saved_ext as it was truncated. */
+-      (void)pstrcat( s, saved_ext );
++     (void)safe_strcat( s, saved_ext, maxlen );
+       SAFE_FREE(saved_ext);
+     }
+     return( False );
+@@ -672,11 +672,11 @@ static BOOL check_mangled_cache( char *s
+ 
+   DEBUG( 3, ("Found %s on mangled stack ", s) );
+ 
+-  (void)pstrcpy( s, found_name );
++  (void)safe_strcpy( s, found_name, maxlen );
+   if( saved_ext )
+   {
+     /* Replace the saved_ext as it was truncated. */
+-    (void)pstrcat( s, saved_ext );
++    (void)safe_strcat( s, saved_ext,maxlen );
+     SAFE_FREE(saved_ext);
+   }
+ 
diff --git a/net/ja-samba/patches/patch-bf b/net/ja-samba/patches/patch-bf
new file mode 100644
index 00000000000..a7e0f13cb26
--- /dev/null
+++ b/net/ja-samba/patches/patch-bf
@@ -0,0 +1,26 @@
+$NetBSD: patch-bf,v 1.1 2004/07/23 16:45:43 taca Exp $
+
+--- smbd/mangle_hash2.c.orig	2003-07-17 19:41:37.000000000 +0900
++++ smbd/mangle_hash2.c
+@@ -353,7 +353,7 @@ static void mangle_reset(void)
+ 
+   The filename must be able to hold at least sizeof(fstring) 
+ */
+-static BOOL check_cache(char *name)
++static BOOL check_cache(char *name, size_t maxlen)
+ {
+ 	u32 hash, multiplier;
+ 	int i;
+@@ -391,10 +391,10 @@ static BOOL check_cache(char *name)
+ 
+ 	if (extension[0]) {
+ 		DEBUG(10,("check_cache: %s -> %s.%s\n", name, prefix, extension));
+-		slprintf(name, sizeof(fstring), "%s.%s", prefix, extension);
++		slprintf(name, maxlen, "%s.%s", prefix, extension);
+ 	} else {
+ 		DEBUG(10,("check_cache: %s -> %s\n", name, prefix));
+-		fstrcpy(name, prefix);
++		safe_strcpy(name, prefix, maxlen);
+ 	}
+ 
+ 	return True;
diff --git a/net/ja-samba/patches/patch-bg b/net/ja-samba/patches/patch-bg
new file mode 100644
index 00000000000..4c365ac9ed2
--- /dev/null
+++ b/net/ja-samba/patches/patch-bg
@@ -0,0 +1,31 @@
+$NetBSD: patch-bg,v 1.1 2004/07/23 16:45:43 taca Exp $
+
+--- smbd/reply.c.orig	2003-07-17 19:41:37.000000000 +0900
++++ smbd/reply.c
+@@ -2191,7 +2191,7 @@ NTSTATUS unlink_internals(connection_str
+ 	 */
+ 
+ 	if (!rc && mangle_is_mangled(mask))
+-		mangle_check_cache( mask );
++		mangle_check_cache( mask, sizeof(pstring)-1 );
+ 
+ 	has_wild = ms_has_wild(mask);
+ 
+@@ -4049,7 +4049,7 @@ NTSTATUS rename_internals(connection_str
+ 	 */
+ 
+ 	if (!rc && mangle_is_mangled(mask))
+-		mangle_check_cache( mask );
++		mangle_check_cache( mask, sizeof(pstring)-1 );
+ 
+ 	has_wild = ms_has_wild(mask);
+ 
+@@ -4463,7 +4463,7 @@ int reply_copy(connection_struct *conn, 
+    */
+ 
+   if (!rc && mangle_is_mangled(mask))
+-    mangle_check_cache( mask );
++    mangle_check_cache( mask, sizeof(pstring)-1 );
+ 
+   has_wild = ms_has_wild(mask);
+
author	taca <taca@pkgsrc.org>	2004-07-23 16:45:42 +0000
committer	taca <taca@pkgsrc.org>	2004-07-23 16:45:42 +0000
commit	afec9150e5b628783379068ef2b96aee83afb01d (patch)
tree	463ccb56a4999b6e92ef3d81a48be8e75fd4fef1 /net/ja-samba
parent	90d4244332f2ff5540d7ef12aad383dbbd248014 (diff)
download	pkgsrc-afec9150e5b628783379068ef2b96aee83afb01d.tar.gz