svn commit: r471963 - in head/net/samba48: . files
Timur I. Bakeyev
timur at FreeBSD.org
Fri Jun 8 01:09:14 UTC 2018
Author: timur
Date: Fri Jun 8 01:09:10 2018
New Revision: 471963
URL: https://svnweb.freebsd.org/changeset/ports/471963
Log:
Update port to 4.8.2 version. That fixes major bug with the AD/DC upgrade from the previous versions:
* After update to 4.8.0 DC failed with "Failed to find our own NTDS Settings objectGUID" (bug #13335).
* Fix to the vfs_streams_xattr module which was corrupting AFP_AfpInfo attributes.
* Fix provisioning on the UFS2.
* Allow access to the .zfs/ hidden directory.
* Fix logging to the UTMP
Sponsored by: iXsystems Inc.
Added:
head/net/samba48/files/0001-bug-13175.patch (contents, props changed)
head/net/samba48/files/0001-bug-13427.patch (contents, props changed)
head/net/samba48/files/0001-bug-228462.patch (contents, props changed)
head/net/samba48/files/patch-dbwrap (contents, props changed)
head/net/samba48/files/patch-includes.h (contents, props changed)
head/net/samba48/files/patch-libgpo__wscript_build (contents, props changed)
head/net/samba48/files/patch-source3__smbd__utmp.c (contents, props changed)
head/net/samba48/files/patch-source4__kdc__kdc-service-mit.c (contents, props changed)
head/net/samba48/files/patch-vfs_full_audit.c (contents, props changed)
Deleted:
head/net/samba48/files/patch-source4__dsdb__samdb__ldb_modules__encrypted_secrets.c
Modified:
head/net/samba48/Makefile
head/net/samba48/distinfo
head/net/samba48/files/0001-Zfs-provision-1.patch
head/net/samba48/files/patch-source3__wscript
head/net/samba48/files/patch-source3__wscript_build
head/net/samba48/files/patch-vfs_freebsd.c
head/net/samba48/files/patch-vfs_virusfilter
head/net/samba48/pkg-plist
Modified: head/net/samba48/Makefile
==============================================================================
--- head/net/samba48/Makefile Fri Jun 8 01:01:08 2018 (r471962)
+++ head/net/samba48/Makefile Fri Jun 8 01:09:10 2018 (r471963)
@@ -19,10 +19,13 @@ CONFLICTS_INSTALL?= samba4-4.0.* samba4[1-79]-4.* p5-
EXTRA_PATCHES+= ${PATCHDIR}/0001-Zfs-provision-1.patch:-p1
EXTRA_PATCHES+= ${PATCHDIR}/0001-Freenas-master-mdns-fixes-22.patch:-p1
+EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13427.patch:-p1
+EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13175.patch:-p1
+EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-228462.patch:-p1
SAMBA4_BASENAME= samba
SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4
-SAMBA4_VERSION= 4.8.0
+SAMBA4_VERSION= 4.8.2
SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
WRKSRC?= ${WRKDIR}/${DISTNAME}
@@ -86,7 +89,7 @@ OPTIONS_SUB= yes
OPTIONS_DEFINE= AD_DC ADS DEBUG DOCS FAM LDAP \
QUOTAS SYSLOG UTMP PROFILE
# Make those default options
-OPTIONS_DEFAULT:= ${OPTIONS_DEFINE}
+OPTIONS_DEFAULT:= ${OPTIONS_DEFINE} GSSAPI_BUILTIN
# This shouldn't be default in the release
OPTIONS_DEFINE+= DEVELOPER MANDOC
@@ -94,12 +97,17 @@ OPTIONS_DEFINE_amd64= AESNI
OPTIONS_DEFAULT_amd64= AESNI
OPTIONS_DEFINE+= CUPS GPGME NTVFS SPOTLIGHT
+#OPTIONS_DEFINE+= MEMORY_DEBUG
+OPTIONS_SINGLE= GSSAPI
+# GSSAPI_HEIMDAL
+OPTIONS_SINGLE_GSSAPI= GSSAPI_BUILTIN GSSAPI_MIT
+
OPTIONS_RADIO= DNS ZEROCONF
OPTIONS_RADIO_DNS= NSUPDATE BIND99 BIND910 BIND911
OPTIONS_RADIO_ZEROCONF= MDNSRESPONDER AVAHI
##############################################################################
-AD_DC_DESC= Active Directory Domain Controller
+AD_DC_DESC= Active Directory Domain Controller(implies LDAP)
ADS_DESC= Active Directory client(implies LDAP)
AESNI_DESC= Accelerated AES crypto functions(amd64 only)
CLUSTER_DESC= Clustering
@@ -111,12 +119,15 @@ LDAP_DESC= LDAP client
LIBZFS_DESC= LibZFS
SPOTLIGHT_DESC= Spotlight
MANDOC_DESC= Build manpages from DOCBOOK templates
+MEMORY_DEBUG_DESC= Debug memory allocation
NTVFS_DESC= Build *DEPRECATED* NTVFS file server
PICKY_DEVELOPER_DESC= Treat compiler warnings as errors(implies DEVELOPER)
PROFILE_DESC= Profiling data
QUOTAS_DESC= Disk quota
UTMP_DESC= UTMP accounting
+GSSAPI_BUILTIN_DESC= GSSAPI support via bundled Heimdal
+
BIND99_DESC= Use Bind 9.9 as AD DC DNS server frontend
BIND910_DESC= Use Bind 9.10 as AD DC DNS server frontend
BIND911_DESC= Use Bind 9.11 as AD DC DNS server frontend
@@ -171,8 +182,8 @@ PLIST_SUB+= SAMBA4_BUNDLED_TALLOC=""
SUB_LIST+= SAMBA4_BUNDLED_TALLOC=""
.else
SAMBA4_BUNDLED_LIBS+= !talloc
-BUILD_DEPENDS+= talloc>=2.1.11:devel/talloc
-RUN_DEPENDS+= talloc>=2.1.11:devel/talloc
+BUILD_DEPENDS+= talloc>=2.1.13:devel/talloc
+RUN_DEPENDS+= talloc>=2.1.13:devel/talloc
PLIST_SUB+= SAMBA4_BUNDLED_TALLOC="@comment "
SUB_LIST+= SAMBA4_BUNDLED_TALLOC="@comment "
.endif
@@ -211,8 +222,8 @@ PLIST_SUB+= SAMBA4_BUNDLED_LDB=""
SUB_LIST+= SAMBA4_BUNDLED_LDB=""
.else
. if ${SAMBA4_LDB} == 13
-BUILD_DEPENDS+= ldb13>=1.3.2:databases/ldb13
-RUN_DEPENDS+= ldb13>=1.3.2:databases/ldb13
+BUILD_DEPENDS+= ldb13>=1.3.3:databases/ldb13
+RUN_DEPENDS+= ldb13>=1.3.3:databases/ldb13
. elif ${SAMBA4_LDB} == 12
BUILD_DEPENDS+= ldb12>=1.2.3:databases/ldb12
RUN_DEPENDS+= ldb12>=1.2.3:databases/ldb12
@@ -256,7 +267,6 @@ CONFIGURE_ARGS+= \
--with-sendfile-support \
--disable-ctdb-tests \
${ICONV_CONFIGURE_BASE}
-
##############################################################################
BIND99_RUN_DEPENDS= bind99>=9.9.0.0:dns/bind99
BIND910_RUN_DEPENDS= bind910>=9.10.0.0:dns/bind910
@@ -272,6 +282,10 @@ MDNSRESPONDER_LIB_DEPENDS= libdns_sd.so:net/mDNSRespon
DEBUG_CONFIGURE_ON= --verbose --enable-debug
DEBUG_MAKE_ARGS= --verbose
DEBUG_FLAGS= -g -ggdb3 -O0
+
+MEMORY_DEBUG_IMPLIES= DEBUG
+MEMORY_DEBUG_CONFIGURE_ENV= ADDITIONAL_CFLAGS="-DENABLE_JEMALLOC `pkg-config --cflags jemalloc`" ADDITIONAL_LDFLAGS="`pkg-config --libs jemalloc`"
+MEMORY_DEBUG_LIB_DEPENDS= libjemalloc.so.2:devel/jemalloc
# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194046
GDB_CMD?= ${LOCALBASE}/bin/gdb
# https://bugzilla.samba.org/show_bug.cgi?id=8969
@@ -328,6 +342,10 @@ LDAP_CONFIGURE_ON= --with-openldap=${LOCALBASE}
LDAP_USE= OPENLDAP=yes
LDAP_VARS= SAMBA4_MODULES+=idmap_ldap
+GSSAPI_MIT_CONFIGURE_ON= --with-system-mitkrb5 ${GSSAPIBASEDIR} \
+ --with-system-mitkdc=${GSSAPIBASEDIR}/sbin/krb5kdc
+GSSAPI_MIT_USES= gssapi:mit
+
LIBZFS_CONFIGURE_WITH= libzfs
LIBZFS_VARS= SAMBA4_MODULES+=vfs_zfs_space
@@ -459,6 +477,10 @@ PLIST_FILES+= lib/samba4/private/libaesni-intel-samb
.else
CONFIGURE_ARGS+= --accel-aes=none
.endif
+
+.if ${PORT_OPTIONS:MAD_DC} && ${PORT_OPTIONS:MGSSAPI_MIT}
+PLIST_FILES+= lib/samba4/krb5/plugins/kdb/samba.so
+.endif
# for libexecinfo: (so that __builtin_frame_address() finds the top of the stack)
CFLAGS_amd64+= -fno-omit-frame-pointer
# No fancy color error messages
@@ -508,6 +530,12 @@ post-patch:
# Use threading (or multiprocessing) but not thread (renamed in python 3+).
pre-configure:
+.if ! ${PORT_OPTIONS:MAD_DC} && ${PORT_OPTIONS:MNTVFS}
+ @${ECHO_CMD}; \
+ ${ECHO_MSG} "===> NTVFS option requires AD_DC to be set"; \
+ ${ECHO_CMD}; \
+ ${FALSE}
+.endif
@if ! ${PYTHON_CMD} -c "import multiprocessing;" 2>/dev/null; then \
${ECHO_CMD}; \
${ECHO_MSG} "===> ${PKGNAME} "${IGNORE_NONTHREAD_PYTHON:Q}.; \
Modified: head/net/samba48/distinfo
==============================================================================
--- head/net/samba48/distinfo Fri Jun 8 01:01:08 2018 (r471962)
+++ head/net/samba48/distinfo Fri Jun 8 01:09:10 2018 (r471963)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1520983130
-SHA256 (samba-4.8.0.tar.gz) = 87d9b585dbd8628e79aabb6e621a94bd20a072a00762e78e0899fad22fc18fb7
-SIZE (samba-4.8.0.tar.gz) = 17659751
+TIMESTAMP = 1526478569
+SHA256 (samba-4.8.2.tar.gz) = 62e552296d49e6ab44bb87d120a288813fa52e42435d53a1f71b77596512bf22
+SIZE (samba-4.8.2.tar.gz) = 17675145
Modified: head/net/samba48/files/0001-Zfs-provision-1.patch
==============================================================================
--- head/net/samba48/files/0001-Zfs-provision-1.patch Fri Jun 8 01:01:08 2018 (r471962)
+++ head/net/samba48/files/0001-Zfs-provision-1.patch Fri Jun 8 01:09:10 2018 (r471963)
@@ -26,16 +26,15 @@ diff --git a/python/samba/provision/__init__.py b/pyth
index 5de986463a5..cd3b91f41b9 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
-@@ -1556,19 +1556,25 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain,
+@@ -1556,19 +1556,24 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain,
s3conf = s3param.get_context()
s3conf.load(lp.configfile)
- file = tempfile.NamedTemporaryFile(dir=os.path.abspath(sysvol))
+ sysvol_dir = os.path.abspath(sysvol)
+
-+ if smbd.has_posix_acls(sysvol_dir):
-+ set_simple_acl = smbd.set_simple_acl
-+ elif smbd.has_nfsv4_acls(sysvol_dir):
++ set_simple_acl = smbd.set_simple_acl
++ if smbd.has_nfsv4_acls(sysvol_dir):
+ set_simple_acl = smbd.set_simple_nfsv4_acl
+
+ file = tempfile.NamedTemporaryFile(dir=sysvol_dir)
Added: head/net/samba48/files/0001-bug-13175.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/0001-bug-13175.patch Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,143 @@
+From 60bdced298831b2750ce785e01891e4aeb79f0dc Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow at samba.org>
+Date: Fri, 18 May 2018 13:14:57 +0200
+Subject: [PATCH 1/2] s3:smbd: make psbuf arg to make_default_acl_posix() const
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
+
+Signed-off-by: Ralph Boehme <slow at samba.org>
+---
+ source3/smbd/posix_acls.c | 8 ++++----
+ source3/smbd/proto.h | 2 +-
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
+index 8d42535d877..6396f818176 100644
+--- a/source3/smbd/posix_acls.c
++++ b/source3/smbd/posix_acls.c
+@@ -4779,7 +4779,7 @@ int posix_sys_acl_blob_get_fd(vfs_handle_struct *handle,
+
+ static NTSTATUS make_default_acl_posix(TALLOC_CTX *ctx,
+ const char *name,
+- SMB_STRUCT_STAT *psbuf,
++ const SMB_STRUCT_STAT *psbuf,
+ struct security_descriptor **ppdesc)
+ {
+ struct dom_sid owner_sid, group_sid;
+@@ -4886,7 +4886,7 @@ static NTSTATUS make_default_acl_posix(TALLOC_CTX *ctx,
+
+ static NTSTATUS make_default_acl_windows(TALLOC_CTX *ctx,
+ const char *name,
+- SMB_STRUCT_STAT *psbuf,
++ const SMB_STRUCT_STAT *psbuf,
+ struct security_descriptor **ppdesc)
+ {
+ struct dom_sid owner_sid, group_sid;
+@@ -4958,7 +4958,7 @@ static NTSTATUS make_default_acl_windows(TALLOC_CTX *ctx,
+
+ static NTSTATUS make_default_acl_everyone(TALLOC_CTX *ctx,
+ const char *name,
+- SMB_STRUCT_STAT *psbuf,
++ const SMB_STRUCT_STAT *psbuf,
+ struct security_descriptor **ppdesc)
+ {
+ struct dom_sid owner_sid, group_sid;
+@@ -5022,7 +5022,7 @@ NTSTATUS make_default_filesystem_acl(
+ TALLOC_CTX *ctx,
+ enum default_acl_style acl_style,
+ const char *name,
+- SMB_STRUCT_STAT *psbuf,
++ const SMB_STRUCT_STAT *psbuf,
+ struct security_descriptor **ppdesc)
+ {
+ NTSTATUS status;
+diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
+index bee7acadeea..262338d81e4 100644
+--- a/source3/smbd/proto.h
++++ b/source3/smbd/proto.h
+@@ -819,7 +819,7 @@ NTSTATUS make_default_filesystem_acl(
+ TALLOC_CTX *ctx,
+ enum default_acl_style acl_style,
+ const char *name,
+- SMB_STRUCT_STAT *psbuf,
++ const SMB_STRUCT_STAT *psbuf,
+ struct security_descriptor **ppdesc);
+
+ /* The following definitions come from smbd/process.c */
+--
+2.13.6
+
+
+From 0918370e20156e4a21a0c244b963b672ed6b46b1 Mon Sep 17 00:00:00 2001
+From: Ralph Boehme <slow at samba.org>
+Date: Tue, 5 Dec 2017 08:28:28 +0100
+Subject: [PATCH 2/2] vfs_zfsacl: return synthesized ACL when ZFS return
+ ENOTSUP
+
+This allows accessing the ZFS .snapshots directory where ZFS returns
+ENOTSUP when calling acl(".snapshots").
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13175
+
+Signed-off-by: Ralph Boehme <slow at samba.org>
+---
+ source3/modules/vfs_zfsacl.c | 36 ++++++++++++++++++++++++++++++++++--
+ 1 file changed, 34 insertions(+), 2 deletions(-)
+
+diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c
+index 0bc4ba6604f..43e41f95c1a 100644
+--- a/source3/modules/vfs_zfsacl.c
++++ b/source3/modules/vfs_zfsacl.c
+@@ -238,7 +238,20 @@ static NTSTATUS zfsacl_fget_nt_acl(struct vfs_handle_struct *handle,
+ fsp->fsp_name, &pacl);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+- return status;
++ if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
++ return status;
++ }
++
++ status = make_default_filesystem_acl(mem_ctx,
++ DEFAULT_ACL_POSIX,
++ fsp->fsp_name->base_name,
++ &fsp->fsp_name->st,
++ ppdesc);
++ if (!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
++ (*ppdesc)->type |= SEC_DESC_DACL_PROTECTED;
++ return NT_STATUS_OK;
+ }
+
+ status = smb_fget_nt_acl_nfs4(fsp, NULL, security_info, mem_ctx,
+@@ -260,7 +273,26 @@ static NTSTATUS zfsacl_get_nt_acl(struct vfs_handle_struct *handle,
+ status = zfs_get_nt_acl_common(handle->conn, frame, smb_fname, &pacl);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
+- return status;
++ if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
++ return status;
++ }
++
++ if (!VALID_STAT(smb_fname->st)) {
++ DBG_ERR("No stat info for [%s]\n",
++ smb_fname_str_dbg(smb_fname));
++ return NT_STATUS_INTERNAL_ERROR;
++ }
++
++ status = make_default_filesystem_acl(mem_ctx,
++ DEFAULT_ACL_POSIX,
++ smb_fname->base_name,
++ &smb_fname->st,
++ ppdesc);
++ if (!NT_STATUS_IS_OK(status)) {
++ return status;
++ }
++ (*ppdesc)->type |= SEC_DESC_DACL_PROTECTED;
++ return NT_STATUS_OK;
+ }
+
+ status = smb_get_nt_acl_nfs4(handle->conn,
+--
+2.13.6
+
Added: head/net/samba48/files/0001-bug-13427.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/0001-bug-13427.patch Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,213 @@
+From 31e168958987826ab7cce61b854daf2a8f3f2adb Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze at samba.org>
+Date: Wed, 9 May 2018 13:30:13 +0200
+Subject: [PATCH 1/3] auth/ntlmssp: add ntlmssp_client:ldap_style_send_seal
+ option
+
+This will be used to similate a Windows client only
+using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL
+on an LDAP connection, which is indicated internally by
+GENSEC_FEATURE_LDAP_STYLE.
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
+
+Signed-off-by: Stefan Metzmacher <metze at samba.org>
+Reviewed-by: Andrew Bartlett <abartlet at samba.org>
+(cherry picked from commit 7f2bebf09cd8056b3f901dd9ff1fc9e9525f3e9d)
+---
+ auth/ntlmssp/ntlmssp_client.c | 24 +++++++++++++++++-------
+ 1 file changed, 17 insertions(+), 7 deletions(-)
+
+diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c
+index db2003f0d6b..54fda41b534 100644
+--- a/auth/ntlmssp/ntlmssp_client.c
++++ b/auth/ntlmssp/ntlmssp_client.c
+@@ -865,13 +865,23 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
+ * is requested.
+ */
+ ntlmssp_state->force_wrap_seal = true;
+- /*
+- * We want also work against old Samba servers
+- * which didn't had GENSEC_FEATURE_LDAP_STYLE
+- * we negotiate SEAL too. We may remove this
+- * in a few years. As all servers should have
+- * GENSEC_FEATURE_LDAP_STYLE by then.
+- */
++ }
++ }
++ if (ntlmssp_state->force_wrap_seal) {
++ bool ret;
++
++ /*
++ * We want also work against old Samba servers
++ * which didn't had GENSEC_FEATURE_LDAP_STYLE
++ * we negotiate SEAL too. We may remove this
++ * in a few years. As all servers should have
++ * GENSEC_FEATURE_LDAP_STYLE by then.
++ */
++ ret = gensec_setting_bool(gensec_security->settings,
++ "ntlmssp_client",
++ "ldap_style_send_seal",
++ true);
++ if (ret) {
+ ntlmssp_state->required_flags |= NTLMSSP_NEGOTIATE_SEAL;
+ }
+ }
+--
+2.14.3
+
+
+From 1734791570ff0eb57a04fef779a093c20c83ed9d Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze at samba.org>
+Date: Wed, 9 May 2018 13:33:05 +0200
+Subject: [PATCH 2/3] s4:selftest: run test_ldb_simple.sh with more auth
+ options
+
+This demonstrates the broken GENSEC_FEATURE_LDAP_STYLE
+handling in our LDAP server.
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
+
+Signed-off-by: Stefan Metzmacher <metze at samba.org>
+Reviewed-by: Andrew Bartlett <abartlet at samba.org>
+(cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782)
+---
+ selftest/knownfail.d/ntlmssp_ldap_style_send_seal | 1 +
+ source4/selftest/tests.py | 7 +++++++
+ 2 files changed, 8 insertions(+)
+ create mode 100644 selftest/knownfail.d/ntlmssp_ldap_style_send_seal
+
+diff --git a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal
+new file mode 100644
+index 00000000000..0cd7cc2ea39
+--- /dev/null
++++ b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal
+@@ -0,0 +1 @@
++^samba4.ldb.simple.ldap.*ldap_style_send_seal=no
+diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
+index 621a61347bc..226617f3b6a 100755
+--- a/source4/selftest/tests.py
++++ b/source4/selftest/tests.py
+@@ -116,6 +116,13 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]:
+ '--option=clientldapsaslwrapping=plain',
+ '--sign',
+ '--encrypt',
++ '-k yes --option=clientldapsaslwrapping=plain',
++ '-k yes --sign',
++ '-k yes --encrypt',
++ '-k no --option=clientldapsaslwrapping=plain',
++ '-k no --sign --option=ntlmssp_client:ldap_style_send_seal=no',
++ '-k no --sign',
++ '-k no --encrypt',
+ ]
+
+ for auth_option in auth_options:
+--
+2.14.3
+
+
+From 4b612bcfb938a49b2725e913a95004bd9fa6c3c3 Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze at samba.org>
+Date: Mon, 7 May 2018 14:50:27 +0200
+Subject: [PATCH 3/3] auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE
+ as a server
+
+This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!"
+error messages, which were generated if the client only sends
+NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP
+connection.
+
+This fixes a regession in the combination of commits
+77adac8c3cd2f7419894d18db735782c9646a202 and
+3a0b835408a6efa339e8b34333906bfe3aacd6e3.
+
+We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end
+of the authentication (as a server, while we already
+do so at the beginning as a client).
+
+As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE
+(as an internal flag) in order to let us work as a
+Windows using NTLMSSP for LDAP. Even if only signing is
+negotiated during the authentication the following PDUs
+will still be encrypted if NTLMSSP is used. This is exactly the
+same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL.
+I guess it's a bug in Windows, but we have to reimplement that
+bug. Note this only applies to NTLMSSP and only to LDAP!
+Signing only works fine for LDAP with Kerberos
+or DCERPC and NTLMSSP.
+
+Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427
+
+Signed-off-by: Stefan Metzmacher <metze at samba.org>
+Reviewed-by: Andrew Bartlett <abartlet at samba.org>
+
+Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
+Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144
+
+(cherry picked from commit c7a3ce95ac4ce837d8fde36578b3b1f56c3ac2fa)
+---
+ auth/ntlmssp/gensec_ntlmssp_server.c | 19 -------------------
+ auth/ntlmssp/ntlmssp_server.c | 8 ++++++++
+ selftest/knownfail.d/ntlmssp_ldap_style_send_seal | 1 -
+ 3 files changed, 8 insertions(+), 20 deletions(-)
+ delete mode 100644 selftest/knownfail.d/ntlmssp_ldap_style_send_seal
+
+diff --git a/auth/ntlmssp/gensec_ntlmssp_server.c b/auth/ntlmssp/gensec_ntlmssp_server.c
+index c0e6cff5952..ab92f4d0c09 100644
+--- a/auth/ntlmssp/gensec_ntlmssp_server.c
++++ b/auth/ntlmssp/gensec_ntlmssp_server.c
+@@ -179,25 +179,6 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
+ ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
+ ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
+
+- if (gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) {
+- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
+- }
+- if (gensec_security->want_features & GENSEC_FEATURE_SIGN) {
+- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
+-
+- if (gensec_security->want_features & GENSEC_FEATURE_LDAP_STYLE) {
+- /*
+- * We need to handle NTLMSSP_NEGOTIATE_SIGN as
+- * NTLMSSP_NEGOTIATE_SEAL if GENSEC_FEATURE_LDAP_STYLE
+- * is requested.
+- */
+- ntlmssp_state->force_wrap_seal = true;
+- }
+- }
+- if (gensec_security->want_features & GENSEC_FEATURE_SEAL) {
+- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;
+- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
+- }
+
+ if (role == ROLE_STANDALONE) {
+ ntlmssp_state->server.is_standalone = true;
+diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c
+index 37ed2bc9565..140e89daeb1 100644
+--- a/auth/ntlmssp/ntlmssp_server.c
++++ b/auth/ntlmssp/ntlmssp_server.c
+@@ -1080,6 +1080,14 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security,
+ data_blob_free(&ntlmssp_state->challenge_blob);
+
+ if (gensec_ntlmssp_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
++ if (gensec_security->want_features & GENSEC_FEATURE_LDAP_STYLE) {
++ /*
++ * We need to handle NTLMSSP_NEGOTIATE_SIGN as
++ * NTLMSSP_NEGOTIATE_SEAL if GENSEC_FEATURE_LDAP_STYLE
++ * is requested.
++ */
++ ntlmssp_state->force_wrap_seal = true;
++ }
+ nt_status = ntlmssp_sign_init(ntlmssp_state);
+ }
+
+diff --git a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal
+deleted file mode 100644
+index 0cd7cc2ea39..00000000000
+--- a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal
++++ /dev/null
+@@ -1 +0,0 @@
+-^samba4.ldb.simple.ldap.*ldap_style_send_seal=no
+--
+2.14.3
+
Added: head/net/samba48/files/0001-bug-228462.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/0001-bug-228462.patch Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,146 @@
+From d9b748869a8f4018ebee302aae8246bf29f60309 Mon Sep 17 00:00:00 2001
+From: "Timur I. Bakeyev" <timur at iXsystems.com>
+Date: Fri, 1 Jun 2018 01:35:08 +0800
+Subject: [PATCH 1/2] vfs_fruit: allow broken AFP_Signature where the first
+ byte is 0
+
+FreeBSD bug ... caused the first byte of the AFP_AfpInfo xattr to be 0
+instead of 'A'. This hack allows such broken AFP_AfpInfo blobs to be
+parsed by afpinfo_unpack().
+
+FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462
+
+Signed-off-by: Ralph Boehme <slow at samba.org>
+---
+ source3/modules/vfs_fruit.c | 32 ++++++++++++++++++++++++--------
+ 1 file changed, 24 insertions(+), 8 deletions(-)
+
+diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
+index df3cd0c899e..d84e6991036 100644
+--- a/source3/modules/vfs_fruit.c
++++ b/source3/modules/vfs_fruit.c
+@@ -485,8 +485,9 @@ static int adouble_path(TALLOC_CTX *ctx,
+ struct smb_filename **ppsmb_fname_out);
+ static AfpInfo *afpinfo_new(TALLOC_CTX *ctx);
+ static ssize_t afpinfo_pack(const AfpInfo *ai, char *buf);
+-static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data);
+-
++static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx,
++ const void *data,
++ const struct smb_filename *smb_fname);
+
+ /**
+ * Return a pointer to an AppleDouble entry
+@@ -2073,13 +2074,17 @@ static ssize_t afpinfo_pack(const AfpInfo *ai, char *buf)
+ return AFP_INFO_SIZE;
+ }
+
++#define BROKEN_FREEBSD_AFP_Signature 0x00465000
++
+ /**
+ * Unpack a buffer into a AfpInfo structure
+ *
+ * Buffer size must be at least AFP_INFO_SIZE
+ * Returns allocated AfpInfo struct
+ **/
+-static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data)
++static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx,
++ const void *data,
++ const struct smb_filename *smb_fname)
+ {
+ AfpInfo *ai = talloc_zero(ctx, AfpInfo);
+ if (ai == NULL) {
+@@ -2092,10 +2097,21 @@ static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data)
+ memcpy(ai->afpi_FinderInfo, (const char *)data + 16,
+ sizeof(ai->afpi_FinderInfo));
+
+- if (ai->afpi_Signature != AFP_Signature
+- || ai->afpi_Version != AFP_Version) {
+- DEBUG(1, ("Bad AfpInfo signature or version\n"));
++ if (ai->afpi_Signature != AFP_Signature) {
++ DBG_WARNING("Bad signature [%x] on [%s]\n",
++ ai->afpi_Signature, smb_fname_str_dbg(smb_fname));
++
++ if (ai->afpi_Signature != BROKEN_FREEBSD_AFP_Signature) {
++ DBG_ERR("Bad AfpInfo signature\n");
++ TALLOC_FREE(ai);
++ return NULL;
++ }
++ }
++
++ if (ai->afpi_Version != AFP_Version) {
++ DBG_ERR("Bad AfpInfo version\n");
+ TALLOC_FREE(ai);
++ return NULL;
+ }
+
+ return ai;
+@@ -4222,7 +4238,7 @@ static ssize_t fruit_pwrite_meta_stream(vfs_handle_struct *handle,
+ size_t nwritten;
+ bool ok;
+
+- ai = afpinfo_unpack(talloc_tos(), data);
++ ai = afpinfo_unpack(talloc_tos(), data, fsp->fsp_name);
+ if (ai == NULL) {
+ return -1;
+ }
+@@ -4260,7 +4276,7 @@ static ssize_t fruit_pwrite_meta_netatalk(vfs_handle_struct *handle,
+ int ret;
+ bool ok;
+
+- ai = afpinfo_unpack(talloc_tos(), data);
++ ai = afpinfo_unpack(talloc_tos(), data, fsp->fsp_name);
+ if (ai == NULL) {
+ return -1;
+ }
+--
+2.16.3
+
+
+From 83ce03a278ec9d15b595f4daf8da1641d27ebdd6 Mon Sep 17 00:00:00 2001
+From: "Timur I. Bakeyev" <timur at iXsystems.com>
+Date: Fri, 1 Jun 2018 01:35:58 +0800
+Subject: [PATCH 2/2] vfs_streams_xattr: don't append 0 byte when creating
+ xattr
+
+Upstream Samba always appends an internal 0-byte to xattrs to cope
+with filesytems or systems that don't support 0-byte sized xattrs.
+
+An older patch already remove this behaviour from the read and write
+code paths, but didn't remove it from the create codepath.
+
+FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462
+
+Signed-off-by: Ralph Boehme <slow at samba.org>
+---
+ source3/modules/vfs_streams_xattr.c | 8 +-------
+ 1 file changed, 1 insertion(+), 7 deletions(-)
+
+diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c
+index 8714007cb8d..5f3dfb30beb 100644
+--- a/source3/modules/vfs_streams_xattr.c
++++ b/source3/modules/vfs_streams_xattr.c
+@@ -476,19 +476,13 @@ static int streams_xattr_open(vfs_handle_struct *handle,
+ /*
+ * The attribute does not exist or needs to be truncated
+ */
+-
+- /*
+- * Darn, xattrs need at least 1 byte
+- */
+- char null = '\0';
+-
+ DEBUG(10, ("creating or truncating attribute %s on file %s\n",
+ xattr_name, smb_fname->base_name));
+
+ ret = SMB_VFS_SETXATTR(fsp->conn,
+ smb_fname,
+ xattr_name,
+- &null, sizeof(null),
++ NULL, 0,
+ flags & O_EXCL ? XATTR_CREATE : 0);
+ if (ret != 0) {
+ goto fail;
+--
+2.16.3
+
Added: head/net/samba48/files/patch-dbwrap
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/patch-dbwrap Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,96 @@
+--- lib/dbwrap/dbwrap.c.orig 2018-01-17 10:08:39 UTC
++++ lib/dbwrap/dbwrap.c
+@@ -28,6 +28,9 @@
+ #include "lib/util/util_tdb.h"
+ #include "lib/util/tevent_ntstatus.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ /*
+ * Fall back using fetch if no genuine exists operation is provided
+ */
+--- lib/dbwrap/dbwrap_local_open.c.orig 2018-01-14 21:41:58.000000000 +0100
++++ lib/dbwrap/dbwrap_local_open.c 2018-03-29 23:49:51.888588000 +0200
+@@ -24,6 +24,9 @@
+ #include "tdb.h"
+ #include "lib/param/param.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ struct db_context *dbwrap_local_open(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
+ const char *name,
+--- lib/dbwrap/dbwrap_rbt.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ lib/dbwrap/dbwrap_rbt.c 2018-03-29 23:50:13.427755000 +0200
+@@ -24,6 +24,9 @@
+ #include "../lib/util/rbtree.h"
+ #include "../lib/util/dlinklist.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ #define DBWRAP_RBT_ALIGN(_size_) (((_size_)+15)&~15)
+
+ struct db_rbt_ctx {
+--- lib/dbwrap/dbwrap_tdb.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ lib/dbwrap/dbwrap_tdb.c 2018-03-29 23:50:40.789642000 +0200
+@@ -27,6 +27,9 @@
+ #include "lib/param/param.h"
+ #include "libcli/util/error.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ struct db_tdb_ctx {
+ struct tdb_wrap *wtdb;
+
+--- lib/dbwrap/dbwrap_util.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ lib/dbwrap/dbwrap_util.c 2018-03-29 23:51:35.907061000 +0200
+@@ -26,6 +26,9 @@
+ #include "dbwrap.h"
+ #include "lib/util/util_tdb.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ struct dbwrap_fetch_int32_state {
+ NTSTATUS status;
+ int32_t result;
+--- source3/lib/dbwrap/dbwrap_ctdb.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ source3/lib/dbwrap/dbwrap_ctdb.c 2018-03-29 23:57:41.784931000 +0200
+@@ -38,6 +38,9 @@
+ #include "lib/cluster_support.h"
+ #include "lib/util/tevent_ntstatus.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ struct db_ctdb_transaction_handle {
+ struct db_ctdb_ctx *ctx;
+ /*
+--- source3/lib/dbwrap/dbwrap_open.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ source3/lib/dbwrap/dbwrap_open.c 2018-03-29 23:57:54.680614000 +0200
+@@ -31,6 +31,9 @@
+ #include "ctdbd_conn.h"
+ #include "messages.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ bool db_is_local(const char *name)
+ {
+ const char *sockname = lp_ctdbd_socket();
+--- source3/lib/dbwrap/dbwrap_watch.c.orig 2018-01-17 09:08:39.000000000 +0100
++++ source3/lib/dbwrap/dbwrap_watch.c 2018-03-29 23:58:09.746298000 +0200
+@@ -28,6 +28,9 @@
+ #include "server_id_watch.h"
+ #include "lib/dbwrap/dbwrap_private.h"
+
++#undef DBGC_CLASS
++#define DBGC_CLASS DBGC_LOCKING
++
+ static ssize_t dbwrap_record_watchers_key(struct db_context *db,
+ struct db_record *rec,
+ uint8_t *wkey, size_t wkey_len)
Added: head/net/samba48/files/patch-includes.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/patch-includes.h Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,11 @@
+--- source3/include/includes.h.orig 2018-04-03 05:23:35 UTC
++++ source3/include/includes.h
+@@ -323,6 +323,8 @@ typedef char fstring[FSTRING_LEN];
+ * the *bottom* of include files so as not to conflict. */
+ #ifdef ENABLE_DMALLOC
+ # include <dmalloc.h>
++#elif ENABLE_JEMALLOC
++# include <jemalloc/jemalloc.h>
+ #endif
+
+
Added: head/net/samba48/files/patch-libgpo__wscript_build
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/patch-libgpo__wscript_build Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,9 @@
+--- libgpo/wscript_build.orig 2018-05-22 10:47:26 UTC
++++ libgpo/wscript_build
+@@ -10,4 +10,5 @@ bld.SAMBA3_LIBRARY('gpext',
+ bld.SAMBA3_PYTHON('python_samba_libgpo', 'pygpo.c',
+ deps='''pyparam_util gpext talloc ads TOKEN_UTIL
+ auth pyrpc_util''',
+- realname='samba/gpo.so')
++ realname='samba/gpo.so',
++ enabled=bld.CONFIG_SET('HAVE_LDAP'))
Added: head/net/samba48/files/patch-source3__smbd__utmp.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/samba48/files/patch-source3__smbd__utmp.c Fri Jun 8 01:09:10 2018 (r471963)
@@ -0,0 +1,261 @@
+--- source3/smbd/utmp.c.orig 2018-01-15 04:41:58.000000000 +0800
++++ source3/smbd/utmp.c 2018-05-25 14:06:42.746302000 +0800
+@@ -257,7 +257,7 @@ static char *uw_pathname(TALLOC_CTX *ctx
+ Update utmp file directly. No subroutine interface: probably a BSD system.
+ ****************************************************************************/
+
+-static void pututline_my(const char *uname, struct utmp *u, bool claim)
++static void pututline_my(const char *uname, STRUCT_UTMP *u, bool claim)
+ {
+ DEBUG(1,("pututline_my: not yet implemented\n"));
+ /* BSD implementor: may want to consider (or not) adjusting "lastlog" */
+@@ -271,7 +271,7 @@ static void pututline_my(const char *una
+ Credit: Michail Vidiassov <master at iaas.msu.ru>
+ ****************************************************************************/
+
+-static void updwtmp_my(const char *wname, struct utmp *u, bool claim)
++static void updwtmp_my(const char *wname, STRUCT_UTMP *u, bool claim)
+ {
+ int fd;
+ struct stat buf;
+@@ -303,7 +303,7 @@ static void updwtmp_my(const char *wname
+ if ((fd = open(wname, O_WRONLY|O_APPEND, 0)) < 0)
+ return;
+ if (fstat(fd, &buf) == 0) {
+- if (write(fd, (char *)u, sizeof(struct utmp)) != sizeof(struct utmp))
++ if (write(fd, (char *)u, sizeof(STRUCT_UTMP)) != sizeof(STRUCT_UTMP))
+ (void) ftruncate(fd, buf.st_size);
+ }
+ (void) close(fd);
+@@ -314,12 +314,12 @@ static void updwtmp_my(const char *wname
+ Update via utmp/wtmp (not utmpx/wtmpx).
+ ****************************************************************************/
+
+-static void utmp_nox_update(struct utmp *u, bool claim)
++static void utmp_nox_update(STRUCT_UTMP *u, bool claim)
+ {
+ char *uname = NULL;
+ char *wname = NULL;
+ #if defined(PUTUTLINE_RETURNS_UTMP)
+- struct utmp *urc;
++ STRUCT_UTMP *urc;
+ #endif /* PUTUTLINE_RETURNS_UTMP */
+
+ uname = uw_pathname(talloc_tos(), "utmp", ut_pathname);
+@@ -376,127 +376,52 @@ static void utmp_nox_update(struct utmp
+ }
+ }
+
+-/****************************************************************************
+- Copy a string in the utmp structure.
+-****************************************************************************/
+
+-static void utmp_strcpy(char *dest, const char *src, size_t n)
+-{
+- size_t len = 0;
+
+- memset(dest, '\0', n);
+- if (src)
+- len = strlen(src);
+- if (len >= n) {
+- memcpy(dest, src, n);
+- } else {
+- if (len)
+- memcpy(dest, src, len);
+- }
+-}
++
+
+ /****************************************************************************
+ Update via utmpx/wtmpx (preferred) or via utmp/wtmp.
+ ****************************************************************************/
+
+-static void sys_utmp_update(struct utmp *u, const char *hostname, bool claim)
++static void sys_utmp_update(STRUCT_UTMP *u, const char *hostname, bool claim)
+ {
+-#if !defined(HAVE_UTMPX_H)
+- /* No utmpx stuff. Drop to non-x stuff */
+- utmp_nox_update(u, claim);
+-#elif !defined(HAVE_PUTUTXLINE)
+- /* Odd. Have utmpx.h but no "pututxline()". Drop to non-x stuff */
+- DEBUG(1,("utmp_update: have utmpx.h but no pututxline() function\n"));
+- utmp_nox_update(u, claim);
+-#elif !defined(HAVE_GETUTMPX)
+- /* Odd. Have utmpx.h but no "getutmpx()". Drop to non-x stuff */
+- DEBUG(1,("utmp_update: have utmpx.h but no getutmpx() function\n"));
+- utmp_nox_update(u, claim);
+-#elif !defined(HAVE_UPDWTMPX)
+- /* Have utmpx.h but no "updwtmpx()". Drop to non-x stuff */
+- DEBUG(1,("utmp_update: have utmpx.h but no updwtmpx() function\n"));
+- utmp_nox_update(u, claim);
+-#else
+- char *uname = NULL;
+- char *wname = NULL;
+- struct utmpx ux, *uxrc;
+-
+- getutmpx(u, &ux);
+-
+-#if defined(HAVE_UX_UT_SYSLEN)
+- if (hostname)
+- ux.ut_syslen = strlen(hostname) + 1; /* include end NULL */
+- else
+- ux.ut_syslen = 0;
+-#endif
+-#if defined(HAVE_UT_UT_HOST)
+- utmp_strcpy(ux.ut_host, hostname, sizeof(ux.ut_host));
+-#endif
+-
+- uname = uw_pathname(talloc_tos(), "utmpx", ux_pathname);
+- wname = uw_pathname(talloc_tos(), "wtmpx", wx_pathname);
+- if (uname && wname) {
+- DEBUG(2,("utmp_update: uname:%s wname:%s\n", uname, wname));
+- }
++ STRUCT_UTMP *urc;
+
+- /*
+- * Check for either uname or wname being empty.
+- * Some systems, such as Redhat 6, have a "utmpx.h" which doesn't
+- * define default filenames.
+- * Also, our local installation has not provided an override.
+- * Drop to non-x method. (E.g. RH6 has good defaults in "utmp.h".)
+- */
+- if (!uname || !wname || (strlen(uname) == 0) || (strlen(wname) == 0)) {
+- utmp_nox_update(u, claim);
+- } else {
+- utmpxname(uname);
+- setutxent();
+- uxrc = pututxline(&ux);
+- endutxent();
+- if (uxrc == NULL) {
+- DEBUG(2,("utmp_update: pututxline() failed\n"));
+- return;
+- }
+- updwtmpx(wname, &ux);
++ setutxent();
++ urc = pututxline(u);
++ endutxent();
++ if (urc == NULL) {
++ DEBUG(2,("utmp_update: pututxline() failed\n"));
++ return;
+ }
+-#endif /* HAVE_UTMPX_H */
+ }
+
+ #if defined(HAVE_UT_UT_ID)
+ /****************************************************************************
+ Encode the unique connection number into "ut_id".
+ ****************************************************************************/
+-
+-static int ut_id_encode(int i, char *fourbyte)
++static void ut_id_encode(char *buf, int id, size_t buf_size)
+ {
+- int nbase;
+- const char *ut_id_encstr = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+-
+-/*
+- * 'ut_id_encstr' is the character set on which modulo arithmetic is done.
+- * Example: digits would produce the base-10 numbers from '001'.
+- */
+- nbase = strlen(ut_id_encstr);
++ const char ut_id_encstr[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+
+- fourbyte[0] = ut_id_encstr[i % nbase];
+- i /= nbase;
+- fourbyte[1] = ut_id_encstr[i % nbase];
+- i /= nbase;
+- fourbyte[3] = ut_id_encstr[i % nbase];
+- i /= nbase;
+- fourbyte[2] = ut_id_encstr[i % nbase];
+- i /= nbase;
++ int nbase = sizeof(ut_id_encstr) - 1;
++ /*
++ * 'ut_id_encstr' is the character set on which modulo arithmetic is done.
++ * Example: digits would produce the base-10 numbers from '001'.
++ */
+
+- /* we do not care about overflows as i is a random number */
+- return 0;
++ for(int i = 0; i < buf_size; i++) {
++ buf[i] = ut_id_encstr[id % nbase];
++ id /= nbase;
++ }
+ }
+ #endif /* defined(HAVE_UT_UT_ID) */
+
+-
+ /*
+ fill a system utmp structure given all the info we can gather
+ */
+-static bool sys_utmp_fill(struct utmp *u,
++static bool sys_utmp_fill(STRUCT_UTMP *u,
+ const char *username, const char *hostname,
+ const char *id_str, int id_num)
+ {
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-ports-all
mailing list