diff options
author | Christian Andreetta <satya@gentoo.org> | 2006-07-11 09:58:46 +0000 |
---|---|---|
committer | Christian Andreetta <satya@gentoo.org> | 2006-07-11 09:58:46 +0000 |
commit | 80ca3a254986dcc44aef05ae2d920194f2b05e74 (patch) | |
tree | c18d2b1a3461b44aa15b17942de43b2c3620a4fa /net-fs/samba | |
parent | Cleaning up (diff) | |
download | gentoo-2-80ca3a254986dcc44aef05ae2d920194f2b05e74.tar.gz gentoo-2-80ca3a254986dcc44aef05ae2d920194f2b05e74.tar.bz2 gentoo-2-80ca3a254986dcc44aef05ae2d920194f2b05e74.zip |
security memory DoS fix (CVE-2006-3403: bug #139369)
(Portage version: 2.1)
Diffstat (limited to 'net-fs/samba')
-rw-r--r-- | net-fs/samba/ChangeLog | 8 | ||||
-rw-r--r-- | net-fs/samba/files/digest-samba-3.0.22-r3 | 9 | ||||
-rw-r--r-- | net-fs/samba/samba-3.0.22-r3.ebuild | 310 |
3 files changed, 326 insertions, 1 deletions
diff --git a/net-fs/samba/ChangeLog b/net-fs/samba/ChangeLog index 1893ed25a364..781c990e2cab 100644 --- a/net-fs/samba/ChangeLog +++ b/net-fs/samba/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-fs/samba # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.242 2006/07/06 19:59:33 seemant Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/ChangeLog,v 1.243 2006/07/11 09:58:46 satya Exp $ + +*samba-3.0.22-r3 (11 Jul 2006) + + 11 Jul 2006; Christian Andreetta <satya@gentoo.org> + +samba-3.0.22-r3.ebuild: + security memory DoS fix (CVE-2006-3403: bug #139369) 06 Jul 2006; Seemant Kulleen <seemant@gentoo.org> samba-3.0.22-r2.ebuild: Add the fix for autoconf-2.60 reported by Polinik <polinik@lexx.eu.org> and diff --git a/net-fs/samba/files/digest-samba-3.0.22-r3 b/net-fs/samba/files/digest-samba-3.0.22-r3 new file mode 100644 index 000000000000..418191486d44 --- /dev/null +++ b/net-fs/samba/files/digest-samba-3.0.22-r3 @@ -0,0 +1,9 @@ +MD5 b8569b2f7a943a363ebe87fe7bd4b994 samba-3-gentoo-0.3.13.tar.bz2 16532 +RMD160 9ad61f4391a7c452a40391551f222d6e8107e70b samba-3-gentoo-0.3.13.tar.bz2 16532 +SHA256 e910780553784c0fb41ffad25a8185c20879eb14b8d53ce888e5ad05dc0e4e93 samba-3-gentoo-0.3.13.tar.bz2 16532 +MD5 5c39505af17cf5caf3d6ed8bab135036 samba-3.0.22.tar.gz 17542657 +RMD160 b41cffc999c524c1650d2dd3fbd063dc79741091 samba-3.0.22.tar.gz 17542657 +SHA256 781466885804343248afb74dfdd57df0c7165b252ded06a71c0f24827b2a8e2d samba-3.0.22.tar.gz 17542657 +MD5 900502ba36b80620229b94e5129bc856 samba-vscan-0.3.6b.tar.bz2 164471 +RMD160 5cd81345b06f44b2febf3f24e62325322b1c6a3b samba-vscan-0.3.6b.tar.bz2 164471 +SHA256 14f78b624b047b90ddf4965998e7115d3b3ac97b3229154a302637d8e49adcd4 samba-vscan-0.3.6b.tar.bz2 164471 diff --git a/net-fs/samba/samba-3.0.22-r3.ebuild b/net-fs/samba/samba-3.0.22-r3.ebuild new file mode 100644 index 000000000000..5ba57fdd6e91 --- /dev/null +++ b/net-fs/samba/samba-3.0.22-r3.ebuild @@ -0,0 +1,310 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/samba-3.0.22-r3.ebuild,v 1.1 2006/07/11 09:58:46 satya Exp $ + +inherit eutils versionator + +IUSE_LINGUAS="ja pl" +IUSE="acl async automount cups doc examples kerberos ldap ldapsam libclamav + mysql oav pam postgres python quotas readline selinux swat syslog + winbind xml" +RESTRICT="test" + +VSCAN_VER="0.3.6b" +PATCH_VER="0.3.13" +MY_P=${PN}-${PV/_/} +MY_PP=${PN}-$(get_major_version)-gentoo-${PATCH_VER} +S2=${WORKDIR}/${MY_P} +S=${S2}/source +PFVSCAN=${PN}-vscan-${VSCAN_VER} +DESCRIPTION="SAMBA is a suite of SMB and CIFS client/server programs for UNIX" +HOMEPAGE="http://www.samba.org/ + http://www.openantivirus.org/projects.php" +SRC_URI="mirror://samba/${MY_P}.tar.gz + mirror://samba/old-versions/${MY_P}.tar.gz + oav? ( mirror://sourceforge/openantivirus/${PFVSCAN}.tar.bz2 ) + mirror://gentoo/${MY_PP}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" + +RDEPEND="dev-libs/popt + virtual/libiconv + acl? ( kernel_linux? ( sys-apps/acl ) ) + cups? ( net-print/cups ) + ldap? ( kerberos? ( virtual/krb5 ) net-nds/openldap ) + mysql? ( dev-db/mysql sys-libs/zlib ) + pam? ( virtual/pam ) + postgres? ( dev-db/postgresql sys-libs/zlib ) + python? ( dev-lang/python ) + readline? ( sys-libs/readline ) + selinux? ( sec-policy/selinux-samba ) + swat? ( sys-apps/xinetd ) + syslog? ( virtual/logger ) + xml? ( dev-libs/libxml2 sys-libs/zlib ) + " + +DEPEND="${RDEPEND} + sys-devel/autoconf + >=sys-apps/sed-4" + +PRIVATE_DST=/var/lib/samba/private +PATCHDIR=${WORKDIR}/patches +CONFDIR=${WORKDIR}/configs + +src_unpack() { + unpack ${A}; cd ${S2} + + rm -rf ${S2}/examples.ORIG + + export EPATCH_SUFFIX="patch" + epatch ${PATCHDIR}/general + if use oav ; then + cd ${WORKDIR} + if [[ -d ${PATCHDIR}/vscan ]]; then + epatch ${PATCHDIR}/vscan + fi + cp -pPR ${WORKDIR}/${PFVSCAN} ${S2}/examples/VFS + fi + + #uClib: bug #120383, https://bugzilla.samba.org/show_bug.cgi?id=3451 + sed -i -e '/include.*fstab.h/d' "${S}"/client/umount.cifs.c +} + +src_compile() { + ebegin "Running autoconf" + autoconf + eend $? + + local myconf + local mymods + local mylangs + + use xml && mymods="xml,${mymods}" + use mysql && mymods="mysql,${mymods}" + use postgres && mymods="pgsql,${mymods}" + [[ -n "${mymods}" ]] && myconf="--with-expsam=${mymods}" + + mylangs="en" + use linguas_ja && mylangs="${mylangs},ja" + use linguas_pl && mylangs="${mylangs},pl" + myconf="${myconf} --with-manpages-langs=${mylangs}" + + if use ldap; then + myconf="${myconf} $(use_with ldap) $(use_with kerberos ads)" + myconf="${myconf} $(use_with ldapsam)" + else + myconf="${myconf} --without-ldapsam" + fi + use winbind && myconf="${myconf} $(use_with winbind) --with-shared-modules=idmap_rid,idmap_ad" + + [[ ${CHOST} == *-*bsd* ]] && myconf="${myconf} --disable-pie" + use hppa && myconf="${myconf} --disable-pie" + + econf \ + --with-fhs \ + --sysconfdir=/etc/samba \ + --localstatedir=/var \ + --with-configdir=/etc/samba \ + --with-libdir=/usr/$(get_libdir)/samba \ + --with-swatdir=/usr/share/doc/${PF}/swat \ + --with-piddir=/var/run/samba \ + --with-lockdir=/var/cache/samba \ + --with-logfilebase=/var/log/samba \ + --with-privatedir=${PRIVATE_DST} \ + --with-libsmbclient \ + --without-spinlocks \ + $(use_with acl acl-support) \ + $(use_with async aio-support) \ + $(use_with automount) \ + $(use_enable cups) \ + $(use_with kerberos krb5) \ + $(use_with pam) $(use_with pam pam_smbpass) \ + $(use_with python) \ + $(use_with quotas) $(use_with quotas sys-quotas) \ + $(use_with readline) \ + $(use_with kernel_linux smbmount) \ + $(use_with syslog) \ + ${myconf} || die + + emake proto || die "SAMBA make proto error" + emake everything || die "SAMBA make everything error" + + einfo "make rpctorture" + emake rpctorture || ewarn "rpctorture didn't build" + + if use python ; then + python python/setup.py build + fi + + # Build samba-vscan plugins + if use oav; then + cd ${S2}/examples/VFS/${PFVSCAN} + econf \ + --with-fhs \ + --libdir=/usr/$(get_libdir)/samba \ + $(use_with libclamav) || die "${PFVSCAN} ./configure failed" + emake || die "Failed to make ${PFVSCAN}" + fi + +} + +src_install() { + local extra_bins="rpctorture" + + make DESTDIR=${D} install-everything || die + + # Extra rpctorture progs + exeinto /usr/bin + for i in ${extra_bins}; do + [[ -x ${S}/bin/${i} ]] && doexe ${S}/bin/${i} + einfo "Extra binaries: ${i}" + done + + # remove .old stuff from /usr/bin: + rm -f ${D}/usr/bin/*.old + + # Nsswitch extensions. Make link for wins and winbind resolvers + dolib.so ${S}/nsswitch/libnss_wins.so + dosym libnss_wins.so /usr/$(get_libdir)/libnss_wins.so.2 + if use winbind; then + dolib.so ${S}/nsswitch/libnss_winbind.so + dosym libnss_winbind.so /usr/$(get_libdir)/libnss_winbind.so.2 + fi + + if use pam; then + exeinto /$(get_libdir)/security + doexe ${S}/bin/pam_smbpass.so + if use winbind; then + exeinto /$(get_libdir)/security + doexe ${S}/nsswitch/pam_winbind.so + fi + fi + + if use kernel_linux; then + # mount backend + dodir /sbin + dosym ../usr/bin/smbmount /sbin/mount.smbfs + dosym ../usr/bin/mount.cifs /sbin/mount.cifs + fi + + # bug #46389: samba doesn't create symlink anymore + # beaviour seems to be changed in 3.0.6, see bug #61046 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so.0 + dosym samba/libsmbclient.so /usr/$(get_libdir)/libsmbclient.so + + # make the smb backend symlink for cups printing support (bug #133133) + if use cups; then + dodir $(cups-config --serverbin)/backend + dosym /usr/bin/smbspool $(cups-config --serverbin)/backend/smb + fi + + # VFS plugin modules + if use oav; then + cd ${S2}/examples/VFS/${PFVSCAN} + make install DESTDIR=${D} || die "VFS: vscan error" + insinto /etc/samba + doins ${S2}/examples/VFS/${PFVSCAN}/openantivirus/*conf + fi + + # Python extensions + if use python; then + cd ${S} + python python/setup.py install --root=${D} || die + fi + + # General config files + insinto /etc/samba + doins ${CONFDIR}/smbusers + newins ${CONFDIR}/smb.conf.example-samba3 smb.conf.example + doins ${CONFDIR}/lmhosts + + newpamd ${CONFDIR}/samba.pam samba + use winbind && doins ${CONFDIR}/system-auth-winbind + insinto /etc/xinetd.d + newins ${CONFDIR}/swat.xinetd swat + newinitd ${CONFDIR}/samba-init samba + newconfd ${CONFDIR}/samba-conf samba + if use ldap; then + insinto /etc/openldap/schema + doins ${S2}/examples/LDAP/samba.schema + fi + + # dirs + diropts -m0700 ; keepdir ${PRIVATE_DST} + diropts -m1777 ; keepdir /var/spool/samba + + diropts -m0755 + keepdir /var/{log,run,cache}/samba + keepdir /var/lib/samba/{netlogon,profiles} + keepdir /var/lib/samba/printers/{W32X86,WIN40,W32ALPHA,W32MIPS,W32PPC} + keepdir /usr/$(get_libdir)/samba/{rpc,idmap,auth} + + # docs + dodoc ${FILESDIR}/README.gentoo + dodoc ${S2}/{COPYING,Manifest,README,Roadmap,WHATSNEW.txt} + dodoc ${CONFDIR}/nsswitch.conf-wins + use winbind && dodoc ${CONFDIR}/nsswitch.conf-winbind + + if use oav; then + docinto ${PFVSCAN} + cd ${WORKDIR}/${PFVSCAN} + dodoc AUTHORS COPYING ChangeLog FAQ INSTALL NEWS README TODO + dodoc */*.conf + fi + + if use examples; then + docinto examples + cp -pPR ${S2}/examples/* ${D}/usr/share/doc/${PF}/examples + chmod -R 755 `find ${D}/usr/share/doc/${PF}/examples -type d` + chmod -R 644 `find ${D}/usr/share/doc/${PF}/examples ! -type d` + fi + + if ! use doc; then + if ! use swat; then + rm -rf ${D}/usr/share/doc/${PF}/swat + else + rm -rf ${D}/usr/share/doc/${PF}/swat/help/{guide,howto,devel} + rm -rf ${D}/usr/share/doc/${PF}/swat/using_samba + fi + fi + + # Patch ChangeLog + docinto gentoo + dodoc ${PATCHDIR}/ChangeLog +} + +pkg_preinst() { + local PRIVATE_SRC=/etc/samba/private + if [[ ! -r ${ROOT}/${PRIVATE_DST}/secrets.tdb \ + && -r ${ROOT}/${PRIVATE_SRC}/secrets.tdb ]]; then + ebegin "Copying ${ROOT}/${PRIVATE_SRC}/* to ${ROOT}/${PRIVATE_DST}/" + mkdir -p ${IMAGE}/${PRIVATE_DST} + cp -pPRf ${ROOT}/${PRIVATE_SRC}/* ${IMAGE}/${PRIVATE_DST}/ + eend $? + fi + + if [[ ! -f "${ROOT}/etc/samba/smb.conf" ]]; then + touch ${IMAGE}/etc/samba/smb.conf + fi +} + +pkg_postinst() { + if use swat; then + einfo "swat must be enabled by xinetd:" + einfo " change the /etc/xinetd.d/swat configuration" + fi + einfo "As of 3.0.20: New USE flags: syslog, automount, async (default: disabled)" + einfo "As of 3.0.20b: New USE flags: ldapsam, swat (default: disabled)" + einfo "SQL and XML backends are *experimental*: sql is being deprecated" + einfo "Latest info: README.gentoo in documentation directory" +} + +pkg_postrm(){ + # If stale docs, and one isn't re-emerging the latest version, removes + # (this is actually a portage bug, though) + [[ -n "${PF}" && ! -f ${ROOT}/usr/lib/${PN}/en.msg ]] && \ + rm -rf ${ROOT}/usr/share/doc/${PF} +} + |