Index: head/net/samba48/Makefile =================================================================== --- head/net/samba48/Makefile (revision 475994) +++ head/net/samba48/Makefile (revision 475995) @@ -1,610 +1,623 @@ # Created by: timur@FreeBSD.org # $FreeBSD$ PORTNAME= ${SAMBA4_BASENAME}48 PORTVERSION= ${SAMBA4_VERSION} -PORTREVISION= 1 +PORTREVISION= 0 CATEGORIES?= net MASTER_SITES= SAMBA/samba/stable SAMBA/samba/rc DISTNAME= ${SAMBA4_DISTNAME} MAINTAINER= timur@FreeBSD.org COMMENT= Free SMB/CIFS and AD/DC server and client for Unix LICENSE= GPLv3 BROKEN_powerpc64= fails to compile: auth.idl:107: Unable to determine origin of type struct cli_credentials - IGNORE_NONTHREAD_PYTHON= needs port lang/python${PYTHON_SUFFIX} to be build with THREADS support CONFLICTS_INSTALL?= samba4-4.0.* samba4[1-79]-4.* p5-Parse-Pidl-4.* EXTRA_PATCHES+= ${PATCHDIR}/0001-Zfs-provision-1.patch:-p1 EXTRA_PATCHES+= ${PATCHDIR}/0001-Freenas-master-mdns-fixes-22.patch:-p1 -EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13427.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-audit.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-ctdb.patch:-p1 EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13175.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13351.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13441.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13451.patch:-p1 +EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-13537.patch:-p1 EXTRA_PATCHES+= ${PATCHDIR}/0001-bug-228462.patch:-p1 SAMBA4_BASENAME= samba SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4 -SAMBA4_VERSION= 4.8.2 +SAMBA4_VERSION= 4.8.3 SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|} WRKSRC?= ${WRKDIR}/${DISTNAME} .if !defined(SAMBA4_SUBPORT) CPE_VENDOR= samba CPE_PRODUCT= samba # Directories VARDIR= ${DESTDIR}/var SAMBA4_RUNDIR= ${VARDIR}/run/${SAMBA4_PORTNAME} SAMBA4_LOGDIR= ${VARDIR}/log/${SAMBA4_PORTNAME} SAMBA4_LOCKDIR= ${VARDIR}/db/${SAMBA4_PORTNAME} SAMBA4_BINDDNSDIR= ${SAMBA4_LOCKDIR}/bind-dns SAMBA4_PRIVATEDIR= ${SAMBA4_LOCKDIR}/private SAMBA4_PAMDIR= ${PREFIX}/lib SAMBA4_LIBDIR= ${PREFIX}/lib/${SAMBA4_PORTNAME} SAMBA4_MODULEDIR= ${PREFIX}/lib/shared-modules SAMBA4_INCLUDEDIR= ${PREFIX}/include/${SAMBA4_PORTNAME} SAMBA4_CONFDIR= ${PREFIX}/etc SAMBA4_CONFIG= smb4.conf CONFIGURE_ARGS+= --mandir="${MANPREFIX}/man" \ --sysconfdir="${SAMBA4_CONFDIR}" \ --includedir="${SAMBA4_INCLUDEDIR}" \ --datadir="${DATADIR}" \ --libdir="${SAMBA4_LIBDIR}" \ --with-privatelibdir="${SAMBA4_LIBDIR}/private" \ --with-pammodulesdir="${SAMBA4_PAMDIR}" \ --with-modulesdir="${SAMBA4_MODULEDIR}" \ --with-pkgconfigdir="${PKGCONFIGDIR}" \ --localstatedir="${VARDIR}" \ --with-piddir="${SAMBA4_RUNDIR}" \ --with-sockets-dir="${SAMBA4_RUNDIR}" \ --with-privileged-socket-dir="${SAMBA4_RUNDIR}" \ --with-lockdir="${SAMBA4_LOCKDIR}" \ --with-statedir="${SAMBA4_LOCKDIR}" \ --with-cachedir="${SAMBA4_LOCKDIR}" \ --with-bind-dns-dir=${SAMBA4_BINDDNSDIR} \ --with-privatedir="${SAMBA4_PRIVATEDIR}" \ --with-logfilebase="${SAMBA4_LOGDIR}" # XXX: Flags CONFIGURE_ENV+= PTHREAD_LDFLAGS="-lpthread" CPPFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib USES= cpe compiler waf pkgconfig perl5 \ iconv shebangfix USE_PERL5= build USE_LDCONFIG= ${SAMBA4_LIBDIR} WAF_CMD= buildtools/bin/waf CONFIGURE_LOG= bin/config.log PKGCONFIGDIR?= ${PREFIX}/libdata/pkgconfig PKGCONFIGDIR_REL?= ${PKGCONFIGDIR:S,^${PREFIX}/,,} PLIST_SUB+= PKGCONFIGDIR=${PKGCONFIGDIR_REL} SUB_LIST+= PKGCONFIGDIR=${PKGCONFIGDIR_REL} ############################################################################## # Options OPTIONS_SUB= yes OPTIONS_DEFINE= AD_DC ADS DEBUG DOCS FAM LDAP \ QUOTAS SYSLOG UTMP PROFILE # Make those default options OPTIONS_DEFAULT:= ${OPTIONS_DEFINE} GSSAPI_BUILTIN # This shouldn't be default in the release OPTIONS_DEFINE+= DEVELOPER MANDOC OPTIONS_DEFINE_amd64= AESNI OPTIONS_DEFAULT_amd64= AESNI -OPTIONS_DEFINE+= CUPS GPGME NTVFS SPOTLIGHT +OPTIONS_DEFINE+= CLUSTER CUPS GPGME NTVFS SPOTLIGHT #OPTIONS_DEFINE+= MEMORY_DEBUG OPTIONS_SINGLE= GSSAPI # GSSAPI_HEIMDAL OPTIONS_SINGLE_GSSAPI= GSSAPI_BUILTIN GSSAPI_MIT OPTIONS_RADIO= DNS ZEROCONF OPTIONS_RADIO_DNS= NSUPDATE BIND911 OPTIONS_RADIO_ZEROCONF= MDNSRESPONDER AVAHI ############################################################################## AD_DC_DESC= Active Directory Domain Controller(implies LDAP) ADS_DESC= Active Directory client(implies LDAP) AESNI_DESC= Accelerated AES crypto functions(amd64 only) CLUSTER_DESC= Clustering DEVELOPER_DESC= With developer framework(implies NTVFS) FAM_DESC= File Alteration Monitor GPGME_DESC= GpgME GLUSTERFS_DESC= GlusterFS LDAP_DESC= LDAP client LIBZFS_DESC= LibZFS SPOTLIGHT_DESC= Spotlight MANDOC_DESC= Build manpages from DOCBOOK templates MEMORY_DEBUG_DESC= Debug memory allocation NTVFS_DESC= Build *DEPRECATED* NTVFS file server PICKY_DEVELOPER_DESC= Treat compiler warnings as errors(implies DEVELOPER) PROFILE_DESC= Profiling data QUOTAS_DESC= Disk quota UTMP_DESC= UTMP accounting GSSAPI_BUILTIN_DESC= GSSAPI support via bundled Heimdal BIND911_DESC= Use Bind 9.11 as AD DC DNS server frontend NSUPDATE_DESC= Use samba NSUPDATE utility for AD DC ############################################################################## -PLIST_SUB+= CLUSTER="@comment " -SUB_LIST+= CLUSTER="@comment " -# XXX: Unconditional dependencies which can't be switched off(if present in the system) +# XXX: Unconditional dependencies which can't be switched off(if present in +# the system) +# Readline(sponsored by Python) +# XXX: USES=readline pollutes CPPFLAGS, so we explicitly put dependency +LIB_DEPENDS+= libreadline.so.7:devel/readline # popt LIB_DEPENDS+= libpopt.so:devel/popt # inotify LIB_DEPENDS+= libinotify.so:devel/libinotify # GNUTLS LIB_DEPENDS+= libgnutls.so:security/gnutls # NFS4 ACL glue LIB_DEPENDS+= libsunacl.so:sysutils/libsunacl # Jansson BUILD_DEPENDS+= jansson>=2.10:devel/jansson RUN_DEPENDS+= jansson>=2.10:devel/jansson # External Samba dependencies # Needed for IDL compiler BUILD_DEPENDS+= p5-Parse-Yapp>=0:devel/p5-Parse-Yapp # Libarchive SAMBA4_BUNDLED_LIBS+= !libarchive BUILD_DEPENDS+= libarchive>=3.1.2:archivers/libarchive RUN_DEPENDS+= libarchive>=3.1.2:archivers/libarchive ### Bundled libraries #SAMBA4_BUNDLED_CMOCKA= yes #SAMBA4_BUNDLED_TALLOC= yes #SAMBA4_BUNDLED_TEVENT= yes #SAMBA4_BUNDLED_TDB= yes -#SAMBA4_BUNDLED_LDB= yes +SAMBA4_BUNDLED_LDB= yes SAMBA4_LDB= 13 # cmocka .if defined(SAMBA4_BUNDLED_CMOCKA) SAMBA4_BUNDLED_LIBS+= cmocka CONFLICTS+= cmocka-1.* PLIST_SUB+= SAMBA4_BUNDLED_CMOCKA="" SUB_LIST+= SAMBA4_BUNDLED_CMOCKA="" .else SAMBA4_BUNDLED_LIBS+= !cmocka BUILD_DEPENDS+= cmocka>=1.1.1:sysutils/cmocka RUN_DEPENDS+= cmocka>=1.1.1:sysutils/cmocka PLIST_SUB+= SAMBA4_BUNDLED_CMOCKA="@comment " SUB_LIST+= SAMBA4_BUNDLED_CMOCKA="@comment " .endif # talloc .if defined(SAMBA4_BUNDLED_TALLOC) SAMBA4_BUNDLED_LIBS+= talloc CONFLICTS+= talloc-2.* PLIST_SUB+= SAMBA4_BUNDLED_TALLOC="" SUB_LIST+= SAMBA4_BUNDLED_TALLOC="" .else SAMBA4_BUNDLED_LIBS+= !talloc -BUILD_DEPENDS+= talloc>=2.1.13:devel/talloc -RUN_DEPENDS+= talloc>=2.1.13:devel/talloc +BUILD_DEPENDS+= talloc>=2.1.14:devel/talloc +RUN_DEPENDS+= talloc>=2.1.14:devel/talloc PLIST_SUB+= SAMBA4_BUNDLED_TALLOC="@comment " SUB_LIST+= SAMBA4_BUNDLED_TALLOC="@comment " .endif # tevent .if defined(SAMBA4_BUNDLED_TEVENT) SAMBA4_BUNDLED_LIBS+= tevent CONFLICTS+= tevent-0.* PLIST_SUB+= SAMBA4_BUNDLED_TEVENT="" SUB_LIST+= SAMBA4_BUNDLED_TEVENT="" .else SAMBA4_BUNDLED_LIBS+= !tevent -BUILD_DEPENDS+= tevent>=0.9.36:devel/tevent -RUN_DEPENDS+= tevent>=0.9.36:devel/tevent +BUILD_DEPENDS+= tevent>=0.9.37:devel/tevent +RUN_DEPENDS+= tevent>=0.9.37:devel/tevent PLIST_SUB+= SAMBA4_BUNDLED_TEVENT="@comment " SUB_LIST+= SAMBA4_BUNDLED_TEVENT="@comment " .endif # tdb .if defined(SAMBA4_BUNDLED_TDB) SAMBA4_BUNDLED_LIBS+= tdb CONFLICTS+= tdb-1.* PLIST_SUB+= SAMBA4_BUNDLED_TDB="" SUB_LIST+= SAMBA4_BUNDLED_TDB="" .else SAMBA4_BUNDLED_LIBS+= !tdb BUILD_DEPENDS+= tdb>=1.3.15:databases/tdb RUN_DEPENDS+= tdb>=1.3.15:databases/tdb PLIST_SUB+= SAMBA4_BUNDLED_TDB="@comment " SUB_LIST+= SAMBA4_BUNDLED_TDB="@comment " .endif # ldb .if defined(SAMBA4_BUNDLED_LDB) || !defined(SAMBA4_LDB) SAMBA4_BUNDLED_LDB= yes SAMBA4_BUNDLED_LIBS+= ldb CONFLICTS+= ldb-1.* ldb1[23]-1.* PLIST_SUB+= SAMBA4_BUNDLED_LDB="" SUB_LIST+= SAMBA4_BUNDLED_LDB="" .else . if ${SAMBA4_LDB} == 13 -BUILD_DEPENDS+= ldb13>=1.3.3:databases/ldb13 -RUN_DEPENDS+= ldb13>=1.3.3:databases/ldb13 +BUILD_DEPENDS+= ldb13>=1.3.4:databases/ldb13 +RUN_DEPENDS+= ldb13>=1.3.4:databases/ldb13 . elif ${SAMBA4_LDB} == 12 BUILD_DEPENDS+= ldb12>=1.2.3:databases/ldb12 RUN_DEPENDS+= ldb12>=1.2.3:databases/ldb12 . elif ${SAMBA4_LDB} == 11 BUILD_DEPENDS+= ldb>=1.1.29:databases/ldb RUN_DEPENDS+= ldb>=1.1.29:databases/ldb . endif SAMBA4_BUNDLED_LIBS+= !ldb PLIST_SUB+= SAMBA4_BUNDLED_LDB="@comment " SUB_LIST+= SAMBA4_BUNDLED_LDB="@comment " .endif .if defined(SAMBA4_BUNDLED_TALLOC) || defined(SAMBA4_BUNDLED_TEVENT) || defined(SAMBA4_BUNDLED_TDB) SAMBA4_BUNDLED_LIBS+= replace .endif # Don't use external libcom_err SAMBA4_BUNDLED_LIBS+= com_err # Set the test environment variables TEST_ENV+= PYTHON="${PYTHON_CMD}" \ SHA1SUM=/sbin/sha1 \ SHA256SUM=/sbin/sha256 \ MD5SUM=/sbin/md5 TEST_DEPENDS+= python:lang/python \ bash:shells/bash \ tshark:net/tshark ############################################################################## CONFIGURE_ARGS+= \ --with-pam \ --with-iconv \ --with-winbind \ --with-regedit \ --disable-rpath \ --without-lttng \ --without-gettext \ --enable-pthreadpool \ --without-fake-kaserver \ --without-systemd \ --enable-gnutls \ --with-libarchive \ --with-acl-support \ --with-sendfile-support \ --disable-ctdb-tests \ ${ICONV_CONFIGURE_BASE} ############################################################################## BIND911_RUN_DEPENDS= bind911>=9.11.0.0:dns/bind911 NSUPDATE_RUN_DEPENDS= samba-nsupdate:dns/samba-nsupdate AVAHI_CONFIGURE_ENABLE= avahi AVAHI_LIB_DEPENDS= libavahi-client.so:net/avahi-app MDNSRESPONDER_CONFIGURE_ENABLE= dnssd MDNSRESPONDER_LIB_DEPENDS= libdns_sd.so:net/mDNSResponder ############################################################################## DEBUG_CONFIGURE_ON= --verbose --enable-debug DEBUG_MAKE_ARGS= --verbose DEBUG_FLAGS= -g -ggdb3 -O0 MEMORY_DEBUG_IMPLIES= DEBUG MEMORY_DEBUG_CONFIGURE_ENV= ADDITIONAL_CFLAGS="-DENABLE_JEMALLOC `pkg-config --cflags jemalloc`" ADDITIONAL_LDFLAGS="`pkg-config --libs jemalloc`" MEMORY_DEBUG_LIB_DEPENDS= libjemalloc.so.2:devel/jemalloc # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194046 GDB_CMD?= ${LOCALBASE}/bin/gdb # https://bugzilla.samba.org/show_bug.cgi?id=8969 PICKY_DEVELOPER_IMPLIES= DEVELOPER PICKY_DEVELOPER_CONFIGURE_ON= --picky-developer DEVELOPER_IMPLIES= NTVFS DEVELOPER_CONFIGURE_ON= --enable-developer --enable-selftest --abi-check-disable DEVELOPER_BUILD_DEPENDS= ${GDB_CMD}:devel/gdb DEVELOPER_TEST_DEPENDS= ${GDB_CMD}:devel/gdb DEVELOPER_VARS_OFF= GDB_CMD=true # XXX: Mostly used in conjuction with the DEVELOPER option, don't enable it # if you don't know what you are doing NTVFS_CONFIGURE_WITH= ntvfs-fileserver NTVFS_PLIST_FILES= lib/shared-modules/service/smb.so \ lib/samba4/private/libntvfs-samba4.so ############################################################################## CLUSTER_CONFIGURE_WITH= cluster-support CUPS_CONFIGURE_ENABLE= cups iprint CUPS_LIB_DEPENDS= libcups.so:print/cups # https://bugzilla.samba.org/show_bug.cgi?id=9545 FAM_USES= fam FAM_CONFIGURE_WITH= fam GLUSTERFS_CONFIGURE_ENABLE= glusterfs GLUSTERFS_LIB_DEPENDS= libglusterfs.so:net/glusterfs GLUSTERFS_VARS= SAMBA4_MODULES+=vfs_glusterfs GPGME_CONFIGURE_WITH= gpgme GPGME_LIB_DEPENDS= libgpgme.so:security/gpgme PROFILE_CONFIGURE_WITH= profiling-data QUOTAS_CONFIGURE_WITH= quotas SPOTLIGHT_CONFIGURE_ENABLE= spotlight SPOTLIGHT_BUILD_DEPENDS= tracker>=1.4.1:sysutils/tracker SPOTLIGHT_RUN_DEPENDS= tracker>=1.4.1:sysutils/tracker SPOTLIGHT_USES= bison SPOTLIGHT_USE= gnome=glib20 SYSLOG_CONFIGURE_WITH= syslog UTMP_CONFIGURE_WITH= utmp AD_DC_CONFIGURE_OFF= --without-ad-dc ADS_IMPLIES= LDAP ADS_CONFIGURE_WITH= ads dnsupdate LDAP_CONFIGURE_WITH= ldap LDAP_CONFIGURE_ON= --with-openldap=${LOCALBASE} LDAP_USE= OPENLDAP=yes LDAP_VARS= SAMBA4_MODULES+=idmap_ldap GSSAPI_MIT_CONFIGURE_ON= --with-system-mitkrb5 ${GSSAPIBASEDIR} \ --with-system-mitkdc=${GSSAPIBASEDIR}/sbin/krb5kdc GSSAPI_MIT_USES= gssapi:mit LIBZFS_CONFIGURE_WITH= libzfs LIBZFS_VARS= SAMBA4_MODULES+=vfs_zfs_space MANDOC_BUILD_DEPENDS= ${LOCALBASE}/share/xsl/docbook/manpages/docbook.xsl:textproc/docbook-xsl \ xsltproc:textproc/libxslt MANDOC_CONFIGURE_ENV_OFF= XSLTPROC="true" # !SAMBA4_SUBPORT .endif ############################################################################## .include ############################################################################## .if !defined(SAMBA4_SUBPORT) .if !defined(WANT_EXP_MODULES) || empty(WANT_EXP_MODULES) WANT_EXP_MODULES= vfs_cacheprime .endif .if ${WANT_EXP_MODULES:Mvfs_snapper} # snapper needs dbus LIB_DEPENDS+= libdbus-1.so:devel/dbus LIB_DEPENDS+= libdbus-glib-1.so:devel/dbus-glib .endif SAMBA4_MODULES+= vfs_freebsd SAMBA4_MODULES+= idmap_nss idmap_autorid idmap_rid idmap_hash idmap_tdb idmap_tdb2 idmap_script nss-info_hash # List of extra modules taken from RHEL build # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197320 .if ${PORT_OPTIONS:MADS} SAMBA4_MODULES+= idmap_ad idmap_rfc2307 nss-info_template nss-info_rfc2307 nss-info_sfu nss-info_sfu20 .endif .if ${PORT_OPTIONS:MDEVELOPER} SAMBA4_MODULES+= auth_skel pdb_test gpext_security gpext_registry gpext_scripts perfcount_test \ vfs_fake_dfq vfs_skel_opaque vfs_skel_transparent vfs_shadow_copy_test vfs_fake_acls \ vfs_nfs4acl_xattr vfs_error_inject .endif .if defined(WANT_EXP_MODULES) && !empty(WANT_EXP_MODULES) SAMBA4_MODULES+= ${WANT_EXP_MODULES} .endif .if defined(SAMBA4_BUNDLED_LIBS) && !empty(SAMBA4_BUNDLED_LIBS) CONFIGURE_ARGS+= --bundled-libraries="${SAMBA4_BUNDLED_LIBS:Q:C|(\\\\ )+|,|g:S|\\||g}" .endif .if defined(SAMBA4_MODULES) && !empty(SAMBA4_MODULES) CONFIGURE_ARGS+= --with-shared-modules="${SAMBA4_MODULES:C|-|_|:Q:C|(\\\\ )+|,|g:S|\\||g}" .endif # XXX: Hack for nss-info_* -> nss_info/* modules # Add selected modules to the plist .for module in ${SAMBA4_MODULES} PLIST_FILES+= lib/shared-modules/${module:C|_|/|:C|-|_|}.so .endfor # Python bindings .if defined(NO_PYTHON) USES+= python:2.7,build,test CONFIGURE_ARGS+= --disable-python PLIST_SUB+= SAMBA4_PYTHON2="@comment " SAMBA4_PYTHON3="@comment " SUB_LIST+= SAMBA4_PYTHON2="@comment " SAMBA4_PYTHON3="@comment " .else USES+= python:2.7 PLIST_SUB+= SAMBA4_PYTHON2="" SUB_LIST+= SAMBA4_PYTHON2="" .if !defined(SAMBA4_BUNDLED_TALLOC) SAMBA4_BUNDLED_LIBS+= !pytalloc-util .endif .if !defined(SAMBA4_BUNDLED_TEVENT) SAMBA4_BUNDLED_LIBS+= !pytevent .endif .if !defined(SAMBA4_BUNDLED_TDB) SAMBA4_BUNDLED_LIBS+= !pytdb .endif .if !defined(SAMBA4_BUNDLED_LDB) SAMBA4_BUNDLED_LIBS+= !pyldb,!pyldb-util .endif # External Python modules BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}dnspython>=1.15.0:dns/py-dnspython@${PY_FLAVOR} RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}dnspython>=1.15.0:dns/py-dnspython@${PY_FLAVOR} BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR} RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}iso8601>=0.1.11:devel/py-iso8601@${PY_FLAVOR} # XXX: This is a gross hack to make port use both Python 2.7+ and 3.3+ # This is not officially supported, use at your own risk -.if defined(WITH_SAMBA4_PYTHON3) && ${WITH_SAMBA4_PYTHON3:Mpython3\.[0-9]} -SAMBA4_PYTHON3= ${WITH_SAMBA4_PYTHON3} -SAMBA4_PYTHON3_VERSION:= ${SAMBA4_PYTHON3:S/^python//} -SAMBA4_PYTHON3_VER:= ${SAMBA4_PYTHON3_VERSION:C/\.//} +.if defined(WITH_SAMBA4_PYTHON3) && ${WITH_SAMBA4_PYTHON3:M3\.[0-9]} +SAMBA4_PYTHON3_VERSION= ${WITH_SAMBA4_PYTHON3} +SAMBA4_PYTHON3= python${SAMBA4_PYTHON3_VERSION} +SAMBA4_PYTHON3_VER= ${SAMBA4_PYTHON3_VERSION:C/\.//} .if !exists(${PORTSDIR}/lang/python${SAMBA4_PYTHON3_VER}) .error unsupported or unknown Python version ${SAMBA4_PYTHON3_VERSION} .endif BUILD_DEPENDS+= ${SAMBA4_PYTHON3}:lang/python${SAMBA4_PYTHON3_VER} RUN_DEPENDS+= ${SAMBA4_PYTHON3}:lang/python${SAMBA4_PYTHON3_VER} # External Python modules BUILD_DEPENDS+= py${SAMBA4_PYTHON3_VER}-dnspython>=1.15.0:dns/py-dnspython@py${SAMBA4_PYTHON3_VER} RUN_DEPENDS+= py${SAMBA4_PYTHON3_VER}-dnspython>=1.15.0:dns/py-dnspython@py${SAMBA4_PYTHON3_VER} BUILD_DEPENDS+= py${SAMBA4_PYTHON3_VER}-iso8601>=0.1.11:devel/py-iso8601@py${SAMBA4_PYTHON3_VER} RUN_DEPENDS+= py${SAMBA4_PYTHON3_VER}-iso8601>=0.1.11:devel/py-iso8601@py${SAMBA4_PYTHON3_VER} # cpython-36m SAMBA4_PYTHON3_SO_ABI!= [ ! -f "${LOCALBASE}/bin/${SAMBA4_PYTHON3}" ] || ${LOCALBASE}/bin/${SAMBA4_PYTHON3} -c 'import sysconfig; print(sysconfig.get_config_var("SOABI") or "")' 2>/dev/null SAMBA4_PYTHON3_SITELIBDIR= lib/python${SAMBA4_PYTHON3_VERSION}/site-packages CONFIGURE_ENV+= PYTHON3_SO_ABI_FLAG=.${SAMBA4_PYTHON3_SO_ABI} CONFIGURE_ARGS+= --extra-python=${LOCALBASE}/bin/${SAMBA4_PYTHON3} PLIST_SUB+= SAMBA4_PYTHON3="" SAMBA4_PYTHON3_SITELIBDIR="${SAMBA4_PYTHON3_SITELIBDIR}" SUB_LIST+= SAMBA4_PYTHON3="" SAMBA4_PYTHON3_SITELIBDIR="${SAMBA4_PYTHON3_SITELIBDIR}" .else PLIST_SUB+= SAMBA4_PYTHON3="@comment " SUB_LIST+= SAMBA4_PYTHON3="@comment " .endif .endif # !SAMBA4_SUBPORT .endif ############################################################################## .include ############################################################################## .if !defined(SAMBA4_SUBPORT) # Require llvm 4.0 and AMD64 .if ${PORT_OPTIONS:MAESNI} && ${ARCH} == "amd64" && ${OSVERSION} >= 1100511 CONFIGURE_ARGS+= --accel-aes=intelaesni PLIST_FILES+= lib/samba4/private/libaesni-intel-samba4.so .else CONFIGURE_ARGS+= --accel-aes=none .endif -.if ${PORT_OPTIONS:MAD_DC} && ${PORT_OPTIONS:MGSSAPI_MIT} +.if ${PORT_OPTIONS:MGSSAPI_MIT} +PLIST_FILES+= lib/samba4/winbind-krb5-localauth.so +. if ${PORT_OPTIONS:MAD_DC} PLIST_FILES+= lib/samba4/krb5/plugins/kdb/samba.so +. endif .endif # for libexecinfo: (so that __builtin_frame_address() finds the top of the stack) CFLAGS_amd64+= -fno-omit-frame-pointer # No fancy color error messages CONFIGURE_ENV+= NOCOLOR=yes WAF_LOG_FORMAT='%(c1)s%(zone)s%(c2)s %(message)s' MAKE_ENV+= NOCOLOR=yes WAF_LOG_FORMAT='%(c1)s%(zone)s%(c2)s %(message)s' .if ${CHOSEN_COMPILER_TYPE} == clang CFLAGS+= -fno-color-diagnostics .endif #.if ${readline_ARGS} == port #CFLAGS+= -D_FUNCTION_DEF #.endif # Make sure that the right version of Python is used by the tools # https://bugzilla.samba.org/show_bug.cgi?id=7305 SHEBANG_FILES= ${PATCH_WRKSRC}/source4/scripting/bin/* ${PATCH_WRKSRC}/selftest/* SAMBA4_SUB= SAMBA4_LOGDIR="${SAMBA4_LOGDIR}" \ SAMBA4_RUNDIR="${SAMBA4_RUNDIR}" \ SAMBA4_LOCKDIR="${SAMBA4_LOCKDIR}" \ SAMBA4_MODULEDIR="${SAMBA4_MODULEDIR}" \ SAMBA4_BINDDNSDIR="${SAMBA4_BINDDNSDIR}" \ SAMBA4_PRIVATEDIR="${SAMBA4_PRIVATEDIR}" \ SAMBA4_CONFDIR="${SAMBA4_CONFDIR}" \ SAMBA4_CONFIG="${SAMBA4_CONFIG}" PLIST_SUB+= ${SAMBA4_SUB} SUB_LIST+= ${SAMBA4_SUB} USE_RC_SUBR= samba_server SUB_FILES= pkg-message README.FreeBSD PORTDOCS= README.FreeBSD post-extract: @${RM} -r ${WRKSRC}/pidl/lib/Parse/Yapp post-patch: @${REINPLACE_CMD} -e 's|$${PKGCONFIGDIR}|${PKGCONFIGDIR}|g' \ ${PATCH_WRKSRC}/buildtools/wafsamba/pkgconfig.py @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ ${PATCH_WRKSRC}/buildtools/wafsamba/wafsamba.py @${REINPLACE_CMD} -e 's|%%GDB_CMD%%|${GDB_CMD}|g' \ ${PATCH_WRKSRC}/buildtools/scripts/abi_gen.sh @${REINPLACE_CMD} -e 's|%%SAMBA4_CONFIG%%|${SAMBA4_CONFIG}|g' \ ${PATCH_WRKSRC}/dynconfig/wscript @${REINPLACE_CMD} -e '1s|/bin/bash|/bin/sh|' \ ${PATCH_WRKSRC}/ctdb/tools/onnode # Use threading (or multiprocessing) but not thread (renamed in python 3+). pre-configure: .if ! ${PORT_OPTIONS:MAD_DC} && ${PORT_OPTIONS:MNTVFS} @${ECHO_CMD}; \ ${ECHO_MSG} "===> NTVFS option requires AD_DC to be set"; \ ${ECHO_CMD}; \ ${FALSE} .endif @if ! ${PYTHON_CMD} -c "import multiprocessing;" 2>/dev/null; then \ ${ECHO_CMD}; \ ${ECHO_MSG} "===> ${PKGNAME} "${IGNORE_NONTHREAD_PYTHON:Q}.; \ ${ECHO_CMD}; \ ${FALSE}; \ fi pre-build-MANDOC-off: ${MKDIR} ${BUILD_WRKSRC}/bin/default/docs-xml/ ${CP} -rp ${BUILD_WRKSRC}/docs/manpages ${BUILD_WRKSRC}/bin/default/docs-xml/ .for man in libcli/nbt/man/nmblookup4.1 \ librpc/tools/ndrdump.1 \ source4/lib/registry/man/regdiff.1 \ source4/lib/registry/man/regpatch.1 \ source4/lib/registry/man/regshell.1 \ source4/lib/registry/man/regtree.1 \ source4/scripting/man/samba_gpoupdate.8 \ source4/torture/man/gentest.1 \ source4/torture/man/locktest.1 \ source4/torture/man/masktest.1 \ source4/torture/man/smbtorture.1 \ source4/utils/man/ntlm_auth4.1 \ source4/utils/man/oLschema2ldif.1 \ lib/tdb/man/tdbdump.8 \ lib/tdb/man/tdbbackup.8 \ lib/tdb/man/tdbtool.8 \ lib/talloc/man/talloc.3 \ lib/tdb/man/tdbrestore.8 \ lib/ldb/man/ldb.3 \ lib/ldb/man/ldbadd.1 \ lib/ldb/man/ldbsearch.1 \ lib/ldb/man/ldbmodify.1 \ lib/ldb/man/ldbrename.1 \ lib/ldb/man/ldbdel.1 \ lib/ldb/man/ldbedit.1 ${MKDIR} `dirname ${BUILD_WRKSRC}/bin/default/${man}` ${INSTALL_MAN} ${FILESDIR}/man/`basename ${man}` ${BUILD_WRKSRC}/bin/default/${man} .endfor .if ${PORT_OPTIONS:MCLUSTER} ${MKDIR} ${BUILD_WRKSRC}/bin/default/ctdb/ . for man in ctdb_diagnostics.1 ctdb.1 ctdbd_wrapper.1 ctdbd.1 \ ltdbtool.1 onnode.1 ping_pong.1 ctdbd.conf.5 \ ctdb.7 ctdb-statistics.7 ctdb-tunables.7 ${INSTALL_MAN} ${FILESDIR}/man/${man} ${BUILD_WRKSRC}/bin/default/ctdb/ . endfor .endif post-install-rm-junk: .for f in vfs_aio_linux.8 vfs_btrfs.8 vfs_ceph.8 vfs_gpfs.8 ${RM} ${STAGEDIR}${PREFIX}/man/man8/${f} .endfor +.if defined(NO_PYTHON) + ${RM} -r ${STAGEDIR}${PYTHON_SITELIBDIR}/samba/third_party/dns \ + ${STAGEDIR}${PYTHON_SITELIBDIR}/samba/third_party/iso8601 +.endif post-install: post-install-rm-junk ${LN} -sf smb.conf.5.gz ${STAGEDIR}${PREFIX}/man/man5/smb4.conf.5.gz # Run post-install script .for dir in ${SAMBA4_LOGDIR} ${SAMBA4_RUNDIR} ${SAMBA4_LOCKDIR} ${SAMBA4_MODULEDIR} ${INSTALL} -d -m 0755 "${STAGEDIR}${dir}" .endfor ${INSTALL} -d -m 0750 "${STAGEDIR}${SAMBA4_BINDDNSDIR}" ${INSTALL} -d -m 0750 "${STAGEDIR}${SAMBA4_PRIVATEDIR}" .for dir in auth bind9 gensec gpext idmap ldb nss_info pdb perfcount process_model service vfs ${INSTALL} -d -m 0755 "${STAGEDIR}${SAMBA4_MODULEDIR}/${dir}" .endfor post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} .for doc in ${PORTDOCS} ${INSTALL_DATA} ${WRKDIR}/${doc} ${STAGEDIR}${DOCSDIR} .endfor # !SAMBA4_SUBPORT .endif .include Index: head/net/samba48/distinfo =================================================================== --- head/net/samba48/distinfo (revision 475994) +++ head/net/samba48/distinfo (revision 475995) @@ -1,3 +1,3 @@ -TIMESTAMP = 1526478569 -SHA256 (samba-4.8.2.tar.gz) = 62e552296d49e6ab44bb87d120a288813fa52e42435d53a1f71b77596512bf22 -SIZE (samba-4.8.2.tar.gz) = 17675145 +TIMESTAMP = 1530185888 +SHA256 (samba-4.8.3.tar.gz) = e0569a8a605d5dfb49f1fdd11db796f4d36fe0351c4a7f21387ef253010b82ed +SIZE (samba-4.8.3.tar.gz) = 17680660 Index: head/net/samba48/files/patch-vfs_full_audit.c =================================================================== --- head/net/samba48/files/patch-vfs_full_audit.c (revision 475994) +++ head/net/samba48/files/patch-vfs_full_audit.c (nonexistent) @@ -1,23 +0,0 @@ ---- source3/modules/vfs_full_audit.c.orig 2018-05-15 10:58:37 UTC -+++ source3/modules/vfs_full_audit.c -@@ -613,6 +613,7 @@ static int smb_full_audit_connect(vfs_ha - const char *svc, const char *user) - { - int result; -+ const char *none[] = { "none" }; - struct vfs_full_audit_private_data *pd = NULL; - - result = SMB_VFS_NEXT_CONNECT(handle, svc, user); -@@ -652,10 +653,10 @@ static int smb_full_audit_connect(vfs_ha - - pd->success_ops = init_bitmap( - pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", -- "success", NULL)); -+ "success", none)); - pd->failure_ops = init_bitmap( - pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", -- "failure", NULL)); -+ "failure", none)); - - /* Store the private data. */ - SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL, Property changes on: head/net/samba48/files/patch-vfs_full_audit.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-13427.patch =================================================================== --- head/net/samba48/files/0001-bug-13427.patch (revision 475994) +++ head/net/samba48/files/0001-bug-13427.patch (nonexistent) @@ -1,213 +0,0 @@ -From 31e168958987826ab7cce61b854daf2a8f3f2adb Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Wed, 9 May 2018 13:30:13 +0200 -Subject: [PATCH 1/3] auth/ntlmssp: add ntlmssp_client:ldap_style_send_seal - option - -This will be used to similate a Windows client only -using NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL -on an LDAP connection, which is indicated internally by -GENSEC_FEATURE_LDAP_STYLE. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427 - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Andrew Bartlett -(cherry picked from commit 7f2bebf09cd8056b3f901dd9ff1fc9e9525f3e9d) ---- - auth/ntlmssp/ntlmssp_client.c | 24 +++++++++++++++++------- - 1 file changed, 17 insertions(+), 7 deletions(-) - -diff --git a/auth/ntlmssp/ntlmssp_client.c b/auth/ntlmssp/ntlmssp_client.c -index db2003f0d6b..54fda41b534 100644 ---- a/auth/ntlmssp/ntlmssp_client.c -+++ b/auth/ntlmssp/ntlmssp_client.c -@@ -865,13 +865,23 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security) - * is requested. - */ - ntlmssp_state->force_wrap_seal = true; -- /* -- * We want also work against old Samba servers -- * which didn't had GENSEC_FEATURE_LDAP_STYLE -- * we negotiate SEAL too. We may remove this -- * in a few years. As all servers should have -- * GENSEC_FEATURE_LDAP_STYLE by then. -- */ -+ } -+ } -+ if (ntlmssp_state->force_wrap_seal) { -+ bool ret; -+ -+ /* -+ * We want also work against old Samba servers -+ * which didn't had GENSEC_FEATURE_LDAP_STYLE -+ * we negotiate SEAL too. We may remove this -+ * in a few years. As all servers should have -+ * GENSEC_FEATURE_LDAP_STYLE by then. -+ */ -+ ret = gensec_setting_bool(gensec_security->settings, -+ "ntlmssp_client", -+ "ldap_style_send_seal", -+ true); -+ if (ret) { - ntlmssp_state->required_flags |= NTLMSSP_NEGOTIATE_SEAL; - } - } --- -2.14.3 - - -From 1734791570ff0eb57a04fef779a093c20c83ed9d Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Wed, 9 May 2018 13:33:05 +0200 -Subject: [PATCH 2/3] s4:selftest: run test_ldb_simple.sh with more auth - options - -This demonstrates the broken GENSEC_FEATURE_LDAP_STYLE -handling in our LDAP server. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427 - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Andrew Bartlett -(cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782) ---- - selftest/knownfail.d/ntlmssp_ldap_style_send_seal | 1 + - source4/selftest/tests.py | 7 +++++++ - 2 files changed, 8 insertions(+) - create mode 100644 selftest/knownfail.d/ntlmssp_ldap_style_send_seal - -diff --git a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal -new file mode 100644 -index 00000000000..0cd7cc2ea39 ---- /dev/null -+++ b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal -@@ -0,0 +1 @@ -+^samba4.ldb.simple.ldap.*ldap_style_send_seal=no -diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py -index 621a61347bc..226617f3b6a 100755 ---- a/source4/selftest/tests.py -+++ b/source4/selftest/tests.py -@@ -116,6 +116,13 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]: - '--option=clientldapsaslwrapping=plain', - '--sign', - '--encrypt', -+ '-k yes --option=clientldapsaslwrapping=plain', -+ '-k yes --sign', -+ '-k yes --encrypt', -+ '-k no --option=clientldapsaslwrapping=plain', -+ '-k no --sign --option=ntlmssp_client:ldap_style_send_seal=no', -+ '-k no --sign', -+ '-k no --encrypt', - ] - - for auth_option in auth_options: --- -2.14.3 - - -From 4b612bcfb938a49b2725e913a95004bd9fa6c3c3 Mon Sep 17 00:00:00 2001 -From: Stefan Metzmacher -Date: Mon, 7 May 2018 14:50:27 +0200 -Subject: [PATCH 3/3] auth/ntlmssp: fix handling of GENSEC_FEATURE_LDAP_STYLE - as a server - -This fixes "NTLMSSP NTLM2 packet check failed due to invalid signature!" -error messages, which were generated if the client only sends -NTLMSSP_NEGOTIATE_SIGN without NTLMSSP_NEGOTIATE_SEAL on an LDAP -connection. - -This fixes a regession in the combination of commits -77adac8c3cd2f7419894d18db735782c9646a202 and -3a0b835408a6efa339e8b34333906bfe3aacd6e3. - -We need to evaluate GENSEC_FEATURE_LDAP_STYLE at the end -of the authentication (as a server, while we already -do so at the beginning as a client). - -As a reminder I introduced GENSEC_FEATURE_LDAP_STYLE -(as an internal flag) in order to let us work as a -Windows using NTLMSSP for LDAP. Even if only signing is -negotiated during the authentication the following PDUs -will still be encrypted if NTLMSSP is used. This is exactly the -same as if the client would have negotiated NTLMSSP_NEGOTIATE_SEAL. -I guess it's a bug in Windows, but we have to reimplement that -bug. Note this only applies to NTLMSSP and only to LDAP! -Signing only works fine for LDAP with Kerberos -or DCERPC and NTLMSSP. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427 - -Signed-off-by: Stefan Metzmacher -Reviewed-by: Andrew Bartlett - -Autobuild-User(master): Andrew Bartlett -Autobuild-Date(master): Wed May 16 03:26:03 CEST 2018 on sn-devel-144 - -(cherry picked from commit c7a3ce95ac4ce837d8fde36578b3b1f56c3ac2fa) ---- - auth/ntlmssp/gensec_ntlmssp_server.c | 19 ------------------- - auth/ntlmssp/ntlmssp_server.c | 8 ++++++++ - selftest/knownfail.d/ntlmssp_ldap_style_send_seal | 1 - - 3 files changed, 8 insertions(+), 20 deletions(-) - delete mode 100644 selftest/knownfail.d/ntlmssp_ldap_style_send_seal - -diff --git a/auth/ntlmssp/gensec_ntlmssp_server.c b/auth/ntlmssp/gensec_ntlmssp_server.c -index c0e6cff5952..ab92f4d0c09 100644 ---- a/auth/ntlmssp/gensec_ntlmssp_server.c -+++ b/auth/ntlmssp/gensec_ntlmssp_server.c -@@ -179,25 +179,6 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) - ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; - ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; - -- if (gensec_security->want_features & GENSEC_FEATURE_SESSION_KEY) { -- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; -- } -- if (gensec_security->want_features & GENSEC_FEATURE_SIGN) { -- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; -- -- if (gensec_security->want_features & GENSEC_FEATURE_LDAP_STYLE) { -- /* -- * We need to handle NTLMSSP_NEGOTIATE_SIGN as -- * NTLMSSP_NEGOTIATE_SEAL if GENSEC_FEATURE_LDAP_STYLE -- * is requested. -- */ -- ntlmssp_state->force_wrap_seal = true; -- } -- } -- if (gensec_security->want_features & GENSEC_FEATURE_SEAL) { -- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; -- ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; -- } - - if (role == ROLE_STANDALONE) { - ntlmssp_state->server.is_standalone = true; -diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c -index 37ed2bc9565..140e89daeb1 100644 ---- a/auth/ntlmssp/ntlmssp_server.c -+++ b/auth/ntlmssp/ntlmssp_server.c -@@ -1080,6 +1080,14 @@ static NTSTATUS ntlmssp_server_postauth(struct gensec_security *gensec_security, - data_blob_free(&ntlmssp_state->challenge_blob); - - if (gensec_ntlmssp_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) { -+ if (gensec_security->want_features & GENSEC_FEATURE_LDAP_STYLE) { -+ /* -+ * We need to handle NTLMSSP_NEGOTIATE_SIGN as -+ * NTLMSSP_NEGOTIATE_SEAL if GENSEC_FEATURE_LDAP_STYLE -+ * is requested. -+ */ -+ ntlmssp_state->force_wrap_seal = true; -+ } - nt_status = ntlmssp_sign_init(ntlmssp_state); - } - -diff --git a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal b/selftest/knownfail.d/ntlmssp_ldap_style_send_seal -deleted file mode 100644 -index 0cd7cc2ea39..00000000000 ---- a/selftest/knownfail.d/ntlmssp_ldap_style_send_seal -+++ /dev/null -@@ -1 +0,0 @@ --^samba4.ldb.simple.ldap.*ldap_style_send_seal=no --- -2.14.3 - Property changes on: head/net/samba48/files/0001-bug-13427.patch ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/net/samba48/files/0001-Zfs-provision-1.patch =================================================================== --- head/net/samba48/files/0001-Zfs-provision-1.patch (revision 475994) +++ head/net/samba48/files/0001-Zfs-provision-1.patch (revision 475995) @@ -1,319 +1,321 @@ From 2664c997587416a2c8c911a75158485a5c98b70b Mon Sep 17 00:00:00 2001 From: John Hixon Date: Sat, 20 May 2017 04:39:37 +0200 Subject: [PATCH] Zfs provision (#1) Cherry-pick ZFS provisioning code by iXsystems Inc. * Check if sysvol is on filesystem with NFSv4 ACL's (cherry picked from commit ca86f52b78a7b6e7537454a69cf93e7b96210cba) * Only check targetdir if it is defined (I had assumed it was) (cherry picked from commit a29050cb2978ce23e3c04a859340dc2664c77a8a) * Kick samba a little bit into understanding NFSv4 ACL's (cherry picked from commit 1c7542ff4904b729e311e17464ee76582760c219) Signed-off-by: Timur I. Bakeyev --- python/samba/provision/__init__.py | 25 ++++-- source3/lib/sysacls.c | 10 +++ source3/param/loadparm.c | 7 ++ source3/smbd/pysmbd.c | 156 ++++++++++++++++++++++++++++++++++++- 4 files changed, 191 insertions(+), 7 deletions(-) diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py index 5de986463a5..cd3b91f41b9 100644 --- a/python/samba/provision/__init__.py +++ b/python/samba/provision/__init__.py @@ -1556,19 +1556,24 @@ def setsysvolacl(samdb, netlogon, sysvol, uid, gid, domainsid, dnsdomain, s3conf = s3param.get_context() s3conf.load(lp.configfile) - file = tempfile.NamedTemporaryFile(dir=os.path.abspath(sysvol)) + sysvol_dir = os.path.abspath(sysvol) + + set_simple_acl = smbd.set_simple_acl + if smbd.has_nfsv4_acls(sysvol_dir): + set_simple_acl = smbd.set_simple_nfsv4_acl + + file = tempfile.NamedTemporaryFile(dir=sysvol_dir) try: try: - smbd.set_simple_acl(file.name, 0755, gid) + set_simple_acl(file.name, 0755, gid) except OSError: - if not smbd.have_posix_acls(): + if not smbd.have_posix_acls() and not smbd.have_nfsv4_acls(): # This clue is only strictly correct for RPM and # Debian-like Linux systems, but hopefully other users # will get enough clue from it. - raise ProvisioningError("Samba was compiled without the posix ACL support that s3fs requires. " + raise ProvisioningError("Samba was compiled without the ACL support that s3fs requires. " "Try installing libacl1-dev or libacl-devel, then re-run configure and make.") - - raise ProvisioningError("Your filesystem or build does not support posix ACLs, which s3fs requires. " + raise ProvisioningError("Your filesystem or build does not support ACLs, which s3fs requires. " "Try the mounting the filesystem with the 'acl' option.") try: smbd.chown(file.name, uid, gid) @@ -1821,6 +1828,9 @@ def provision_fill(samdb, secrets_ldb, logger, names, paths, samdb.transaction_commit() if serverrole == "active directory domain controller": + if targetdir and smbd.have_nfsv4_acls() and smbd.has_nfsv4_acls(targetdir): + smbd.set_nfsv4_defaults() + # Continue setting up sysvol for GPO. This appears to require being # outside a transaction. if not skip_sysvolacl: @@ -2184,6 +2194,9 @@ def provision(logger, session_info, smbconf=None, if not os.path.isdir(paths.netlogon): os.makedirs(paths.netlogon, 0755) + if smbd.have_nfsv4_acls() and smbd.has_nfsv4_acls(paths.sysvol): + smbd.set_nfsv4_defaults() + if adminpass is None: adminpass = samba.generate_random_password(12, 32) adminpass_generated = True diff --git a/source3/lib/sysacls.c b/source3/lib/sysacls.c index 0bf3c37edfa..786cd39b5bc 100644 --- a/source3/lib/sysacls.c +++ b/source3/lib/sysacls.c @@ -38,6 +38,16 @@ #include "modules/vfs_hpuxacl.h" #endif +/* + * NFSv4 ACL's should be understood and a first class citizen. Work + * needs to be done in librpc/idl/smb_acl.idl for this to occur. + */ +#if defined(HAVE_LIBSUNACL) && defined(FREEBSD) +#if 0 +#include "modules/nfs4_acls.h" +#endif +#endif + #undef DBGC_CLASS #define DBGC_CLASS DBGC_ACLS diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index a2fcc4246c9..4b676897fc1 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -2740,6 +2740,13 @@ static void init_locals(void) } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) { lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb"); } else { + /* + * This should only set dfs_samba4 and leave acl_xattr + * to be set later (or zfsacl). The only reason the decision + * can't be made here to load acl_xattr or zfsacl is + * that we don't have access to what the target + * directory is. + */ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr"); } } diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c index 63fc5d68c33..f5a536ee186 100644 --- a/source3/smbd/pysmbd.c +++ b/source3/smbd/pysmbd.c -@@ -335,6 +335,18 @@ static SMB_ACL_T make_simple_acl(gid_t gid, mode_t chmod_mode) +@@ -368,6 +368,20 @@ static SMB_ACL_T make_simple_acl(TALLOC_ return acl; } -+static SMB_ACL_T make_simple_nfsv4_acl(gid_t gid, mode_t chmod_mode) ++static SMB_ACL_T make_simple_nfsv4_acl(TALLOC_CTX *mem_ctx, ++ gid_t gid, ++ mode_t chmod_mode) +{ + /* + * This function needs to create an NFSv4 ACL. Currently, the only way + * to do so is to use the operating system interface, or to use the + * functions in source3/modules/nfs4_acls.c. These seems ugly and + * hacky. NFSv4 ACL's should be a first class citizen and + * librpc/idl/smb_acl.idl should be modified accordingly. + */ + return NULL; +} + /* set a simple ACL on a file, as a test */ -@@ -363,6 +375,53 @@ static PyObject *py_smbd_set_simple_acl(PyObject *self, PyObject *args, PyObject - } +@@ -413,6 +427,53 @@ static PyObject *py_smbd_set_simple_acl( + } - ret = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); -+ -+ TALLOC_FREE(acl); -+ -+ if (ret != 0) { -+ TALLOC_FREE(frame); -+ errno = ret; -+ return PyErr_SetFromErrno(PyExc_OSError); -+ } -+ -+ TALLOC_FREE(frame); -+ -+ Py_RETURN_NONE; -+} -+ -+/* + /* + set a simple NFSv4 ACL on a file, as a test + */ +static PyObject *py_smbd_set_simple_nfsv4_acl(PyObject *self, PyObject *args, PyObject *kwargs) +{ + const char * const kwnames[] = { "fname", "mode", "gid", "service", NULL }; + char *fname, *service = NULL; + int ret; + int mode, gid = -1; + SMB_ACL_T acl; + TALLOC_CTX *frame; + connection_struct *conn; + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "si|iz", + discard_const_p(char *, kwnames), + &fname, &mode, &gid, &service)) + return NULL; + -+ acl = make_simple_nfsv4_acl(gid, mode); -+ + frame = talloc_stackframe(); + ++ acl = make_simple_nfsv4_acl(frame, gid, mode); ++ if (acl == NULL) { ++ TALLOC_FREE(frame); ++ return NULL; ++ } ++ + conn = get_conn(frame, service); + if (!conn) { + return NULL; + } + + /* + * SMB_ACL_TYPE_ACCESS -> ACL_TYPE_ACCESS -> Not valid for NFSv4 ACL + */ -+ //ret = set_sys_acl_conn(fname, SMB_ACL_TYPE_ACCESS, acl, conn); + ret = 0; + - TALLOC_FREE(acl); - - if (ret != 0) { -@@ -483,7 +542,7 @@ static PyObject *py_smbd_unlink(PyObject *self, PyObject *args, PyObject *kwargs ++ if (ret != 0) { ++ TALLOC_FREE(frame); ++ errno = ret; ++ return PyErr_SetFromErrno(PyExc_OSError); ++ } ++ ++ TALLOC_FREE(frame); ++ ++ Py_RETURN_NONE; ++} ++ ++/* + chown a file + */ + static PyObject *py_smbd_chown(PyObject *self, PyObject *args, PyObject *kwargs) +@@ -519,7 +580,7 @@ static PyObject *py_smbd_unlink(PyObject } /* - check if we have ACL support + check if we have POSIX.1e ACL support */ static PyObject *py_smbd_have_posix_acls(PyObject *self) { -@@ -494,6 +553,86 @@ static PyObject *py_smbd_have_posix_acls(PyObject *self) +@@ -530,6 +591,86 @@ static PyObject *py_smbd_have_posix_acls #endif } +static PyObject *py_smbd_has_posix_acls(PyObject *self, PyObject *args, PyObject *kwargs) +{ + const char * const kwnames[] = { "path", NULL }; + char *path = NULL; + TALLOC_CTX *frame; + struct statfs fs; + int ret = false; + + frame = talloc_stackframe(); + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|z", + discard_const_p(char *, kwnames), &path)) { + TALLOC_FREE(frame); + return NULL; + } + + if (statfs(path, &fs) != 0) { + TALLOC_FREE(frame); + return NULL; + } + + if (fs.f_flags & MNT_ACLS) + ret = true; + + TALLOC_FREE(frame); + return PyBool_FromLong(ret); +} + +/* + check if we have NFSv4 ACL support + */ +static PyObject *py_smbd_have_nfsv4_acls(PyObject *self) +{ +#ifdef HAVE_LIBSUNACL + return PyBool_FromLong(true); +#else + return PyBool_FromLong(false); +#endif +} + +static PyObject *py_smbd_has_nfsv4_acls(PyObject *self, PyObject *args, PyObject *kwargs) +{ + const char * const kwnames[] = { "path", NULL }; + char *path = NULL; + TALLOC_CTX *frame; + struct statfs fs; + int ret = false; + + frame = talloc_stackframe(); + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|z", + discard_const_p(char *, kwnames), &path)) { + TALLOC_FREE(frame); + return NULL; + } + + if (statfs(path, &fs) != 0) { + TALLOC_FREE(frame); + return NULL; + } + + if (fs.f_flags & MNT_NFS4ACLS) + ret = true; + + TALLOC_FREE(frame); + return PyBool_FromLong(ret); +} + + +static PyObject *py_smbd_set_nfsv4_defaults(PyObject *self) +{ + /* + * This should really be done in source3/param/loadparm.c + */ +#if defined(HAVE_LIBSUNACL) && defined(FREEBSD) + lp_do_parameter(-1, "vfs objects", "dfs_samba4 zfsacl"); +#endif + Py_RETURN_NONE; +} + /* set the NT ACL on a file */ -@@ -681,9 +820,24 @@ static PyMethodDef py_smbd_methods[] = { +@@ -717,9 +858,24 @@ static PyMethodDef py_smbd_methods[] = { { "have_posix_acls", (PyCFunction)py_smbd_have_posix_acls, METH_NOARGS, NULL }, + { "has_posix_acls", + (PyCFunction)py_smbd_has_posix_acls, METH_VARARGS|METH_KEYWORDS, + NULL }, + { "have_nfsv4_acls", + (PyCFunction)py_smbd_have_nfsv4_acls, METH_NOARGS, + NULL }, + { "has_nfsv4_acls", + (PyCFunction)py_smbd_has_nfsv4_acls, METH_VARARGS|METH_KEYWORDS, + NULL }, + { "set_nfsv4_defaults", + (PyCFunction)py_smbd_set_nfsv4_defaults, METH_NOARGS, + NULL }, { "set_simple_acl", (PyCFunction)py_smbd_set_simple_acl, METH_VARARGS|METH_KEYWORDS, NULL }, + { "set_simple_nfsv4_acl", + (PyCFunction)py_smbd_set_simple_nfsv4_acl, METH_VARARGS|METH_KEYWORDS, + NULL }, { "set_nt_acl", (PyCFunction)py_smbd_set_nt_acl, METH_VARARGS|METH_KEYWORDS, NULL }, -- 2.14.2 Index: head/net/samba48/files/0001-audit.patch =================================================================== --- head/net/samba48/files/0001-audit.patch (nonexistent) +++ head/net/samba48/files/0001-audit.patch (revision 475995) @@ -0,0 +1,247 @@ +From 7d1bcfc99c393367093c903f95a5e365881b7989 Mon Sep 17 00:00:00 2001 +From: "Timur I. Bakeyev" +Date: Fri, 22 Jun 2018 12:15:30 +0800 +Subject: [PATCH 1/3] Make sure that vfs*audit modules recognize and accept all + the syslog facilities. + +--- + source3/modules/vfs_audit.c | 34 +++++++++++++++++++++++----------- + source3/modules/vfs_extd_audit.c | 34 +++++++++++++++++++++++----------- + source3/modules/vfs_full_audit.c | 34 +++++++++++++++++++++++----------- + 3 files changed, 69 insertions(+), 33 deletions(-) + +diff --git a/source3/modules/vfs_audit.c b/source3/modules/vfs_audit.c +index 12477d5b01f..4f9d16c452e 100644 +--- a/source3/modules/vfs_audit.c ++++ b/source3/modules/vfs_audit.c +@@ -33,16 +33,28 @@ + static int audit_syslog_facility(vfs_handle_struct *handle) + { + static const struct enum_list enum_log_facilities[] = { +- { LOG_USER, "USER" }, +- { LOG_LOCAL0, "LOCAL0" }, +- { LOG_LOCAL1, "LOCAL1" }, +- { LOG_LOCAL2, "LOCAL2" }, +- { LOG_LOCAL3, "LOCAL3" }, +- { LOG_LOCAL4, "LOCAL4" }, +- { LOG_LOCAL5, "LOCAL5" }, +- { LOG_LOCAL6, "LOCAL6" }, +- { LOG_LOCAL7, "LOCAL7" }, +- { -1, NULL} ++ { LOG_AUTH, "AUTH" }, ++ { LOG_CRON, "CRON" }, ++ { LOG_DAEMON, "DAEMON" }, ++ { LOG_FTP, "FTP" }, ++ { LOG_KERN, "KERN" }, ++ { LOG_LPR, "LPR" }, ++ { LOG_MAIL, "MAIL" }, ++ { LOG_NEWS, "NEWS" }, ++ { LOG_NTP, "NTP" }, ++ { LOG_SECURITY, "SECURITY" }, ++ { LOG_SYSLOG, "SYSLOG" }, ++ { LOG_USER, "USER" }, ++ { LOG_UUCP, "UUCP" }, ++ { LOG_LOCAL0, "LOCAL0" }, ++ { LOG_LOCAL1, "LOCAL1" }, ++ { LOG_LOCAL2, "LOCAL2" }, ++ { LOG_LOCAL3, "LOCAL3" }, ++ { LOG_LOCAL4, "LOCAL4" }, ++ { LOG_LOCAL5, "LOCAL5" }, ++ { LOG_LOCAL6, "LOCAL6" }, ++ { LOG_LOCAL7, "LOCAL7" }, ++ { -1, NULL } + }; + + int facility; +@@ -64,7 +76,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle) + { LOG_NOTICE, "NOTICE" }, + { LOG_INFO, "INFO" }, + { LOG_DEBUG, "DEBUG" }, +- { -1, NULL} ++ { -1, NULL } + }; + + int priority; +diff --git a/source3/modules/vfs_extd_audit.c b/source3/modules/vfs_extd_audit.c +index 7d1fe273978..5307569a010 100644 +--- a/source3/modules/vfs_extd_audit.c ++++ b/source3/modules/vfs_extd_audit.c +@@ -36,16 +36,28 @@ static int vfs_extd_audit_debug_level = DBGC_VFS; + static int audit_syslog_facility(vfs_handle_struct *handle) + { + static const struct enum_list enum_log_facilities[] = { +- { LOG_USER, "USER" }, +- { LOG_LOCAL0, "LOCAL0" }, +- { LOG_LOCAL1, "LOCAL1" }, +- { LOG_LOCAL2, "LOCAL2" }, +- { LOG_LOCAL3, "LOCAL3" }, +- { LOG_LOCAL4, "LOCAL4" }, +- { LOG_LOCAL5, "LOCAL5" }, +- { LOG_LOCAL6, "LOCAL6" }, +- { LOG_LOCAL7, "LOCAL7" }, +- { -1, NULL} ++ { LOG_AUTH, "AUTH" }, ++ { LOG_CRON, "CRON" }, ++ { LOG_DAEMON, "DAEMON" }, ++ { LOG_FTP, "FTP" }, ++ { LOG_KERN, "KERN" }, ++ { LOG_LPR, "LPR" }, ++ { LOG_MAIL, "MAIL" }, ++ { LOG_NEWS, "NEWS" }, ++ { LOG_NTP, "NTP" }, ++ { LOG_SECURITY, "SECURITY" }, ++ { LOG_SYSLOG, "SYSLOG" }, ++ { LOG_USER, "USER" }, ++ { LOG_UUCP, "UUCP" }, ++ { LOG_LOCAL0, "LOCAL0" }, ++ { LOG_LOCAL1, "LOCAL1" }, ++ { LOG_LOCAL2, "LOCAL2" }, ++ { LOG_LOCAL3, "LOCAL3" }, ++ { LOG_LOCAL4, "LOCAL4" }, ++ { LOG_LOCAL5, "LOCAL5" }, ++ { LOG_LOCAL6, "LOCAL6" }, ++ { LOG_LOCAL7, "LOCAL7" }, ++ { -1, NULL } + }; + + int facility; +@@ -67,7 +79,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle) + { LOG_NOTICE, "NOTICE" }, + { LOG_INFO, "INFO" }, + { LOG_DEBUG, "DEBUG" }, +- { -1, NULL} ++ { -1, NULL } + }; + + int priority; +diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c +index a205007f46f..a52af4b5740 100644 +--- a/source3/modules/vfs_full_audit.c ++++ b/source3/modules/vfs_full_audit.c +@@ -357,16 +357,28 @@ static struct { + static int audit_syslog_facility(vfs_handle_struct *handle) + { + static const struct enum_list enum_log_facilities[] = { +- { LOG_USER, "USER" }, +- { LOG_LOCAL0, "LOCAL0" }, +- { LOG_LOCAL1, "LOCAL1" }, +- { LOG_LOCAL2, "LOCAL2" }, +- { LOG_LOCAL3, "LOCAL3" }, +- { LOG_LOCAL4, "LOCAL4" }, +- { LOG_LOCAL5, "LOCAL5" }, +- { LOG_LOCAL6, "LOCAL6" }, +- { LOG_LOCAL7, "LOCAL7" }, +- { -1, NULL} ++ { LOG_AUTH, "AUTH" }, ++ { LOG_CRON, "CRON" }, ++ { LOG_DAEMON, "DAEMON" }, ++ { LOG_FTP, "FTP" }, ++ { LOG_KERN, "KERN" }, ++ { LOG_LPR, "LPR" }, ++ { LOG_MAIL, "MAIL" }, ++ { LOG_NEWS, "NEWS" }, ++ { LOG_NTP, "NTP" }, ++ { LOG_SECURITY, "SECURITY" }, ++ { LOG_SYSLOG, "SYSLOG" }, ++ { LOG_USER, "USER" }, ++ { LOG_UUCP, "UUCP" }, ++ { LOG_LOCAL0, "LOCAL0" }, ++ { LOG_LOCAL1, "LOCAL1" }, ++ { LOG_LOCAL2, "LOCAL2" }, ++ { LOG_LOCAL3, "LOCAL3" }, ++ { LOG_LOCAL4, "LOCAL4" }, ++ { LOG_LOCAL5, "LOCAL5" }, ++ { LOG_LOCAL6, "LOCAL6" }, ++ { LOG_LOCAL7, "LOCAL7" }, ++ { -1, NULL } + }; + + int facility; +@@ -387,7 +399,7 @@ static int audit_syslog_priority(vfs_handle_struct *handle) + { LOG_NOTICE, "NOTICE" }, + { LOG_INFO, "INFO" }, + { LOG_DEBUG, "DEBUG" }, +- { -1, NULL} ++ { -1, NULL } + }; + + int priority; +-- +2.16.3 + + +From b98fc517251ad25b695ef64453ffe3eaaffed5d8 Mon Sep 17 00:00:00 2001 +From: "Timur I. Bakeyev" +Date: Fri, 22 Jun 2018 12:19:42 +0800 +Subject: [PATCH 2/3] Make "none" is the default setting for the successful and + failed operations in the vfs_full_audit, so you don't blow up your server by + just adding this module to the configuration. + +--- + source3/modules/vfs_full_audit.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c +index a52af4b5740..bc40c8137dc 100644 +--- a/source3/modules/vfs_full_audit.c ++++ b/source3/modules/vfs_full_audit.c +@@ -624,6 +624,7 @@ static int smb_full_audit_connect(vfs_handle_struct *handle, + const char *svc, const char *user) + { + int result; ++ const char *none[] = { "none" }; + struct vfs_full_audit_private_data *pd = NULL; + + result = SMB_VFS_NEXT_CONNECT(handle, svc, user); +@@ -663,10 +664,10 @@ static int smb_full_audit_connect(vfs_handle_struct *handle, + + pd->success_ops = init_bitmap( + pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", +- "success", NULL)); ++ "success", none)); + pd->failure_ops = init_bitmap( + pd, lp_parm_string_list(SNUM(handle->conn), "full_audit", +- "failure", NULL)); ++ "failure", none)); + + /* Store the private data. */ + SMB_VFS_HANDLE_SET_DATA(handle, pd, NULL, +-- +2.16.3 + + +From e25f3a6cfc284737d8df941686f6629568763103 Mon Sep 17 00:00:00 2001 +From: "Timur I. Bakeyev" +Date: Fri, 22 Jun 2018 12:36:07 +0800 +Subject: [PATCH 3/3] Document that vfs_full_audit defaults are "none" for the + successful and failed operations. + +--- + docs-xml/manpages/vfs_full_audit.8.xml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/docs-xml/manpages/vfs_full_audit.8.xml b/docs-xml/manpages/vfs_full_audit.8.xml +index cefe66d8b6f..ac8473f9990 100644 +--- a/docs-xml/manpages/vfs_full_audit.8.xml ++++ b/docs-xml/manpages/vfs_full_audit.8.xml +@@ -164,7 +164,7 @@ + LIST is a list of VFS operations that should be + recorded if they succeed. Operations are specified using + the names listed above. Operations can be unset by prefixing +- the names with "!". The default is all operations. ++ the names with "!". The default is none operations. + + + +@@ -176,7 +176,7 @@ + LIST is a list of VFS operations that should be + recorded if they failed. Operations are specified using + the names listed above. Operations can be unset by prefixing +- the names with "!". The default is all operations. ++ the names with "!". The default is none operations. + + + +-- +2.16.3 + Property changes on: head/net/samba48/files/0001-audit.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-13351.patch =================================================================== --- head/net/samba48/files/0001-bug-13351.patch (nonexistent) +++ head/net/samba48/files/0001-bug-13351.patch (revision 475995) @@ -0,0 +1,50 @@ +From 1598b78bf791b5a2b8ff52745563ebfcc2a5a0cb Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Thu, 22 Mar 2018 08:03:58 +0100 +Subject: [PATCH] s3: smbd: always set vuid in check_user_ok() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +A SMB session reauth will have invalidated conn->vuid via +conn_clear_vuid_caches(). + +Ensure conn->vuid always has the vuid of the current user in +check_user_ok(). + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13351 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Autobuild-User(master): Ralph Böhme +Autobuild-Date(master): Thu Mar 22 18:26:04 CET 2018 on sn-devel-144 + +(cherry picked from commit 42d6dd2f30b6c3b3176bd1f378422a2eb62b1008) +--- + source3/smbd/uid.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c +index 6eb53920abf..b24ae3cc3b0 100644 +--- a/source3/smbd/uid.c ++++ b/source3/smbd/uid.c +@@ -202,6 +202,7 @@ static bool check_user_ok(connection_struct *conn, + conn->session_info = ent->session_info; + conn->read_only = ent->read_only; + conn->share_access = ent->share_access; ++ conn->vuid = ent->vuid; + return(True); + } + } +@@ -250,6 +251,7 @@ static bool check_user_ok(connection_struct *conn, + ent->share_access = share_access; + free_conn_session_info_if_unused(conn); + conn->session_info = ent->session_info; ++ conn->vuid = ent->vuid; + if (vuid == UID_FIELD_INVALID) { + /* + * Not strictly needed, just make it really +-- +2.13.6 + Property changes on: head/net/samba48/files/0001-bug-13351.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-13441.patch =================================================================== --- head/net/samba48/files/0001-bug-13441.patch (nonexistent) +++ head/net/samba48/files/0001-bug-13441.patch (revision 475995) @@ -0,0 +1,343 @@ +From 1aa2785b7549205c4187c2afcd171ea1ade96ba9 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 19 May 2018 01:36:21 +0200 +Subject: [PATCH 1/3] s4:torture/vfs/fruit: decrease large resource fork size + in test from 1 GB to 64 MB + +64 MB is a more realistic value and lets the test pass on FreeBSD with +fruit:resource=stream and vfs_streams_xattr. + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit 2729b4329af0ad0b6a8bd188450b8abd76670d8a) +--- + source4/torture/vfs/fruit.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c +index 4564047e0fb..543b1c5d969 100644 +--- a/source4/torture/vfs/fruit.c ++++ b/source4/torture/vfs/fruit.c +@@ -1594,11 +1594,11 @@ static bool test_write_atalk_rfork_io(struct torture_context *tctx, + + ret &= write_stream(tree, __location__, tctx, mem_ctx, + fname, AFPRESOURCE_STREAM_NAME, +- (off_t)1<<32, 10, rfork_content); ++ (off_t)64*1024*1024, 10, rfork_content); + + ret &= check_stream(tree, __location__, tctx, mem_ctx, + fname, AFPRESOURCE_STREAM_NAME, +- (off_t)1<<32, 10, 0, 10, rfork_content); ++ (off_t)64*1024*1024, 10, 0, 10, rfork_content); + + /* Truncate back to size of 1 byte */ + +-- +2.13.6 + + +From 928b66f9b798497bb694434e08384bb75d029913 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Thu, 17 May 2018 16:43:49 +0200 +Subject: [PATCH 2/3] s4:torture: test setting EOF of a stream to 0 with + enabled AAPL extensions + +macOS SMB server uses xattrs as storage backend for streams, directly +exposing xattr get/set characteristics. Setting EOF on a stream to 0 +just deletes the xattr as macOS doesn't support 0-byte sized xattrs. + +Note that this does not apply to the AFP_AfpInfo and AFP_Resource +streams, they have even stranger semantics and we have other tests +for those. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit cf5d471544f0cb0d072e4af1ee36798580d32897) +--- + selftest/knownfail.d/samba3.vfs.fruit | 3 + + source4/torture/vfs/fruit.c | 197 ++++++++++++++++++++++++++++++++++ + 2 files changed, 200 insertions(+) + +diff --git a/selftest/knownfail.d/samba3.vfs.fruit b/selftest/knownfail.d/samba3.vfs.fruit +index 8df25bccb79..5931c471086 100644 +--- a/selftest/knownfail.d/samba3.vfs.fruit ++++ b/selftest/knownfail.d/samba3.vfs.fruit +@@ -1 +1,4 @@ + ^samba3.vfs.fruit streams_depot.OS X AppleDouble file conversion\(nt4_dc\) ++^samba3.vfs.fruit metadata_netatalk.setinfo eof stream\(nt4_dc\) ++^samba3.vfs.fruit metadata_stream.setinfo eof stream\(nt4_dc\) ++^samba3.vfs.fruit streams_depot.setinfo eof stream\(nt4_dc\) +diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c +index 543b1c5d969..1202adb2cbf 100644 +--- a/source4/torture/vfs/fruit.c ++++ b/source4/torture/vfs/fruit.c +@@ -4578,6 +4578,202 @@ static bool test_nfs_aces(struct torture_context *tctx, + return ret; + } + ++static bool test_setinfo_stream_eof(struct torture_context *tctx, ++ struct smb2_tree *tree) ++{ ++ bool ret = true; ++ NTSTATUS status; ++ struct smb2_create create; ++ union smb_setfileinfo sfinfo; ++ union smb_fileinfo finfo; ++ struct smb2_handle h1; ++ TALLOC_CTX *mem_ctx = talloc_new(tctx); ++ const char *fname = BASEDIR "\\file"; ++ const char *sname = BASEDIR "\\file:foo"; ++ ++ torture_assert_goto(tctx, mem_ctx != NULL, ret, done, ++ "talloc_new failed\n"); ++ ++ torture_comment(tctx, "Test setting EOF on a stream\n"); ++ ++ smb2_deltree(tree, BASEDIR); ++ status = torture_smb2_testdir(tree, BASEDIR, &h1); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testdir\n"); ++ smb2_util_close(tree, h1); ++ ++ status = torture_smb2_testfile(tree, fname, &h1); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ smb2_util_close(tree, h1); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ status = smb2_util_write(tree, h1, "1234567890", 0, 10); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_util_write failed\n"); ++ smb2_util_close(tree, h1); ++ ++ /* ++ * Test setting EOF to 21 ++ */ ++ ++ torture_comment(tctx, "Setting stream EOF to 21\n"); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(sfinfo); ++ sfinfo.generic.in.file.handle = h1; ++ sfinfo.generic.level = RAW_SFILEINFO_END_OF_FILE_INFORMATION; ++ sfinfo.position_information.in.position = 21; ++ status = smb2_setinfo_file(tree, &sfinfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ++ ret, done, "set EOF 21 failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(finfo); ++ finfo.generic.level = RAW_FILEINFO_STANDARD_INFORMATION; ++ finfo.generic.in.file.handle = h1; ++ status = smb2_getinfo_file(tree, mem_ctx, &finfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_getinfo_file failed"); ++ ++ smb2_util_close(tree, h1); ++ ++ torture_assert_goto(tctx, finfo.standard_info.out.size == 21, ++ ret, done, "size != 21\n"); ++ ++ /* ++ * Test setting EOF to 0 ++ */ ++ ++ torture_comment(tctx, "Setting stream EOF to 0\n"); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(sfinfo); ++ sfinfo.generic.in.file.handle = h1; ++ sfinfo.generic.level = RAW_SFILEINFO_END_OF_FILE_INFORMATION; ++ sfinfo.position_information.in.position = 0; ++ status = smb2_setinfo_file(tree, &sfinfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "set eof 0 failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(finfo); ++ finfo.generic.level = RAW_FILEINFO_STANDARD_INFORMATION; ++ finfo.generic.in.file.handle = h1; ++ status = smb2_getinfo_file(tree, mem_ctx, &finfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_getinfo_file failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ torture_assert_goto(tctx, finfo.standard_info.out.size == 0, ++ ret, done, "size != 0\n"); ++ ++ /* ++ * Test setinfo end-of-file info to 1 ++ */ ++ ++ torture_comment(tctx, "Setting stream EOF to 1\n"); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(sfinfo); ++ sfinfo.generic.in.file.handle = h1; ++ sfinfo.generic.level = RAW_SFILEINFO_END_OF_FILE_INFORMATION; ++ sfinfo.position_information.in.position = 1; ++ status = smb2_setinfo_file(tree, &sfinfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "set EOF 1 failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(finfo); ++ finfo.generic.level = RAW_FILEINFO_STANDARD_INFORMATION; ++ finfo.generic.in.file.handle = h1; ++ status = smb2_getinfo_file(tree, mem_ctx, &finfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_getinfo_file failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ torture_assert_goto(tctx, finfo.standard_info.out.size == 1, ++ ret, done, "size != 1\n"); ++ ++ /* ++ * Test setting EOF to 0 with AAPL enabled, should delete stream ++ */ ++ ++ torture_comment(tctx, "Enabling AAPL extensions\n"); ++ ++ ret = enable_aapl(tctx, tree); ++ torture_assert(tctx, ret == true, "enable_aapl failed\n"); ++ ++ torture_comment(tctx, "Setting stream EOF to 0\n"); ++ status = torture_smb2_testfile_access(tree, sname, &h1, ++ SEC_FILE_WRITE_DATA); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "torture_smb2_testfile failed\n"); ++ ++ ZERO_STRUCT(sfinfo); ++ sfinfo.generic.in.file.handle = h1; ++ sfinfo.generic.level = RAW_SFILEINFO_END_OF_FILE_INFORMATION; ++ sfinfo.position_information.in.position = 0; ++ status = smb2_setinfo_file(tree, &sfinfo); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "set eof 0 failed\n"); ++ ++ smb2_util_close(tree, h1); ++ ++ ZERO_STRUCT(create); ++ create.in.desired_access = SEC_FILE_READ_ATTRIBUTE; ++ create.in.share_access = NTCREATEX_SHARE_ACCESS_MASK; ++ create.in.file_attributes = FILE_ATTRIBUTE_NORMAL; ++ create.in.create_disposition = NTCREATEX_DISP_OPEN; ++ create.in.fname = sname; ++ ++ status = smb2_create(tree, tctx, &create); ++ torture_assert_ntstatus_equal_goto( ++ tctx, status, NT_STATUS_OBJECT_NAME_NOT_FOUND, ret, done, ++ "Unexpected status\n"); ++ ++done: ++ smb2_util_unlink(tree, fname); ++ smb2_util_rmdir(tree, BASEDIR); ++ return ret; ++} ++ + /* + * Note: This test depends on "vfs objects = catia fruit streams_xattr". For + * some tests torture must be run on the host it tests and takes an additional +@@ -4610,6 +4806,7 @@ struct torture_suite *torture_vfs_fruit(TALLOC_CTX *ctx) + torture_suite_add_1smb2_test(suite, "create delete-on-close AFP_AfpResource", test_create_delete_on_close_resource); + torture_suite_add_1smb2_test(suite, "setinfo delete-on-close AFP_AfpResource", test_setinfo_delete_on_close_resource); + torture_suite_add_1smb2_test(suite, "setinfo eof AFP_AfpResource", test_setinfo_eof_resource); ++ torture_suite_add_1smb2_test(suite, "setinfo eof stream", test_setinfo_stream_eof); + torture_suite_add_1smb2_test(suite, "null afpinfo", test_null_afpinfo); + torture_suite_add_1smb2_test(suite, "delete", test_delete_file_with_rfork); + torture_suite_add_1smb2_test(suite, "read open rsrc after rename", test_rename_and_read_rsrc); +-- +2.13.6 + + +From d85666f4c4062af68606790df2c5e1fdba135906 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Thu, 17 May 2018 16:48:09 +0200 +Subject: [PATCH 3/3] vfs_fruit: delete 0 byte size streams if AAPL is enabled + +macOS SMB server uses xattrs as storage backend for streams, directly +exposing xattr get/set characteristics. Setting EOF on a stream to 0 +just deletes the xattr as macOS doesn't support 0-byte sized xattrs. + +Note that this does not apply to the AFP_AfpInfo and AFP_Resource +streams, they have even stranger semantics and we have other tests +for those. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13441 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison + +Autobuild-User(master): Jeremy Allison +Autobuild-Date(master): Wed May 30 02:34:29 CEST 2018 on sn-devel-144 + +(cherry picked from commit 46d127865f3fb14041797d395db3b3234ed3bd6c) +--- + selftest/knownfail.d/samba3.vfs.fruit | 3 --- + source3/modules/vfs_fruit.c | 3 +++ + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/selftest/knownfail.d/samba3.vfs.fruit b/selftest/knownfail.d/samba3.vfs.fruit +index 5931c471086..8df25bccb79 100644 +--- a/selftest/knownfail.d/samba3.vfs.fruit ++++ b/selftest/knownfail.d/samba3.vfs.fruit +@@ -1,4 +1 @@ + ^samba3.vfs.fruit streams_depot.OS X AppleDouble file conversion\(nt4_dc\) +-^samba3.vfs.fruit metadata_netatalk.setinfo eof stream\(nt4_dc\) +-^samba3.vfs.fruit metadata_stream.setinfo eof stream\(nt4_dc\) +-^samba3.vfs.fruit streams_depot.setinfo eof stream\(nt4_dc\) +diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c +index 1a05d0bae34..013dec0186a 100644 +--- a/source3/modules/vfs_fruit.c ++++ b/source3/modules/vfs_fruit.c +@@ -5537,6 +5537,9 @@ static int fruit_ftruncate(struct vfs_handle_struct *handle, + (intmax_t)offset); + + if (fio == NULL) { ++ if (offset == 0 && global_fruit_config.nego_aapl) { ++ return SMB_VFS_NEXT_UNLINK(handle, fsp->fsp_name); ++ } + return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, offset); + } + +-- +2.13.6 + Property changes on: head/net/samba48/files/0001-bug-13441.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-13451.patch =================================================================== --- head/net/samba48/files/0001-bug-13451.patch (nonexistent) +++ head/net/samba48/files/0001-bug-13451.patch (revision 475995) @@ -0,0 +1,461 @@ +From 7bf82ece36c384784b1ba672667c5461fd0d7c29 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 26 May 2018 16:30:47 +0200 +Subject: [PATCH 1/6] selftest: run smb2.streams tests against a share with + vfs_streams_xattr + +The tests are currently only run against streams_depot, where stream IO +is handle based, compared to streams_xattr which is path +based. vfs_streams_xattr is also used much more in real world setups, so +we should run our tests against it. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(backported from commit aa096ab70a466388a9947f73a525b2dcbb9821e5) +--- + selftest/knownfail | 3 +++ + source3/selftest/tests.py | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/selftest/knownfail b/selftest/knownfail +index eaddaece25c..ba16fd72290 100644 +--- a/selftest/knownfail ++++ b/selftest/knownfail +@@ -177,6 +177,9 @@ + ^samba3.smb2.streams.rename + ^samba3.smb2.streams.rename2 + ^samba3.smb2.streams.attributes ++^samba3.smb2.streams streams_xattr.rename\(nt4_dc\) ++^samba3.smb2.streams streams_xattr.rename2\(nt4_dc\) ++^samba3.smb2.streams streams_xattr.attributes\(nt4_dc\) + ^samba3.smb2.getinfo.complex + ^samba3.smb2.getinfo.fsinfo # quotas don't work yet + ^samba3.smb2.setinfo.setinfo +diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py +index f43d2b14d3a..9092c1776c8 100755 +--- a/source3/selftest/tests.py ++++ b/source3/selftest/tests.py +@@ -559,6 +559,10 @@ tests= base + raw + smb2 + rpc + unix + local + rap + nbt + libsmbclient + idmap + elif t == "rpc.samba3.netlogon" or t == "rpc.samba3.sessionkey": + plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:wksname=samba3rpctest') + plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD --option=torture:wksname=samba3rpctest') ++ elif t == "smb2.streams": ++ plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') ++ plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') ++ plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/streams_xattr -U$USERNAME%$PASSWORD', 'streams_xattr') + else: + plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') + plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') +-- +2.13.6 + + +From 495303b80c7cc87a5b2c6a8b6c6d545db7b48d8b Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 26 May 2018 16:07:14 +0200 +Subject: [PATCH 2/6] s4:torture/smb2/streams: try to rename basefile while is + has open streams + +This tests the following: + +- create a file with a stream +- open the the stream and keep it open +- on a second connection, try to rename the basefile, this should fail + with NT_STATUS_ACCESS_DENIED + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit 00d19bdab15102083b8ba395ede161824c898be1) +--- + selftest/knownfail.d/samba3.smb2.streams | 2 + + source4/torture/smb2/streams.c | 82 ++++++++++++++++++++++++++++++++ + 2 files changed, 84 insertions(+) + create mode 100644 selftest/knownfail.d/samba3.smb2.streams + +diff --git a/selftest/knownfail.d/samba3.smb2.streams b/selftest/knownfail.d/samba3.smb2.streams +new file mode 100644 +index 00000000000..26d40a67bda +--- /dev/null ++++ b/selftest/knownfail.d/samba3.smb2.streams +@@ -0,0 +1,2 @@ ++samba3.smb2.streams.basefile-rename-with-open-stream\(.*\) ++samba3.smb2.streams streams_xattr.basefile-rename-with-open-stream\(nt4_dc\) +diff --git a/source4/torture/smb2/streams.c b/source4/torture/smb2/streams.c +index d302bf923c9..b39d96d4924 100644 +--- a/source4/torture/smb2/streams.c ++++ b/source4/torture/smb2/streams.c +@@ -1830,6 +1830,86 @@ static bool test_stream_attributes(struct torture_context *tctx, + return ret; + } + ++static bool test_basefile_rename_with_open_stream(struct torture_context *tctx, ++ struct smb2_tree *tree) ++{ ++ bool ret = true; ++ NTSTATUS status; ++ struct smb2_tree *tree2 = NULL; ++ struct smb2_create create, create2; ++ struct smb2_handle h1 = {{0}}, h2 = {{0}}; ++ const char *fname = "test_rename_openfile"; ++ const char *sname = "test_rename_openfile:foo"; ++ const char *fname_renamed = "test_rename_openfile_renamed"; ++ union smb_setfileinfo sinfo; ++ const char *data = "test data"; ++ ++ ret = torture_smb2_connection(tctx, &tree2); ++ torture_assert_goto(tctx, ret == true, ret, done, ++ "torture_smb2_connection failed\n"); ++ ++ torture_comment(tctx, "Creating file with stream\n"); ++ ++ ZERO_STRUCT(create); ++ create.in.desired_access = SEC_FILE_ALL; ++ create.in.share_access = NTCREATEX_SHARE_ACCESS_MASK; ++ create.in.file_attributes = FILE_ATTRIBUTE_NORMAL; ++ create.in.create_disposition = NTCREATEX_DISP_OPEN_IF; ++ create.in.impersonation_level = SMB2_IMPERSONATION_IMPERSONATION; ++ create.in.fname = sname; ++ ++ status = smb2_create(tree, tctx, &create); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_create failed\n"); ++ ++ h1 = create.out.file.handle; ++ ++ torture_comment(tctx, "Writing to stream\n"); ++ ++ status = smb2_util_write(tree, h1, data, 0, strlen(data)); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_util_write failed\n"); ++ ++ torture_comment(tctx, "Renaming base file\n"); ++ ++ ZERO_STRUCT(create2); ++ create2.in.desired_access = SEC_FILE_ALL; ++ create2.in.file_attributes = FILE_ATTRIBUTE_NORMAL; ++ create2.in.share_access = NTCREATEX_SHARE_ACCESS_MASK; ++ create2.in.create_disposition = NTCREATEX_DISP_OPEN; ++ create2.in.impersonation_level = SMB2_IMPERSONATION_IMPERSONATION; ++ create2.in.fname = fname; ++ ++ status = smb2_create(tree2, tctx, &create2); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_create failed\n"); ++ ++ h2 = create2.out.file.handle; ++ ++ ZERO_STRUCT(sinfo); ++ sinfo.rename_information.level = RAW_SFILEINFO_RENAME_INFORMATION; ++ sinfo.rename_information.in.file.handle = h2; ++ sinfo.rename_information.in.new_name = fname_renamed; ++ ++ status = smb2_setinfo_file(tree2, &sinfo); ++ torture_assert_ntstatus_equal_goto( ++ tctx, status, NT_STATUS_ACCESS_DENIED, ret, done, ++ "smb2_setinfo_file didn't return NT_STATUS_ACCESS_DENIED\n"); ++ ++ smb2_util_close(tree2, h2); ++ ++done: ++ if (!smb2_util_handle_empty(h1)) { ++ smb2_util_close(tree, h1); ++ } ++ if (!smb2_util_handle_empty(h2)) { ++ smb2_util_close(tree2, h2); ++ } ++ smb2_util_unlink(tree, fname); ++ smb2_util_unlink(tree, fname_renamed); ++ ++ return ret; ++} + + /* + basic testing of streams calls SMB2 +@@ -1850,6 +1930,8 @@ struct torture_suite *torture_smb2_streams_init(TALLOC_CTX *ctx) + torture_suite_add_1smb2_test(suite, "attributes", test_stream_attributes); + torture_suite_add_1smb2_test(suite, "delete", test_stream_delete); + torture_suite_add_1smb2_test(suite, "zero-byte", test_zero_byte_stream); ++ torture_suite_add_1smb2_test(suite, "basefile-rename-with-open-stream", ++ test_basefile_rename_with_open_stream); + + suite->description = talloc_strdup(suite, "SMB2-STREAM tests"); + +-- +2.13.6 + + +From fbdb42c19526ff2ddeab378f384526156da161b0 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 26 May 2018 18:33:00 +0200 +Subject: [PATCH 3/6] s4:torture/vfs/fruit: adjust test testing basefile rename + to expect failure + +Renaming a basefile that has open streams must fail with +NT_STATUS_ACCESS_DENIED. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit f166207fc0344b51879d863857055ab7ff36a09b) +--- + selftest/knownfail.d/samba3.vfs.fruit | 3 +++ + source4/torture/vfs/fruit.c | 25 ++++--------------------- + 2 files changed, 7 insertions(+), 21 deletions(-) + +diff --git a/selftest/knownfail.d/samba3.vfs.fruit b/selftest/knownfail.d/samba3.vfs.fruit +index 8df25bccb79..bf97dbc5822 100644 +--- a/selftest/knownfail.d/samba3.vfs.fruit ++++ b/selftest/knownfail.d/samba3.vfs.fruit +@@ -1 +1,4 @@ + ^samba3.vfs.fruit streams_depot.OS X AppleDouble file conversion\(nt4_dc\) ++^samba3.vfs.fruit metadata_netatalk.read open rsrc after rename\(nt4_dc\) ++^samba3.vfs.fruit metadata_stream.read open rsrc after rename\(nt4_dc\) ++^samba3.vfs.fruit streams_depot.read open rsrc after rename\(nt4_dc\) +diff --git a/source4/torture/vfs/fruit.c b/source4/torture/vfs/fruit.c +index 65109cc1934..4564047e0fb 100644 +--- a/source4/torture/vfs/fruit.c ++++ b/source4/torture/vfs/fruit.c +@@ -3897,7 +3897,6 @@ static bool test_rename_and_read_rsrc(struct torture_context *tctx, + const char *fname_renamed = "test_rename_openfile_renamed"; + const char *data = "1234567890"; + union smb_setfileinfo sinfo; +- struct smb2_read r; + + ret = enable_aapl(tctx, tree); + torture_assert_goto(tctx, ret == true, ret, done, "enable_aapl failed"); +@@ -3949,28 +3948,12 @@ static bool test_rename_and_read_rsrc(struct torture_context *tctx, + sinfo.rename_information.in.new_name = fname_renamed; + + status = smb2_setinfo_file(tree, &sinfo); +- torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "smb2_setinfo_file failed"); +- +- smb2_util_close(tree, h2); +- +- ZERO_STRUCT(r); +- r.in.file.handle = h1; +- r.in.length = 10; +- r.in.offset = 0; +- +- torture_comment(tctx, "Read resource fork of renamed file\n"); +- +- status = smb2_read(tree, tree, &r); +- torture_assert_ntstatus_ok_goto(tctx, status, ret, done, "smb2_read failed"); ++ torture_assert_ntstatus_equal_goto( ++ tctx, status, NT_STATUS_ACCESS_DENIED, ret, done, ++ "smb2_setinfo_file failed"); + + smb2_util_close(tree, h1); +- +- torture_assert_goto(tctx, r.out.data.length == 10, ret, done, +- talloc_asprintf(tctx, "smb2_read returned %jd bytes, expected 10\n", +- (intmax_t)r.out.data.length)); +- +- torture_assert_goto(tctx, memcmp(r.out.data.data, data, 10) == 0, ret, done, +- talloc_asprintf(tctx, "Bad data in stream\n")); ++ smb2_util_close(tree, h2); + + done: + smb2_util_unlink(tree, fname); +-- +2.13.6 + + +From 33e52b7e4e7d54b3488a54e2620f5e07b3042b9c Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sun, 27 May 2018 13:01:50 +0200 +Subject: [PATCH 4/6] s3:smbd: add private option + NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN + +This will be used to mark basefile opens of streams opens. This is +needed to later implement a function that can determine if a file has +stream opens. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit 37e7ff05ab9443c0330e68f5c701ffecedf2d738) +--- + source3/include/smb.h | 3 +++ + source3/smbd/open.c | 7 ++++++- + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/source3/include/smb.h b/source3/include/smb.h +index 3316f09d94f..5e83ee90afe 100644 +--- a/source3/include/smb.h ++++ b/source3/include/smb.h +@@ -419,6 +419,9 @@ Offset Data length. + /* Private options for printer support */ + #define NTCREATEX_OPTIONS_PRIVATE_DELETE_ON_CLOSE 0x0008 + ++/* Private option for streams support */ ++#define NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN 0x0010 ++ + /* Flag for NT transact rename call. */ + #define RENAME_REPLACE_IF_EXISTS 1 + +diff --git a/source3/smbd/open.c b/source3/smbd/open.c +index 3708bdd10fa..8a9288dbdb4 100644 +--- a/source3/smbd/open.c ++++ b/source3/smbd/open.c +@@ -5091,6 +5091,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, + && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) { + uint32_t base_create_disposition; + struct smb_filename *smb_fname_base = NULL; ++ uint32_t base_privflags; + + if (create_options & FILE_DIRECTORY_FILE) { + status = NT_STATUS_NOT_A_DIRECTORY; +@@ -5141,13 +5142,17 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, + } + } + ++ base_privflags = NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN; ++ + /* Open the base file. */ + status = create_file_unixpath(conn, NULL, smb_fname_base, 0, + FILE_SHARE_READ + | FILE_SHARE_WRITE + | FILE_SHARE_DELETE, + base_create_disposition, +- 0, 0, 0, NULL, 0, 0, NULL, NULL, ++ 0, 0, 0, NULL, 0, ++ base_privflags, ++ NULL, NULL, + &base_fsp, NULL); + TALLOC_FREE(smb_fname_base); + +-- +2.13.6 + + +From f2f02d9b9f2d6c38b2813757ee942b8910985839 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sun, 27 May 2018 13:03:25 +0200 +Subject: [PATCH 5/6] s3:locking: add file_has_open_streams() + +This can be used to check if a file opened by fsp also has stream opens. + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit dd8cf54c79fe8536e34cde15801d60931cd47b8b) +--- + source3/locking/locking.c | 31 +++++++++++++++++++++++++++++++ + source3/locking/proto.h | 1 + + 2 files changed, 32 insertions(+) + +diff --git a/source3/locking/locking.c b/source3/locking/locking.c +index 4e9f1bbc681..f71cd176029 100644 +--- a/source3/locking/locking.c ++++ b/source3/locking/locking.c +@@ -1318,3 +1318,34 @@ struct timespec get_share_mode_write_time(struct share_mode_lock *lck) + } + return d->old_write_time; + } ++ ++bool file_has_open_streams(files_struct *fsp) ++{ ++ struct share_mode_lock *lock = NULL; ++ struct share_mode_data *d = NULL; ++ uint32_t i; ++ ++ lock = get_existing_share_mode_lock(talloc_tos(), fsp->file_id); ++ if (lock == NULL) { ++ return false; ++ } ++ d = lock->data; ++ ++ for (i = 0; i < d->num_share_modes; i++) { ++ struct share_mode_entry *e = &d->share_modes[i]; ++ ++ if (share_mode_stale_pid(d, i)) { ++ continue; ++ } ++ ++ if (e->private_options & ++ NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN) ++ { ++ TALLOC_FREE(lock); ++ return true; ++ } ++ } ++ ++ TALLOC_FREE(lock); ++ return false; ++} +diff --git a/source3/locking/proto.h b/source3/locking/proto.h +index 33184e0fa0a..4cd38091f3c 100644 +--- a/source3/locking/proto.h ++++ b/source3/locking/proto.h +@@ -205,6 +205,7 @@ bool is_delete_on_close_set(struct share_mode_lock *lck, uint32_t name_hash); + bool set_sticky_write_time(struct file_id fileid, struct timespec write_time); + bool set_write_time(struct file_id fileid, struct timespec write_time); + struct timespec get_share_mode_write_time(struct share_mode_lock *lck); ++bool file_has_open_streams(files_struct *fsp); + int share_mode_forall(int (*fn)(struct file_id fid, + const struct share_mode_data *data, + void *private_data), +-- +2.13.6 + + +From 809c3b9f13d5d22847a94fcfdec27b022fdb099d Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 26 May 2018 18:32:21 +0200 +Subject: [PATCH 6/6] s3:smbd: don't allow renaming basefile if streams are + open + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=13451 + +Signed-off-by: Ralph Boehme +Reviewed-by: Jeremy Allison +(cherry picked from commit 465b7d07e5db787c3d6330371e5e42ecbb1b57b9) +--- + selftest/knownfail.d/samba3.smb2.streams | 2 -- + selftest/knownfail.d/samba3.vfs.fruit | 3 --- + source3/smbd/reply.c | 4 ++++ + 3 files changed, 4 insertions(+), 5 deletions(-) + delete mode 100644 selftest/knownfail.d/samba3.smb2.streams + +diff --git a/selftest/knownfail.d/samba3.smb2.streams b/selftest/knownfail.d/samba3.smb2.streams +deleted file mode 100644 +index 26d40a67bda..00000000000 +--- a/selftest/knownfail.d/samba3.smb2.streams ++++ /dev/null +@@ -1,2 +0,0 @@ +-samba3.smb2.streams.basefile-rename-with-open-stream\(.*\) +-samba3.smb2.streams streams_xattr.basefile-rename-with-open-stream\(nt4_dc\) +diff --git a/selftest/knownfail.d/samba3.vfs.fruit b/selftest/knownfail.d/samba3.vfs.fruit +index bf97dbc5822..8df25bccb79 100644 +--- a/selftest/knownfail.d/samba3.vfs.fruit ++++ b/selftest/knownfail.d/samba3.vfs.fruit +@@ -1,4 +1 @@ + ^samba3.vfs.fruit streams_depot.OS X AppleDouble file conversion\(nt4_dc\) +-^samba3.vfs.fruit metadata_netatalk.read open rsrc after rename\(nt4_dc\) +-^samba3.vfs.fruit metadata_stream.read open rsrc after rename\(nt4_dc\) +-^samba3.vfs.fruit streams_depot.read open rsrc after rename\(nt4_dc\) +diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c +index 623f83b1250..2b5bb8f1ed6 100644 +--- a/source3/smbd/reply.c ++++ b/source3/smbd/reply.c +@@ -6642,6 +6642,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, + return status; + } + ++ if (file_has_open_streams(fsp)) { ++ return NT_STATUS_ACCESS_DENIED; ++ } ++ + /* Make a copy of the dst smb_fname structs */ + + smb_fname_dst = cp_smb_filename(ctx, smb_fname_dst_in); +-- +2.13.6 + Property changes on: head/net/samba48/files/0001-bug-13451.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-13537.patch =================================================================== --- head/net/samba48/files/0001-bug-13537.patch (nonexistent) +++ head/net/samba48/files/0001-bug-13537.patch (revision 475995) @@ -0,0 +1,539 @@ +From f0ed4f0930673ee044f187085e8972b8be104ebd Mon Sep 17 00:00:00 2001 +From: Jeremy Allison +Date: Wed, 18 Jul 2018 13:32:49 -0700 +Subject: [PATCH 1/5] s3: smbd: Fix Linux sendfile() for SMB2. Ensure we don't + spin on EAGAIN. + +For SMB2 the socket is set non-blocking. Ensure sendfile() +calls complete by saving the socket state, setting it blocking, +doing the sendfile until completion and then restoring the socket +state. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537 + +Signed-off-by: Jeremy Allison +--- + source3/lib/sendfile.c | 54 ++++++++++++++++++++++++++++++++++++------ + 1 file changed, 47 insertions(+), 7 deletions(-) + +diff --git a/source3/lib/sendfile.c b/source3/lib/sendfile.c +index 3d457bd6f13..a578a66e7de 100644 +--- a/source3/lib/sendfile.c ++++ b/source3/lib/sendfile.c +@@ -24,6 +24,7 @@ + */ + + #include "includes.h" ++#include "system/filesys.h" + + #if defined(LINUX_SENDFILE_API) + +@@ -36,8 +37,23 @@ + ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset, size_t count) + { + size_t total=0; +- ssize_t ret; ++ ssize_t ret = -1; + size_t hdr_len = 0; ++ int saved_errno = 0; ++ int old_flags = 0; ++ ++ /* ++ * Sendfile must complete before we can ++ * send any other outgoing data on the socket. ++ * Ensure socket is in blocking mode. ++ * For SMB2 by default the socket is in non-blocking ++ * mode. ++ */ ++ old_flags = fcntl(tofd, F_GETFL, 0); ++ ret = set_blocking(tofd, true); ++ if (ret == -1) { ++ goto out; ++ } + + /* + * Send the header first. +@@ -48,8 +64,9 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + hdr_len = header->length; + while (total < hdr_len) { + ret = sys_send(tofd, header->data + total,hdr_len - total, MSG_MORE); +- if (ret == -1) +- return -1; ++ if (ret == -1) { ++ goto out; ++ } + total += ret; + } + } +@@ -59,7 +76,7 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + ssize_t nwritten; + do { + nwritten = sendfile(tofd, fromfd, &offset, total); +- } while (nwritten == -1 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)); ++ } while (nwritten == -1 && errno == EINTR); + if (nwritten == -1) { + if (errno == ENOSYS || errno == EINVAL) { + /* Ok - we're in a world of pain here. We just sent +@@ -72,17 +89,40 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + */ + errno = EINTR; /* Normally we can never return this. */ + } +- return -1; ++ ret = -1; ++ goto out; + } + if (nwritten == 0) { + /* + * EOF, return a short read + */ +- return hdr_len + (count - total); ++ ret = hdr_len + (count - total); ++ goto out; + } + total -= nwritten; + } +- return count + hdr_len; ++ ++ ret = count + hdr_len; ++ ++ out: ++ ++ if (ret == -1) { ++ saved_errno = errno; ++ } ++ ++ { ++ /* Restore the blocking state of the socket. */ ++ int err = fcntl(tofd, F_SETFL, old_flags); ++ if (err == -1) { ++ return -1; ++ } ++ } ++ ++ if (ret == -1) { ++ errno = saved_errno; ++ } ++ ++ return ret; + } + + #elif defined(SOLARIS_SENDFILE_API) +-- +2.18.0.203.gfac676dfb9-goog + + +From abc681420b88a2d795adc44808c7e52eb2775cf6 Mon Sep 17 00:00:00 2001 +From: Jeremy Allison +Date: Wed, 18 Jul 2018 15:29:37 -0700 +Subject: [PATCH 2/5] s3: smbd: Fix Solaris sendfile() for SMB2. Ensure we + don't spin on EAGAIN. + +For SMB2 the socket is set non-blocking. Ensure sendfile() +calls complete by saving the socket state, setting it blocking, +doing the sendfile until completion and then restoring the socket +state. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537 + +Signed-off-by: Jeremy Allison +--- + source3/lib/sendfile.c | 52 +++++++++++++++++++++++++++++++++++++----- + 1 file changed, 46 insertions(+), 6 deletions(-) + +diff --git a/source3/lib/sendfile.c b/source3/lib/sendfile.c +index a578a66e7de..6c323213830 100644 +--- a/source3/lib/sendfile.c ++++ b/source3/lib/sendfile.c +@@ -139,6 +139,9 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + size_t total, xferred; + struct sendfilevec vec[2]; + ssize_t hdr_len = 0; ++ int saved_errno = 0; ++ int old_flags = 0; ++ ssize_t ret = -1; + + if (header) { + sfvcnt = 2; +@@ -164,6 +167,19 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + + total = count + hdr_len; + ++ /* ++ * Sendfile must complete before we can ++ * send any other outgoing data on the socket. ++ * Ensure socket is in blocking mode. ++ * For SMB2 by default the socket is in non-blocking ++ * mode. ++ */ ++ old_flags = fcntl(tofd, F_GETFL, 0); ++ ret = set_blocking(tofd, true); ++ if (ret == -1) { ++ goto out; ++ } ++ + while (total) { + ssize_t nwritten; + +@@ -175,17 +191,21 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + xferred = 0; + + nwritten = sendfilev(tofd, vec, sfvcnt, &xferred); +- if (nwritten == -1 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)) { ++ if (nwritten == -1 && errno == EINTR) { + if (xferred == 0) + continue; /* Nothing written yet. */ + else + nwritten = xferred; + } + +- if (nwritten == -1) +- return -1; +- if (nwritten == 0) +- return -1; /* I think we're at EOF here... */ ++ if (nwritten == -1) { ++ ret = -1; ++ goto out; ++ } ++ if (nwritten == 0) { ++ ret = -1; ++ goto out; /* I think we're at EOF here... */ ++ } + + /* + * If this was a short (signal interrupted) write we may need +@@ -207,7 +227,27 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + } + total -= nwritten; + } +- return count + hdr_len; ++ ret = count + hdr_len; ++ ++ out: ++ ++ if (ret == -1) { ++ saved_errno = errno; ++ } ++ ++ { ++ /* Restore the blocking state of the socket. */ ++ int err = fcntl(tofd, F_SETFL, old_flags); ++ if (err == -1) { ++ return -1; ++ } ++ } ++ ++ if (ret == -1) { ++ errno = saved_errno; ++ } ++ ++ return ret; + } + + #elif defined(HPUX_SENDFILE_API) +-- +2.18.0.203.gfac676dfb9-goog + + +From 0068f7d136da89d96d50dced5eda8738c28e2938 Mon Sep 17 00:00:00 2001 +From: Jeremy Allison +Date: Wed, 18 Jul 2018 15:36:47 -0700 +Subject: [PATCH 3/5] s3: smbd: Fix HPUX sendfile() for SMB2. Ensure we don't + spin on EAGAIN. + +For SMB2 the socket is set non-blocking. Ensure sendfile() +calls complete by saving the socket state, setting it blocking, +doing the sendfile until completion and then restoring the socket +state. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537 + +Signed-off-by: Jeremy Allison +--- + source3/lib/sendfile.c | 53 +++++++++++++++++++++++++++++++++++++----- + 1 file changed, 47 insertions(+), 6 deletions(-) + +diff --git a/source3/lib/sendfile.c b/source3/lib/sendfile.c +index 6c323213830..63f50d1946f 100644 +--- a/source3/lib/sendfile.c ++++ b/source3/lib/sendfile.c +@@ -260,6 +260,9 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + size_t total=0; + struct iovec hdtrl[2]; + size_t hdr_len = 0; ++ int saved_errno = 0; ++ int old_flags = 0; ++ ssize_t ret = -1; + + if (header) { + /* Set up the header/trailer iovec. */ +@@ -273,6 +276,20 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + hdtrl[1].iov_len = 0; + + total = count; ++ ++ /* ++ * Sendfile must complete before we can ++ * send any other outgoing data on the socket. ++ * Ensure socket is in blocking mode. ++ * For SMB2 by default the socket is in non-blocking ++ * mode. ++ */ ++ old_flags = fcntl(tofd, F_GETFL, 0); ++ ret = set_blocking(tofd, true); ++ if (ret == -1) { ++ goto out; ++ } ++ + while (total + hdtrl[0].iov_len) { + ssize_t nwritten; + +@@ -285,11 +302,15 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + + do { + nwritten = sendfile(tofd, fromfd, offset, total, &hdtrl[0], 0); +- } while (nwritten == -1 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)); +- if (nwritten == -1) +- return -1; +- if (nwritten == 0) +- return -1; /* I think we're at EOF here... */ ++ } while (nwritten == -1 && errno == EINTR); ++ if (nwritten == -1) { ++ ret = -1; ++ goto out; ++ } ++ if (nwritten == 0) { ++ ret = -1; /* I think we're at EOF here... */ ++ goto out; ++ } + + /* + * If this was a short (signal interrupted) write we may need +@@ -313,7 +334,27 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + total -= nwritten; + offset += nwritten; + } +- return count + hdr_len; ++ ret = count + hdr_len; ++ ++ out: ++ ++ if (ret == -1) { ++ saved_errno = errno; ++ } ++ ++ { ++ /* Restore the blocking state of the socket. */ ++ int err = fcntl(tofd, F_SETFL, old_flags); ++ if (err == -1) { ++ return -1; ++ } ++ } ++ ++ if (ret == -1) { ++ errno = saved_errno; ++ } ++ ++ return ret; + } + + #elif defined(FREEBSD_SENDFILE_API) || defined(DARWIN_SENDFILE_API) +-- +2.18.0.203.gfac676dfb9-goog + + +From 8df7360c2198098a2cb757910974110e33e4d4cf Mon Sep 17 00:00:00 2001 +From: Jeremy Allison +Date: Wed, 18 Jul 2018 15:44:34 -0700 +Subject: [PATCH 4/5] s3: smbd: Fix FreeBSD sendfile() for SMB2. Ensure we + don't spin on EAGAIN. + +For SMB2 the socket is set non-blocking. Ensure sendfile() +calls complete by saving the socket state, setting it blocking, +doing the sendfile until completion and then restoring the socket +state. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537 + +Signed-off-by: Jeremy Allison +--- + source3/lib/sendfile.c | 44 ++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 40 insertions(+), 4 deletions(-) + +diff --git a/source3/lib/sendfile.c b/source3/lib/sendfile.c +index 63f50d1946f..575428deb15 100644 +--- a/source3/lib/sendfile.c ++++ b/source3/lib/sendfile.c +@@ -368,9 +368,11 @@ ssize_t sys_sendfile(int tofd, int fromfd, + { + struct sf_hdtr sf_header = {0}; + struct iovec io_header = {0}; ++ int saved_errno = 0; ++ int old_flags = 0; + + off_t nwritten; +- int ret; ++ ssize_t ret = -1; + + if (header) { + sf_header.headers = &io_header; +@@ -381,6 +383,19 @@ ssize_t sys_sendfile(int tofd, int fromfd, + sf_header.trl_cnt = 0; + } + ++ /* ++ * Sendfile must complete before we can ++ * send any other outgoing data on the socket. ++ * Ensure socket is in blocking mode. ++ * For SMB2 by default the socket is in non-blocking ++ * mode. ++ */ ++ old_flags = fcntl(tofd, F_GETFL, 0); ++ ret = set_blocking(tofd, true); ++ if (ret == -1) { ++ goto out; ++ } ++ + while (count != 0) { + + nwritten = count; +@@ -391,9 +406,10 @@ ssize_t sys_sendfile(int tofd, int fromfd, + #else + ret = sendfile(fromfd, tofd, offset, count, &sf_header, &nwritten, 0); + #endif +- if (ret == -1 && errno != EINTR && errno != EAGAIN && errno != EWOULDBLOCK) { ++ if (ret == -1 && errno != EINTR) { + /* Send failed, we are toast. */ +- return -1; ++ ret = -1; ++ goto out; + } + + if (nwritten == 0) { +@@ -420,7 +436,27 @@ ssize_t sys_sendfile(int tofd, int fromfd, + count -= nwritten; + } + +- return nwritten; ++ ret = nwritten; ++ ++ out: ++ ++ if (ret == -1) { ++ saved_errno = errno; ++ } ++ ++ { ++ /* Restore the blocking state of the socket. */ ++ int err = fcntl(tofd, F_SETFL, old_flags); ++ if (err == -1) { ++ return -1; ++ } ++ } ++ ++ if (ret == -1) { ++ errno = saved_errno; ++ } ++ ++ return ret; + } + + #elif defined(AIX_SENDFILE_API) +-- +2.18.0.203.gfac676dfb9-goog + + +From 019c677b42184d5f45931bdb549b22aad25ee2e9 Mon Sep 17 00:00:00 2001 +From: Jeremy Allison +Date: Wed, 18 Jul 2018 15:49:29 -0700 +Subject: [PATCH 5/5] s3: smbd: Fix AIX sendfile() for SMB2. Ensure we don't + spin on EAGAIN. + +For SMB2 the socket is set non-blocking. Ensure sendfile() +calls complete by saving the socket state, setting it blocking, +doing the sendfile until completion and then restoring the socket +state. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13537 + +Signed-off-by: Jeremy Allison +--- + source3/lib/sendfile.c | 45 +++++++++++++++++++++++++++++++++++++----- + 1 file changed, 40 insertions(+), 5 deletions(-) + +diff --git a/source3/lib/sendfile.c b/source3/lib/sendfile.c +index 575428deb15..a28102b5bf9 100644 +--- a/source3/lib/sendfile.c ++++ b/source3/lib/sendfile.c +@@ -469,6 +469,9 @@ ssize_t sys_sendfile(int tofd, int fromfd, + ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset, size_t count) + { + struct sf_parms hdtrl; ++ int saved_errno = 0; ++ int old_flags = 0; ++ ssize_t ret = -1; + + /* Set up the header/trailer struct params. */ + if (header) { +@@ -485,9 +488,20 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + hdtrl.file_offset = offset; + hdtrl.file_bytes = count; + +- while ( hdtrl.file_bytes + hdtrl.header_length ) { +- ssize_t ret; ++ /* ++ * Sendfile must complete before we can ++ * send any other outgoing data on the socket. ++ * Ensure socket is in blocking mode. ++ * For SMB2 by default the socket is in non-blocking ++ * mode. ++ */ ++ old_flags = fcntl(tofd, F_GETFL, 0); ++ ret = set_blocking(tofd, true); ++ if (ret == -1) { ++ goto out; ++ } + ++ while ( hdtrl.file_bytes + hdtrl.header_length ) { + /* + Return Value + +@@ -505,12 +519,33 @@ ssize_t sys_sendfile(int tofd, int fromfd, const DATA_BLOB *header, off_t offset + */ + do { + ret = send_file(&tofd, &hdtrl, 0); +- } while ((ret == 1) || (ret == -1 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK))); +- if ( ret == -1 ) ++ } while ((ret == 1) || (ret == -1 && errno == EINTR)); ++ if ( ret == -1 ) { ++ goto out; ++ } ++ } ++ ++ ret = count + header->length; ++ ++ out: ++ ++ if (ret == -1) { ++ saved_errno = errno; ++ } ++ ++ { ++ /* Restore the blocking state of the socket. */ ++ int err = fcntl(tofd, F_SETFL, old_flags); ++ if (err == -1) { + return -1; ++ } + } + +- return count + header->length; ++ if (ret == -1) { ++ errno = saved_errno; ++ } ++ ++ return ret; + } + /* END AIX SEND_FILE */ + +-- +2.18.0.203.gfac676dfb9-goog + Property changes on: head/net/samba48/files/0001-bug-13537.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/0001-bug-228462.patch =================================================================== --- head/net/samba48/files/0001-bug-228462.patch (revision 475994) +++ head/net/samba48/files/0001-bug-228462.patch (revision 475995) @@ -1,146 +1,182 @@ From d9b748869a8f4018ebee302aae8246bf29f60309 Mon Sep 17 00:00:00 2001 From: "Timur I. Bakeyev" Date: Fri, 1 Jun 2018 01:35:08 +0800 Subject: [PATCH 1/2] vfs_fruit: allow broken AFP_Signature where the first byte is 0 FreeBSD bug ... caused the first byte of the AFP_AfpInfo xattr to be 0 instead of 'A'. This hack allows such broken AFP_AfpInfo blobs to be parsed by afpinfo_unpack(). FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462 Signed-off-by: Ralph Boehme --- source3/modules/vfs_fruit.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c index df3cd0c899e..d84e6991036 100644 --- a/source3/modules/vfs_fruit.c +++ b/source3/modules/vfs_fruit.c @@ -485,8 +485,9 @@ static int adouble_path(TALLOC_CTX *ctx, struct smb_filename **ppsmb_fname_out); static AfpInfo *afpinfo_new(TALLOC_CTX *ctx); static ssize_t afpinfo_pack(const AfpInfo *ai, char *buf); -static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data); - +static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, + const void *data, + const struct smb_filename *smb_fname); /** * Return a pointer to an AppleDouble entry @@ -2073,13 +2074,17 @@ static ssize_t afpinfo_pack(const AfpInfo *ai, char *buf) return AFP_INFO_SIZE; } +#define BROKEN_FREEBSD_AFP_Signature 0x00465000 + /** * Unpack a buffer into a AfpInfo structure * * Buffer size must be at least AFP_INFO_SIZE * Returns allocated AfpInfo struct **/ -static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data) +static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, + const void *data, + const struct smb_filename *smb_fname) { AfpInfo *ai = talloc_zero(ctx, AfpInfo); if (ai == NULL) { @@ -2092,10 +2097,21 @@ static AfpInfo *afpinfo_unpack(TALLOC_CTX *ctx, const void *data) memcpy(ai->afpi_FinderInfo, (const char *)data + 16, sizeof(ai->afpi_FinderInfo)); - if (ai->afpi_Signature != AFP_Signature - || ai->afpi_Version != AFP_Version) { - DEBUG(1, ("Bad AfpInfo signature or version\n")); + if (ai->afpi_Signature != AFP_Signature) { + DBG_WARNING("Bad signature [%x] on [%s]\n", + ai->afpi_Signature, smb_fname_str_dbg(smb_fname)); + + if (ai->afpi_Signature != BROKEN_FREEBSD_AFP_Signature) { + DBG_ERR("Bad AfpInfo signature\n"); + TALLOC_FREE(ai); + return NULL; + } + } + + if (ai->afpi_Version != AFP_Version) { + DBG_ERR("Bad AfpInfo version\n"); TALLOC_FREE(ai); + return NULL; } return ai; @@ -4222,7 +4238,7 @@ static ssize_t fruit_pwrite_meta_stream(vfs_handle_struct *handle, size_t nwritten; bool ok; - ai = afpinfo_unpack(talloc_tos(), data); + ai = afpinfo_unpack(talloc_tos(), data, fsp->fsp_name); if (ai == NULL) { return -1; } @@ -4260,7 +4276,7 @@ static ssize_t fruit_pwrite_meta_netatalk(vfs_handle_struct *handle, int ret; bool ok; - ai = afpinfo_unpack(talloc_tos(), data); + ai = afpinfo_unpack(talloc_tos(), data, fsp->fsp_name); if (ai == NULL) { return -1; } -- 2.16.3 From 83ce03a278ec9d15b595f4daf8da1641d27ebdd6 Mon Sep 17 00:00:00 2001 From: "Timur I. Bakeyev" Date: Fri, 1 Jun 2018 01:35:58 +0800 Subject: [PATCH 2/2] vfs_streams_xattr: don't append 0 byte when creating xattr Upstream Samba always appends an internal 0-byte to xattrs to cope with filesytems or systems that don't support 0-byte sized xattrs. An older patch already remove this behaviour from the read and write code paths, but didn't remove it from the create codepath. FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462 Signed-off-by: Ralph Boehme --- source3/modules/vfs_streams_xattr.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 8714007cb8d..5f3dfb30beb 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -476,19 +476,13 @@ static int streams_xattr_open(vfs_handle_struct *handle, /* * The attribute does not exist or needs to be truncated */ - - /* - * Darn, xattrs need at least 1 byte - */ - char null = '\0'; - DEBUG(10, ("creating or truncating attribute %s on file %s\n", xattr_name, smb_fname->base_name)); ret = SMB_VFS_SETXATTR(fsp->conn, smb_fname, xattr_name, - &null, sizeof(null), + NULL, 0, flags & O_EXCL ? XATTR_CREATE : 0); if (ret != 0) { goto fail; -- 2.16.3 +From daa9930fc10459f0567931622e2ffbb636e365f0 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 19 May 2018 01:35:45 +0200 +Subject: [PATCH] vfs_fruit: fixup broken AFP_Signatures + +FreeBSD Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228462 + +Signed-off-by: Ralph Boehme +--- + source3/modules/vfs_fruit.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c +index d92049cc899..0594fd7a538 100644 +--- a/source3/modules/vfs_fruit.c ++++ b/source3/modules/vfs_fruit.c +@@ -3935,10 +3935,16 @@ static ssize_t fruit_pread_meta_stream(vfs_handle_struct *handle, + { + ssize_t nread; + int ret; ++ char *p = (char *)data; + + nread = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); + + if (nread == n) { ++ if (offset == 0 && nread > 3 && p[0] == 0 && p[1] == 'F' && p[2] == 'P') { ++ DBG_NOTICE("Fixing AFP_Info of [%s]\n", ++ fsp_str_dbg(fsp)); ++ p[0] = 'A'; ++ } + return nread; + } + +-- +2.17.0 + Index: head/net/samba48/files/0001-ctdb.patch =================================================================== --- head/net/samba48/files/0001-ctdb.patch (nonexistent) +++ head/net/samba48/files/0001-ctdb.patch (revision 475995) @@ -0,0 +1,308 @@ +From 8304a62ea7847ba6934d44c1b5b7acef9667750d Mon Sep 17 00:00:00 2001 +From: Martin Schwenke +Date: Fri, 8 Jun 2018 19:57:20 +1000 +Subject: [PATCH 1/2] ctdb-common: New include file common/system_network.h + +Contains declarations for functions that need ctdb_sock_addr. + +Signed-off-by: Martin Schwenke +--- + ctdb/common/system.h | 16 ------------ + ctdb/common/system_aix.c | 1 + + ctdb/common/system_common.c | 2 +- + ctdb/common/system_freebsd.c | 1 + + ctdb/common/system_gnu.c | 1 + + ctdb/common/system_kfreebsd.c | 1 + + ctdb/common/system_linux.c | 1 + + ctdb/common/system_network.h | 46 ++++++++++++++++++++++++++++++++++ + ctdb/server/ctdb_daemon.c | 1 + + ctdb/server/ctdb_recoverd.c | 2 +- + ctdb/server/ctdb_takeover.c | 1 + + ctdb/tests/src/porting_tests.c | 1 + + ctdb/tools/ctdb.c | 1 + + ctdb/tools/ctdb_killtcp.c | 2 +- + 14 files changed, 58 insertions(+), 19 deletions(-) + create mode 100644 ctdb/common/system_network.h + +diff --git a/ctdb/common/system.h b/ctdb/common/system.h +index e6f65b5e621..38ae67d2ab1 100644 +--- a/ctdb/common/system.h ++++ b/ctdb/common/system.h +@@ -22,24 +22,8 @@ + + #include + +-/* From system_common.c */ +- +-uint32_t uint16_checksum(uint16_t *data, size_t n); +-bool ctdb_sys_have_ip(ctdb_sock_addr *_addr); +-char *ctdb_sys_find_ifname(ctdb_sock_addr *addr); +- + /* From system_.c */ + +-int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface); +-int ctdb_sys_send_tcp(const ctdb_sock_addr *dest, +- const ctdb_sock_addr *src, +- uint32_t seq, uint32_t ack, int rst); +-int ctdb_sys_open_capture_socket(const char *iface, void **private_data); +-int ctdb_sys_close_capture_socket(void *private_data); +-int ctdb_sys_read_tcp_packet(int s, void *private_data, +- ctdb_sock_addr *src, ctdb_sock_addr *dst, +- uint32_t *ack_seq, uint32_t *seq, +- int *rst, uint16_t *window); + bool ctdb_sys_check_iface_exists(const char *iface); + int ctdb_get_peer_pid(const int fd, pid_t *peer_pid); + +diff --git a/ctdb/common/system_aix.c b/ctdb/common/system_aix.c +index f0a0a62efc0..7be54c7a46b 100644 +--- a/ctdb/common/system_aix.c ++++ b/ctdb/common/system_aix.c +@@ -38,6 +38,7 @@ + + #include "common/logging.h" + #include "common/system.h" ++#include "common/system_network.h" + + + #if 0 +diff --git a/ctdb/common/system_common.c b/ctdb/common/system_common.c +index a80189cd6c8..2618bf88c7f 100644 +--- a/ctdb/common/system_common.c ++++ b/ctdb/common/system_common.c +@@ -26,7 +26,7 @@ + #include "protocol/protocol.h" + + #include "common/logging.h" +-#include "common/system.h" ++#include "common/system_network.h" + + /* + uint16 checksum for n bytes +diff --git a/ctdb/common/system_freebsd.c b/ctdb/common/system_freebsd.c +index b709a5c75c1..e5a6522c08f 100644 +--- a/ctdb/common/system_freebsd.c ++++ b/ctdb/common/system_freebsd.c +@@ -41,6 +41,7 @@ + + #include "common/logging.h" + #include "common/system.h" ++#include "common/system_network.h" + + #ifndef ETHERTYPE_IP6 + #define ETHERTYPE_IP6 0x86dd +diff --git a/ctdb/common/system_gnu.c b/ctdb/common/system_gnu.c +index 38ccd13988b..683843a6b76 100644 +--- a/ctdb/common/system_gnu.c ++++ b/ctdb/common/system_gnu.c +@@ -40,6 +40,7 @@ + + #include "common/logging.h" + #include "common/system.h" ++#include "common/system_network.h" + + #ifndef ETHERTYPE_IP6 + #define ETHERTYPE_IP6 0x86dd +diff --git a/ctdb/common/system_kfreebsd.c b/ctdb/common/system_kfreebsd.c +index d02f28659cb..cdf13572b2b 100644 +--- a/ctdb/common/system_kfreebsd.c ++++ b/ctdb/common/system_kfreebsd.c +@@ -40,6 +40,7 @@ + + #include "common/logging.h" + #include "common/system.h" ++#include "common/system_network.h" + + #ifndef ETHERTYPE_IP6 + #define ETHERTYPE_IP6 0x86dd +diff --git a/ctdb/common/system_linux.c b/ctdb/common/system_linux.c +index fa77a45460f..beacbf34138 100644 +--- a/ctdb/common/system_linux.c ++++ b/ctdb/common/system_linux.c +@@ -37,6 +37,7 @@ + + #include "common/logging.h" + #include "common/system.h" ++#include "common/system_network.h" + + #ifndef ETHERTYPE_IP6 + #define ETHERTYPE_IP6 0x86dd +diff --git a/ctdb/common/system_network.h b/ctdb/common/system_network.h +new file mode 100644 +index 00000000000..b6761d29c76 +--- /dev/null ++++ b/ctdb/common/system_network.h +@@ -0,0 +1,46 @@ ++/* ++ System specific network code ++ ++ Copyright (C) Amitay Isaacs 2015 ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; either version 3 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program; if not, see . ++*/ ++ ++#ifndef __CTDB_SYSTEM_NETWORK_H__ ++#define __CTDB_SYSTEM_NETWORK_H__ ++ ++#include ++ ++#include "protocol/protocol.h" ++ ++/* From system_common.c */ ++ ++uint32_t uint16_checksum(uint16_t *data, size_t n); ++bool ctdb_sys_have_ip(ctdb_sock_addr *_addr); ++char *ctdb_sys_find_ifname(ctdb_sock_addr *addr); ++ ++/* From system_.c */ ++ ++int ctdb_sys_send_arp(const ctdb_sock_addr *addr, const char *iface); ++int ctdb_sys_send_tcp(const ctdb_sock_addr *dest, ++ const ctdb_sock_addr *src, ++ uint32_t seq, uint32_t ack, int rst); ++int ctdb_sys_open_capture_socket(const char *iface, void **private_data); ++int ctdb_sys_close_capture_socket(void *private_data); ++int ctdb_sys_read_tcp_packet(int s, void *private_data, ++ ctdb_sock_addr *src, ctdb_sock_addr *dst, ++ uint32_t *ack_seq, uint32_t *seq, ++ int *rst, uint16_t *window); ++ ++#endif /* __CTDB_SYSTEM_H__ */ +diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c +index 35c1ab639b5..37a93ec6de1 100644 +--- a/ctdb/server/ctdb_daemon.c ++++ b/ctdb/server/ctdb_daemon.c +@@ -43,6 +43,7 @@ + #include "common/rb_tree.h" + #include "common/reqid.h" + #include "common/system.h" ++#include "common/system_network.h" + #include "common/common.h" + #include "common/logging.h" + #include "common/pidfile.h" +diff --git a/ctdb/server/ctdb_recoverd.c b/ctdb/server/ctdb_recoverd.c +index 2b94fed7478..73451711845 100644 +--- a/ctdb/server/ctdb_recoverd.c ++++ b/ctdb/server/ctdb_recoverd.c +@@ -38,7 +38,7 @@ + #include "ctdb_private.h" + #include "ctdb_client.h" + +-#include "common/system.h" ++#include "common/system_network.h" + #include "common/common.h" + #include "common/logging.h" + +diff --git a/ctdb/server/ctdb_takeover.c b/ctdb/server/ctdb_takeover.c +index cd240875ba2..a97ce2b6de6 100644 +--- a/ctdb/server/ctdb_takeover.c ++++ b/ctdb/server/ctdb_takeover.c +@@ -39,6 +39,7 @@ + #include "common/rb_tree.h" + #include "common/reqid.h" + #include "common/system.h" ++#include "common/system_network.h" + #include "common/common.h" + #include "common/logging.h" + +diff --git a/ctdb/tests/src/porting_tests.c b/ctdb/tests/src/porting_tests.c +index 74dbf0781b4..b7ad5256fdc 100644 +--- a/ctdb/tests/src/porting_tests.c ++++ b/ctdb/tests/src/porting_tests.c +@@ -32,6 +32,7 @@ + + #include "protocol/protocol.h" + #include "common/system.h" ++#include "common/system_network.h" + #include "common/logging.h" + + +diff --git a/ctdb/tools/ctdb.c b/ctdb/tools/ctdb.c +index 2cb46b057f0..8cbe706ab54 100644 +--- a/ctdb/tools/ctdb.c ++++ b/ctdb/tools/ctdb.c +@@ -41,6 +41,7 @@ + #include "protocol/protocol_api.h" + #include "protocol/protocol_util.h" + #include "common/system.h" ++#include "common/system_network.h" + #include "client/client.h" + #include "client/client_sync.h" + +diff --git a/ctdb/tools/ctdb_killtcp.c b/ctdb/tools/ctdb_killtcp.c +index 71b5999b10e..408a7b4e121 100644 +--- a/ctdb/tools/ctdb_killtcp.c ++++ b/ctdb/tools/ctdb_killtcp.c +@@ -30,7 +30,7 @@ + #include "protocol/protocol_util.h" + + #include "common/db_hash.h" +-#include "common/system.h" ++#include "common/system_network.h" + #include "common/logging.h" + + +-- +2.17.1 + + +From fb350f80cc072d4b699759a432217211986926be Mon Sep 17 00:00:00 2001 +From: Martin Schwenke +Date: Fri, 8 Jun 2018 22:31:48 +1000 +Subject: [PATCH 2/2] ctdb-tests: Switch fake_ctdbd to use ctdb_get_peer_pid() + +This potentially improves portability. + +Signed-off-by: Martin Schwenke +--- + ctdb/tests/src/fake_ctdbd.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/ctdb/tests/src/fake_ctdbd.c b/ctdb/tests/src/fake_ctdbd.c +index 2f4e87f6f6c..0e33f8c02e0 100644 +--- a/ctdb/tests/src/fake_ctdbd.c ++++ b/ctdb/tests/src/fake_ctdbd.c +@@ -40,6 +40,7 @@ + #include "common/logging.h" + #include "common/tunable.h" + #include "common/srvid.h" ++#include "common/system.h" + + #include "ipalloc_read_known_ips.h" + +@@ -3050,8 +3051,6 @@ static struct tevent_req *client_send(TALLOC_CTX *mem_ctx, + { + struct tevent_req *req; + struct client_state *state; +- struct ucred cr; +- socklen_t crl = sizeof(struct ucred); + int ret; + + req = tevent_req_create(mem_ctx, &state, struct client_state); +@@ -3064,12 +3063,11 @@ static struct tevent_req *client_send(TALLOC_CTX *mem_ctx, + state->ctdb = ctdb; + state->pnn = pnn; + +- ret = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cr, &crl); ++ ret = ctdb_get_peer_pid(fd, &state->pid); + if (ret != 0) { + tevent_req_error(req, ret); + return tevent_req_post(req, ev); + } +- state->pid = cr.pid; + + ret = comm_setup(state, ev, fd, client_read_handler, req, + client_dead_handler, req, &state->comm); +-- +2.17.1 + Property changes on: head/net/samba48/files/0001-ctdb.patch ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/patch-ctdb__common__ctdb_util.c =================================================================== --- head/net/samba48/files/patch-ctdb__common__ctdb_util.c (nonexistent) +++ head/net/samba48/files/patch-ctdb__common__ctdb_util.c (revision 475995) @@ -0,0 +1,11 @@ +--- ctdb/common/ctdb_util.c.orig 2018-06-28 15:36:39 UTC ++++ ctdb/common/ctdb_util.c +@@ -390,7 +390,7 @@ void ctdb_canonicalize_ip(const ctdb_soc + } else { + cip->ip6.sin6_family = AF_INET6; + #ifdef HAVE_SOCK_SIN_LEN +- cip->ip6.sin_len = sizeof(ctdb_sock_addr); ++ cip->ip6.sin6_len = sizeof(ctdb_sock_addr); + #endif + cip->ip6.sin6_port = ip->ip6.sin6_port; + memcpy(&cip->ip6.sin6_addr, Property changes on: head/net/samba48/files/patch-ctdb__common__ctdb_util.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/patch-ctdb__wscript =================================================================== --- head/net/samba48/files/patch-ctdb__wscript (revision 475994) +++ head/net/samba48/files/patch-ctdb__wscript (revision 475995) @@ -1,74 +1,63 @@ --- ctdb/wscript.orig 2018-03-13 13:18:01 UTC +++ ctdb/wscript @@ -86,6 +86,9 @@ def set_options(opt): opt.add_option('--enable-ceph-reclock', help=("Enable Ceph CTDB recovery lock helper (default=no)"), action="store_true", dest='ctdb_ceph_reclock', default=False) + opt.add_option('--disable-ctdb-tests', + help=("Disable CTDB tests (default=no)"), + action="store_true", dest='ctdb_no_tests', default=False) opt.add_option('--with-logdir', help=("Path to log directory"), -@@ -210,7 +213,7 @@ def configure(conf): +@@ -219,7 +222,7 @@ def configure(conf): if Options.options.ctdb_ceph_reclock: if (conf.CHECK_HEADERS('rados/librados.h', False, False, 'rados') and - conf.CHECK_LIB('rados', shlib=True)): + conf.CHECK_LIB('rados', shlib=True)): Logs.info('Building with Ceph librados recovery lock support') conf.define('HAVE_LIBRADOS', 1) else: -@@ -246,9 +249,15 @@ def configure(conf): +@@ -255,9 +258,15 @@ def configure(conf): conf.env.CTDB_VARDIR, conf.env.CTDB_RUNDIR)) - conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.EXEC_PREFIX, - 'share/ctdb/tests') - conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests') + if Options.options.ctdb_no_tests: + conf.env.ctdb_tests = False + else: + conf.env.ctdb_tests = True + + if conf.env.ctdb_tests: + conf.env.CTDB_TEST_DATADIR = os.path.join(conf.env.EXEC_PREFIX, + 'share/ctdb/tests') + conf.env.CTDB_TEST_LIBEXECDIR = os.path.join(conf.env.LIBEXECDIR, 'ctdb/tests') # Allow unified compilation and separate compilation of utilities # to find includes -@@ -573,9 +582,9 @@ def build(bld): +@@ -592,9 +601,9 @@ def build(bld): if bld.env.HAVE_LIBRADOS: bld.SAMBA_BINARY('ctdb_mutex_ceph_rados_helper', source='utils/ceph/ctdb_mutex_ceph_rados_helper.c', - deps='talloc tevent rados', - includes='include', - install_path='${CTDB_HELPER_BINDIR}') + deps='talloc tevent rados', + includes='include', + install_path='${CTDB_HELPER_BINDIR}') sed_expr1 = 's|/usr/local/var/lib/ctdb|%s|g' % (bld.env.CTDB_VARDIR) sed_expr2 = 's|/usr/local/etc/ctdb|%s|g' % (bld.env.CTDB_ETCDIR) -@@ -718,6 +727,9 @@ def build(bld): +@@ -737,6 +746,9 @@ def build(bld): bld.install_dir(bld.env.CTDB_RUNDIR) bld.install_dir(bld.env.CTDB_VARDIR) + if not bld.env.ctdb_tests: + return + # Unit tests ctdb_unit_tests = [ 'db_hash_test', -@@ -828,7 +840,9 @@ def build(bld): - ib_deps, - install_path='${CTDB_TEST_LIBEXECDIR}') - -- if bld.env.HAVE_ROBUST_MUTEXES and sys.platform.startswith('linux'): -+ if bld.env.HAVE_ROBUST_MUTEXES and ( -+ sys.platform.startswith('linux') or sys.platform.startswith('freebsd') -+ ): - bld.SAMBA_BINARY('test_mutex_raw', - source='tests/src/test_mutex_raw.c', - deps='pthread', Index: head/net/samba48/files/patch-dnssock.c =================================================================== --- head/net/samba48/files/patch-dnssock.c (nonexistent) +++ head/net/samba48/files/patch-dnssock.c (revision 475995) @@ -0,0 +1,13 @@ +--- lib/addns/dnssock.c.orig 2018-06-11 14:38:36 UTC ++++ lib/addns/dnssock.c +@@ -221,9 +221,7 @@ static DNS_ERROR dns_send_udp(struct dns + ssize_t ret; + + do { +- ret = sendto(conn->s, buf->data, buf->offset, 0, +- (struct sockaddr *)&conn->RecvAddr, +- sizeof(conn->RecvAddr)); ++ ret = send(conn->s, buf->data, buf->offset, 0); + } while ((ret == -1) && (errno == EINTR)); + + if (ret != buf->offset) { Property changes on: head/net/samba48/files/patch-dnssock.c ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/samba48/files/patch-lib__util__debug.c =================================================================== --- head/net/samba48/files/patch-lib__util__debug.c (revision 475994) +++ head/net/samba48/files/patch-lib__util__debug.c (revision 475995) @@ -1,68 +1,78 @@ --- lib/util/debug.c.orig 2017-09-17 19:15:34 UTC +++ lib/util/debug.c -@@ -750,12 +750,21 @@ static void debug_dump_status(int level) +@@ -653,7 +653,8 @@ static int debug_lookup_classname_int(co + { + size_t i; + +- if (!classname) return -1; ++ if (!classname) ++ return -1; + + for (i=0; i < debug_num_classes; i++) { + if (strcmp(classname, classname_table[i])==0) +@@ -752,12 +753,21 @@ static void debug_dump_status(int level) } } +static void debug_set_all_levels(int level) +{ -+ int i; ++ size_t i; + /* Array is debug_num_classes long */ + for (i = DBGC_ALL; i < debug_num_classes; i++) { + DEBUGLEVEL_CLASS[i] = level; + } +} + static bool debug_parse_param(char *param) { char *class_name; char *class_level; char *saveptr = NULL; - int ndx; + int ndx, level; class_name = strtok_r(param, ":", &saveptr); if (class_name == NULL) { -@@ -772,7 +781,13 @@ static bool debug_parse_param(char *para +@@ -774,7 +784,13 @@ static bool debug_parse_param(char *para return false; } - DEBUGLEVEL_CLASS[ndx] = atoi(class_level); + level = atoi(class_level); + + if(ndx == DBGC_ALL) { + debug_set_all_levels(level); + } else { + DEBUGLEVEL_CLASS[ndx] = level; + } return true; } -@@ -788,7 +803,7 @@ bool debug_parse_levels(const char *para +@@ -790,7 +806,7 @@ bool debug_parse_levels(const char *para size_t str_len = strlen(params_str); char str[str_len+1]; char *tok, *saveptr; -- int i; +- size_t i; + int level = 0; /* Just in case */ debug_init(); -@@ -804,16 +819,11 @@ bool debug_parse_levels(const char *para +@@ -806,16 +822,11 @@ bool debug_parse_levels(const char *para * v.s. "all:10", this is the traditional way to set DEBUGLEVEL */ if (isdigit(tok[0])) { - DEBUGLEVEL_CLASS[DBGC_ALL] = atoi(tok); + level = atoi(tok); tok = strtok_r(NULL, LIST_SEP, &saveptr); - } else { - DEBUGLEVEL_CLASS[DBGC_ALL] = 0; } - /* Array is debug_num_classes long */ - for (i = DBGC_ALL+1; i < debug_num_classes; i++) { - DEBUGLEVEL_CLASS[i] = DEBUGLEVEL_CLASS[DBGC_ALL]; - } + debug_set_all_levels(level); while (tok != NULL) { bool ok; Index: head/net/samba48/files/patch-source3__smbd__utmp.c =================================================================== --- head/net/samba48/files/patch-source3__smbd__utmp.c (revision 475994) +++ head/net/samba48/files/patch-source3__smbd__utmp.c (revision 475995) @@ -1,261 +1,261 @@ ---- source3/smbd/utmp.c.orig 2018-01-15 04:41:58.000000000 +0800 -+++ source3/smbd/utmp.c 2018-05-25 14:06:42.746302000 +0800 +--- source3/smbd/utmp.c.orig 2018-01-15 12:41:58 UTC ++++ source3/smbd/utmp.c @@ -257,7 +257,7 @@ static char *uw_pathname(TALLOC_CTX *ctx Update utmp file directly. No subroutine interface: probably a BSD system. ****************************************************************************/ -static void pututline_my(const char *uname, struct utmp *u, bool claim) +static void pututline_my(const char *uname, STRUCT_UTMP *u, bool claim) { DEBUG(1,("pututline_my: not yet implemented\n")); /* BSD implementor: may want to consider (or not) adjusting "lastlog" */ @@ -271,7 +271,7 @@ static void pututline_my(const char *una Credit: Michail Vidiassov ****************************************************************************/ -static void updwtmp_my(const char *wname, struct utmp *u, bool claim) +static void updwtmp_my(const char *wname, STRUCT_UTMP *u, bool claim) { int fd; struct stat buf; @@ -303,7 +303,7 @@ static void updwtmp_my(const char *wname if ((fd = open(wname, O_WRONLY|O_APPEND, 0)) < 0) return; if (fstat(fd, &buf) == 0) { - if (write(fd, (char *)u, sizeof(struct utmp)) != sizeof(struct utmp)) + if (write(fd, (char *)u, sizeof(STRUCT_UTMP)) != sizeof(STRUCT_UTMP)) (void) ftruncate(fd, buf.st_size); } (void) close(fd); @@ -314,12 +314,12 @@ static void updwtmp_my(const char *wname Update via utmp/wtmp (not utmpx/wtmpx). ****************************************************************************/ -static void utmp_nox_update(struct utmp *u, bool claim) +static void utmp_nox_update(STRUCT_UTMP *u, bool claim) { char *uname = NULL; char *wname = NULL; #if defined(PUTUTLINE_RETURNS_UTMP) - struct utmp *urc; + STRUCT_UTMP *urc; #endif /* PUTUTLINE_RETURNS_UTMP */ uname = uw_pathname(talloc_tos(), "utmp", ut_pathname); @@ -376,127 +376,52 @@ static void utmp_nox_update(struct utmp } } -/**************************************************************************** - Copy a string in the utmp structure. -****************************************************************************/ -static void utmp_strcpy(char *dest, const char *src, size_t n) -{ - size_t len = 0; - memset(dest, '\0', n); - if (src) - len = strlen(src); - if (len >= n) { - memcpy(dest, src, n); - } else { - if (len) - memcpy(dest, src, len); - } -} + /**************************************************************************** Update via utmpx/wtmpx (preferred) or via utmp/wtmp. ****************************************************************************/ -static void sys_utmp_update(struct utmp *u, const char *hostname, bool claim) +static void sys_utmp_update(STRUCT_UTMP *u, const char *hostname, bool claim) { -#if !defined(HAVE_UTMPX_H) - /* No utmpx stuff. Drop to non-x stuff */ - utmp_nox_update(u, claim); -#elif !defined(HAVE_PUTUTXLINE) - /* Odd. Have utmpx.h but no "pututxline()". Drop to non-x stuff */ - DEBUG(1,("utmp_update: have utmpx.h but no pututxline() function\n")); - utmp_nox_update(u, claim); -#elif !defined(HAVE_GETUTMPX) - /* Odd. Have utmpx.h but no "getutmpx()". Drop to non-x stuff */ - DEBUG(1,("utmp_update: have utmpx.h but no getutmpx() function\n")); - utmp_nox_update(u, claim); -#elif !defined(HAVE_UPDWTMPX) - /* Have utmpx.h but no "updwtmpx()". Drop to non-x stuff */ - DEBUG(1,("utmp_update: have utmpx.h but no updwtmpx() function\n")); - utmp_nox_update(u, claim); -#else - char *uname = NULL; - char *wname = NULL; - struct utmpx ux, *uxrc; - - getutmpx(u, &ux); - -#if defined(HAVE_UX_UT_SYSLEN) - if (hostname) - ux.ut_syslen = strlen(hostname) + 1; /* include end NULL */ - else - ux.ut_syslen = 0; -#endif -#if defined(HAVE_UT_UT_HOST) - utmp_strcpy(ux.ut_host, hostname, sizeof(ux.ut_host)); -#endif - - uname = uw_pathname(talloc_tos(), "utmpx", ux_pathname); - wname = uw_pathname(talloc_tos(), "wtmpx", wx_pathname); - if (uname && wname) { - DEBUG(2,("utmp_update: uname:%s wname:%s\n", uname, wname)); - } + STRUCT_UTMP *urc; - /* - * Check for either uname or wname being empty. - * Some systems, such as Redhat 6, have a "utmpx.h" which doesn't - * define default filenames. - * Also, our local installation has not provided an override. - * Drop to non-x method. (E.g. RH6 has good defaults in "utmp.h".) - */ - if (!uname || !wname || (strlen(uname) == 0) || (strlen(wname) == 0)) { - utmp_nox_update(u, claim); - } else { - utmpxname(uname); - setutxent(); - uxrc = pututxline(&ux); - endutxent(); - if (uxrc == NULL) { - DEBUG(2,("utmp_update: pututxline() failed\n")); - return; - } - updwtmpx(wname, &ux); + setutxent(); + urc = pututxline(u); + endutxent(); + if (urc == NULL) { + DEBUG(2,("utmp_update: pututxline() failed\n")); + return; } -#endif /* HAVE_UTMPX_H */ } #if defined(HAVE_UT_UT_ID) /**************************************************************************** Encode the unique connection number into "ut_id". ****************************************************************************/ - -static int ut_id_encode(int i, char *fourbyte) +static void ut_id_encode(char *buf, int id, size_t buf_size) { - int nbase; - const char *ut_id_encstr = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; - -/* - * 'ut_id_encstr' is the character set on which modulo arithmetic is done. - * Example: digits would produce the base-10 numbers from '001'. - */ - nbase = strlen(ut_id_encstr); + const char ut_id_encstr[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; - fourbyte[0] = ut_id_encstr[i % nbase]; - i /= nbase; - fourbyte[1] = ut_id_encstr[i % nbase]; - i /= nbase; - fourbyte[3] = ut_id_encstr[i % nbase]; - i /= nbase; - fourbyte[2] = ut_id_encstr[i % nbase]; - i /= nbase; + int nbase = sizeof(ut_id_encstr) - 1; + /* + * 'ut_id_encstr' is the character set on which modulo arithmetic is done. + * Example: digits would produce the base-10 numbers from '001'. + */ - /* we do not care about overflows as i is a random number */ - return 0; + for(int i = 0; i < buf_size; i++) { + buf[i] = ut_id_encstr[id % nbase]; + id /= nbase; + } } #endif /* defined(HAVE_UT_UT_ID) */ - /* fill a system utmp structure given all the info we can gather */ -static bool sys_utmp_fill(struct utmp *u, +static bool sys_utmp_fill(STRUCT_UTMP *u, const char *username, const char *hostname, const char *id_str, int id_num) { @@ -509,16 +434,16 @@ static bool sys_utmp_fill(struct utmp *u * rather than to try to detect and optimise. */ #if defined(HAVE_UT_UT_USER) - utmp_strcpy(u->ut_user, username, sizeof(u->ut_user)); + strncpy(u->ut_user, username, sizeof(u->ut_user)); #elif defined(HAVE_UT_UT_NAME) - utmp_strcpy(u->ut_name, username, sizeof(u->ut_name)); + strncpy(u->ut_name, username, sizeof(u->ut_name)); #endif /* * ut_line: * If size limit proves troublesome, then perhaps use "ut_id_encode()". */ - utmp_strcpy(u->ut_line, id_str, sizeof(u->ut_line)); + strncpy(u->ut_line, id_str, sizeof(u->ut_line)); #if defined(HAVE_UT_UT_PID) u->ut_pid = getpid(); @@ -535,20 +460,23 @@ static bool sys_utmp_fill(struct utmp *u u->ut_time = timeval.tv_sec; #elif defined(HAVE_UT_UT_TV) GetTimeOfDay(&timeval); - u->ut_tv = timeval; + u->ut_tv.tv_sec = timeval.tv_sec; + u->ut_tv.tv_usec = timeval.tv_usec; #else #error "with-utmp must have UT_TIME or UT_TV" #endif #if defined(HAVE_UT_UT_HOST) - utmp_strcpy(u->ut_host, hostname, sizeof(u->ut_host)); + if(hostname != NULL) { + strncpy(u->ut_host, hostname, sizeof(u->ut_host)); +#if defined(HAVE_UT_UT_SYSLEN) + u->ut_syslen = strlen(hostname) + 1; /* include trailing NULL */ +#endif + } #endif #if defined(HAVE_UT_UT_ID) - if (ut_id_encode(id_num, u->ut_id) != 0) { - DEBUG(1,("utmp_fill: cannot encode id %d\n", id_num)); - return False; - } + ut_id_encode(u->ut_id, id_num, sizeof(u->ut_id)); #endif return True; @@ -561,7 +489,7 @@ static bool sys_utmp_fill(struct utmp *u void sys_utmp_yield(const char *username, const char *hostname, const char *id_str, int id_num) { - struct utmp u; + STRUCT_UTMP u; ZERO_STRUCT(u); @@ -587,7 +515,7 @@ void sys_utmp_yield(const char *username void sys_utmp_claim(const char *username, const char *hostname, const char *id_str, int id_num) { - struct utmp u; + STRUCT_UTMP u; ZERO_STRUCT(u); Index: head/net/samba48/files/patch-source3__wscript =================================================================== --- head/net/samba48/files/patch-source3__wscript (revision 475994) +++ head/net/samba48/files/patch-source3__wscript (revision 475995) @@ -1,91 +1,91 @@ ---- source3/wscript.orig 2018-03-02 04:18:10.000000000 +0800 -+++ source3/wscript 2018-05-25 13:41:10.834885000 +0800 +--- source3/wscript.orig 2018-03-02 12:18:10 UTC ++++ source3/wscript @@ -47,6 +47,7 @@ def set_options(opt): opt.SAMBA3_ADD_OPTION('sendfile-support') opt.SAMBA3_ADD_OPTION('utmp') opt.SAMBA3_ADD_OPTION('avahi', with_name="enable", without_name="disable") + opt.SAMBA3_ADD_OPTION('dnssd', with_name="enable", without_name="disable") opt.SAMBA3_ADD_OPTION('iconv') opt.SAMBA3_ADD_OPTION('acl-support') opt.SAMBA3_ADD_OPTION('dnsupdate') @@ -802,32 +803,38 @@ msg.msg_accrightslen = sizeof(fd); if Options.options.with_utmp: conf.env.with_utmp = True - if not conf.CHECK_HEADERS('utmp.h'): conf.env.with_utmp = False - conf.CHECK_FUNCS('pututline pututxline updwtmp updwtmpx getutmpx getutxent') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_name', headers='utmp.h', + if not conf.CHECK_HEADERS('utmpx.h') and not conf.CHECK_HEADERS('utmp.h'): + conf.env.with_utmp = False + if conf.CONFIG_SET('HAVE_UTMPX_H'): + conf.DEFINE('STRUCT_UTMP', 'struct utmpx') + elif conf.CONFIG_SET('HAVE_UTMP_H'): + conf.DEFINE('STRUCT_UTMP', 'struct utmp') + conf.CHECK_FUNCS('pututxline getutxid getutxline updwtmpx getutmpx setutxent endutxent') + conf.CHECK_FUNCS('pututline getutid getutline updwtmp getutmp setutent endutent') + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_name', headers='utmpx.h utmp.h', define='HAVE_UT_UT_NAME') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_user', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_user', headers='utmpx.h utmp.h', define='HAVE_UT_UT_USER') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_id', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_id', headers='utmpx.h utmp.h', define='HAVE_UT_UT_ID') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_host', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_host', headers='utmpx.h utmp.h', define='HAVE_UT_UT_HOST') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_time', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_time', headers='utmpx.h utmp.h', define='HAVE_UT_UT_TIME') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_tv', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_tv', headers='utmpx.h utmp.h', define='HAVE_UT_UT_TV') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_type', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_type', headers='utmpx.h utmp.h', define='HAVE_UT_UT_TYPE') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_pid', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_pid', headers='utmpx.h utmp.h', define='HAVE_UT_UT_PID') - conf.CHECK_STRUCTURE_MEMBER('struct utmp', 'ut_exit.e_exit', headers='utmp.h', + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_exit.e_exit', headers='utmpx.h utmp.h', define='HAVE_UT_UT_EXIT') - conf.CHECK_STRUCTURE_MEMBER('struct utmpx', 'ut_syslen', headers='utmpx.h', - define='HAVE_UX_UT_SYSLEN') + conf.CHECK_STRUCTURE_MEMBER('STRUCT_UTMP', 'ut_syslen', headers='utmpx.h utmp.h', + define='HAVE_UT_UT_SYSLEN') conf.CHECK_CODE('struct utmp utarg; struct utmp *utreturn; utreturn = pututline(&utarg);', 'PUTUTLINE_RETURNS_UTMP', headers='utmp.h', msg="Checking whether pututline returns pointer") - conf.CHECK_SIZEOF(['((struct utmp *)NULL)->ut_line'], headers='utmp.h', + conf.CHECK_SIZEOF(['((STRUCT_UTMP *)NULL)->ut_line'], headers='utmpx.h utmp.h', define='SIZEOF_UTMP_UT_LINE', critical=False) if not conf.CONFIG_SET('SIZEOF_UTMP_UT_LINE'): conf.env.with_utmp = False @@ -849,6 +856,17 @@ msg.msg_accrightslen = sizeof(fd); conf.SET_TARGET_TYPE('avahi-common', 'EMPTY') conf.SET_TARGET_TYPE('avahi-client', 'EMPTY') + if Options.options.with_dnssd: + conf.env.with_dnssd = True + if not conf.CHECK_HEADERS('dns_sd.h'): + conf.env.with_dnssd = False + if not conf.CHECK_FUNCS_IN('DNSServiceRegister', 'dns_sd'): + conf.env.with_dnssd = False + if conf.env.with_dnssd: + conf.DEFINE('WITH_DNSSD_SUPPORT', 1) + else: + conf.SET_TARGET_TYPE('dns_sd', 'EMPTY') + if Options.options.with_iconv: conf.env.with_iconv = True if not conf.CHECK_FUNCS_IN('iconv_open', 'iconv', headers='iconv.h'): @@ -1730,9 +1748,6 @@ main() { if conf.CONFIG_SET('HAVE_VXFS'): default_shared_modules.extend(TO_LIST('vfs_vxfs')) - if conf.CONFIG_SET('HAVE_DBUS'): - default_shared_modules.extend(TO_LIST('vfs_snapper')) - explicit_shared_modules = TO_LIST(Options.options.shared_modules, delimiter=',') explicit_static_modules = TO_LIST(Options.options.static_modules, delimiter=',')