diff options
21 files changed, 680 insertions, 163 deletions
diff --git a/kernel/cifsd/Makefile b/kernel/cifsd/Makefile new file mode 100644 index 000000000..1f28e9815 --- /dev/null +++ b/kernel/cifsd/Makefile @@ -0,0 +1,53 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=cifsd +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd.git +PKG_SOURCE_DATE:=2019-07-12 +PKG_SOURCE_VERSION:=f2cfe8cb40493a5f77144543bc486bfdb8aa61e2 +PKG_MIRROR_HASH:=fd6a3bec5953fa30b87a6e12e2c6666844ad66096afa7de421689f5769626a36 + +PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com> +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +include $(INCLUDE_DIR)/kernel.mk +include $(INCLUDE_DIR)/package.mk + +define KernelPackage/fs-cifsd + SUBMENU:=Filesystems + TITLE:=CIFS/SMB kernel server support + URL:=https://github.com/cifsd-team/cifsd + FILES:=$(PKG_BUILD_DIR)/cifsd.ko + DEPENDS:= \ + +kmod-nls-base \ + +kmod-nls-utf8 \ + +kmod-crypto-md4 \ + +kmod-crypto-md5 \ + +kmod-crypto-hmac \ + +kmod-crypto-ecb \ + +kmod-crypto-des \ + +kmod-crypto-sha256 \ + +kmod-crypto-cmac \ + +kmod-crypto-sha512 \ + +kmod-crypto-aead \ + +kmod-crypto-ccm +endef + +define KernelPackage/fs-cifsd/description + Kernel module for a CIFS/SMBv2,3 fileserver. +endef + +# broken atm (needs CONFIG_KEYS=y) +#EXTRA_CFLAGS+=-DCONFIG_CIFSD_ACL + +define Build/Compile + $(KERNEL_MAKE) SUBDIRS="$(PKG_BUILD_DIR)" \ + EXTRA_CFLAGS="$(EXTRA_CFLAGS)" \ + CONFIG_CIFS_SERVER=m \ + modules +endef + +$(eval $(call KernelPackage,fs-cifsd)) diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index f25e054a9..0db3271cc 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=postfix -PKG_RELEASE:=2 -PKG_VERSION:=3.4.4 +PKG_RELEASE:=1 +PKG_VERSION:=3.4.6 PKG_SOURCE_URL:= \ https://cdn.postfix.johnriley.me/mirrors/postfix-release/official/ \ http://ftp.porcupine.org/mirrors/postfix-release/official/ -PKG_HASH:=27f2ab631a966a40e002aedc6db9281e5970295fa5fd96b29066e457a4601e34 +PKG_HASH:=d674a9b40602ee30420ee7ff93c3600e8913eeb2ea9bfb0ac1d140dac5dbe326 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_MAINTAINER:=Denis Shulyaka <Shulyaka@gmail.com> PKG_LICENSE:=IPL-1.0 diff --git a/net/cifsd-tools/Makefile b/net/cifsd-tools/Makefile new file mode 100644 index 000000000..b04ab3c1f --- /dev/null +++ b/net/cifsd-tools/Makefile @@ -0,0 +1,58 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=cifsd-tools +PKG_RELEASE:=1 + +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/cifsd-team/cifsd-tools.git +PKG_SOURCE_DATE:=2019-07-05 +PKG_SOURCE_VERSION:=539fa21a8dd427a8ca2dc13c9a5a1c975be96d3c +PKG_MIRROR_HASH:=8c1b22d9926112a7e8ec94a3f731639a3789bef1aeb447f0bd7c41a1884e4dc5 + +PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com> +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING + +PKG_INSTALL:=1 +PKG_FIXUP:=autoreconf +PKG_REMOVE_FILES:=autogen.sh aclocal.m4 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/nls.mk + +define Package/cifsd-tools + SECTION:=net + CATEGORY:=Network + SUBMENU:=Filesystem + TITLE:=Kernel CIFS/SMB server support and userspace tools + URL:=https://github.com/cifsd-team/cifsd-tools + DEPENDS:=+kmod-fs-cifsd +glib2 +libnl-core +libnl-genl +endef + +define Package/cifsd-tools/description + Userspace tools (cifsd, cifsadmin) for the CIFS/SMB kernel fileserver. + The config file location is /etc/cifs/smb.conf +endef + +define Package/cifsd-tools/install + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libcifsdtools.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{cifsadmin,cifsd} $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc/config $(1)/etc/cifs $(1)/etc/init.d + $(INSTALL_CONF) ./files/cifsd.config $(1)/etc/config/cifsd + $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/cifs/ + $(INSTALL_BIN) ./files/cifsd.init $(1)/etc/init.d/cifsd + # copy examples until we have a wiki page + $(INSTALL_DATA) ./files/cifsd.config.example $(1)/etc/cifs/ + $(INSTALL_DATA) ./files/smb.conf.help $(1)/etc/cifs/ +endef + +define Package/cifsd-tools/conffiles +/etc/config/cifsd +/etc/cifs/smb.conf.template +/etc/cifs/smb.conf +/etc/cifs/cifsdpwd.db +endef + +$(eval $(call BuildPackage,cifsd-tools)) diff --git a/net/cifsd-tools/files/cifsd.config b/net/cifsd-tools/files/cifsd.config new file mode 100644 index 000000000..f0c7921ec --- /dev/null +++ b/net/cifsd-tools/files/cifsd.config @@ -0,0 +1,2 @@ +config globals + option 'description' 'Cifsd on OpenWrt' diff --git a/net/cifsd-tools/files/cifsd.config.example b/net/cifsd-tools/files/cifsd.config.example new file mode 100644 index 000000000..d0ffa5b46 --- /dev/null +++ b/net/cifsd-tools/files/cifsd.config.example @@ -0,0 +1,11 @@ +config globals + option 'description' 'Cifsd on OpenWrt' + +config share + option name 'testshare' + option path '/tmp' + option guest_ok 'yes' + option create_mask '0666' + option dir_mask '0777' + option writeable 'yes' + option force_root '1' diff --git a/net/cifsd-tools/files/cifsd.init b/net/cifsd-tools/files/cifsd.init new file mode 100644 index 000000000..44690850f --- /dev/null +++ b/net/cifsd-tools/files/cifsd.init @@ -0,0 +1,154 @@ +#!/bin/sh /etc/rc.common + +START=98 +USE_PROCD=1 + +CIFSD_IFACE="" + +smb_header() +{ + config_get CIFSD_IFACE $1 interface "lan" + + # resolve interfaces + local interfaces=$( + . /lib/functions/network.sh + + local net + for net in $CIFSD_IFACE; do + local device + network_is_up $net || continue + network_get_device device "$net" + echo -n "${device:-$net} " + done + ) + + local workgroup description + local hostname="$(cat /proc/sys/kernel/hostname)" + + config_get workgroup $1 workgroup "WORKGROUP" + config_get description $1 description "Cifsd on OpenWrt" + + sed -e "s#|NAME|#$hostname#g" \ + -e "s#|WORKGROUP|#$workgroup#g" \ + -e "s#|DESCRIPTION|#$description#g" \ + -e "s#|INTERFACES|#$interfaces#g" \ + /etc/cifs/smb.conf.template > /var/etc/cifs/smb.conf + + [ -e /etc/cifs/smb.conf ] || ln -nsf /var/etc/cifs/smb.conf /etc/cifs/smb.conf + + if [ ! -L /etc/cifs/smb.conf ]; then + logger -t 'cifsd' "Local custom /etc/cifs/smb.conf file detected, all UCI/Luci config settings are ignored!" + fi +} + +smb_add_share() +{ + local name + local path + local comment + local users + local create_mask + local dir_mask + local browseable + local read_only + local writeable + local guest_ok + local force_root + local write_list + local read_list + local hide_dot_files + local veto_files + + config_get name $1 name + config_get path $1 path + config_get comment $1 comment + config_get users $1 users + config_get create_mask $1 create_mask + config_get dir_mask $1 dir_mask + config_get browseable $1 browseable + config_get read_only $1 read_only + config_get writeable $1 writeable + config_get guest_ok $1 guest_ok + config_get_bool force_root $1 force_root 0 + config_get write_list $1 write_list + config_get read_list $1 read_list + config_get_bool hide_dot_files $1 hide_dot_files 0 + config_get veto_files $1 veto_files + + [ -z "$name" -o -z "$path" ] && return + + echo -e "\n[$name]\n\tpath = $path" >> /var/etc/cifs/smb.conf + [ -n "$comment" ] && echo -e "\tcomment = $comment" >> /var/etc/cifs/smb.conf + + if [ "$force_root" -eq 1 ]; then + echo -e "\tforce user = root" >> /var/etc/cifs/smb.conf + echo -e "\tforce group = root" >> /var/etc/cifs/smb.conf + else + [ -n "$users" ] && echo -e "\tvalid users = $users" >> /var/etc/cifs/smb.conf + fi + + [ -n "$create_mask" ] && echo -e "\tcreate mask = $create_mask" >> /var/etc/cifs/smb.conf + [ -n "$dir_mask" ] && echo -e "\tdirectory mask = $dir_mask" >> /var/etc/cifs/smb.conf + + [ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/cifs/smb.conf + [ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/cifs/smb.conf + [ -n "$writeable" ] && echo -e "\twriteable = $writeable" >> /var/etc/cifs/smb.conf + [ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/cifs/smb.conf + + [ -n "$write_list" ] && echo -e "\twrite list = $write_list" >> /var/etc/cifs/smb.conf + [ -n "$read_list" ] && echo -e "\tread list = $read_list" >> /var/etc/cifs/smb.conf + + [ "$hide_dot_files" -eq 1 ] && echo -e "\thide dot files = yes" >> /var/etc/cifs/smb.conf + [ -n "$veto_files" ] && echo -e "\tveto files = $veto_files" >> /var/etc/cifs/smb.conf +} + +init_config() +{ + mkdir -p /var/etc/cifs + + config_load cifsd + # allow copy&paste from samba UCI configs (we dont have a cifsd wiki yet) + config_foreach smb_header globals + config_foreach smb_header samba + config_foreach smb_add_share share + config_foreach smb_add_share sambashare +} + +service_triggers() +{ + PROCD_RELOAD_DELAY=2000 + + procd_add_reload_trigger "dhcp" "system" "cifsd" + + local i + for i in $CIFSD_IFACE; do + procd_add_reload_interface_trigger $i + done +} + +start_service() +{ + init_config + + if [ ! -e /etc/cifs/smb.conf ]; then + logger -t 'cifsd' "missing config /etc/cifs/smb.conf, needs to-be created manually!" + exit 1 + fi + + [ -f /tmp/cifsd.lock ] && rm /tmp/cifsd.lock + + # try remove again before start + if (lsmod | grep cifsd &>/dev/null); then + rmmod cifsd &>/dev/null + fi + modprobe cifsd 2>/dev/null + if ! (lsmod | grep cifsd &>/dev/null); then + logger -t 'cifsd' "modprobe of cifsd module failed, cant start cifsd!" + exit 1 + fi + + logger -t 'cifsd' "Starting CIFS/SMB userspace service." + procd_open_instance + procd_set_param command /usr/sbin/cifsd --n + procd_close_instance +} diff --git a/net/cifsd-tools/files/smb.conf.help b/net/cifsd-tools/files/smb.conf.help new file mode 100644 index 000000000..cd4e87fb3 --- /dev/null +++ b/net/cifsd-tools/files/smb.conf.help @@ -0,0 +1,160 @@ +;****************************************************************************** +; File to define cifsd configuration parameters which are comparable with +; samba's ones +; +; Supported [global] level parameters list: +; - server string +; This controls what string will show up in browse lists next +; to the machine name +; - workgroup +; This controls what workgroup your server will appear to be +; in when queried by clients +; - netbios name +; This sets the NetBIOS name by which a SMB server is known. +; By default it is the same as the first component of the host's +; DNS name. If a machine is a browse server or logon server this +; name (or the first component of the hosts DNS name) will be +; the name that these services are advertised under. +; - server min protocol +; This setting controls the minimum protocol version that the +; server will allow the client to use. +; - server max protocol +; The value of the parameter (a string) is the highest protocol +; level that will be supported by the server. +; - server signing +; This controls whether the client is allowed or required to use +; SMB1 and SMB2 signing. Possible values are default, auto, +; mandatory and disabled. +; - guest account +; This is a username which will be used for access to services +; which are specified as guest ok. +; - max active sessions +; This option allows the number of simultaneous connections to +; a service to be limited. +; - ipc timeout +; This option specifies the number of seconds server will wait +; for the userspace to reply to heartbeat frames. If user space +; is down for more than `ipc timeout` seconds the server will +; reset itself - close all sessions and all TCP connections. +; - restrict anonymous +; The setting of this parameter determines whether user and +; group list information is returned for an anonymous connection. +; - map to guest +; This parameter can take four different values, which tell cifsd +; what to do with user login requests.(bad user +; - bind interfaces only +; This global parameter allows the cifsd admin to limit what +; interfaces on a machine will serve SMB requests. +; - interfaces +; This option allows you to override the default network +; interfaces list that cifsd will use for browsing. The option +; takes only list of interface name. +; - deadtime +; The value of the parameter (a decimal integer) represents +; the number of minutes of inactivity before a connection is +; considered dead, and it is disconnected. The deadtime only +; takes effect if the number of open files is zero. +; +; Supported [share] level parameters list: +; - comment +; comment string to associate with the new share +; - path +; This parameter specifies a directory to which the user of the +; service is to be given access. +; - guest ok +; If this parameter is yes for a service, then no password is +; required to connect to the service. +; - read only +; If this parameter is yes, then users of a service may not +; create or modify files in the service's directory. +; - browseable +; This controls whether this share is seen in the list of +; available shares in a net view and in the browse list. +; - write ok +; - writeable +; Inverted synonym for read only. +; - store dos attributes +; If this parameter is set cifsd attempts to first read DOS +; attributes (SYSTEM, HIDDEN, ARCHIVE or READ-ONLY) from a +; filesystem extended attribute, before mapping DOS attributes +; to UNIX permission bits (such as occurs with map hidden and +; map readonly). +; - oplocks +; This boolean option tells cifsd whether to issue oplocks +; (opportunistic locks) to file open requests on this share. +; - create mask +; When a file is created, the necessary permissions are calculated +; according to the mapping from DOS modes to UNIX permissions, and +; the resulting UNIX mode is then bit-wise 'AND'ed with this +; parameter. +; - directory mask +; This parameter is the octal modes which are used when converting +; DOS modes to UNIX modes when creating UNIX directories. +; - force group +; This specifies a UNIX group name that will be assigned as +; the default primary group for all users connecting to this +; service. +; - force user +; This specifies a UNIX user name that will be assigned as +; the default user for all users connecting to this service. +; - hide dot files +; This is a boolean parameter that controls whether files starting +; with a dot appear as hidden files. +; - hosts allow +; This parameter is a comma, space, or tab delimited set of hosts +; which are permitted to access a service +; - hosts deny +; The opposite of allow hosts - hosts listed here are NOT +; permitted access to services unless the specific services have +; their own lists to override this one. Where the lists conflict, +; the allow list takes precedence. +; - valid users +; This is a list of users that should be allowed to login to this +; service +; - invalid users +; This is a list of users that should not be allowed to login to +; this service. +; - read list +; This is a list of users that are given read-only access to +; a service. +; - write list +; This is a list of users that are given read-write access to +; a service. +; - max connections +; This option allows the number of simultaneous connections to +; a service to be limited. +; - veto files +; This is a list of files and directories that are neither visible +; nor accessible. +; +; Veto any files containing the word Security, +; any ending in .tmp, and any directory containing the +; word root. +; veto files = /*Security*/*.tmp/*root*/ +; +; Veto the Apple specific files that a NetAtalk server +; creates. +; veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ +; +; +; Rules to update this file: +; - Every [share] definition should start on new line +; - Every parameter should be indented with single tab +; - There should be single spaces around equal (eg: " = ") +; - Multiple parameters should be separated with comma +; eg: "invalid users = usr1,usr2,usr3" +; +; Make sure to configure the server after making changes to this file. +;****************************************************************************** + +[global] + server string = CIFSD on OpenWrt + netbios name = CIFSD + map to guest = Bad User + +[share] + comment = content server share + path = /mnt + guest ok = yes + create mask = 0777 + directory mask = 0777 diff --git a/net/cifsd-tools/files/smb.conf.template b/net/cifsd-tools/files/smb.conf.template new file mode 100644 index 000000000..aa54bf2f6 --- /dev/null +++ b/net/cifsd-tools/files/smb.conf.template @@ -0,0 +1,9 @@ +[global] + netbios name = |NAME| + server string = |DESCRIPTION| + workgroup = |WORKGROUP| + interfaces = |INTERFACES| + bind interfaces only = yes + ipc timeout = 8 + deadtime = 15 + map to guest = Bad User diff --git a/net/samba4/Config.in b/net/samba4/Config.in index 99157702a..7f788dca8 100644 --- a/net/samba4/Config.in +++ b/net/samba4/Config.in @@ -8,20 +8,6 @@ config SAMBA4_SERVER_ACL Extended access control list support default n -config SAMBA4_SERVER_AD_DC - bool "Active Directory Domain Controller support (requires krb5-server) (EXPERIMENTAL)" - depends on PACKAGE_samba4-server - select PACKAGE_python-crypto - help - installs: samba (meta-daemon) python-crypto ntlm_auth - scripts: samba-tool - - Run as a Active Directory Domain Controller - see: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller - HINT: see section (# Using the Domain Controller as a File Server) - NOTE: Extroot is recommend for this setup, as it is not optimized to run completely from RAM/tempfs! - default n - config SAMBA4_SERVER_AVAHI bool "Avahi support" depends on PACKAGE_samba4-server diff --git a/net/samba4/Makefile b/net/samba4/Makefile index ff37ebd8e..52a15485e 100644 --- a/net/samba4/Makefile +++ b/net/samba4/Makefile @@ -2,8 +2,8 @@ include $(TOPDIR)/rules.mk PKG_NAME:=samba -PKG_VERSION:=4.9.8 -PKG_RELEASE:=1 +PKG_VERSION:=4.10.6 +PKG_RELEASE:=2 PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com> PKG_LICENSE:=GPL-3.0-only @@ -16,10 +16,10 @@ PKG_SOURCE_URL:=https://ftp.heanet.ie/mirrors/ftp.samba.org/stable/ \ http://samba.mirror.bit.nl/samba/ftp/stable/ \ https://download.samba.org/pub/samba/stable/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_HASH:=82ebb7c3f1847c39341dd97ff8b73f40fa83f5f794daeceb80f3c349ace3cf56 +PKG_HASH:=9efbeb52db1203dc779b118f1c48c161e569f7a6af5101e745497ee6296eef42 # samba4=(asn1_compile) e2fsprogs=(compile_et) nfs-kernel-server=(rpcgen) -HOST_BUILD_DEPENDS:=nfs-kernel-server/host e2fsprogs/host +HOST_BUILD_DEPENDS:=python3/host nfs-kernel-server/host e2fsprogs/host PKG_BUILD_DEPENDS:=samba4/host PKG_CONFIG_DEPENDS:= \ @@ -35,6 +35,7 @@ PKG_CONFIG_DEPENDS:= \ CONFIG_PACKAGE_kmod-fs-xfs include $(INCLUDE_DIR)/package.mk +include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk include $(INCLUDE_DIR)/host-build.mk include $(INCLUDE_DIR)/kernel.mk include $(INCLUDE_DIR)/version.mk @@ -57,20 +58,19 @@ endef define Package/samba4-libs $(call Package/samba4/Default) TITLE+= libs - DEPENDS:= +zlib +libtirpc +libpopt +libcomerr \ + DEPENDS:= +zlib +libtirpc +libpopt +libcomerr +libtasn1 +libopenssl +libreadline \ +PACKAGE_libcap:libcap +PACKAGE_libpthread:libpthread +PACKAGE_libnettle:libnettle \ +PACKAGE_libgcrypt:libgcrypt +PACKAGE_libpam:libpam +PACKAGE_dbus:dbus +PACKAGE_libavahi-client:libavahi-client \ +SAMBA4_SERVER_VFS:attr \ +SAMBA4_SERVER_ACL:acl +SAMBA4_SERVER_ACL:attr \ +SAMBA4_SERVER_AVAHI:libavahi-client \ - +SAMBA4_SERVER_AD_DC:python-base +SAMBA4_SERVER_AD_DC:libopenssl +SAMBA4_SERVER_AD_DC:libgnutls +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive + +SAMBA4_SERVER_AD_DC:python3-base +SAMBA4_SERVER_AD_DC:python3-crypto +SAMBA4_SERVER_AD_DC:libgnutls +SAMBA4_SERVER_AD_DC:libopenldap +SAMBA4_SERVER_AD_DC:jansson +SAMBA4_SERVER_AD_DC:libarchive endef define Package/samba4-server $(call Package/samba4/Default) TITLE+= server DEPENDS:= +samba4-libs - EXTRA_DEPENDS:=$(if $(CONFIG_SAMBA4_SERVER_AD_DC),python-crypto,) endef define Package/samba4-server/description @@ -207,7 +207,7 @@ HOST_CONFIGURE_ARGS += \ --without-gpgme HOST_CONFIGURE_ARGS += --disable-avahi --without-quotas --without-acl-support --without-winbind \ - --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \ + --without-ad-dc --without-json --without-libarchive --disable-python --nopyc --nopyo \ --disable-gnutls --without-dnsupdate --without-ads --without-ldap HOST_CONFIGURE_VARS += python_LDFLAGS="" python_LIBDIR="" @@ -240,11 +240,12 @@ ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) else CONFIGURE_ARGS += --without-acl-support endif +#BUG: We fail to get a wortking "python embedded interpreter" for AD_DC mode, seems mixed host/target libs. ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) CONFIGURE_ARGS += --enable-gnutls --with-dnsupdate --with-ads --with-ldap - TARGET_CFLAGS := -I$(STAGING_DIR)/usr/include/python2.7 $(TARGET_CFLAGS) + TARGET_CFLAGS := -I$(PYTHON3_INC_DIR) $(TARGET_CFLAGS) else - CONFIGURE_ARGS += --without-ad-dc --without-json-audit --without-libarchive --disable-python --nopyc --nopyo \ + CONFIGURE_ARGS += --without-ad-dc --without-json --without-libarchive --disable-python --nopyc --nopyo --nopycache \ --disable-gnutls --without-dnsupdate --without-ads --without-ldap CONFIGURE_VARS += \ python_LDFLAGS="" \ @@ -347,6 +348,15 @@ endif CONFIGURE_ARGS += --private-libraries=talloc,tevent,tevent-util,texpect,tdb,ldb,tdr,cmocka,replace # CONFIGURE_ARGS += --disable-symbol-versions +define Host/Configure + if [ $(CONFIG_SAMBA4_SERVER_AD_DC) = "y" ]; then \ + echo "Config error: SAMBA4_SERVER_AD_DC config option is broken atm!"; \ + echo "Last AD_DC version that builds is here: https://github.com/Andy2244/openwrt-extra/tree/samba-4.9 "; \ + exit 1; \ + fi + $(call Host/Configure/Default) +endef + define Host/Compile (cd $(HOST_BUILD_DIR); \ ./buildtools/bin/waf build \ @@ -380,6 +390,7 @@ define Build/Configure endef # BUG: We need to use "waf install --targets=" otherwise a "make install" or "waf install" will retrigger a full recompile of all possible targets! +# BUG: Samba4-10 "waf install --destdir" is not working, bins are not installed! define Build/Compile (cd $(PKG_BUILD_DIR); \ ./buildtools/bin/waf install \ @@ -395,65 +406,64 @@ endef define Package/samba4-libs/install $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/*.so* $(1)/usr/lib/ + $(CP) -L $(PKG_BUILD_DIR)/bin/shared/*.so* $(1)/usr/lib/ + $(CP) -L $(PKG_BUILD_DIR)/bin/shared/private/*.so* $(1)/usr/lib/ $(INSTALL_DIR) $(1)/usr/lib/samba/vfs $(1)/usr/lib/samba/idmap $(1)/usr/lib/samba/ldb $(1)/usr/lib/samba/krb5 - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/idmap ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/idmap $(1)/usr/lib/samba/; \ + if [ -d $(PKG_BUILD_DIR)/bin/modules/idmap ]; then \ + $(CP) -L $(PKG_BUILD_DIR)/bin/modules/idmap $(1)/usr/lib/samba/; \ fi - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/vfs ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/vfs $(1)/usr/lib/samba/; \ + if [ -d $(PKG_BUILD_DIR)/bin/modules/vfs ]; then \ + $(CP) -L $(PKG_BUILD_DIR)/bin/modules/vfs $(1)/usr/lib/samba/; \ fi - if [ -d $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 ]; then \ - $(CP) $(PKG_INSTALL_DIR)/usr/lib/samba/krb5 $(1)/usr/lib/samba/; \ + if [ -d $(PKG_BUILD_DIR)/bin/modules/krb5 ]; then \ + $(CP) -L $(PKG_BUILD_DIR)/bin/modules/krb5 $(1)/usr/lib/samba/; \ fi ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - $(INSTALL_DIR) $(1)/usr/lib/python2.7 - $(CP) $(PKG_INSTALL_DIR)/usr/lib/python2.7 $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/python3 + $(CP) $(PKG_INSTALL_DIR)/usr/lib/python3 $(1)/usr/lib/ endif endef define Package/samba4-client/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbclient,cifsdd} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{smbclient,cifsdd} $(1)/usr/bin/ endef define Package/samba4-admin/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{net,smbcontrol,profiles,rpcclient,smbcacls,smbcquotas} $(1)/usr/bin/ $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/eventlogadm $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/eventlogadm $(1)/usr/sbin/ endef define Package/samba4-utils/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbstatus,smbtree,smbget,mvxattr,nmblookup} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{smbstatus,smbtree,smbget,mvxattr,nmblookup} $(1)/usr/bin/ endef define Package/samba4-server/install $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{smbpasswd,pdbedit,testparm} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{smbpasswd,pdbedit,testparm} $(1)/usr/bin/ $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/smbd $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/smbd $(1)/usr/sbin/ ifeq ($(CONFIG_SAMBA4_SERVER_AD_DC),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/{samba-tool,ntlm_auth,smbtar} $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns} $(1)/usr/sbin/ - # waf does not install those? + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{samba-tool,ntlm_auth,smbtar} $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{samba,samba-gpupdate,samba_dnsupdate,samba_kcc,samba_spnupdate,samba_upgradedns} $(1)/usr/sbin/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/{samba4kinit,samba4kgetcred,samba4kpasswd,samba4ktutil} $(1)/usr/bin/ endif ifeq ($(CONFIG_SAMBA4_SERVER_NETBIOS),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nmbd $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/nmbd $(1)/usr/sbin/ endif ifeq ($(CONFIG_SAMBA4_SERVER_WINBIND),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/wbinfo $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/winbindd $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/wbinfo $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/winbindd $(1)/usr/sbin/ endif ifeq ($(CONFIG_SAMBA4_SERVER_ACL),y) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sharesec $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/sharesec $(1)/usr/bin/ endif $(INSTALL_DIR) $(1)/etc/config $(1)/etc/samba $(1)/etc/init.d - $(INSTALL_DATA) ./files/samba.config $(1)/etc/config/samba4 + $(INSTALL_CONF) ./files/samba.config $(1)/etc/config/samba4 $(INSTALL_DATA) ./files/smb.conf.template $(1)/etc/samba $(INSTALL_BIN) ./files/samba.init $(1)/etc/init.d/samba4 endef diff --git a/net/samba4/files/samba.init b/net/samba4/files/samba.init index b61f4bbe0..48a2d0dca 100644 --- a/net/samba4/files/samba.init +++ b/net/samba4/files/samba.init @@ -61,7 +61,7 @@ EOT [ -e /etc/samba/smb.conf ] || ln -nsf /var/etc/smb.conf /etc/samba/smb.conf - if [ -f /etc/samba/smb.conf ]; then + if ! [ -L /etc/samba/smb.conf ]; then logger -t 'samba4-server' "Local custom /etc/samba/smb.conf file detected, all luci/config settings are ignored!" fi @@ -75,6 +75,7 @@ smb_add_share() { local dir_mask local browseable local read_only + local writeable local guest_ok local guest_only local inherit_owner @@ -92,6 +93,7 @@ smb_add_share() { config_get dir_mask $1 dir_mask config_get browseable $1 browseable config_get read_only $1 read_only + config_get writeable $1 writeable config_get guest_ok $1 guest_ok config_get guest_only $1 guest_only config_get inherit_owner $1 inherit_owner @@ -118,6 +120,7 @@ smb_add_share() { [ -n "$browseable" ] && echo -e "\tbrowseable = $browseable" >> /var/etc/smb.conf [ -n "$read_only" ] && echo -e "\tread only = $read_only" >> /var/etc/smb.conf + [ -n "$writeable" ] && echo -e "\twriteable = $writeable" >> /var/etc/smb.conf [ -n "$guest_ok" ] && echo -e "\tguest ok = $guest_ok" >> /var/etc/smb.conf [ -n "$guest_only" ] && echo -e "\tguest only = $guest_only" >> /var/etc/smb.conf [ -n "$inherit_owner" ] && echo -e "\tinherit owner = $inherit_owner" >> /var/etc/smb.conf diff --git a/net/samba4/patches/003-samba-4-10-cross_compile-fix.patch b/net/samba4/patches/003-samba-4-10-cross_compile-fix.patch new file mode 100644 index 000000000..75049f97e --- /dev/null +++ b/net/samba4/patches/003-samba-4-10-cross_compile-fix.patch @@ -0,0 +1,89 @@ +From a197e0cafb276a9b732f914b1f679ebb487b47f1 Mon Sep 17 00:00:00 2001 +From: pinglin <pinglin@synology.com> +Date: Tue, 19 Mar 2019 20:46:27 +0800 +Subject: [PATCH] cross_compile argument doesn't apply + +reproduce: + ./configure --cross-compile --cross-answers=XXX + +The output log now will show correct cross-answers. +--- + third_party/waf/waflib/Context.py | 20 ++++++++++++++++++-- + third_party/waf/waflib/Tools/c_config.py | 11 +++++++---- + 2 files changed, 25 insertions(+), 6 deletions(-) + +diff --git a/third_party/waf/waflib/Context.py b/third_party/waf/waflib/Context.py +index 3222fb1551c..d1c87512095 100644 +--- a/third_party/waf/waflib/Context.py ++++ b/third_party/waf/waflib/Context.py +@@ -359,8 +359,16 @@ class Context(ctx): + + encoding = kw.pop('decode_as', default_encoding) + ++ exec_args = kw.pop('exec_args', []) ++ if isinstance(cmd, str): ++ cmd = [cmd] + exec_args ++ elif isinstance(cmd, list): ++ cmd = cmd + exec_args + try: +- ret, out, err = Utils.run_process(cmd, kw, cargs) ++ if exec_args: ++ ret, out, err = Utils.run_regular_process(cmd, kw, cargs) ++ else: ++ ret, out, err = Utils.run_process(cmd, kw, cargs) + except Exception as e: + raise Errors.WafError('Execution failure: %s' % str(e), ex=e) + +@@ -438,8 +446,16 @@ class Context(ctx): + + encoding = kw.pop('decode_as', default_encoding) + ++ exec_args = kw.pop('exec_args', []) ++ if isinstance(cmd, str): ++ cmd = [cmd] + exec_args ++ elif isinstance(cmd, list): ++ cmd = cmd + exec_args + try: +- ret, out, err = Utils.run_process(cmd, kw, cargs) ++ if exec_args: ++ ret, out, err = Utils.run_regular_process(cmd, kw, cargs) ++ else: ++ ret, out, err = Utils.run_process(cmd, kw, cargs) + except Exception as e: + raise Errors.WafError('Execution failure: %s' % str(e), ex=e) + +diff --git a/third_party/waf/waflib/Tools/c_config.py b/third_party/waf/waflib/Tools/c_config.py +index 76082152cd9..25e468b0844 100644 +--- a/third_party/waf/waflib/Tools/c_config.py ++++ b/third_party/waf/waflib/Tools/c_config.py +@@ -660,20 +660,23 @@ class test_exec(Task.Task): + """ + color = 'PINK' + def run(self): ++ exec_args = Utils.to_list(self.generator.exec_args) ++ + if getattr(self.generator, 'rpath', None): + if getattr(self.generator, 'define_ret', False): +- self.generator.bld.retval = self.generator.bld.cmd_and_log([self.inputs[0].abspath()]) ++ self.generator.bld.retval = self.generator.bld.cmd_and_log([self.inputs[0].abspath()], exec_args=exec_args) + else: +- self.generator.bld.retval = self.generator.bld.exec_command([self.inputs[0].abspath()]) ++ self.generator.bld.retval = self.generator.bld.exec_command([self.inputs[0].abspath()], exec_args=exec_args) + else: + env = self.env.env or {} + env.update(dict(os.environ)) + for var in ('LD_LIBRARY_PATH', 'DYLD_LIBRARY_PATH', 'PATH'): + env[var] = self.inputs[0].parent.abspath() + os.path.pathsep + env.get(var, '') ++ + if getattr(self.generator, 'define_ret', False): +- self.generator.bld.retval = self.generator.bld.cmd_and_log([self.inputs[0].abspath()], env=env) ++ self.generator.bld.retval = self.generator.bld.cmd_and_log([self.inputs[0].abspath()], env=env, exec_args=exec_args) + else: +- self.generator.bld.retval = self.generator.bld.exec_command([self.inputs[0].abspath()], env=env) ++ self.generator.bld.retval = self.generator.bld.exec_command([self.inputs[0].abspath()], env=env, exec_args=exec_args) + + @feature('test_exec') + @after_method('apply_link') +-- +2.17.1 + diff --git a/net/samba4/patches/004-samba-4-10-rpath-fix.patch b/net/samba4/patches/004-samba-4-10-rpath-fix.patch new file mode 100644 index 000000000..bec94e3df --- /dev/null +++ b/net/samba4/patches/004-samba-4-10-rpath-fix.patch @@ -0,0 +1,25 @@ +From f68bd76eab9a6e93b42f396a81aed64f65b99d1c Mon Sep 17 00:00:00 2001 +From: pinglin <pinglin@synology.com> +Date: Mon, 25 Mar 2019 20:43:54 +0800 +Subject: [PATCH] fix rpath error, this commit related to the previous one + +--- + buildtools/wafsamba/samba_waf18.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/buildtools/wafsamba/samba_waf18.py b/buildtools/wafsamba/samba_waf18.py +index cc310fbf512..47acc5b3c06 100644 +--- a/buildtools/wafsamba/samba_waf18.py ++++ b/buildtools/wafsamba/samba_waf18.py +@@ -220,7 +220,7 @@ def CHECK_LIBRARY_SUPPORT(conf, rpath=False, version_script=False, msg=None): + args = conf.SAMBA_CROSS_ARGS(msg=msg) + env = dict(os.environ) + env['LD_LIBRARY_PATH'] = self.inputs[0].parent.abspath() + os.pathsep + env.get('LD_LIBRARY_PATH', '') +- self.generator.bld.cmd_and_log([self.inputs[0].abspath()] + args, env=env) ++ self.generator.bld.cmd_and_log([self.inputs[0].abspath()] + args, env=env, exec_args=args) + o.post() + bld(rule=run_app, source=o.link_task.outputs[0]) + +-- +2.17.1 + diff --git a/net/samba4/patches/005-samba-4.10-disable_gnutls_build_fix.patch b/net/samba4/patches/005-samba-4.10-disable_gnutls_build_fix.patch new file mode 100644 index 000000000..12b2df3a5 --- /dev/null +++ b/net/samba4/patches/005-samba-4.10-disable_gnutls_build_fix.patch @@ -0,0 +1,32 @@ +From 41eeabcb0175659aebf6d480c43fb64310f37d9c Mon Sep 17 00:00:00 2001 +From: Andrew Bartlett <abartlet@samba.org> +Date: Wed, 20 Mar 2019 13:57:50 +1300 +Subject: [PATCH] build: Allow build when --disable-gnutls is set + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13844 + +Signed-off-by: Andrew Bartlett <abartlet@samba.org> +--- + lib/mscat/wscript | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/lib/mscat/wscript b/lib/mscat/wscript +index 7ca9ef567ee..4d1f752a3c1 100644 +--- a/lib/mscat/wscript ++++ b/lib/mscat/wscript +@@ -12,7 +12,11 @@ def configure(conf): + if not conf.find_program('asn1Parser', var='ASN1PARSER'): + Logs.warn('WARNING: ans1Parser hasn\'t been found! Please install it (e.g. libtasn1-bin)') + +- conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls') ++ # GnuTLS is currently able to be disabled ++ if conf.env.enable_gnutls: ++ conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls') ++ else: ++ Logs.warn('WARNING: gnutls disabled so dumpmscat will not be built') + + def build(bld): + if (bld.CONFIG_SET('HAVE_LIBTASN1') and +-- +2.11.0 + diff --git a/net/samba4/patches/006-samba-4-10-musl_rm_unistd_incl.patch b/net/samba4/patches/006-samba-4-10-musl_rm_unistd_incl.patch new file mode 100644 index 000000000..504bc0b08 --- /dev/null +++ b/net/samba4/patches/006-samba-4-10-musl_rm_unistd_incl.patch @@ -0,0 +1,13 @@ +--- a/lib/replace/replace.h ++++ b/lib/replace/replace.h +@@ -162,10 +162,6 @@ + #include <bsd/unistd.h> + #endif + +-#ifdef HAVE_UNISTD_H +-#include <unistd.h> +-#endif +- + #ifdef HAVE_STRING_H + #include <string.h> + #endif diff --git a/net/samba4/patches/010-source3-msgsock-nvram-fix.patch b/net/samba4/patches/010-source3-msgsock-nvram-fix.patch index 4c93a5a3e..682adec4e 100644 --- a/net/samba4/patches/010-source3-msgsock-nvram-fix.patch +++ b/net/samba4/patches/010-source3-msgsock-nvram-fix.patch @@ -5,7 +5,7 @@ } - priv_path = private_path("msg.sock"); -+ priv_path = lock_path("msg.sock"); ++ priv_path = lock_path(talloc_tos(), "msg.sock"); if (priv_path == NULL) { return NT_STATUS_NO_MEMORY; } @@ -14,7 +14,7 @@ msg_ctx->msg_dgm_ref = messaging_dgm_ref( msg_ctx, msg_ctx->event_ctx, &msg_ctx->id.unique_id, - private_path("msg.sock"), lck_path, -+ lock_path("msg.sock"), lck_path, ++ lock_path(talloc_tos(), "msg.sock"), lck_path, messaging_recv_cb, msg_ctx, &ret); if (msg_ctx->msg_dgm_ref == NULL) { diff --git a/net/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch b/net/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch deleted file mode 100644 index e0766b60f..000000000 --- a/net/samba4/patches/100-do-not-import-target-module-while-cross-compile.patch +++ /dev/null @@ -1,56 +0,0 @@ -Some modules such as dynamic library maybe cann't be imported while cross compile, -we just check whether does the module exist. - -Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> - ---- a/buildtools/wafsamba/samba_bundled.py -+++ b/buildtools/wafsamba/samba_bundled.py -@@ -2,6 +2,7 @@ - - import sys - import Build, Options, Logs -+import imp, os - from Configure import conf - from samba_utils import TO_LIST - -@@ -249,17 +250,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, li - # versions - minversion = minimum_library_version(conf, libname, minversion) - -- try: -- m = __import__(modulename) -- except ImportError: -- found = False -- else: -+ # Find module in PYTHONPATH -+ stuff = imp.find_module(modulename, [os.environ["PYTHONPATH"]]) -+ if stuff: - try: -- version = m.__version__ -- except AttributeError: -+ m = imp.load_module(modulename, stuff[0], stuff[1], stuff[2]) -+ except ImportError: - found = False -+ -+ if conf.env.CROSS_COMPILE: -+ # Some modules such as dynamic library maybe cann't be imported -+ # while cross compile, we just check whether the module exist -+ Logs.warn('Cross module[%s] has been found, but can not be loaded.' % (stuff[1])) -+ found = True - else: -- found = tuplize_version(version) >= tuplize_version(minversion) -+ try: -+ version = m.__version__ -+ except AttributeError: -+ found = False -+ else: -+ found = tuplize_version(version) >= tuplize_version(minversion) -+ finally: -+ if stuff[0]: -+ stuff[0].close() -+ else: -+ found = False -+ - if not found and not conf.LIB_MAY_BE_BUNDLED(libname): - Logs.error('ERROR: Python module %s of version %s not found, and bundling disabled' % (libname, minversion)) - sys.exit(1) diff --git a/net/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch b/net/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch deleted file mode 100644 index e164d56f5..000000000 --- a/net/samba4/patches/102-samba-4.8.2-unbundle-libreadline.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/libcli/smbreadline/wscript_configure -+++ b/libcli/smbreadline/wscript_configure -@@ -1,11 +1,13 @@ - #!/usr/bin/env python - - --conf.CHECK_HEADERS('readline.h history.h readline/readline.h readline/history.h') --for termlib in ['ncurses', 'curses', 'termcap', 'terminfo', 'termlib', 'tinfo']: -- if conf.CHECK_FUNCS_IN('tgetent', termlib): -- conf.env['READLINE_TERMLIB'] = termlib -- break -+#conf.CHECK_HEADERS('readline.h history.h readline/readline.h readline/history.h') -+#for termlib in ['ncurses', 'curses', 'termcap', 'terminfo', 'termlib', 'tinfo']: -+# if conf.CHECK_FUNCS_IN('tgetent', termlib): -+# conf.env['READLINE_TERMLIB'] = termlib -+# break -+ -+conf.undefine('HAVE_READLINE_READLINE_H') - - # - # Check if we need to work around readline/readline.h diff --git a/net/samba4/patches/103-samba-4.8.5-unbundle-libbsd.patch b/net/samba4/patches/102-samba-4.8.5-unbundle-libbsd.patch index c8eae598d..c8eae598d 100644 --- a/net/samba4/patches/103-samba-4.8.5-unbundle-libbsd.patch +++ b/net/samba4/patches/102-samba-4.8.5-unbundle-libbsd.patch diff --git a/net/samba4/patches/103-tmsize-overflow-fix.patch b/net/samba4/patches/103-tmsize-overflow-fix.patch new file mode 100644 index 000000000..5d6cebe16 --- /dev/null +++ b/net/samba4/patches/103-tmsize-overflow-fix.patch @@ -0,0 +1,21 @@ +--- a/source3/modules/vfs_fruit.c 2019-07-09 ++++ b/source3/modules/vfs_fruit.c 2019-07-09 +@@ -6995,12 +6995,12 @@ static bool fruit_tmsize_do_dirent(vfs_h + return true; + } + +- if (bandsize > SIZE_MAX/nbands) { +- DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", +- bandsize, nbands); +- return false; +- } +- tm_size = bandsize * nbands; ++ // if (bandsize > SIZE_MAX/nbands) { ++ // DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", ++ // bandsize, nbands); ++ // return false; ++ // } ++ tm_size = (off_t)bandsize * (off_t)nbands; + + if (state->total_size + tm_size < state->total_size) { + DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", diff --git a/net/samba4/patches/104-tmsize-overflow-check.patch b/net/samba4/patches/104-tmsize-overflow-check.patch deleted file mode 100644 index 8a35a783b..000000000 --- a/net/samba4/patches/104-tmsize-overflow-check.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c -index 14d7a797451..1982f128cb3 100644 ---- a/source3/modules/vfs_fruit.c -+++ b/source3/modules/vfs_fruit.c -@@ -119,6 +119,18 @@ static struct global_fruit_config { - #define AFPRESOURCE_EA_NETATALK "user." NETATALK_RSRC_XATTR - #endif - -+#ifndef OFF_T_MAX -+#if SIZEOF_OFF_T == SIZEOF_INT8_T -+#define OFF_T_MAX INT8_MAX -+#elif SIZEOF_OFF_T == SIZEOF_INT16_T -+#define OFF_T_MAX INT16_MAX -+#elif SIZEOF_OFF_T == SIZEOF_INT32_T -+#define OFF_T_MAX INT32_MAX -+#elif SIZEOF_OFF_T == SIZEOF_INT64_T -+#define OFF_T_MAX INT64_MAX -+#endif -+#endif -+ - enum apple_fork {APPLE_FORK_DATA, APPLE_FORK_RSRC}; - - enum fruit_rsrc {FRUIT_RSRC_STREAM, FRUIT_RSRC_ADFILE, FRUIT_RSRC_XATTR}; -@@ -6867,7 +6879,7 @@ static bool fruit_tmsize_do_dirent(vfs_handle_struct *handle, - return true; - } - -- if (bandsize > SIZE_MAX/nbands) { -+ if (bandsize > OFF_T_MAX/nbands) { - DBG_ERR("tmsize overflow: bandsize [%zu] nbands [%zu]\n", - bandsize, nbands); - return false; |