aboutsummaryrefslogtreecommitdiff
path: root/net/samba4/Makefile
Commit message (Collapse)AuthorAge
* samba4: decouple quotas from vfs optionJavier Marcet2023-04-29
| | | | Signed-off-by: Javier Marcet <javier@marcet.info>
* treewide: refactor to use PKG_BUILD_FLAGS:=gc-sectionsAndre Heider2023-04-08
| | | | | | | | | | | | See commit da370098 "treewide: add support for "gc-sections" in PKG_BUILD_FLAGS" on the main repository. Note: This only touches packages which use all three parts (-ffunction-sections, -fdata-sections and -Wl,--gc-sections) enabled by this build flag. Some packages only use a subset, and these are left unchanged for now. Signed-off-by: Andre Heider <a.heider@gmail.com>
* samba4: update to 4.18.0Andrew Sim2023-03-27
| | | | | | Samba release history: https://www.samba.org/samba/history/samba-4.18.0.html Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: update to 4.17.5Michael Peleshenko2023-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * update to 4.17.5 * changelog: https://www.samba.org/samba/history/samba-4.17.5 * refresh patch * CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. https://www.samba.org/samba/security/CVE-2022-42898.html * CVE-2022-37966: This is the Samba CVE for the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022. A Samba Active Directory DC will issue weak rc4-hmac session keys for use between modern clients and servers despite all modern Kerberos implementations supporting the aes256-cts-hmac-sha1-96 cipher. On Samba Active Directory DCs and members 'kerberos encryption types = legacy' would force rc4-hmac as a client even if the server supports aes128-cts-hmac-sha1-96 and/or aes256-cts-hmac-sha1-96. https://www.samba.org/samba/security/CVE-2022-37966.html * CVE-2022-37967: This is the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022. A service account with the special constrained delegation permission could forge a more powerful ticket than the one it was presented with. https://www.samba.org/samba/security/CVE-2022-37967.html * CVE-2022-38023: The "RC4" protection of the NetLogon Secure channel uses the same algorithms as rc4-hmac cryptography in Kerberos, and so must also be assumed to be weak. https://www.samba.org/samba/security/CVE-2022-38023.html * BUG 15210: synthetic_pathref AFP_AfpInfo failed errors. This resolves errors logged during macOS TimeMachine backups. https://bugzilla.samba.org/show_bug.cgi?id=15210 Signed-off-by: Michael Peleshenko <mpeleshenko@gmail.com>
* samba4: update to 4.17.2Andrew Sim2022-11-06
| | | | | | | | | | | | | | update samba to 4.17.2 * CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html * CVE-2022-3592: A malicious client can use a symlink to escape the exported directory. https://www.samba.org/samba/security/CVE-2022-3592.html Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: update to 4.17.1Andrew Sim2022-10-23
| | | | | | | | * update to 4.17.1 * changelog: https://www.samba.org/samba/history/samba-4.17.1 * refresh patch Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: change perl dependency to fix menuconfigAndrew Sim2022-10-14
| | | | | | | | | Adding perlbase-json-pp to samba4-libs dependencies was the wrong approach and caused samba packages not to be offered by menuconfig. AFAIK perlbase-json-pp is a perl helper to building samba4 and seems to be already included in perl/host so use that instead to fix the menuconfig issues. Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: update to 4.17.0Andrew Sim2022-10-07
| | | | Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: update to 4.14.14Andrew Sim2022-10-03
| | | | | | | * update to 4.14.14 * fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742 Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* samba4: drop maintainershipAndy Walsh2022-06-21
| | | | | | | | | | | | | drop maintainership: * samba4 * ksmbd-tools * perl-parse-yapp * libtirpc * softethervpn5 * wsdd2 * rpcsvc-proto Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: fix build on macosSergey V. Lobanov2022-05-22
| | | | | | | | | | | This commit fixes two issues on macos: 1. Added a patch to fix 'echo -n' issue with MacOS shell (backported from upstream) 2. Redefined sys.platform='linux' for target build if build host is MacOS (otherwise, build script tries to use MacOS logic for OpenWrt(Linux) target build) Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* samba4: update to 4.14.12Andy Walsh2022-02-01
| | | | | | | * update to 4.14.12 * fixes: CVE-2021-44142, CVE-2022-0336 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.14.11; fix AD_DC buildAndy Walsh2022-01-28
| | | | | | | | | | | * update to 4.14.11 * fix AD_DC build * add vfs_widelinks to defaults * refresh patches * fixes: #16697, #17692 * fixes: CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-3738, CVE-2021-23192 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba: update to 4.14.7Andy Walsh2021-09-08
| | | | | | * update to 4.14.7 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: allow disabling wsdd2 in menuconfigFritz D. Ansel2021-08-15
| | | | | | | | but keep it selected by default as before so it could be selected if nmbd and/or wssd2 should be used Signed-off-by: Fritz D. Ansel <fdansel@yandex.ru>
* samba4: update to 4.14.5Andy Walsh2021-06-27
| | | | | | | * update to 4.14.5 * refresh patches Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.13.9Andy Walsh2021-06-17
| | | | | | * update to 4.13.9 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.13.8Andy Walsh2021-05-06
| | | | | | | | | * update to 4.13.8 * remove faulty io_uring kernel detection * fixes CVE's: CVE-2020-27840, CVE-2021-20277, CVE-2020-27840, CVE-2021-20277, CVE-2020-27840, CVE-2021-20277, CVE-2021-20254 * resolves #15512 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.13.4Andy Walsh2021-01-26
| | | | | | * update to 4.13.4 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: add proper io_uring kernel detectionAndy Walsh2021-01-11
| | | | | | * add proper io_uring kernel detection Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.13.3, enbale io_uringAndy Walsh2021-01-08
| | | | | | | | | | | * update to 4.13.3 * enable vfs io_uring module by default, if kernel supports it * fix for possible exploit openwrt/packages#13758 * sanetize all external template/config inputs * fix some shellcheck warnings * remove old aio modules/deps Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.13.2Andy Walsh2020-12-08
| | | | | | | * update to 4.13.2 * remove outdated option "write cache size" Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to version 4.12.7Jan Pavlinec2020-09-24
| | | | | | | | Note: Fixes CVE-2020-1472 in case smb.conf contains 'server schannel = no' or 'server schannel = auto' Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* samba4: update to 4.12.6Andy Walsh2020-09-13
| | | | | | | * update to 4.12.6 * fix optional modules not included on module build (vfs_btrfs, vfs_linux_xfs_sgid) Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.12.5Andy Walsh2020-07-03
| | | | | | | | | | * update to 4.12.5 * fixes CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, CVE-2020-14303 * add fix-musl_missing__nss_buflen_passwd.patch * remove fixed tirpc include * add extra CONFIGURE_VARS (XSLTPROC=false, WAF_NO_PREFORK=1) Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: add new UCI option "enable_extra_tuning"Andy Walsh2020-06-27
| | | | | | | | | * add new UCI option "enable_extra_tuning" * update template * add config examples for options * fix some access warnings on samba /var dirs Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: fix python3 host pathsAndy Walsh2020-06-19
| | | | | | * fix python3 host paths, ensure we use build hostpkg tools Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update waf-cross-answersAndy Walsh2020-06-16
| | | | | | * update waf-cross-answers for 4.12.x Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: unbundle libunwind, icuAndy Walsh2020-06-14
| | | | | | * add unbundle libunwind, icu patches Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.12.3Andy Walsh2020-06-13
| | | | | | | | * update to 4.12.3 * update/remove patches * disable netbios port 139 on 'DISABLE_NETBIOS' option or missing 'nmbd' Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* treewide: Remove Python variants for non-Python packagesJeffery To2020-04-19
| | | | | | | | | | | This removes Python-related build variants, and adds PYTHON3_PKG_BUILD:=0 and minor build adjustments (where appropriate), for non-Python packages. There should be no changes to build output. This also updates some include paths for python3-package.mk and/or python3-host.mk to be relative to the package Makefile. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* samba4: bring back the fix to build with parallel jobsDaniel Bermond2020-02-23
| | | | | | | | | Fixes #11417 The fix was implemented in commit 710700c and was later removed in commit c50c583. Signed-off-by: Daniel Bermond <danielbermond@gmail.com>
* samba4: update to 4.11.6, add new UCI optionAndy Walsh2020-02-09
| | | | | | | * update to 4.11.6 * add new UCI option "allow_legacy_protocols" to section [samba] Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: fix libpam depsAndy Walsh2019-12-20
| | | | | | * use old workaround for broken unbundle pam patch Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.11.4Andy Walsh2019-12-17
| | | | | | | | | | | | | | * update to 4.11.4 (python3 version) * re-enable AD-DC option * add 'samba_nice' UCI option via "config procd 'extra'" * restructure buildsteps (don't rely on waf --targets logic) * move quota option into VFS * move ACL option into AC-DC * add more admin-tools * use rpath_install for libs * fix rpath + rstrip Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: make host-buildtools private/add suffixAndy Walsh2019-12-03
| | | | | | | | * fix openwrt/packages#10700 * add suffix to asn1_compile, compile_et to avoid krb5 conflicts * bundle samba's com_err Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.9.16, remove AD-DC/Winbind optionsAndy Walsh2019-11-28
| | | | | | | | | * update to 4.9.16 * cherry-pick some musl alpine/openembedded patches * cleanup/remove AD-DC/Winbind options and related code * build the compile_et via samba4/host Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: add UCI option 'disable_async_io'Andy Walsh2019-11-22
| | | | | | | * add UCI option 'disable_async_io' * remove [homes] options Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.9.15Andy Walsh2019-11-08
| | | | | | | | * update to 4.9.15 * fixes CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 * update smb.conf.template (aio, sendfile) Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* treewide: add PKG_CPE_ID for better cvescanner coverageJan Pavlinec2019-09-17
| | | | Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* samba4: update to version 4.9.13 (security fix)Jan Pavlinec2019-09-04
| | | | | | Fixes CVE-2019-10197 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* samba4: add python2 host dependencyAndy Walsh2019-07-30
| | | | | | * add python2/host dependency Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: Run init script through shellcheckRosen Penev2019-07-28
| | | | | | Some performance improvements by batching file writes. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* samba4: revert to 4.9.11Andy Walsh2019-07-21
| | | | | | | | * revert to 4.9.x series (4.10 needs too many unofficial patches and has weird waf bugs) * cleanup patches * enable AD_DC build option again Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: add libreadline dep, cleanup old patchesAndy Walsh2019-07-14
| | | | | | | * add missing libreadline dep * remove old patches Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.10.6Andy Walsh2019-07-13
| | | | | | | | | | * update to 4.10.6 * use python3 * disable SERVER_AD_DC option (bugged atm) * fix init script symlink smb.conf detection * add new deps (libtasn1, libopenssl) Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.9.8Andy Walsh2019-05-16
| | | | | | * fixes CVE-2018-16860 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: update to 4.9.7Andy Walsh2019-05-10
| | | | | | | * update to 4.9.7 * add write_list, read_list UCI support Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* samba4: fix build with parallel jobsAndy Walsh2019-04-24
| | | | | | * fixes openwrt/packages#8721 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* Samba4: Rework URLsDaniel Engberg2019-04-17
| | | | | | | | | Avoid Hetzner hosted servers due to availability (.ru users) and try to keep availability as good as possible without sacrificing performance for the majority of users. Update upstream project download URL Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Powered by cgit, Themed by Ted Yin.