mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-16 07:58:04 +00:00
Update samba ports to address CVE-2015-0240
Security: CVE-2015-0240
This commit is contained in:
parent
22f0609652
commit
180b64bf93
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=379838
@ -102,15 +102,30 @@ OPTIONS_DEFINE= ACL_SUPPORT ADS AIO_SUPPORT AVAHI CUPS DNSUPDATE \
|
|||||||
DOCS EXAMPLES EXP_MODULES FAM IPV6 LDAP \
|
DOCS EXAMPLES EXP_MODULES FAM IPV6 LDAP \
|
||||||
MAX_DEBUG PAM_SMBPASS POPT PTHREADPOOL QUOTAS \
|
MAX_DEBUG PAM_SMBPASS POPT PTHREADPOOL QUOTAS \
|
||||||
SMBTORTURE SWAT SYSLOG UTMP WINBIND
|
SMBTORTURE SWAT SYSLOG UTMP WINBIND
|
||||||
|
OPTIONS_RADIO= GSSAPI
|
||||||
|
OPTIONS_RADIO_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
|
||||||
|
|
||||||
OPTIONS_DEFAULT= ACL_SUPPORT AIO_SUPPORT CUPS LDAP POPT PTHREADPOOL \
|
OPTIONS_DEFAULT= ACL_SUPPORT AIO_SUPPORT CUPS LDAP POPT PTHREADPOOL \
|
||||||
WINBIND
|
WINBIND GSSAPI_NONE
|
||||||
|
|
||||||
ACL_SUPPORT_DESC= ACL support
|
ACL_SUPPORT_DESC= ACL support
|
||||||
|
|
||||||
ADS_DESC= Active Directory support
|
ADS_DESC= Active Directory support
|
||||||
AIO_SUPPORT_DESC= Asynchronous IO support
|
ADS_CONFIGURE_ON= --with-ads --with-krb5="${GSSAPIBASEDIR}"
|
||||||
DNSUPDATE_DESC= Dynamic DNS update (requires ADS)
|
ADS_CONFIGURE_OFF= --without-ads --without-krb5
|
||||||
|
|
||||||
|
AIO_SUPPORT_DESC= Asyncronous IO support
|
||||||
|
DNSUPDATE_DESC= Dynamic DNS update(require ADS)
|
||||||
EXP_MODULES_DESC= Experimental modules
|
EXP_MODULES_DESC= Experimental modules
|
||||||
|
|
||||||
|
GSSAPI_BASE_DESC= Use Heimdal in base
|
||||||
|
GSSAPI_BASE_USES= gssapi
|
||||||
|
GSSAPI_HEIMDAL_DESC= Use Heimdal from ports
|
||||||
|
GSSAPI_HEIMDAL_USES= gssapi:heimdal,flags
|
||||||
|
GSSAPI_MIT_DESC= Use MIT Kerberos V5
|
||||||
|
GSSAPI_MIT_USES= gssapi:mit,flags
|
||||||
|
GSSAPI_NONE_DESC= No Kerberos support
|
||||||
|
|
||||||
MAX_DEBUG_DESC= Maximum debugging
|
MAX_DEBUG_DESC= Maximum debugging
|
||||||
PAM_SMBPASS_DESC= PAM authentication via passdb backends
|
PAM_SMBPASS_DESC= PAM authentication via passdb backends
|
||||||
POPT_DESC= System-wide POPT library
|
POPT_DESC= System-wide POPT library
|
||||||
@ -316,26 +331,11 @@ PLIST_SUB+= SMBTORTURE="@comment "
|
|||||||
###
|
###
|
||||||
|
|
||||||
.if ${PORT_OPTIONS:MADS}
|
.if ${PORT_OPTIONS:MADS}
|
||||||
SAMBA_WANT_LDAP= yes
|
. if ${PORT_OPTIONS:MGSSAPI_NONE}
|
||||||
SAMBA_WANT_KRB5= yes
|
|
||||||
CONFIGURE_ARGS+= --with-ads
|
|
||||||
.else
|
|
||||||
CONFIGURE_ARGS+= --without-ads
|
|
||||||
.endif
|
|
||||||
# Kerberos5 is necessary for ADS
|
# Kerberos5 is necessary for ADS
|
||||||
.if defined(SAMBA_WANT_KRB5)
|
IGNORE= ADS support requires GSSAPI_BASE, GSSAPI_HEIMDAL, or GSSAPI_MIT
|
||||||
.if defined(KRB5_HOME) && exists(${KRB5_HOME}/lib/libgssapi_krb5.so)
|
. endif
|
||||||
CONFIGURE_ARGS+= --with-krb5="${KRB5_HOME}"
|
SAMBA_WANT_LDAP= yes
|
||||||
.elif defined(HEIMDAL_HOME) && exists(${HEIMDAL_HOME}/lib/libgssapi.so)
|
|
||||||
CONFIGURE_ARGS+= --with-krb5="${HEIMDAL_HOME}"
|
|
||||||
.elif exists(/usr/lib/libkrb5.so) && exists(/usr/bin/krb5-config)
|
|
||||||
CONFIGURE_ARGS+= --with-krb5="/usr"
|
|
||||||
.else
|
|
||||||
LIB_DEPENDS+= libkrb5.so:${PORTSDIR}/security/heimdal
|
|
||||||
CONFIGURE_ARGS+= --with-krb5="${LOCALBASE}"
|
|
||||||
.endif
|
|
||||||
.else
|
|
||||||
CONFIGURE_ARGS+= --without-krb5
|
|
||||||
.endif
|
.endif
|
||||||
|
|
||||||
.if defined(SAMBA_WANT_LDAP)
|
.if defined(SAMBA_WANT_LDAP)
|
||||||
|
@ -18,7 +18,7 @@ CONFLICTS?= *samba3[2-6]-3.* samba41-4.1.*
|
|||||||
|
|
||||||
SAMBA4_BASENAME= samba
|
SAMBA4_BASENAME= samba
|
||||||
SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4
|
SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4
|
||||||
SAMBA4_VERSION= 4.0.24
|
SAMBA4_VERSION= 4.0.25
|
||||||
SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
|
SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
|
||||||
|
|
||||||
WRKSRC?= ${WRKDIR}/${DISTNAME}
|
WRKSRC?= ${WRKDIR}/${DISTNAME}
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
SHA256 (samba-4.0.24.tar.gz) = e1e4068c65684848d8cb17c8997c91be426ff75ccd617f647878307817af615a
|
SHA256 (samba-4.0.25.tar.gz) = e6a07940a658b81d368fc7ed8e5068bd27188996d73dee1cea9755682cb9a485
|
||||||
SIZE (samba-4.0.24.tar.gz) = 22148369
|
SIZE (samba-4.0.25.tar.gz) = 22150978
|
||||||
|
@ -27,15 +27,9 @@
|
|||||||
|
|
||||||
name="samba_server"
|
name="samba_server"
|
||||||
rcvar=${name}_enable
|
rcvar=${name}_enable
|
||||||
|
|
||||||
# Defaults
|
# Defaults
|
||||||
samba_server_config_default="%%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%%"
|
samba_server_config_default="%%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%%"
|
||||||
samba_server_config=${samba_server_config=${samba_server_config_default}}
|
|
||||||
samba_server_configfile_arg=${samba_server_config:+--configfile="${samba_server_config}"} #"
|
|
||||||
#testparm_command="%%PREFIX%%/bin/samba-tool testparm --suppress-prompt --verbose ${samba_server_configfile_arg}"
|
|
||||||
testparm_command="%%PREFIX%%/bin/testparm --suppress-prompt --verbose ${samba_server_config}"
|
|
||||||
smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
|
smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
|
||||||
|
|
||||||
# Custom commands
|
# Custom commands
|
||||||
extra_commands="reload status"
|
extra_commands="reload status"
|
||||||
|
|
||||||
@ -48,7 +42,6 @@ status_cmd="samba_server_cmd"
|
|||||||
reload_cmd="samba_server_reload_cmd"
|
reload_cmd="samba_server_reload_cmd"
|
||||||
rcvar_cmd="samba_server_rcvar_cmd"
|
rcvar_cmd="samba_server_rcvar_cmd"
|
||||||
|
|
||||||
|
|
||||||
samba_server_checkconfig() {
|
samba_server_checkconfig() {
|
||||||
echo -n "Performing sanity check on Samba configuration: "
|
echo -n "Performing sanity check on Samba configuration: "
|
||||||
if ${testparm_command} >/dev/null 2>&1; then
|
if ${testparm_command} >/dev/null 2>&1; then
|
||||||
@ -144,6 +137,14 @@ samba_server_cmd() {
|
|||||||
|
|
||||||
samba_server_config_init() {
|
samba_server_config_init() {
|
||||||
local name
|
local name
|
||||||
|
# Load configuration
|
||||||
|
load_rc_config "${name}"
|
||||||
|
# Defaults
|
||||||
|
samba_server_enable=${samba_server_enable:=NO}
|
||||||
|
samba_server_config=${samba_server_config=${samba_server_config_default}}
|
||||||
|
samba_server_configfile_arg=${samba_server_config:+--configfile="${samba_server_config}"} #"
|
||||||
|
#testparm_command="%%PREFIX%%/bin/samba-tool testparm --suppress-prompt --verbose ${samba_server_configfile_arg}"
|
||||||
|
testparm_command="%%PREFIX%%/bin/testparm --suppress-prompt --verbose ${samba_server_config}"
|
||||||
# Determine what daemons are necessary to run Samba in the current role
|
# Determine what daemons are necessary to run Samba in the current role
|
||||||
samba_server_role=$(${testparm_command} --parameter-name='server role' 2>/dev/null)
|
samba_server_role=$(${testparm_command} --parameter-name='server role' 2>/dev/null)
|
||||||
case "${samba_server_role}" in
|
case "${samba_server_role}" in
|
||||||
@ -154,38 +155,34 @@ samba_server_config_init() {
|
|||||||
samba_daemons="nmbd smbd winbindd"
|
samba_daemons="nmbd smbd winbindd"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Load configuration
|
# Load daemons configuration
|
||||||
load_rc_config "${name}"
|
|
||||||
for name in ${samba_daemons}; do
|
for name in ${samba_daemons}; do
|
||||||
load_rc_config "${name}"
|
load_rc_config "${name}"
|
||||||
done
|
# If samba_server_enable is 'YES'
|
||||||
# Defaults
|
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
|
||||||
samba_server_enable=${samba_server_enable:=NO}
|
if [ "${name}" != "winbindd" ]; then
|
||||||
# Setup dependent variables
|
# Set variable to 'YES' only if it is unset
|
||||||
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
|
eval ${name}_enable=\${${name}_enable-YES}
|
||||||
for name in ${samba_daemons}; do
|
else
|
||||||
# Winbindd
|
# Winbindd
|
||||||
if [ "${name}" = "winbindd" ]; then
|
|
||||||
samba_server_idmap=$(${testparm_command} --parameter-name='idmap uid' 2>/dev/null)
|
samba_server_idmap=$(${testparm_command} --parameter-name='idmap uid' 2>/dev/null)
|
||||||
if [ -n "${samba_server_idmap}" ]; then
|
if [ -n "${samba_server_idmap}" ]; then
|
||||||
winbindd_enable="YES"
|
winbindd_enable="YES"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
# Set variable to 'YES' only if it is unset
|
fi
|
||||||
eval ${name}_enable=\${${name}_enable-YES}
|
# If variable is empty, set it to 'NO'
|
||||||
# If variable is empty set it to 'NO'
|
eval ${name}_enable=\${${name}_enable:-NO}
|
||||||
eval ${name}_enable=\${${name}_enable:-NO}
|
done
|
||||||
done
|
# Fetch parameters from configuration file
|
||||||
fi
|
samba_server_lockdir="$(${testparm_command} --parameter-name='lock directory' 2>/dev/null)"
|
||||||
|
samba_server_lockdir=${samba_server_lockdir:=%%SAMBA4_LOCKDIR%%}
|
||||||
|
samba_server_piddir="$(${testparm_command} --parameter-name='pid directory' 2>/dev/null)"
|
||||||
|
samba_server_piddir=${samba_server_piddir:=%%SAMBA4_RUNDIR%%}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Load configuration variables
|
# Load configuration variables
|
||||||
samba_server_config_init
|
samba_server_config_init
|
||||||
# Fetch parameters from configuration file
|
|
||||||
samba_server_lockdir=$(${testparm_command} --parameter-name='lock directory' 2>/dev/null)
|
|
||||||
samba_server_lockdir=${samba_server_lockdir=%%SAMBA4_LOCKDIR%%}
|
|
||||||
samba_server_piddir=$(${testparm_command} --parameter-name='pid directory' 2>/dev/null)
|
|
||||||
samba_server_piddir=${samba_server_piddir=%%SAMBA4_RUNDIR%%}
|
|
||||||
# Common flags
|
# Common flags
|
||||||
command_args=${samba_server_configfile_arg}
|
command_args=${samba_server_configfile_arg}
|
||||||
samba_flags=${samba_flags="--daemon"}
|
samba_flags=${samba_flags="--daemon"}
|
||||||
|
@ -18,7 +18,7 @@ CONFLICTS?= *samba3[2-6]-3.* samba4-4.0.*
|
|||||||
|
|
||||||
SAMBA4_BASENAME= samba
|
SAMBA4_BASENAME= samba
|
||||||
SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4
|
SAMBA4_PORTNAME= ${SAMBA4_BASENAME}4
|
||||||
SAMBA4_VERSION= 4.1.16
|
SAMBA4_VERSION= 4.1.17
|
||||||
SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
|
SAMBA4_DISTNAME= ${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
|
||||||
|
|
||||||
WRKSRC?= ${WRKDIR}/${DISTNAME}
|
WRKSRC?= ${WRKDIR}/${DISTNAME}
|
||||||
@ -102,8 +102,8 @@ BUILD_DEPENDS+= tevent>=0.9.18:${PORTSDIR}/devel/tevent
|
|||||||
RUN_DEPENDS+= tevent>=0.9.18:${PORTSDIR}/devel/tevent
|
RUN_DEPENDS+= tevent>=0.9.18:${PORTSDIR}/devel/tevent
|
||||||
SAMBA4_BUNDLED_LIBS+= !tevent
|
SAMBA4_BUNDLED_LIBS+= !tevent
|
||||||
# tdb
|
# tdb
|
||||||
BUILD_DEPENDS+= tdb>=1.2.11:${PORTSDIR}/databases/tdb
|
BUILD_DEPENDS+= tdb>=1.2.12:${PORTSDIR}/databases/tdb
|
||||||
RUN_DEPENDS+= tdb>=1.2.11:${PORTSDIR}/databases/tdb
|
RUN_DEPENDS+= tdb>=1.2.12:${PORTSDIR}/databases/tdb
|
||||||
SAMBA4_BUNDLED_LIBS+= !tdb
|
SAMBA4_BUNDLED_LIBS+= !tdb
|
||||||
# ntdb
|
# ntdb
|
||||||
BUILD_DEPENDS+= ntdb>=1.0:${PORTSDIR}/databases/ntdb
|
BUILD_DEPENDS+= ntdb>=1.0:${PORTSDIR}/databases/ntdb
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
SHA256 (samba-4.1.16.tar.gz) = 12a09c167bfa25f50b82775bcbeda94c71c5d71d3b0d1210f6dae0f23020a87b
|
SHA256 (samba-4.1.17.tar.gz) = 7aeb5d09e9c84bbeeb4b98d33404e9dbc4d99c54e64a447cc9c4d57e9255cb1d
|
||||||
SIZE (samba-4.1.16.tar.gz) = 19534236
|
SIZE (samba-4.1.17.tar.gz) = 19536407
|
||||||
|
@ -27,15 +27,9 @@
|
|||||||
|
|
||||||
name="samba_server"
|
name="samba_server"
|
||||||
rcvar=${name}_enable
|
rcvar=${name}_enable
|
||||||
|
|
||||||
# Defaults
|
# Defaults
|
||||||
samba_server_config_default="%%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%%"
|
samba_server_config_default="%%SAMBA4_CONFDIR%%/%%SAMBA4_CONFIG%%"
|
||||||
samba_server_config=${samba_server_config=${samba_server_config_default}}
|
|
||||||
samba_server_configfile_arg=${samba_server_config:+--configfile="${samba_server_config}"} #"
|
|
||||||
#testparm_command="%%PREFIX%%/bin/samba-tool testparm --suppress-prompt --verbose ${samba_server_configfile_arg}"
|
|
||||||
testparm_command="%%PREFIX%%/bin/testparm --suppress-prompt --verbose ${samba_server_config}"
|
|
||||||
smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
|
smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
|
||||||
|
|
||||||
# Custom commands
|
# Custom commands
|
||||||
extra_commands="reload status"
|
extra_commands="reload status"
|
||||||
|
|
||||||
@ -48,7 +42,6 @@ status_cmd="samba_server_cmd"
|
|||||||
reload_cmd="samba_server_reload_cmd"
|
reload_cmd="samba_server_reload_cmd"
|
||||||
rcvar_cmd="samba_server_rcvar_cmd"
|
rcvar_cmd="samba_server_rcvar_cmd"
|
||||||
|
|
||||||
|
|
||||||
samba_server_checkconfig() {
|
samba_server_checkconfig() {
|
||||||
echo -n "Performing sanity check on Samba configuration: "
|
echo -n "Performing sanity check on Samba configuration: "
|
||||||
if ${testparm_command} >/dev/null 2>&1; then
|
if ${testparm_command} >/dev/null 2>&1; then
|
||||||
@ -144,6 +137,14 @@ samba_server_cmd() {
|
|||||||
|
|
||||||
samba_server_config_init() {
|
samba_server_config_init() {
|
||||||
local name
|
local name
|
||||||
|
# Load configuration
|
||||||
|
load_rc_config "${name}"
|
||||||
|
# Defaults
|
||||||
|
samba_server_enable=${samba_server_enable:=NO}
|
||||||
|
samba_server_config=${samba_server_config=${samba_server_config_default}}
|
||||||
|
samba_server_configfile_arg=${samba_server_config:+--configfile="${samba_server_config}"} #"
|
||||||
|
#testparm_command="%%PREFIX%%/bin/samba-tool testparm --suppress-prompt --verbose ${samba_server_configfile_arg}"
|
||||||
|
testparm_command="%%PREFIX%%/bin/testparm --suppress-prompt --verbose ${samba_server_config}"
|
||||||
# Determine what daemons are necessary to run Samba in the current role
|
# Determine what daemons are necessary to run Samba in the current role
|
||||||
samba_server_role=$(${testparm_command} --parameter-name='server role' 2>/dev/null)
|
samba_server_role=$(${testparm_command} --parameter-name='server role' 2>/dev/null)
|
||||||
case "${samba_server_role}" in
|
case "${samba_server_role}" in
|
||||||
@ -154,38 +155,34 @@ samba_server_config_init() {
|
|||||||
samba_daemons="nmbd smbd winbindd"
|
samba_daemons="nmbd smbd winbindd"
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
# Load configuration
|
# Load daemons configuration
|
||||||
load_rc_config "${name}"
|
|
||||||
for name in ${samba_daemons}; do
|
for name in ${samba_daemons}; do
|
||||||
load_rc_config "${name}"
|
load_rc_config "${name}"
|
||||||
done
|
# If samba_server_enable is 'YES'
|
||||||
# Defaults
|
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
|
||||||
samba_server_enable=${samba_server_enable:=NO}
|
if [ "${name}" != "winbindd" ]; then
|
||||||
# Setup dependent variables
|
# Set variable to 'YES' only if it is unset
|
||||||
if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
|
eval ${name}_enable=\${${name}_enable-YES}
|
||||||
for name in ${samba_daemons}; do
|
else
|
||||||
# Winbindd
|
# Winbindd
|
||||||
if [ "${name}" = "winbindd" ]; then
|
|
||||||
samba_server_idmap=$(${testparm_command} --parameter-name='idmap uid' 2>/dev/null)
|
samba_server_idmap=$(${testparm_command} --parameter-name='idmap uid' 2>/dev/null)
|
||||||
if [ -n "${samba_server_idmap}" ]; then
|
if [ -n "${samba_server_idmap}" ]; then
|
||||||
winbindd_enable="YES"
|
winbindd_enable="YES"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
# Set variable to 'YES' only if it is unset
|
fi
|
||||||
eval ${name}_enable=\${${name}_enable-YES}
|
# If variable is empty, set it to 'NO'
|
||||||
# If variable is empty set it to 'NO'
|
eval ${name}_enable=\${${name}_enable:-NO}
|
||||||
eval ${name}_enable=\${${name}_enable:-NO}
|
done
|
||||||
done
|
# Fetch parameters from configuration file
|
||||||
fi
|
samba_server_lockdir="$(${testparm_command} --parameter-name='lock directory' 2>/dev/null)"
|
||||||
|
samba_server_lockdir=${samba_server_lockdir:=%%SAMBA4_LOCKDIR%%}
|
||||||
|
samba_server_piddir="$(${testparm_command} --parameter-name='pid directory' 2>/dev/null)"
|
||||||
|
samba_server_piddir=${samba_server_piddir:=%%SAMBA4_RUNDIR%%}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Load configuration variables
|
# Load configuration variables
|
||||||
samba_server_config_init
|
samba_server_config_init
|
||||||
# Fetch parameters from configuration file
|
|
||||||
samba_server_lockdir=$(${testparm_command} --parameter-name='lock directory' 2>/dev/null)
|
|
||||||
samba_server_lockdir=${samba_server_lockdir=%%SAMBA4_LOCKDIR%%}
|
|
||||||
samba_server_piddir=$(${testparm_command} --parameter-name='pid directory' 2>/dev/null)
|
|
||||||
samba_server_piddir=${samba_server_piddir=%%SAMBA4_RUNDIR%%}
|
|
||||||
# Common flags
|
# Common flags
|
||||||
command_args=${samba_server_configfile_arg}
|
command_args=${samba_server_configfile_arg}
|
||||||
samba_flags=${samba_flags="--daemon"}
|
samba_flags=${samba_flags="--daemon"}
|
||||||
|
Loading…
Reference in New Issue
Block a user