Bump port version to 3.4.14, closing security issues CVE-2011-0719,

CVE-2011-2522 and CVE-2011-2694 Security: CVE-2011-0719 Security: CVE-2011-2522 Security: CVE-2011-2694
svn path=/head/; revision=278511
2011-07-29 01:51:39 +00:00 · 2011-07-29 01:51:39 +00:00 · dfdf9a6052 · 2021-03-31 03:12:20 +00:00
commit dfdf9a6052
parent 03280f5b5d
4 changed files with 219 additions and 167 deletions
--- a/net/samba34/Makefile
+++ b/net/samba34/Makefile
@ -6,8 +6,8 @@
 #

 PORTNAME=		samba34
-PORTVERSION=		3.4.9
-PORTREVISION?=	2
+PORTVERSION=		3.4.14
+PORTREVISION?=		0
 CATEGORIES?=		net
 MASTER_SITES=		${MASTER_SITE_SAMBA}
 MASTER_SITE_SUBDIR=	. old-versions rc pre
@ -16,7 +16,7 @@ DISTNAME=		${PORTNAME:S|34$||}-${PORTVERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|al
 MAINTAINER?=		timur@FreeBSD.org
 COMMENT?=		A free SMB and CIFS client and server for UNIX

-CONFLICTS?=		ja-samba-[235].* samba-[235].* sharity-light-1.* tdb-1.*
+CONFLICTS?=		samba3[2356]-3.*
 # Additional patches from Sernet.de
 PATCH_STRIP=		-p1
 EXTRA_PATCHES=		${PATCHDIR}/sernet.patch
@ -136,7 +136,7 @@ CONFIGURE_ARGS+=	--with-pam --with-readline=/usr \
 			--without-libsmbclient \
 			--without-libaddns \
 			--without-libnetapi \
-			--without-libsmbsharemodes
+			--without-libsmbsharemodes --disable-pie

 .if !defined(WITHOUT_LDAP)
 SAMBA_WANT_LDAP=	yes
--- a/net/samba34/distinfo
+++ b/net/samba34/distinfo
@ -1,2 +1,2 @@
-SHA256 (samba-3.4.9.tar.gz) = 593952940f6c460a8486906aff55c56c8168c0f74d2d016bb55d080259048b8e
-SIZE (samba-3.4.9.tar.gz) = 34850281
+SHA256 (samba-3.4.14.tar.gz) = 0c44883213859c7e45c89471194f8cab04917b1610213df5df0986913b1b99be
+SIZE (samba-3.4.14.tar.gz) = 34803817
--- a/net/samba34/files/samba.in
+++ b/net/samba34/files/samba.in
@ -28,8 +28,43 @@

 name="samba"
 rcvar=$(set_rcvar)
-
+set_rcvar ${rcvar} "NO" "Samba service" > /dev/null
+# Defaults
+eval ${rcvar}=\${${rcvar}:=NO}
+samba_config_default="%%SAMBA_CONFDIR%%/%%SAMBA_CONFIG%%"
+samba_config=${samba_config="${samba_config_default}"}
+command_args=${samba_config:+-s "${samba_config}"}
+# Fetch parameters from configuration file
+testparm_command="%%PREFIX%%/bin/testparm"
+smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
+samba_parm="${testparm_command} -s -v --parameter-name"
+samba_idmap=$(${samba_parm} 'idmap uid' "${samba_config}" 2>/dev/null)
+samba_lockdir=$(${samba_parm} 'lock directory' "${samba_config}" 2>/dev/null)
+# Load configuration
 load_rc_config "${name}"
+# Setup dependent variables
+if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
+    nmbd_enable=${nmbd_enable=YES}
+    smbd_enable=${smbd_enable=YES}
+%%WINBIND%%    # Check that winbindd is actually configured
+%%WINBIND%%    if [ -n "${samba_idmap}" ]; then
+%%WINBIND%%	winbindd_enable=${winbindd_enable=YES}
+%%WINBIND%%    fi
+fi
+# XXX: Hack to enable check of the dependent variables
+eval real_${rcvar}="\${${rcvar}:=NO}"	${rcvar}=YES
+# nmbd
+nmbd_enable=${nmbd_enable:=NO}
+nmbd_flags=${nmbd_flags="-D"}
+set_rcvar nmbd_enable "NO" "nmb daemon" >/dev/null
+# smbd
+smbd_enable=${smbd_enable:=NO}
+smbd_flags=${smbd_flags="-D"}
+set_rcvar smbd_enable "NO" "smb daemon" >/dev/null
+%%WINBIND%%# winbindd
+%%WINBIND%%winbindd_enable=${winbindd_enable:=NO}
+%%WINBIND%%winbindd_flags=${winbindd_flags=''}
+%%WINBIND%%set_rcvar winbindd_enable "NO" "winbind daemon" >/dev/null
 # Custom commands
 extra_commands="reload status"
 start_precmd="samba_start_precmd"
@ -40,40 +75,13 @@ restart_precmd="samba_checkconfig"
 reload_precmd="samba_checkconfig"
 reload_cmd="samba_reload_cmd"
 rcvar_cmd="samba_rcvar_cmd"
-# Defaults
-samba_enable=${samba_enable:=NO}
-samba_config_default="%%SAMBA_CONFDIR%%/%%SAMBA_CONFIG%%"
-samba_config=${samba_config="${samba_config_default}"}
-command_args=${samba_config:+-s "${samba_config}"}
-testparm_command="%%PREFIX%%/bin/testparm"
-smbcontrol_command="%%PREFIX%%/bin/smbcontrol"
-# Fetch parameters from configuration file
-samba_parm="${testparm_command} -s -v --parameter-name"
-%%WINBIND%%samba_idmap=$(${samba_parm} 'idmap uid' "${samba_config}" 2>/dev/null)
-samba_lockdir=$(${samba_parm} 'lock directory' "${samba_config}" 2>/dev/null)
-# Setup dependent variables
-if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
-    nmbd_enable=${nmbd_enable=YES}
-    smbd_enable=${smbd_enable=YES}
-%%WINBIND%%    # Check that winbindd is actually configured
-%%WINBIND%%    if [ -n "${samba_idmap}" ]; then
-%%WINBIND%%	winbindd_enable=${winbindd_enable=YES}
-%%WINBIND%%    fi
-fi
-# Defaults for dependent variables
-nmbd_enable=${nmbd_enable:=NO}
-nmbd_flags=${nmbd_flags="-D"}
-smbd_enable=${smbd_enable:=NO}
-smbd_flags=${smbd_flags="-D"}
-%%WINBIND%%winbindd_enable=${winbindd_enable:=NO}
-%%WINBIND%%winbindd_flags=${winbindd_flags=''}
+#
 samba_daemons="nmbd smbd"
 %%WINBIND%%samba_daemons="${samba_daemons} winbindd"
-# Hack to enable check of dependent variables
-eval real_${rcvar}="\${${rcvar}:=NO}"	${rcvar}=YES
 # Requirements
 required_files="${samba_config}"
 required_dirs="${samba_lockdir}"
+
 samba_checkconfig() {
    echo -n "Performing sanity check on Samba configuration: "
    if ${testparm_command} -s ${samba_config:+"${samba_config}"} >/dev/null 2>&1; then
@ -82,6 +90,7 @@ samba_checkconfig() {
 	echo "FAILED"
 	return 1
    fi
+    return 0
 }

 samba_start_precmd() {
@ -99,20 +108,13 @@ samba_start_precmd() {
 }

 samba_rcvar_cmd() {
+    local rcvar
+    rcvar=$(set_rcvar ${name})
+    eval ${rcvar}=\${real_${rcvar}}
    # Prevent recursive calling
    unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
    # Check master variable
-    echo "# ${name}"
-    if [ -n "${rcvar}" ]; then
-	# Use original configured value
-	if checkyesno "real_${rcvar}"; then
-	    echo "\$${rcvar}=YES"
-	else
-	    echo "\$${rcvar}=NO"
-	fi
-    fi
-    # Check dependent variables
-    samba_cmd "${_rc_prefix}${rc_arg}" ${rc_extra_args}
+    run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args}
 }

 samba_reload_cmd() {
@ -121,7 +123,7 @@ samba_reload_cmd() {
    unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
    # Apply to all daemons
    for name in ${samba_daemons}; do
-    	rcvar=$(set_rcvar)
+    	rcvar=$(set_rcvar ${name})
 	command="%%PREFIX%%/sbin/${name}"
 	pidfile="%%SAMBA_RUNDIR%%/${name}${pid_extra}.pid"
 	# Daemon should be enabled and running
@ -137,30 +139,30 @@ samba_reload_cmd() {
 }

 samba_cmd() {
-    local name rcvar command pidfile samba_daemons result _result
+    local name rcvar rcvars v command pidfile samba_daemons result
    # Prevent recursive calling
    unset "${rc_arg}_cmd" "${rc_arg}_precmd" "${rc_arg}_postcmd"
-    # Stop processes in the reverse to order
+    # Stop processes in the reverse order
    if [ "${rc_arg}" = "stop" ] ; then
 	samba_daemons=$(reverse_list ${samba_daemons})
    fi
-    # Apply to all daemons
+    # Assume success
    result=0
+    # Apply to all daemons
    for name in ${samba_daemons}; do
-	rcvar=$(set_rcvar)
+	rcvar=$(set_rcvar ${name})
+	# XXX
+	rcvars=''; v=''
 	command="%%PREFIX%%/sbin/${name}"
 	pidfile="%%SAMBA_RUNDIR%%/${name}${pid_extra}.pid"
 	# Daemon should be enabled and running
 	if [ -n "${rcvar}" ] && checkyesno "${rcvar}"; then
 	    run_rc_command "${_rc_prefix}${rc_arg}" ${rc_extra_args}
-	    # Collect return values
-	    _result=$?
-	    if [ ${_result} != 0 ]; then
-		result=${_result}
-	    fi
+	    # If any of the of the commands failed, take it as a total result
+	    result=$((${result} || $?))
 	fi
    done
-    return $result
+    return ${result}
 }

 run_rc_command "$1"
--- a/net/samba34/files/sernet.patch
+++ b/net/samba34/files/sernet.patch
@ -1,8 +1,8 @@
 samba-3.4-check-bad-password-count.patch
 samba-3.4-net-trustdom-list-tidyup.patch
 samba3-3.4-honor-all-loopback-ips.patch
+samba3-3.4.12-nmbd-bind-explicit.patch
 samba3-3.4.4-fix-account-unlock.patch
-samba3-3.4.6-nmbd-bind-explicit.patch

 source3/auth/auth_sam.c      |  159 +++++++++++++++++++++++++++++++++---------
 source3/include/proto.h      |    3 +
@ -625,83 +625,7 @@ index 0ce495e..0511a28 100644
 }
 
 /**
-From 179e63ae9aa93984ea3d237c1039460c5acf01a5 Mon Sep 17 00:00:00 2001
-From: Michael Adam <obnox@samba.org>
-Date: Thu, 14 Jan 2010 14:24:35 +0100
-Subject: [PATCH] s3:auth: fix account unlock regression introduced with fix for bug #4347
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf-8
-Content-Transfer-Encoding: 8bit
-
-By an oversight, the patchset for #4347 made the unlocking of a locked
-account after the lockout duration ineffective.
-Thanks to Björn for finding this!
-
-Michael
---
- source3/auth/auth_sam.c |   12 +++++-------
- 1 files changed, 5 insertions(+), 7 deletions(-)
-
-diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
-index 1dd8fc9..01b2517 100644
--- a/source3/auth/auth_sam.c
-+++ b/source3/auth/auth_sam.c
-@@ -369,7 +369,6 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
- 	DATA_BLOB user_sess_key = data_blob_null;
- 	DATA_BLOB lm_sess_key = data_blob_null;
- 	bool updated_autolock = False, updated_badpw = False;
-	uint32_t acct_ctrl;
- 	const char *username;
- 	const uint8_t *nt_pw;
- 	const uint8_t *lm_pw;
-@@ -399,22 +398,21 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
- 		return NT_STATUS_NO_SUCH_USER;
- 	}
- 
-	acct_ctrl = pdb_get_acct_ctrl(sampass);
- 	username = pdb_get_username(sampass);
- 	nt_pw = pdb_get_nt_passwd(sampass);
- 	lm_pw = pdb_get_lanman_passwd(sampass);
- 
- 	/* see if autolock flag needs to be updated */
-	if (acct_ctrl & ACB_NORMAL)
-+	if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL)
- 		pdb_update_autolock_flag(sampass, &updated_autolock);
- 	/* Quit if the account was locked out. */
-	if (acct_ctrl & ACB_AUTOLOCK) {
-+	if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
- 		DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username));
- 		return NT_STATUS_ACCOUNT_LOCKED_OUT;
- 	}
- 
- 	nt_status = sam_password_ok(auth_context, mem_ctx,
-				    username, acct_ctrl, lm_pw, nt_pw,
-+				    username, pdb_get_acct_ctrl(sampass), lm_pw, nt_pw,
- 				    user_info, &user_sess_key, &lm_sess_key);
- 
- 	/* Notify passdb backend of login success/failure. If not 
-@@ -426,7 +424,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
- 		bool increment_bad_pw_count = false;
- 
- 		if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && 
-		    acct_ctrl & ACB_NORMAL &&
-+		    pdb_get_acct_ctrl(sampass) & ACB_NORMAL &&
- 		    NT_STATUS_IS_OK(update_login_attempts_status)) 
- 		{
- 			increment_bad_pw_count =
-@@ -457,7 +455,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
- 		goto done;
- 	}
- 
-	if ((acct_ctrl & ACB_NORMAL) &&
-+	if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) &&
- 	    (pdb_get_bad_password_count(sampass) > 0)){
- 		pdb_set_bad_password_count(sampass, 0, PDB_CHANGED);
- 		pdb_set_bad_password_time(sampass, 0, PDB_CHANGED);
-- 
-1.6.3.3
-
-From 2ad43c8c290ebb070d793fc24925f7c1ceb8a438 Mon Sep 17 00:00:00 2001
+From 104c65054cb5e4c4b78f7e75a21a078d68d12bb8 Mon Sep 17 00:00:00 2001
 From: Stefan Metzmacher <metze@samba.org>
 Date: Thu, 28 Jan 2010 11:04:05 +0100
 Subject: [PATCH 1/4] s3:nmbd: also listen explicit on the subnet broadcast addresses
@ -718,9 +642,9 @@ metze
 source3/libsmb/namequery.c   |    6 +-
 source3/libsmb/nmblib.c      |    9 ++-
 source3/nmbd/nmbd.c          |    5 +-
- source3/nmbd/nmbd_packets.c  |  189 ++++++++++++++++++++++++++++--------------
- source3/nmbd/nmbd_subnetdb.c |  123 ++++++++++++++++++----------
- 6 files changed, 222 insertions(+), 115 deletions(-)
+ source3/nmbd/nmbd_packets.c  |  197 ++++++++++++++++++++++++++++--------------
+ source3/nmbd/nmbd_subnetdb.c |  123 +++++++++++++++++---------
+ 6 files changed, 230 insertions(+), 115 deletions(-)

 diff --git a/source3/include/nameserv.h b/source3/include/nameserv.h
 index 496d87e..53ffd6f 100644
@ -771,7 +695,7 @@ index 50fb9f1..8f8d891 100644
 	p.packet_type = NMB_PACKET;
 
 diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c
-index 5f3eda4..1a21066 100644
+index 8230c5a..f7bcf8f 100644
 --- a/source3/libsmb/nmblib.c
 +++ b/source3/libsmb/nmblib.c
@@ -601,6 +601,8 @@ static struct packet_struct *copy_nmb_packet(struct packet_struct *packet)
@ -812,7 +736,7 @@ index 5f3eda4..1a21066 100644
 
 /****************************************************************************
 diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c
-index f31e7b1..418771a 100644
+index eefe27a..07a4b02 100644
 --- a/source3/nmbd/nmbd.c
 +++ b/source3/nmbd/nmbd.c
@@ -441,13 +441,14 @@ static void msg_nmbd_send_packet(struct messaging_context *msg,
@ -833,7 +757,7 @@ index f31e7b1..418771a 100644
 			break;
 		}
 diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c
-index f69845b..51f4e32 100644
+index 1c570ea..402282c 100644
 --- a/source3/nmbd/nmbd_packets.c
 +++ b/source3/nmbd/nmbd_packets.c
@@ -207,7 +207,8 @@ static struct packet_struct *create_and_init_netbios_packet(struct nmb_name *nmb
@ -881,7 +805,7 @@ index f69845b..51f4e32 100644
 	packet.timestamp = time(NULL);
 
 	debug_nmb_packet(&packet);
-@@ -1679,50 +1686,74 @@ static bool create_listen_fdset(fd_set **ppset, int **psock_array, int *listen_n
+@@ -1679,26 +1686,32 @@ static bool create_listen_fdset(fd_set **ppset, int **psock_array, int *listen_n
 		return True;
 	}
 
@ -892,11 +816,11 @@ index f69845b..51f4e32 100644
 	for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec))
 		count++;
 
-	if((count*2) + 2 > FD_SETSIZE) {
+-	if((count*2) + 2 >= FD_SETSIZE) {
 +	/* each interface gets 4 sockets */
 +	count *= 4;
 +
-+	if(count > FD_SETSIZE) {
+	if(count >= FD_SETSIZE) {
 		DEBUG(0,("create_listen_fdset: Too many file descriptors needed (%d). We can \
 -only use %d.\n", (count*2) + 2, FD_SETSIZE));
 +only use %d.\n", count, FD_SETSIZE));
@ -916,7 +840,10 @@ index f69845b..51f4e32 100644
 
 -	/* Add in the broadcast socket on 137. */
 +	/* Add in the lp_socket_address() interface on 137. */
- 	FD_SET(ClientNMB,pset);
+ 	if (ClientNMB < 0 || ClientNMB >= FD_SETSIZE) {
+ 		errno = EBADF;
+ 		SAFE_FREE(pset);
+@@ -1709,6 +1722,9 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE));
 	sock_array[num++] = ClientNMB;
 	*maxfd = MAX( *maxfd, ClientNMB);
 
@ -925,12 +852,18 @@ index f69845b..51f4e32 100644
 +
 	/* Add in the 137 sockets on all the interfaces. */
 	for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) {
+ 		if (subrec->nmb_sock < 0 || subrec->nmb_sock >= FD_SETSIZE) {
+@@ -1718,9 +1734,19 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE));
 		FD_SET(subrec->nmb_sock,pset);
 		sock_array[num++] = subrec->nmb_sock;
 		*maxfd = MAX( *maxfd, subrec->nmb_sock);
 +
 +		sock_array[num++] = subrec->nmb_bcast;
 +		if (subrec->nmb_bcast != -1) {
+			if (subrec->nmb_bcast < 0 || subrec->nmb_bcast >= FD_SETSIZE) {
+				/* We have to ignore sockets outside FD_SETSIZE. */
+				continue;
+			}
 +			FD_SET(subrec->nmb_bcast,pset);
 +			*maxfd = MAX( *maxfd, subrec->nmb_bcast);
 +		}
@ -938,7 +871,10 @@ index f69845b..51f4e32 100644
 
 -	/* Add in the broadcast socket on 138. */
 +	/* Add in the lp_socket_address() interface on 138. */
- 	FD_SET(ClientDGRAM,pset);
+ 	if (ClientDGRAM < 0 || ClientDGRAM >= FD_SETSIZE) {
+ 		errno = EBADF;
+ 		SAFE_FREE(pset);
+@@ -1731,6 +1757,9 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE));
 	sock_array[num++] = ClientDGRAM;
 	*maxfd = MAX( *maxfd, ClientDGRAM);
 
@ -947,12 +883,18 @@ index f69845b..51f4e32 100644
 +
 	/* Add in the 138 sockets on all the interfaces. */
 	for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) {
+ 		if (subrec->dgram_sock < 0 || subrec->dgram_sock >= FD_SETSIZE) {
+@@ -1740,9 +1769,19 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE));
 		FD_SET(subrec->dgram_sock,pset);
 		sock_array[num++] = subrec->dgram_sock;
 		*maxfd = MAX( *maxfd, subrec->dgram_sock);
 +
 +		sock_array[num++] = subrec->dgram_bcast;
 +		if (subrec->dgram_bcast != -1) {
+			if (subrec->dgram_bcast < 0 || subrec->dgram_bcast >= FD_SETSIZE) {
+				/* We have to ignore sockets outside FD_SETSIZE. */
+				continue;
+			}
 +			FD_SET(subrec->dgram_bcast,pset);
 +			*maxfd = MAX( *maxfd, subrec->dgram_bcast);
 +		}
@ -963,7 +905,7 @@ index f69845b..51f4e32 100644
 
 	SAFE_FREE(*ppset);
 	SAFE_FREE(*psock_array);
-@@ -1811,61 +1842,90 @@ bool listen_for_packets(bool run_election)
+@@ -1831,61 +1870,90 @@ bool listen_for_packets(bool run_election)
 #endif
 
 	for(i = 0; i < listen_number; i++) {
@ -1071,16 +1013,16 @@ index f69845b..51f4e32 100644
 +					inet_ntoa(packet->ip),packet->port));
 +				free_packet(packet);
 +				continue;
- 			}
-		} /* end processing 138 socket. */
-	} /* end for */
+			}
 +
 +			if (packet->packet.nmb.header.nm_flags.bcast) {
 +				DEBUG(7,("discarding own nmb bcast packet from %s:%d\n",
 +					inet_ntoa(packet->ip),packet->port));
 +				free_packet(packet);
 +				continue;
-+			}
+ 			}
+-		} /* end processing 138 socket. */
+-	} /* end for */
 +		}
 +
 +		/*
@ -1106,7 +1048,7 @@ index f69845b..51f4e32 100644
 	return False;
 }
 
-@@ -1944,7 +2004,8 @@ bool send_mailslot(bool unique, const char *mailslot,char *buf, size_t len,
+@@ -1964,7 +2032,8 @@ bool send_mailslot(bool unique, const char *mailslot,char *buf, size_t len,
 
 	p.ip = dest_ip;
 	p.port = dest_port;
@ -1290,10 +1232,10 @@ index 13bc931..96d7b32 100644
 
 /****************************************************************************
 -- 
-1.6.3.3
+1.7.0.4


-From df62c7c73e1a30a7db1257df44bbb50471d782c8 Mon Sep 17 00:00:00 2001
+From 67f12b0e16d6e97e5b942d2293c3e063ed1a520a Mon Sep 17 00:00:00 2001
 From: Stefan Metzmacher <metze@samba.org>
 Date: Mon, 8 Feb 2010 12:51:29 +0100
 Subject: [PATCH 2/4] s3:nmbd: change "nmbd:bind explicit broadcast" into "nmbd bind explicit broadcast"
@ -1307,10 +1249,10 @@ metze
 3 files changed, 13 insertions(+), 1 deletions(-)

 diff --git a/source3/include/proto.h b/source3/include/proto.h
-index d2ae62c..82c55d0 100644
+index 7c2893b..26b0643 100644
 --- a/source3/include/proto.h
 +++ b/source3/include/proto.h
-@@ -3934,6 +3934,7 @@ const char *lp_logon_drive(void);
+@@ -3939,6 +3939,7 @@ const char *lp_logon_drive(void);
 const char *lp_logon_home(void);
 char *lp_remote_announce(void);
 char *lp_remote_browse_sync(void);
@ -1332,7 +1274,7 @@ index 96d7b32..703e229 100644
 	/* Check if we are creating a non broadcast subnet - if so don't create
 		sockets.  */
 diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
-index 6e5e0b2..5e4f2f6 100644
+index 2ba2dd3..87df0d4 100644
 --- a/source3/param/loadparm.c
 +++ b/source3/param/loadparm.c
@@ -157,6 +157,7 @@ struct global {
@ -1368,10 +1310,10 @@ index 6e5e0b2..5e4f2f6 100644
 FN_GLOBAL_LIST(lp_interfaces, &Globals.szInterfaces)
 FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName)
 -- 
-1.6.3.3
+1.7.0.4


-From 4b52a598f0eb179183b66a05707a3d7e3eaf50a6 Mon Sep 17 00:00:00 2001
+From c7cbb3f8a06cf98abbbcaaad5806b101aea5b2a0 Mon Sep 17 00:00:00 2001
 From: Stefan Metzmacher <metze@samba.org>
 Date: Mon, 8 Feb 2010 12:59:13 +0100
 Subject: [PATCH 3/4] s3:docs-xml: document "nmbd bind explicit broadcast"
@ -1406,10 +1348,10 @@ index 0000000..f328594
 +<value type="default">no</value>
 +</samba:parameter>
 -- 
-1.6.3.3
+1.7.0.4


-From fa11a65188c2973ebba441d7b4f528831bfe3882 Mon Sep 17 00:00:00 2001
+From 49b0020da61243090848136c1fb03fdd819655d0 Mon Sep 17 00:00:00 2001
 From: Jeremy Allison <jra@samba.org>
 Date: Wed, 10 Feb 2010 12:32:05 -0800
 Subject: [PATCH 4/4] More of the fix for bug #7118 - nmbd problems with socket address.
@ -1438,10 +1380,10 @@ Jeremy.
 1 files changed, 89 insertions(+), 0 deletions(-)

 diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c
-index 51f4e32..6c4b96a 100644
+index 402282c..567a9df 100644
 --- a/source3/nmbd/nmbd_packets.c
 +++ b/source3/nmbd/nmbd_packets.c
-@@ -1765,6 +1765,83 @@ only use %d.\n", count, FD_SETSIZE));
+@@ -1793,6 +1793,83 @@ only use %d.\n", count, FD_SETSIZE));
 }
 
 /****************************************************************************
@ -1525,7 +1467,7 @@ index 51f4e32..6c4b96a 100644
   Listens for NMB or DGRAM packets, and queues them.
   return True if the socket is dead
 ***************************************************************************/
-@@ -1784,6 +1861,7 @@ bool listen_for_packets(bool run_election)
+@@ -1812,6 +1889,7 @@ bool listen_for_packets(bool run_election)
 #ifndef SYNC_DNS
 	int dns_fd;
 #endif
@ -1533,7 +1475,7 @@ index 51f4e32..6c4b96a 100644
 
 	if(listen_set == NULL || rescan_listen_set) {
 		if(create_listen_fdset(&listen_set, &sock_array, &listen_number, &maxfd)) {
-@@ -1906,6 +1984,16 @@ bool listen_for_packets(bool run_election)
+@@ -1934,6 +2012,16 @@ bool listen_for_packets(bool run_election)
 			}
 		}
 
@ -1550,7 +1492,7 @@ index 51f4e32..6c4b96a 100644
 		/*
 		 * 0,2,4,... are unicast sockets
 		 * 1,3,5,... are broadcast sockets
-@@ -1926,6 +2014,7 @@ bool listen_for_packets(bool run_election)
+@@ -1954,6 +2042,7 @@ bool listen_for_packets(bool run_election)
 		queue_packet(packet);
 	}
 
@ -1559,5 +1501,113 @@ index 51f4e32..6c4b96a 100644
 }
 
 -- 
+1.7.0.4
+
+From 179e63ae9aa93984ea3d237c1039460c5acf01a5 Mon Sep 17 00:00:00 2001
+From: Michael Adam <obnox@samba.org>
+Date: Thu, 14 Jan 2010 14:24:35 +0100
+Subject: [PATCH] s3:auth: fix account unlock regression introduced with fix for bug #4347
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+
+By an oversight, the patchset for #4347 made the unlocking of a locked
+account after the lockout duration ineffective.
+Thanks to Björn for finding this!
+
+Michael
+---
+ source3/auth/auth_sam.c |   12 +++++-------
+ 1 files changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
+index 1dd8fc9..01b2517 100644
+--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
+@@ -369,7 +369,6 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
+ 	DATA_BLOB user_sess_key = data_blob_null;
+ 	DATA_BLOB lm_sess_key = data_blob_null;
+ 	bool updated_autolock = False, updated_badpw = False;
+-	uint32_t acct_ctrl;
+ 	const char *username;
+ 	const uint8_t *nt_pw;
+ 	const uint8_t *lm_pw;
+@@ -399,22 +398,21 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
+ 		return NT_STATUS_NO_SUCH_USER;
+ 	}
+ 
+-	acct_ctrl = pdb_get_acct_ctrl(sampass);
+ 	username = pdb_get_username(sampass);
+ 	nt_pw = pdb_get_nt_passwd(sampass);
+ 	lm_pw = pdb_get_lanman_passwd(sampass);
+ 
+ 	/* see if autolock flag needs to be updated */
+-	if (acct_ctrl & ACB_NORMAL)
+	if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL)
+ 		pdb_update_autolock_flag(sampass, &updated_autolock);
+ 	/* Quit if the account was locked out. */
+-	if (acct_ctrl & ACB_AUTOLOCK) {
+	if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
+ 		DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username));
+ 		return NT_STATUS_ACCOUNT_LOCKED_OUT;
+ 	}
+ 
+ 	nt_status = sam_password_ok(auth_context, mem_ctx,
+-				    username, acct_ctrl, lm_pw, nt_pw,
+				    username, pdb_get_acct_ctrl(sampass), lm_pw, nt_pw,
+ 				    user_info, &user_sess_key, &lm_sess_key);
+ 
+ 	/* Notify passdb backend of login success/failure. If not 
+@@ -426,7 +424,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
+ 		bool increment_bad_pw_count = false;
+ 
+ 		if (NT_STATUS_EQUAL(nt_status,NT_STATUS_WRONG_PASSWORD) && 
+-		    acct_ctrl & ACB_NORMAL &&
+		    pdb_get_acct_ctrl(sampass) & ACB_NORMAL &&
+ 		    NT_STATUS_IS_OK(update_login_attempts_status)) 
+ 		{
+ 			increment_bad_pw_count =
+@@ -457,7 +455,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
+ 		goto done;
+ 	}
+ 
+-	if ((acct_ctrl & ACB_NORMAL) &&
+	if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) &&
+ 	    (pdb_get_bad_password_count(sampass) > 0)){
+ 		pdb_set_bad_password_count(sampass, 0, PDB_CHANGED);
+ 		pdb_set_bad_password_time(sampass, 0, PDB_CHANGED);
+-- 
 1.6.3.3

+From b2ec4bffca5d033a172c572ecf0605e84af68315 Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Thu, 30 Jun 2011 09:56:06 +0200
+Subject: [PATCH] s3:nmbd_packets: return the used number of sockets in create_listen_fdset() (bug #8276)
+
+Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open)
+(commit feb3fcd0fa4bda0967b881315595d7702f4d1752) changed the bahavior,
+so that we skipped some sockets.
+
+This should work for v3-4-test.
+
+metze
+---
+ source3/nmbd/nmbd_packets.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c
+index 1c570ea..855f6af 100644
+--- a/source3/nmbd/nmbd_packets.c
+++ b/source3/nmbd/nmbd_packets.c
+@@ -1742,7 +1742,7 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE));
+ 		*maxfd = MAX( *maxfd, subrec->dgram_sock);
+ 	}
+ 
+-	*listen_number = count;
+	*listen_number = num;
+ 
+ 	SAFE_FREE(*ppset);
+ 	SAFE_FREE(*psock_array);
+-- 
+1.7.4.1
+