Add fixes for libsmbclient and support for r/o relocations

Guenther
This commit is contained in:
Guenther Deschner 2008-03-18 21:59:46 +00:00
parent f4feb7336e
commit 1738bfcc4b
3 changed files with 144 additions and 1 deletions

View File

@ -0,0 +1,70 @@
commit 38eab68dfb2d8abe8ad00f5a86fc54c778d0d303
Author: Derrell Lipman <derrell.lipman@unwireduniverse.com>
Date: Mon Mar 17 11:34:25 2008 -0400
Fix use of AuthDataWithContext capability
During my initial plans for, and the subsequent discussion of a more
significant change to the API for libsmbclient, I had removed the
AuthDataWithContext usage, in favor of a more generalized planned interface.
When the API returned to its original state, I neglected to reinsert this
code.
Use of an authentication function with the context can be tested using
examples/libsmbclient/testbrowse -C
Derrell
diff --git a/source/libsmb/libsmb_context.c b/source/libsmb/libsmb_context.c
index 3e67943..dd78bce 100644
--- a/source/libsmb/libsmb_context.c
+++ b/source/libsmb/libsmb_context.c
@@ -421,7 +421,8 @@ smbc_init_context(SMBCCTX *context)
return NULL;
}
- if (!smbc_getFunctionAuthData(context) ||
+ if ((!smbc_getFunctionAuthData(context) &&
+ !smbc_getFunctionAuthDataWithContext(context)) ||
smbc_getDebug(context) < 0 ||
smbc_getDebug(context) > 100) {
diff --git a/source/libsmb/libsmb_server.c b/source/libsmb/libsmb_server.c
index 37612c6..7af5ca3 100644
--- a/source/libsmb/libsmb_server.c
+++ b/source/libsmb/libsmb_server.c
@@ -101,15 +101,29 @@ SMBC_call_auth_fn(TALLOC_CTX *ctx,
fstring workgroup;
fstring username;
fstring password;
+ smbc_get_auth_data_with_context_fn auth_with_context_fn;
strlcpy(workgroup, *pp_workgroup, sizeof(workgroup));
strlcpy(username, *pp_username, sizeof(username));
strlcpy(password, *pp_password, sizeof(password));
- smbc_getFunctionAuthData(context)(server, share,
- workgroup, sizeof(workgroup),
- username, sizeof(username),
- password, sizeof(password));
+ /* See if there's an authentication with context function provided */
+ auth_with_context_fn = smbc_getFunctionAuthDataWithContext(context);
+ if (auth_with_context_fn)
+ {
+ (* auth_with_context_fn)(context,
+ server, share,
+ workgroup, sizeof(workgroup),
+ username, sizeof(username),
+ password, sizeof(password));
+ }
+ else
+ {
+ smbc_getFunctionAuthData(context)(server, share,
+ workgroup, sizeof(workgroup),
+ username, sizeof(username),
+ password, sizeof(password));
+ }
TALLOC_FREE(*pp_workgroup);
TALLOC_FREE(*pp_username);

View File

@ -0,0 +1,66 @@
commit c20c5f082162ff6c0c2931f456897334aa002e83
Author: Simo Sorce <idra@samba.org>
Date: Fri Mar 7 11:33:26 2008 -0500
Enable use of Relocations Read-Only, if supported, for enhanced security.
diff --git a/source/Makefile.in b/source/Makefile.in
index ac33a11..376d24c 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -43,8 +43,8 @@ CPPFLAGS=-DHAVE_CONFIG_H @CPPFLAGS@
EXEEXT=@EXEEXT@
AR=@AR@
-LDSHFLAGS=@LDSHFLAGS@ @LDFLAGS@
-LDFLAGS=@PIE_LDFLAGS@ @LDFLAGS@
+LDSHFLAGS=@LDSHFLAGS@ @RELRO_LDFLAGS@ @LDFLAGS@
+LDFLAGS=@PIE_LDFLAGS@ @RELRO_LDFLAGS@ @LDFLAGS@
WINBIND_NSS_LDSHFLAGS=@WINBIND_NSS_LDSHFLAGS@ @LDFLAGS@
AWK=@AWK@
diff --git a/source/configure.in b/source/configure.in
index 056c0f8..f884d93 100644
--- a/source/configure.in
+++ b/source/configure.in
@@ -73,6 +73,7 @@ AC_SUBST(HOST_OS)
AC_SUBST(PICFLAG)
AC_SUBST(PIE_CFLAGS)
AC_SUBST(PIE_LDFLAGS)
+AC_SUBST(RELRO_LDFLAGS)
AC_SUBST(SHLIBEXT)
AC_SUBST(INSTALLLIBCMD_SH)
AC_SUBST(INSTALLLIBCMD_A)
@@ -1513,6 +1514,32 @@ EOF
fi
fi
+# Set defaults
+RELRO_LDFLAGS=""
+AC_ARG_ENABLE(relro, [AS_HELP_STRING([--enable-relro], [Turn on Relocations Read-Only (relro) support if available (default=yes)])])
+
+if test "x$enable_relro" != xno
+then
+ AC_CACHE_CHECK([for -Wl,-z,relro], samba_cv_relro,
+ [
+ cat > conftest.c <<EOF
+int foo;
+main () { return 0;}
+EOF
+ if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -Wl,-z,relro -o conftest conftest.c 1>&AS_MESSAGE_LOG_FD])
+ then
+ samba_cv_relro=yes
+ else
+ samba_cv_relro=no
+ fi
+ rm -f conftest*
+ ])
+ if test x"${samba_cv_relro}" = x"yes"
+ then
+ RELRO_LDFLAGS="-Wl,-z,relro"
+ fi
+fi
+
# Assume non-shared by default and override below
BLDSHARED="false"

View File

@ -1,4 +1,4 @@
%define main_release 7 %define main_release 8
%define samba_version 3.2.0pre2 %define samba_version 3.2.0pre2
%define tdb_version 1.1.1 %define tdb_version 1.1.1
%define talloc_version 1.2.0 %define talloc_version 1.2.0
@ -51,6 +51,8 @@ Patch203: samba-3.2.0pre2-build_fixes.patch
Patch204: samba-3.2.0pre2-libnetapi_fix.diff Patch204: samba-3.2.0pre2-libnetapi_fix.diff
Patch205: samba-3.2.0pre2-cifs_spnego.diff Patch205: samba-3.2.0pre2-cifs_spnego.diff
Patch206: samba-3.2.0pre2-msrpc.diff Patch206: samba-3.2.0pre2-msrpc.diff
Patch207: samba-3.2.0pre2-roreloc.diff
Patch208: samba-3.2.0pre2-libsmbclient.diff
Requires(pre): samba-common = %{epoch}:%{version}-%{release} Requires(pre): samba-common = %{epoch}:%{version}-%{release}
Requires: pam >= 0:0.64 Requires: pam >= 0:0.64
@ -261,6 +263,8 @@ cp %{SOURCE11} packaging/Fedora/
%patch204 -p1 -b .libnetapi %patch204 -p1 -b .libnetapi
%patch205 -p1 -b .cifs_spnego %patch205 -p1 -b .cifs_spnego
%patch206 -p1 -b .msrpc %patch206 -p1 -b .msrpc
%patch207 -p1 -b .roreloc
%patch208 -p1 -b .libsmbclient
mv source/VERSION source/VERSION.orig mv source/VERSION source/VERSION.orig
sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{release}\"/' < source/VERSION.orig > source/VERSION sed -e 's/SAMBA_VERSION_VENDOR_SUFFIX=$/&\"%{release}\"/' < source/VERSION.orig > source/VERSION
@ -856,6 +860,9 @@ exit 0
%{_datadir}/pixmaps/samba/logo-small.png %{_datadir}/pixmaps/samba/logo-small.png
%changelog %changelog
* Tue Mar 18 2008 Guenther Deschner <gdeschner@redhat.com> - 3.2.0-1.pre2.8
- Add fixes for libsmbclient and support for r/o relocations
* Mon Mar 10 2008 Guenther Deschner <gdeschner@redhat.com> - 3.2.0-1.pre2.7 * Mon Mar 10 2008 Guenther Deschner <gdeschner@redhat.com> - 3.2.0-1.pre2.7
- Fix libnetconf, libnetapi and msrpc DSSETUP call - Fix libnetconf, libnetapi and msrpc DSSETUP call