Update to fix recently announced security vulnerability (DoS issues).

PR:		71704
Submitted by:	Timur Bakeyev <timur@gnu.org>
Approved by:	portmgr (marcus)

2 files changed, 0 insertions, 135 deletions

diff --git a/net/samba3/files/patch-jerry-homes-reuse_v2 b/net/samba3/files/patch-jerry-homes-reuse_v2
index e8d39b60b4d7..e69de29bb2d1 100644
--- a/net/samba3/files/patch-jerry-homes-reuse_v2
+++ b/net/samba3/files/patch-jerry-homes-reuse_v2
@@ -1,69 +0,0 @@
-Index: smbd/password.c
-===================================================================
---- smbd/password.c	(revision 2069)
-+++ smbd/password.c	(working copy)
-@@ -252,27 +252,30 @@
- 	}
- 
- 	/* Register a home dir service for this user iff
-+	
- 	   (a) This is not a guest connection,
- 	   (b) we have a home directory defined 
--	   If a share exists by this name (autoloaded or not) reuse it so
--	   long as the home directory is the same as the share directory. */
-+	   (c) there s not an existing static share by that name
-+	   
-+	   If a share exists by this name (autoloaded or not) reuse it . */
- 
--	if ( (!vuser->guest) && vuser->unix_homedir && *(vuser->unix_homedir)) {
-+	vuser->homes_snum = -1;
-+
-+	if ( (!vuser->guest) && vuser->unix_homedir && *(vuser->unix_homedir)) 
-+	{
- 		int servicenumber = lp_servicenumber(vuser->user.unix_name);
-+
- 		if ( servicenumber == -1 ) {
- 			DEBUG(3, ("Adding homes service for user '%s' using home directory: '%s'\n", 
- 				vuser->user.unix_name, vuser->unix_homedir));
- 			vuser->homes_snum = add_home_service(vuser->user.unix_name, 
- 						vuser->user.unix_name, vuser->unix_homedir);
--		} else if (strcmp(lp_pathname(servicenumber),vuser->unix_homedir) == 0) {
--			DEBUG(3, ("Reusing homes service for user '%s' using home directory: '%s'\n", 
--				vuser->user.unix_name, vuser->unix_homedir));
--
-+		} else {
-+			DEBUG(3, ("Using static (or previously created) service for user '%s'; path = '%s'\n", 
-+				vuser->user.unix_name, lp_pathname(servicenumber) ));
- 			vuser->homes_snum = servicenumber;
- 		}
--	} else {
--		vuser->homes_snum = -1;
--	}
-+	} 
- 	
- 	if (srv_is_signing_negotiated() && !vuser->guest && !srv_signing_started()) {
- 		/* Try and turn on server signing on the first non-guest sessionsetup. */
-Index: param/loadparm.c
-===================================================================
---- param/loadparm.c	(revision 2069)
-+++ param/loadparm.c	(working copy)
-@@ -2305,6 +2305,10 @@
- 	copy_service(ServicePtrs[i], &tservice, NULL);
- 	if (name)
- 		string_set(&ServicePtrs[i]->szService, name);
-+		
-+	DEBUG(8,("add_a_service: Creating snum = %d for %s\n", 
-+		i, ServicePtrs[i]->szService));
-+		
- 	return (i);
- }
- 
-@@ -2344,7 +2348,7 @@
- 	ServicePtrs[i]->autoloaded = True;
- 
- 	DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename, 
--	       user, newHomedir));
-+	       user, ServicePtrs[i]->szPath ));
- 	
- 	return (True);
- }
diff --git a/net/samba3/files/patch-jerry-winbind_getpwnam_v1 b/net/samba3/files/patch-jerry-winbind_getpwnam_v1
index 484c9e775d36..e69de29bb2d1 100644
--- a/net/samba3/files/patch-jerry-winbind_getpwnam_v1
+++ b/net/samba3/files/patch-jerry-winbind_getpwnam_v1
@@ -1,66 +0,0 @@
-Index: libsmb/samlogon_cache.c
-===================================================================
---- libsmb/samlogon_cache.c	(revision 2082)
-+++ libsmb/samlogon_cache.c	(working copy)
-@@ -106,9 +106,10 @@
- 
- /***********************************************************************
-  Store a NET_USER_INFO_3 structure in a tdb for later user 
-+ username should be in UTF-8 format
- ***********************************************************************/
- 
--BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
-+BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, const char * username, NET_USER_INFO_3 *user)
- {
- 	TDB_DATA 	data;
-         fstring 	keystr;
-@@ -130,6 +131,14 @@
- 	slprintf(keystr, sizeof(keystr), "%s", sid_string_static(&user_sid));
- 
- 	DEBUG(10,("netsamlogon_cache_store: SID [%s]\n", keystr));
-+	
-+	/* only Samba fills in the username, not sure why NT doesn't */
-+	/* so we fill it in since winbindd_getpwnam() makes use of it */
-+	
-+	if ( !user->uni_user_name.buffer ) {
-+		init_unistr2( &user->uni_user_name, username, STR_TERMINATE );
-+		init_uni_hdr( &user->hdr_user_name, &user->uni_user_name );
-+	}
- 		
- 	/* Prepare data */
- 	
-Index: nsswitch/winbindd_pam.c
-===================================================================
---- nsswitch/winbindd_pam.c	(revision 2082)
-+++ nsswitch/winbindd_pam.c	(working copy)
-@@ -283,7 +283,7 @@
- 	}
- 	
- 	if (NT_STATUS_IS_OK(result)) {
--		netsamlogon_cache_store( cli->mem_ctx, &info3 );
-+		netsamlogon_cache_store( cli->mem_ctx, name_user, &info3 );
- 		wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
- 
- 		/* Check if the user is in the right group */
-@@ -538,7 +538,7 @@
- 	}
- 
- 	if (NT_STATUS_IS_OK(result)) {
--		netsamlogon_cache_store( cli->mem_ctx, &info3 );
-+		netsamlogon_cache_store( cli->mem_ctx, name_user, &info3 );
- 		wcache_invalidate_samlogon(find_domain_from_name(name_domain), &info3);
- 		
- 		if (!NT_STATUS_IS_OK(result = check_info3_in_group(mem_ctx, &info3, state->request.data.auth_crap.required_membership_sid))) {
-Index: auth/auth_domain.c
-===================================================================
---- auth/auth_domain.c	(revision 2082)
-+++ auth/auth_domain.c	(working copy)
-@@ -205,7 +205,7 @@
- 	} else {
- 		nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str, 
- 						   user_info->smb_name.str, domain, server_info, &info3);
--		netsamlogon_cache_store( mem_ctx, &info3 );
-+		netsamlogon_cache_store( mem_ctx, user_info->smb_name.str, &info3 );
- 	}
- 
- #if 0