move from unstable: samba

This commit is contained in:
Leonid Pliushch 2021-10-08 18:55:57 +03:00
parent fef698d399
commit db7521b773
No known key found for this signature in database
GPG Key ID: 45F2964132545795
11 changed files with 2089 additions and 0 deletions

View File

@ -0,0 +1,399 @@
diff -uNr samba-4.14.4/auth/credentials/credentials_krb5.c samba-4.14.4.mod/auth/credentials/credentials_krb5.c
--- samba-4.14.4/auth/credentials/credentials_krb5.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/auth/credentials/credentials_krb5.c 2021-05-06 11:30:43.338213898 +0000
@@ -625,7 +625,7 @@
must_free_cc_name = true;
if (lpcfg_parm_bool(lp_ctx, NULL, "credentials", "krb5_cc_file", false)) {
- ccache_name = talloc_asprintf(ccc, "FILE:/tmp/krb5_cc_samba_%u_%p",
+ ccache_name = talloc_asprintf(ccc, "FILE:@TERMUX_PREFIX@/tmp/krb5_cc_samba_%u_%p",
(unsigned int)getpid(), ccc);
} else {
ccache_name = talloc_asprintf(ccc, "MEMORY:%p",
diff -uNr samba-4.14.4/ctdb/tests/src/porting_tests.c samba-4.14.4.mod/ctdb/tests/src/porting_tests.c
--- samba-4.14.4/ctdb/tests/src/porting_tests.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/ctdb/tests/src/porting_tests.c 2021-05-06 11:30:43.338213898 +0000
@@ -41,7 +41,7 @@
pid_t helper_pid;
int socket;
} globals = {
- .socketname = "/tmp/test.sock"
+ .socketname = "@TERMUX_PREFIX@/tmp/test.sock"
};
diff -uNr samba-4.14.4/lib/ldb/tools/ldbedit.c samba-4.14.4.mod/lib/ldb/tools/ldbedit.c
--- samba-4.14.4/lib/ldb/tools/ldbedit.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/lib/ldb/tools/ldbedit.c 2021-05-06 11:30:43.338213898 +0000
@@ -218,7 +218,7 @@
{
int fd, ret;
FILE *f;
- char file_template[] = "/tmp/ldbedit.XXXXXX";
+ char file_template[] = "@TERMUX_PREFIX@/tmp/ldbedit.XXXXXX";
char *cmd;
struct ldb_ldif *ldif;
struct ldb_message **msgs2 = NULL;
diff -uNr samba-4.14.4/lib/param/loadparm.c samba-4.14.4.mod/lib/param/loadparm.c
--- samba-4.14.4/lib/param/loadparm.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/lib/param/loadparm.c 2021-05-06 11:30:43.338213898 +0000
@@ -2514,12 +2514,12 @@
tmp = lpcfg_parm_string(lp_ctx, NULL, "vlp", "tdbfile");
if (tmp == NULL) {
- tmp = "/tmp/vlp.tdb";
+ tmp = "@TERMUX_PREFIX@/tmp/vlp.tdb";
}
tdbfile = talloc_asprintf(tmp_ctx, "tdbfile=%s", tmp);
if (tdbfile == NULL) {
- tdbfile="tdbfile=/tmp/vlp.tdb";
+ tdbfile="tdbfile=@TERMUX_PREFIX@/tmp/vlp.tdb";
}
tmp = talloc_asprintf(tmp_ctx, "vlp %s print %%p %%s",
diff -uNr samba-4.14.4/lib/replace/wscript samba-4.14.4.mod/lib/replace/wscript
--- samba-4.14.4/lib/replace/wscript 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/lib/replace/wscript 2021-05-06 11:30:43.342213897 +0000
@@ -778,8 +778,8 @@
conf.CHECK_CODE('''
struct stat st;
- char tpl[20]="/tmp/test.XXXXXX";
- char tpl2[20]="/tmp/test.XXXXXX";
+ char tpl[51]="@TERMUX_PREFIX@/tmp/test.XXXXXX";
+ char tpl2[51]="@TERMUX_PREFIX@/tmp/test.XXXXXX";
int fd = mkstemp(tpl);
int fd2 = mkstemp(tpl2);
if (fd == -1) {
@@ -793,7 +793,7 @@
unlink(tpl2);
if (fstat(fd, &st) != 0) exit(1);
if ((st.st_mode & 0777) != 0600) exit(1);
- if (strcmp(tpl, "/tmp/test.XXXXXX") == 0) {
+ if (strcmp(tpl, "@TERMUX_PREFIX@/tmp/test.XXXXXX") == 0) {
exit(1);
}
if (strcmp(tpl, tpl2) == 0) {
diff -uNr samba-4.14.4/lib/util/util.c samba-4.14.4.mod/lib/util/util.c
--- samba-4.14.4/lib/util/util.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/lib/util/util.c 2021-05-06 11:30:43.342213897 +0000
@@ -62,7 +62,7 @@
char *p;
if ((p = getenv("TMPDIR")))
return p;
- return "/tmp";
+ return "@TERMUX_PREFIX@/tmp";
}
diff -uNr samba-4.14.4/nsswitch/winbind_nss_aix.c samba-4.14.4.mod/nsswitch/winbind_nss_aix.c
--- samba-4.14.4/nsswitch/winbind_nss_aix.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/nsswitch/winbind_nss_aix.c 2021-05-06 11:30:43.342213897 +0000
@@ -63,7 +63,7 @@
if (!debug_enabled) {
return;
}
- f = fopen("/tmp/WINBIND_DEBUG.log", "a");
+ f = fopen("@TERMUX_PREFIX@/tmp/WINBIND_DEBUG.log", "a");
if (!f) return;
va_start(ap, format);
vfprintf(f, format, ap);
diff -uNr samba-4.14.4/source3/client/smbspool_krb5_wrapper.c samba-4.14.4.mod/source3/client/smbspool_krb5_wrapper.c
--- samba-4.14.4/source3/client/smbspool_krb5_wrapper.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/client/smbspool_krb5_wrapper.c 2021-05-06 11:30:43.342213897 +0000
@@ -309,7 +309,7 @@
}
/* Fallback to a FILE ccache */
- snprintf(gen_cc, sizeof(gen_cc), "FILE:/tmp/krb5cc_%u", uid);
+ snprintf(gen_cc, sizeof(gen_cc), "FILE:@TERMUX_PREFIX@/tmp/krb5cc_%u", uid);
create_env:
/*
diff -uNr samba-4.14.4/source3/lib/smbconf/testsuite.c samba-4.14.4.mod/source3/lib/smbconf/testsuite.c
--- samba-4.14.4/source3/lib/smbconf/testsuite.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/lib/smbconf/testsuite.c 2021-05-06 11:30:43.342213897 +0000
@@ -208,7 +208,7 @@
{
sbcErr err;
bool ret = true;
- const char *filename = "/tmp/smb.conf.smbconf_testsuite";
+ const char *filename = "@TERMUX_PREFIX@/tmp/smb.conf.smbconf_testsuite";
struct smbconf_ctx *conf_ctx = NULL;
TALLOC_CTX *mem_ctx = talloc_stackframe();
diff -uNr samba-4.14.4/source3/modules/vfs_virusfilter.c samba-4.14.4.mod/source3/modules/vfs_virusfilter.c
--- samba-4.14.4/source3/modules/vfs_virusfilter.c 2021-04-20 10:04:03.000000000 +0000
+++ samba-4.14.4.mod/source3/modules/vfs_virusfilter.c 2021-05-06 11:31:15.350214614 +0000
@@ -292,7 +292,7 @@
quarantine_dir = lp_parm_const_string(
snum, "virusfilter", "quarantine directory",
- tmp ? tmp : "/tmp/.quarantine");
+ tmp ? tmp : "@TERMUX_PREFIX@/tmp/.quarantine");
if (quarantine_dir != NULL) {
config->quarantine_dir = talloc_strdup(config, quarantine_dir);
if (config->quarantine_dir == NULL) {
diff -uNr samba-4.14.4/source3/modules/vfs_virusfilter_fsav.c samba-4.14.4.mod/source3/modules/vfs_virusfilter_fsav.c
--- samba-4.14.4/source3/modules/vfs_virusfilter_fsav.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/modules/vfs_virusfilter_fsav.c 2021-05-06 11:30:43.342213897 +0000
@@ -23,7 +23,7 @@
#ifdef FSAV_DEFAULT_SOCKET_PATH
# define VIRUSFILTER_DEFAULT_SOCKET_PATH FSAV_DEFAULT_SOCKET_PATH
#else
-# define VIRUSFILTER_DEFAULT_SOCKET_PATH "/tmp/.fsav-0"
+# define VIRUSFILTER_DEFAULT_SOCKET_PATH "@TERMUX_PREFIX@/tmp/.fsav-0"
#endif
/* Default values for module-specific configuration variables */
diff -uNr samba-4.14.4/source3/registry/tests/test_regfio.c samba-4.14.4.mod/source3/registry/tests/test_regfio.c
--- samba-4.14.4/source3/registry/tests/test_regfio.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/registry/tests/test_regfio.c 2021-05-06 11:30:43.342213897 +0000
@@ -65,7 +65,7 @@
if (ret == 0) {
test_ctx = talloc_get_type_abort(*state, struct test_ctx);
- test_ctx->tmp_regfile = talloc_strdup(test_ctx, "/tmp/regfio.XXXXXX");
+ test_ctx->tmp_regfile = talloc_strdup(test_ctx, "@TERMUX_PREFIX@/tmp/regfio.XXXXXX");
assert_non_null(test_ctx->tmp_regfile);
test_ctx->tmp_regfile_fd = mkstemp(test_ctx->tmp_regfile);
diff -uNr samba-4.14.4/source3/smbd/notifyd/tests.c samba-4.14.4.mod/source3/smbd/notifyd/tests.c
--- samba-4.14.4/source3/smbd/notifyd/tests.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/smbd/notifyd/tests.c 2021-05-06 11:30:43.342213897 +0000
@@ -66,12 +66,12 @@
.instance.filter = UINT32_MAX,
.instance.subdir_filter = UINT32_MAX
};
- char path[64];
+ char path[256];
size_t len;
struct iovec iov[2];
NTSTATUS status;
- len = snprintf(path, sizeof(path), "/tmp%u", i);
+ len = snprintf(path, sizeof(path), "@TERMUX_PREFIX@/tmp%u", i);
iov[0].iov_base = &msg;
iov[0].iov_len = offsetof(struct notify_rec_change_msg, path);
diff -uNr samba-4.14.4/source3/smbd/process.c samba-4.14.4.mod/source3/smbd/process.c
--- samba-4.14.4/source3/smbd/process.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/smbd/process.c 2021-05-06 11:30:43.342213897 +0000
@@ -1418,7 +1418,7 @@
len = smb_len_tcp(data)+4;
for (i=1;i<100;i++) {
fname = talloc_asprintf(talloc_tos(),
- "/tmp/%s.%d.%s",
+ "@TERMUX_PREFIX@/tmp/%s.%d.%s",
name,
i,
type ? "req" : "resp");
diff -uNr samba-4.14.4/source3/utils/interact.c samba-4.14.4.mod/source3/utils/interact.c
--- samba-4.14.4/source3/utils/interact.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/utils/interact.c 2021-05-06 11:30:43.342213897 +0000
@@ -76,7 +76,7 @@
char* interact_edit(TALLOC_CTX* mem_ctx, const char* str) {
- char fname[] = "/tmp/net_idmap_check.XXXXXX";
+ char fname[] = "@TERMUX_PREFIX@/tmp/net_idmap_check.XXXXXX";
char buf[128];
char* ret = NULL;
FILE* file;
diff -uNr samba-4.14.4/source3/utils/net_rpc_samsync.c samba-4.14.4.mod/source3/utils/net_rpc_samsync.c
--- samba-4.14.4/source3/utils/net_rpc_samsync.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source3/utils/net_rpc_samsync.c 2021-05-06 11:30:43.342213897 +0000
@@ -47,7 +47,7 @@
"\t to pull accounts from a remote PDC where we are a BDC\n"
"\t\t no args puts accounts in local passdb from smb.conf\n"
"\t\t ldif - put accounts in ldif format (file defaults to "
- "/tmp/tmp.ldif)\n"
+ "@TERMUX_PREFIX@/tmp/tmp.ldif)\n"
"\t\t keytab - put account passwords in krb5 keytab "
"(defaults to system keytab)\n"));
diff -uNr samba-4.14.4/source3/winbindd/winbindd_pam.c samba-4.14.4.mod/source3/winbindd/winbindd_pam.c
--- samba-4.14.4/source3/winbindd/winbindd_pam.c 2021-02-04 08:24:37.000000000 +0000
+++ samba-4.14.4.mod/source3/winbindd/winbindd_pam.c 2021-05-06 11:30:43.342213897 +0000
@@ -573,11 +573,11 @@
if (uid != -1) {
if (strequal(type, "FILE")) {
gen_cc = talloc_asprintf(
- mem_ctx, "FILE:/tmp/krb5cc_%d", uid);
+ mem_ctx, "FILE:@TERMUX_PREFIX@/tmp/krb5cc_%d", uid);
}
if (strequal(type, "WRFILE")) {
gen_cc = talloc_asprintf(
- mem_ctx, "WRFILE:/tmp/krb5cc_%d", uid);
+ mem_ctx, "WRFILE:@TERMUX_PREFIX@/tmp/krb5cc_%d", uid);
}
if (strequal(type, "KEYRING")) {
gen_cc = talloc_asprintf(
diff -uNr samba-4.14.4/source4/heimdal/lib/krb5/expand_path.c samba-4.14.4.mod/source4/heimdal/lib/krb5/expand_path.c
--- samba-4.14.4/source4/heimdal/lib/krb5/expand_path.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/heimdal/lib/krb5/expand_path.c 2021-05-06 11:30:43.346213897 +0000
@@ -287,11 +287,11 @@
const char *p = NULL;
if (issuid())
- p = getenv("TEMP");
+ p = getenv("TMPDIR");
if (p)
*ret = strdup(p);
else
- *ret = strdup("/tmp");
+ *ret = strdup("@TERMUX_PREFIX@/tmp");
if (*ret == NULL)
return ENOMEM;
return 0;
diff -uNr samba-4.14.4/source4/heimdal/lib/krb5/krb5.h samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5.h
--- samba-4.14.4/source4/heimdal/lib/krb5/krb5.h 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5.h 2021-05-06 11:30:43.346213897 +0000
@@ -351,7 +351,7 @@
#ifdef KRB5_USE_PATH_TOKENS
#define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_"
#else
-#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
+#define KRB5_DEFAULT_CCFILE_ROOT "@TERMUX_PREFIX@/tmp/krb5cc_"
#endif
#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT
diff -uNr samba-4.14.4/source4/heimdal/lib/krb5/krb5_locl.h samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5_locl.h
--- samba-4.14.4/source4/heimdal/lib/krb5/krb5_locl.h 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5_locl.h 2021-05-06 11:30:43.346213897 +0000
@@ -303,7 +303,7 @@
} krb5_context_data;
#ifndef KRB5_USE_PATH_TOKENS
-#define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}"
+#define KRB5_DEFAULT_CCNAME_FILE "FILE:@TERMUX_PREFIX@/tmp/krb5cc_%{uid}"
#else
#define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}"
#endif
diff -uNr samba-4.14.4/source4/heimdal/lib/krb5/krb5-v4compat.h samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5-v4compat.h
--- samba-4.14.4/source4/heimdal/lib/krb5/krb5-v4compat.h 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/heimdal/lib/krb5/krb5-v4compat.h 2021-05-06 11:30:43.346213897 +0000
@@ -108,7 +108,7 @@
#ifdef KRB5_USE_PATH_TOKENS
#define TKT_ROOT "%{TEMP}/tkt"
#else
-#define TKT_ROOT "/tmp/tkt"
+#define TKT_ROOT "@TERMUX_PREFIX@/tmp/tkt"
#endif
#endif
diff -uNr samba-4.14.4/source4/librpc/tests/binding_string.c samba-4.14.4.mod/source4/librpc/tests/binding_string.c
--- samba-4.14.4/source4/librpc/tests/binding_string.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/librpc/tests/binding_string.c 2021-05-06 11:30:43.346213897 +0000
@@ -127,9 +127,9 @@
"ncadg_ip_udp:",
"308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_np:localhost",
"308FB580-1EB2-11CA-923B-08002B1075A7@ncacn_ip_tcp:127.0.0.1",
- "ncacn_unix_stream:[/tmp/epmapper]",
+ "ncacn_unix_stream:[@TERMUX_PREFIX@/tmp/epmapper]",
"ncalrpc:[IDENTIFIER]",
- "ncacn_unix_stream:[/tmp/epmapper,sign]",
+ "ncacn_unix_stream:[@TERMUX_PREFIX@/tmp/epmapper,sign]",
"ncacn_ip_tcp:127.0.0.1[75,target_hostname=port75.example.com,target_principal=host/port75.example.com]",
"ncacn_ip_tcp:127.0.0.1[75,connect,target_hostname=port75.example.com,target_principal=host/port75.example.com,assoc_group_id=0x01234567]",
"ncacn_ip_tcp:127.0.0.1[75,packet,target_hostname=port75.example.com,target_principal=host/port75.example.com,assoc_group_id=0x01234567]",
diff -uNr samba-4.14.4/source4/param/tests/share.c samba-4.14.4.mod/source4/param/tests/share.c
--- samba-4.14.4/source4/param/tests/share.c 2021-01-21 13:20:40.000000000 +0000
+++ samba-4.14.4.mod/source4/param/tests/share.c 2021-05-06 11:30:43.346213897 +0000
@@ -50,7 +50,7 @@
bool found = false;
struct share_info inf[] = {
{ SHARE_INFO_STRING, SHARE_TYPE, discard_const_p(void *, "IPC$") },
- { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "/tmp/bla") }
+ { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "@TERMUX_PREFIX@/tmp/bla") }
};
NTSTATUS status;
@@ -126,7 +126,7 @@
struct share_context *ctx = (struct share_context *)discard_const(tcase_data);
struct share_info inf[] = {
{ SHARE_INFO_STRING, SHARE_TYPE, discard_const_p(void *, "IPC$") },
- { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "/tmp/bla") }
+ { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "@TERMUX_PREFIX@/tmp/bla") }
};
NTSTATUS status;
@@ -149,7 +149,7 @@
struct share_context *ctx = (struct share_context *)discard_const(tcase_data);
struct share_info inf[] = {
{ SHARE_INFO_STRING, SHARE_TYPE, discard_const_p(void *, "IPC$") },
- { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "/tmp/bla") }
+ { SHARE_INFO_STRING, SHARE_PATH, discard_const_p(void *, "@TERMUX_PREFIX@/tmp/bla") }
};
NTSTATUS status;
diff -uNr samba-4.14.4/testsuite/nsswitch/getgrent_r.c samba-4.14.4.mod/testsuite/nsswitch/getgrent_r.c
--- samba-4.14.4/testsuite/nsswitch/getgrent_r.c 2021-01-21 13:20:41.000000000 +0000
+++ samba-4.14.4.mod/testsuite/nsswitch/getgrent_r.c 2021-05-06 11:30:43.346213897 +0000
@@ -14,12 +14,12 @@
void dump_grent(char *id)
{
struct group *gr;
- char fname[255];
+ char fname[512];
FILE *fptr;
/* Open results file */
- sprintf(fname, "/tmp/getgrent_r-%s.out-%d", id, getpid());
+ sprintf(fname, "@TERMUX_PREFIX@/tmp/getgrent_r-%s.out-%d", id, getpid());
if ((fptr = fopen(fname, "w")) == NULL) {
fprintf(stderr, "ERROR: could not open file %s: %s\n", fname,
diff -uNr samba-4.14.4/testsuite/nsswitch/getpwent_r.c samba-4.14.4.mod/testsuite/nsswitch/getpwent_r.c
--- samba-4.14.4/testsuite/nsswitch/getpwent_r.c 2021-01-21 13:20:41.000000000 +0000
+++ samba-4.14.4.mod/testsuite/nsswitch/getpwent_r.c 2021-05-06 11:30:43.346213897 +0000
@@ -14,12 +14,12 @@
void dump_pwent(char *id)
{
struct passwd *pw;
- char fname[255];
+ char fname[512];
FILE *fptr;
/* Open results file */
- sprintf(fname, "/tmp/getpwent_r-%s.out-%d", id, getpid());
+ sprintf(fname, "@TERMUX_PREFIX@/tmp/getpwent_r-%s.out-%d", id, getpid());
if ((fptr = fopen(fname, "w")) == 0) {
fprintf(stderr, "ERROR: could not open file %s: %s\n", fname,
diff -uNr samba-4.14.4/testsuite/unittests/test_krb5_samba.c samba-4.14.4.mod/testsuite/unittests/test_krb5_samba.c
--- samba-4.14.4/testsuite/unittests/test_krb5_samba.c 2021-01-21 13:20:41.000000000 +0000
+++ samba-4.14.4.mod/testsuite/unittests/test_krb5_samba.c 2021-05-06 11:30:43.346213897 +0000
@@ -37,7 +37,7 @@
krb5_context context = *state;
krb5_keytab keytab = NULL;
krb5_error_code code;
- char keytab_template[] = "/tmp/keytab.XXXXXX";
+ char keytab_template[] = "@TERMUX_PREFIX@/tmp/keytab.XXXXXX";
int fd;
fd = mkstemp(keytab_template);
@@ -59,7 +59,7 @@
krb5_context context = *state;
krb5_keytab keytab = NULL;
krb5_error_code code;
- char keytab_template[] = "/tmp/keytab.XXXXXX";
+ char keytab_template[] = "@TERMUX_PREFIX@/tmp/keytab.XXXXXX";
char keytab_file[6 + strlen(keytab_template)];
int fd;
diff -uNr samba-4.14.4/third_party/pam_wrapper/pam_wrapper.c samba-4.14.4.mod/third_party/pam_wrapper/pam_wrapper.c
--- samba-4.14.4/third_party/pam_wrapper/pam_wrapper.c 2021-01-21 13:20:41.000000000 +0000
+++ samba-4.14.4.mod/third_party/pam_wrapper/pam_wrapper.c 2021-05-06 11:30:43.346213897 +0000
@@ -1158,7 +1158,7 @@
static void pwrap_init(void)
{
- char tmp_config_dir[] = "/tmp/pam.X";
+ char tmp_config_dir[] = "@TERMUX_PREFIX@/tmp/pam.X";
size_t len = strlen(tmp_config_dir);
const char *env;
struct stat sb;

View File

@ -0,0 +1,315 @@
When non-root, this only succeeds when SELinux is in permissive mode.
diff -uNr samba-4.13.2/lib/replace/wscript samba-4.13.2.mod/lib/replace/wscript
--- samba-4.13.2/lib/replace/wscript 2020-09-15 13:43:18.000000000 +0000
+++ samba-4.13.2.mod/lib/replace/wscript 2020-11-23 13:26:08.057004700 +0000
@@ -389,8 +389,8 @@
conf.CHECK_FUNCS('shl_load shl_unload shl_findsym')
conf.CHECK_FUNCS('pipe strftime srandom random srand rand usleep setbuffer')
- conf.CHECK_FUNCS('lstat getpgrp utime utimes setuid seteuid setreuid setresuid setgid setegid')
- conf.CHECK_FUNCS('setregid setresgid chroot strerror vsyslog setlinebuf mktime')
+ conf.CHECK_FUNCS('lstat getpgrp utime utimes')
+ conf.CHECK_FUNCS('chroot strerror vsyslog setlinebuf mktime')
conf.CHECK_FUNCS('ftruncate chsize rename waitpid wait4')
conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr strsep')
conf.CHECK_FUNCS('strtok_r mkdtemp dup2 dprintf vdprintf isatty chown lchown')
@@ -460,7 +460,7 @@
conf.CHECK_FUNCS('if_nametoindex strerror_r')
conf.CHECK_FUNCS('syslog')
conf.CHECK_FUNCS('gai_strerror get_current_dir_name')
- conf.CHECK_FUNCS('timegm getifaddrs freeifaddrs mmap setgroups syscall setsid')
+ conf.CHECK_FUNCS('timegm getifaddrs freeifaddrs mmap syscall setsid')
conf.CHECK_FUNCS('getgrent_r getgrgid_r getgrnam_r getgrouplist getpagesize')
conf.CHECK_FUNCS('getpwent_r getpwnam_r getpwuid_r epoll_create')
conf.CHECK_FUNCS('port_create')
diff -uNr samba-4.13.2/source3/lib/util_sec.c samba-4.13.2.mod/source3/lib/util_sec.c
--- samba-4.13.2/source3/lib/util_sec.c 2020-07-09 09:33:56.000000000 +0000
+++ samba-4.13.2.mod/source3/lib/util_sec.c 2020-11-23 13:26:08.057004700 +0000
@@ -132,11 +132,11 @@
if ((euid != (uid_t)-1 && geteuid() != euid) ||
(ruid != (uid_t)-1 && getuid() != ruid)) {
if (!non_root_mode()) {
- DEBUG(0,("Failed to set uid privileges to (%d,%d) now set to (%d,%d)\n",
+ DEBUG(5,("Failed to set uid privileges to (%d,%d) now set to (%d,%d)\n",
(int)ruid, (int)euid,
(int)getuid(), (int)geteuid()));
- smb_panic("failed to set uid\n");
- exit(1);
+ /* smb_panic("failed to set uid\n");
+ exit(1); */
}
}
}
@@ -149,12 +149,12 @@
if ((egid != (gid_t)-1 && getegid() != egid) ||
(rgid != (gid_t)-1 && getgid() != rgid)) {
if (!non_root_mode()) {
- DEBUG(0,("Failed to set gid privileges to (%d,%d) now set to (%d,%d) uid=(%d,%d)\n",
+ DEBUG(5,("Failed to set gid privileges to (%d,%d) now set to (%d,%d) uid=(%d,%d)\n",
(int)rgid, (int)egid,
(int)getgid(), (int)getegid(),
(int)getuid(), (int)geteuid()));
- smb_panic("failed to set gid\n");
- exit(1);
+ /* smb_panic("failed to set gid\n");
+ exit(1); */
}
}
}
@@ -501,11 +501,11 @@
if (samba_setresuid(uid, uid, -1) != 0) {
return -1;
}
- if (geteuid() != uid || getuid() != uid ||
+ /* if (geteuid() != uid || getuid() != uid ||
getegid() != gid || getgid() != gid) {
smb_panic("set_thread_credentials failed\n");
return -1;
- }
+ } */
#ifdef HAVE___THREAD
cache.active = true;
diff -uNr samba-4.13.2/source3/modules/vfs_aio_pthread.c samba-4.13.2.mod/source3/modules/vfs_aio_pthread.c
--- samba-4.13.2/source3/modules/vfs_aio_pthread.c 2020-07-09 09:33:56.000000000 +0000
+++ samba-4.13.2.mod/source3/modules/vfs_aio_pthread.c 2020-11-23 13:27:37.643739200 +0000
@@ -31,7 +31,7 @@
#include <linux/falloc.h>
#endif
-#if defined(HAVE_OPENAT) && defined(HAVE_LINUX_THREAD_CREDENTIALS)
+#if defined(HAVE_OPENAT)
/*
* We must have openat() to do any thread-based
@@ -53,7 +53,6 @@
struct smb_filename *smb_fname;
connection_struct *conn;
struct smbXsrv_connection *xconn;
- const struct security_unix_token *ux_tok;
uint64_t initial_allocation_size;
/* Returns. */
int ret_fd;
@@ -185,16 +184,6 @@
struct aio_open_private_data *opd =
(struct aio_open_private_data *)private_data;
- /* Become the correct credential on this thread. */
- if (set_thread_credentials(opd->ux_tok->uid,
- opd->ux_tok->gid,
- (size_t)opd->ux_tok->ngroups,
- opd->ux_tok->groups) != 0) {
- opd->ret_fd = -1;
- opd->ret_errno = errno;
- return;
- }
-
aio_open_do(opd);
}
@@ -281,11 +270,11 @@
};
/* Copy our current credentials. */
- opd->ux_tok = copy_unix_token(opd, get_current_utok(fsp->conn));
+ /*opd->ux_tok = copy_unix_token(opd, get_current_utok(fsp->conn));
if (opd->ux_tok == NULL) {
opd_free(opd);
return NULL;
- }
+ }*/
/*
* Copy the full fsp_name and smb_fname which is the basename.
@@ -506,7 +495,7 @@
#endif
static struct vfs_fn_pointers vfs_aio_pthread_fns = {
-#if defined(HAVE_OPENAT) && defined(HAVE_LINUX_THREAD_CREDENTIALS)
+#if defined(HAVE_OPENAT)
.openat_fn = aio_pthread_openat_fn,
#endif
};
diff -uNr samba-4.13.2/source3/modules/vfs_aio_pthread.c.rej samba-4.13.2.mod/source3/modules/vfs_aio_pthread.c.rej
--- samba-4.13.2/source3/modules/vfs_aio_pthread.c.rej 1970-01-01 00:00:00.000000000 +0000
+++ samba-4.13.2.mod/source3/modules/vfs_aio_pthread.c.rej 2020-11-23 13:26:08.058004764 +0000
@@ -0,0 +1,11 @@
+--- source3/modules/vfs_aio_pthread.c
++++ source3/modules/vfs_aio_pthread.c
+@@ -477,7 +466,7 @@ static int aio_pthread_open_fn(vfs_handle_struct *handle,
+ #endif
+
+ static struct vfs_fn_pointers vfs_aio_pthread_fns = {
+-#if defined(HAVE_OPENAT) && defined(HAVE_LINUX_THREAD_CREDENTIALS)
++#if defined(HAVE_OPENAT)
+ .open_fn = aio_pthread_open_fn,
+ #endif
+ };
diff -uNr samba-4.13.2/source3/modules/vfs_default.c samba-4.13.2.mod/source3/modules/vfs_default.c
--- samba-4.13.2/source3/modules/vfs_default.c 2020-07-09 09:33:56.000000000 +0000
+++ samba-4.13.2.mod/source3/modules/vfs_default.c 2020-11-23 13:26:08.059004828 +0000
@@ -3303,9 +3303,7 @@
*/
have_per_thread_cwd = per_thread_cwd_supported();
}
-#ifdef HAVE_LINUX_THREAD_CREDENTIALS
have_per_thread_creds = true;
-#endif
if (have_per_thread_cwd && have_per_thread_creds) {
do_async = true;
}
diff -uNr samba-4.13.2/source3/wscript samba-4.13.2.mod/source3/wscript
--- samba-4.13.2/source3/wscript 2020-09-07 10:52:25.000000000 +0000
+++ samba-4.13.2.mod/source3/wscript 2020-11-23 13:26:08.060004892 +0000
@@ -131,7 +131,7 @@
conf.CHECK_FUNCS('setsid glob strpbrk crypt16 getauthuid')
conf.CHECK_FUNCS('innetgr')
conf.CHECK_FUNCS('initgroups select poll rdchk getgrnam getgrent pathconf')
- conf.CHECK_FUNCS('setpriv setgidx setuidx setgroups syscall sysconf')
+ conf.CHECK_FUNCS('setpriv syscall sysconf')
conf.CHECK_FUNCS('atexit grantpt posix_openpt fallocate')
conf.CHECK_FUNCS('fseeko setluid')
conf.CHECK_FUNCS('getpwnam', headers='sys/types.h pwd.h')
@@ -452,15 +452,12 @@
rdchk
select
setenv
-setgidx
-setgroups
setlocale
setluid
setmntent
setpgid
setpriv
setsid
-setuidx
statvfs
strcasecmp
strchr
@@ -989,110 +986,6 @@
#
# Ensure we select the correct set of system calls on Linux.
#
- if (host_os.rfind('linux') > -1):
- conf.CHECK_CODE('''
-#if defined(HAVE_UNISTD_H)
-#include <unistd.h>
-#endif
-#include <stdlib.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <errno.h>
-
-#ifdef HAVE_SYS_PRIV_H
-#include <sys/priv.h>
-#endif
-#ifdef HAVE_SYS_ID_H
-#include <sys/id.h>
-#endif
-
-#if defined(HAVE_SYSCALL_H)
-#include <syscall.h>
-#endif
-
-#if defined(HAVE_SYS_SYSCALL_H)
-#include <sys/syscall.h>
-#endif
-
-syscall(SYS_setresuid32, -1, -1, -1);
-syscall(SYS_setresgid32, -1, -1, -1);
-syscall(SYS_setreuid32, -1, -1);
-syscall(SYS_setregid32, -1, -1);
-syscall(SYS_setuid32, -1);
-syscall(SYS_setgid32, -1);
-syscall(SYS_setgroups32, 0, NULL);
-''',
- 'USE_LINUX_32BIT_SYSCALLS',
- msg="Checking whether Linux should use 32-bit credential calls");
-
- if (conf.CONFIG_SET('USE_LINUX_32BIT_SYSCALLS')):
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define HAVE_LINUX_THREAD_CREDENTIALS 1
- #define USE_LINUX_32BIT_SYSCALLS 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'HAVE_LINUX_THREAD_CREDENTIALS',
- addmain=False,
- execute=True,
- msg="Checking whether we can use Linux thread-specific credentials with 32-bit system calls")
- else:
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define HAVE_LINUX_THREAD_CREDENTIALS 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'HAVE_LINUX_THREAD_CREDENTIALS',
- addmain=False,
- execute=True,
- msg="Checking whether we can use Linux thread-specific credentials")
- if not seteuid:
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define USE_SETREUID 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'USE_SETREUID',
- addmain=False,
- execute=True,
- msg="Checking whether setreuid is available")
- if not seteuid:
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define USE_SETRESUID 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'USE_SETRESUID',
- addmain=False,
- execute=True,
- msg="Checking whether setresuid is available")
- if not seteuid:
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define USE_SETEUID 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'USE_SETEUID',
- addmain=False,
- execute=True,
- msg="Checking whether seteuid is available")
- if not seteuid:
- seteuid = conf.CHECK_CODE('''
- #define AUTOCONF_TEST 1
- #define USE_SETUIDX 1
- #include "../lib/util/setid.c"
- #include "./lib/util_sec.c"
- ''',
- 'USE_SETUIDX',
- addmain=False,
- execute=True,
- mandatory=True,
- msg="Checking whether setuidx is available")
if Options.options.with_dnsupdate:
if not conf.CONFIG_SET('HAVE_KRB5'):
Logs.warn("--with-dnsupdate=yes but gssapi support not sufficient")
diff -uNr samba-4.13.2/tests/summary.c samba-4.13.2.mod/tests/summary.c
--- samba-4.13.2/tests/summary.c 2020-07-09 09:33:57.000000000 +0000
+++ samba-4.13.2.mod/tests/summary.c 2020-11-23 13:26:08.060004892 +0000
@@ -12,9 +12,11 @@
#warning "WARNING: No automated network interface determination"
#endif
+#ifndef __ANDROID__
#if !(defined(USE_SETEUID) || defined(USE_SETREUID) || defined(USE_SETRESUID) || defined(USE_SETUIDX) || defined(HAVE_LINUX_THREAD_CREDENTIALS))
#error "ERROR: no seteuid method available"
#endif
+#endif
#if !(defined(STAT_STATVFS) || defined(STAT_STATFS3_OSF1) || defined(STAT_STATFS2_BSIZE) || defined(STAT_STATFS4) || defined(STAT_STATFS2_FSIZE) || defined(STAT_STATFS2_FS_DATA))
#error "ERROR: No disk free routine!"

View File

@ -0,0 +1,82 @@
From a44362b264f38cff9bd8a1c3412bb3a7875c3a10 Mon Sep 17 00:00:00 2001
From: Faheem Pervez <trippin1@gmail.com>
Date: Tue, 14 Apr 2020 21:27:20 +0100
Subject: [PATCH 3/6] smbpasswd: remove root-related restrictions
* Allow -L to work when non-root
* Allow deleting and renaming of user with uid = 0
A good sanity check, indeed, but when getpwnam etc. is modified
to return a passwd entry for root only, then this poses a problem...
---
source3/passdb/pdb_interface.c | 22 ----------------------
source3/utils/smbpasswd.c | 4 ----
2 files changed, 26 deletions(-)
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 03aa4ff..b1a7fb1 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -619,23 +619,12 @@ static NTSTATUS pdb_default_delete_user(struct pdb_methods *methods,
NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
- uid_t uid = -1;
NTSTATUS status;
const struct dom_sid *user_sid;
char *msg_data;
user_sid = pdb_get_user_sid(sam_acct);
- /* sanity check to make sure we don't delete root */
-
- if ( !sid_to_uid(user_sid, &uid ) ) {
- return NT_STATUS_NO_SUCH_USER;
- }
-
- if ( uid == 0 ) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
memcache_delete(NULL,
PDB_GETPWSID_CACHE,
data_blob_const(user_sid, sizeof(*user_sid)));
@@ -691,21 +680,10 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
{
struct pdb_methods *pdb = pdb_get_methods();
- uid_t uid;
NTSTATUS status;
memcache_flush(NULL, PDB_GETPWSID_CACHE);
- /* sanity check to make sure we don't rename root */
-
- if ( !sid_to_uid( pdb_get_user_sid(oldname), &uid ) ) {
- return NT_STATUS_NO_SUCH_USER;
- }
-
- if ( uid == 0 ) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
status = pdb->rename_sam_account(pdb, oldname, newname);
/* always flush the cache here just to be safe */
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 4013120..4688257 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -100,10 +100,6 @@ static int process_options(int argc, char **argv, int local_flags)
while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:LWS:")) != EOF) {
switch(ch) {
case 'L':
- if (getuid() != 0) {
- fprintf(stderr, "smbpasswd -L can only be used by root.\n");
- exit(1);
- }
local_flags |= LOCAL_AM_ROOT;
break;
case 'c':
--
2.25.1

View File

@ -0,0 +1,547 @@
From cf315c2f59829ea70179e2f5342c19c796e7350c Mon Sep 17 00:00:00 2001
From: Garfield Tan <xutan@google.com>
Date: Thu, 18 Jun 2020 11:16:13 +0000
Subject: [PATCH 5/6] samba-documents-provider-sambapatch
https://github.com/google/samba-documents-provider/blob/master/sambapatch.diff
smbd crash fix:
https://github.com/elliott10/samba-4.5.1
---
lib/param/loadparm.h | 1 +
lib/replace/getifaddrs.c | 8 +
lib/replace/netlink_ifaddrs.c | 271 +++++++++++++++++++++++++++++
lib/replace/replace.c | 14 ++
lib/replace/replace.h | 5 +
lib/socket/interfaces.c | 4 +
lib/util/util_pw.c | 2 -
librpc/ndr/util.c | 2 +-
nsswitch/libwbclient/wbc_pwd.c | 5 -
nsswitch/libwbclient/wbc_sid.c | 2 +-
nsswitch/winbind_struct_protocol.h | 4 +
source3/lib/dumpcore.c | 2 +-
source3/lib/username.c | 2 +
source3/passdb/passdb.c | 1 +
source4/lib/socket/socket.c | 2 +-
15 files changed, 314 insertions(+), 11 deletions(-)
create mode 100644 lib/replace/netlink_ifaddrs.c
diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h
index 65ff62c..e15546e 100644
--- a/lib/param/loadparm.h
+++ b/lib/param/loadparm.h
@@ -31,6 +31,7 @@
#define _LOADPARM_H
#include <talloc.h>
+#include "system/time.h"
struct parmlist_entry {
struct parmlist_entry *prev, *next;
diff --git a/lib/replace/getifaddrs.c b/lib/replace/getifaddrs.c
index a55ef7e..3f4f920 100644
--- a/lib/replace/getifaddrs.c
+++ b/lib/replace/getifaddrs.c
@@ -44,6 +44,7 @@
#define _FOUND_IFACE_ANY
#else
+#ifndef __ANDROID__
void rep_freeifaddrs(struct ifaddrs *ifp)
{
if (ifp != NULL) {
@@ -55,6 +56,7 @@ void rep_freeifaddrs(struct ifaddrs *ifp)
free(ifp);
}
}
+#endif // __ANDROID__
static struct sockaddr *sockaddr_dup(struct sockaddr *sa)
{
@@ -374,6 +376,12 @@ int rep_getifaddrs(struct ifaddrs **ifap)
#define _FOUND_IFACE_ANY
#endif /* HAVE_IFACE_AIX */
+
+#ifdef __ANDROID__
+#include "netlink_ifaddrs.c"
+#define _FOUND_IFACE_ANY
+#endif /* __ANDROID__ */
+
#ifndef _FOUND_IFACE_ANY
int rep_getifaddrs(struct ifaddrs **ifap)
{
diff --git a/lib/replace/netlink_ifaddrs.c b/lib/replace/netlink_ifaddrs.c
new file mode 100644
index 0000000..4b0456b
--- /dev/null
+++ b/lib/replace/netlink_ifaddrs.c
@@ -0,0 +1,271 @@
+#include "system/network.h"
+
+#include <errno.h>
+#include <linux/if_packet.h>
+#include <net/if.h>
+#include <netinet/in.h>
+#include <linux/netlink.h>
+#include <linux/rtnetlink.h>
+#include <sys/socket.h>
+#include <stdlib.h>
+
+#define MAX_SIZE 8192
+char *__netlink_data_;
+
+struct ifaddrs_container {
+ // This needs to be the first because we use this struct as a ifaddrs struct.
+ struct ifaddrs ifa;
+
+ int idx;
+
+ // Storage for pointers in ifa
+ struct sockaddr_storage addr;
+ struct sockaddr_storage netmask;
+ struct sockaddr_storage dstaddr;
+ char name[IFNAMSIZ 1];
+};
+
+static void init(struct ifaddrs_container *ifa, struct ifaddrs_container** ifap) {
+ memset(ifa, 0, sizeof(*ifa));
+
+ ifa->ifa.ifa_next = (struct ifaddrs*)(*ifap);
+ *ifap = ifa;
+}
+
+static uint8_t* addr_bytes(int family, struct sockaddr_storage *ss) {
+ switch (family) {
+ case AF_INET: {
+ struct sockaddr_in *ss4 = (struct sockaddr_in *)ss;
+ return (uint8_t*) (&ss4->sin_addr);
+ }
+ case AF_INET6: {
+ struct sockaddr_in6 *ss6 = (struct sockaddr_in6 *)ss;
+ return (uint8_t*) (&ss6->sin6_addr);
+ }
+ case AF_PACKET: {
+ struct sockaddr_ll* sll = (struct sockaddr_ll*)ss;
+ return (uint8_t*) (&sll->sll_addr);
+ }
+ default:
+ return NULL;
+ }
+}
+
+static struct sockaddr* copy_addr(int family, const void* data, size_t byteCount, struct sockaddr_storage *ss, int idx) {
+ ss->ss_family = family;
+ memcpy(addr_bytes(family, ss), data, byteCount);
+
+ if (family == AF_INET6 && (IN6_IS_ADDR_LINKLOCAL((struct in6_addr*)data) || IN6_IS_ADDR_MC_LINKLOCAL((struct in6_addr*)data))) {
+ struct sockaddr_in6* ss6 = (struct sockaddr_in6*)ss;
+ ss6->sin6_scope_id = idx;
+ }
+
+ return (struct sockaddr*)ss;
+}
+
+static void set_addr(struct ifaddrs_container *ifa, int family, const void *data, size_t byteCount) {
+ if (ifa->ifa.ifa_addr = NULL) {
+ // Assume this is IFA_LOCAL, if not set_local_addr will fix it.
+ ifa->ifa.ifa_addr = copy_addr(family, data, byteCount, &ifa->addr, ifa->idx);
+ } else {
+ // We already have a IFA_LOCAL, this should be a destination address.
+ ifa->ifa.ifa_dstaddr = copy_addr(family, data, byteCount, &ifa->dstaddr, ifa->idx);
+ }
+}
+
+static void set_local_addr(struct ifaddrs_container *ifa, int family, const void *data, size_t byteCount) {
+ // For P2P interface IFA_ADDRESS is destination and local address is supplied
+ // in IFA_LOCAL attribute.
+ if (ifa->ifa.ifa_addr != NULL) {
+ ifa->ifa.ifa_dstaddr = (struct sockaddr*)memcpy(&ifa->dstaddr, &ifa->addr, sizeof(ifa->addr));
+ }
+
+ ifa->ifa.ifa_addr = copy_addr(family, data, byteCount, &ifa->addr, ifa->idx);
+}
+
+static void set_netmask(struct ifaddrs_container *ifa, int family, size_t prefix_len) {
+ ifa->netmask.ss_family = family;
+ uint8_t *dst = addr_bytes(family, &ifa->netmask);
+ memset(dst, 0xff, prefix_len / 8);
+ if ((prefix_len % 8) != 0) {
+ dst[prefix_len / 8] = (0xff << (8 - (prefix_len % 8)));
+ }
+ ifa->ifa.ifa_netmask = (struct sockaddr*)(&ifa->netmask);
+}
+
+static void set_packet_attr(struct ifaddrs_container *ifa, int ifindex, unsigned short hatype, unsigned char halen) {
+ struct sockaddr_ll *sll = (struct sockaddr_ll *)(&ifa->addr);
+ sll->sll_ifindex = ifindex;
+ sll->sll_hatype = hatype;
+ sll->sll_halen = halen;
+}
+
+static int send_request(int socket, int type) {
+ struct {
+ struct nlmsghdr hdr;
+ struct rtgenmsg msg;
+ } request;
+ memset(&request, 0, sizeof(request));
+ request.hdr.nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST;
+ request.hdr.nlmsg_type = type;
+ request.hdr.nlmsg_len = sizeof(request);
+ request.msg.rtgen_family = AF_UNSPEC;
+
+ int result = send(socket, &request, sizeof(request), 0);
+ return result == sizeof(request) ? 0 : -1;
+}
+
+static int read_response(int socket, struct ifaddrs_container **ifap, int (*callback)(struct ifaddrs_container**, struct nlmsghdr*)) {
+ if (!__netlink_data_) {
+ return -1;
+ }
+
+ ssize_t bytes_read;
+ while ((bytes_read = recv(socket, __netlink_data_, MAX_SIZE, 0)) > 0) {
+ struct nlmsghdr *hdr = (struct nlmsghdr *)__netlink_data_;
+ for (; NLMSG_OK(hdr, (size_t) bytes_read); hdr = NLMSG_NEXT(hdr, bytes_read)) {
+ switch (hdr->nlmsg_type) {
+ case NLMSG_DONE:
+ return 0;
+ case NLMSG_ERROR: {
+ struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(hdr);
+ errno = (hdr->nlmsg_len >= NLMSG_LENGTH(sizeof(struct nlmsgerr))) ? -err->error : EIO;
+ return -1;
+ }
+ default:
+ if (callback(ifap, hdr)) {
+ return -1;
+ }
+ }
+ }
+ }
+
+ // Recv fails before we see NLMSG_OK.
+ return -1;
+}
+
+static int __newlink_callback(struct ifaddrs_container** ifap, struct nlmsghdr* hdr) {
+ if (hdr->nlmsg_type != RTM_NEWLINK) {
+ return -1;
+ }
+
+ struct ifinfomsg* ifi = (struct ifinfomsg *)NLMSG_DATA(hdr);
+ struct ifaddrs_container *addr = (struct ifaddrs_container *)malloc(sizeof(struct ifaddrs_container));
+ init(addr, ifap);
+ addr->idx = ifi->ifi_index;
+ addr->ifa.ifa_flags = ifi->ifi_flags;
+
+ struct rtattr *rta = IFLA_RTA(ifi);
+ size_t rta_len = IFLA_PAYLOAD(hdr);
+ for (; RTA_OK(rta, rta_len); rta = RTA_NEXT(rta, rta_len)) {
+ switch (rta->rta_type) {
+ case IFLA_ADDRESS:
+ if (RTA_PAYLOAD(rta) < sizeof(addr->addr)) {
+ set_addr(addr, AF_PACKET, RTA_DATA(rta), RTA_PAYLOAD(rta));
+ set_packet_attr(addr, ifi->ifi_index, ifi->ifi_type, RTA_PAYLOAD(rta));
+ }
+ break;
+ case IFLA_BROADCAST:
+ if (RTA_PAYLOAD(rta) < sizeof(addr->dstaddr)) {
+ set_packet_attr(addr, ifi->ifi_index, ifi->ifi_type, RTA_PAYLOAD(rta));
+ }
+ break;
+ case IFLA_IFNAME:
+ if (RTA_PAYLOAD(rta) < sizeof(addr->name)) {
+ memcpy(addr->name, RTA_DATA(rta), RTA_PAYLOAD(rta));
+ addr->ifa.ifa_name = addr->name;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+
+ return 0;
+}
+
+static int __newaddr_callback(struct ifaddrs_container** ifap, struct nlmsghdr* hdr) {
+ if (hdr->nlmsg_type != RTM_NEWADDR) {
+ return -1;
+ }
+
+ struct ifaddrmsg *msg = (struct ifaddrmsg*)NLMSG_DATA(hdr);
+ const struct ifaddrs_container *addr = (const struct ifaddrs_container *)(*ifap);
+ while (addr != NULL && addr->idx != (int)msg->ifa_index) {
+ addr = (const struct ifaddrs_container *)addr->ifa.ifa_next;
+ }
+ if (addr == NULL) {
+ // Unknown interface... Ignore it and treat it as successful.
+ return 0;
+ }
+
+ // Copy whatever we know about the interface.
+ struct ifaddrs_container *new_addr = (struct ifaddrs_container *)malloc(sizeof(struct ifaddrs_container));
+ init(new_addr, ifap);
+ strcpy(new_addr->name, addr->name);
+ new_addr->ifa.ifa_name = new_addr->name;
+ new_addr->ifa.ifa_flags = addr->ifa.ifa_flags;
+ new_addr->idx = addr->idx;
+
+ struct rtattr *rta = IFA_RTA(msg);
+ size_t rta_len = IFA_PAYLOAD(hdr);
+ for (; RTA_OK(rta, rta_len); rta = RTA_NEXT(rta, rta_len)) {
+ switch (rta->rta_type) {
+ case IFA_ADDRESS:
+ if (msg->ifa_family == AF_INET || msg->ifa_family == AF_INET6) {
+ set_addr(new_addr, msg->ifa_family, RTA_DATA(rta), RTA_PAYLOAD(rta));
+ set_netmask(new_addr, msg->ifa_family, msg->ifa_prefixlen);
+ }
+ break;
+ case IFA_LOCAL:
+ if (msg->ifa_family == AF_INET || msg->ifa_family == AF_INET6) {
+ set_local_addr(new_addr, msg->ifa_family, RTA_DATA(rta), RTA_PAYLOAD(rta));
+ }
+ break;
+ default:
+ break;
+ }
+ }
+
+ return 0;
+}
+
+int rep_getifaddrs(struct ifaddrs **ifap) {
+ *ifap = NULL;
+
+ __netlink_data_ = (char *) malloc(MAX_SIZE);
+ if (!__netlink_data_) {
+ errno = ENOMEM;
+ return -1;
+ }
+
+ int fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
+ if (fd < 0) {
+ errno = EIO;
+ return -1;
+ }
+
+ int result = send_request(fd, RTM_GETLINK) || read_response(fd, (struct ifaddrs_container**)ifap, __newlink_callback) ||
+ send_request(fd, RTM_GETADDR) || read_response(fd, (struct ifaddrs_container**)ifap, __newaddr_callback);
+
+ close(fd);
+
+ free(__netlink_data_);
+ __netlink_data_ = NULL;
+
+ if (result) {
+ freeifaddrs(*ifap);
+ *ifap = NULL;
+ return -1;
+ }
+
+ return 0;
+}
+
+void rep_freeifaddrs(struct ifaddrs *ifap) {
+ while (ifap != NULL) {
+ struct ifaddrs *cur = ifap;
+ ifap = ifap->ifa_next;
+ free(cur);
+ }
+}
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 99b18e8..d77fa18 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -948,6 +948,20 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[])
}
#endif
+#ifndef HAVE_SWAB
+void rep_swab(const void *from, void *to, ssize_t n) {
+ ssize_t i;
+ if (n <= 0)
+ return;
+
+ n >>= 1;
+ for (i = 0; i < n; ++i) {
+ uint16_t src = *((uint16_t*)from+i);
+ *((uint16_t*)to+i) = (((src & 0x00ffU) << 8) | ((src & 0xff00U) >> 8));
+ }
+}
+#endif /* HAVE_SWAB */
+
#ifndef HAVE_MEMSET_S
# ifndef RSIZE_MAX
# define RSIZE_MAX (SIZE_MAX >> 1)
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 3f6b138..1c24ddb 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -958,6 +958,11 @@ const char *rep_getprogname(void);
# endif /* HAVE_FALLTHROUGH_ATTRIBUTE */
#endif /* FALL_THROUGH */
+#ifndef HAVE_SWAB
+#define swab rep_swab
+void rep_swab(const void *from, void *to, ssize_t n);
+#endif
+
bool nss_wrapper_enabled(void);
bool nss_wrapper_hosts_enabled(void);
bool socket_wrapper_enabled(void);
diff --git a/lib/socket/interfaces.c b/lib/socket/interfaces.c
index ac26b97..f5698f6 100644
--- a/lib/socket/interfaces.c
+++ b/lib/socket/interfaces.c
@@ -126,6 +126,10 @@ void make_net(struct sockaddr_storage *pss_out,
}
#ifdef HAVE_ETHTOOL
+static inline uint32_t ethtool_cmd_speed(const struct ethtool_cmd *ecmd) {
+ return (ecmd->speed_hi << 16) | ecmd->speed;
+}
+
static void query_iface_speed_from_name(const char *name, uint64_t *speed)
{
int ret = 0;
diff --git a/lib/util/util_pw.c b/lib/util/util_pw.c
index 8035de4..5d70615 100644
--- a/lib/util/util_pw.c
+++ b/lib/util/util_pw.c
@@ -37,7 +37,6 @@ struct passwd *tcopy_passwd(TALLOC_CTX *mem_ctx,
len += strlen(from->pw_name)+1;
len += strlen(from->pw_passwd)+1;
- len += strlen(from->pw_gecos)+1;
len += strlen(from->pw_dir)+1;
len += strlen(from->pw_shell)+1;
@@ -51,7 +50,6 @@ struct passwd *tcopy_passwd(TALLOC_CTX *mem_ctx,
ret->pw_passwd = talloc_strdup(ret, from->pw_passwd);
ret->pw_uid = from->pw_uid;
ret->pw_gid = from->pw_gid;
- ret->pw_gecos = talloc_strdup(ret, from->pw_gecos);
ret->pw_dir = talloc_strdup(ret, from->pw_dir);
ret->pw_shell = talloc_strdup(ret, from->pw_shell);
diff --git a/librpc/ndr/util.c b/librpc/ndr/util.c
index 0eb7eba..c2a2470 100644
--- a/librpc/ndr/util.c
+++ b/librpc/ndr/util.c
@@ -20,8 +20,8 @@
*/
#include "includes.h"
-#include "../librpc/ndr/libndr.h"
#include "system/network.h"
+#include "../librpc/ndr/libndr.h"
#include "lib/util/util_net.h"
_PUBLIC_ void ndr_print_sockaddr_storage(struct ndr_print *ndr, const char *name, const struct sockaddr_storage *ss)
diff --git a/nsswitch/libwbclient/wbc_pwd.c b/nsswitch/libwbclient/wbc_pwd.c
index 805ab63..8484194 100644
--- a/nsswitch/libwbclient/wbc_pwd.c
+++ b/nsswitch/libwbclient/wbc_pwd.c
@@ -46,7 +46,6 @@ static void wbcPasswdDestructor(void *ptr)
struct passwd *pw = (struct passwd *)ptr;
free(pw->pw_name);
free(pw->pw_passwd);
- free(pw->pw_gecos);
free(pw->pw_shell);
free(pw->pw_dir);
}
@@ -68,10 +67,6 @@ static struct passwd *copy_passwd_entry(struct winbindd_pw *p)
if (pw->pw_passwd == NULL) {
goto fail;
}
- pw->pw_gecos = strdup(p->pw_gecos);
- if (pw->pw_gecos == NULL) {
- goto fail;
- }
pw->pw_shell = strdup(p->pw_shell);
if (pw->pw_shell == NULL) {
goto fail;
diff --git a/nsswitch/libwbclient/wbc_sid.c b/nsswitch/libwbclient/wbc_sid.c
index aab96cf..6fed2d9 100644
--- a/nsswitch/libwbclient/wbc_sid.c
+++ b/nsswitch/libwbclient/wbc_sid.c
@@ -1054,7 +1054,7 @@ wbcErr wbcCtxGetDisplayName(struct wbcContext *ctx,
wbcFreeMemory(name);
- name = wbcStrDup(pwd->pw_gecos);
+ name = wbcStrDup(pwd->pw_name);
wbcFreeMemory(pwd);
BAIL_ON_PTR_ERROR(name, wbc_status);
}
diff --git a/nsswitch/winbind_struct_protocol.h b/nsswitch/winbind_struct_protocol.h
index 4a5255c..11fcc4e 100644
--- a/nsswitch/winbind_struct_protocol.h
+++ b/nsswitch/winbind_struct_protocol.h
@@ -23,6 +23,10 @@ typedef char fstring[FSTRING_LEN];
#ifndef _WINBINDD_NTDOM_H
#define _WINBINDD_NTDOM_H
+#ifdef pw_gecos
+#undef pw_gecos
+#endif
+
#define WINBINDD_SOCKET_NAME "pipe" /* Name of PF_UNIX socket */
/* We let the build environment set the public winbindd socket
diff --git a/source3/lib/dumpcore.c b/source3/lib/dumpcore.c
index 0c91206..fa7908e 100644
--- a/source3/lib/dumpcore.c
+++ b/source3/lib/dumpcore.c
@@ -319,7 +319,7 @@ void dump_core_setup(const char *progname, const char *log_file)
}
}
- umask(~(0700));
+ umask(077);
dbgflush();
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
diff --git a/source3/lib/username.c b/source3/lib/username.c
index f69d9c3..3d44129 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -157,6 +157,8 @@ static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx,
done:
DEBUG(5,("Get_Pwnam_internals %s find user [%s]!\n",ret ?
"did":"didn't", user));
+ /* if(ret)
+ DEBUG(5,("Get struct passwd: [%s:%s:%ld:%ld:%s:%s:%s]\n", ret->pw_name ? ret->pw_name : "pw_name == NULL", ret->pw_passwd ? ret->pw_passwd : "pw_passwd == NULL", (long) ret->pw_uid, (long) ret->pw_gid, ret->pw_gecos ? ret->pw_gecos : "pw_gecos == NULL", ret->pw_dir ? ret->pw_dir : "pw_dir == NULL", ret->pw_shell ? ret->pw_shell : "pw_shell == NULL")); */
return ret;
}
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 8ed1baf..a66b646 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -115,6 +115,7 @@ static int count_commas(const char *str)
{
int num_commas = 0;
const char *comma = str;
+ if (!str) return 0;
while ((comma = strchr(comma, ',')) != NULL) {
comma += 1;
diff --git a/source4/lib/socket/socket.c b/source4/lib/socket/socket.c
index d7535bf..d54baa6 100644
--- a/source4/lib/socket/socket.c
+++ b/source4/lib/socket/socket.c
@@ -20,9 +20,9 @@
*/
#include "includes.h"
+#include "system/network.h"
#include "lib/socket/socket.h"
#include "system/filesys.h"
-#include "system/network.h"
#include "param/param.h"
#include "../lib/tsocket/tsocket.h"
#include "lib/util/util_net.h"
--
2.25.1

View File

@ -0,0 +1,280 @@
From 5131708f0337fc90b03dad4d180f571c973d07c6 Mon Sep 17 00:00:00 2001
From: Faheem Pervez <trippin1@gmail.com>
Date: Thu, 18 Jun 2020 11:51:38 +0000
Subject: [PATCH 6/6] add berserker.{c,h}
The idea of berserker.c is to define missing functions:
wrapping getpwnam etc. to return only a root entry,
giving any user added to Samba full access.
getpasswd_wrapper is from JimmyChingala:
https://forum.xda-developers.com/showpost.php?p=8239139&postcount=128
The original berserker.c can be found here,
from Berserker's port for SambaDroid:
https://github.com/berserker/android_samba
elliott10 updated it for Samba 4:
https://github.com/elliott10/samba-4.5.1
I've made the following changes:
* Use Termux values for root user
* _Naively_ (really - I know volatile won't help much) prevent
getpwent inf. loops
* Wrap getgrnam and getgrgid, thanks
https://blog.csdn.net/jk198310/article/details/15809341
* Add a couple o' more Android groups
---
source3/include/berserker.c | 148 ++++++++++++++++++++++++++++++++++++
source3/include/berserker.h | 51 +++++++++++++
source3/include/includes.h | 1 +
source3/wscript_build | 2 +
4 files changed, 202 insertions(+)
create mode 100644 source3/include/berserker.c
create mode 100644 source3/include/berserker.h
diff --git a/source3/include/berserker.c b/source3/include/berserker.c
new file mode 100644
index 0000000..ac75cb7
--- /dev/null
+++ b/source3/include/berserker.c
@@ -0,0 +1,147 @@
+#define BERSERKER_USE_ORIG
+#include "includes.h"
+
+#ifndef AID_ROOT
+#define AID_ROOT 0
+#define AID_MEDIA_RW 1023
+#define AID_EVERYBODY 9997
+#endif
+
+//int getpwnam_r(const char* __name, struct passwd* __pwd, char* __buf, size_t __n, struct passwd** __result);
+
+static volatile int getpwent_ok = 1;
+
+static struct group *group_wrapper(gid_t __gid)
+{
+ static char *rootmem[] = {
+ "root",
+ NULL
+ };
+ static struct group rootgr = {
+ "root",
+ "x" /* NULL */,
+ AID_ROOT,
+ rootmem
+ };
+ static char *everybodymem[] = {
+ "everybody",
+ NULL
+ };
+ static struct group everybodygr = {
+ "everybody",
+ "x" /* NULL */,
+ AID_EVERYBODY,
+ everybodymem
+ };
+ static char *mediarwmem[] = {
+ "media_rw",
+ NULL
+ };
+ static struct group mediarwgr = {
+ "media_rw",
+ "x" /* NULL */,
+ AID_MEDIA_RW,
+ mediarwmem
+ };
+
+ if (__gid == AID_EVERYBODY)
+ return &everybodygr;
+ if (__gid == AID_MEDIA_RW)
+ return &mediarwgr;
+ return &rootgr;
+}
+
+static struct passwd *getpasswd_wrapper()
+{
+#if 0 /* Inconsistencies abound... */
+ static struct passwd pwd;
+ static struct passwd *result = NULL;
+ static char *buf = NULL;
+
+ if (!result) {
+ size_t bufsize;
+ memset(&pwd, 0, sizeof(pwd));
+
+ bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (bufsize == -1)
+ bufsize = 16384;
+
+ buf = malloc(bufsize);
+ if (buf == NULL)
+ return NULL;
+
+ (void) getpwnam_r("root", &pwd, buf, bufsize, &result);
+ if (!result) {
+ free(buf);
+ return NULL;
+ }
+
+ if (!pwd.pw_passwd || pwd.pw_passwd[0] == '*')
+ pwd.pw_passwd = "x";
+ }
+
+ return result;
+#else
+ static struct passwd pw = {
+ .pw_name = "root",
+ .pw_passwd = "x",
+ .pw_uid = AID_ROOT,
+ .pw_gid = AID_ROOT,
+ .pw_dir = "@TERMUX_HOME@",
+ .pw_shell = "@TERMUX_PREFIX@/bin/login"
+ };
+ return &pw;
+#endif
+}
+
+/* getpwent restituisce il prossimo della lista */
+struct passwd *berserker_getpwnam(const char* __name)
+{
+ (void)__name;
+ return getpasswd_wrapper();
+}
+
+struct passwd *berserker_getpwuid(uid_t __uid)
+{
+ (void)__uid;
+ return getpasswd_wrapper();
+}
+
+/* setpwent resetta la lista per iterare su passwd */
+void berserker_setpwent()
+{
+ getpwent_ok = 1;
+}
+
+/* getpwent restituisce la prossima struttura passwd */
+struct passwd *berserker_getpwent()
+{
+ if (getpwent_ok) {
+ getpwent_ok = 0;
+ return getpasswd_wrapper();
+ }
+
+ return NULL;
+}
+
+/* termina il ciclo di iterazione su passwd */
+void berserker_endpwent()
+{
+ getpwent_ok = 1;
+}
+
+struct group *berserker_getgrnam(const char* __name)
+{
+ if (__name) {
+ if (!strcmp(__name, "everybody"))
+ return group_wrapper(AID_EVERYBODY);
+ if (!strcmp(__name, "media_rw"))
+ return group_wrapper(AID_MEDIA_RW);
+ }
+ return group_wrapper(AID_ROOT);
+}
+
+struct group *berserker_getgrgid(gid_t __gid)
+{
+ return group_wrapper(__gid);
+}
diff --git a/source3/include/berserker.h b/source3/include/berserker.h
new file mode 100644
index 0000000..7882380
--- /dev/null
+++ b/source3/include/berserker.h
@@ -0,0 +1,51 @@
+#ifndef __BERSERKER_H__
+#define __BERSERKER_H__
+
+#define _PWD_H_ /* disabilita l'inclusione del file pwd.h sotto android */
+#define _GRP_H_
+
+#include <unistd.h>
+#include <sys/types.h>
+
+struct passwd {
+ char* pw_name;
+ char* pw_passwd;
+ uid_t pw_uid;
+ gid_t pw_gid;
+#ifdef __LP64__
+ char* pw_gecos;
+#endif
+ char* pw_dir;
+ char* pw_shell;
+};
+
+struct group {
+ char* gr_name;
+ char* gr_passwd;
+ gid_t gr_gid;
+ char** gr_mem;
+};
+
+#ifndef BERSERKER_USE_ORIG
+#define getpwnam berserker_getpwnam
+struct passwd *berserker_getpwnam(const char* __name);
+#define getpwuid berserker_getpwuid
+struct passwd *berserker_getpwuid(uid_t __uid);
+#define setpwent berserker_setpwent
+void berserker_setpwent(void);
+#define getpwent berserker_getpwent
+struct passwd *berserker_getpwent(void);
+#define endpwent berserker_endpwent
+void berserker_endpwent(void);
+#define getgrnam berserker_getgrnam
+struct group *berserker_getgrnam(const char* __name);
+#define getgrgid berserker_getgrgid
+struct group *berserker_getgrgid(gid_t __gid);
+#endif
+
+/* fix per defines mancanti di utmp.ut_type */
+#ifndef DEAD_PROCESS
+#define DEAD_PROCESS 8
+#endif
+
+#endif
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 2dafc65..6937912 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -20,6 +20,7 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+#include "berserker.h"
#include "../replace/replace.h"
/* make sure we have included the correct config.h */
diff --git a/source3/wscript_build b/source3/wscript_build
index 10d9f71..bbe3665 100644
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -166,6 +166,7 @@ bld.SAMBA3_SUBSYSTEM('pdb',
lib/privileges.c
lib/util_nscd.c
lib/winbind_util.c
+ include/berserker.c
passdb/pdb_util.c
passdb/pdb_interface.c
passdb/pdb_secrets.c''',
@@ -392,6 +393,7 @@ bld.SAMBA3_SUBSYSTEM('samba3core',
../lib/util/debug_s3.c
lib/dumpcore.c
lib/interface.c
+ include/berserker.c
lib/username.c
lib/smbrun.c
lib/wins_srv.c
--
2.25.1

View File

@ -0,0 +1,14 @@
diff -uNr samba-4.12.5/lib/util/util_paths.c samba-4.12.5.mod/lib/util/util_paths.c
--- samba-4.12.5/lib/util/util_paths.c 2020-07-02 14:12:21.000000000 +0300
+++ samba-4.12.5.mod/lib/util/util_paths.c 2020-07-19 14:38:37.598039736 +0300
@@ -64,6 +64,10 @@
return get_dyn_SHLIBEXT();
}
+#ifndef NSS_BUFLEN_PASSWD
+#define NSS_BUFLEN_PASSWD 1024
+#endif
+
static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
{
struct passwd pwd = {0};

148
packages/samba/build.sh Normal file
View File

@ -0,0 +1,148 @@
TERMUX_PKG_HOMEPAGE=https://www.samba.org/
TERMUX_PKG_DESCRIPTION="SMB/CIFS fileserver"
TERMUX_PKG_LICENSE="GPL-3.0"
TERMUX_PKG_MAINTAINER="@termux"
TERMUX_PKG_VERSION=4.14.7
TERMUX_PKG_REVISION=1
TERMUX_PKG_SRCURL=https://download.samba.org/pub/samba/samba-${TERMUX_PKG_VERSION}.tar.gz
TERMUX_PKG_SHA256=6f50353f9602aa20245eb18ceb00e7e5ec793df0974aebd5254c38f16d8f1906
TERMUX_PKG_DEPENDS="libbsd, libcap, libcrypt, libgnutls, libiconv, libicu, libpopt, libtalloc, libtirpc, ncurses, openssl, readline, zlib"
TERMUX_PKG_BUILD_DEPENDS="e2fsprogs"
TERMUX_PKG_BUILD_IN_SRC=true
termux_step_configure() {
:
}
termux_step_make() {
:
}
termux_step_make_install() {
local _auth_modules='auth_server,auth_netlogond,auth_script'
local _pdb_modules='pdb_tdbsam,pdb_smbpasswd,pdb_wbc_sam'
local _vfs_modules='vfs_fake_perms,!vfs_recycle,!vfs_btrfs,!vfs_glusterfs_fuse'
_vfs_modules+=',!vfs_virusfilter,!vfs_linux_xfs_sgid,!vfs_shell_snap,!vfs_expand_msdfs,!vfs_snapper'
_vfs_modules+=',!vfs_default_quota,!vfs_audit,!vfs_extd_audit,!vfs_full_audit'
_vfs_modules+=',!vfs_worm,!vfs_time_audit,!vfs_media_harmony,!vfs_unityed_media,!vfs_shadow_copy,!vfs_shadow_copy2'
cd "$TERMUX_PKG_SRCDIR"
cat <<EOF > cross-answers.txt
Checking uname sysname type: "Linux"
Checking uname machine type: "$TERMUX_ARCH"
Checking uname release type: "dontcare"
Checking uname version type: "dontcare"
Checking simple C program: "hello world"
rpath library support: OK
-Wl,--version-script support: NO
Checking getconf LFS_CFLAGS: NO
Checking for large file support without additional flags: OK
Checking for -D_FILE_OFFSET_BITS=64: OK
Checking for -D_LARGE_FILES: OK
Checking correct behavior of strtoll: NO
Checking for working strptime: NO
Checking for C99 vsnprintf: OK
Checking for HAVE_SHARED_MMAP: OK
Checking for HAVE_MREMAP: OK
Checking for HAVE_INCOHERENT_MMAP: NO
Checking for HAVE_SECURE_MKSTEMP: OK
Checking value of NSIG: "65"
Checking value of _NSIG: "65"
Checking value of SIGRTMAX: "64"
Checking value of SIGRTMIN: "36"
Checking for a 64-bit host to support lmdb: OK
Checking value of GNUTLS_CIPHER_AES_128_CFB8: "29"
Checking value of GNUTLS_MAC_AES_CMAC_128: "203"
Checking errno of iconv for illegal multibyte sequence: OK
Checking for kernel change notify support: OK
Checking for Linux kernel oplocks: OK
Checking for kernel share modes: OK
Checking whether POSIX capabilities are available: OK
Checking if can we convert from CP850 to UCS-2LE: OK
Checking if can we convert from UTF-8 to UCS-2LE: OK
vfs_fileid checking for statfs() and struct statfs.f_fsid: OK
Checking whether we can use Linux thread-specific credentials: NO
Checking whether setreuid is available: NO
Checking whether setresuid is available: NO
Checking whether seteuid is available: NO
Checking whether setuidx is available: NO
Checking whether fcntl locking is available: OK
Checking whether fcntl lock supports open file description locks: OK
Checking whether fcntl supports flags to send direct I/O availability signals: OK
Checking whether fcntl supports setting/geting hints: NO
Checking for the maximum value of the 'time_t' type: NO
Checking whether the realpath function allows a NULL argument: OK
Checking for ftruncate extend: OK
getcwd takes a NULL argument: OK
EOF
USING_SYSTEM_ASN1_COMPILE=1 ASN1_COMPILE=/usr/bin/asn1_compile \
USING_SYSTEM_COMPILE_ET=1 COMPILE_ET=/usr/bin/compile_et \
CFLAGS="-D__ANDROID_API__=24 -D__USE_FILE_OFFSET64=1" \
./buildtools/bin/waf configure \
--jobs="$TERMUX_MAKE_PROCESSES" \
--bundled-libraries='!asn1_compile,!compile_et' \
--cross-compile \
--cross-answers=cross-answers.txt \
--enable-fhs \
--prefix="$TERMUX_PREFIX" \
--sysconfdir="$TERMUX_PREFIX/etc" \
--localstatedir="$TERMUX_PREFIX/var" \
--sbindir="$TERMUX_PREFIX/bin" \
--disable-avahi \
--disable-cephfs \
--disable-cups \
--disable-glusterfs \
--disable-iprint \
--disable-python \
--nopyc \
--nopyo \
--disable-rpath \
--disable-rpath-install \
--disable-spotlight \
--without-acl-support \
--without-ad-dc \
--without-ads \
--without-automount \
--without-dmapi \
--without-dnsupdate \
--without-fam \
--without-gettext \
--with-gpfs=/dev/null \
--without-gpgme \
--without-json \
--without-ldap \
--without-ldb-lmdb \
--without-libarchive \
--without-lttng \
--without-ntvfs-fileserver \
--without-pam \
--without-quotas \
--without-regedit \
--without-systemd \
--without-utmp \
--without-winbind \
--with-shared-modules="${_vfs_modules},${_pdb_modules},${_auth_modules}" \
--with-static-modules='!auth_winbind'
# --disable-fault-handling \
# --disable-rpath-private-install \
# --with-logfilebase="$TERMUX_PREFIX/tmp/log/samba" \
./buildtools/bin/waf install --jobs="$TERMUX_MAKE_PROCESSES"
mkdir -p "$TERMUX_PREFIX/share/doc/samba"
sed -e "s|@TERMUX_PREFIX@|${TERMUX_PREFIX}|g" \
"$TERMUX_PKG_BUILDER_DIR/smb.conf.example.in" \
> "$TERMUX_PREFIX/share/doc/samba/smb.conf.example"
}
termux_step_post_massage() {
# keep empty dirs which were deleted in massage
mkdir -p "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/lib/samba/bind-dns" "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/lib/samba/private"
for dir in cache lock log run; do
mkdir -p "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/$dir/samba"
done
# 755 - as opposed to 700 - because testparm throws up a warning otherwise
chmod 755 "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/lock/samba" "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/lib/samba" "$TERMUX_PKG_MASSAGEDIR/$TERMUX_PREFIX/var/cache/samba"
}

View File

@ -0,0 +1,12 @@
diff --git a/source4/heimdal_build/et_compile_wrapper.sh b/source4/heimdal_build/et_compile_wrapper.sh
index 939b434..84f8615 100755
--- a/source4/heimdal_build/et_compile_wrapper.sh
+++ b/source4/heimdal_build/et_compile_wrapper.sh
@@ -43,6 +43,7 @@ cd "${DESTDIR}" && {
mv "${SOURCE}" "${TMP}" && {
echo "#include \"config.h\"" > "${SOURCE}" && {
cat "${TMP}" >> "${SOURCE}"
+ sed -i 's/link/link_et/g' "${SOURCE}" || :
}
}
rm -f "${TMP}"

View File

@ -0,0 +1,118 @@
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index ae89f87..6b4eb7a 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -180,7 +180,7 @@ static bool wbinfo_get_userinfo(char *user)
pwd->pw_passwd,
(unsigned int)pwd->pw_uid,
(unsigned int)pwd->pw_gid,
- pwd->pw_gecos,
+ pwd->pw_name,
pwd->pw_dir,
pwd->pw_shell);
@@ -207,7 +207,7 @@ static bool wbinfo_get_uidinfo(int uid)
pwd->pw_passwd,
(unsigned int)pwd->pw_uid,
(unsigned int)pwd->pw_gid,
- pwd->pw_gecos,
+ pwd->pw_name,
pwd->pw_dir,
pwd->pw_shell);
@@ -235,7 +235,7 @@ static bool wbinfo_get_user_sidinfo(const char *sid_str)
pwd->pw_passwd,
(unsigned int)pwd->pw_uid,
(unsigned int)pwd->pw_gid,
- pwd->pw_gecos,
+ pwd->pw_name,
pwd->pw_dir,
pwd->pw_shell);
diff --git a/nsswitch/winbind_nss_linux.c b/nsswitch/winbind_nss_linux.c
index 635813c..0c69bb9 100644
--- a/nsswitch/winbind_nss_linux.c
+++ b/nsswitch/winbind_nss_linux.c
@@ -201,19 +201,6 @@ static NSS_STATUS fill_pwent(struct passwd *result,
result->pw_uid = pw->pw_uid;
result->pw_gid = pw->pw_gid;
- /* GECOS */
- len = strlen(pw->pw_gecos) + 1;
-
- if ((result->pw_gecos =
- get_static(buffer, buflen, len)) == NULL) {
-
- /* Out of memory */
-
- return NSS_STATUS_TRYAGAIN;
- }
-
- memcpy(result->pw_gecos, pw->pw_gecos, len);
-
/* Home directory */
len = strlen(pw->pw_dir) + 1;
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index a66b646..15c1251 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -148,21 +148,10 @@ static NTSTATUS samu_set_unix_internal(struct pdb_methods *methods,
fullname = NULL;
- if (count_commas(pwd->pw_gecos) == 3) {
- /*
- * Heuristic: This seems to be a gecos field that has been
- * edited by chfn(1). Only use the part before the first
- * comma. Fixes bug 5198.
- */
- fullname = talloc_strndup(
- talloc_tos(), pwd->pw_gecos,
- strchr(pwd->pw_gecos, ',') - pwd->pw_gecos);
- }
-
if (fullname != NULL) {
pdb_set_fullname(user, fullname, PDB_SET);
} else {
- pdb_set_fullname(user, pwd->pw_gecos, PDB_SET);
+ pdb_set_fullname(user, pwd->pw_name, PDB_SET);
}
TALLOC_FREE(fullname);
diff --git a/source3/winbindd/wb_getpwsid.c b/source3/winbindd/wb_getpwsid.c
index 8dc09eb..52d1ecc 100644
--- a/source3/winbindd/wb_getpwsid.c
+++ b/source3/winbindd/wb_getpwsid.c
@@ -116,9 +116,6 @@ static void wb_getpwsid_queryuser_done(struct tevent_req *subreq)
strlcpy(pw->pw_name, output_username, sizeof(pw->pw_name));
- strlcpy(pw->pw_gecos, info->full_name ? info->full_name : "",
- sizeof(pw->pw_gecos));
-
tmp = talloc_sub_specified(
state, info->homedir, acct_name,
info->primary_group_name, info->domain_name,
diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c
index 67cd5f3..bf1bc6d 100644
--- a/source4/auth/ntlm/auth_unix.c
+++ b/source4/auth/ntlm/auth_unix.c
@@ -83,7 +83,7 @@ static NTSTATUS authunix_make_user_info_dc(TALLOC_CTX *mem_ctx,
user_info_dc->user_session_key = data_blob(NULL,0);
user_info_dc->lm_session_key = data_blob(NULL,0);
- info->full_name = talloc_steal(info, pwd->pw_gecos);
+ info->full_name = talloc_strdup(info, pwd->pw_name); /* XXX: I _think_ talloc_steal here for pw_name would be wrong */
NT_STATUS_HAVE_NO_MEMORY(info->full_name);
info->logon_script = talloc_strdup(info, "");
NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
@@ -132,8 +132,6 @@ static NTSTATUS talloc_getpwnam(TALLOC_CTX *ctx, const char *username, struct pa
ret->pw_uid = from->pw_uid;
ret->pw_gid = from->pw_gid;
- ret->pw_gecos = talloc_strdup(ctx, from->pw_gecos);
- NT_STATUS_HAVE_NO_MEMORY(ret->pw_gecos);
ret->pw_dir = talloc_strdup(ctx, from->pw_dir);
NT_STATUS_HAVE_NO_MEMORY(ret->pw_dir);

View File

@ -0,0 +1,40 @@
--- a/wscript_configure_embedded_heimdal 2019-12-17
+++ b/wscript_configure_embedded_heimdal 2019-12-17
@@ -1 +1,12 @@
conf.RECURSE('source4/heimdal_build')
+
+def check_system_heimdal_binary(name):
+ if conf.LIB_MAY_BE_BUNDLED(name):
+ return False
+ if not conf.find_program(name, var=name.upper()):
+ return False
+ conf.define('USING_SYSTEM_%s' % name.upper(), 1)
+ return True
+
+check_system_heimdal_binary("compile_et")
+check_system_heimdal_binary("asn1_compile")
--- a/wscript_configure_system_heimdal 2019-12-17
+++ b/wscript_configure_system_heimdal 2019-12-17
@@ -37,14 +37,6 @@ def check_system_heimdal_lib(name, funct
conf.define('USING_SYSTEM_%s' % name.upper(), 1)
return True
-def check_system_heimdal_binary(name):
- if conf.LIB_MAY_BE_BUNDLED(name):
- return False
- if not conf.find_program(name, var=name.upper()):
- return False
- conf.define('USING_SYSTEM_%s' % name.upper(), 1)
- return True
-
check_system_heimdal_lib("com_err", "com_right_r com_err", "com_err.h")
if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"):
@@ -96,7 +88,4 @@ finally:
#if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'):
# conf.define('USING_SYSTEM_TOMMATH', 1)
-check_system_heimdal_binary("compile_et")
-check_system_heimdal_binary("asn1_compile")
-
conf.define('USING_SYSTEM_KRB5', 1)

View File

@ -0,0 +1,134 @@
# vim: filetype=samba
[global]
; these are very recommended to have, even if maybe superfluous
workgroup = WORKGROUP
unix password sync = no
pam password change = no
obey pam restrictions = no
passwd program = @TERMUX_PREFIX@/bin/true
add user script = @TERMUX_PREFIX@/bin/true
add group script = @TERMUX_PREFIX@/bin/true
add user to group script = @TERMUX_PREFIX@/bin/true
add machine script = @TERMUX_PREFIX@/bin/true
delete user script = @TERMUX_PREFIX@/bin/true
delete user from group script = @TERMUX_PREFIX@/bin/true
delete group script = @TERMUX_PREFIX@/bin/true
rename user script = @TERMUX_PREFIX@/bin/true
name resolve order = lmhosts host bcast
bind interfaces only = yes
interfaces = 127.0.0.0/8 wlan0
;hosts allow = 192.168.1.5 127.
server string = Samba on Termux
security = user
server role = standalone
delete readonly = yes
inherit permissions = yes
; Make smbd do less and announce nothing
; for automatic discovery, you may need to remove some of these
local master = no
preferred master = no
lm announce = no
multicast dns register = no
host msdfs = no
dns proxy = no
allow dns updates = disabled
dns update command = @TERMUX_PREFIX@/bin/false
server services = smb
dcerpc endpoint servers = rpcecho
; if you disable NetBIOS, which enables automatic discovery, 1139 can be removed from smb ports
;disable netbios = yes
; remember: ports < 1024 cannot be bound to by non-root processes
; Windows can only see SMB servers on port 445, so if your phone is rooted
; use iptables to redirect requests for port
; 445 to, say, 4445 (capabilities may work instead. no clue)
smb ports = 1139 4445
max connections = 6
max smbd processes = 8
deadtime = 15
; disable guest access
map to guest = Never
restrict anonymous = 2
; basic attempt at performance tuning for my phone
; change as necessary for your device
;aio read size = 16384
aio write size = 0
use sendfile = yes
min receivefile size = 16384
socket options = TCP_NODELAY SO_KEEPALIVE
oplocks = yes
level2 oplocks = yes
kernel oplocks = no
strict locking = no
max stat cache size = 1024
; turn off things that cannot be set on sdcardfs and vfat filesystems
nt acl support = no
unix extensions = no
ea support = no
store dos attributes = no
map archive = no
map hidden = no
map readonly = no
map system = no
;log file = @TERMUX_PREFIX@/var/log/samba/log.%m
;log level = 0
max log size = 50
;logging = syslog
;syslog only = yes
;syslog = 0
enable core files = no
; disable printing support as much as possible
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
show add printer wizard = no
max print jobs = 0
lpq command = @TERMUX_PREFIX@/bin/false
lprm command = @TERMUX_PREFIX@/bin/false
print command = @TERMUX_PREFIX@/bin/false
#============================ Share Definitions ==============================
; remember to run termux-setup-storage first
[internal]
comment = Internal storage
path = @TERMUX_HOME@/storage/shared
vfs objects = aio_pthread
aio_pthread:aio open = yes
read only = no
browseable = no
writable = yes
guest ok = no
; these are commented because it seems they're assumed on Android anyway
; force user = root
; force group = everybody
; create mask = 0660
; force create mode = 0660
; directory mask = 0770
; force directory mode = 0770
; vfs objects = fake_perms
; replace /storage/ext_sd with the path to your external card in /storage
; because of the way Android works, you cannot have write access
; to external storage unless you're running a custom ROM or have
; the Magisk module that enables it installed
;[external]
; comment = microSD
; path = /storage/ext_sd
; vfs objects = aio_pthread
; aio_pthread:aio open = yes
; read only = yes
; browseable = no
; writable = yes
; guest ok = no
; fstype = FAT
;; force group = media_rw
;; create mask = 0770
;; force create mode = 0770