ports/opt (3.1): [notify] samba: updated 4.1.17 -> 4.2.1

1 May 2015

commit 6dccc13e3629ba16fc893bb346e66a686466054a
Author: Alan Mizrahi <alan+crux@mizrahi.com.ve>
Date:   Fri May 1 18:10:36 2015 +0900

    [notify] samba: updated 4.1.17 -> 4.2.1
    
    New dependencies added: nss_wrapper, socket_wrapper and uid_wrapper
    
    Added patches to fix building with gnutls >= 3.4.0 and krb5

diff --git a/samba/.md5sum b/samba/.md5sum
index fb0685c..b0ddc31 100644
--- a/samba/.md5sum
+++ b/samba/.md5sum
@@ -1,5 +1,7 @@
 e19e48b72077085b3e91b40382ccf4fa  nmbd.rc
-8fed0f23a672e6a8d0716d96aca88671  samba-4.1.17.tar.gz
+1a33242498a7494e2b8128b27eece764  samba-4.2.1-krb5.patch
+614b4c7b9bbc70cff4cb56956f565741  samba-4.2.1.tar.gz
 84266d28273c12045e18ea34c504c296  samba.rc
 14f80643ec7508794f5dfc5598daa667  smbd.rc
+c3ee08e140a10ba919833cb120fa8c5f  v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
 3449060f819db4be400399ca5d0708f5  winbindd.rc
diff --git a/samba/Pkgfile b/samba/Pkgfile
index 36c14b9..c0e4885 100644
--- a/samba/Pkgfile
+++ b/samba/Pkgfile
@@ -2,14 +2,16 @@
 # URL:		http://www.samba.org
 # Maintainer:	Alan Mizrahi, alan at mizrahi dot com dot ve
 # Packager:	Juergen Daubert, jue at crux dot nu
-# Depends on:	iniparser krb5 ldb libaio libcap ntdb p5-parse-yapp py-subunit subunit
+# Depends on:	iniparser krb5 ldb libaio libcap ntdb p5-parse-yapp py-subunit subunit nss_wrapper socket_wrapper uid_wrapper
 # Optional:	cups
 
 name=samba
-version=4.1.17
-release=3
+version=4.2.1
+release=4
 source=(
 http://www.samba.org/samba/ftp/stable/$name-$version.tar.gz
+v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
+samba-4.2.1-krb5.patch
 samba.rc
 nmbd.rc
 smbd.rc
@@ -19,6 +21,14 @@ winbindd.rc
 build () {
 	cd $name-$version
 
+	# fix for configuring with krb5 installed
+	# https://bugzilla.samba.org/show_bug.cgi?id=11165
+	patch -p1 -i $SRC/samba-4.2.1-krb5.patch
+
+	# fix for gnutls-3.4.0 removal of gnutls_certificate_type_set_priority()
+	# https://bugzilla.samba.org/show_bug.cgi?id=8780
+	patch -p1 -i $SRC/v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
+
 	# we should define vendorlib in our perl port
 	sed -ri 's/(vendor)(arch|lib|prefix)/site\2/' buildtools/wafsamba/samba_perl.py 
 
diff --git a/samba/samba-4.2.1-krb5.patch b/samba/samba-4.2.1-krb5.patch
new file mode 100644
index 0000000..87a9568
--- /dev/null
+++ b/samba/samba-4.2.1-krb5.patch
@@ -0,0 +1,11 @@
+diff -ru samba-4.2.1.orig/buildtools/wafsamba/samba_conftests.py samba-4.2.1/buildtools/wafsamba/samba_conftests.py
+--- samba-4.2.1.orig/buildtools/wafsamba/samba_conftests.py	2015-05-01 17:25:29.102280927 +0900
++++ samba-4.2.1/buildtools/wafsamba/samba_conftests.py	2015-05-01 17:25:52.541281486 +0900
+@@ -565,7 +565,6 @@
+         # bugs in the real parse_flags() function.
+         #
+         if x == '-Wl,-rpath' or x == '-Wl,-R':
+-            linkflags.remove(x)
+             x = lst1.pop(0)
+             if x.startswith('-Wl,'):
+                 rpath = x[4:]
diff --git a/samba/v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch b/samba/v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
new file mode 100644
index 0000000..f61e0a9
--- /dev/null
+++ b/samba/v2-0001-s4-lib-tls-use-gnutls_priority_set_direct.patch
@@ -0,0 +1,60 @@
+From 17f386f2a9462efe4d4cbf58e55d164923e11af5 Mon Sep 17 00:00:00 2001
+From: Evangelos Foutras <evangelos@foutrelis.com>
+Date: Mon, 13 Apr 2015 23:11:14 +0300
+Subject: [PATCH v2] s4:lib/tls: use gnutls_priority_set_direct()
+
+gnutls_certificate_type_set_priority() was removed in GnuTLS 3.4.0.
+---
+ source4/lib/tls/tls.c         | 3 +--
+ source4/lib/tls/tls_tstream.c | 7 +------
+ 2 files changed, 2 insertions(+), 8 deletions(-)
+
+diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c
+index b9182ad..2fe4ff7 100644
+--- a/source4/lib/tls/tls.c
++++ b/source4/lib/tls/tls.c
+@@ -572,7 +572,6 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ {
+ 	struct tls_context *tls;
+ 	int ret = 0;
+-	const int cert_type_priority[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
+ 	struct socket_context *new_sock;
+ 	NTSTATUS nt_status;
+ 
+@@ -598,7 +597,7 @@ struct socket_context *tls_init_client(struct socket_context *socket_ctx,
+ 	gnutls_certificate_set_x509_trust_file(tls->xcred, ca_path, GNUTLS_X509_FMT_PEM);
+ 	TLSCHECK(gnutls_init(&tls->session, GNUTLS_CLIENT));
+ 	TLSCHECK(gnutls_set_default_priority(tls->session));
+-	gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
++	gnutls_priority_set_direct(tls->session, "NORMAL:+CTYPE-OPENPGP", NULL);
+ 	TLSCHECK(gnutls_credentials_set(tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred));
+ 
+ 	talloc_set_destructor(tls, tls_destructor);
+diff --git a/source4/lib/tls/tls_tstream.c b/source4/lib/tls/tls_tstream.c
+index f19f5c5..5b2329b 100644
+--- a/source4/lib/tls/tls_tstream.c
++++ b/source4/lib/tls/tls_tstream.c
+@@ -967,11 +967,6 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ #if ENABLE_GNUTLS
+ 	struct tstream_tls *tlss;
+ 	int ret;
+-	static const int cert_type_priority[] = {
+-		GNUTLS_CRT_X509,
+-		GNUTLS_CRT_OPENPGP,
+-		0
+-	};
+ #endif /* ENABLE_GNUTLS */
+ 
+ 	req = tevent_req_create(mem_ctx, &state,
+@@ -1014,7 +1009,7 @@ struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ 		return tevent_req_post(req, ev);
+ 	}
+ 
+-	gnutls_certificate_type_set_priority(tlss->tls_session, cert_type_priority);
++	gnutls_priority_set_direct(tlss->tls_session, "NORMAL:+CTYPE-OPENPGP", NULL);
+ 
+ 	ret = gnutls_credentials_set(tlss->tls_session,
+ 				     GNUTLS_CRD_CERTIFICATE,
+-- 
+2.3.5
+

    

crux＠crux.nu

tags

participants (1)