1 files changed, 0 insertions, 266 deletions
diff --git a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch b/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch
deleted file mode 100644
index daa283e67..000000000
--- a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch
+++ /dev/null
@@ -1,266 +0,0 @@
-From 168627e1877317db86471a4b0360dccd9f469aaa Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
-Date: Mon, 13 Jan 2014 15:59:26 +0100
-Subject: [PATCH 1/2] s3-kerberos: remove print_kdc_line() completely.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Just calling print_canonical_sockaddr() is sufficient, as it already deals with
-ipv6 as well. The port handling, which was only done for IPv6 (not IPv4), is
-removed as well. It was pointless because it always derived the port number from
-the provided address which was either a SMB (usually port 445) or LDAP
-connection. No KDC will ever run on port 389 or 445 on a Windows/Samba DC.
-Finally, the kerberos libraries that we support and build with, can deal with
-ipv6 addresses in krb5.conf, so we no longer put the (unnecessary) burden of
-resolving the DC name on the kerberos library anymore.
-Guenther
-Signed-off-by: Günther Deschner <gd@samba.org>
-Reviewed-by: Andreas Schneider <asn@samba.org>
---
- source3/libads/kerberos.c | 73 ++++-------------------------------------------
- 1 file changed, 5 insertions(+), 68 deletions(-)
-diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
-index b026e09..ea14350 100644
--- a/source3/libads/kerberos.c
-+++ b/source3/libads/kerberos.c
-@@ -592,70 +592,6 @@ int kerberos_kinit_password(const char *principal,
- /************************************************************************
- ************************************************************************/
- 
-static char *print_kdc_line(char *mem_ctx,
-                       const char *prev_line,
-                       const struct sockaddr_storage *pss,
-                       const char *kdc_name)
-{
-       char addr[INET6_ADDRSTRLEN];
-       uint16_t port = get_sockaddr_port(pss);
-
-       if (pss->ss_family == AF_INET) {
-               return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
-                                      prev_line,
-                                      print_canonical_sockaddr(mem_ctx, pss));
-       }
-
-       /*
-        * IPv6 starts here
-        */
-
-       DEBUG(10, ("print_kdc_line: IPv6 case for kdc_name: %s, port: %d\n",
-                  kdc_name, port));
-
-       if (port != 0 && port != DEFAULT_KRB5_PORT) {
-               /* Currently for IPv6 we can't specify a non-default
-                  krb5 port with an address, as this requires a ':'.
-                  Resolve to a name. */
-               char hostname[MAX_DNS_NAME_LENGTH];
-               int ret = sys_getnameinfo((const struct sockaddr *)pss,
-                                         sizeof(*pss),
-                                         hostname, sizeof(hostname),
-                                         NULL, 0,
-                                         NI_NAMEREQD);
-               if (ret) {
-                       DEBUG(0,("print_kdc_line: can't resolve name "
-                                "for kdc with non-default port %s. "
-                                "Error %s\n.",
-                                print_canonical_sockaddr(mem_ctx, pss),
-                                gai_strerror(ret)));
-                       return NULL;
-               }
-               /* Success, use host:port */
-               return talloc_asprintf(mem_ctx,
-                                      "%s\tkdc = %s:%u\n",
-                                      prev_line,
-                                      hostname,
-                                      (unsigned int)port);
-       }
-
-       /* no krb5 lib currently supports "kdc = ipv6 address"
-        * at all, so just fill in just the kdc_name if we have
-        * it and let the krb5 lib figure out the appropriate
-        * ipv6 address - gd */
-
-       if (kdc_name) {
-               return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
-                                      prev_line, kdc_name);
-       }
-
-       return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
-                              prev_line,
-                              print_sockaddr(addr,
-                                             sizeof(addr),
-                                             pss));
-}
-
- /************************************************************************
-  Create a string list of available kdc's, possibly searching by sitename.
-  Does DNS queries.
-@@ -698,7 +634,8 @@ static char *get_kdc_ip_string(char *mem_ctx,
-        char *result = NULL;
-        struct netlogon_samlogon_response **responses = NULL;
-        NTSTATUS status;
-       char *kdc_str = print_kdc_line(mem_ctx, "", pss, kdc_name);
-+       char *kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", "",
-+                                       print_canonical_sockaddr(mem_ctx, pss));
- 
-        if (kdc_str == NULL) {
-                TALLOC_FREE(frame);
-@@ -788,9 +725,9 @@ static char *get_kdc_ip_string(char *mem_ctx,
-                }
- 
-                /* Append to the string - inefficient but not done often. */
-               new_kdc_str = print_kdc_line(mem_ctx, kdc_str,
-                                            &dc_addrs[i],
-                                            kdc_name);
-+               new_kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
-+                                             kdc_str,
-+                                             print_canonical_sockaddr(mem_ctx, &dc_addrs[i]));
-                if (new_kdc_str == NULL) {
-                        goto fail;
-                }
-- 
-1.8.5.3
-From 3edb3d4084548960f03356cf4c44a6892e6efb84 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
-Date: Fri, 7 Mar 2014 14:47:31 +0100
-Subject: [PATCH 2/2] s3-kerberos: remove unused kdc_name from
- create_local_private_krb5_conf_for_domain().
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Guenther
-Signed-off-by: Günther Deschner <gd@samba.org>
-Reviewed-by: Andreas Schneider <asn@samba.org>
---
- source3/libads/kerberos.c       | 10 ++++------
- source3/libads/kerberos_proto.h |  3 +--
- source3/libnet/libnet_join.c    |  3 +--
- source3/libsmb/namequery_dc.c   |  6 ++----
- source3/winbindd/winbindd_cm.c  |  6 ++----
- 5 files changed, 10 insertions(+), 18 deletions(-)
-diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
-index ea14350..649e568 100644
--- a/source3/libads/kerberos.c
-+++ b/source3/libads/kerberos.c
-@@ -618,8 +618,7 @@ static void add_sockaddr_unique(struct sockaddr_storage *addrs, int *num_addrs,
- static char *get_kdc_ip_string(char *mem_ctx,
-                const char *realm,
-                const char *sitename,
-               const struct sockaddr_storage *pss,
-               const char *kdc_name)
-+               const struct sockaddr_storage *pss)
- {
-        TALLOC_CTX *frame = talloc_stackframe();
-        int i;
-@@ -756,8 +755,7 @@ fail:
- bool create_local_private_krb5_conf_for_domain(const char *realm,
-                                                const char *domain,
-                                                const char *sitename,
-                                               const struct sockaddr_storage *pss,
-                                               const char *kdc_name)
-+                                               const struct sockaddr_storage *pss)
- {
-        char *dname;
-        char *tmpname = NULL;
-@@ -782,7 +780,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
-                return false;
-        }
- 
-       if (domain == NULL || pss == NULL || kdc_name == NULL) {
-+       if (domain == NULL || pss == NULL) {
-                return false;
-        }
- 
-@@ -815,7 +813,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
-                goto done;
-        }
- 
-       kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss, kdc_name);
-+       kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss);
-        if (!kdc_ip_string) {
-                goto done;
-        }
-diff --git a/source3/libads/kerberos_proto.h b/source3/libads/kerberos_proto.h
-index f7470d2..2559634 100644
--- a/source3/libads/kerberos_proto.h
-+++ b/source3/libads/kerberos_proto.h
-@@ -62,8 +62,7 @@ int kerberos_kinit_password(const char *principal,
- bool create_local_private_krb5_conf_for_domain(const char *realm,
-                                                const char *domain,
-                                                const char *sitename,
-                                               const struct sockaddr_storage *pss,
-                                               const char *kdc_name);
-+                                               const struct sockaddr_storage *pss);
- 
- /* The following definitions come from libads/authdata.c  */
- 
-diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
-index a87eb38..68884cd 100644
--- a/source3/libnet/libnet_join.c
-+++ b/source3/libnet/libnet_join.c
-@@ -2152,8 +2152,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
- 
-        create_local_private_krb5_conf_for_domain(
-                r->out.dns_domain_name, r->out.netbios_domain_name,
-               NULL, smbXcli_conn_remote_sockaddr(cli->conn),
-               smbXcli_conn_remote_name(cli->conn));
-+               NULL, smbXcli_conn_remote_sockaddr(cli->conn));
- 
-        if (r->out.domain_is_ad && r->in.account_ou &&
-            !(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_UNSECURE)) {
-diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
-index 3cfae79..eb34741 100644
--- a/source3/libsmb/namequery_dc.c
-+++ b/source3/libsmb/namequery_dc.c
-@@ -112,14 +112,12 @@ static bool ads_dc_name(const char *domain,
-                                create_local_private_krb5_conf_for_domain(realm,
-                                                                        domain,
-                                                                        sitename,
-                                                                       &ads->ldap.ss,
-                                                                       ads->config.ldap_server_name);
-+                                                                       &ads->ldap.ss);
-                        } else {
-                                create_local_private_krb5_conf_for_domain(realm,
-                                                                        domain,
-                                                                        NULL,
-                                                                       &ads->ldap.ss,
-                                                                       ads->config.ldap_server_name);
-+                                                                       &ads->ldap.ss);
-                        }
-                }
- #endif
-diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
-index 669a43e..be13a57 100644
--- a/source3/winbindd/winbindd_cm.c
-+++ b/source3/winbindd/winbindd_cm.c
-@@ -1233,8 +1233,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
-                                        create_local_private_krb5_conf_for_domain(domain->alt_name,
-                                                                        domain->name,
-                                                                        sitename,
-                                                                       pss,
-                                                                       *name);
-+                                                                       pss);
- 
-                                        SAFE_FREE(sitename);
-                                } else {
-@@ -1242,8 +1241,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
-                                        create_local_private_krb5_conf_for_domain(domain->alt_name,
-                                                                        domain->name,
-                                                                        NULL,
-                                                                       pss,
-                                                                       *name);
-+                                                                       pss);
-                                }
-                                winbindd_set_locator_kdc_envs(domain);
- 
-- 
-1.8.5.3

diff --git a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch b/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch deleted file mode 100644 index daa283e67..000000000 --- a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch +++ /dev/null
@@ -1,266 +0,0 @@
1	From 168627e1877317db86471a4b0360dccd9f469aaa Mon Sep 17 00:00:00 2001
2	From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
3	Date: Mon, 13 Jan 2014 15:59:26 +0100
4	Subject: [PATCH 1/2] s3-kerberos: remove print_kdc_line() completely.
5	MIME-Version: 1.0
6	Content-Type: text/plain; charset=UTF-8
7	Content-Transfer-Encoding: 8bit
8
9	Just calling print_canonical_sockaddr() is sufficient, as it already deals with
10	ipv6 as well. The port handling, which was only done for IPv6 (not IPv4), is
11	removed as well. It was pointless because it always derived the port number from
12	the provided address which was either a SMB (usually port 445) or LDAP
13	connection. No KDC will ever run on port 389 or 445 on a Windows/Samba DC.
14	Finally, the kerberos libraries that we support and build with, can deal with
15	ipv6 addresses in krb5.conf, so we no longer put the (unnecessary) burden of
16	resolving the DC name on the kerberos library anymore.
17
18	Guenther
19
20	Signed-off-by: Günther Deschner <gd@samba.org>
21	Reviewed-by: Andreas Schneider <asn@samba.org>
22	---
23	source3/libads/kerberos.c \| 73 ++++-------------------------------------------
24	1 file changed, 5 insertions(+), 68 deletions(-)
25
26	diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
27	index b026e09..ea14350 100644
28	--- a/source3/libads/kerberos.c
29	+++ b/source3/libads/kerberos.c
30	@@ -592,70 +592,6 @@ int kerberos_kinit_password(const char *principal,
31	/************************************************************************
32	************************************************************************/
33
34	-static char print_kdc_line(char mem_ctx,
35	- const char *prev_line,
36	- const struct sockaddr_storage *pss,
37	- const char *kdc_name)
38	-{
39	- char addr[INET6_ADDRSTRLEN];
40	- uint16_t port = get_sockaddr_port(pss);
41	-
42	- if (pss->ss_family == AF_INET) {
43	- return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
44	- prev_line,
45	- print_canonical_sockaddr(mem_ctx, pss));
46	- }
47	-
48	- /*
49	- * IPv6 starts here
50	- */
51	-
52	- DEBUG(10, ("print_kdc_line: IPv6 case for kdc_name: %s, port: %d\n",
53	- kdc_name, port));
54	-
55	- if (port != 0 && port != DEFAULT_KRB5_PORT) {
56	- /* Currently for IPv6 we can't specify a non-default
57	- krb5 port with an address, as this requires a ':'.
58	- Resolve to a name. */
59	- char hostname[MAX_DNS_NAME_LENGTH];
60	- int ret = sys_getnameinfo((const struct sockaddr *)pss,
61	- sizeof(*pss),
62	- hostname, sizeof(hostname),
63	- NULL, 0,
64	- NI_NAMEREQD);
65	- if (ret) {
66	- DEBUG(0,("print_kdc_line: can't resolve name "
67	- "for kdc with non-default port %s. "
68	- "Error %s\n.",
69	- print_canonical_sockaddr(mem_ctx, pss),
70	- gai_strerror(ret)));
71	- return NULL;
72	- }
73	- /* Success, use host:port */
74	- return talloc_asprintf(mem_ctx,
75	- "%s\tkdc = %s:%u\n",
76	- prev_line,
77	- hostname,
78	- (unsigned int)port);
79	- }
80	-
81	- /* no krb5 lib currently supports "kdc = ipv6 address"
82	- * at all, so just fill in just the kdc_name if we have
83	- * it and let the krb5 lib figure out the appropriate
84	- * ipv6 address - gd */
85	-
86	- if (kdc_name) {
87	- return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
88	- prev_line, kdc_name);
89	- }
90	-
91	- return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
92	- prev_line,
93	- print_sockaddr(addr,
94	- sizeof(addr),
95	- pss));
96	-}
97	-
98	/************************************************************************
99	Create a string list of available kdc's, possibly searching by sitename.
100	Does DNS queries.
101	@@ -698,7 +634,8 @@ static char get_kdc_ip_string(char mem_ctx,
102	char *result = NULL;
103	struct netlogon_samlogon_response **responses = NULL;
104	NTSTATUS status;
105	- char *kdc_str = print_kdc_line(mem_ctx, "", pss, kdc_name);
106	+ char *kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", "",
107	+ print_canonical_sockaddr(mem_ctx, pss));
108
109	if (kdc_str == NULL) {
110	TALLOC_FREE(frame);
111	@@ -788,9 +725,9 @@ static char get_kdc_ip_string(char mem_ctx,
112	}
113
114	/* Append to the string - inefficient but not done often. */
115	- new_kdc_str = print_kdc_line(mem_ctx, kdc_str,
116	- &dc_addrs[i],
117	- kdc_name);
118	+ new_kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
119	+ kdc_str,
120	+ print_canonical_sockaddr(mem_ctx, &dc_addrs[i]));
121	if (new_kdc_str == NULL) {
122	goto fail;
123	}
124	--
125	1.8.5.3
126
127
128	From 3edb3d4084548960f03356cf4c44a6892e6efb84 Mon Sep 17 00:00:00 2001
129	From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
130	Date: Fri, 7 Mar 2014 14:47:31 +0100
131	Subject: [PATCH 2/2] s3-kerberos: remove unused kdc_name from
132	create_local_private_krb5_conf_for_domain().
133	MIME-Version: 1.0
134	Content-Type: text/plain; charset=UTF-8
135	Content-Transfer-Encoding: 8bit
136
137	Guenther
138
139	Signed-off-by: Günther Deschner <gd@samba.org>
140	Reviewed-by: Andreas Schneider <asn@samba.org>
141	---
142	source3/libads/kerberos.c \| 10 ++++------
143	source3/libads/kerberos_proto.h \| 3 +--
144	source3/libnet/libnet_join.c \| 3 +--
145	source3/libsmb/namequery_dc.c \| 6 ++----
146	source3/winbindd/winbindd_cm.c \| 6 ++----
147	5 files changed, 10 insertions(+), 18 deletions(-)
148
149	diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
150	index ea14350..649e568 100644
151	--- a/source3/libads/kerberos.c
152	+++ b/source3/libads/kerberos.c
153	@@ -618,8 +618,7 @@ static void add_sockaddr_unique(struct sockaddr_storage addrs, int num_addrs,
154	static char get_kdc_ip_string(char mem_ctx,
155	const char *realm,
156	const char *sitename,
157	- const struct sockaddr_storage *pss,
158	- const char *kdc_name)
159	+ const struct sockaddr_storage *pss)
160	{
161	TALLOC_CTX *frame = talloc_stackframe();
162	int i;
163	@@ -756,8 +755,7 @@ fail:
164	bool create_local_private_krb5_conf_for_domain(const char *realm,
165	const char *domain,
166	const char *sitename,
167	- const struct sockaddr_storage *pss,
168	- const char *kdc_name)
169	+ const struct sockaddr_storage *pss)
170	{
171	char *dname;
172	char *tmpname = NULL;
173	@@ -782,7 +780,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
174	return false;
175	}
176
177	- if (domain == NULL \|\| pss == NULL \|\| kdc_name == NULL) {
178	+ if (domain == NULL \|\| pss == NULL) {
179	return false;
180	}
181
182	@@ -815,7 +813,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
183	goto done;
184	}
185
186	- kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss, kdc_name);
187	+ kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss);
188	if (!kdc_ip_string) {
189	goto done;
190	}
191	diff --git a/source3/libads/kerberos_proto.h b/source3/libads/kerberos_proto.h
192	index f7470d2..2559634 100644
193	--- a/source3/libads/kerberos_proto.h
194	+++ b/source3/libads/kerberos_proto.h
195	@@ -62,8 +62,7 @@ int kerberos_kinit_password(const char *principal,
196	bool create_local_private_krb5_conf_for_domain(const char *realm,
197	const char *domain,
198	const char *sitename,
199	- const struct sockaddr_storage *pss,
200	- const char *kdc_name);
201	+ const struct sockaddr_storage *pss);
202
203	/* The following definitions come from libads/authdata.c */
204
205	diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
206	index a87eb38..68884cd 100644
207	--- a/source3/libnet/libnet_join.c
208	+++ b/source3/libnet/libnet_join.c
209	@@ -2152,8 +2152,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
210
211	create_local_private_krb5_conf_for_domain(
212	r->out.dns_domain_name, r->out.netbios_domain_name,
213	- NULL, smbXcli_conn_remote_sockaddr(cli->conn),
214	- smbXcli_conn_remote_name(cli->conn));
215	+ NULL, smbXcli_conn_remote_sockaddr(cli->conn));
216
217	if (r->out.domain_is_ad && r->in.account_ou &&
218	!(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_UNSECURE)) {
219	diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c
220	index 3cfae79..eb34741 100644
221	--- a/source3/libsmb/namequery_dc.c
222	+++ b/source3/libsmb/namequery_dc.c
223	@@ -112,14 +112,12 @@ static bool ads_dc_name(const char *domain,
224	create_local_private_krb5_conf_for_domain(realm,
225	domain,
226	sitename,
227	- &ads->ldap.ss,
228	- ads->config.ldap_server_name);
229	+ &ads->ldap.ss);
230	} else {
231	create_local_private_krb5_conf_for_domain(realm,
232	domain,
233	NULL,
234	- &ads->ldap.ss,
235	- ads->config.ldap_server_name);
236	+ &ads->ldap.ss);
237	}
238	}
239	#endif
240	diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
241	index 669a43e..be13a57 100644
242	--- a/source3/winbindd/winbindd_cm.c
243	+++ b/source3/winbindd/winbindd_cm.c
244	@@ -1233,8 +1233,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
245	create_local_private_krb5_conf_for_domain(domain->alt_name,
246	domain->name,
247	sitename,
248	- pss,
249	- *name);
250	+ pss);
251
252	SAFE_FREE(sitename);
253	} else {
254	@@ -1242,8 +1241,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
255	create_local_private_krb5_conf_for_domain(domain->alt_name,
256	domain->name,
257	NULL,
258	- pss,
259	- *name);
260	+ pss);
261	}
262	winbindd_set_locator_kdc_envs(domain);
263
264	--
265	1.8.5.3
266