diff options
Diffstat (limited to 'meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch')
-rw-r--r-- | meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch | 266 |
1 files changed, 0 insertions, 266 deletions
diff --git a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch b/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch deleted file mode 100644 index daa283e67..000000000 --- a/meta-oe/recipes-connectivity/samba/samba-4.1.12/02-fix-ipv6-join.patch +++ /dev/null | |||
@@ -1,266 +0,0 @@ | |||
1 | From 168627e1877317db86471a4b0360dccd9f469aaa Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> | ||
3 | Date: Mon, 13 Jan 2014 15:59:26 +0100 | ||
4 | Subject: [PATCH 1/2] s3-kerberos: remove print_kdc_line() completely. | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Just calling print_canonical_sockaddr() is sufficient, as it already deals with | ||
10 | ipv6 as well. The port handling, which was only done for IPv6 (not IPv4), is | ||
11 | removed as well. It was pointless because it always derived the port number from | ||
12 | the provided address which was either a SMB (usually port 445) or LDAP | ||
13 | connection. No KDC will ever run on port 389 or 445 on a Windows/Samba DC. | ||
14 | Finally, the kerberos libraries that we support and build with, can deal with | ||
15 | ipv6 addresses in krb5.conf, so we no longer put the (unnecessary) burden of | ||
16 | resolving the DC name on the kerberos library anymore. | ||
17 | |||
18 | Guenther | ||
19 | |||
20 | Signed-off-by: Günther Deschner <gd@samba.org> | ||
21 | Reviewed-by: Andreas Schneider <asn@samba.org> | ||
22 | --- | ||
23 | source3/libads/kerberos.c | 73 ++++------------------------------------------- | ||
24 | 1 file changed, 5 insertions(+), 68 deletions(-) | ||
25 | |||
26 | diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c | ||
27 | index b026e09..ea14350 100644 | ||
28 | --- a/source3/libads/kerberos.c | ||
29 | +++ b/source3/libads/kerberos.c | ||
30 | @@ -592,70 +592,6 @@ int kerberos_kinit_password(const char *principal, | ||
31 | /************************************************************************ | ||
32 | ************************************************************************/ | ||
33 | |||
34 | -static char *print_kdc_line(char *mem_ctx, | ||
35 | - const char *prev_line, | ||
36 | - const struct sockaddr_storage *pss, | ||
37 | - const char *kdc_name) | ||
38 | -{ | ||
39 | - char addr[INET6_ADDRSTRLEN]; | ||
40 | - uint16_t port = get_sockaddr_port(pss); | ||
41 | - | ||
42 | - if (pss->ss_family == AF_INET) { | ||
43 | - return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", | ||
44 | - prev_line, | ||
45 | - print_canonical_sockaddr(mem_ctx, pss)); | ||
46 | - } | ||
47 | - | ||
48 | - /* | ||
49 | - * IPv6 starts here | ||
50 | - */ | ||
51 | - | ||
52 | - DEBUG(10, ("print_kdc_line: IPv6 case for kdc_name: %s, port: %d\n", | ||
53 | - kdc_name, port)); | ||
54 | - | ||
55 | - if (port != 0 && port != DEFAULT_KRB5_PORT) { | ||
56 | - /* Currently for IPv6 we can't specify a non-default | ||
57 | - krb5 port with an address, as this requires a ':'. | ||
58 | - Resolve to a name. */ | ||
59 | - char hostname[MAX_DNS_NAME_LENGTH]; | ||
60 | - int ret = sys_getnameinfo((const struct sockaddr *)pss, | ||
61 | - sizeof(*pss), | ||
62 | - hostname, sizeof(hostname), | ||
63 | - NULL, 0, | ||
64 | - NI_NAMEREQD); | ||
65 | - if (ret) { | ||
66 | - DEBUG(0,("print_kdc_line: can't resolve name " | ||
67 | - "for kdc with non-default port %s. " | ||
68 | - "Error %s\n.", | ||
69 | - print_canonical_sockaddr(mem_ctx, pss), | ||
70 | - gai_strerror(ret))); | ||
71 | - return NULL; | ||
72 | - } | ||
73 | - /* Success, use host:port */ | ||
74 | - return talloc_asprintf(mem_ctx, | ||
75 | - "%s\tkdc = %s:%u\n", | ||
76 | - prev_line, | ||
77 | - hostname, | ||
78 | - (unsigned int)port); | ||
79 | - } | ||
80 | - | ||
81 | - /* no krb5 lib currently supports "kdc = ipv6 address" | ||
82 | - * at all, so just fill in just the kdc_name if we have | ||
83 | - * it and let the krb5 lib figure out the appropriate | ||
84 | - * ipv6 address - gd */ | ||
85 | - | ||
86 | - if (kdc_name) { | ||
87 | - return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", | ||
88 | - prev_line, kdc_name); | ||
89 | - } | ||
90 | - | ||
91 | - return talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", | ||
92 | - prev_line, | ||
93 | - print_sockaddr(addr, | ||
94 | - sizeof(addr), | ||
95 | - pss)); | ||
96 | -} | ||
97 | - | ||
98 | /************************************************************************ | ||
99 | Create a string list of available kdc's, possibly searching by sitename. | ||
100 | Does DNS queries. | ||
101 | @@ -698,7 +634,8 @@ static char *get_kdc_ip_string(char *mem_ctx, | ||
102 | char *result = NULL; | ||
103 | struct netlogon_samlogon_response **responses = NULL; | ||
104 | NTSTATUS status; | ||
105 | - char *kdc_str = print_kdc_line(mem_ctx, "", pss, kdc_name); | ||
106 | + char *kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", "", | ||
107 | + print_canonical_sockaddr(mem_ctx, pss)); | ||
108 | |||
109 | if (kdc_str == NULL) { | ||
110 | TALLOC_FREE(frame); | ||
111 | @@ -788,9 +725,9 @@ static char *get_kdc_ip_string(char *mem_ctx, | ||
112 | } | ||
113 | |||
114 | /* Append to the string - inefficient but not done often. */ | ||
115 | - new_kdc_str = print_kdc_line(mem_ctx, kdc_str, | ||
116 | - &dc_addrs[i], | ||
117 | - kdc_name); | ||
118 | + new_kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", | ||
119 | + kdc_str, | ||
120 | + print_canonical_sockaddr(mem_ctx, &dc_addrs[i])); | ||
121 | if (new_kdc_str == NULL) { | ||
122 | goto fail; | ||
123 | } | ||
124 | -- | ||
125 | 1.8.5.3 | ||
126 | |||
127 | |||
128 | From 3edb3d4084548960f03356cf4c44a6892e6efb84 Mon Sep 17 00:00:00 2001 | ||
129 | From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> | ||
130 | Date: Fri, 7 Mar 2014 14:47:31 +0100 | ||
131 | Subject: [PATCH 2/2] s3-kerberos: remove unused kdc_name from | ||
132 | create_local_private_krb5_conf_for_domain(). | ||
133 | MIME-Version: 1.0 | ||
134 | Content-Type: text/plain; charset=UTF-8 | ||
135 | Content-Transfer-Encoding: 8bit | ||
136 | |||
137 | Guenther | ||
138 | |||
139 | Signed-off-by: Günther Deschner <gd@samba.org> | ||
140 | Reviewed-by: Andreas Schneider <asn@samba.org> | ||
141 | --- | ||
142 | source3/libads/kerberos.c | 10 ++++------ | ||
143 | source3/libads/kerberos_proto.h | 3 +-- | ||
144 | source3/libnet/libnet_join.c | 3 +-- | ||
145 | source3/libsmb/namequery_dc.c | 6 ++---- | ||
146 | source3/winbindd/winbindd_cm.c | 6 ++---- | ||
147 | 5 files changed, 10 insertions(+), 18 deletions(-) | ||
148 | |||
149 | diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c | ||
150 | index ea14350..649e568 100644 | ||
151 | --- a/source3/libads/kerberos.c | ||
152 | +++ b/source3/libads/kerberos.c | ||
153 | @@ -618,8 +618,7 @@ static void add_sockaddr_unique(struct sockaddr_storage *addrs, int *num_addrs, | ||
154 | static char *get_kdc_ip_string(char *mem_ctx, | ||
155 | const char *realm, | ||
156 | const char *sitename, | ||
157 | - const struct sockaddr_storage *pss, | ||
158 | - const char *kdc_name) | ||
159 | + const struct sockaddr_storage *pss) | ||
160 | { | ||
161 | TALLOC_CTX *frame = talloc_stackframe(); | ||
162 | int i; | ||
163 | @@ -756,8 +755,7 @@ fail: | ||
164 | bool create_local_private_krb5_conf_for_domain(const char *realm, | ||
165 | const char *domain, | ||
166 | const char *sitename, | ||
167 | - const struct sockaddr_storage *pss, | ||
168 | - const char *kdc_name) | ||
169 | + const struct sockaddr_storage *pss) | ||
170 | { | ||
171 | char *dname; | ||
172 | char *tmpname = NULL; | ||
173 | @@ -782,7 +780,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, | ||
174 | return false; | ||
175 | } | ||
176 | |||
177 | - if (domain == NULL || pss == NULL || kdc_name == NULL) { | ||
178 | + if (domain == NULL || pss == NULL) { | ||
179 | return false; | ||
180 | } | ||
181 | |||
182 | @@ -815,7 +813,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm, | ||
183 | goto done; | ||
184 | } | ||
185 | |||
186 | - kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss, kdc_name); | ||
187 | + kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, pss); | ||
188 | if (!kdc_ip_string) { | ||
189 | goto done; | ||
190 | } | ||
191 | diff --git a/source3/libads/kerberos_proto.h b/source3/libads/kerberos_proto.h | ||
192 | index f7470d2..2559634 100644 | ||
193 | --- a/source3/libads/kerberos_proto.h | ||
194 | +++ b/source3/libads/kerberos_proto.h | ||
195 | @@ -62,8 +62,7 @@ int kerberos_kinit_password(const char *principal, | ||
196 | bool create_local_private_krb5_conf_for_domain(const char *realm, | ||
197 | const char *domain, | ||
198 | const char *sitename, | ||
199 | - const struct sockaddr_storage *pss, | ||
200 | - const char *kdc_name); | ||
201 | + const struct sockaddr_storage *pss); | ||
202 | |||
203 | /* The following definitions come from libads/authdata.c */ | ||
204 | |||
205 | diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c | ||
206 | index a87eb38..68884cd 100644 | ||
207 | --- a/source3/libnet/libnet_join.c | ||
208 | +++ b/source3/libnet/libnet_join.c | ||
209 | @@ -2152,8 +2152,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, | ||
210 | |||
211 | create_local_private_krb5_conf_for_domain( | ||
212 | r->out.dns_domain_name, r->out.netbios_domain_name, | ||
213 | - NULL, smbXcli_conn_remote_sockaddr(cli->conn), | ||
214 | - smbXcli_conn_remote_name(cli->conn)); | ||
215 | + NULL, smbXcli_conn_remote_sockaddr(cli->conn)); | ||
216 | |||
217 | if (r->out.domain_is_ad && r->in.account_ou && | ||
218 | !(r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_UNSECURE)) { | ||
219 | diff --git a/source3/libsmb/namequery_dc.c b/source3/libsmb/namequery_dc.c | ||
220 | index 3cfae79..eb34741 100644 | ||
221 | --- a/source3/libsmb/namequery_dc.c | ||
222 | +++ b/source3/libsmb/namequery_dc.c | ||
223 | @@ -112,14 +112,12 @@ static bool ads_dc_name(const char *domain, | ||
224 | create_local_private_krb5_conf_for_domain(realm, | ||
225 | domain, | ||
226 | sitename, | ||
227 | - &ads->ldap.ss, | ||
228 | - ads->config.ldap_server_name); | ||
229 | + &ads->ldap.ss); | ||
230 | } else { | ||
231 | create_local_private_krb5_conf_for_domain(realm, | ||
232 | domain, | ||
233 | NULL, | ||
234 | - &ads->ldap.ss, | ||
235 | - ads->config.ldap_server_name); | ||
236 | + &ads->ldap.ss); | ||
237 | } | ||
238 | } | ||
239 | #endif | ||
240 | diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c | ||
241 | index 669a43e..be13a57 100644 | ||
242 | --- a/source3/winbindd/winbindd_cm.c | ||
243 | +++ b/source3/winbindd/winbindd_cm.c | ||
244 | @@ -1233,8 +1233,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx, | ||
245 | create_local_private_krb5_conf_for_domain(domain->alt_name, | ||
246 | domain->name, | ||
247 | sitename, | ||
248 | - pss, | ||
249 | - *name); | ||
250 | + pss); | ||
251 | |||
252 | SAFE_FREE(sitename); | ||
253 | } else { | ||
254 | @@ -1242,8 +1241,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx, | ||
255 | create_local_private_krb5_conf_for_domain(domain->alt_name, | ||
256 | domain->name, | ||
257 | NULL, | ||
258 | - pss, | ||
259 | - *name); | ||
260 | + pss); | ||
261 | } | ||
262 | winbindd_set_locator_kdc_envs(domain); | ||
263 | |||
264 | -- | ||
265 | 1.8.5.3 | ||
266 | |||