summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch')
-rw-r--r--meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch211
1 files changed, 211 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch b/meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch
new file mode 100644
index 0000000000..a2058f1153
--- /dev/null
+++ b/meta-networking/recipes-connectivity/samba/samba-4.1.12/04-ipv6-workaround.patch
@@ -0,0 +1,211 @@
1From 942dedb71437cd89932a7f39ca73d65c09aa59be Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
3Date: Wed, 2 Apr 2014 19:37:34 +0200
4Subject: [PATCH] s3-kerberos: make ipv6 support for generated krb5 config
5 files more robust.
6MIME-Version: 1.0
7Content-Type: text/plain; charset=UTF-8
8Content-Transfer-Encoding: 8bit
9
10Older MIT Kerberos libraries will add any secondary ipv6 address as
11ipv4 address, defining the (default) krb5 port 88 circumvents that.
12
13Guenther
14
15Signed-off-by: Günther Deschner <gd@samba.org>
16---
17 source3/libads/kerberos.c | 29 +++++++++++++++++++++++++++--
18 1 file changed, 27 insertions(+), 2 deletions(-)
19
20diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
21index 649e568..f3c23ea 100644
22--- a/source3/libads/kerberos.c
23+++ b/source3/libads/kerberos.c
24@@ -615,6 +615,31 @@ static void add_sockaddr_unique(struct sockaddr_storage *addrs, int *num_addrs,
25 *num_addrs += 1;
26 }
27
28+/* print_canonical_sockaddr prints an ipv6 addr in the form of
29+* [ipv6.addr]. This string, when put in a generated krb5.conf file is not
30+* always properly dealt with by some older krb5 libraries. Adding the hard-coded
31+* portnumber workarounds the issue. - gd */
32+
33+static char *print_canonical_sockaddr_with_port(TALLOC_CTX *mem_ctx,
34+ const struct sockaddr_storage *pss)
35+{
36+ char *str = NULL;
37+
38+ str = print_canonical_sockaddr(mem_ctx, pss);
39+ if (str == NULL) {
40+ return NULL;
41+ }
42+
43+ if (pss->ss_family != AF_INET6) {
44+ return str;
45+ }
46+
47+#if defined(HAVE_IPV6)
48+ str = talloc_asprintf_append(str, ":88");
49+#endif
50+ return str;
51+}
52+
53 static char *get_kdc_ip_string(char *mem_ctx,
54 const char *realm,
55 const char *sitename,
56@@ -634,7 +659,7 @@ static char *get_kdc_ip_string(char *mem_ctx,
57 struct netlogon_samlogon_response **responses = NULL;
58 NTSTATUS status;
59 char *kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", "",
60- print_canonical_sockaddr(mem_ctx, pss));
61+ print_canonical_sockaddr_with_port(mem_ctx, pss));
62
63 if (kdc_str == NULL) {
64 TALLOC_FREE(frame);
65@@ -726,7 +751,7 @@ static char *get_kdc_ip_string(char *mem_ctx,
66 /* Append to the string - inefficient but not done often. */
67 new_kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
68 kdc_str,
69- print_canonical_sockaddr(mem_ctx, &dc_addrs[i]));
70+ print_canonical_sockaddr_with_port(mem_ctx, &dc_addrs[i]));
71 if (new_kdc_str == NULL) {
72 goto fail;
73 }
74--
751.9.0
76
77From 60db71015f84dd242be889576d85ccd5c6a1f73b Mon Sep 17 00:00:00 2001
78From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
79Date: Wed, 16 Apr 2014 16:07:14 +0200
80Subject: [PATCH] s3-libads: allow ads_try_connect() to re-use a resolved ip
81 address.
82MIME-Version: 1.0
83Content-Type: text/plain; charset=UTF-8
84Content-Transfer-Encoding: 8bit
85
86Pass down a struct sockaddr_storage to ads_try_connect.
87
88Guenther
89
90Signed-off-by: Günther Deschner <gd@samba.org>
91Reviewed-by: Andreas Schneider <asn@samba.org>
92
93Autobuild-User(master): Günther Deschner <gd@samba.org>
94Autobuild-Date(master): Thu Apr 17 19:56:16 CEST 2014 on sn-devel-104
95---
96 source3/libads/ldap.c | 44 ++++++++++++++++++++++++++------------------
97 1 file changed, 26 insertions(+), 18 deletions(-)
98
99diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
100index d9bb8e2..8fed8fd 100644
101--- a/source3/libads/ldap.c
102+++ b/source3/libads/ldap.c
103@@ -228,33 +228,27 @@ bool ads_closest_dc(ADS_STRUCT *ads)
104 try a connection to a given ldap server, returning True and setting the servers IP
105 in the ads struct if successful
106 */
107-static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
108+static bool ads_try_connect(ADS_STRUCT *ads, bool gc,
109+ struct sockaddr_storage *ss)
110 {
111 struct NETLOGON_SAM_LOGON_RESPONSE_EX cldap_reply;
112 TALLOC_CTX *frame = talloc_stackframe();
113 bool ret = false;
114- struct sockaddr_storage ss;
115 char addr[INET6_ADDRSTRLEN];
116
117- if (!server || !*server) {
118+ if (ss == NULL) {
119 TALLOC_FREE(frame);
120 return False;
121 }
122
123- if (!resolve_name(server, &ss, 0x20, true)) {
124- DEBUG(5,("ads_try_connect: unable to resolve name %s\n",
125- server ));
126- TALLOC_FREE(frame);
127- return false;
128- }
129- print_sockaddr(addr, sizeof(addr), &ss);
130+ print_sockaddr(addr, sizeof(addr), ss);
131
132 DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n",
133 addr, ads->server.realm));
134
135 ZERO_STRUCT( cldap_reply );
136
137- if ( !ads_cldap_netlogon_5(frame, &ss, ads->server.realm, &cldap_reply ) ) {
138+ if ( !ads_cldap_netlogon_5(frame, ss, ads->server.realm, &cldap_reply ) ) {
139 DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", addr));
140 ret = false;
141 goto out;
142@@ -298,7 +292,7 @@ static bool ads_try_connect(ADS_STRUCT *ads, const char *server, bool gc)
143 ads->server.workgroup = SMB_STRDUP(cldap_reply.domain_name);
144
145 ads->ldap.port = gc ? LDAP_GC_PORT : LDAP_PORT;
146- ads->ldap.ss = ss;
147+ ads->ldap.ss = *ss;
148
149 /* Store our site name. */
150 sitename_store( cldap_reply.domain_name, cldap_reply.client_site);
151@@ -330,6 +324,7 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
152 bool use_own_domain = False;
153 char *sitename;
154 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
155+ bool ok = false;
156
157 /* if the realm and workgroup are both empty, assume they are ours */
158
159@@ -384,12 +379,14 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
160 DEBUG(6,("ads_find_dc: (ldap) looking for %s '%s'\n",
161 (got_realm ? "realm" : "domain"), realm));
162
163- if (get_dc_name(domain, realm, srv_name, &ip_out)) {
164+ ok = get_dc_name(domain, realm, srv_name, &ip_out);
165+ if (ok) {
166 /*
167 * we call ads_try_connect() to fill in the
168 * ads->config details
169 */
170- if (ads_try_connect(ads, srv_name, false)) {
171+ ok = ads_try_connect(ads, false, &ip_out);
172+ if (ok) {
173 return NT_STATUS_OK;
174 }
175 }
176@@ -445,7 +442,8 @@ static NTSTATUS ads_find_dc(ADS_STRUCT *ads)
177 }
178 }
179
180- if ( ads_try_connect(ads, server, false) ) {
181+ ok = ads_try_connect(ads, false, &ip_list[i].ss);
182+ if (ok) {
183 SAFE_FREE(ip_list);
184 SAFE_FREE(sitename);
185 return NT_STATUS_OK;
186@@ -630,9 +628,19 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
187 TALLOC_FREE(s);
188 }
189
190- if (ads->server.ldap_server)
191- {
192- if (ads_try_connect(ads, ads->server.ldap_server, ads->server.gc)) {
193+ if (ads->server.ldap_server) {
194+ bool ok = false;
195+ struct sockaddr_storage ss;
196+
197+ ok = resolve_name(ads->server.ldap_server, &ss, 0x20, true);
198+ if (!ok) {
199+ DEBUG(5,("ads_connect: unable to resolve name %s\n",
200+ ads->server.ldap_server));
201+ status = ADS_ERROR_NT(NT_STATUS_NOT_FOUND);
202+ goto out;
203+ }
204+ ok = ads_try_connect(ads, ads->server.gc, &ss);
205+ if (ok) {
206 goto got_connection;
207 }
208
209--
2101.9.0
211
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-04-23 04:33:44 +0000