[SCM] Samba Shared Repository - branch v4-6-test updated
Karolin Seeger
kseeger at samba.org
Mon Jul 3 13:16:03 UTC 2017
The branch, v4-6-test has been updated
via cb6771c ldb: protect Samba < 4.7 against incompatible ldb versions and require ldb < 1.2.0
via 85dbd4d wafsamba: add maxversion and version_blacklist to CHECK_BUNDLED_SYSTEM[_PKG]()
via a971f23 s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()
from eb587fb selftest: Also wait for winbindd to start
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-6-test
- Log -----------------------------------------------------------------
commit cb6771c88a2284d1bbc99e1b2ef0e40717882ffa
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 30 06:24:01 2017 +0200
ldb: protect Samba < 4.7 against incompatible ldb versions and require ldb < 1.2.0
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12859
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(v4-6-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-6-test): Mon Jul 3 15:15:14 CEST 2017 on sn-devel-144
commit 85dbd4dc6e8c00a8f3f3912fac86278d80a868da
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 30 06:21:32 2017 +0200
wafsamba: add maxversion and version_blacklist to CHECK_BUNDLED_SYSTEM[_PKG]()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12859
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 4ca48ee4d060f773dcdf9f78a5e4c1b1263b61f4)
commit a971f23c05e849d4930ce470b12c8f5ea3172390
Author: Michael Saxl <mike at mwsys.mine.bz>
Date: Sat Jun 24 13:41:48 2017 +0200
s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()
If the keytab file isn't readable, we may call
krb5_kt_end_seq_get() with an invalid kt_cursor.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10490
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Michael Saxl <mike at mwsys.mine.bz>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a9780a2eaa9cba4ab87cc3371d97fa494fa0198c)
-----------------------------------------------------------------------
Summary of changes:
buildtools/wafsamba/samba_bundled.py | 21 +++++++++++++++++++--
lib/ldb/wscript | 19 +++++++++++++++++--
source3/librpc/crypto/gse_krb5.c | 8 ++++++++
3 files changed, 44 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_bundled.py b/buildtools/wafsamba/samba_bundled.py
index ea88807..aa6199e 100644
--- a/buildtools/wafsamba/samba_bundled.py
+++ b/buildtools/wafsamba/samba_bundled.py
@@ -110,6 +110,7 @@ def LIB_MUST_BE_PRIVATE(conf, libname):
@conf
def CHECK_BUNDLED_SYSTEM_PKG(conf, libname, minversion='0.0.0',
+ maxversion=None, version_blacklist=[],
onlyif=None, implied_deps=None, pkg=None):
'''check if a library is available as a system library.
@@ -117,12 +118,15 @@ def CHECK_BUNDLED_SYSTEM_PKG(conf, libname, minversion='0.0.0',
'''
return conf.CHECK_BUNDLED_SYSTEM(libname,
minversion=minversion,
+ maxversion=maxversion,
+ version_blacklist=version_blacklist,
onlyif=onlyif,
implied_deps=implied_deps,
pkg=pkg)
@conf
def CHECK_BUNDLED_SYSTEM(conf, libname, minversion='0.0.0',
+ maxversion=None, version_blacklist=[],
checkfunctions=None, headers=None, checkcode=None,
onlyif=None, implied_deps=None,
require_headers=True, pkg=None, set_target=True):
@@ -181,16 +185,29 @@ def CHECK_BUNDLED_SYSTEM(conf, libname, minversion='0.0.0',
minversion = minimum_library_version(conf, libname, minversion)
msg = 'Checking for system %s' % libname
+ msg_ver = []
if minversion != '0.0.0':
- msg += ' >= %s' % minversion
+ msg_ver.append('>=%s' % minversion)
+ if maxversion is not None:
+ msg_ver.append('<=%s' % maxversion)
+ for v in version_blacklist:
+ msg_ver.append('!=%s' % v)
+ if msg_ver != []:
+ msg += " (%s)" % (" ".join(msg_ver))
uselib_store=libname.upper()
if pkg is None:
pkg = libname
+ version_checks = '%s >= %s' % (pkg, minversion)
+ if maxversion is not None:
+ version_checks += ' %s <= %s' % (pkg, maxversion)
+ for v in version_blacklist:
+ version_checks += ' %s != %s' % (pkg, v)
+
# try pkgconfig first
if (conf.CHECK_CFG(package=pkg,
- args='"%s >= %s" --cflags --libs' % (pkg, minversion),
+ args='"%s" --cflags --libs' % (version_checks),
msg=msg, uselib_store=uselib_store) and
check_functions_headers_code()):
if set_target:
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 7f05db3..dd68d66 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -55,11 +55,26 @@ def configure(conf):
conf.env.standalone_ldb = conf.IN_LAUNCH_DIR()
if not conf.env.standalone_ldb:
- if conf.CHECK_BUNDLED_SYSTEM_PKG('pyldb-util', minversion=VERSION,
+ #
+ # ldb >= 1.2.0 (as well as 1.1.30 and 1.1.31) are
+ # incompatible with Samba < 4.7
+ #
+ # See https://bugzilla.samba.org/show_bug.cgi?id=12859
+ #
+ maxversion = "1.1.99"
+ version_blacklist = ["1.1.30", "1.1.31"]
+
+ if conf.CHECK_BUNDLED_SYSTEM_PKG('pyldb-util',
+ minversion=VERSION,
+ maxversion=maxversion,
+ version_blacklist=version_blacklist,
onlyif='talloc tdb tevent',
implied_deps='replace talloc tdb tevent ldb'):
conf.define('USING_SYSTEM_PYLDB_UTIL', 1)
- if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb', minversion=VERSION,
+ if conf.CHECK_BUNDLED_SYSTEM_PKG('ldb',
+ minversion=VERSION,
+ maxversion=maxversion,
+ version_blacklist=version_blacklist,
onlyif='talloc tdb tevent pyldb-util',
implied_deps='replace talloc tdb tevent'):
conf.define('USING_SYSTEM_LDB', 1)
diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c
index 703d1b4..4dd39ea 100644
--- a/source3/librpc/crypto/gse_krb5.c
+++ b/source3/librpc/crypto/gse_krb5.c
@@ -437,6 +437,14 @@ static krb5_error_code fill_mem_keytab_from_system_keytab(krb5_context krbctx,
if (ret) {
DEBUG(1, (__location__ ": krb5_kt_start_seq_get failed (%s)\n",
error_message(ret)));
+ /*
+ * krb5_kt_start_seq_get() may leaves bogus data
+ * in kt_cursor. And we want to use the all_zero()
+ * logic below.
+ *
+ * See bug #10490
+ */
+ ZERO_STRUCT(kt_cursor);
goto out;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list