[arch-commits] Commit in sssd/trunk (3 files)
Massimiliano Torromeo
mtorromeo at archlinux.org
Thu Apr 23 17:02:58 UTC 2020
Date: Thursday, April 23, 2020 @ 17:02:57
Author: mtorromeo
Revision: 618304
upgpkg: sssd 2.2.3-7: Fixed build against samba 4.12 and kerberos 1.18
Added:
sssd/trunk/kerberos-1.18-fix.patch
sssd/trunk/samba-4.12-fix.patch
Modified:
sssd/trunk/PKGBUILD
-------------------------+
PKGBUILD | 12 +++-
kerberos-1.18-fix.patch | 14 +++++
samba-4.12-fix.patch | 120 ++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 143 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-04-23 15:38:10 UTC (rev 618303)
+++ PKGBUILD 2020-04-23 17:02:57 UTC (rev 618304)
@@ -3,7 +3,7 @@
pkgname=sssd
pkgver=2.2.3
-pkgrel=6
+pkgrel=7
pkgdesc="System Security Services Daemon"
arch=('x86_64')
url="https://pagure.io/SSSD/sssd"
@@ -35,10 +35,15 @@
'check'
'cmocka'
'libfaketime'
+ 'openssh'
)
-source=("https://releases.pagure.org/SSSD/$pkgname/$pkgname-$pkgver.tar.gz"{,.asc})
+source=("https://releases.pagure.org/SSSD/$pkgname/$pkgname-$pkgver.tar.gz"{,.asc}
+ samba-4.12-fix.patch
+ kerberos-1.18-fix.patch)
sha512sums=('b61d52a53e26e8efa9cb799fc6efc2314bf9d174d3cacfe591a4ca77530637591eacc0dc70c0555252e04a9617e8b134b1ab2d9b0f7351b4228e7b61499e6a10'
- 'SKIP')
+ 'SKIP'
+ '34c8161176e8012c27b9f19e6f0b1b008d4c2accd3d6a9229df995726f5bad10cca5ae2b3684d86d28e9b77d9a780a156ab4a24a649ad1f0499f6f976895414b'
+ '8adec825e4c159f1eb6aec77113fa01fefaa3f7c73a21f5823c6187e6be067c34659d9e78a8a8c00d4cb7452c4ff983bc081a3fd6194812c9e451b4c92eb8cef')
validpgpkeys=('E4E366758CA0716AAB8048671EC6AB7532E7BC25'
'16F24229488E736048952737BA88000FE6398272')
@@ -68,6 +73,7 @@
--libexecdir=/usr/lib/sssd \
--datadir=/usr/share \
--enable-pammoddir=/usr/lib/security \
+ --enable-pac-responder \
--with-initscript=systemd \
--with-os=fedora \
--with-pid-path=/run \
Added: kerberos-1.18-fix.patch
===================================================================
--- kerberos-1.18-fix.patch (rev 0)
+++ kerberos-1.18-fix.patch 2020-04-23 17:02:57 UTC (rev 618304)
@@ -0,0 +1,14 @@
+diff --git a/src/external/pac_responder.m4 b/src/external/pac_responder.m4
+index dc986a1..114d847 100644
+--- a/src/external/pac_responder.m4
++++ b/src/external/pac_responder.m4
+@@ -19,7 +19,8 @@ then
+ Kerberos\ 5\ release\ 1.14* | \
+ Kerberos\ 5\ release\ 1.15* | \
+ Kerberos\ 5\ release\ 1.16* | \
+- Kerberos\ 5\ release\ 1.17*)
++ Kerberos\ 5\ release\ 1.17* | \
++ Kerberos\ 5\ release\ 1.18*)
+ krb5_version_ok=yes
+ AC_MSG_RESULT([yes])
+ ;;
Added: samba-4.12-fix.patch
===================================================================
--- samba-4.12-fix.patch (rev 0)
+++ samba-4.12-fix.patch 2020-04-23 17:02:57 UTC (rev 618304)
@@ -0,0 +1,120 @@
+diff --git a/src/external/samba.m4 b/src/external/samba.m4
+index 65947fa..a0cfd27 100644
+--- a/src/external/samba.m4
++++ b/src/external/samba.m4
+@@ -130,10 +130,17 @@ int main(void)
+ AC_DEFINE_UNQUOTED(SMB_IDMAP_DOMAIN_HAS_DOM_SID, 1,
+ [Samba's struct idmap_domain has dom_sid member])
+ AC_MSG_NOTICE([Samba's struct idmap_domain has dom_sid member])
++ if test $samba_minor_version -ge 12 ; then
++ AC_DEFINE_UNQUOTED(SMB_HAS_NEW_NDR_PULL_STEAL_SWITCH, 1,
++ [Samba's new push/pull switch functions])
++ AC_MSG_NOTICE([Samba has support for new ndr_push_steal_switch_value and ndr_pull_steal_switch_value functions])
++ else
++ AC_MSG_NOTICE([Samba supports old ndr_pull_steal_switch_value and ndr_pull_steal_switch_value functions])
++ fi
+ else
+ AC_MSG_NOTICE([Samba's struct idmap_domain does not have dom_sid member])
++ AC_MSG_NOTICE([Samba supports old ndr_pull_steal_switch_value and ndr_pull_steal_switch_value functions])
+ fi
+-
+ fi
+
+ SAVE_CFLAGS=$CFLAGS
+diff --git a/src/providers/ad/ad_gpo_ndr.c b/src/providers/ad/ad_gpo_ndr.c
+index 101701c..ee7203c 100644
+--- a/src/providers/ad/ad_gpo_ndr.c
++++ b/src/providers/ad/ad_gpo_ndr.c
+@@ -105,9 +105,14 @@ ndr_pull_security_ace_object_type(struct ndr_pull *ndr,
+ union security_ace_object_type *r)
+ {
+ uint32_t level;
+- level = ndr_pull_get_switch_value(ndr, r);
+ NDR_PULL_CHECK_FLAGS(ndr, ndr_flags);
+ if (ndr_flags & NDR_SCALARS) {
++ /* This token is not used again (except perhaps below in the NDR_BUFFERS case) */
++#ifdef SMB_HAS_NEW_NDR_PULL_STEAL_SWITCH
++ NDR_CHECK(ndr_pull_steal_switch_value(ndr, r, &level));
++#else
++ level = ndr_pull_steal_switch_value(ndr, r);
++#endif
+ NDR_CHECK(ndr_pull_union_align(ndr, 4));
+ switch (level) {
+ case SEC_ACE_OBJECT_TYPE_PRESENT: {
+@@ -117,14 +122,6 @@ ndr_pull_security_ace_object_type(struct ndr_pull *ndr,
+ break; }
+ }
+ }
+- if (ndr_flags & NDR_BUFFERS) {
+- switch (level) {
+- case SEC_ACE_OBJECT_TYPE_PRESENT:
+- break;
+- default:
+- break;
+- }
+- }
+ return NDR_ERR_SUCCESS;
+ }
+
+@@ -135,9 +132,14 @@ ndr_pull_security_ace_object_inherited_type(struct ndr_pull *ndr,
+ union security_ace_object_inherited_type *r)
+ {
+ uint32_t level;
+- level = ndr_pull_get_switch_value(ndr, r);
+ NDR_PULL_CHECK_FLAGS(ndr, ndr_flags);
+ if (ndr_flags & NDR_SCALARS) {
++ /* This token is not used again (except perhaps below in the NDR_BUFFERS case) */
++#ifdef SMB_HAS_NEW_NDR_PULL_STEAL_SWITCH
++ NDR_CHECK(ndr_pull_steal_switch_value(ndr, r, &level));
++#else
++ level = ndr_pull_steal_switch_value(ndr, r);
++#endif
+ NDR_CHECK(ndr_pull_union_align(ndr, 4));
+ switch (level) {
+ case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT: {
+@@ -149,14 +151,6 @@ ndr_pull_security_ace_object_inherited_type(struct ndr_pull *ndr,
+ break; }
+ }
+ }
+- if (ndr_flags & NDR_BUFFERS) {
+- switch (level) {
+- case SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT:
+- break;
+- default:
+- break;
+- }
+- }
+ return NDR_ERR_SUCCESS;
+ }
+
+@@ -198,9 +192,14 @@ ndr_pull_security_ace_object_ctr(struct ndr_pull *ndr,
+ union security_ace_object_ctr *r)
+ {
+ uint32_t level;
+- level = ndr_pull_get_switch_value(ndr, r);
+ NDR_PULL_CHECK_FLAGS(ndr, ndr_flags);
+ if (ndr_flags & NDR_SCALARS) {
++ /* This token is not used again (except perhaps below in the NDR_BUFFERS case) */
++#ifdef SMB_HAS_NEW_NDR_PULL_STEAL_SWITCH
++ NDR_CHECK(ndr_pull_steal_switch_value(ndr, r, &level));
++#else
++ level = ndr_pull_steal_switch_value(ndr, r);
++#endif
+ NDR_CHECK(ndr_pull_union_align(ndr, 4));
+ switch (level) {
+ case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT: {
+@@ -224,6 +223,14 @@ ndr_pull_security_ace_object_ctr(struct ndr_pull *ndr,
+ }
+ }
+ if (ndr_flags & NDR_BUFFERS) {
++ if (!(ndr_flags & NDR_SCALARS)) {
++ /* We didn't get it above, and the token is not needed after this. */
++#ifdef SMB_HAS_NEW_NDR_PULL_STEAL_SWITCH
++ NDR_CHECK(ndr_pull_steal_switch_value(ndr, r, &level));
++#else
++ level = ndr_pull_steal_switch_value(ndr, r);
++#endif
++ }
+ switch (level) {
+ case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
+ NDR_CHECK(ndr_pull_security_ace_object
More information about the arch-commits
mailing list