net/samba42: Update to 4.2.7

Direct commit as MFH of r404031 was not possible Security: CVE-2015-3223 CVE-2015-5252 CVE-2015-5299 CVE-2015-5296 CVE-2015-8467 CVE-2015-5330 Approved by: ports-secteam (with hat)
author: Mark Felder <feld@FreeBSD.org> 2015-12-22 19:17:17 +0000
committer: Mark Felder <feld@FreeBSD.org> 2015-12-22 19:17:17 +0000
commit: 11638260c4a1c6077de0cb6ac25fd559fa8514e5 (patch)
tree: 8e92a8961dff9006f4e21d2aac45cba3ad91ecb6
parent: d517335b435e77f566693dbb7a29f1ee2643d479 (diff)
download: ports-11638260c4a1c6077de0cb6ac25fd559fa8514e5.tar.gz
ports-11638260c4a1c6077de0cb6ac25fd559fa8514e5.zip
5 files changed, 667 insertions, 13 deletions
diff --git a/net/samba42/Makefile b/net/samba42/Makefile
index 6c75b9bb0998..2cd6e4aa7d69 100644
--- a/net/samba42/Makefile
+++ b/net/samba42/Makefile
@@ -13,11 +13,13 @@ COMMENT?=		Free SMB/CIFS and AD/DC server and client for Unix
 
 LICENSE=		GPLv3
 
-CONFLICTS?=		*samba3[2-6]-3.* samba4-4.0.* samba41-4.1.*
+CONFLICTS?=		*samba3[2-6]-3.* samba4-4.0.* samba41-4.1.* samba43-4.3.*
+
+EXTRA_PATCHES=		${PATCHDIR}/extra-patch-security:-p1
 
 SAMBA4_BASENAME=	samba
 SAMBA4_PORTNAME=	${SAMBA4_BASENAME}4
-SAMBA4_VERSION=		4.2.4
+SAMBA4_VERSION=		4.2.7
 SAMBA4_DISTNAME=	${SAMBA4_BASENAME}-${SAMBA4_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
 
 WRKSRC?=		${WRKDIR}/${DISTNAME}
@@ -91,24 +93,24 @@ BUILD_DEPENDS+=		${PYTHON_PKGNAMEPREFIX}dnspython>=1.9.4:${PORTSDIR}/dns/py-dnsp
 RUN_DEPENDS+=		${PYTHON_PKGNAMEPREFIX}dnspython>=1.9.4:${PORTSDIR}/dns/py-dnspython
 PLIST_SUB+=		PY_DNSPYTHON="@comment "
 # talloc
-BUILD_DEPENDS+=		talloc>=2.1.3_1:${PORTSDIR}/devel/talloc
-RUN_DEPENDS+=		talloc>=2.1.3_1:${PORTSDIR}/devel/talloc
+BUILD_DEPENDS+=		talloc>=2.1.5:${PORTSDIR}/devel/talloc
+RUN_DEPENDS+=		talloc>=2.1.5:${PORTSDIR}/devel/talloc
 SAMBA4_BUNDLED_LIBS+=	!talloc
 # tevent
 BUILD_DEPENDS+=		tevent>=0.9.25:${PORTSDIR}/devel/tevent
 RUN_DEPENDS+=		tevent>=0.9.25:${PORTSDIR}/devel/tevent
 SAMBA4_BUNDLED_LIBS+=	!tevent
 # tdb
-BUILD_DEPENDS+=		tdb>=1.3.7_1:${PORTSDIR}/databases/tdb
-RUN_DEPENDS+=		tdb>=1.3.7_1:${PORTSDIR}/databases/tdb
+BUILD_DEPENDS+=		tdb>=1.3.8:${PORTSDIR}/databases/tdb
+RUN_DEPENDS+=		tdb>=1.3.8:${PORTSDIR}/databases/tdb
 SAMBA4_BUNDLED_LIBS+=	!tdb
 # ntdb
 BUILD_DEPENDS+=		ntdb>=1.0:${PORTSDIR}/databases/ntdb
 RUN_DEPENDS+=		ntdb>=1.0:${PORTSDIR}/databases/ntdb
 SAMBA4_BUNDLED_LIBS+=	!ntdb
 # ldb
-BUILD_DEPENDS+=		ldb>=1.1.21_1:${PORTSDIR}/databases/ldb
-RUN_DEPENDS+=		ldb>=1.1.21_1:${PORTSDIR}/databases/ldb
+BUILD_DEPENDS+=		ldb>=1.1.24:${PORTSDIR}/databases/ldb
+RUN_DEPENDS+=		ldb>=1.1.24:${PORTSDIR}/databases/ldb
 SAMBA4_BUNDLED_LIBS+=	!ldb
 # Don't use external libcom_err
 SAMBA4_BUNDLED_LIBS+=	com_err
@@ -174,6 +176,8 @@ SUB_LIST+=		NSUPDATE="@comment "
 .elif ${PORT_OPTIONS:MNSUPDATE}
 RUN_DEPENDS+=		samba-nsupdate:${PORTSDIR}/dns/samba-nsupdate
 SUB_LIST+=		NSUPDATE=""
+.else
+SUB_LIST+=		NSUPDATE="@comment "
 .endif
 
 .if ${PORT_OPTIONS:MDEBUG}
@@ -239,8 +243,10 @@ CONFIGURE_ARGS+=	--without-acl-support
 .if ! ${PORT_OPTIONS:MAD_DC}
 CONFIGURE_ARGS+=	--without-ad-dc
 PLIST_SUB+=		AD_DC="@comment "
+SUB_LIST+=		AD_DC="@comment "
 .else
 PLIST_SUB+=		AD_DC=""
+SUB_LIST+=		AD_DC=""
 .endif
 
 .if ${PORT_OPTIONS:MADS}
diff --git a/net/samba42/distinfo b/net/samba42/distinfo
index 45a16488977d..5db9d732f2ee 100644
--- a/net/samba42/distinfo
+++ b/net/samba42/distinfo
@@ -1,2 +1,2 @@
-SHA256 (samba-4.2.4.tar.gz) = fb326ea486973ab684f183774e93bb943fc231ab89937512e70331b86acdf6ae
-SIZE (samba-4.2.4.tar.gz) = 20735687
+SHA256 (samba-4.2.7.tar.gz) = f586ab3166ce4c663360f15b1de24ef083816a5471856e3ad49bc26b35f0104a
+SIZE (samba-4.2.7.tar.gz) = 20741971
diff --git a/net/samba42/files/extra-patch-security b/net/samba42/files/extra-patch-security
new file mode 100644
index 000000000000..5a9732052567
--- /dev/null
+++ b/net/samba42/files/extra-patch-security
@@ -0,0 +1,647 @@
+From 6a25f2a8c651523a272c0019895e1d2b1e83b022 Mon Sep 17 00:00:00 2001
+From: Volker Lendecke <vl@samba.org>
+Date: Sat, 18 Jul 2015 21:50:55 +0200
+Subject: [PATCH 1/5] dbwrap_rbt: Make "key" and "value" aligned to 16 byte
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Reported by Uri Simchoni <urisimchoni@gmail.com>. Thanks!
+
+Signed-off-by: Volker Lendecke <vl@samba.org>
+Reviewed-by: Ralph Boehme <slow@samba.org>
+
+Autobuild-User(master): Ralph Böhme <slow@samba.org>
+Autobuild-Date(master): Mon Jul 20 23:18:23 CEST 2015 on sn-devel-104
+
+(cherry picked from commit 64a88f74ca5309dce1d3ec0755ceba4af5144dbd)
+---
+ lib/dbwrap/dbwrap_rbt.c | 51 +++++++++++++++++++++++++++++++++++++------------
+ 1 file changed, 39 insertions(+), 12 deletions(-)
+
+diff --git a/lib/dbwrap/dbwrap_rbt.c b/lib/dbwrap/dbwrap_rbt.c
+index 3f97086..03f2f57 100644
+--- a/lib/dbwrap/dbwrap_rbt.c
++++ b/lib/dbwrap/dbwrap_rbt.c
+@@ -38,13 +38,6 @@ struct db_rbt_rec {
+ struct db_rbt_node {
+ 	struct rb_node rb_node;
+ 	size_t keysize, valuesize;
+-
+-	/*
+-	 * key and value are appended implicitly, "data" is only here as a
+-	 * target for offsetof()
+-	 */
+-
+-	char data[1];
+ };
+ 
+ /*
+@@ -83,12 +76,43 @@ static int db_rbt_compare(TDB_DATA a, TDB_DATA b)
+ static void db_rbt_parse_node(struct db_rbt_node *node,
+ 			      TDB_DATA *key, TDB_DATA *value)
+ {
+-	key->dptr = ((uint8_t *)node) + offsetof(struct db_rbt_node, data);
++	size_t key_offset, value_offset;
++
++	key_offset = DBWRAP_RBT_ALIGN(sizeof(struct db_rbt_node));
++	key->dptr = ((uint8_t *)node) + key_offset;
+ 	key->dsize = node->keysize;
+-	value->dptr = key->dptr + node->keysize;
++
++	value_offset = DBWRAP_RBT_ALIGN(node->keysize);
++	value->dptr = key->dptr + value_offset;
+ 	value->dsize = node->valuesize;
+ }
+ 
++static ssize_t db_rbt_reclen(size_t keylen, size_t valuelen)
++{
++	size_t len, tmp;
++
++	len = DBWRAP_RBT_ALIGN(sizeof(struct db_rbt_node));
++
++	tmp = DBWRAP_RBT_ALIGN(keylen);
++	if (tmp < keylen) {
++		goto overflow;
++	}
++
++	len += tmp;
++	if (len < tmp) {
++		goto overflow;
++	}
++
++	len += valuelen;
++	if (len < valuelen) {
++		goto overflow;
++	}
++
++	return len;
++overflow:
++	return -1;
++}
++
+ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ {
+ 	struct db_rbt_ctx *db_ctx = talloc_get_type_abort(
+@@ -99,6 +123,7 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 	struct rb_node ** p;
+ 	struct rb_node * parent;
+ 
++	ssize_t reclen;
+ 	TDB_DATA this_key, this_val;
+ 
+ 	if (rec_priv->node != NULL) {
+@@ -123,10 +148,12 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 		}
+ 	}
+ 
+-	node = (struct db_rbt_node *)talloc_size(db_ctx,
+-		offsetof(struct db_rbt_node, data) + rec->key.dsize
+-		+ data.dsize);
++	reclen = db_rbt_reclen(rec->key.dsize, data.dsize);
++	if (reclen == -1) {
++		return NT_STATUS_INSUFFICIENT_RESOURCES;
++	}
+ 
++	node = talloc_size(db_ctx, reclen);
+ 	if (node == NULL) {
+ 		return NT_STATUS_NO_MEMORY;
+ 	}
+-- 
+1.9.1
+
+
+From b4d52184a113851954b1b901f478db200e9fd7a8 Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Wed, 25 Nov 2015 10:17:34 +0100
+Subject: [PATCH 2/5] dbwrap_rbt: use talloc_zero_size() instead of a partial
+ ZERO_STRUCT()
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+(cherry picked from commit f3d1fc1d06822a951a2a3eeb5aa53748b9b5b299)
+---
+ lib/dbwrap/dbwrap_rbt.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/lib/dbwrap/dbwrap_rbt.c b/lib/dbwrap/dbwrap_rbt.c
+index 03f2f57..2d65647 100644
+--- a/lib/dbwrap/dbwrap_rbt.c
++++ b/lib/dbwrap/dbwrap_rbt.c
+@@ -153,7 +153,7 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 		return NT_STATUS_INSUFFICIENT_RESOURCES;
+ 	}
+ 
+-	node = talloc_size(db_ctx, reclen);
++	node = talloc_zero_size(db_ctx, reclen);
+ 	if (node == NULL) {
+ 		return NT_STATUS_NO_MEMORY;
+ 	}
+@@ -172,8 +172,6 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 		 */
+ 	}
+ 
+-	ZERO_STRUCT(node->rb_node);
+-
+ 	node->keysize = rec->key.dsize;
+ 	node->valuesize = data.dsize;
+ 
+-- 
+1.9.1
+
+
+From 10abdaf5c7f99eca742c84a7d55b7bb9c324aeab Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Wed, 25 Nov 2015 09:22:08 +0100
+Subject: [PATCH 3/5] dbwrap_rbt: add nested traverse protection
+
+Multiple dbwrap_traverse_read() calls are possible.
+
+store() and delete() on a fetch locked record
+are rejected during dbwrap_traverse_read().
+
+A dbwrap_traverse() within a dbwrap_traverse_read()
+behaves like a dbwrap_traverse_read().
+
+Nested dbwrap_traverse() calls are not possible.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+(cherry picked from commit 590507951fc514a679f44b8bfdd03c721189c3fa)
+---
+ lib/dbwrap/dbwrap_rbt.c | 71 ++++++++++++++++++++++++++++---------------------
+ 1 file changed, 40 insertions(+), 31 deletions(-)
+
+diff --git a/lib/dbwrap/dbwrap_rbt.c b/lib/dbwrap/dbwrap_rbt.c
+index 2d65647..d4cb40d 100644
+--- a/lib/dbwrap/dbwrap_rbt.c
++++ b/lib/dbwrap/dbwrap_rbt.c
+@@ -27,6 +27,8 @@
+ 
+ struct db_rbt_ctx {
+ 	struct rb_root tree;
++	size_t traverse_read;
++	bool traverse_write;
+ };
+ 
+ struct db_rbt_rec {
+@@ -126,6 +128,10 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 	ssize_t reclen;
+ 	TDB_DATA this_key, this_val;
+ 
++	if (db_ctx->traverse_read > 0) {
++		return NT_STATUS_MEDIA_WRITE_PROTECTED;
++	}
++
+ 	if (rec_priv->node != NULL) {
+ 
+ 		/*
+@@ -222,6 +228,10 @@ static NTSTATUS db_rbt_delete(struct db_record *rec)
+ 		rec->db->private_data, struct db_rbt_ctx);
+ 	struct db_rbt_rec *rec_priv = (struct db_rbt_rec *)rec->private_data;
+ 
++	if (db_ctx->traverse_read > 0) {
++		return NT_STATUS_MEDIA_WRITE_PROTECTED;
++	}
++
+ 	if (rec_priv->node == NULL) {
+ 		return NT_STATUS_OK;
+ 	}
+@@ -232,16 +242,6 @@ static NTSTATUS db_rbt_delete(struct db_record *rec)
+ 	return NT_STATUS_OK;
+ }
+ 
+-static NTSTATUS db_rbt_store_deny(struct db_record *rec, TDB_DATA data, int flag)
+-{
+-	return NT_STATUS_MEDIA_WRITE_PROTECTED;
+-}
+-
+-static NTSTATUS db_rbt_delete_deny(struct db_record *rec)
+-{
+-	return NT_STATUS_MEDIA_WRITE_PROTECTED;
+-}
+-
+ struct db_rbt_search_result {
+ 	TDB_DATA key;
+ 	TDB_DATA val;
+@@ -414,13 +414,8 @@ static int db_rbt_traverse_internal(struct db_context *db,
+ 	ZERO_STRUCT(rec);
+ 	rec.db = db;
+ 	rec.private_data = &rec_priv;
+-	if (rw) {
+-		rec.store = db_rbt_store;
+-		rec.delete_rec = db_rbt_delete;
+-	} else {
+-		rec.store = db_rbt_store_deny;
+-		rec.delete_rec = db_rbt_delete_deny;
+-	}
++	rec.store = db_rbt_store;
++	rec.delete_rec = db_rbt_delete;
+ 	db_rbt_parse_node(rec_priv.node, &rec.key, &rec.value);
+ 
+ 	ret = f(&rec, private_data);
+@@ -440,18 +435,21 @@ static int db_rbt_traverse_internal(struct db_context *db,
+ 	return db_rbt_traverse_internal(db, rb_right, f, private_data, count, rw);
+ }
+ 
+-static int db_rbt_traverse(struct db_context *db,
+-			   int (*f)(struct db_record *db,
+-				    void *private_data),
+-			   void *private_data)
++static int db_rbt_traverse_read(struct db_context *db,
++				int (*f)(struct db_record *db,
++					 void *private_data),
++				void *private_data)
+ {
+ 	struct db_rbt_ctx *ctx = talloc_get_type_abort(
+ 		db->private_data, struct db_rbt_ctx);
+ 	uint32_t count = 0;
++	int ret;
+ 
+-	int ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
+-					   f, private_data, &count,
+-					   true /* rw */);
++	ctx->traverse_read++;
++	ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
++				       f, private_data, &count,
++				       false /* rw */);
++	ctx->traverse_read--;
+ 	if (ret != 0) {
+ 		return -1;
+ 	}
+@@ -461,18 +459,29 @@ static int db_rbt_traverse(struct db_context *db,
+ 	return count;
+ }
+ 
+-static int db_rbt_traverse_read(struct db_context *db,
+-				int (*f)(struct db_record *db,
+-					 void *private_data),
+-				void *private_data)
++static int db_rbt_traverse(struct db_context *db,
++			   int (*f)(struct db_record *db,
++				    void *private_data),
++			   void *private_data)
+ {
+ 	struct db_rbt_ctx *ctx = talloc_get_type_abort(
+ 		db->private_data, struct db_rbt_ctx);
+ 	uint32_t count = 0;
++	int ret;
++
++	if (ctx->traverse_write) {
++		return -1;
++	};
++
++	if (ctx->traverse_read > 0) {
++		return db_rbt_traverse_read(db, f, private_data);
++	}
+ 
+-	int ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
+-					   f, private_data, &count,
+-					   false /* rw */);
++	ctx->traverse_write = true;
++	ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
++				       f, private_data, &count,
++				       true /* rw */);
++	ctx->traverse_write = false;
+ 	if (ret != 0) {
+ 		return -1;
+ 	}
+-- 
+1.9.1
+
+
+From fd6bcd4cb3752554dd1041f0a41fd7e9edac602d Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Wed, 25 Nov 2015 09:22:08 +0100
+Subject: [PATCH 4/5] dbwrap_rbt: fix modifying the db during traverse
+
+We delete and add of records rebalace the tree, but our
+traverse code doesn't handle that and skips records
+randomly.
+
+We maintain records in a linked list for now
+in addition to the rbtree and use that list during
+traverse.
+
+This add a bit overhead, but at least it works reliable.
+If someone finds a way to do reliable traverse with the
+rebalanced tree, we can replace this commit.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+(cherry picked from commit 0f46da08e160e6712e5282af14e1ec4012614fc7)
+---
+ lib/dbwrap/dbwrap_rbt.c | 104 ++++++++++++++++++++++++++----------------------
+ 1 file changed, 57 insertions(+), 47 deletions(-)
+
+diff --git a/lib/dbwrap/dbwrap_rbt.c b/lib/dbwrap/dbwrap_rbt.c
+index d4cb40d..a9cc641 100644
+--- a/lib/dbwrap/dbwrap_rbt.c
++++ b/lib/dbwrap/dbwrap_rbt.c
+@@ -22,13 +22,15 @@
+ #include "dbwrap/dbwrap_private.h"
+ #include "dbwrap/dbwrap_rbt.h"
+ #include "../lib/util/rbtree.h"
++#include "../lib/util/dlinklist.h"
+ 
+ #define DBWRAP_RBT_ALIGN(_size_) (((_size_)+15)&~15)
+ 
+ struct db_rbt_ctx {
+ 	struct rb_root tree;
++	struct db_rbt_node *nodes;
+ 	size_t traverse_read;
+-	bool traverse_write;
++	struct db_rbt_node **traverse_nextp;
+ };
+ 
+ struct db_rbt_rec {
+@@ -40,6 +42,7 @@ struct db_rbt_rec {
+ struct db_rbt_node {
+ 	struct rb_node rb_node;
+ 	size_t keysize, valuesize;
++	struct db_rbt_node *prev, *next;
+ };
+ 
+ /*
+@@ -123,7 +126,8 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 	struct db_rbt_node *node;
+ 
+ 	struct rb_node ** p;
+-	struct rb_node * parent;
++	struct rb_node *parent = NULL;
++	struct db_rbt_node *parent_node = NULL;
+ 
+ 	ssize_t reclen;
+ 	TDB_DATA this_key, this_val;
+@@ -165,12 +169,19 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 	}
+ 
+ 	if (rec_priv->node != NULL) {
++		if (db_ctx->traverse_nextp != NULL) {
++			if (*db_ctx->traverse_nextp == rec_priv->node) {
++				*db_ctx->traverse_nextp = node;
++			}
++		}
++
+ 		/*
+ 		 * We need to delete the key from the tree and start fresh,
+ 		 * there's not enough space in the existing record
+ 		 */
+ 
+ 		rb_erase(&rec_priv->node->rb_node, &db_ctx->tree);
++		DLIST_REMOVE(db_ctx->nodes, rec_priv->node);
+ 
+ 		/*
+ 		 * Keep the existing node around for a while: If the record
+@@ -197,10 +208,11 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 		TDB_DATA search_key, search_val;
+ 		int res;
+ 
+-		parent = (*p);
+-
+ 		r = db_rbt2node(*p);
+ 
++		parent = (*p);
++		parent_node = r;
++
+ 		db_rbt_parse_node(r, &search_key, &search_val);
+ 
+ 		res = db_rbt_compare(this_key, search_key);
+@@ -217,6 +229,7 @@ static NTSTATUS db_rbt_store(struct db_record *rec, TDB_DATA data, int flag)
+ 	}
+ 
+ 	rb_link_node(&node->rb_node, parent, p);
++	DLIST_ADD_AFTER(db_ctx->nodes, node, parent_node);
+ 	rb_insert_color(&node->rb_node, &db_ctx->tree);
+ 
+ 	return NT_STATUS_OK;
+@@ -236,7 +249,14 @@ static NTSTATUS db_rbt_delete(struct db_record *rec)
+ 		return NT_STATUS_OK;
+ 	}
+ 
++	if (db_ctx->traverse_nextp != NULL) {
++		if (*db_ctx->traverse_nextp == rec_priv->node) {
++			*db_ctx->traverse_nextp = rec_priv->node->next;
++		}
++	}
++
+ 	rb_erase(&rec_priv->node->rb_node, &db_ctx->tree);
++	DLIST_REMOVE(db_ctx->nodes, rec_priv->node);
+ 	TALLOC_FREE(rec_priv->node);
+ 
+ 	return NT_STATUS_OK;
+@@ -383,56 +403,48 @@ static NTSTATUS db_rbt_parse_record(struct db_context *db, TDB_DATA key,
+ }
+ 
+ static int db_rbt_traverse_internal(struct db_context *db,
+-				    struct rb_node *n,
+ 				    int (*f)(struct db_record *db,
+ 					     void *private_data),
+ 				    void *private_data, uint32_t* count,
+ 				    bool rw)
+ {
+-	struct rb_node *rb_right;
+-	struct rb_node *rb_left;
+-	struct db_record rec;
+-	struct db_rbt_rec rec_priv;
++	struct db_rbt_ctx *ctx = talloc_get_type_abort(
++		db->private_data, struct db_rbt_ctx);
++	struct db_rbt_node *cur = NULL;
++	struct db_rbt_node *next = NULL;
+ 	int ret;
+ 
+-	if (n == NULL) {
+-		return 0;
+-	}
+-
+-	rb_left = n->rb_left;
+-	rb_right = n->rb_right;
++	for (cur = ctx->nodes; cur != NULL; cur = next) {
++		struct db_record rec;
++		struct db_rbt_rec rec_priv;
+ 
+-	ret = db_rbt_traverse_internal(db, rb_left, f, private_data, count, rw);
+-	if (ret != 0) {
+-		return ret;
+-	}
++		rec_priv.node = cur;
++		next = rec_priv.node->next;
+ 
+-	rec_priv.node = db_rbt2node(n);
+-	/* n might be altered by the callback function */
+-	n = NULL;
++		ZERO_STRUCT(rec);
++		rec.db = db;
++		rec.private_data = &rec_priv;
++		rec.store = db_rbt_store;
++		rec.delete_rec = db_rbt_delete;
++		db_rbt_parse_node(rec_priv.node, &rec.key, &rec.value);
+ 
+-	ZERO_STRUCT(rec);
+-	rec.db = db;
+-	rec.private_data = &rec_priv;
+-	rec.store = db_rbt_store;
+-	rec.delete_rec = db_rbt_delete;
+-	db_rbt_parse_node(rec_priv.node, &rec.key, &rec.value);
+-
+-	ret = f(&rec, private_data);
+-	(*count) ++;
+-	if (ret != 0) {
+-		return ret;
+-	}
+-
+-	if (rec_priv.node != NULL) {
+-		/*
+-		 * If the current record is still there
+-		 * we should take the current rb_right.
+-		 */
+-		rb_right = rec_priv.node->rb_node.rb_right;
++		if (rw) {
++			ctx->traverse_nextp = &next;
++		}
++		ret = f(&rec, private_data);
++		(*count) ++;
++		if (rw) {
++			ctx->traverse_nextp = NULL;
++		}
++		if (ret != 0) {
++			return ret;
++		}
++		if (rec_priv.node != NULL) {
++			next = rec_priv.node->next;
++		}
+ 	}
+ 
+-	return db_rbt_traverse_internal(db, rb_right, f, private_data, count, rw);
++	return 0;
+ }
+ 
+ static int db_rbt_traverse_read(struct db_context *db,
+@@ -446,7 +458,7 @@ static int db_rbt_traverse_read(struct db_context *db,
+ 	int ret;
+ 
+ 	ctx->traverse_read++;
+-	ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
++	ret = db_rbt_traverse_internal(db,
+ 				       f, private_data, &count,
+ 				       false /* rw */);
+ 	ctx->traverse_read--;
+@@ -469,7 +481,7 @@ static int db_rbt_traverse(struct db_context *db,
+ 	uint32_t count = 0;
+ 	int ret;
+ 
+-	if (ctx->traverse_write) {
++	if (ctx->traverse_nextp != NULL) {
+ 		return -1;
+ 	};
+ 
+@@ -477,11 +489,9 @@ static int db_rbt_traverse(struct db_context *db,
+ 		return db_rbt_traverse_read(db, f, private_data);
+ 	}
+ 
+-	ctx->traverse_write = true;
+-	ret = db_rbt_traverse_internal(db, ctx->tree.rb_node,
++	ret = db_rbt_traverse_internal(db,
+ 				       f, private_data, &count,
+ 				       true /* rw */);
+-	ctx->traverse_write = false;
+ 	if (ret != 0) {
+ 		return -1;
+ 	}
+-- 
+1.9.1
+
+
+From 5b555ac802ce714c26411b48a375d1cc6699b22c Mon Sep 17 00:00:00 2001
+From: Stefan Metzmacher <metze@samba.org>
+Date: Wed, 25 Nov 2015 00:13:17 +0100
+Subject: [PATCH 5/5] s3:torture: add traverse testing to LOCAL-RBTREE
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11375
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11394
+
+Signed-off-by: Stefan Metzmacher <metze@samba.org>
+Reviewed-by: Volker Lendecke <vl@samba.org>
+
+Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
+Autobuild-Date(master): Fri Nov 27 13:16:59 CET 2015 on sn-devel-104
+
+(cherry picked from commit bb9f13ab4165f150e01a88ddcc51605a7c176f5d)
+---
+ source3/torture/torture.c | 39 +++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 39 insertions(+)
+
+diff --git a/source3/torture/torture.c b/source3/torture/torture.c
+index 594d28f..0b37e5c 100644
+--- a/source3/torture/torture.c
++++ b/source3/torture/torture.c
+@@ -8352,11 +8352,29 @@ static bool rbt_testval(struct db_context *db, const char *key,
+ 	return ret;
+ }
+ 
++static int local_rbtree_traverse_read(struct db_record *rec, void *private_data)
++{
++	int *count2 = (int *)private_data;
++	(*count2)++;
++	return 0;
++}
++
++static int local_rbtree_traverse_delete(struct db_record *rec, void *private_data)
++{
++	int *count2 = (int *)private_data;
++	(*count2)++;
++	dbwrap_record_delete(rec);
++	return 0;
++}
++
+ static bool run_local_rbtree(int dummy)
+ {
+ 	struct db_context *db;
+ 	bool ret = false;
+ 	int i;
++	NTSTATUS status;
++	int count = 0;
++	int count2 = 0;
+ 
+ 	db = db_open_rbt(NULL);
+ 
+@@ -8399,6 +8417,27 @@ static bool run_local_rbtree(int dummy)
+ 	}
+ 
+ 	ret = true;
++	count = 0; count2 = 0;
++	status = dbwrap_traverse_read(db, local_rbtree_traverse_read,
++				      &count2, &count);
++	printf("%s: read1: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
++	if ((count != count2) || (count != 1000)) {
++		ret = false;
++	}
++	count = 0; count2 = 0;
++	status = dbwrap_traverse(db, local_rbtree_traverse_delete,
++				 &count2, &count);
++	printf("%s: delete: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
++	if ((count != count2) || (count != 1000)) {
++		ret = false;
++	}
++	count = 0; count2 = 0;
++	status = dbwrap_traverse_read(db, local_rbtree_traverse_read,
++				      &count2, &count);
++	printf("%s: read2: %d %d, %s\n", __func__, count, count2, nt_errstr(status));
++	if ((count != count2) || (count != 0)) {
++		ret = false;
++	}
+ 
+  done:
+ 	TALLOC_FREE(db);
+-- 
+1.9.1
+
diff --git a/net/samba42/files/pkg-message.in b/net/samba42/files/pkg-message.in
index 6cdc13d1753d..812abb282747 100644
--- a/net/samba42/files/pkg-message.in
+++ b/net/samba42/files/pkg-message.in
@@ -8,8 +8,8 @@ How to start: http://wiki.samba.org/index.php/Samba4/HOWTO
 
 * All the logs are under: %%SAMBA4_LOGDIR%%
 
-* Provisioning script is: %%PREFIX%%/bin/samba-tool
-
+%%AD_DC%%* Provisioning script is: %%PREFIX%%/bin/samba-tool
+%%AD_DC%%
 %%NSUPDATE%%You will need to specify location of the 'nsupdate' command in the
 %%NSUPDATE%%%%SAMBA4_CONFIG%% file:
 %%NSUPDATE%%
diff --git a/net/samba42/pkg-plist b/net/samba42/pkg-plist
index b12fcf839107..993127e7ae0e 100644
--- a/net/samba42/pkg-plist
+++ b/net/samba42/pkg-plist
@@ -1,3 +1,4 @@
+bin/async_connect_send_test
 bin/cifsdd
 bin/dbwrap_tool
 bin/eventlogadm
@@ -306,7 +307,7 @@ lib/samba/libsmb-transport-samba4.so
 lib/samba/libsmbd-base-samba4.so
 lib/samba/libsmbd-conn-samba4.so
 lib/samba/libsmbd-shim-samba4.so
-lib/samba/libsmbldaphelper-samba4.so
+%%LDAP%%lib/samba/libsmbldaphelper-samba4.so
 lib/samba/libsmbpasswdparser-samba4.so
 lib/samba/libsmbregistry-samba4.so
 lib/samba/libsocket-blocking-samba4.so
author	Mark Felder <feld@FreeBSD.org>	2015-12-22 19:17:17 +0000
committer	Mark Felder <feld@FreeBSD.org>	2015-12-22 19:17:17 +0000
commit	11638260c4a1c6077de0cb6ac25fd559fa8514e5 (patch)
tree	8e92a8961dff9006f4e21d2aac45cba3ad91ecb6
parent	d517335b435e77f566693dbb7a29f1ee2643d479 (diff)
download	ports-11638260c4a1c6077de0cb6ac25fd559fa8514e5.tar.gz ports-11638260c4a1c6077de0cb6ac25fd559fa8514e5.zip