import samba-4.16.4-1.el8
This commit is contained in:
parent
e762bb8550
commit
08c3d81b25
|
@ -1,2 +1,2 @@
|
|||
SOURCES/samba-4.16.2.tar.xz
|
||||
SOURCES/samba-4.16.4.tar.xz
|
||||
SOURCES/samba-pubkey_AA99442FB680B620.gpg
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
7ee5776f92bbca2508da3d06d2d03a8e5ff5ed67 SOURCES/samba-4.16.2.tar.xz
|
||||
c943ec2e8b9413cd3465e39481b49872b4486e86 SOURCES/samba-4.16.4.tar.xz
|
||||
971f563c447eda8d144d6c9e743cd0f0488c0d9e SOURCES/samba-pubkey_AA99442FB680B620.gpg
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmKm3zUACgkQqplEL7aA
|
||||
tiC2LA/+LwNu8NfLoSSuq+OXTe6Ih0KhdT3RtIhknhe2s3ibBw7juNqUEmZupufH
|
||||
01M6p+sq1YyyRABW2k2M51tKF96wdjffDNFTNdpFOXYL5Hm1uL4Lzdf4ZiWY9MKp
|
||||
U04uZ1OwicIeFdqU3oUt9iLY5Z2KPz4pTfIOZL67OV8QDXxHdieHfseWVUmOaAjd
|
||||
YsZFQRl2c29OkOkAD5AYpNdquQAGvS34M5dPYItrJwgKs9RYMG6JX03oCpoFxXVn
|
||||
wjV74S1GB03Gec7tOI+BlAshUeAgUIcYjSrcxJ3MEDTXjJkoVcS9gOOezuWf6lei
|
||||
4uEmLYKaYKstF3qFriXJIWoGPAakzyumQOpjo84C0Z0mftSX0L3XbVGmsP48Ra58
|
||||
foz0iLka2/8AqxYa5QXkGwqg615icpLo2MmM2/wvMg0Mvx6D6zcb2yx5gIb+ITmh
|
||||
d1iN7Rzhk+V2fP7m7zua4IEs7jq8M3pXUF7+By2XdboaOuq80APwLfr37yMeQBPu
|
||||
NTVgOPCe+AQZliOWagxZ03yLSraCljIfMFLecDdl1W2Vi45IrtRxT2o2gqtnOgsL
|
||||
1+8OfmcvPYYSXNr3dreeH7UROVR6DEBWL1bUV2UFB5EFzUDB612EE6Z5IVbPoTWl
|
||||
GVAKedXrrQx+f2ucUFg5AvjCJkZ8wVlkMTBK/KJbENbdAe/680k=
|
||||
=fziY
|
||||
-----END PGP SIGNATURE-----
|
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEgfXigyvSVFoYl7cTqplEL7aAtiAFAmLg520ACgkQqplEL7aA
|
||||
tiBsuA//ZqQhoz1unYEMk6tqu528xGweYd488gjdKkszWPCI5NmGbmvN/tbhUIc3
|
||||
WbJO8oPEFN81+a0b7nsKxpgDt8IR00rx4mA3A5rh+Z1PTbUWpjBxchTsXZsEaDaE
|
||||
dA/pRes+rzDpjLg2VWAd+5SDwy1d5ZfZ+gX/qntfpgYLqiBfJNJJPxCEFqnG1IUF
|
||||
xaWwKQNuduq89Wr3LabSCjx4IMQEABr8VN+WZG5JhmKBaad1I5tOBOFypLS0iKUX
|
||||
bGsMr3itdKFvYmAFM2ZbY/Q7DZb5GIUvNOqyRcBYQe33tqS2GYjEHS0tbXoNP5l2
|
||||
gQcs3FiebX6Bi4I6EoFL380LLG1zskCV5xRtGIvrW7SOKCnkaswuxlHEQSVWFc0A
|
||||
2aZmT7RaKYwtm+0kD+Fq3PWBwPvLBgiCP9oohfOgqrW9VnIJNbyCyJcBbK8snS0a
|
||||
KIfr+hM+ccNBVhmpFWRjA0WkVW9d9/tcDFN63nTQJkZg4cXZboMVO7fjmo4U1oJK
|
||||
qIVU5Xr0e5TXLNWguvr6t03CUvtfgBHMYFrHRX4HJTN7Z3m4WxAYt+jspIavQP/S
|
||||
muj4g/INYmjZmBG2f9mign6Tt3MtOtHlymMFAJ1t1e+9B5v1dkmO4T6ffqbDgvg5
|
||||
bnAFUM5+bzW81DGJNbITDSNBU7PokwP4cQBNTVtgK38DW4BiPO8=
|
||||
=6kYO
|
||||
-----END PGP SIGNATURE-----
|
|
@ -1,7 +1,7 @@
|
|||
From 17eb98d3f8ebd0fe48e218bb03a3c0165b9b6e95 Mon Sep 17 00:00:00 2001
|
||||
From 5d7ec9a00b6f4c6768c606d37d235415f2006445 Mon Sep 17 00:00:00 2001
|
||||
From: Isaac Boukris <iboukris@gmail.com>
|
||||
Date: Fri, 27 Sep 2019 18:25:03 +0300
|
||||
Subject: [PATCH 1/4] mit-kdc: add basic loacl realm S4U support
|
||||
Subject: [PATCH 1/3] mit-kdc: add basic loacl realm S4U support
|
||||
|
||||
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
|
||||
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
|
||||
|
@ -236,7 +236,7 @@ index 793fe366c35..22534c09974 100644
|
|||
|
||||
|
||||
diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
|
||||
index 27b15828468..994dfed312b 100644
|
||||
index cb72b5de294..03c2c2ea1de 100644
|
||||
--- a/source4/kdc/mit_samba.c
|
||||
+++ b/source4/kdc/mit_samba.c
|
||||
@@ -517,7 +517,6 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
|
||||
|
@ -247,7 +247,7 @@ index 27b15828468..994dfed312b 100644
|
|||
krb5_db_entry *client,
|
||||
krb5_db_entry *server,
|
||||
krb5_db_entry *krbtgt,
|
||||
@@ -682,7 +681,7 @@ krb5_error_code mit_samba_reget_pac(struct mit_samba_context *ctx,
|
||||
@@ -689,7 +688,7 @@ krb5_error_code mit_samba_reget_pac(struct mit_samba_context *ctx,
|
||||
context,
|
||||
*pac,
|
||||
server->princ,
|
||||
|
@ -256,7 +256,7 @@ index 27b15828468..994dfed312b 100644
|
|||
deleg_blob);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
DEBUG(0, ("Update delegation info failed: %s\n",
|
||||
@@ -1004,41 +1003,17 @@ int mit_samba_check_client_access(struct mit_samba_context *ctx,
|
||||
@@ -1081,41 +1080,17 @@ int mit_samba_check_client_access(struct mit_samba_context *ctx,
|
||||
}
|
||||
|
||||
int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
|
||||
|
@ -333,13 +333,13 @@ index 4431e82a1b2..9370ab533af 100644
|
|||
int mit_samba_kpasswd_change_password(struct mit_samba_context *ctx,
|
||||
char *pwd,
|
||||
--
|
||||
2.33.1
|
||||
2.37.1
|
||||
|
||||
|
||||
From f4fc23103f47b712baf3b4b0ebcb42d0f3f3fd42 Mon Sep 17 00:00:00 2001
|
||||
From 325912375cf54743ab8ea557172a72b870002e9f Mon Sep 17 00:00:00 2001
|
||||
From: Isaac Boukris <iboukris@gmail.com>
|
||||
Date: Fri, 27 Sep 2019 18:35:30 +0300
|
||||
Subject: [PATCH 2/4] krb5-mit: enable S4U client support for MIT build
|
||||
Subject: [PATCH 2/3] krb5-mit: enable S4U client support for MIT build
|
||||
|
||||
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
|
||||
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
|
||||
|
@ -350,10 +350,10 @@ Pair-Programmed-With: Andreas Schneider <asn@samba.org>
|
|||
3 files changed, 185 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
|
||||
index 61d651b4d5f..462acec90b6 100644
|
||||
index 4321f07ca09..3fd95e47fca 100644
|
||||
--- a/lib/krb5_wrap/krb5_samba.c
|
||||
+++ b/lib/krb5_wrap/krb5_samba.c
|
||||
@@ -2699,6 +2699,191 @@ krb5_error_code smb_krb5_kinit_s4u2_ccache(krb5_context ctx,
|
||||
@@ -2702,6 +2702,191 @@ krb5_error_code smb_krb5_kinit_s4u2_ccache(krb5_context ctx,
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -611,20 +611,20 @@ index 544d9d853cc..c14d8c72d8c 100644
|
|||
ret = smb_krb5_kinit_password_ccache(smb_krb5_context->krb5_context,
|
||||
ccache,
|
||||
--
|
||||
2.33.1
|
||||
2.37.1
|
||||
|
||||
|
||||
From 48d73d552f2fbbdb07bd9aff4d0294883b70417f Mon Sep 17 00:00:00 2001
|
||||
From a5713b1558192f24348f7794da84bf65cf78e6ec Mon Sep 17 00:00:00 2001
|
||||
From: Isaac Boukris <iboukris@gmail.com>
|
||||
Date: Sat, 19 Sep 2020 14:16:20 +0200
|
||||
Subject: [PATCH 3/4] wip: for canonicalization with new MIT kdc code
|
||||
Subject: [PATCH 3/3] wip: for canonicalization with new MIT kdc code
|
||||
|
||||
---
|
||||
source4/kdc/mit_samba.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
|
||||
index 994dfed312b..9d039e5601b 100644
|
||||
index 03c2c2ea1de..30fade56531 100644
|
||||
--- a/source4/kdc/mit_samba.c
|
||||
+++ b/source4/kdc/mit_samba.c
|
||||
@@ -232,6 +232,9 @@ int mit_samba_get_principal(struct mit_samba_context *ctx,
|
||||
|
@ -638,33 +638,5 @@ index 994dfed312b..9d039e5601b 100644
|
|||
KRB5_KDB_FLAG_INCLUDE_PAC)) {
|
||||
/*
|
||||
--
|
||||
2.33.1
|
||||
|
||||
|
||||
From f5f54026d151f6d899e8ff52d8829a2f9cf57f25 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schneider <asn@samba.org>
|
||||
Date: Tue, 21 Dec 2021 12:17:11 +0100
|
||||
Subject: [PATCH 4/4] s4:kdc: Also cannoicalize krbtgt principals when
|
||||
enforcing canonicalization
|
||||
|
||||
Signed-off-by: Andreas Schneider <asn@samba.org>
|
||||
---
|
||||
source4/kdc/db-glue.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
|
||||
index 8d17038cfe6..77c0c0e4746 100644
|
||||
--- a/source4/kdc/db-glue.c
|
||||
+++ b/source4/kdc/db-glue.c
|
||||
@@ -946,7 +946,7 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
|
||||
if (ent_type == SAMBA_KDC_ENT_TYPE_KRBTGT) {
|
||||
p->is_krbtgt = true;
|
||||
|
||||
- if (flags & (SDB_F_CANON)) {
|
||||
+ if (flags & (SDB_F_CANON|SDB_F_FORCE_CANON)) {
|
||||
/*
|
||||
* When requested to do so, ensure that the
|
||||
* both realm values in the principal are set
|
||||
--
|
||||
2.33.1
|
||||
2.37.1
|
||||
|
||||
|
|
|
@ -136,11 +136,11 @@
|
|||
|
||||
%global baserelease 1
|
||||
|
||||
%global samba_version 4.16.2
|
||||
%global samba_version 4.16.4
|
||||
%global talloc_version 2.3.3
|
||||
%global tdb_version 1.4.6
|
||||
%global tevent_version 0.12.0
|
||||
%global ldb_version 2.5.1
|
||||
%global ldb_version 2.5.2
|
||||
# This should be rc1 or nil
|
||||
%global pre_release %nil
|
||||
|
||||
|
@ -365,12 +365,18 @@ BuildRequires: lmdb-devel
|
|||
%if %{with dc} || %{with testsuite}
|
||||
BuildRequires: bind
|
||||
BuildRequires: krb5-server >= %{required_mit_krb5}
|
||||
BuildRequires: ldb-tools
|
||||
BuildRequires: python3-gpg
|
||||
BuildRequires: python3-markdown
|
||||
BuildRequires: python3-setproctitle
|
||||
BuildRequires: python3-cryptography
|
||||
|
||||
%if %{without includelibs}
|
||||
BuildRequires: tdb-tools
|
||||
BuildRequires: ldb-tools
|
||||
#endif without includelibs
|
||||
%endif
|
||||
|
||||
#endif with dc || with testsuite
|
||||
%endif
|
||||
|
||||
# filter out perl requirements pulled in from examples in the docdir.
|
||||
|
@ -2097,6 +2103,7 @@ fi
|
|||
%{_libdir}/samba/bind9/dlz_bind9_12.so
|
||||
%{_libdir}/samba/bind9/dlz_bind9_14.so
|
||||
%{_libdir}/samba/bind9/dlz_bind9_16.so
|
||||
%{_libdir}/samba/bind9/dlz_bind9_18.so
|
||||
#endif with dc
|
||||
%endif
|
||||
|
||||
|
@ -2971,6 +2978,7 @@ fi
|
|||
%{python3_sitearch}/samba/tests/krb5/__pycache__/kdc_base_test.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/kdc_tests.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/kdc_tgs_tests.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/kpasswd_tests.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/ms_kile_client_principal_lookup_tests.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/pac_align_tests.*.pyc
|
||||
%{python3_sitearch}/samba/tests/krb5/__pycache__/raw_testcase.*.pyc
|
||||
|
@ -2997,6 +3005,7 @@ fi
|
|||
%{python3_sitearch}/samba/tests/krb5/kdc_base_test.py
|
||||
%{python3_sitearch}/samba/tests/krb5/kdc_tests.py
|
||||
%{python3_sitearch}/samba/tests/krb5/kdc_tgs_tests.py
|
||||
%{python3_sitearch}/samba/tests/krb5/kpasswd_tests.py
|
||||
%{python3_sitearch}/samba/tests/krb5/ms_kile_client_principal_lookup_tests.py
|
||||
%{python3_sitearch}/samba/tests/krb5/pac_align_tests.py
|
||||
%{python3_sitearch}/samba/tests/krb5/raw_testcase.py
|
||||
|
@ -4155,6 +4164,16 @@ fi
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Jul 28 2022 Andreas Schneider <asn@redhat.com> - 4.16.4-1
|
||||
- Rebase to version 4.16.4
|
||||
- resolves: rhbz#2108331 - Fix CVE-2022-32742
|
||||
|
||||
* Mon Jul 18 2022 Pavel Filipenský <pfilipen@redhat.com> - 4.16.3-0
|
||||
- related: rhbz#2077468 - Rebase Samba to 4.16.3
|
||||
- resolves: rhbz#2106672 - The pcap background queue process should not be stopped
|
||||
- resolves: rhbz#2106263 - Fix crash in rpcd_classic
|
||||
- resolves: rhbz#2100093 - Fix net ads info returns LDAP server and LDAP server name
|
||||
|
||||
* Tue Jun 14 2022 Pavel Filipenský <pfilipen@redhat.com> - 4.16.2-1
|
||||
- resolves: rhbz#2084162 - Fix printer displays only after 300 seconds timeout
|
||||
|
||||
|
|
Loading…
Reference in New Issue