diff --git a/samba-glibc-dns.patch b/samba-glibc-dns.patch new file mode 100644 index 0000000..c01d481 --- /dev/null +++ b/samba-glibc-dns.patch @@ -0,0 +1,64 @@ +From e556b4067e0c4036e20fc26523e3b4d6d5c6be42 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider +Date: Thu, 7 Oct 2021 15:55:37 +0200 +Subject: [PATCH] waf: Fix resolv_wrapper with glibc 2.34 + +With glibc 2.34 we are not able to talk to the DNS server via socket_wrapper +anymore. The res_* symbols have been moved from libresolv to libc. We are not +able to intercept any traffic inside of libc. + +Signed-off-by: Andreas Schneider +Reviewed-by: Andreas Schneider +Reviewed-by: Alexander Bokovoy +--- + selftest/wscript | 2 +- + third_party/resolv_wrapper/wscript | 13 +++++++++++++ + 2 files changed, 14 insertions(+), 1 deletion(-) + +diff --git a/selftest/wscript b/selftest/wscript +index a6be06c2ae9..85d9338489a 100644 +--- a/selftest/wscript ++++ b/selftest/wscript +@@ -252,7 +252,7 @@ def cmd_testonly(opt): + if os.environ.get('USE_NAMESPACES') is None: + env.OPTIONS += " --socket_wrapper_so_path=" + CONFIG_GET(opt, 'LIBSOCKET_WRAPPER_SO_PATH') + +- if Utils.unversioned_sys_platform() in ('netbsd', 'openbsd', 'sunos'): ++ if not CONFIG_SET(opt, 'HAVE_RESOLV_CONF_SUPPORT'): + env.OPTIONS += " --use-dns-faking" + + if CONFIG_GET(opt, 'USING_SYSTEM_KRB5') and CONFIG_GET(opt, 'MIT_KDC_PATH'): +diff --git a/third_party/resolv_wrapper/wscript b/third_party/resolv_wrapper/wscript +index a7f18389b0f..7e369bd90b5 100644 +--- a/third_party/resolv_wrapper/wscript ++++ b/third_party/resolv_wrapper/wscript +@@ -1,6 +1,7 @@ + #!/usr/bin/env python + + import os ++from waflib import Logs + + VERSION="1.1.7" + +@@ -49,6 +50,18 @@ def configure(conf): + if conf.CONFIG_SET('HAVE_RES_NCLOSE'): + conf.DEFINE('HAVE_RES_NCLOSE_IN_LIBRESOLV', 1) + ++ # If we find res_nquery in libc, we can't do resolv.conf redirect ++ conf.CHECK_FUNCS('res_nquery __res_nquery') ++ if (conf.CONFIG_SET('HAVE_RES_NQUERY') ++ or conf.CONFIG_SET('HAVE___RES_NQUERY')): ++ Logs.warn("Detection for resolv_wrapper: " ++ "Only dns faking will be available") ++ else: ++ if conf.CHECK_FUNCS('res_nquery', lib='resolv'): ++ conf.DEFINE('HAVE_RESOLV_CONF_SUPPORT', 1) ++ if conf.CHECK_FUNCS('__res_nquery', lib='resolv'): ++ conf.DEFINE('HAVE_RESOLV_CONF_SUPPORT', 1) ++ + conf.CHECK_FUNCS_IN('res_init __res_init', 'resolv', checklibc=True) + conf.CHECK_FUNCS_IN('res_ninit __res_ninit', 'resolv', checklibc=True) + conf.CHECK_FUNCS_IN('res_close __res_close', 'resolv', checklibc=True) +-- +2.33.1 + diff --git a/samba.spec b/samba.spec index 186d651..21de1ec 100644 --- a/samba.spec +++ b/samba.spec @@ -132,7 +132,7 @@ %define samba_requires_eq() %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not") -%global baserelease 0 +%global baserelease 1 %global samba_version 4.15.3 %global talloc_version 2.3.3 @@ -203,6 +203,7 @@ Source201: README.downgrade Patch0: samba-s4u.patch Patch1: samba-ctdb-etcd-reclock.patch +Patch2: samba-glibc-dns.patch Requires(pre): /usr/sbin/groupadd Requires(post): systemd @@ -4101,6 +4102,10 @@ fi %endif %changelog +* Wed Dec 15 2021 Pavel Filipenský - 4.15.3-1 +- Fix resolv_wrapper with glibc 2.34 +- resolves: #2019669 + * Wed Dec 08 2021 Pavel Filipenský - 4.15.3-0 - Update to Samba 4.15.3 - resolves: #2030382