add samba package

SVN-Revision: 1719

openwrt/package/Config.in

@@ -87,6 +87,7 @@ source "package/quagga/Config.in"
 source "package/radvd/Config.in"
 source "package/robocfg/Config.in"
 source "package/rsync/Config.in"
+source "package/samba/Config.in"
 source "package/ser/Config.in"
 source "package/shat/Config.in"
 source "package/siproxd/Config.in"

openwrt/package/Makefile

@@ -126,6 +126,7 @@ package-$(BR2_COMPILE_RRDTOOL) += rrdtool
 package-$(BR2_PACKAGE_RSYNC) += rsync
 package-$(BR2_PACKAGE_SABLEVM) += sablevm
 package-$(BR2_PACKAGE_SABLEVM_CLASSPATH) += sablevm-classpath
+package-$(BR2_COMPILE_SAMBA) += samba
 package-$(BR2_PACKAGE_SCREEN) += screen
 package-$(BR2_PACKAGE_SDK) += sdk
 package-$(BR2_PACKAGE_SER) += ser
@@ -211,6 +212,7 @@ quagga-compile: readline-compile ncurses-compile
 rrdcollect-compile: rrdtool-compile
 rrdtool-compile: cgilib-compile freetype-compile libart-compile libpng-compile
 rsync-compile: popt-compile
+samba-compile: cups-compile
 screen-compile: ncurses-compile
 siproxd-compile: libosip2-compile
 sipsak-compile: openssl-compile

openwrt/package/samba/Config.in

@@ -0,0 +1,37 @@
+config BR2_COMPILE_SAMBA
+	bool
+	default n
+	depends BR2_PACKAGE_SAMBA || BR2_PACKAGE_SAMBA_CLIENT
+
+config BR2_PACKAGE_SAMBA
+	tristate "samba - NetBIOS/SMB file and print server"
+#	default m if CONFIG_DEVEL
+	default n
+	select BR2_COMPILE_SAMBA
+	help
+	 The Samba software suite is a collection of programs that implements the 
+	 SMB protocol for unix systems, allowing you to serve files and printers to 
+	 Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred 
+	 to as the LanManager or Netbios protocol.
+	 
+	 http://www.samba.org/
+	 
+	 This package contains the SMB file and print server daemons.
+	 
+
+config BR2_PACKAGE_SAMBA_CLIENT
+	tristate "samba-client - NetBIOS/SMB simple client"
+#	default m if CONFIG_DEVEL
+	default n
+	select BR2_COMPILE_SAMBA
+	help
+	 The Samba software suite is a collection of programs that implements the 
+	 SMB protocol for unix systems, allowing you to serve files and printers to 
+	 Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred 
+	 to as the LanManager or Netbios protocol.
+	 
+	 http://www.samba.org/
+	 
+	 This package contains a simple command-line SMB client.
+	 
+

openwrt/package/samba/Makefile

@@ -0,0 +1,115 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=samba
+PKG_VERSION:=2.0.10
+PKG_RELEASE:=1
+PKG_MD5SUM:=54870482fe036b7e69dd48c90661eec6
+
+PKG_SOURCE_URL:=ftp://se.samba.org/pub/samba/stable \
+	ftp://ftp.easynet.be/samba/stable
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+include $(TOPDIR)/package/rules.mk
+
+$(eval $(call PKG_template,SAMBA,samba,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+$(eval $(call PKG_template,SAMBA_CLIENT,samba-client,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
+
+$(PKG_BUILD_DIR)/.configured: $(PKG_BUILD_DIR)/.prepared
+	(cd $(PKG_BUILD_DIR)/source; \
+		$(TARGET_CONFIGURE_OPTS) \
+		CFLAGS="$(TARGET_CFLAGS) -D_GNU_SOURCE -DNDEBUG -DSHMEM_SIZE=524288 -Dfcntl=fcntl64" \
+		CPPFLAGS="-I$(STAGING_DIR)/usr/include" \
+		LDFLAGS="-L$(STAGING_DIR)/lib -L$(STAGING_DIR)/usr/lib" \
+		ac_cv_sizeof_int=4 \
+		ac_cv_sizeof_long=4 \
+		ac_cv_sizeof_short=2 \
+		samba_cv_FTRUNCATE_NEEDS_ROOT=no \
+		samba_cv_HAVE_BROKEN_FCNTL64_LOCKS=no \
+		samba_cv_HAVE_BROKEN_GETGROUPS=no \
+		samba_cv_HAVE_BROKEN_READDIR=no \
+		samba_cv_HAVE_FCNTL_LOCK=yes \
+		samba_cv_HAVE_FNMATCH=yes \
+		samba_cv_HAVE_FTRUNCATE_EXTEND=no \
+		samba_cv_HAVE_GETTIMEOFDAY_TZ=yes \
+		samba_cv_HAVE_IFACE_AIX=no \
+		samba_cv_HAVE_IFACE_IFCONF=yes \
+		samba_cv_HAVE_IFACE_IFREQ=yes \
+		samba_cv_HAVE_INO64_T=yes \
+		samba_cv_HAVE_IRIX_SPECIFIC_CAPABILITIES=no \
+		samba_cv_HAVE_OFF64_T=yes \
+		samba_cv_HAVE_ROOT=yes \
+		samba_cv_HAVE_SECURE_MKSTEMP=yes \
+		samba_cv_HAVE_SHARED_MMAP=yes \
+		samba_cv_HAVE_STRUCT_FLOCK64=yes \
+		samba_cv_HAVE_SYSV_IPC=no \
+		samba_cv_HAVE_TRUNCATED_SALT=no \
+		samba_cv_HAVE_UNION_SEMUN=no \
+		samba_cv_HAVE_UNSIGNED_CHAR=yes \
+		samba_cv_NEED_SGI_SEMUN_HACK=no \
+		samba_cv_REPLACE_INET_NTOA=no \
+		samba_cv_SIZEOF_INO_T=4 \
+		samba_cv_SIZEOF_OFF_T=4 \
+		samba_cv_SYSCONF_SC_NGROUPS_MAX=yes \
+		samba_cv_USE_SETEUID=yes \
+		samba_cv_USE_SETRESUID=no \
+		samba_cv_USE_SETREUID=yes \
+		samba_cv_USE_SETUIDX=no \
+		samba_cv_have_longlong=yes \
+		samba_cv_have_setresgid=no \
+		samba_cv_have_setresuid=no \
+		./configure \
+			--target=$(GNU_TARGET_NAME) \
+			--host=$(GNU_TARGET_NAME) \
+			--build=$(GNU_HOST_NAME) \
+			--program-prefix="" \
+			--program-suffix="" \
+			--prefix=/usr \
+			--exec-prefix=/usr \
+			--bindir=/usr/bin \
+			--datadir=/usr/share \
+			--includedir=/usr/include \
+			--infodir=/usr/share/info \
+			--libdir=/usr/lib \
+			--libexecdir=/usr/lib \
+			--localstatedir=/var/log/samba \
+			--mandir=/usr/share/man \
+			--sbindir=/usr/sbin \
+			--sysconfdir=/etc/samba \
+			$(DISABLE_LARGEFILE) \
+			$(DISABLE_NLS) \
+			--with-lockdir=/var/run/samba \
+			--with-privatedir=/etc/samba \
+			--enable-cups \
+	);
+	touch $@
+
+$(PKG_BUILD_DIR)/.built:
+	$(MAKE) -C $(PKG_BUILD_DIR)/source \
+		$(TARGET_CONFIGURE_OPTS) \
+		all
+	touch $@
+
+$(IPKG_SAMBA):
+	install -d -m0755 $(IDIR_SAMBA)/etc/init.d
+	install -m0755 ./files/samba.init $(IDIR_SAMBA)/etc/init.d/samba
+	install -d -m0755 $(IDIR_SAMBA)/etc/samba
+	install -m0644 ./files/smb.conf $(IDIR_SAMBA)/etc/samba/smb.conf
+	install -d -m0755 $(IDIR_SAMBA)/usr/bin
+	install -m0755 $(PKG_BUILD_DIR)/source/bin/smbpasswd $(IDIR_SAMBA)/usr/bin/
+	install -d -m0755 $(IDIR_SAMBA)/usr/sbin
+	install -m0755 $(PKG_BUILD_DIR)/source/bin/{n,s}mbd $(IDIR_SAMBA)/usr/sbin/
+	$(RSTRIP) $(IDIR_SAMBA)
+	$(IPKG_BUILD) $(IDIR_SAMBA) $(PACKAGE_DIR)
+
+$(IPKG_SAMBA_CLIENT):
+	install -d -m0755 $(IDIR_SAMBA_CLIENT)/usr/bin
+	install -m0755 $(PKG_BUILD_DIR)/source/bin/smbclient $(IDIR_SAMBA_CLIENT)/usr/bin/
+	$(RSTRIP) $(IDIR_SAMBA_CLIENT)
+	$(IPKG_BUILD) $(IDIR_SAMBA_CLIENT) $(PACKAGE_DIR)
+
+mostlyclean:
+	make -C $(PKG_BUILD_DIR) clean
+	rm $(PKG_BUILD_DIR)/.built

openwrt/package/samba/files/samba.init

@@ -0,0 +1,26 @@
+#!/bin/sh
+
+DEFAULT=/etc/default/samba
+LOG_D=/var/log/samba
+RUN_D=/var/run/samba
+NMBD_PID_F=$RUN_D/nmbd.pid
+SMBD_PID_F=$RUN_D/smbd.pid
+[ -f $DEFAULT ] && . $DEFAULT
+
+case $1 in
+ start)
+  mkdir -p $LOG_D
+  mkdir -p $RUN_D
+  nmbd -D $NMBD_OPTIONS
+  smbd -D $SMBD_OPTIONS
+  ;;
+ stop)
+  [ -f $SMBD_PID_F ] && kill $(cat $SMBD_PID_F)
+  [ -f $NMBD_PID_F ] && kill $(cat $NMBD_PID_F)
+  ;;
+ *)
+  echo "usage: $0 (start|stop)"
+  exit 1
+esac
+
+exit $?

openwrt/package/samba/files/smb.conf

@@ -0,0 +1,14 @@
+[global]
+ workgroup = OpenWrt
+ security = share
+ guest account = nobody
+ local master = yes
+ name resolve order = lmhosts hosts bcast
+
+[tmp]
+ comment = /tmp
+ path = /tmp
+ browseable = yes
+ public = yes
+ writeable = no
+

openwrt/package/samba/ipkg/samba-client.control

@@ -0,0 +1,6 @@
+Package: samba-client
+Priority: optional
+Section: net
+Maintainer: Oliver Ertl <oliver@ertl-net.net>, OpenWrt Developers Team <bugs@openwrt.org>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/openwrt/package/samba/
+Description: NetBIOS/SMB client

openwrt/package/samba/ipkg/samba.conffiles

@@ -0,0 +1 @@
+/etc/samba/smb.conf

openwrt/package/samba/ipkg/samba.control

@@ -0,0 +1,7 @@
+Package: samba
+Priority: optional
+Section: net
+Maintainer: Oliver Ertl <oliver@ertl-net.net>, OpenWrt Developers Team <bugs@openwrt.org>
+Source: http://openwrt.org/cgi-bin/viewcvs.cgi/openwrt/package/samba/
+Description: NetBIOS/SMB file and print server
+Depends: cups

openwrt/package/samba/patches/100-samba.patch

@@ -0,0 +1,489 @@
+diff -ur samba-2.0.10/source/include/smb.h samba/source/include/smb.h
+--- samba-2.0.10/source/include/smb.h	2001-06-23 12:52:20.000000000 +0400
++++ samba/source/include/smb.h	2005-05-21 21:09:03.204222704 +0400
+@@ -115,6 +115,22 @@
+  *               Usage:
+  *                 DEBUGADD( 2, ("Some additional text.\n") );
+  */
++ 
++#ifdef NDEBUG
++
++#define DEBUGLVL( level ) \
++  ( (0 == (level)) \
++   && dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) ) )
++
++#define DEBUG( level, body ) \
++  (void)( (0 == (level)) \
++       && (dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) )) \
++       && (dbgtext body) )
++
++#define DEBUGADD( level, body )	\
++  (void)( (0 == (level)) && (dbgtext body) )
++
++#else
+ #define DEBUGLVL( level ) \
+   ( (DEBUGLEVEL >= (level)) \
+    && dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) ) )
+@@ -140,7 +156,7 @@
+   (void)( (DEBUGLEVEL >= (level)) && (dbgtext body) )
+ 
+ #endif
+-
++#endif
+ /* End Debugging code section.
+  * -------------------------------------------------------------------------- **
+  */
+@@ -1612,7 +1628,9 @@
+ #define CAP_LOCK_AND_READ    0x0100
+ #define CAP_NT_FIND          0x0200
+ #define CAP_DFS              0x1000
++#define CAP_W2K_SMBS         0x2000
+ #define CAP_LARGE_READX      0x4000
++#define CAP_LARGE_WRITEX     0x8000
+ #define CAP_EXTENDED_SECURITY 0x80000000
+ 
+ /* protocol types. It assumes that higher protocols include lower protocols
+diff -ur samba-2.0.10/source/Makefile.in samba/source/Makefile.in
+--- samba-2.0.10/source/Makefile.in	2000-03-17 01:57:08.000000000 +0300
++++ samba/source/Makefile.in	2005-05-21 20:59:57.130238568 +0400
+@@ -37,8 +37,8 @@
+ # set these to where to find various files
+ # These can be overridden by command line switches (see smbd(8))
+ # or in smb.conf (see smb.conf(5))
+-SMBLOGFILE = $(VARDIR)/log.smb
+-NMBLOGFILE = $(VARDIR)/log.nmb
++SMBLOGFILE = $(VARDIR)/smb
++NMBLOGFILE = $(VARDIR)/nmb
+ CONFIGFILE = $(LIBDIR)/smb.conf
+ LMHOSTSFILE = $(LIBDIR)/lmhosts
+ DRIVERFILE = $(LIBDIR)/printers.def
+@@ -55,7 +55,7 @@
+ LOCKDIR = @lockdir@
+ 
+ # The directory where code page definition files go
+-CODEPAGEDIR = $(LIBDIR)/codepages
++CODEPAGEDIR = $(BASEDIR)/codepages
+ 
+ # The current codepage definition list.
+ CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 KOI8-R
+@@ -82,6 +82,7 @@
+ PROGS2 = bin/rpcclient bin/smbpasswd bin/make_smbcodepage bin/make_unicodemap @WRAP@ @WRAP32@
+ MPROGS = @MPROGS@
+ PROGS = $(PROGS1) $(PROGS2) $(MPROGS) bin/nmblookup bin/make_printerdef 
++SHAREDPROGS = bin/smbd.shared bin/nmbd.shared bin/smbpasswd.shared
+ 
+ SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script/convert_smbpasswd
+ 
+@@ -159,6 +160,8 @@
+            $(RPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+            $(LOCKING_OBJ) $(PASSDB_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ)
+ 
++SMBDSHARED_OBJ = $(SMBD_OBJ1) $(RPC_SERVER_OBJ) \
++           $(LOCKING_OBJ) $(PROFILE_OBJ) #$(PRINTING_OBJ)
+ 
+ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
+             nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
+@@ -176,6 +179,8 @@
+ NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
+            $(LIB_OBJ)
+ 
++NMBDSHARED_OBJ = $(NMBD_OBJ1)
++
+ SWAT_OBJ = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
+            web/swat.o $(LIBSMB_OBJ) $(LOCKING_OBJ) \
+            $(PARAM_OBJ) $(PASSDB_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+@@ -207,6 +212,8 @@
+ SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
+                 $(UBIQX_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(LIB_OBJ)
+ 
++SMBPASSWDSHARED_OBJ = utils/smbpasswd.o
++
+ RPCCLIENT_OBJ = rpcclient/rpcclient.o \
+              rpcclient/display.o \
+              rpcclient/cmd_lsarpc.o \
+@@ -265,6 +272,11 @@
+ PROTO_OBJ = $(SMBD_OBJ) $(NMBD_OBJ) $(SWAT_OBJ) $(CLIENT_OBJ) \
+ 	    $(RPCCLIENT_OBJ) $(SMBWRAPPER_OBJ) $(SMBTORTURE_OBJ)
+ 
++LIBSMBSHARED_OBJ = $(LIB_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) \
++		$(PASSDB_OBJ) $(RPC_PARSE_OBJ) #$(RPC_CLIENT_OBJ)
++
++LIBSMB_PICOBJS = $(LIBSMBSHARED_OBJ:.o=.po)
++
+ PICOBJS = $(SMBWRAPPER_OBJ:.o=.po)
+ PICOBJS32 = $(SMBWRAPPER_OBJ:.o=.po32)
+ 
+@@ -274,6 +286,8 @@
+ 
+ all : CHECK $(SPROGS) $(PROGS) 
+ 
++shared : CHECK $(SHAREDPROGS)
++
+ smbwrapper : CHECK bin/smbsh bin/smbwrapper.@SHLIBEXT@ @WRAP32@
+ 
+ smbtorture : CHECK bin/smbtorture
+@@ -359,10 +373,18 @@
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LIBS) 
+ 
++bin/smbd.shared: $(SMBDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++	@echo Linking $@
++	@$(CC) $(FLAGS) -o $@ $(SMBDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/nmbd: $(NMBD_OBJ) bin/.dummy
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS)
+ 
++bin/nmbd.shared: $(NMBDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++	@echo Linking $@
++	@$(CC) $(FLAGS) -o $@ $(NMBDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/swat: $(SWAT_OBJ) bin/.dummy
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(LIBS) 
+@@ -411,6 +433,10 @@
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(LIBS)
+ 
++bin/smbpasswd.shared: $(SMBPASSWDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++	@echo Linking $@
++	@$(CC) $(FLAGS) -o $@ $(SMBPASSWDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/make_smbcodepage: $(MAKE_SMBCODEPAGE_OBJ) bin/.dummy
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(MAKE_SMBCODEPAGE_OBJ) $(LDFLAGS) $(LIBS)
+@@ -459,6 +485,10 @@
+ 	@echo Linking $@
+ 	@$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(LIBS)
+ 
++bin/libsmb.@SHLIBEXT@: $(LIBSMB_PICOBJS) bin/.dummy
++	@echo Linking shared library $@
++	@$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LIBS)
++
+ install: installbin installman installscripts installcp installswat
+ 
+ installdirs:
+@@ -518,7 +548,7 @@
+ 	ctags `find . -name "*.[ch]" | grep -v /CVS/`
+ 
+ realclean: clean
+-	-rm -f config.log $(PROGS) $(SPROGS) bin/.dummy
++	-rm -f config.log $(PROGS) $(SPROGS) $(SHAREDPROGS) bin/.dummy
+ 	-rmdir bin
+ 
+ distclean: realclean
+diff -ur samba-2.0.10/source/nmbd/nmbd_mynames.c samba/source/nmbd/nmbd_mynames.c
+--- samba-2.0.10/source/nmbd/nmbd_mynames.c	2000-03-17 01:59:24.000000000 +0300
++++ samba/source/nmbd/nmbd_mynames.c	2005-05-21 20:57:26.672111680 +0400
+@@ -215,8 +215,8 @@
+          */
+         if( !is_refresh_already_queued( subrec, namerec) )
+           refresh_name( subrec, namerec, NULL, NULL, NULL );
+-        namerec->data.death_time += lp_max_ttl();
+-        namerec->data.refresh_time += MIN(lp_max_ttl(), MAX_REFRESH_TIME);
++        namerec->data.death_time = t + lp_max_ttl();
++        namerec->data.refresh_time = t + MIN(lp_max_ttl(), MAX_REFRESH_TIME);
+       }
+     }
+   }
+diff -ur samba-2.0.10/source/smbd/close.c samba/source/smbd/close.c
+--- samba-2.0.10/source/smbd/close.c	2000-04-21 21:43:13.000000000 +0400
++++ samba/source/smbd/close.c	2005-05-21 19:44:59.516979712 +0400
+@@ -122,11 +122,11 @@
+ 		last_reference = True;
+ 
+     fsp->fd_ptr = NULL;
+-
++#ifdef PRINTING
+ 	/* NT uses smbclose to start a print - weird */
+ 	if (normal_close && fsp->print_file)
+ 		print_file(conn, fsp);
+-
++#endif
+ 	/* check for magic scripts */
+ 	if (normal_close) {
+ 		check_magic(fsp,conn);
+diff -ur samba-2.0.10/source/smbd/ipc.c samba/source/smbd/ipc.c
+--- samba-2.0.10/source/smbd/ipc.c	2000-03-30 02:20:06.000000000 +0400
++++ samba/source/smbd/ipc.c	2005-05-21 19:44:59.559973176 +0400
+@@ -472,7 +472,7 @@
+   PACK(desc,t,v);
+ }
+ 
+-
++#ifdef PRINTING
+ /****************************************************************************
+   get a print queue
+   ****************************************************************************/
+@@ -1004,7 +1004,7 @@
+   
+   return True;
+ }
+-
++#endif
+ /****************************************************************************
+   get info level for a server list query
+   ****************************************************************************/
+@@ -1834,7 +1834,7 @@
+ 
+   return(True);
+ }
+-
++#ifdef PRINTING
+ /****************************************************************************
+   delete a print job
+   Form: <W> <> 
+@@ -2091,7 +2091,7 @@
+ 	
+ 	return(True);
+ }
+-
++#endif
+ 
+ /****************************************************************************
+   get info about the server
+@@ -2756,7 +2756,7 @@
+ 
+   return(True);
+ }
+-
++#ifdef PRINTING
+ /****************************************************************************
+   api_WPrintJobEnumerate
+   ****************************************************************************/
+@@ -3189,7 +3189,7 @@
+   DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode));
+   return(True);
+ }
+-
++#endif
+ /****************************************************************************
+  Start the first part of an RPC reply which began with an SMBtrans request.
+ ****************************************************************************/
+@@ -3407,6 +3407,7 @@
+   {"RNetUserGetInfo",	56,	api_RNetUserGetInfo,0},
+   {"NetUserGetGroups",	59,	api_NetUserGetGroups,0},
+   {"NetWkstaGetInfo",	63,	api_NetWkstaGetInfo,0},
++#ifdef PRINTING
+   {"DosPrintQEnum",	69,	api_DosPrintQEnum,0},
+   {"DosPrintQGetInfo",	70,	api_DosPrintQGetInfo,0},
+   {"WPrintQueuePause",  74, api_WPrintQueuePurge,0},
+@@ -3418,16 +3419,21 @@
+   {"RDosPrintJobResume",83,	api_RDosPrintJobDel,0},
+   {"WPrintDestEnum",	84,	api_WPrintDestEnum,0},
+   {"WPrintDestGetInfo",	85,	api_WPrintDestGetInfo,0},
++#endif
+   {"NetRemoteTOD",	91,	api_NetRemoteTOD,0},
++#ifdef PRINTING
+   {"WPrintQueuePurge",	103,	api_WPrintQueuePurge,0},
++#endif
+   {"NetServerEnum",	104,	api_RNetServerEnum,0},
+   {"WAccessGetUserPerms",105,	api_WAccessGetUserPerms,0},
+   {"SetUserPassword",	115,	api_SetUserPassword,0},
+   {"WWkstaUserLogon",	132,	api_WWkstaUserLogon,0},
++#ifdef PRINTING
+   {"PrintJobInfo",	147,	api_PrintJobInfo,0},
+   {"WPrintDriverEnum",	205,	api_WPrintDriverEnum,0},
+   {"WPrintQProcEnum",	206,	api_WPrintQProcEnum,0},
+   {"WPrintPortEnum",	207,	api_WPrintPortEnum,0},
++#endif
+   {"SamOEMChangePassword", 214, api_SamOEMChangePassword,0},
+   {NULL,		-1,	api_Unsupported,0}};
+ 
+diff -ur samba-2.0.10/source/smbd/negprot.c samba/source/smbd/negprot.c
+--- samba-2.0.10/source/smbd/negprot.c	2000-03-17 01:59:47.000000000 +0300
++++ samba/source/smbd/negprot.c	2005-05-21 21:09:16.025273608 +0400
+@@ -160,7 +160,7 @@
+   /* dual names + lock_and_read + nt SMBs + remote API calls */
+   int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|
+                      (lp_nt_smb_support() ? CAP_NT_SMBS | CAP_RPC_REMOTE_APIS : 0) |
+-                     (SMB_OFF_T_BITS == 64 ? CAP_LARGE_FILES : 0);
++                     (SMB_OFF_T_BITS == 64 ? CAP_LARGE_FILES | CAP_LARGE_READX | CAP_LARGE_WRITEX /*| CAP_W2K_SMBS*/ : 0);
+ 
+ 
+ /*
+diff -ur samba-2.0.10/source/smbd/password.c samba/source/smbd/password.c
+--- samba-2.0.10/source/smbd/password.c	2000-03-17 01:59:48.000000000 +0300
++++ samba/source/smbd/password.c	2005-05-21 19:44:59.562972720 +0400
+@@ -1149,7 +1149,7 @@
+ 
+   return(True);
+ }
+-
++#ifdef RPCCLIENT
+ /***********************************************************************
+  Connect to a remote machine for domain security authentication
+  given a name or IP address.
+@@ -1504,3 +1504,4 @@
+   cli_shutdown(&cli);
+   return True;
+ }
++#endif
+diff -ur samba-2.0.10/source/smbd/process.c samba/source/smbd/process.c
+--- samba-2.0.10/source/smbd/process.c	2000-04-15 04:21:27.000000000 +0400
++++ samba/source/smbd/process.c	2005-05-21 19:44:59.583969528 +0400
+@@ -343,10 +343,12 @@
+    {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
+    {SMBflush,"SMBflush",reply_flush,AS_USER},
+    {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
++#ifdef PRINTING
+    {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
+    {SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
+    {SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER},
+    {SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
++#endif
+    {SMBlock,"SMBlock",reply_lock,AS_USER},
+    {SMBunlock,"SMBunlock",reply_unlock,AS_USER},
+    
+@@ -908,7 +910,7 @@
+     DEBUG(2,("Closing idle connection 2.\n"));
+     return False;
+   }
+-
++#ifdef RPCLIENT
+   if(global_machine_password_needs_changing)
+   {
+     unsigned char trust_passwd_hash[16];
+@@ -954,7 +956,7 @@
+     trust_password_unlock();
+     global_machine_password_needs_changing = False;
+   }
+-
++#endif
+   /*
+    * Check to see if we have any blocking locks
+    * outstanding on the queue.
+diff -ur samba-2.0.10/source/smbd/reply.c samba/source/smbd/reply.c
+--- samba-2.0.10/source/smbd/reply.c	2001-06-23 12:51:24.000000000 +0400
++++ samba/source/smbd/reply.c	2005-05-21 19:44:59.628962688 +0400
+@@ -597,12 +597,12 @@
+ 
+   if (!check_domain_match(orig_user, domain))
+      return False;
+-
++#ifdef RPCCLIENT
+   ret = domain_client_validate(orig_user, domain,
+                                 smb_apasswd, smb_apasslen,
+                                 smb_ntpasswd, smb_ntpasslen,
+                                 &user_exists);
+-
++#endif
+   if(ret) {
+     /*
+      * User validated ok against Domain controller.
+@@ -2991,7 +2991,7 @@
+ 	return -1;
+ }
+ 
+-
++#ifdef PRINTING
+ /****************************************************************************
+   reply to a printopen
+ ****************************************************************************/
+@@ -3176,7 +3176,7 @@
+   
+   return(outsize);
+ }
+-
++#endif
+ 
+ /****************************************************************************
+   reply to a mkdir
+diff -ur samba-2.0.10/source/smbd/server.c samba/source/smbd/server.c
+--- samba-2.0.10/source/smbd/server.c	2000-03-17 01:59:52.000000000 +0300
++++ samba/source/smbd/server.c	2005-05-21 19:44:59.649959496 +0400
+@@ -300,9 +300,9 @@
+ 	lp_killunused(conn_snum_used);
+ 
+ 	ret = lp_load(servicesf,False,False,True);
+-
++#ifdef PRINTING
+ 	load_printers();
+-
++#endif
+ 	/* perhaps the config filename is now set */
+ 	if (!test)
+ 		reload_services(True);
+diff -ur samba-2.0.10/source/smbd/service.c samba/source/smbd/service.c
+--- samba-2.0.10/source/smbd/service.c	2000-03-17 01:59:52.000000000 +0300
++++ samba/source/smbd/service.c	2005-05-21 19:44:59.670956304 +0400
+@@ -121,7 +121,7 @@
+       }
+      }
+    }
+-
++#ifdef PRINTING
+    /* If we still don't have a service, attempt to add it as a printer. */
+    if (iService < 0)
+    {
+@@ -146,7 +146,7 @@
+             DEBUG(3,("%s is not a valid printer name\n", service));
+       }
+    }
+-
++#endif
+    /* just possibly it's a default service? */
+    if (iService < 0) 
+    {
+diff -ur samba-2.0.10/source/utils/smbpasswd.c samba/source/utils/smbpasswd.c
+--- samba-2.0.10/source/utils/smbpasswd.c	2000-03-17 01:59:57.000000000 +0300
++++ samba/source/utils/smbpasswd.c	2005-05-21 19:44:59.671956152 +0400
+@@ -71,7 +71,7 @@
+ 	}
+ 	exit(1);
+ }
+-
++#ifdef RPCCLIENT
+ /*********************************************************
+ Join a domain.
+ **********************************************************/
+@@ -143,7 +143,7 @@
+ 	
+ 	return (int)ret;
+ }
+-
++#endif
+ 
+ static void set_line_buffering(FILE *f)
+ {
+@@ -335,13 +335,13 @@
+ 	if((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) && ((remote_machine != NULL) || joining_domain)) {
+ 		usage();
+ 	}
+-	
++#ifdef RPCCLIENT	
+ 	if(joining_domain) {
+ 		if (argc != 0)
+ 			usage();
+ 		return join_domain(new_domain, remote_machine);
+ 	}
+-
++#endif
+ 	/*
+ 	 * Deal with root - can add a user, but only locally.
+ 	 */
+diff -ur samba-2.0.10/source/web/swat.c samba/source/web/swat.c
+--- samba-2.0.10/source/web/swat.c	2000-04-11 21:36:36.000000000 +0400
++++ samba/source/web/swat.c	2005-05-21 19:44:59.692952960 +0400
+@@ -357,8 +357,9 @@
+                 return 0;
+         }
+ 	iNumNonAutoPrintServices = lp_numservices();
++#ifdef PRINTING
+ 	load_printers();
+-
++#endif
+ 	return 1;
+ }
+ 
+@@ -997,8 +998,9 @@
+ 	charset_initialise();
+ 	load_config(True);
+ 	iNumNonAutoPrintServices = lp_numservices();
++#ifdef PRINTING
+ 	load_printers();
+-
++#endif
+ 	cgi_setup(SWATDIR, !demo_mode);
+ 
+ 	print_header();

openwrt/package/samba/patches/200-security.patch

@@ -0,0 +1,611 @@
+diff -ur samba-2.0.10/source/include/smb.h samba-2.0.10-security/source/include/smb.h
+--- samba-2.0.10/source/include/smb.h	2001-06-23 12:52:20.000000000 +0400
++++ samba-2.0.10-security/source/include/smb.h	2005-05-21 21:51:17.206995728 +0400
+@@ -256,6 +256,7 @@
+ #define ERRlock 33 /* Lock request conflicts with existing lock */
+ #define ERRunsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
+ #define ERRfilexists 80 /* File in operation already exists */
++#define ERRinvalidparam 87
+ #define ERRcannotopen 110 /* Cannot open the file specified */
+ #define ERRunknownlevel 124
+ #define ERRrename 183
+@@ -1893,4 +1894,7 @@
+ 
+ #define SAFE_NETBIOS_CHARS ". -_"
+ 
++#ifndef SAFE_FREE
++#define SAFE_FREE(x) do { if ((x) != NULL) {free((x)); (x)=NULL;} } while(0)
++#endif
+ #endif /* _SMB_H */
+diff -ur samba-2.0.10/source/include/version.h samba-2.0.10-security/source/include/version.h
+--- samba-2.0.10/source/include/version.h	2001-06-23 17:23:59.000000000 +0400
++++ samba-2.0.10-security/source/include/version.h	2005-05-21 21:51:17.227992536 +0400
+@@ -1 +1 @@
+-#define VERSION "2.0.10"
++#define VERSION "2.0.10-security-rollup"
+diff -ur samba-2.0.10/source/smbd/filename.c samba-2.0.10-security/source/smbd/filename.c
+--- samba-2.0.10/source/smbd/filename.c	2000-03-17 01:59:44.000000000 +0300
++++ samba-2.0.10-security/source/smbd/filename.c	2005-05-21 21:51:17.403965784 +0400
+@@ -172,7 +172,7 @@
+    * StrnCpy always null terminates.
+    */
+ 
+-  StrnCpy(orig_name, full_orig_name, namelen);
++  StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1));
+   if(!case_sensitive)
+     strupper( orig_name );
+ 
+diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
+--- samba-2.0.10/source/smbd/ipc.c	2000-03-30 02:20:06.000000000 +0400
++++ samba-2.0.10-security/source/smbd/ipc.c	2005-05-21 21:51:17.269986152 +0400
+@@ -3550,18 +3550,18 @@
+ 	uint16 *setup=NULL;
+ 	int outsize = 0;
+ 	uint16 vuid = SVAL(inbuf,smb_uid);
+-	int tpscnt = SVAL(inbuf,smb_vwv0);
+-	int tdscnt = SVAL(inbuf,smb_vwv1);
+-	int mprcnt = SVAL(inbuf,smb_vwv2);
+-	int mdrcnt = SVAL(inbuf,smb_vwv3);
+-	int msrcnt = CVAL(inbuf,smb_vwv4);
++	unsigned int tpscnt = SVAL(inbuf,smb_vwv0);
++	unsigned int tdscnt = SVAL(inbuf,smb_vwv1);
++	unsigned int mprcnt = SVAL(inbuf,smb_vwv2);
++	unsigned int mdrcnt = SVAL(inbuf,smb_vwv3);
++	unsigned int msrcnt = CVAL(inbuf,smb_vwv4);
+ 	BOOL close_on_completion = BITSETW(inbuf+smb_vwv5,0);
+ 	BOOL one_way = BITSETW(inbuf+smb_vwv5,1);
+-	int pscnt = SVAL(inbuf,smb_vwv9);
+-	int psoff = SVAL(inbuf,smb_vwv10);
+-	int dscnt = SVAL(inbuf,smb_vwv11);
+-	int dsoff = SVAL(inbuf,smb_vwv12);
+-	int suwcnt = CVAL(inbuf,smb_vwv13);
++	unsigned int pscnt = SVAL(inbuf,smb_vwv9);
++	unsigned int psoff = SVAL(inbuf,smb_vwv10);
++	unsigned int dscnt = SVAL(inbuf,smb_vwv11);
++	unsigned int dsoff = SVAL(inbuf,smb_vwv12);
++	unsigned int suwcnt = CVAL(inbuf,smb_vwv13);
+ 
+ 	memset(name, '\0',sizeof(name));
+ 	fstrcpy(name,smb_buf(inbuf));
+@@ -3572,31 +3572,48 @@
+   
+ 	if (tdscnt)  {
+ 		if((data = (char *)malloc(tdscnt)) == NULL) {
+-			DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt));
++			DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt));
+ 			return(ERROR(ERRDOS,ERRnomem));
+ 		} 
++		if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt))
++			goto bad_param;
++		if (smb_base(inbuf)+dsoff+dscnt > inbuf + size)
++			goto bad_param;
++
+ 		memcpy(data,smb_base(inbuf)+dsoff,dscnt);
+ 	}
+ 
+ 	if (tpscnt) {
+ 		if((params = (char *)malloc(tpscnt)) == NULL) {
+-			DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt));
++			DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt));
++			SAFE_FREE(data);
+ 			return(ERROR(ERRDOS,ERRnomem));
+ 		} 
++		if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt))
++			goto bad_param;
++		if (smb_base(inbuf)+psoff+pscnt > inbuf + size)
++			goto bad_param;
++
+ 		memcpy(params,smb_base(inbuf)+psoff,pscnt);
+ 	}
+ 
+ 	if (suwcnt) {
+ 		int i;
+ 		if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) {
+-          DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16))));
+-		  return(ERROR(ERRDOS,ERRnomem));
+-        } 
++			DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16))));
++			SAFE_FREE(data);
++			SAFE_FREE(params);
++			return(ERROR(ERRDOS,ERRnomem));
++		} 
++		if (inbuf+smb_vwv14+(suwcnt*SIZEOFWORD) > inbuf + size)
++			goto bad_param;
++		if ((smb_vwv14+(suwcnt*SIZEOFWORD) < smb_vwv14) || (smb_vwv14+(suwcnt*SIZEOFWORD) < (suwcnt*SIZEOFWORD)))
++			goto bad_param;
++
+ 		for (i=0;i<suwcnt;i++)
+ 			setup[i] = SVAL(inbuf,smb_vwv14+i*SIZEOFWORD);
+ 	}
+ 
+-
+ 	if (pscnt < tpscnt || dscnt < tdscnt) {
+ 		/* We need to send an interim response then receive the rest
+ 		   of the parameter/data bytes */
+@@ -3608,7 +3625,7 @@
+ 	/* receive the rest of the trans packet */
+ 	while (pscnt < tpscnt || dscnt < tdscnt) {
+ 		BOOL ret;
+-		int pcnt,poff,dcnt,doff,pdisp,ddisp;
++		unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
+       
+ 		ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+ 
+@@ -3619,19 +3636,19 @@
+ 				DEBUG(0,("reply_trans: %s in getting secondary trans response.\n",
+ 					 (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+ 			}
+-			if (params)
+-				free(params);
+-			if (data)
+-				free(data);
+-			if (setup)
+-				free(setup);
++			SAFE_FREE(params);
++			SAFE_FREE(data);
++			SAFE_FREE(setup);
+ 			return(ERROR(ERRSRV,ERRerror));
+ 		}
+ 
+ 		show_msg(inbuf);
+       
+-		tpscnt = SVAL(inbuf,smb_vwv0);
+-		tdscnt = SVAL(inbuf,smb_vwv1);
++		/* Revise total_params and total_data in case they have changed downwards */
++		if (SVAL(inbuf,smb_vwv0) < tpscnt)
++			tpscnt = SVAL(inbuf,smb_vwv0);
++		if (SVAL(inbuf,smb_vwv1) < tdscnt)
++			tdscnt = SVAL(inbuf,smb_vwv1);
+ 
+ 		pcnt = SVAL(inbuf,smb_vwv2);
+ 		poff = SVAL(inbuf,smb_vwv3);
+@@ -3644,17 +3661,36 @@
+ 		pscnt += pcnt;
+ 		dscnt += dcnt;
+ 		
+-		if (dscnt > tdscnt || pscnt > tpscnt) {
+-			exit_server("invalid trans parameters\n");
+-		}
++		if (dscnt > tdscnt || pscnt > tpscnt)
++			goto bad_param;
+ 		
+-		if (pcnt)
++		if (pcnt) {
++			if (pdisp+pcnt >= tpscnt)
++				goto bad_param;
++			if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt))
++				goto bad_param;
++			if (smb_base(inbuf) + poff + pcnt >= inbuf + bufsize)
++				goto bad_param;
++			if (params + pdisp < params)
++				goto bad_param;
++
+ 			memcpy(params+pdisp,smb_base(inbuf)+poff,pcnt);
+-		if (dcnt)
++		}
++
++		if (dcnt) {
++			if (ddisp+dcnt >= tdscnt)
++				goto bad_param;
++			if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt))
++				goto bad_param;
++			if (smb_base(inbuf) + doff + dcnt >= inbuf + bufsize)
++				goto bad_param;
++			if (data + ddisp < data)
++				goto bad_param;
++
+ 			memcpy(data+ddisp,smb_base(inbuf)+doff,dcnt);      
++		}
+ 	}
+-	
+-	
++
+ 	DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n",
+ 		 name,tdscnt,tpscnt,suwcnt));
+ 	
+@@ -3694,4 +3730,12 @@
+ 		return(ERROR(ERRSRV,ERRnosupport));
+ 	
+ 	return(outsize);
++
++  bad_param:
++
++	DEBUG(0,("reply_trans: invalid trans parameters\n"));
++	SAFE_FREE(data);
++	SAFE_FREE(params);
++	SAFE_FREE(setup);
++	return(ERROR(ERRSRV,ERRerror));
+ }
+diff -ur samba-2.0.10/source/smbd/nttrans.c samba-2.0.10-security/source/smbd/nttrans.c
+--- samba-2.0.10/source/smbd/nttrans.c	2000-04-24 21:27:30.000000000 +0400
++++ samba-2.0.10-security/source/smbd/nttrans.c	2005-05-21 21:51:17.314979312 +0400
+@@ -2575,11 +2575,14 @@
+     params = (char *)malloc(total_parameter_count);
+   if (total_data_count > 0)
+     data = (char *)malloc(total_data_count);
+- 
++
+   if ((total_parameter_count && !params)  || (total_data_count && !data) ||
+       (setup_count && !setup)) {
++    SAFE_FREE(setup);
++    SAFE_FREE(params);
++    SAFE_FREE(data);
+     DEBUG(0,("reply_nttrans : Out of memory\n"));
+-    return(ERROR(ERRDOS,ERRnomem));
++    return ERROR(ERRDOS,ERRnomem);
+   }
+ 
+   /* Copy the param and data bytes sent with this request into
+@@ -2588,64 +2591,112 @@
+   num_data_sofar = data_count;
+ 
+   if (parameter_count > total_parameter_count || data_count > total_data_count)
+-    exit_server("reply_nttrans: invalid sizes in packet.\n");
++    goto bad_param;
+ 
+   if(setup) {
+-    memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count);
+     DEBUG(10,("reply_nttrans: setup_count = %d\n", setup_count));
+-    dump_data(10, setup, setup_count);
++    if ((smb_nt_SetupStart + setup_count < smb_nt_SetupStart) ||
++	(smb_nt_SetupStart + setup_count < setup_count))
++      goto bad_param;
++    if (smb_nt_SetupStart + setup_count > length)
++      goto bad_param;
++    
++    memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count);
+   }
+   if(params) {
+-    memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count);
+     DEBUG(10,("reply_nttrans: parameter_count = %d\n", parameter_count));
+-    dump_data(10, params, parameter_count);
++    if ((parameter_offset + parameter_count < parameter_offset) ||
++	(parameter_offset + parameter_count < parameter_count))
++      goto bad_param;
++    if (smb_base(inbuf) + parameter_offset + parameter_count > inbuf + length)
++      goto bad_param;
++    
++    memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count);
+   }
+   if(data) {
+-    memcpy( data, smb_base(inbuf) + data_offset, data_count);
+     DEBUG(10,("reply_nttrans: data_count = %d\n",data_count));
+-    dump_data(10, data, data_count);
++    if ((data_offset + data_count < data_offset) || (data_offset + data_count < data_count))
++      goto bad_param;
++    if (smb_base(inbuf) + data_offset + data_count > inbuf + length)
++      goto bad_param;
++    
++    memcpy( data, smb_base(inbuf) + data_offset, data_count);
++
+   }
+ 
+   if(num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
+     /* We need to send an interim response then receive the rest
+        of the parameter/data bytes */
+     outsize = set_message(outbuf,0,0,True);
+-    send_smb(Client,outbuf);
++    if (!send_smb(Client,outbuf))
++      exit_server("reply_nttrans: send_smb failed.");
+ 
+     while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
+       BOOL ret;
+-
++      uint32 parameter_displacement;
++      uint32 data_displacement;
++      
+       ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+-
++      
+       if((ret && (CVAL(inbuf, smb_com) != SMBnttranss)) || !ret) {
+-        outsize = set_message(outbuf,0,0,True);
+-        if(ret) {
+-		DEBUG(0,("reply_nttrans: Invalid secondary nttrans packet\n"));
+-        } else {
+-		DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n",
+-			 (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
++	outsize = set_message(outbuf,0,0,True);
++	if(ret) {
++	  DEBUG(0,("reply_nttrans: Invalid secondary nttrans packet\n"));
++	} else {
++	  DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n",
++		   (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+ 	}
+-        if(params)
+-          free(params);
+-        if(data)
+-          free(data);
+-        if(setup)
+-          free(setup);
+-        return(ERROR(ERRSRV,ERRerror));
++	goto bad_param;
+       }
+       
+       /* Revise total_params and total_data in case they have changed downwards */
+-      total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
+-      total_data_count = IVAL(inbuf, smb_nts_TotalDataCount);
+-      num_params_sofar += (parameter_count = IVAL(inbuf,smb_nts_ParameterCount));
+-      num_data_sofar += ( data_count = IVAL(inbuf, smb_nts_DataCount));
+-      if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count)
+-        exit_server("reply_nttrans2: data overflow in secondary nttrans packet\n");
+-
+-      memcpy( &params[ IVAL(inbuf, smb_nts_ParameterDisplacement)], 
+-              smb_base(inbuf) + IVAL(inbuf, smb_nts_ParameterOffset), parameter_count);
+-      memcpy( &data[IVAL(inbuf, smb_nts_DataDisplacement)],
+-              smb_base(inbuf)+ IVAL(inbuf, smb_nts_DataOffset), data_count);
++      if (IVAL(inbuf, smb_nts_TotalParameterCount) < total_parameter_count)
++	total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
++      if (IVAL(inbuf, smb_nts_TotalDataCount) < total_data_count)
++	total_data_count = IVAL(inbuf, smb_nts_TotalDataCount);
++      
++      parameter_count = IVAL(inbuf,smb_nts_ParameterCount);
++      parameter_offset = IVAL(inbuf, smb_nts_ParameterOffset);
++      parameter_displacement = IVAL(inbuf, smb_nts_ParameterDisplacement);
++      num_params_sofar += parameter_count;
++      
++      data_count = IVAL(inbuf, smb_nts_DataCount);
++      data_displacement = IVAL(inbuf, smb_nts_DataDisplacement);
++      data_offset = IVAL(inbuf, smb_nts_DataOffset);
++      num_data_sofar += data_count;
++
++      if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) {
++	DEBUG(0,("reply_nttrans2: data overflow in secondary nttrans packet"));
++	goto bad_param;
++      }
++
++      if (parameter_count) {
++	if (parameter_displacement + parameter_count >= total_parameter_count)
++	  goto bad_param;
++	if ((parameter_displacement + parameter_count < parameter_displacement) ||
++	    (parameter_displacement + parameter_count < parameter_count))
++	  goto bad_param;
++	if (smb_base(inbuf) + parameter_offset + parameter_count >= inbuf + bufsize)
++	  goto bad_param;
++	if (params + parameter_displacement < params)
++	  goto bad_param;
++	
++	memcpy( &params[parameter_displacement], smb_base(inbuf) + parameter_offset, parameter_count);
++      }
++      
++      if (data_count) {
++	if (data_displacement + data_count >= total_data_count)
++	  goto bad_param;
++	if ((data_displacement + data_count < data_displacement) ||
++	    (data_displacement + data_count < data_count))
++	  goto bad_param;
++	if (smb_base(inbuf) + data_offset + data_count >= inbuf + bufsize)
++	  goto bad_param;
++	if (data + data_displacement < data)
++	  goto bad_param;
++	
++	memcpy( &data[data_displacement], smb_base(inbuf)+ data_offset, data_count);
++      }
+     }
+   }
+ 
+@@ -2714,4 +2765,10 @@
+   return outsize; /* If a correct response was needed the call_nt_transact_xxxx 
+ 		     calls have already sent it. If outsize != -1 then it is
+ 		     returning an error packet. */
++ bad_param:
++
++  SAFE_FREE(params);
++  SAFE_FREE(data);
++  SAFE_FREE(setup);
++  return ERROR(ERRDOS,ERRinvalidparam);
+ }
+diff -ur samba-2.0.10/source/smbd/password.c samba-2.0.10-security/source/smbd/password.c
+--- samba-2.0.10/source/smbd/password.c	2000-03-17 01:59:48.000000000 +0300
++++ samba-2.0.10-security/source/smbd/password.c	2005-05-21 21:51:17.336975968 +0400
+@@ -770,7 +770,7 @@
+       if (!ok && lp_username(snum)) {
+ 	char *auser;
+ 	pstring user_list;
+-	StrnCpy(user_list,lp_username(snum),sizeof(pstring));
++	StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1);
+ 
+ 	pstring_sub(user_list,"%S",lp_servicename(snum));
+ 	  
+diff -ur samba-2.0.10/source/smbd/reply.c samba-2.0.10-security/source/smbd/reply.c
+--- samba-2.0.10/source/smbd/reply.c	2001-06-23 12:51:24.000000000 +0400
++++ samba-2.0.10-security/source/smbd/reply.c	2005-05-21 21:51:17.378969584 +0400
+@@ -1413,6 +1413,9 @@
+ 
+         for (i=numentries;(i<maxentries) && !finished;i++)
+         {
++	  /* check to make sure we have room in the buffer */
++	  if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE )
++	  	break;
+           finished = 
+             !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
+           if (!finished)
+@@ -3122,6 +3125,9 @@
+     
+ 
+ 		for (i=first;i<first+num_to_get;i++) {
++			/* check to make sure we have room in the buffer */
++			if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE )
++				break;
+ 			put_dos_date2(p,0,queue[i].time);
+ 			CVAL(p,4) = (queue[i].status==LPQ_PRINTING?2:3);
+ 			SSVAL(p,5,printjob_encode(SNUM(conn), 
+diff -ur samba-2.0.10/source/smbd/trans2.c samba-2.0.10-security/source/smbd/trans2.c
+--- samba-2.0.10/source/smbd/trans2.c	2000-04-24 21:27:31.000000000 +0400
++++ samba-2.0.10-security/source/smbd/trans2.c	2005-05-21 21:51:17.402965936 +0400
+@@ -201,7 +201,6 @@
+   int16 open_ofun = SVAL(params,12);
+   int32 open_size = IVAL(params,14);
+   char *pname = &params[28];
+-  int16 namelen = strlen(pname)+1;
+ 
+   pstring fname;
+   mode_t unixmode;
+@@ -213,7 +212,7 @@
+   BOOL bad_path = False;
+   files_struct *fsp;
+ 
+-  StrnCpy(fname,pname,namelen);
++  pstrcpy(fname,pname);
+ 
+   DEBUG(3,("trans2open %s mode=%d attr=%d ofun=%d size=%d\n",
+ 	   fname,open_mode, open_attr, open_ofun, open_size));
+@@ -2185,7 +2184,7 @@
+ 	unsigned int suwcnt = SVAL(inbuf, smb_suwcnt);
+ 	unsigned int tran_call = SVAL(inbuf, smb_setup0);
+ 	char *params = NULL, *data = NULL;
+-	int num_params, num_params_sofar, num_data, num_data_sofar;
++	unsigned int num_params, num_params_sofar, num_data, num_data_sofar;
+ 
+ 	if(global_oplock_break && (tran_call == TRANSACT2_OPEN)) {
+ 		/* Queue this open message as we are the process of an
+@@ -2203,8 +2202,9 @@
+ 	/* All trans2 messages we handle have smb_sucnt == 1 - ensure this
+ 	   is so as a sanity check */
+ 	if (suwcnt != 1) {
+-		DEBUG(2,("Invalid smb_sucnt in trans2 call\n"));
+-		return(ERROR(ERRSRV,ERRerror));
++		DEBUG(2,("Invalid smb_sucnt in trans2 call(%u)\n",suwcnt));
++		DEBUG(2,("Transaction is %d\n",tran_call));
++		ERROR(ERRDOS,ERRinvalidparam);
+ 	}
+     
+ 	/* Allocate the space for the maximum needed parameters and data */
+@@ -2215,11 +2215,9 @@
+   
+ 	if ((total_params && !params)  || (total_data && !data)) {
+ 		DEBUG(2,("Out of memory in reply_trans2\n"));
+-        if(params)
+-          free(params);
+-        if(data)
+-          free(data); 
+-		return(ERROR(ERRDOS,ERRnomem));
++		SAFE_FREE(params);
++		SAFE_FREE(data); 
++		return ERROR(ERRDOS,ERRnomem);
+ 	}
+ 
+ 	/* Copy the param and data bytes sent with this request into
+@@ -2230,20 +2228,37 @@
+ 	if (num_params > total_params || num_data > total_data)
+ 		exit_server("invalid params in reply_trans2");
+ 
+-	if(params)
+-		memcpy( params, smb_base(inbuf) + SVAL(inbuf, smb_psoff), num_params);
+-	if(data)
+-		memcpy( data, smb_base(inbuf) + SVAL(inbuf, smb_dsoff), num_data);
++	if(params) {
++		unsigned int psoff = SVAL(inbuf, smb_psoff);
++		if ((psoff + num_params < psoff) || (psoff + num_params < num_params))
++			goto bad_param;
++		if (smb_base(inbuf) + psoff + num_params > inbuf + length)
++			goto bad_param;
++		memcpy( params, smb_base(inbuf) + psoff, num_params);
++	}
++	if(data) {
++		unsigned int dsoff = SVAL(inbuf, smb_dsoff);
++		if ((dsoff + num_data < dsoff) || (dsoff + num_data < num_data))
++			goto bad_param;
++		if (smb_base(inbuf) + dsoff + num_data > inbuf + length)
++			goto bad_param;
++		memcpy( data, smb_base(inbuf) + dsoff, num_data);
++	}
+ 
+ 	if(num_data_sofar < total_data || num_params_sofar < total_params)  {
+ 		/* We need to send an interim response then receive the rest
+ 		   of the parameter/data bytes */
+ 		outsize = set_message(outbuf,0,0,True);
+-		send_smb(Client,outbuf);
++		if (!send_smb(Client,outbuf))
++			exit_server("reply_trans2: send_smb failed.");
+ 
+ 		while (num_data_sofar < total_data || 
+ 		       num_params_sofar < total_params) {
+ 			BOOL ret;
++			unsigned int param_disp;
++			unsigned int param_off;
++			unsigned int data_disp;
++			unsigned int data_off;
+ 
+ 			ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+ 			
+@@ -2255,26 +2270,55 @@
+ 				else
+ 					DEBUG(0,("reply_trans2: %s in getting secondary trans2 response.\n",
+ 						 (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+-				if(params)
+-					free(params);
+-				if(data)
+-					free(data);
+-				return(ERROR(ERRSRV,ERRerror));
++				goto bad_param;
+ 			}
+       
+ 			/* Revise total_params and total_data in case
+                            they have changed downwards */
+-			total_params = SVAL(inbuf, smb_tpscnt);
+-			total_data = SVAL(inbuf, smb_tdscnt);
+-			num_params_sofar += (num_params = SVAL(inbuf,smb_spscnt));
+-			num_data_sofar += ( num_data = SVAL(inbuf, smb_sdscnt));
++			if (SVAL(inbuf, smb_tpscnt) < total_params)
++				total_params = SVAL(inbuf, smb_tpscnt);
++			if (SVAL(inbuf, smb_tdscnt) < total_data)
++				total_data = SVAL(inbuf, smb_tdscnt);
++
++			num_params = SVAL(inbuf,smb_spscnt);
++			param_off = SVAL(inbuf, smb_spsoff);
++			param_disp = SVAL(inbuf, smb_spsdisp);
++			num_params_sofar += num_params;
++
++			num_data = SVAL(inbuf, smb_sdscnt);
++			data_off = SVAL(inbuf, smb_sdsoff);
++			data_disp = SVAL(inbuf, smb_sdsdisp);
++			num_data_sofar += num_data;
++
+ 			if (num_params_sofar > total_params || num_data_sofar > total_data)
+-				exit_server("data overflow in trans2");
++				goto bad_param;
+ 			
+-			memcpy( &params[ SVAL(inbuf, smb_spsdisp)], 
+-				smb_base(inbuf) + SVAL(inbuf, smb_spsoff), num_params);
+-			memcpy( &data[SVAL(inbuf, smb_sdsdisp)],
+-				smb_base(inbuf)+ SVAL(inbuf, smb_sdsoff), num_data);
++			if (num_params) {
++				if (param_disp + num_params >= total_params)
++					goto bad_param;
++				if ((param_disp + num_params < param_disp) ||
++						(param_disp + num_params < num_params))
++					goto bad_param;
++				if (smb_base(inbuf) + param_off + num_params >= inbuf + bufsize)
++					goto bad_param;
++				if (params + param_disp < params)
++					goto bad_param;
++
++				memcpy( &params[param_disp], smb_base(inbuf) + param_off, num_params);
++			}
++			if (num_data) {
++				if (data_disp + num_data >= total_data)
++					goto bad_param;
++				if ((data_disp + num_data < data_disp) ||
++						(data_disp + num_data < num_data))
++					goto bad_param;
++				if (smb_base(inbuf) + data_off + num_data >= inbuf + bufsize)
++					goto bad_param;
++				if (data + data_disp < data)
++					goto bad_param;
++
++				memcpy( &data[data_disp], smb_base(inbuf) + data_off, num_data);
++			}
+ 		}
+ 	}
+ 	
+@@ -2367,4 +2411,10 @@
+ 	return outsize; /* If a correct response was needed the
+ 			   call_trans2xxx calls have already sent
+ 			   it. If outsize != -1 then it is returning */
++
++  bad_param:
++
++	SAFE_FREE(params);
++	SAFE_FREE(data);
++	return (ERROR(ERRDOS,ERRinvalidparam));
+ }

openwrt/package/samba/patches/300-shared_lib_ldflags_fix.patch

@@ -0,0 +1,25 @@
+--- samba-2.0.10/source/Makefile.in.orig	2005-08-20 20:34:44.000000000 +0200
++++ samba-2.0.10/source/Makefile.in	2005-08-20 20:36:27.000000000 +0200
+@@ -475,11 +475,11 @@
+ 
+ bin/smbwrapper.@SHLIBEXT@: $(PICOBJS)
+ 	@echo Linking shared library $@
+-	@$(LD) @LDSHFLAGS@ -o $@ $(PICOBJS) $(LIBS)
++	@$(LD) @LDSHFLAGS@ -o $@ $(PICOBJS) $(LDFLAGS) $(LIBS)
+ 
+ bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32)
+ 	@echo Linking shared library $@
+-	@$(LD) -32 @LDSHFLAGS@ -o $@ $(PICOBJS32) $(LIBS)
++	@$(LD) -32 @LDSHFLAGS@ -o $@ $(PICOBJS32) $(LDFLAGS) $(LIBS)
+ 
+ bin/smbsh: $(SMBSH_OBJ) bin/.dummy
+ 	@echo Linking $@
+@@ -487,7 +487,7 @@
+ 
+ bin/libsmb.@SHLIBEXT@: $(LIBSMB_PICOBJS) bin/.dummy
+ 	@echo Linking shared library $@
+-	@$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LIBS)
++	@$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LDFLAGS) $(LIBS)
+ 
+ install: installbin installman installscripts installcp installswat
+ 

openwrt/package/samba/patches/301-config_files_path.patch

@@ -0,0 +1,25 @@
+diff -ruN samba-2.0.10-old/source/Makefile.in samba-2.0.10-new/source/Makefile.in
+--- samba-2.0.10-old/source/Makefile.in	2005-08-22 03:03:17.000000000 +0200
++++ samba-2.0.10-new/source/Makefile.in	2005-08-22 03:08:23.000000000 +0200
+@@ -31,6 +31,8 @@
+ MANDIR = @mandir@
+ SAMBABOOK = @sambabook@
+ 
++CONFIGDIR = @sysconfdir@
++
+ # The permissions to give the executables
+ INSTALLPERMS = 0755
+ 
+@@ -39,9 +41,9 @@
+ # or in smb.conf (see smb.conf(5))
+ SMBLOGFILE = $(VARDIR)/smb
+ NMBLOGFILE = $(VARDIR)/nmb
+-CONFIGFILE = $(LIBDIR)/smb.conf
+-LMHOSTSFILE = $(LIBDIR)/lmhosts
+-DRIVERFILE = $(LIBDIR)/printers.def
++CONFIGFILE = $(CONFIGDIR)/smb.conf
++LMHOSTSFILE = $(CONFIGDIR)/lmhosts
++DRIVERFILE = $(CONFIGDIR)/printers.def
+ PASSWD_PROGRAM = /bin/passwd
+ # This is where smbpasswd et al go
+ PRIVATEDIR = @privatedir@