--- /dev/null
+#
+# Copyright (C) 2006 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# $Id$
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=samba
+PKG_VERSION:=2.0.10
+PKG_RELEASE:=2
+PKG_MD5SUM:=54870482fe036b7e69dd48c90661eec6
+
+PKG_SOURCE_URL:=ftp://se.samba.org/pub/samba/stable \
+ ftp://ftp.easynet.be/samba/stable
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/samba
+ SECTION:=net
+ CATEGORY:=Network
+ SUBMENU:=A NetBIOS/SMB implementation
+ TITLE:=A NetBIOS/SMB implementation
+ DESCRIPTION:=The Samba software suite is a collection of programs that implements the\\\
+ SMB protocol for unix systems, allowing you to serve files and printers to\\\
+ Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred\\\
+ to as the LanManager or Netbios protocol.
+ URL:=http://www.samba.org/
+endef
+
+define Package/samba-server
+ $(call Package/samba)
+ TITLE:=NetBIOS/SMB file and print server
+endef
+
+define Package/samba-client
+ $(call Package/samba)
+ TITLE:=NetBIOS/SMB simple client
+endef
+
+define Build/Compile
+ rm -rf $(PKG_INSTALL_DIR)
+ mkdir -p $(PKG_INSTALL_DIR)
+ (cd $(PKG_BUILD_DIR)/source ; rm -rf config.{cache,status} ; \
+ ./configure \
+ --program-prefix="" \
+ --program-suffix="" \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --datadir=/usr/share \
+ --includedir=/usr/include \
+ --infodir=/usr/share/info \
+ --libdir=/usr/lib \
+ --libexecdir=/usr/lib \
+ --localstatedir=/var/log/samba \
+ --mandir=/usr/share/man \
+ --sbindir=/usr/sbin \
+ --sysconfdir=/etc/samba \
+ $(DISABLE_LARGEFILE) \
+ $(DISABLE_NLS) \
+ --with-lockdir=/var/run/samba \
+ --with-privatedir=/etc/samba \
+ );
+ $(MAKE) -C $(PKG_BUILD_DIR)/source \
+ bin/make_smbcodepage bin/make_unicodemap
+ (cd $(PKG_BUILD_DIR)/source/bin ; \
+ mv -f make_smbcodepage make_smbcodepage.old ; \
+ mv -f make_unicodemap make_unicodemap.old ; \
+ );
+ $(MAKE) -C $(PKG_BUILD_DIR)/source \
+ clean
+ (cd $(PKG_BUILD_DIR)/source; rm -rf config.{cache,status}; \
+ $(TARGET_CONFIGURE_OPTS) \
+ CFLAGS="$(TARGET_CFLAGS) -D_GNU_SOURCE -DNDEBUG -DSHMEM_SIZE=524288 -Dfcntl=fcntl64" \
+ CPPFLAGS="-I$(STAGING_DIR)/usr/include" \
+ LDFLAGS="-lgcc_s -L$(STAGING_DIR)/lib -L$(STAGING_DIR)/usr/lib" \
+ ac_cv_lib_cups_httpConnect=no \
+ ac_cv_sizeof_int=4 \
+ ac_cv_sizeof_long=4 \
+ ac_cv_sizeof_short=2 \
+ samba_cv_FTRUNCATE_NEEDS_ROOT=no \
+ samba_cv_HAVE_BROKEN_FCNTL64_LOCKS=no \
+ samba_cv_HAVE_BROKEN_GETGROUPS=no \
+ samba_cv_HAVE_BROKEN_READDIR=no \
+ samba_cv_HAVE_FCNTL_LOCK=yes \
+ samba_cv_HAVE_FNMATCH=yes \
+ samba_cv_HAVE_FTRUNCATE_EXTEND=no \
+ samba_cv_HAVE_GETTIMEOFDAY_TZ=yes \
+ samba_cv_HAVE_IFACE_AIX=no \
+ samba_cv_HAVE_IFACE_IFCONF=yes \
+ samba_cv_HAVE_IFACE_IFREQ=yes \
+ samba_cv_HAVE_INO64_T=yes \
+ samba_cv_HAVE_IRIX_SPECIFIC_CAPABILITIES=no \
+ samba_cv_HAVE_OFF64_T=yes \
+ samba_cv_HAVE_ROOT=yes \
+ samba_cv_HAVE_SECURE_MKSTEMP=yes \
+ samba_cv_HAVE_SHARED_MMAP=yes \
+ samba_cv_HAVE_STRUCT_FLOCK64=yes \
+ samba_cv_HAVE_SYSV_IPC=no \
+ samba_cv_HAVE_TRUNCATED_SALT=no \
+ samba_cv_HAVE_UNION_SEMUN=no \
+ samba_cv_HAVE_UNSIGNED_CHAR=yes \
+ samba_cv_NEED_SGI_SEMUN_HACK=no \
+ samba_cv_REPLACE_INET_NTOA=no \
+ samba_cv_SIZEOF_INO_T=4 \
+ samba_cv_SIZEOF_OFF_T=4 \
+ samba_cv_SYSCONF_SC_NGROUPS_MAX=yes \
+ samba_cv_USE_SETEUID=yes \
+ samba_cv_USE_SETRESUID=no \
+ samba_cv_USE_SETREUID=yes \
+ samba_cv_USE_SETUIDX=no \
+ samba_cv_have_longlong=yes \
+ samba_cv_have_setresgid=no \
+ samba_cv_have_setresuid=no \
+ ./configure \
+ --target=$(GNU_TARGET_NAME) \
+ --host=$(GNU_TARGET_NAME) \
+ --build=$(GNU_HOST_NAME) \
+ --program-prefix="" \
+ --program-suffix="" \
+ --prefix=/usr \
+ --exec-prefix=/usr \
+ --bindir=/usr/bin \
+ --datadir=/usr/share \
+ --includedir=/usr/include \
+ --infodir=/usr/share/info \
+ --libdir=/usr/lib \
+ --libexecdir=/usr/lib \
+ --localstatedir=/var/log/samba \
+ --mandir=/usr/share/man \
+ --sbindir=/usr/sbin \
+ --sysconfdir=/etc/samba \
+ $(DISABLE_LARGEFILE) \
+ $(DISABLE_NLS) \
+ --with-lockdir=/var/run/samba \
+ --with-privatedir=/etc/samba \
+ --with-syslog \
+ );
+ $(MAKE) -C $(PKG_BUILD_DIR)/source \
+ $(TARGET_CONFIGURE_OPTS) \
+ CODEPAGEDIR="/usr/share/samba" \
+ all shared
+ (cd $(PKG_BUILD_DIR)/source/bin ; \
+ mv -f make_smbcodepage.old make_smbcodepage ; touch make_smbcodepage ; \
+ mv -f make_unicodemap.old make_unicodemap ; touch make_unicodemap ; \
+ );
+ mkdir -p $(PKG_INSTALL_DIR)/usr/share/samba
+ mkdir -p $(PKG_INSTALL_DIR)/var/log
+ $(MAKE) -C $(PKG_BUILD_DIR)/source \
+ BASEDIR="$(PKG_INSTALL_DIR)/usr" \
+ BINDIR="$(PKG_INSTALL_DIR)/usr/bin" \
+ SBINDIR="$(PKG_INSTALL_DIR)/usr/bin" \
+ LIBDIR="$(PKG_INSTALL_DIR)/usr/lib" \
+ VARDIR="$(PKG_INSTALL_DIR)/var/log/samba" \
+ MANDIR="$(PKG_INSTALL_DIR)/usr/share/man" \
+ CONFIGDIR="$(PKG_INSTALL_DIR)/etc/samba" \
+ PRIVATEDIR="$(PKG_INSTALL_DIR)/etc/samba" \
+ SWATDIR="$(PKG_INSTALL_DIR)/usr/swat" \
+ LOCKDIR="$(PKG_INSTALL_DIR)/var/run/samba" \
+ SAMBABOOK="$(PKG_INSTALL_DIR)/usr/swat/using_samba" \
+ CODEPAGEDIR="$(PKG_INSTALL_DIR)/usr/share/samba" \
+ install
+endef
+
+define Package/samba-server/install
+ install -d -m0755 $(1)/etc/init.d
+ install -m0755 ./files/samba.init $(1)/etc/init.d/samba
+ install -d -m0755 $(1)/etc/samba
+ install -m0644 ./files/smb.conf $(1)/etc/samba/smb.conf
+ install -d -m0755 $(1)/usr/bin
+ install -m0755 $(PKG_BUILD_DIR)/source/bin/smbpasswd.shared $(1)/usr/bin/smbpasswd
+ install -d -m0755 $(1)/usr/lib
+ install -m0755 $(PKG_BUILD_DIR)/source/bin/libsmb.so $(1)/usr/lib/
+ install -d -m0755 $(1)/usr/sbin
+ install -m0755 $(PKG_BUILD_DIR)/source/bin/nmbd.shared $(1)/usr/sbin/nmbd
+ install -m0755 $(PKG_BUILD_DIR)/source/bin/smbd.shared $(1)/usr/sbin/smbd
+ install -d -m0755 $(1)/usr/share/samba
+ install -m0644 $(PKG_INSTALL_DIR)/usr/share/samba/codepage.{437,850} $(1)/usr/share/samba/
+ install -m0644 $(PKG_INSTALL_DIR)/usr/share/samba/unicode_map.{437,850} $(1)/usr/share/samba/
+endef
+
+define Package/samba-client/install
+ install -d -m0755 $(1)/usr/bin
+ install -m0755 $(PKG_INSTALL_DIR)/usr/bin/smbclient $(1)/usr/bin/
+endef
+
+$(eval $(call BuildPackage,samba-server))
+$(eval $(call BuildPackage,samba-client))
--- /dev/null
+#!/bin/sh
+
+DEFAULT=/etc/default/samba
+RUN_D=/var/run/samba
+NMBD_PID_F=$RUN_D/nmbd.pid
+SMBD_PID_F=$RUN_D/smbd.pid
+[ -f $DEFAULT ] && . $DEFAULT
+
+case $1 in
+ start)
+ mkdir -p $RUN_D
+ nmbd -D $NMBD_OPTIONS
+ smbd -D $SMBD_OPTIONS
+ ;;
+ stop)
+ [ -f $SMBD_PID_F ] && kill $(cat $SMBD_PID_F)
+ [ -f $NMBD_PID_F ] && kill $(cat $NMBD_PID_F)
+ ;;
+ *)
+ echo "usage: $0 (start|stop)"
+ exit 1
+esac
+
+exit $?
--- /dev/null
+[global]
+ syslog = 0
+ syslog only = yes
+ workgroup = OpenWrt
+ server string = OpenWrt Samba Server
+ security = share
+ encrypt passwords = yes
+ guest account = nobody
+ local master = yes
+ name resolve order = lmhosts hosts bcast
+
+[tmp]
+ comment = /tmp
+ path = /tmp
+ browseable = yes
+ public = yes
+ writeable = no
+
--- /dev/null
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h 2001-06-23 10:52:20.000000000 +0200
++++ samba-2.0.10/source/include/smb.h 2006-03-06 22:21:12.000000000 +0100
+@@ -115,6 +115,22 @@
+ * Usage:
+ * DEBUGADD( 2, ("Some additional text.\n") );
+ */
++
++#ifdef NDEBUG
++
++#define DEBUGLVL( level ) \
++ ( (0 == (level)) \
++ && dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) ) )
++
++#define DEBUG( level, body ) \
++ (void)( (0 == (level)) \
++ && (dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) )) \
++ && (dbgtext body) )
++
++#define DEBUGADD( level, body ) \
++ (void)( (0 == (level)) && (dbgtext body) )
++
++#else
+ #define DEBUGLVL( level ) \
+ ( (DEBUGLEVEL >= (level)) \
+ && dbghdr( level, FILE_MACRO, FUNCTION_MACRO, (__LINE__) ) )
+@@ -140,7 +156,7 @@
+ (void)( (DEBUGLEVEL >= (level)) && (dbgtext body) )
+
+ #endif
+-
++#endif
+ /* End Debugging code section.
+ * -------------------------------------------------------------------------- **
+ */
+@@ -1612,7 +1628,9 @@
+ #define CAP_LOCK_AND_READ 0x0100
+ #define CAP_NT_FIND 0x0200
+ #define CAP_DFS 0x1000
++#define CAP_W2K_SMBS 0x2000
+ #define CAP_LARGE_READX 0x4000
++#define CAP_LARGE_WRITEX 0x8000
+ #define CAP_EXTENDED_SECURITY 0x80000000
+
+ /* protocol types. It assumes that higher protocols include lower protocols
+diff -ruN samba-2.0.10.orig/source/Makefile.in samba-2.0.10/source/Makefile.in
+--- samba-2.0.10.orig/source/Makefile.in 2000-03-16 23:57:08.000000000 +0100
++++ samba-2.0.10/source/Makefile.in 2006-03-06 22:21:12.000000000 +0100
+@@ -37,8 +37,8 @@
+ # set these to where to find various files
+ # These can be overridden by command line switches (see smbd(8))
+ # or in smb.conf (see smb.conf(5))
+-SMBLOGFILE = $(VARDIR)/log.smb
+-NMBLOGFILE = $(VARDIR)/log.nmb
++SMBLOGFILE = $(VARDIR)/smb
++NMBLOGFILE = $(VARDIR)/nmb
+ CONFIGFILE = $(LIBDIR)/smb.conf
+ LMHOSTSFILE = $(LIBDIR)/lmhosts
+ DRIVERFILE = $(LIBDIR)/printers.def
+@@ -55,7 +55,7 @@
+ LOCKDIR = @lockdir@
+
+ # The directory where code page definition files go
+-CODEPAGEDIR = $(LIBDIR)/codepages
++CODEPAGEDIR = $(BASEDIR)/codepages
+
+ # The current codepage definition list.
+ CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 KOI8-R
+@@ -82,6 +82,7 @@
+ PROGS2 = bin/rpcclient bin/smbpasswd bin/make_smbcodepage bin/make_unicodemap @WRAP@ @WRAP32@
+ MPROGS = @MPROGS@
+ PROGS = $(PROGS1) $(PROGS2) $(MPROGS) bin/nmblookup bin/make_printerdef
++SHAREDPROGS = bin/smbd.shared bin/nmbd.shared bin/smbpasswd.shared
+
+ SCRIPTS = $(srcdir)/script/smbtar $(srcdir)/script/addtosmbpass $(srcdir)/script/convert_smbpasswd
+
+@@ -159,6 +160,8 @@
+ $(RPC_SERVER_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+ $(LOCKING_OBJ) $(PASSDB_OBJ) $(PRINTING_OBJ) $(PROFILE_OBJ) $(LIB_OBJ)
+
++SMBDSHARED_OBJ = $(SMBD_OBJ1) $(RPC_SERVER_OBJ) \
++ $(LOCKING_OBJ) $(PROFILE_OBJ) #$(PRINTING_OBJ)
+
+ NMBD_OBJ1 = nmbd/asyncdns.o nmbd/nmbd.o nmbd/nmbd_become_dmb.o \
+ nmbd/nmbd_become_lmb.o nmbd/nmbd_browserdb.o \
+@@ -176,6 +179,8 @@
+ NMBD_OBJ = $(NMBD_OBJ1) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) \
+ $(LIB_OBJ)
+
++NMBDSHARED_OBJ = $(NMBD_OBJ1)
++
+ SWAT_OBJ = web/cgi.o web/diagnose.o web/startstop.o web/statuspage.o \
+ web/swat.o $(LIBSMB_OBJ) $(LOCKING_OBJ) \
+ $(PARAM_OBJ) $(PASSDB_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) \
+@@ -207,6 +212,8 @@
+ SMBPASSWD_OBJ = utils/smbpasswd.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(PASSDB_OBJ) \
+ $(UBIQX_OBJ) $(RPC_CLIENT_OBJ) $(RPC_PARSE_OBJ) $(LIB_OBJ)
+
++SMBPASSWDSHARED_OBJ = utils/smbpasswd.o
++
+ RPCCLIENT_OBJ = rpcclient/rpcclient.o \
+ rpcclient/display.o \
+ rpcclient/cmd_lsarpc.o \
+@@ -265,6 +272,11 @@
+ PROTO_OBJ = $(SMBD_OBJ) $(NMBD_OBJ) $(SWAT_OBJ) $(CLIENT_OBJ) \
+ $(RPCCLIENT_OBJ) $(SMBWRAPPER_OBJ) $(SMBTORTURE_OBJ)
+
++LIBSMBSHARED_OBJ = $(LIB_OBJ) $(LIBSMB_OBJ) $(PARAM_OBJ) $(UBIQX_OBJ) \
++ $(PASSDB_OBJ) $(RPC_PARSE_OBJ) #$(RPC_CLIENT_OBJ)
++
++LIBSMB_PICOBJS = $(LIBSMBSHARED_OBJ:.o=.po)
++
+ PICOBJS = $(SMBWRAPPER_OBJ:.o=.po)
+ PICOBJS32 = $(SMBWRAPPER_OBJ:.o=.po32)
+
+@@ -274,6 +286,8 @@
+
+ all : CHECK $(SPROGS) $(PROGS)
+
++shared : CHECK $(SHAREDPROGS)
++
+ smbwrapper : CHECK bin/smbsh bin/smbwrapper.@SHLIBEXT@ @WRAP32@
+
+ smbtorture : CHECK bin/smbtorture
+@@ -359,10 +373,18 @@
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SMBD_OBJ) $(LDFLAGS) $(LIBS)
+
++bin/smbd.shared: $(SMBDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++ @echo Linking $@
++ @$(CC) $(FLAGS) -o $@ $(SMBDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/nmbd: $(NMBD_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(NMBD_OBJ) $(LDFLAGS) $(LIBS)
+
++bin/nmbd.shared: $(NMBDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++ @echo Linking $@
++ @$(CC) $(FLAGS) -o $@ $(NMBDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/swat: $(SWAT_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SWAT_OBJ) $(LDFLAGS) $(LIBS)
+@@ -411,6 +433,10 @@
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SMBPASSWD_OBJ) $(LDFLAGS) $(LIBS)
+
++bin/smbpasswd.shared: $(SMBPASSWDSHARED_OBJ) bin/libsmb.@SHLIBEXT@ bin/.dummy
++ @echo Linking $@
++ @$(CC) $(FLAGS) -o $@ $(SMBPASSWDSHARED_OBJ) $(LDFLAGS) $(LIBS) -Lbin -lsmb
++
+ bin/make_smbcodepage: $(MAKE_SMBCODEPAGE_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(MAKE_SMBCODEPAGE_OBJ) $(LDFLAGS) $(LIBS)
+@@ -459,6 +485,10 @@
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SMBSH_OBJ) $(LDFLAGS) $(LIBS)
+
++bin/libsmb.@SHLIBEXT@: $(LIBSMB_PICOBJS) bin/.dummy
++ @echo Linking shared library $@
++ @$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LIBS)
++
+ install: installbin installman installscripts installcp installswat
+
+ installdirs:
+@@ -518,7 +548,7 @@
+ ctags `find . -name "*.[ch]" | grep -v /CVS/`
+
+ realclean: clean
+- -rm -f config.log $(PROGS) $(SPROGS) bin/.dummy
++ -rm -f config.log $(PROGS) $(SPROGS) $(SHAREDPROGS) bin/.dummy
+ -rmdir bin
+
+ distclean: realclean
+diff -ruN samba-2.0.10.orig/source/nmbd/nmbd_mynames.c samba-2.0.10/source/nmbd/nmbd_mynames.c
+--- samba-2.0.10.orig/source/nmbd/nmbd_mynames.c 2000-03-16 23:59:24.000000000 +0100
++++ samba-2.0.10/source/nmbd/nmbd_mynames.c 2006-03-06 22:21:12.000000000 +0100
+@@ -215,8 +215,8 @@
+ */
+ if( !is_refresh_already_queued( subrec, namerec) )
+ refresh_name( subrec, namerec, NULL, NULL, NULL );
+- namerec->data.death_time += lp_max_ttl();
+- namerec->data.refresh_time += MIN(lp_max_ttl(), MAX_REFRESH_TIME);
++ namerec->data.death_time = t + lp_max_ttl();
++ namerec->data.refresh_time = t + MIN(lp_max_ttl(), MAX_REFRESH_TIME);
+ }
+ }
+ }
+diff -ruN samba-2.0.10.orig/source/smbd/close.c samba-2.0.10/source/smbd/close.c
+--- samba-2.0.10.orig/source/smbd/close.c 2000-04-21 19:43:13.000000000 +0200
++++ samba-2.0.10/source/smbd/close.c 2006-03-06 22:21:12.000000000 +0100
+@@ -122,11 +122,11 @@
+ last_reference = True;
+
+ fsp->fd_ptr = NULL;
+-
++#ifdef PRINTING
+ /* NT uses smbclose to start a print - weird */
+ if (normal_close && fsp->print_file)
+ print_file(conn, fsp);
+-
++#endif
+ /* check for magic scripts */
+ if (normal_close) {
+ check_magic(fsp,conn);
+diff -ruN samba-2.0.10.orig/source/smbd/ipc.c samba-2.0.10/source/smbd/ipc.c
+--- samba-2.0.10.orig/source/smbd/ipc.c 2000-03-30 00:20:06.000000000 +0200
++++ samba-2.0.10/source/smbd/ipc.c 2006-03-06 22:21:12.000000000 +0100
+@@ -472,7 +472,7 @@
+ PACK(desc,t,v);
+ }
+
+-
++#ifdef PRINTING
+ /****************************************************************************
+ get a print queue
+ ****************************************************************************/
+@@ -1004,7 +1004,7 @@
+
+ return True;
+ }
+-
++#endif
+ /****************************************************************************
+ get info level for a server list query
+ ****************************************************************************/
+@@ -1834,7 +1834,7 @@
+
+ return(True);
+ }
+-
++#ifdef PRINTING
+ /****************************************************************************
+ delete a print job
+ Form: <W> <>
+@@ -2091,7 +2091,7 @@
+
+ return(True);
+ }
+-
++#endif
+
+ /****************************************************************************
+ get info about the server
+@@ -2756,7 +2756,7 @@
+
+ return(True);
+ }
+-
++#ifdef PRINTING
+ /****************************************************************************
+ api_WPrintJobEnumerate
+ ****************************************************************************/
+@@ -3189,7 +3189,7 @@
+ DEBUG(4,("WPrintPortEnum: errorcode %d\n",desc.errcode));
+ return(True);
+ }
+-
++#endif
+ /****************************************************************************
+ Start the first part of an RPC reply which began with an SMBtrans request.
+ ****************************************************************************/
+@@ -3407,6 +3407,7 @@
+ {"RNetUserGetInfo", 56, api_RNetUserGetInfo,0},
+ {"NetUserGetGroups", 59, api_NetUserGetGroups,0},
+ {"NetWkstaGetInfo", 63, api_NetWkstaGetInfo,0},
++#ifdef PRINTING
+ {"DosPrintQEnum", 69, api_DosPrintQEnum,0},
+ {"DosPrintQGetInfo", 70, api_DosPrintQGetInfo,0},
+ {"WPrintQueuePause", 74, api_WPrintQueuePurge,0},
+@@ -3418,16 +3419,21 @@
+ {"RDosPrintJobResume",83, api_RDosPrintJobDel,0},
+ {"WPrintDestEnum", 84, api_WPrintDestEnum,0},
+ {"WPrintDestGetInfo", 85, api_WPrintDestGetInfo,0},
++#endif
+ {"NetRemoteTOD", 91, api_NetRemoteTOD,0},
++#ifdef PRINTING
+ {"WPrintQueuePurge", 103, api_WPrintQueuePurge,0},
++#endif
+ {"NetServerEnum", 104, api_RNetServerEnum,0},
+ {"WAccessGetUserPerms",105, api_WAccessGetUserPerms,0},
+ {"SetUserPassword", 115, api_SetUserPassword,0},
+ {"WWkstaUserLogon", 132, api_WWkstaUserLogon,0},
++#ifdef PRINTING
+ {"PrintJobInfo", 147, api_PrintJobInfo,0},
+ {"WPrintDriverEnum", 205, api_WPrintDriverEnum,0},
+ {"WPrintQProcEnum", 206, api_WPrintQProcEnum,0},
+ {"WPrintPortEnum", 207, api_WPrintPortEnum,0},
++#endif
+ {"SamOEMChangePassword", 214, api_SamOEMChangePassword,0},
+ {NULL, -1, api_Unsupported,0}};
+
+diff -ruN samba-2.0.10.orig/source/smbd/negprot.c samba-2.0.10/source/smbd/negprot.c
+--- samba-2.0.10.orig/source/smbd/negprot.c 2000-03-16 23:59:47.000000000 +0100
++++ samba-2.0.10/source/smbd/negprot.c 2006-03-06 22:21:12.000000000 +0100
+@@ -160,7 +160,7 @@
+ /* dual names + lock_and_read + nt SMBs + remote API calls */
+ int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|
+ (lp_nt_smb_support() ? CAP_NT_SMBS | CAP_RPC_REMOTE_APIS : 0) |
+- (SMB_OFF_T_BITS == 64 ? CAP_LARGE_FILES : 0);
++ (SMB_OFF_T_BITS == 64 ? CAP_LARGE_FILES | CAP_LARGE_READX | CAP_LARGE_WRITEX /*| CAP_W2K_SMBS*/ : 0);
+
+
+ /*
+diff -ruN samba-2.0.10.orig/source/smbd/password.c samba-2.0.10/source/smbd/password.c
+--- samba-2.0.10.orig/source/smbd/password.c 2000-03-16 23:59:48.000000000 +0100
++++ samba-2.0.10/source/smbd/password.c 2006-03-06 22:21:12.000000000 +0100
+@@ -1149,7 +1149,7 @@
+
+ return(True);
+ }
+-
++#ifdef RPCCLIENT
+ /***********************************************************************
+ Connect to a remote machine for domain security authentication
+ given a name or IP address.
+@@ -1504,3 +1504,4 @@
+ cli_shutdown(&cli);
+ return True;
+ }
++#endif
+diff -ruN samba-2.0.10.orig/source/smbd/process.c samba-2.0.10/source/smbd/process.c
+--- samba-2.0.10.orig/source/smbd/process.c 2000-04-15 02:21:27.000000000 +0200
++++ samba-2.0.10/source/smbd/process.c 2006-03-06 22:21:12.000000000 +0100
+@@ -343,10 +343,12 @@
+ {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
+ {SMBflush,"SMBflush",reply_flush,AS_USER},
+ {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
++#ifdef PRINTING
+ {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
+ {SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
+ {SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER},
+ {SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
++#endif
+ {SMBlock,"SMBlock",reply_lock,AS_USER},
+ {SMBunlock,"SMBunlock",reply_unlock,AS_USER},
+
+@@ -908,7 +910,7 @@
+ DEBUG(2,("Closing idle connection 2.\n"));
+ return False;
+ }
+-
++#ifdef RPCLIENT
+ if(global_machine_password_needs_changing)
+ {
+ unsigned char trust_passwd_hash[16];
+@@ -954,7 +956,7 @@
+ trust_password_unlock();
+ global_machine_password_needs_changing = False;
+ }
+-
++#endif
+ /*
+ * Check to see if we have any blocking locks
+ * outstanding on the queue.
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c 2001-06-23 10:51:24.000000000 +0200
++++ samba-2.0.10/source/smbd/reply.c 2006-03-06 22:21:12.000000000 +0100
+@@ -597,12 +597,12 @@
+
+ if (!check_domain_match(orig_user, domain))
+ return False;
+-
++#ifdef RPCCLIENT
+ ret = domain_client_validate(orig_user, domain,
+ smb_apasswd, smb_apasslen,
+ smb_ntpasswd, smb_ntpasslen,
+ &user_exists);
+-
++#endif
+ if(ret) {
+ /*
+ * User validated ok against Domain controller.
+@@ -2991,7 +2991,7 @@
+ return -1;
+ }
+
+-
++#ifdef PRINTING
+ /****************************************************************************
+ reply to a printopen
+ ****************************************************************************/
+@@ -3176,7 +3176,7 @@
+
+ return(outsize);
+ }
+-
++#endif
+
+ /****************************************************************************
+ reply to a mkdir
+diff -ruN samba-2.0.10.orig/source/smbd/server.c samba-2.0.10/source/smbd/server.c
+--- samba-2.0.10.orig/source/smbd/server.c 2000-03-16 23:59:52.000000000 +0100
++++ samba-2.0.10/source/smbd/server.c 2006-03-06 22:21:12.000000000 +0100
+@@ -300,9 +300,9 @@
+ lp_killunused(conn_snum_used);
+
+ ret = lp_load(servicesf,False,False,True);
+-
++#ifdef PRINTING
+ load_printers();
+-
++#endif
+ /* perhaps the config filename is now set */
+ if (!test)
+ reload_services(True);
+diff -ruN samba-2.0.10.orig/source/smbd/service.c samba-2.0.10/source/smbd/service.c
+--- samba-2.0.10.orig/source/smbd/service.c 2000-03-16 23:59:52.000000000 +0100
++++ samba-2.0.10/source/smbd/service.c 2006-03-06 22:21:12.000000000 +0100
+@@ -121,7 +121,7 @@
+ }
+ }
+ }
+-
++#ifdef PRINTING
+ /* If we still don't have a service, attempt to add it as a printer. */
+ if (iService < 0)
+ {
+@@ -146,7 +146,7 @@
+ DEBUG(3,("%s is not a valid printer name\n", service));
+ }
+ }
+-
++#endif
+ /* just possibly it's a default service? */
+ if (iService < 0)
+ {
+diff -ruN samba-2.0.10.orig/source/utils/smbpasswd.c samba-2.0.10/source/utils/smbpasswd.c
+--- samba-2.0.10.orig/source/utils/smbpasswd.c 2000-03-16 23:59:57.000000000 +0100
++++ samba-2.0.10/source/utils/smbpasswd.c 2006-03-06 22:21:12.000000000 +0100
+@@ -71,7 +71,7 @@
+ }
+ exit(1);
+ }
+-
++#ifdef RPCCLIENT
+ /*********************************************************
+ Join a domain.
+ **********************************************************/
+@@ -143,7 +143,7 @@
+
+ return (int)ret;
+ }
+-
++#endif
+
+ static void set_line_buffering(FILE *f)
+ {
+@@ -335,13 +335,13 @@
+ if((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) && ((remote_machine != NULL) || joining_domain)) {
+ usage();
+ }
+-
++#ifdef RPCCLIENT
+ if(joining_domain) {
+ if (argc != 0)
+ usage();
+ return join_domain(new_domain, remote_machine);
+ }
+-
++#endif
+ /*
+ * Deal with root - can add a user, but only locally.
+ */
+diff -ruN samba-2.0.10.orig/source/web/swat.c samba-2.0.10/source/web/swat.c
+--- samba-2.0.10.orig/source/web/swat.c 2000-04-11 19:36:36.000000000 +0200
++++ samba-2.0.10/source/web/swat.c 2006-03-06 22:21:12.000000000 +0100
+@@ -357,8 +357,9 @@
+ return 0;
+ }
+ iNumNonAutoPrintServices = lp_numservices();
++#ifdef PRINTING
+ load_printers();
+-
++#endif
+ return 1;
+ }
+
+@@ -997,8 +998,9 @@
+ charset_initialise();
+ load_config(True);
+ iNumNonAutoPrintServices = lp_numservices();
++#ifdef PRINTING
+ load_printers();
+-
++#endif
+ cgi_setup(SWATDIR, !demo_mode);
+
+ print_header();
--- /dev/null
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h 2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/include/smb.h 2006-03-06 22:25:53.000000000 +0100
+@@ -272,6 +272,7 @@
+ #define ERRlock 33 /* Lock request conflicts with existing lock */
+ #define ERRunsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
+ #define ERRfilexists 80 /* File in operation already exists */
++#define ERRinvalidparam 87
+ #define ERRcannotopen 110 /* Cannot open the file specified */
+ #define ERRunknownlevel 124
+ #define ERRrename 183
+@@ -1911,4 +1912,7 @@
+
+ #define SAFE_NETBIOS_CHARS ". -_"
+
++#ifndef SAFE_FREE
++#define SAFE_FREE(x) do { if ((x) != NULL) {free((x)); (x)=NULL;} } while(0)
++#endif
+ #endif /* _SMB_H */
+diff -ruN samba-2.0.10.orig/source/include/version.h samba-2.0.10/source/include/version.h
+--- samba-2.0.10.orig/source/include/version.h 2001-06-23 15:23:59.000000000 +0200
++++ samba-2.0.10/source/include/version.h 2006-03-06 22:25:53.000000000 +0100
+@@ -1 +1 @@
+-#define VERSION "2.0.10"
++#define VERSION "2.0.10-security-rollup"
+diff -ruN samba-2.0.10.orig/source/smbd/filename.c samba-2.0.10/source/smbd/filename.c
+--- samba-2.0.10.orig/source/smbd/filename.c 2000-03-16 23:59:44.000000000 +0100
++++ samba-2.0.10/source/smbd/filename.c 2006-03-06 22:25:53.000000000 +0100
+@@ -172,7 +172,7 @@
+ * StrnCpy always null terminates.
+ */
+
+- StrnCpy(orig_name, full_orig_name, namelen);
++ StrnCpy(orig_name, full_orig_name, MIN(namelen, sizeof(orig_name)-1));
+ if(!case_sensitive)
+ strupper( orig_name );
+
+diff -ruN samba-2.0.10.orig/source/smbd/ipc.c samba-2.0.10/source/smbd/ipc.c
+--- samba-2.0.10.orig/source/smbd/ipc.c 2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/ipc.c 2006-03-06 22:25:53.000000000 +0100
+@@ -3556,18 +3556,18 @@
+ uint16 *setup=NULL;
+ int outsize = 0;
+ uint16 vuid = SVAL(inbuf,smb_uid);
+- int tpscnt = SVAL(inbuf,smb_vwv0);
+- int tdscnt = SVAL(inbuf,smb_vwv1);
+- int mprcnt = SVAL(inbuf,smb_vwv2);
+- int mdrcnt = SVAL(inbuf,smb_vwv3);
+- int msrcnt = CVAL(inbuf,smb_vwv4);
++ unsigned int tpscnt = SVAL(inbuf,smb_vwv0);
++ unsigned int tdscnt = SVAL(inbuf,smb_vwv1);
++ unsigned int mprcnt = SVAL(inbuf,smb_vwv2);
++ unsigned int mdrcnt = SVAL(inbuf,smb_vwv3);
++ unsigned int msrcnt = CVAL(inbuf,smb_vwv4);
+ BOOL close_on_completion = BITSETW(inbuf+smb_vwv5,0);
+ BOOL one_way = BITSETW(inbuf+smb_vwv5,1);
+- int pscnt = SVAL(inbuf,smb_vwv9);
+- int psoff = SVAL(inbuf,smb_vwv10);
+- int dscnt = SVAL(inbuf,smb_vwv11);
+- int dsoff = SVAL(inbuf,smb_vwv12);
+- int suwcnt = CVAL(inbuf,smb_vwv13);
++ unsigned int pscnt = SVAL(inbuf,smb_vwv9);
++ unsigned int psoff = SVAL(inbuf,smb_vwv10);
++ unsigned int dscnt = SVAL(inbuf,smb_vwv11);
++ unsigned int dsoff = SVAL(inbuf,smb_vwv12);
++ unsigned int suwcnt = CVAL(inbuf,smb_vwv13);
+
+ memset(name, '\0',sizeof(name));
+ fstrcpy(name,smb_buf(inbuf));
+@@ -3578,26 +3578,44 @@
+
+ if (tdscnt) {
+ if((data = (char *)malloc(tdscnt)) == NULL) {
+- DEBUG(0,("reply_trans: data malloc fail for %d bytes !\n", tdscnt));
++ DEBUG(0,("reply_trans: data malloc fail for %u bytes !\n", tdscnt));
+ return(ERROR(ERRDOS,ERRnomem));
+ }
++ if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt))
++ goto bad_param;
++ if (smb_base(inbuf)+dsoff+dscnt > inbuf + size)
++ goto bad_param;
++
+ memcpy(data,smb_base(inbuf)+dsoff,dscnt);
+ }
+
+ if (tpscnt) {
+ if((params = (char *)malloc(tpscnt)) == NULL) {
+- DEBUG(0,("reply_trans: param malloc fail for %d bytes !\n", tpscnt));
++ DEBUG(0,("reply_trans: param malloc fail for %u bytes !\n", tpscnt));
++ SAFE_FREE(data);
+ return(ERROR(ERRDOS,ERRnomem));
+ }
++ if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt))
++ goto bad_param;
++ if (smb_base(inbuf)+psoff+pscnt > inbuf + size)
++ goto bad_param;
++
+ memcpy(params,smb_base(inbuf)+psoff,pscnt);
+ }
+
+ if (suwcnt) {
+ int i;
+ if((setup = (uint16 *)malloc(suwcnt*sizeof(uint16))) == NULL) {
+- DEBUG(0,("reply_trans: setup malloc fail for %d bytes !\n", (int)(suwcnt * sizeof(uint16))));
+- return(ERROR(ERRDOS,ERRnomem));
+- }
++ DEBUG(0,("reply_trans: setup malloc fail for %u bytes !\n", (unsigned int)(suwcnt * sizeof(uint16))));
++ SAFE_FREE(data);
++ SAFE_FREE(params);
++ return(ERROR(ERRDOS,ERRnomem));
++ }
++ if (inbuf+smb_vwv14+(suwcnt*SIZEOFWORD) > inbuf + size)
++ goto bad_param;
++ if ((smb_vwv14+(suwcnt*SIZEOFWORD) < smb_vwv14) || (smb_vwv14+(suwcnt*SIZEOFWORD) < (suwcnt*SIZEOFWORD)))
++ goto bad_param;
++
+ for (i=0;i<suwcnt;i++)
+ setup[i] = SVAL(inbuf,smb_vwv14+i*SIZEOFWORD);
+ }
+@@ -3614,7 +3632,7 @@
+ /* receive the rest of the trans packet */
+ while (pscnt < tpscnt || dscnt < tdscnt) {
+ BOOL ret;
+- int pcnt,poff,dcnt,doff,pdisp,ddisp;
++ unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
+
+ ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+
+@@ -3625,19 +3643,19 @@
+ DEBUG(0,("reply_trans: %s in getting secondary trans response.\n",
+ (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+ }
+- if (params)
+- free(params);
+- if (data)
+- free(data);
+- if (setup)
+- free(setup);
++ SAFE_FREE(params);
++ SAFE_FREE(data);
++ SAFE_FREE(setup);
+ return(ERROR(ERRSRV,ERRerror));
+ }
+
+ show_msg(inbuf);
+
+- tpscnt = SVAL(inbuf,smb_vwv0);
+- tdscnt = SVAL(inbuf,smb_vwv1);
++ /* Revise total_params and total_data in case they have changed downwards */
++ if (SVAL(inbuf,smb_vwv0) < tpscnt)
++ tpscnt = SVAL(inbuf,smb_vwv0);
++ if (SVAL(inbuf,smb_vwv1) < tdscnt)
++ tdscnt = SVAL(inbuf,smb_vwv1);
+
+ pcnt = SVAL(inbuf,smb_vwv2);
+ poff = SVAL(inbuf,smb_vwv3);
+@@ -3650,17 +3668,36 @@
+ pscnt += pcnt;
+ dscnt += dcnt;
+
+- if (dscnt > tdscnt || pscnt > tpscnt) {
+- exit_server("invalid trans parameters\n");
+- }
++ if (dscnt > tdscnt || pscnt > tpscnt)
++ goto bad_param;
+
+- if (pcnt)
++ if (pcnt) {
++ if (pdisp+pcnt >= tpscnt)
++ goto bad_param;
++ if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt))
++ goto bad_param;
++ if (smb_base(inbuf) + poff + pcnt >= inbuf + bufsize)
++ goto bad_param;
++ if (params + pdisp < params)
++ goto bad_param;
++
+ memcpy(params+pdisp,smb_base(inbuf)+poff,pcnt);
+- if (dcnt)
++ }
++
++ if (dcnt) {
++ if (ddisp+dcnt >= tdscnt)
++ goto bad_param;
++ if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt))
++ goto bad_param;
++ if (smb_base(inbuf) + doff + dcnt >= inbuf + bufsize)
++ goto bad_param;
++ if (data + ddisp < data)
++ goto bad_param;
++
+ memcpy(data+ddisp,smb_base(inbuf)+doff,dcnt);
++ }
+ }
+-
+-
++
+ DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n",
+ name,tdscnt,tpscnt,suwcnt));
+
+@@ -3700,4 +3737,12 @@
+ return(ERROR(ERRSRV,ERRnosupport));
+
+ return(outsize);
++
++ bad_param:
++
++ DEBUG(0,("reply_trans: invalid trans parameters\n"));
++ SAFE_FREE(data);
++ SAFE_FREE(params);
++ SAFE_FREE(setup);
++ return(ERROR(ERRSRV,ERRerror));
+ }
+diff -ruN samba-2.0.10.orig/source/smbd/nttrans.c samba-2.0.10/source/smbd/nttrans.c
+--- samba-2.0.10.orig/source/smbd/nttrans.c 2000-04-24 19:27:30.000000000 +0200
++++ samba-2.0.10/source/smbd/nttrans.c 2006-03-06 22:25:53.000000000 +0100
+@@ -2575,11 +2575,14 @@
+ params = (char *)malloc(total_parameter_count);
+ if (total_data_count > 0)
+ data = (char *)malloc(total_data_count);
+-
++
+ if ((total_parameter_count && !params) || (total_data_count && !data) ||
+ (setup_count && !setup)) {
++ SAFE_FREE(setup);
++ SAFE_FREE(params);
++ SAFE_FREE(data);
+ DEBUG(0,("reply_nttrans : Out of memory\n"));
+- return(ERROR(ERRDOS,ERRnomem));
++ return ERROR(ERRDOS,ERRnomem);
+ }
+
+ /* Copy the param and data bytes sent with this request into
+@@ -2588,64 +2591,112 @@
+ num_data_sofar = data_count;
+
+ if (parameter_count > total_parameter_count || data_count > total_data_count)
+- exit_server("reply_nttrans: invalid sizes in packet.\n");
++ goto bad_param;
+
+ if(setup) {
+- memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count);
+ DEBUG(10,("reply_nttrans: setup_count = %d\n", setup_count));
+- dump_data(10, setup, setup_count);
++ if ((smb_nt_SetupStart + setup_count < smb_nt_SetupStart) ||
++ (smb_nt_SetupStart + setup_count < setup_count))
++ goto bad_param;
++ if (smb_nt_SetupStart + setup_count > length)
++ goto bad_param;
++
++ memcpy( setup, &inbuf[smb_nt_SetupStart], setup_count);
+ }
+ if(params) {
+- memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count);
+ DEBUG(10,("reply_nttrans: parameter_count = %d\n", parameter_count));
+- dump_data(10, params, parameter_count);
++ if ((parameter_offset + parameter_count < parameter_offset) ||
++ (parameter_offset + parameter_count < parameter_count))
++ goto bad_param;
++ if (smb_base(inbuf) + parameter_offset + parameter_count > inbuf + length)
++ goto bad_param;
++
++ memcpy( params, smb_base(inbuf) + parameter_offset, parameter_count);
+ }
+ if(data) {
+- memcpy( data, smb_base(inbuf) + data_offset, data_count);
+ DEBUG(10,("reply_nttrans: data_count = %d\n",data_count));
+- dump_data(10, data, data_count);
++ if ((data_offset + data_count < data_offset) || (data_offset + data_count < data_count))
++ goto bad_param;
++ if (smb_base(inbuf) + data_offset + data_count > inbuf + length)
++ goto bad_param;
++
++ memcpy( data, smb_base(inbuf) + data_offset, data_count);
++
+ }
+
+ if(num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
+ /* We need to send an interim response then receive the rest
+ of the parameter/data bytes */
+ outsize = set_message(outbuf,0,0,True);
+- send_smb(Client,outbuf);
++ if (!send_smb(Client,outbuf))
++ exit_server("reply_nttrans: send_smb failed.");
+
+ while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
+ BOOL ret;
+-
++ uint32 parameter_displacement;
++ uint32 data_displacement;
++
+ ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+-
++
+ if((ret && (CVAL(inbuf, smb_com) != SMBnttranss)) || !ret) {
+- outsize = set_message(outbuf,0,0,True);
+- if(ret) {
+- DEBUG(0,("reply_nttrans: Invalid secondary nttrans packet\n"));
+- } else {
+- DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n",
+- (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
++ outsize = set_message(outbuf,0,0,True);
++ if(ret) {
++ DEBUG(0,("reply_nttrans: Invalid secondary nttrans packet\n"));
++ } else {
++ DEBUG(0,("reply_nttrans: %s in getting secondary nttrans response.\n",
++ (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+ }
+- if(params)
+- free(params);
+- if(data)
+- free(data);
+- if(setup)
+- free(setup);
+- return(ERROR(ERRSRV,ERRerror));
++ goto bad_param;
+ }
+
+ /* Revise total_params and total_data in case they have changed downwards */
+- total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
+- total_data_count = IVAL(inbuf, smb_nts_TotalDataCount);
+- num_params_sofar += (parameter_count = IVAL(inbuf,smb_nts_ParameterCount));
+- num_data_sofar += ( data_count = IVAL(inbuf, smb_nts_DataCount));
+- if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count)
+- exit_server("reply_nttrans2: data overflow in secondary nttrans packet\n");
+-
+- memcpy( ¶ms[ IVAL(inbuf, smb_nts_ParameterDisplacement)],
+- smb_base(inbuf) + IVAL(inbuf, smb_nts_ParameterOffset), parameter_count);
+- memcpy( &data[IVAL(inbuf, smb_nts_DataDisplacement)],
+- smb_base(inbuf)+ IVAL(inbuf, smb_nts_DataOffset), data_count);
++ if (IVAL(inbuf, smb_nts_TotalParameterCount) < total_parameter_count)
++ total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
++ if (IVAL(inbuf, smb_nts_TotalDataCount) < total_data_count)
++ total_data_count = IVAL(inbuf, smb_nts_TotalDataCount);
++
++ parameter_count = IVAL(inbuf,smb_nts_ParameterCount);
++ parameter_offset = IVAL(inbuf, smb_nts_ParameterOffset);
++ parameter_displacement = IVAL(inbuf, smb_nts_ParameterDisplacement);
++ num_params_sofar += parameter_count;
++
++ data_count = IVAL(inbuf, smb_nts_DataCount);
++ data_displacement = IVAL(inbuf, smb_nts_DataDisplacement);
++ data_offset = IVAL(inbuf, smb_nts_DataOffset);
++ num_data_sofar += data_count;
++
++ if (num_params_sofar > total_parameter_count || num_data_sofar > total_data_count) {
++ DEBUG(0,("reply_nttrans2: data overflow in secondary nttrans packet"));
++ goto bad_param;
++ }
++
++ if (parameter_count) {
++ if (parameter_displacement + parameter_count >= total_parameter_count)
++ goto bad_param;
++ if ((parameter_displacement + parameter_count < parameter_displacement) ||
++ (parameter_displacement + parameter_count < parameter_count))
++ goto bad_param;
++ if (smb_base(inbuf) + parameter_offset + parameter_count >= inbuf + bufsize)
++ goto bad_param;
++ if (params + parameter_displacement < params)
++ goto bad_param;
++
++ memcpy( ¶ms[parameter_displacement], smb_base(inbuf) + parameter_offset, parameter_count);
++ }
++
++ if (data_count) {
++ if (data_displacement + data_count >= total_data_count)
++ goto bad_param;
++ if ((data_displacement + data_count < data_displacement) ||
++ (data_displacement + data_count < data_count))
++ goto bad_param;
++ if (smb_base(inbuf) + data_offset + data_count >= inbuf + bufsize)
++ goto bad_param;
++ if (data + data_displacement < data)
++ goto bad_param;
++
++ memcpy( &data[data_displacement], smb_base(inbuf)+ data_offset, data_count);
++ }
+ }
+ }
+
+@@ -2714,4 +2765,10 @@
+ return outsize; /* If a correct response was needed the call_nt_transact_xxxx
+ calls have already sent it. If outsize != -1 then it is
+ returning an error packet. */
++ bad_param:
++
++ SAFE_FREE(params);
++ SAFE_FREE(data);
++ SAFE_FREE(setup);
++ return ERROR(ERRDOS,ERRinvalidparam);
+ }
+diff -ruN samba-2.0.10.orig/source/smbd/password.c samba-2.0.10/source/smbd/password.c
+--- samba-2.0.10.orig/source/smbd/password.c 2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/password.c 2006-03-06 22:25:53.000000000 +0100
+@@ -770,7 +770,7 @@
+ if (!ok && lp_username(snum)) {
+ char *auser;
+ pstring user_list;
+- StrnCpy(user_list,lp_username(snum),sizeof(pstring));
++ StrnCpy(user_list,lp_username(snum),sizeof(pstring)-1);
+
+ pstring_sub(user_list,"%S",lp_servicename(snum));
+
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c 2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/reply.c 2006-03-06 22:25:53.000000000 +0100
+@@ -1413,6 +1413,9 @@
+
+ for (i=numentries;(i<maxentries) && !finished;i++)
+ {
++ /* check to make sure we have room in the buffer */
++ if ( ((PTR_DIFF(p, outbuf))+DIR_STRUCT_SIZE) > BUFFER_SIZE )
++ break;
+ finished =
+ !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
+ if (!finished)
+@@ -3122,6 +3125,9 @@
+
+
+ for (i=first;i<first+num_to_get;i++) {
++ /* check to make sure we have room in the buffer */
++ if ( (PTR_DIFF(p, outbuf)+28) > BUFFER_SIZE )
++ break;
+ put_dos_date2(p,0,queue[i].time);
+ CVAL(p,4) = (queue[i].status==LPQ_PRINTING?2:3);
+ SSVAL(p,5,printjob_encode(SNUM(conn),
+diff -ruN samba-2.0.10.orig/source/smbd/trans2.c samba-2.0.10/source/smbd/trans2.c
+--- samba-2.0.10.orig/source/smbd/trans2.c 2000-04-24 19:27:31.000000000 +0200
++++ samba-2.0.10/source/smbd/trans2.c 2006-03-06 22:25:53.000000000 +0100
+@@ -201,7 +201,6 @@
+ int16 open_ofun = SVAL(params,12);
+ int32 open_size = IVAL(params,14);
+ char *pname = ¶ms[28];
+- int16 namelen = strlen(pname)+1;
+
+ pstring fname;
+ mode_t unixmode;
+@@ -213,7 +212,7 @@
+ BOOL bad_path = False;
+ files_struct *fsp;
+
+- StrnCpy(fname,pname,namelen);
++ pstrcpy(fname,pname);
+
+ DEBUG(3,("trans2open %s mode=%d attr=%d ofun=%d size=%d\n",
+ fname,open_mode, open_attr, open_ofun, open_size));
+@@ -2185,7 +2184,7 @@
+ unsigned int suwcnt = SVAL(inbuf, smb_suwcnt);
+ unsigned int tran_call = SVAL(inbuf, smb_setup0);
+ char *params = NULL, *data = NULL;
+- int num_params, num_params_sofar, num_data, num_data_sofar;
++ unsigned int num_params, num_params_sofar, num_data, num_data_sofar;
+
+ if(global_oplock_break && (tran_call == TRANSACT2_OPEN)) {
+ /* Queue this open message as we are the process of an
+@@ -2203,8 +2202,9 @@
+ /* All trans2 messages we handle have smb_sucnt == 1 - ensure this
+ is so as a sanity check */
+ if (suwcnt != 1) {
+- DEBUG(2,("Invalid smb_sucnt in trans2 call\n"));
+- return(ERROR(ERRSRV,ERRerror));
++ DEBUG(2,("Invalid smb_sucnt in trans2 call(%u)\n",suwcnt));
++ DEBUG(2,("Transaction is %d\n",tran_call));
++ ERROR(ERRDOS,ERRinvalidparam);
+ }
+
+ /* Allocate the space for the maximum needed parameters and data */
+@@ -2215,11 +2215,9 @@
+
+ if ((total_params && !params) || (total_data && !data)) {
+ DEBUG(2,("Out of memory in reply_trans2\n"));
+- if(params)
+- free(params);
+- if(data)
+- free(data);
+- return(ERROR(ERRDOS,ERRnomem));
++ SAFE_FREE(params);
++ SAFE_FREE(data);
++ return ERROR(ERRDOS,ERRnomem);
+ }
+
+ /* Copy the param and data bytes sent with this request into
+@@ -2230,20 +2228,37 @@
+ if (num_params > total_params || num_data > total_data)
+ exit_server("invalid params in reply_trans2");
+
+- if(params)
+- memcpy( params, smb_base(inbuf) + SVAL(inbuf, smb_psoff), num_params);
+- if(data)
+- memcpy( data, smb_base(inbuf) + SVAL(inbuf, smb_dsoff), num_data);
++ if(params) {
++ unsigned int psoff = SVAL(inbuf, smb_psoff);
++ if ((psoff + num_params < psoff) || (psoff + num_params < num_params))
++ goto bad_param;
++ if (smb_base(inbuf) + psoff + num_params > inbuf + length)
++ goto bad_param;
++ memcpy( params, smb_base(inbuf) + psoff, num_params);
++ }
++ if(data) {
++ unsigned int dsoff = SVAL(inbuf, smb_dsoff);
++ if ((dsoff + num_data < dsoff) || (dsoff + num_data < num_data))
++ goto bad_param;
++ if (smb_base(inbuf) + dsoff + num_data > inbuf + length)
++ goto bad_param;
++ memcpy( data, smb_base(inbuf) + dsoff, num_data);
++ }
+
+ if(num_data_sofar < total_data || num_params_sofar < total_params) {
+ /* We need to send an interim response then receive the rest
+ of the parameter/data bytes */
+ outsize = set_message(outbuf,0,0,True);
+- send_smb(Client,outbuf);
++ if (!send_smb(Client,outbuf))
++ exit_server("reply_trans2: send_smb failed.");
+
+ while (num_data_sofar < total_data ||
+ num_params_sofar < total_params) {
+ BOOL ret;
++ unsigned int param_disp;
++ unsigned int param_off;
++ unsigned int data_disp;
++ unsigned int data_off;
+
+ ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
+
+@@ -2255,26 +2270,55 @@
+ else
+ DEBUG(0,("reply_trans2: %s in getting secondary trans2 response.\n",
+ (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
+- if(params)
+- free(params);
+- if(data)
+- free(data);
+- return(ERROR(ERRSRV,ERRerror));
++ goto bad_param;
+ }
+
+ /* Revise total_params and total_data in case
+ they have changed downwards */
+- total_params = SVAL(inbuf, smb_tpscnt);
+- total_data = SVAL(inbuf, smb_tdscnt);
+- num_params_sofar += (num_params = SVAL(inbuf,smb_spscnt));
+- num_data_sofar += ( num_data = SVAL(inbuf, smb_sdscnt));
++ if (SVAL(inbuf, smb_tpscnt) < total_params)
++ total_params = SVAL(inbuf, smb_tpscnt);
++ if (SVAL(inbuf, smb_tdscnt) < total_data)
++ total_data = SVAL(inbuf, smb_tdscnt);
++
++ num_params = SVAL(inbuf,smb_spscnt);
++ param_off = SVAL(inbuf, smb_spsoff);
++ param_disp = SVAL(inbuf, smb_spsdisp);
++ num_params_sofar += num_params;
++
++ num_data = SVAL(inbuf, smb_sdscnt);
++ data_off = SVAL(inbuf, smb_sdsoff);
++ data_disp = SVAL(inbuf, smb_sdsdisp);
++ num_data_sofar += num_data;
++
+ if (num_params_sofar > total_params || num_data_sofar > total_data)
+- exit_server("data overflow in trans2");
++ goto bad_param;
+
+- memcpy( ¶ms[ SVAL(inbuf, smb_spsdisp)],
+- smb_base(inbuf) + SVAL(inbuf, smb_spsoff), num_params);
+- memcpy( &data[SVAL(inbuf, smb_sdsdisp)],
+- smb_base(inbuf)+ SVAL(inbuf, smb_sdsoff), num_data);
++ if (num_params) {
++ if (param_disp + num_params >= total_params)
++ goto bad_param;
++ if ((param_disp + num_params < param_disp) ||
++ (param_disp + num_params < num_params))
++ goto bad_param;
++ if (smb_base(inbuf) + param_off + num_params >= inbuf + bufsize)
++ goto bad_param;
++ if (params + param_disp < params)
++ goto bad_param;
++
++ memcpy( ¶ms[param_disp], smb_base(inbuf) + param_off, num_params);
++ }
++ if (num_data) {
++ if (data_disp + num_data >= total_data)
++ goto bad_param;
++ if ((data_disp + num_data < data_disp) ||
++ (data_disp + num_data < num_data))
++ goto bad_param;
++ if (smb_base(inbuf) + data_off + num_data >= inbuf + bufsize)
++ goto bad_param;
++ if (data + data_disp < data)
++ goto bad_param;
++
++ memcpy( &data[data_disp], smb_base(inbuf) + data_off, num_data);
++ }
+ }
+ }
+
+@@ -2367,4 +2411,10 @@
+ return outsize; /* If a correct response was needed the
+ call_trans2xxx calls have already sent
+ it. If outsize != -1 then it is returning */
++
++ bad_param:
++
++ SAFE_FREE(params);
++ SAFE_FREE(data);
++ return (ERROR(ERRDOS,ERRinvalidparam));
+ }
--- /dev/null
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h 2006-03-06 22:25:53.000000000 +0100
++++ samba-2.0.10/source/include/smb.h 2006-03-06 22:27:31.000000000 +0100
+@@ -24,8 +24,14 @@
+ #ifndef _SMB_H
+ #define _SMB_H
+
++#if defined(LARGE_SMB_OFF_T)
++#define BUFFER_SIZE (128*1024)
++#else /* no large readwrite possible */
+ #define BUFFER_SIZE (0xFFFF)
++#endif
++
+ #define SAFETY_MARGIN 1024
++#define LARGE_WRITEX_HDR_SIZE 65
+
+ #define NMB_PORT 137
+ #define DGRAM_PORT 138
+diff -ruN samba-2.0.10.orig/source/lib/util_sock.c samba-2.0.10/source/lib/util_sock.c
+--- samba-2.0.10.orig/source/lib/util_sock.c 2000-03-16 23:59:18.000000000 +0100
++++ samba-2.0.10/source/lib/util_sock.c 2006-03-06 22:27:31.000000000 +0100
+@@ -649,19 +649,21 @@
+ memset(buffer,'\0',smb_size + 100);
+
+ len = read_smb_length_return_keepalive(fd,buffer,timeout);
+- if (len < 0)
+- {
++ if (len < 0) {
+ DEBUG(10,("receive_smb: length < 0!\n"));
+ return(False);
+ }
+
+- if (len > BUFFER_SIZE) {
++ /*
++ * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
++ * of header. Don't print the error if this fits.... JRA.
++ */
++
++ if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
+ DEBUG(0,("Invalid packet length! (%d bytes).\n",len));
+ if (len > BUFFER_SIZE + (SAFETY_MARGIN/2))
+- {
+ exit(1);
+ }
+- }
+
+ if(len > 0) {
+ ret = read_socket_data(fd,buffer+4,len);
+diff -ruN samba-2.0.10.orig/source/smbd/oplock.c samba-2.0.10/source/smbd/oplock.c
+--- samba-2.0.10.orig/source/smbd/oplock.c 2000-04-25 04:32:14.000000000 +0200
++++ samba-2.0.10/source/smbd/oplock.c 2006-03-06 22:27:31.000000000 +0100
+@@ -887,13 +887,13 @@
+ messages crossing on the wire.
+ */
+
+- if((inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
++ if((inbuf = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN))==NULL)
+ {
+ DEBUG(0,("oplock_break: malloc fail for input buffer.\n"));
+ return False;
+ }
+
+- if((outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
++ if((outbuf = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN))==NULL)
+ {
+ DEBUG(0,("oplock_break: malloc fail for output buffer.\n"));
+ free(inbuf);
+diff -ruN samba-2.0.10.orig/source/smbd/process.c samba-2.0.10/source/smbd/process.c
+--- samba-2.0.10.orig/source/smbd/process.c 2006-03-06 22:25:28.000000000 +0100
++++ samba-2.0.10/source/smbd/process.c 2006-03-06 22:27:31.000000000 +0100
+@@ -995,8 +995,8 @@
+ time_t last_timeout_processing_time = time(NULL);
+ unsigned int num_smbs = 0;
+
+- InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
+- OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
++ InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
++ OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
+ if ((InBuffer == NULL) || (OutBuffer == NULL))
+ return;
+
+@@ -1027,7 +1027,7 @@
+ /* free up temporary memory */
+ lp_talloc_free();
+
+- while(!receive_message_or_smb(InBuffer,BUFFER_SIZE,select_timeout,&got_smb))
++ while(!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout,&got_smb))
+ {
+ if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
+ return;
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c 2006-03-06 22:25:53.000000000 +0100
++++ samba-2.0.10/source/smbd/reply.c 2006-03-06 22:27:31.000000000 +0100
+@@ -2551,17 +2551,28 @@
+ size_t numtowrite = SVAL(inbuf,smb_vwv10);
+ BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
+ ssize_t nwritten = -1;
+- int smb_doff = SVAL(inbuf,smb_vwv11);
++ unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
++ unsigned int smblen = smb_len(inbuf);
+ char *data;
++ BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
+
+ /* If it's an IPC, pass off the pipe handler. */
+- if (IS_IPC(conn))
++ if (IS_IPC(conn)) {
+ return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
++ }
+
+ CHECK_FSP(fsp,conn);
+ CHECK_WRITE(fsp);
+ CHECK_ERROR(fsp);
+
++ /* Deal with possible LARGE_WRITEX */
++ if (large_writeX)
++ numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
++
++ if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
++ return(ERROR(ERRDOS,ERRbadmem));
++ }
++
+ data = smb_base(inbuf) + smb_doff;
+
+ if(CVAL(inbuf,smb_wct) == 14) {
+@@ -2586,8 +2597,9 @@
+ #endif /* LARGE_SMB_OFF_T */
+ }
+
+- if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK))
++ if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
+ return(ERROR(ERRDOS,ERRlock));
++ }
+
+ /* X/Open SMB protocol says that, unlike SMBwrite
+ if the length is zero then NO truncation is
+@@ -2598,12 +2610,15 @@
+ else
+ nwritten = write_file(fsp,data,startpos,numtowrite);
+
+- if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0))
++ if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
+ return(UNIXERROR(ERRDOS,ERRnoaccess));
++ }
+
+ set_message(outbuf,6,0,True);
+
+ SSVAL(outbuf,smb_vwv2,nwritten);
++ if (large_writeX)
++ SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
+
+ if (nwritten < (ssize_t)numtowrite) {
+ CVAL(outbuf,smb_rcls) = ERRHRD;
--- /dev/null
+--- samba-2.0.10/source/Makefile.in.orig 2005-08-20 20:34:44.000000000 +0200
++++ samba-2.0.10/source/Makefile.in 2005-08-20 20:36:27.000000000 +0200
+@@ -475,11 +475,11 @@
+
+ bin/smbwrapper.@SHLIBEXT@: $(PICOBJS)
+ @echo Linking shared library $@
+- @$(LD) @LDSHFLAGS@ -o $@ $(PICOBJS) $(LIBS)
++ @$(LD) @LDSHFLAGS@ -o $@ $(PICOBJS) $(LDFLAGS) $(LIBS)
+
+ bin/smbwrapper.32.@SHLIBEXT@: $(PICOBJS32)
+ @echo Linking shared library $@
+- @$(LD) -32 @LDSHFLAGS@ -o $@ $(PICOBJS32) $(LIBS)
++ @$(LD) -32 @LDSHFLAGS@ -o $@ $(PICOBJS32) $(LDFLAGS) $(LIBS)
+
+ bin/smbsh: $(SMBSH_OBJ) bin/.dummy
+ @echo Linking $@
+@@ -487,7 +487,7 @@
+
+ bin/libsmb.@SHLIBEXT@: $(LIBSMB_PICOBJS) bin/.dummy
+ @echo Linking shared library $@
+- @$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LIBS)
++ @$(LD) @LDSHFLAGS@ -o $@ $(LIBSMB_PICOBJS) $(LDFLAGS) $(LIBS)
+
+ install: installbin installman installscripts installcp installswat
+
--- /dev/null
+diff -ruN samba-2.0.10-old/source/Makefile.in samba-2.0.10-new/source/Makefile.in
+--- samba-2.0.10-old/source/Makefile.in 2005-08-22 03:03:17.000000000 +0200
++++ samba-2.0.10-new/source/Makefile.in 2005-08-22 03:08:23.000000000 +0200
+@@ -31,6 +31,8 @@
+ MANDIR = @mandir@
+ SAMBABOOK = @sambabook@
+
++CONFIGDIR = @sysconfdir@
++
+ # The permissions to give the executables
+ INSTALLPERMS = 0755
+
+@@ -39,9 +41,9 @@
+ # or in smb.conf (see smb.conf(5))
+ SMBLOGFILE = $(VARDIR)/smb
+ NMBLOGFILE = $(VARDIR)/nmb
+-CONFIGFILE = $(LIBDIR)/smb.conf
+-LMHOSTSFILE = $(LIBDIR)/lmhosts
+-DRIVERFILE = $(LIBDIR)/printers.def
++CONFIGFILE = $(CONFIGDIR)/smb.conf
++LMHOSTSFILE = $(CONFIGDIR)/lmhosts
++DRIVERFILE = $(CONFIGDIR)/printers.def
+ PASSWD_PROGRAM = /bin/passwd
+ # This is where smbpasswd et al go
+ PRIVATEDIR = @privatedir@
--- /dev/null
+diff -Nur samba-2.0.10.orig/source/smbd/trans2.c samba-2.0.10/source/smbd/trans2.c
+--- samba-2.0.10.orig/source/smbd/trans2.c 2006-08-07 20:04:26.000000000 +0200
++++ samba-2.0.10/source/smbd/trans2.c 2006-08-07 20:06:07.000000000 +0200
+@@ -1379,12 +1379,6 @@
+ data_size = max_data_bytes + 1024;
+ pdata = *ppdata = Realloc(*ppdata, data_size);
+
+- if (total_data > 0 && IVAL(pdata,0) == total_data) {
+- /* uggh, EAs for OS2 */
+- DEBUG(4,("Rejecting EA request with total_data=%d\n",total_data));
+- return(ERROR(ERRDOS,ERROR_EAS_NOT_SUPPORTED));
+- }
+-
+ memset((char *)pdata,'\0',data_size);
+
+ switch (info_level)
+@@ -1652,12 +1646,6 @@
+ tvs.actime = st.st_atime;
+ mode = dos_mode(conn,fname,&st);
+
+- if (total_data > 0 && IVAL(pdata,0) == total_data) {
+- /* uggh, EAs for OS2 */
+- DEBUG(4,("Rejecting EA request with total_data=%d\n",total_data));
+- return(ERROR(ERRDOS,ERROR_EAS_NOT_SUPPORTED));
+- }
+-
+ switch (info_level)
+ {
+ case SMB_INFO_STANDARD:
projects / openwrt / svn-archive / archive.git / commitdiff