[pkgsrc/trunk]: pkgsrc/net/samba Adapt & apply fix for

[he <he%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/c17944d66808
branches:  trunk
changeset: 362754:c17944d66808
user:      he <he%pkgsrc.org@localhost>
date:      Wed May 24 15:36:42 2017 +0000

description:
Adapt & apply fix for
https://bugzilla.samba.org/show_bug.cgi?id=12780 (non-public)
from
https://www.samba.org/samba/ftp/patches/security/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch
Should fix CVE-2017-7494.
Bump PKGREVISION.

diffstat:

 net/samba/Makefile                                      |   4 +-
 net/samba/distinfo                                      |   3 +-
 net/samba/patches/patch-source3_rpc__server_srv__pipe.c |  22 +++++++++++++++++
 3 files changed, 26 insertions(+), 3 deletions(-)

diffs (58 lines):

diff -r a7195d7438fb -r c17944d66808 net/samba/Makefile
--- a/net/samba/Makefile        Wed May 24 15:28:25 2017 +0000
+++ b/net/samba/Makefile        Wed May 24 15:36:42 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.260 2017/05/19 13:29:03 prlw1 Exp $
+# $NetBSD: Makefile,v 1.261 2017/05/24 15:36:42 he Exp $
 
 DISTNAME=      samba-${VERSION}
 CATEGORIES=    net
@@ -10,7 +10,7 @@
 LICENSE=       gnu-gpl-v3
 
 VERSION=       3.6.25
-PKGREVISION=   5
+PKGREVISION=   6
 
 CONFLICTS+=    ja-samba-[0-9]* pam-smbpass-[0-9]* winbind-[0-9]*
 
diff -r a7195d7438fb -r c17944d66808 net/samba/distinfo
--- a/net/samba/distinfo        Wed May 24 15:28:25 2017 +0000
+++ b/net/samba/distinfo        Wed May 24 15:36:42 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.105 2016/02/29 17:13:06 jperkin Exp $
+$NetBSD: distinfo,v 1.106 2017/05/24 15:36:42 he Exp $
 
 SHA1 (samba-3.6.25.tar.gz) = 86fbfcfe80454cc7dbe510e7d58c02922cac3efa
 RMD160 (samba-3.6.25.tar.gz) = 4df673ddac2a3fc8590820c8651e10f0dac90281
@@ -33,3 +33,4 @@
 SHA1 (patch-eg) = af5ebab1c8e183020bb9a5914d0a218ad91d1a0b
 SHA1 (patch-lib_crypto_sha256.h) = f4bd82ba7e63d078543e388621bf30f6f31e0d18
 SHA1 (patch-smbd_notify__inotify.c) = b950f16f4284e1bc4096c10c24a490e5b2b66915
+SHA1 (patch-source3_rpc__server_srv__pipe.c) = dcf7dbce59de071d1d6f574cdba0f9e0231be2c3
diff -r a7195d7438fb -r c17944d66808 net/samba/patches/patch-source3_rpc__server_srv__pipe.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/samba/patches/patch-source3_rpc__server_srv__pipe.c   Wed May 24 15:36:42 2017 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-source3_rpc__server_srv__pipe.c,v 1.1 2017/05/24 15:36:42 he Exp $
+
+Adapt & apply fix for
+https://bugzilla.samba.org/show_bug.cgi?id=12780 (non-public)
+from
+https://www.samba.org/samba/ftp/patches/security/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch
+Should fix CVE-2017-7494.
+
+--- ../source3/rpc_server/srv_pipe.c.orig      2015-02-22 14:11:32.000000000 +0000
++++ ../source3/rpc_server/srv_pipe.c
+@@ -376,6 +376,11 @@ bool is_known_pipename(const char *cli_f
+       const char *pipename = cli_filename;
+       NTSTATUS status;
+ 
++      if (strchr(pipename, '/')) {
++              DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++              return false;
++      }
++
+       if (strnequal(pipename, "\\PIPE\\", 6)) {
+               pipename += 5;
+       }