fix patches and closes #350
authorOliver Ertl <oliver@ertl-net.net>
Mon, 6 Mar 2006 21:41:03 +0000 (21:41 +0000)
committerOliver Ertl <oliver@ertl-net.net>
Mon, 6 Mar 2006 21:41:03 +0000 (21:41 +0000)
SVN-Revision: 3321

openwrt/package/samba/Makefile
openwrt/package/samba/patches/100-samba.patch
openwrt/package/samba/patches/200-security.patch
openwrt/package/samba/patches/250-writex.patch [new file with mode: 0644]

index 584ed9a..2d9defc 100644 (file)
@@ -2,7 +2,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=samba
 PKG_VERSION:=2.0.10
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 PKG_MD5SUM:=54870482fe036b7e69dd48c90661eec6
 
 PKG_SOURCE_URL:=ftp://se.samba.org/pub/samba/stable \
index 3d41af7..3bfeed3 100644 (file)
@@ -1,6 +1,6 @@
-diff -ur samba-2.0.10/source/include/smb.h samba/source/include/smb.h
---- samba-2.0.10/source/include/smb.h  2001-06-23 12:52:20.000000000 +0400
-+++ samba/source/include/smb.h 2005-05-21 21:09:03.204222704 +0400
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h     2001-06-23 10:52:20.000000000 +0200
++++ samba-2.0.10/source/include/smb.h  2006-03-06 22:21:12.000000000 +0100
 @@ -115,6 +115,22 @@
   *               Usage:
   *                 DEBUGADD( 2, ("Some additional text.\n") );
@@ -43,9 +43,9 @@ diff -ur samba-2.0.10/source/include/smb.h samba/source/include/smb.h
  #define CAP_EXTENDED_SECURITY 0x80000000
  
  /* protocol types. It assumes that higher protocols include lower protocols
-diff -ur samba-2.0.10/source/Makefile.in samba/source/Makefile.in
---- samba-2.0.10/source/Makefile.in    2000-03-17 01:57:08.000000000 +0300
-+++ samba/source/Makefile.in   2005-05-21 20:59:57.130238568 +0400
+diff -ruN samba-2.0.10.orig/source/Makefile.in samba-2.0.10/source/Makefile.in
+--- samba-2.0.10.orig/source/Makefile.in       2000-03-16 23:57:08.000000000 +0100
++++ samba-2.0.10/source/Makefile.in    2006-03-06 22:21:12.000000000 +0100
 @@ -37,8 +37,8 @@
  # set these to where to find various files
  # These can be overridden by command line switches (see smbd(8))
@@ -172,9 +172,9 @@ diff -ur samba-2.0.10/source/Makefile.in samba/source/Makefile.in
        -rmdir bin
  
  distclean: realclean
-diff -ur samba-2.0.10/source/nmbd/nmbd_mynames.c samba/source/nmbd/nmbd_mynames.c
---- samba-2.0.10/source/nmbd/nmbd_mynames.c    2000-03-17 01:59:24.000000000 +0300
-+++ samba/source/nmbd/nmbd_mynames.c   2005-05-21 20:57:26.672111680 +0400
+diff -ruN samba-2.0.10.orig/source/nmbd/nmbd_mynames.c samba-2.0.10/source/nmbd/nmbd_mynames.c
+--- samba-2.0.10.orig/source/nmbd/nmbd_mynames.c       2000-03-16 23:59:24.000000000 +0100
++++ samba-2.0.10/source/nmbd/nmbd_mynames.c    2006-03-06 22:21:12.000000000 +0100
 @@ -215,8 +215,8 @@
           */
          if( !is_refresh_already_queued( subrec, namerec) )
@@ -186,9 +186,9 @@ diff -ur samba-2.0.10/source/nmbd/nmbd_mynames.c samba/source/nmbd/nmbd_mynames.
        }
      }
    }
-diff -ur samba-2.0.10/source/smbd/close.c samba/source/smbd/close.c
---- samba-2.0.10/source/smbd/close.c   2000-04-21 21:43:13.000000000 +0400
-+++ samba/source/smbd/close.c  2005-05-21 19:44:59.516979712 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/close.c samba-2.0.10/source/smbd/close.c
+--- samba-2.0.10.orig/source/smbd/close.c      2000-04-21 19:43:13.000000000 +0200
++++ samba-2.0.10/source/smbd/close.c   2006-03-06 22:21:12.000000000 +0100
 @@ -122,11 +122,11 @@
                last_reference = True;
  
@@ -203,9 +203,9 @@ diff -ur samba-2.0.10/source/smbd/close.c samba/source/smbd/close.c
        /* check for magic scripts */
        if (normal_close) {
                check_magic(fsp,conn);
-diff -ur samba-2.0.10/source/smbd/ipc.c samba/source/smbd/ipc.c
---- samba-2.0.10/source/smbd/ipc.c     2000-03-30 02:20:06.000000000 +0400
-+++ samba/source/smbd/ipc.c    2005-05-21 19:44:59.559973176 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/ipc.c samba-2.0.10/source/smbd/ipc.c
+--- samba-2.0.10.orig/source/smbd/ipc.c        2000-03-30 00:20:06.000000000 +0200
++++ samba-2.0.10/source/smbd/ipc.c     2006-03-06 22:21:12.000000000 +0100
 @@ -472,7 +472,7 @@
    PACK(desc,t,v);
  }
@@ -290,9 +290,9 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba/source/smbd/ipc.c
    {"SamOEMChangePassword", 214, api_SamOEMChangePassword,0},
    {NULL,              -1,     api_Unsupported,0}};
  
-diff -ur samba-2.0.10/source/smbd/negprot.c samba/source/smbd/negprot.c
---- samba-2.0.10/source/smbd/negprot.c 2000-03-17 01:59:47.000000000 +0300
-+++ samba/source/smbd/negprot.c        2005-05-21 21:09:16.025273608 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/negprot.c samba-2.0.10/source/smbd/negprot.c
+--- samba-2.0.10.orig/source/smbd/negprot.c    2000-03-16 23:59:47.000000000 +0100
++++ samba-2.0.10/source/smbd/negprot.c 2006-03-06 22:21:12.000000000 +0100
 @@ -160,7 +160,7 @@
    /* dual names + lock_and_read + nt SMBs + remote API calls */
    int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|
@@ -302,9 +302,9 @@ diff -ur samba-2.0.10/source/smbd/negprot.c samba/source/smbd/negprot.c
  
  
  /*
-diff -ur samba-2.0.10/source/smbd/password.c samba/source/smbd/password.c
---- samba-2.0.10/source/smbd/password.c        2000-03-17 01:59:48.000000000 +0300
-+++ samba/source/smbd/password.c       2005-05-21 19:44:59.562972720 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/password.c samba-2.0.10/source/smbd/password.c
+--- samba-2.0.10.orig/source/smbd/password.c   2000-03-16 23:59:48.000000000 +0100
++++ samba-2.0.10/source/smbd/password.c        2006-03-06 22:21:12.000000000 +0100
 @@ -1149,7 +1149,7 @@
  
    return(True);
@@ -319,9 +319,9 @@ diff -ur samba-2.0.10/source/smbd/password.c samba/source/smbd/password.c
    return True;
  }
 +#endif
-diff -ur samba-2.0.10/source/smbd/process.c samba/source/smbd/process.c
---- samba-2.0.10/source/smbd/process.c 2000-04-15 04:21:27.000000000 +0400
-+++ samba/source/smbd/process.c        2005-05-21 19:44:59.583969528 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/process.c samba-2.0.10/source/smbd/process.c
+--- samba-2.0.10.orig/source/smbd/process.c    2000-04-15 02:21:27.000000000 +0200
++++ samba-2.0.10/source/smbd/process.c 2006-03-06 22:21:12.000000000 +0100
 @@ -343,10 +343,12 @@
     {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
     {SMBflush,"SMBflush",reply_flush,AS_USER},
@@ -353,9 +353,9 @@ diff -ur samba-2.0.10/source/smbd/process.c samba/source/smbd/process.c
    /*
     * Check to see if we have any blocking locks
     * outstanding on the queue.
-diff -ur samba-2.0.10/source/smbd/reply.c samba/source/smbd/reply.c
---- samba-2.0.10/source/smbd/reply.c   2001-06-23 12:51:24.000000000 +0400
-+++ samba/source/smbd/reply.c  2005-05-21 19:44:59.628962688 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c      2001-06-23 10:51:24.000000000 +0200
++++ samba-2.0.10/source/smbd/reply.c   2006-03-06 22:21:12.000000000 +0100
 @@ -597,12 +597,12 @@
  
    if (!check_domain_match(orig_user, domain))
@@ -389,9 +389,9 @@ diff -ur samba-2.0.10/source/smbd/reply.c samba/source/smbd/reply.c
  
  /****************************************************************************
    reply to a mkdir
-diff -ur samba-2.0.10/source/smbd/server.c samba/source/smbd/server.c
---- samba-2.0.10/source/smbd/server.c  2000-03-17 01:59:52.000000000 +0300
-+++ samba/source/smbd/server.c 2005-05-21 19:44:59.649959496 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/server.c samba-2.0.10/source/smbd/server.c
+--- samba-2.0.10.orig/source/smbd/server.c     2000-03-16 23:59:52.000000000 +0100
++++ samba-2.0.10/source/smbd/server.c  2006-03-06 22:21:12.000000000 +0100
 @@ -300,9 +300,9 @@
        lp_killunused(conn_snum_used);
  
@@ -404,9 +404,9 @@ diff -ur samba-2.0.10/source/smbd/server.c samba/source/smbd/server.c
        /* perhaps the config filename is now set */
        if (!test)
                reload_services(True);
-diff -ur samba-2.0.10/source/smbd/service.c samba/source/smbd/service.c
---- samba-2.0.10/source/smbd/service.c 2000-03-17 01:59:52.000000000 +0300
-+++ samba/source/smbd/service.c        2005-05-21 19:44:59.670956304 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/service.c samba-2.0.10/source/smbd/service.c
+--- samba-2.0.10.orig/source/smbd/service.c    2000-03-16 23:59:52.000000000 +0100
++++ samba-2.0.10/source/smbd/service.c 2006-03-06 22:21:12.000000000 +0100
 @@ -121,7 +121,7 @@
        }
       }
@@ -425,9 +425,9 @@ diff -ur samba-2.0.10/source/smbd/service.c samba/source/smbd/service.c
     /* just possibly it's a default service? */
     if (iService < 0) 
     {
-diff -ur samba-2.0.10/source/utils/smbpasswd.c samba/source/utils/smbpasswd.c
---- samba-2.0.10/source/utils/smbpasswd.c      2000-03-17 01:59:57.000000000 +0300
-+++ samba/source/utils/smbpasswd.c     2005-05-21 19:44:59.671956152 +0400
+diff -ruN samba-2.0.10.orig/source/utils/smbpasswd.c samba-2.0.10/source/utils/smbpasswd.c
+--- samba-2.0.10.orig/source/utils/smbpasswd.c 2000-03-16 23:59:57.000000000 +0100
++++ samba-2.0.10/source/utils/smbpasswd.c      2006-03-06 22:21:12.000000000 +0100
 @@ -71,7 +71,7 @@
        }
        exit(1);
@@ -462,9 +462,9 @@ diff -ur samba-2.0.10/source/utils/smbpasswd.c samba/source/utils/smbpasswd.c
        /*
         * Deal with root - can add a user, but only locally.
         */
-diff -ur samba-2.0.10/source/web/swat.c samba/source/web/swat.c
---- samba-2.0.10/source/web/swat.c     2000-04-11 21:36:36.000000000 +0400
-+++ samba/source/web/swat.c    2005-05-21 19:44:59.692952960 +0400
+diff -ruN samba-2.0.10.orig/source/web/swat.c samba-2.0.10/source/web/swat.c
+--- samba-2.0.10.orig/source/web/swat.c        2000-04-11 19:36:36.000000000 +0200
++++ samba-2.0.10/source/web/swat.c     2006-03-06 22:21:12.000000000 +0100
 @@ -357,8 +357,9 @@
                  return 0;
          }
index 7fb34f9..8e51549 100644 (file)
@@ -1,7 +1,7 @@
-diff -ur samba-2.0.10/source/include/smb.h samba-2.0.10-security/source/include/smb.h
---- samba-2.0.10/source/include/smb.h  2001-06-23 12:52:20.000000000 +0400
-+++ samba-2.0.10-security/source/include/smb.h 2005-05-21 21:51:17.206995728 +0400
-@@ -256,6 +256,7 @@
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h     2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/include/smb.h  2006-03-06 22:25:53.000000000 +0100
+@@ -272,6 +272,7 @@
  #define ERRlock 33 /* Lock request conflicts with existing lock */
  #define ERRunsup 50 /* Request unsupported, returned by Win 95, RJS 20Jun98 */
  #define ERRfilexists 80 /* File in operation already exists */
@@ -9,7 +9,7 @@ diff -ur samba-2.0.10/source/include/smb.h samba-2.0.10-security/source/include/
  #define ERRcannotopen 110 /* Cannot open the file specified */
  #define ERRunknownlevel 124
  #define ERRrename 183
-@@ -1893,4 +1894,7 @@
+@@ -1911,4 +1912,7 @@
  
  #define SAFE_NETBIOS_CHARS ". -_"
  
@@ -17,15 +17,15 @@ diff -ur samba-2.0.10/source/include/smb.h samba-2.0.10-security/source/include/
 +#define SAFE_FREE(x) do { if ((x) != NULL) {free((x)); (x)=NULL;} } while(0)
 +#endif
  #endif /* _SMB_H */
-diff -ur samba-2.0.10/source/include/version.h samba-2.0.10-security/source/include/version.h
---- samba-2.0.10/source/include/version.h      2001-06-23 17:23:59.000000000 +0400
-+++ samba-2.0.10-security/source/include/version.h     2005-05-21 21:51:17.227992536 +0400
+diff -ruN samba-2.0.10.orig/source/include/version.h samba-2.0.10/source/include/version.h
+--- samba-2.0.10.orig/source/include/version.h 2001-06-23 15:23:59.000000000 +0200
++++ samba-2.0.10/source/include/version.h      2006-03-06 22:25:53.000000000 +0100
 @@ -1 +1 @@
 -#define VERSION "2.0.10"
 +#define VERSION "2.0.10-security-rollup"
-diff -ur samba-2.0.10/source/smbd/filename.c samba-2.0.10-security/source/smbd/filename.c
---- samba-2.0.10/source/smbd/filename.c        2000-03-17 01:59:44.000000000 +0300
-+++ samba-2.0.10-security/source/smbd/filename.c       2005-05-21 21:51:17.403965784 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/filename.c samba-2.0.10/source/smbd/filename.c
+--- samba-2.0.10.orig/source/smbd/filename.c   2000-03-16 23:59:44.000000000 +0100
++++ samba-2.0.10/source/smbd/filename.c        2006-03-06 22:25:53.000000000 +0100
 @@ -172,7 +172,7 @@
     * StrnCpy always null terminates.
     */
@@ -35,10 +35,10 @@ diff -ur samba-2.0.10/source/smbd/filename.c samba-2.0.10-security/source/smbd/f
    if(!case_sensitive)
      strupper( orig_name );
  
-diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
---- samba-2.0.10/source/smbd/ipc.c     2000-03-30 02:20:06.000000000 +0400
-+++ samba-2.0.10-security/source/smbd/ipc.c    2005-05-21 21:51:17.269986152 +0400
-@@ -3550,18 +3550,18 @@
+diff -ruN samba-2.0.10.orig/source/smbd/ipc.c samba-2.0.10/source/smbd/ipc.c
+--- samba-2.0.10.orig/source/smbd/ipc.c        2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/ipc.c     2006-03-06 22:25:53.000000000 +0100
+@@ -3556,18 +3556,18 @@
        uint16 *setup=NULL;
        int outsize = 0;
        uint16 vuid = SVAL(inbuf,smb_uid);
@@ -67,7 +67,7 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
  
        memset(name, '\0',sizeof(name));
        fstrcpy(name,smb_buf(inbuf));
-@@ -3572,31 +3572,48 @@
+@@ -3578,26 +3578,44 @@
    
        if (tdscnt)  {
                if((data = (char *)malloc(tdscnt)) == NULL) {
@@ -117,12 +117,7 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
                for (i=0;i<suwcnt;i++)
                        setup[i] = SVAL(inbuf,smb_vwv14+i*SIZEOFWORD);
        }
--
-       if (pscnt < tpscnt || dscnt < tdscnt) {
-               /* We need to send an interim response then receive the rest
-                  of the parameter/data bytes */
-@@ -3608,7 +3625,7 @@
+@@ -3614,7 +3632,7 @@
        /* receive the rest of the trans packet */
        while (pscnt < tpscnt || dscnt < tdscnt) {
                BOOL ret;
@@ -131,7 +126,7 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
        
                ret = receive_next_smb(inbuf,bufsize,SMB_SECONDARY_WAIT);
  
-@@ -3619,19 +3636,19 @@
+@@ -3625,19 +3643,19 @@
                                DEBUG(0,("reply_trans: %s in getting secondary trans response.\n",
                                         (smb_read_error == READ_ERROR) ? "error" : "timeout" ));
                        }
@@ -159,7 +154,7 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
  
                pcnt = SVAL(inbuf,smb_vwv2);
                poff = SVAL(inbuf,smb_vwv3);
-@@ -3644,17 +3661,36 @@
+@@ -3650,17 +3668,36 @@
                pscnt += pcnt;
                dscnt += dcnt;
                
@@ -203,7 +198,7 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
        DEBUG(3,("trans <%s> data=%d params=%d setup=%d\n",
                 name,tdscnt,tpscnt,suwcnt));
        
-@@ -3694,4 +3730,12 @@
+@@ -3700,4 +3737,12 @@
                return(ERROR(ERRSRV,ERRnosupport));
        
        return(outsize);
@@ -216,9 +211,9 @@ diff -ur samba-2.0.10/source/smbd/ipc.c samba-2.0.10-security/source/smbd/ipc.c
 +      SAFE_FREE(setup);
 +      return(ERROR(ERRSRV,ERRerror));
  }
-diff -ur samba-2.0.10/source/smbd/nttrans.c samba-2.0.10-security/source/smbd/nttrans.c
---- samba-2.0.10/source/smbd/nttrans.c 2000-04-24 21:27:30.000000000 +0400
-+++ samba-2.0.10-security/source/smbd/nttrans.c        2005-05-21 21:51:17.314979312 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/nttrans.c samba-2.0.10/source/smbd/nttrans.c
+--- samba-2.0.10.orig/source/smbd/nttrans.c    2000-04-24 19:27:30.000000000 +0200
++++ samba-2.0.10/source/smbd/nttrans.c 2006-03-06 22:25:53.000000000 +0100
 @@ -2575,11 +2575,14 @@
      params = (char *)malloc(total_parameter_count);
    if (total_data_count > 0)
@@ -394,9 +389,9 @@ diff -ur samba-2.0.10/source/smbd/nttrans.c samba-2.0.10-security/source/smbd/nt
 +  SAFE_FREE(setup);
 +  return ERROR(ERRDOS,ERRinvalidparam);
  }
-diff -ur samba-2.0.10/source/smbd/password.c samba-2.0.10-security/source/smbd/password.c
---- samba-2.0.10/source/smbd/password.c        2000-03-17 01:59:48.000000000 +0300
-+++ samba-2.0.10-security/source/smbd/password.c       2005-05-21 21:51:17.336975968 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/password.c samba-2.0.10/source/smbd/password.c
+--- samba-2.0.10.orig/source/smbd/password.c   2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/password.c        2006-03-06 22:25:53.000000000 +0100
 @@ -770,7 +770,7 @@
        if (!ok && lp_username(snum)) {
        char *auser;
@@ -406,9 +401,9 @@ diff -ur samba-2.0.10/source/smbd/password.c samba-2.0.10-security/source/smbd/p
  
        pstring_sub(user_list,"%S",lp_servicename(snum));
          
-diff -ur samba-2.0.10/source/smbd/reply.c samba-2.0.10-security/source/smbd/reply.c
---- samba-2.0.10/source/smbd/reply.c   2001-06-23 12:51:24.000000000 +0400
-+++ samba-2.0.10-security/source/smbd/reply.c  2005-05-21 21:51:17.378969584 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c      2006-03-06 22:25:08.000000000 +0100
++++ samba-2.0.10/source/smbd/reply.c   2006-03-06 22:25:53.000000000 +0100
 @@ -1413,6 +1413,9 @@
  
          for (i=numentries;(i<maxentries) && !finished;i++)
@@ -429,9 +424,9 @@ diff -ur samba-2.0.10/source/smbd/reply.c samba-2.0.10-security/source/smbd/repl
                        put_dos_date2(p,0,queue[i].time);
                        CVAL(p,4) = (queue[i].status==LPQ_PRINTING?2:3);
                        SSVAL(p,5,printjob_encode(SNUM(conn), 
-diff -ur samba-2.0.10/source/smbd/trans2.c samba-2.0.10-security/source/smbd/trans2.c
---- samba-2.0.10/source/smbd/trans2.c  2000-04-24 21:27:31.000000000 +0400
-+++ samba-2.0.10-security/source/smbd/trans2.c 2005-05-21 21:51:17.402965936 +0400
+diff -ruN samba-2.0.10.orig/source/smbd/trans2.c samba-2.0.10/source/smbd/trans2.c
+--- samba-2.0.10.orig/source/smbd/trans2.c     2000-04-24 19:27:31.000000000 +0200
++++ samba-2.0.10/source/smbd/trans2.c  2006-03-06 22:25:53.000000000 +0100
 @@ -201,7 +201,6 @@
    int16 open_ofun = SVAL(params,12);
    int32 open_size = IVAL(params,14);
diff --git a/openwrt/package/samba/patches/250-writex.patch b/openwrt/package/samba/patches/250-writex.patch
new file mode 100644 (file)
index 0000000..ed0495e
--- /dev/null
@@ -0,0 +1,152 @@
+diff -ruN samba-2.0.10.orig/source/include/smb.h samba-2.0.10/source/include/smb.h
+--- samba-2.0.10.orig/source/include/smb.h     2006-03-06 22:25:53.000000000 +0100
++++ samba-2.0.10/source/include/smb.h  2006-03-06 22:27:31.000000000 +0100
+@@ -24,8 +24,14 @@
+ #ifndef _SMB_H
+ #define _SMB_H
++#if defined(LARGE_SMB_OFF_T)
++#define BUFFER_SIZE (128*1024)
++#else /* no large readwrite possible */
+ #define BUFFER_SIZE (0xFFFF)
++#endif
++
+ #define SAFETY_MARGIN 1024
++#define LARGE_WRITEX_HDR_SIZE 65
+ #define NMB_PORT 137
+ #define DGRAM_PORT 138
+diff -ruN samba-2.0.10.orig/source/lib/util_sock.c samba-2.0.10/source/lib/util_sock.c
+--- samba-2.0.10.orig/source/lib/util_sock.c   2000-03-16 23:59:18.000000000 +0100
++++ samba-2.0.10/source/lib/util_sock.c        2006-03-06 22:27:31.000000000 +0100
+@@ -649,19 +649,21 @@
+   memset(buffer,'\0',smb_size + 100);
+   len = read_smb_length_return_keepalive(fd,buffer,timeout);
+-  if (len < 0)
+-  {
++      if (len < 0) {
+     DEBUG(10,("receive_smb: length < 0!\n"));
+     return(False);
+   }
+-  if (len > BUFFER_SIZE) {
++      /*
++       * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
++     * of header. Don't print the error if this fits.... JRA.
++       */
++
++      if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
+     DEBUG(0,("Invalid packet length! (%d bytes).\n",len));
+     if (len > BUFFER_SIZE + (SAFETY_MARGIN/2))
+-    {
+       exit(1);
+     }
+-  }
+   if(len > 0) {
+     ret = read_socket_data(fd,buffer+4,len);
+diff -ruN samba-2.0.10.orig/source/smbd/oplock.c samba-2.0.10/source/smbd/oplock.c
+--- samba-2.0.10.orig/source/smbd/oplock.c     2000-04-25 04:32:14.000000000 +0200
++++ samba-2.0.10/source/smbd/oplock.c  2006-03-06 22:27:31.000000000 +0100
+@@ -887,13 +887,13 @@
+      messages crossing on the wire.
+    */
+-  if((inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
++  if((inbuf = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN))==NULL)
+   {
+     DEBUG(0,("oplock_break: malloc fail for input buffer.\n"));
+     return False;
+   }
+-  if((outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
++  if((outbuf = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN))==NULL)
+   {
+     DEBUG(0,("oplock_break: malloc fail for output buffer.\n"));
+     free(inbuf);
+diff -ruN samba-2.0.10.orig/source/smbd/process.c samba-2.0.10/source/smbd/process.c
+--- samba-2.0.10.orig/source/smbd/process.c    2006-03-06 22:25:28.000000000 +0100
++++ samba-2.0.10/source/smbd/process.c 2006-03-06 22:27:31.000000000 +0100
+@@ -995,8 +995,8 @@
+   time_t last_timeout_processing_time = time(NULL);
+   unsigned int num_smbs = 0;
+-  InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
+-  OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
++  InBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
++  OutBuffer = (char *)malloc(BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN);
+   if ((InBuffer == NULL) || (OutBuffer == NULL)) 
+     return;
+@@ -1027,7 +1027,7 @@
+     /* free up temporary memory */
+     lp_talloc_free();
+-    while(!receive_message_or_smb(InBuffer,BUFFER_SIZE,select_timeout,&got_smb))
++    while(!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout,&got_smb))
+     {
+       if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
+         return;
+diff -ruN samba-2.0.10.orig/source/smbd/reply.c samba-2.0.10/source/smbd/reply.c
+--- samba-2.0.10.orig/source/smbd/reply.c      2006-03-06 22:25:53.000000000 +0100
++++ samba-2.0.10/source/smbd/reply.c   2006-03-06 22:27:31.000000000 +0100
+@@ -2551,17 +2551,28 @@
+   size_t numtowrite = SVAL(inbuf,smb_vwv10);
+   BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
+   ssize_t nwritten = -1;
+-  int smb_doff = SVAL(inbuf,smb_vwv11);
++  unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
++  unsigned int smblen = smb_len(inbuf);
+   char *data;
++  BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
+   /* If it's an IPC, pass off the pipe handler. */
+-  if (IS_IPC(conn))
++  if (IS_IPC(conn)) {
+     return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
++  }
+   CHECK_FSP(fsp,conn);
+   CHECK_WRITE(fsp);
+   CHECK_ERROR(fsp);
++  /* Deal with possible LARGE_WRITEX */
++  if (large_writeX)
++    numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
++
++  if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
++    return(ERROR(ERRDOS,ERRbadmem));
++  }
++
+   data = smb_base(inbuf) + smb_doff;
+   if(CVAL(inbuf,smb_wct) == 14) {
+@@ -2586,8 +2597,9 @@
+ #endif /* LARGE_SMB_OFF_T */
+   }
+-  if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK))
++  if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
+     return(ERROR(ERRDOS,ERRlock));
++  }
+   /* X/Open SMB protocol says that, unlike SMBwrite
+      if the length is zero then NO truncation is
+@@ -2598,12 +2610,15 @@
+   else
+     nwritten = write_file(fsp,data,startpos,numtowrite);
+   
+-  if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0))
++  if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
+     return(UNIXERROR(ERRDOS,ERRnoaccess));
++  }
+   set_message(outbuf,6,0,True);
+   
+   SSVAL(outbuf,smb_vwv2,nwritten);
++  if (large_writeX)
++    SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
+   
+   if (nwritten < (ssize_t)numtowrite) {
+     CVAL(outbuf,smb_rcls) = ERRHRD;