From 2e1a2b352ac4b294ff4b31b4fd8d17d3c45008fb Mon Sep 17 00:00:00 2001
From: MilhouseVH <milhouseVH.github@nmacleod.com>
Date: Mon, 25 Sep 2017 04:12:38 +0100
Subject: [PATCH] samba: update to samba-4.7.0

---
 .../network/samba/config/samba4-cache.txt     |   7 +-
 packages/network/samba/package.mk             |  11 +-
 .../samba-951-backport-SMB3_11-default.patch  |  55 -----
 .../samba-952-backport-tbd_deadlock_fix.patch | 215 ------------------
 4 files changed, 13 insertions(+), 275 deletions(-)
 delete mode 100644 packages/network/samba/patches/samba-951-backport-SMB3_11-default.patch
 delete mode 100644 packages/network/samba/patches/samba-952-backport-tbd_deadlock_fix.patch

diff --git a/packages/network/samba/config/samba4-cache.txt b/packages/network/samba/config/samba4-cache.txt
index e74b062a2b..d01670f1ab 100644
--- a/packages/network/samba/config/samba4-cache.txt
+++ b/packages/network/samba/config/samba4-cache.txt
@@ -33,8 +33,9 @@ getcwd takes a NULL argument: OK
 Checking uname sysname type: "Linux"
 Checking uname release type: "3.0.0"
 Checking uname version type: "#1 Tue Nov 1 12:34:56 UTC 2013"
-Checking value of NSIG: "65"
-Checking value of _NSIG: "65"
+Checking value of NSIG: "32"
+Checking value of _NSIG: "64"
 Checking value of SIGRTMAX: "64"
-Checking value of SIGRTMIN: "34"
+Checking value of SIGRTMIN: "32"
+Checking errno of iconv for illegal multibyte sequence: "0"
 
diff --git a/packages/network/samba/package.mk b/packages/network/samba/package.mk
index 7b6621d0c8..fbbbdd35f2 100644
--- a/packages/network/samba/package.mk
+++ b/packages/network/samba/package.mk
@@ -17,8 +17,8 @@
 ################################################################################
 
 PKG_NAME="samba"
-PKG_VERSION="4.6.8"
-PKG_SHA256="581deeb2543f5cedcb556cb950d0e82690d9f0cd33811d76624502ca0c32575d"
+PKG_VERSION="4.7.0"
+PKG_SHA256="bd16d169988eb513e685a87e9964a5210482498fa9b3a22aaa8287a061e3c936"
 PKG_ARCH="any"
 PKG_LICENSE="GPLv3+"
 PKG_SITE="https://www.samba.org"
@@ -41,6 +41,12 @@ else
   SMB_AVAHI="--disable-avahi"
 fi
 
+if [ "$TARGET_ARCH" = x86_64 ]; then
+  SMB_AESNI="--accel-aes=intelaesni"
+else
+  SMB_AESNI="--accel-aes=none"
+fi
+
 PKG_CONFIGURE_OPTS="--prefix=/usr \
                     --sysconfdir=/etc \
                     --localstatedir=/var \
@@ -63,6 +69,7 @@ PKG_CONFIGURE_OPTS="--prefix=/usr \
                     --disable-rpath-install \
                     --disable-rpath-private-install \
                     $SMB_AVAHI \
+                    $SMB_AESNI \
                     --disable-cups \
                     --disable-iprint \
                     --disable-gnutls \
diff --git a/packages/network/samba/patches/samba-951-backport-SMB3_11-default.patch b/packages/network/samba/patches/samba-951-backport-SMB3_11-default.patch
deleted file mode 100644
index cdbfcab494..0000000000
--- a/packages/network/samba/patches/samba-951-backport-SMB3_11-default.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 1199907cbe2f003a7df6f56e6cf3878d0732344d Mon Sep 17 00:00:00 2001
-From: Stefan Metzmacher <metze@samba.org>
-Date: Mon, 26 Jun 2017 10:00:53 +0200
-Subject: [PATCH] param: change the effective default for "client max protocol"
- to the latest supported protocol
-
-Currently it's SMB3_11.
-
-Signed-off-by: Stefan Metzmacher <metze@samba.org>
-Reviewed-by: Andrew Bartlett <abartlet@samba.org>
----
- docs-xml/smbdotconf/protocol/clientmaxprotocol.xml | 2 +-
- lib/param/loadparm.c                               | 2 +-
- source3/param/loadparm.c                           | 2 +-
- 3 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
-index 0131331b876..eba18bfb80a 100644
---- a/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
-+++ b/docs-xml/smbdotconf/protocol/clientmaxprotocol.xml
-@@ -79,7 +79,7 @@
-     negotiation phase in the SMB protocol takes care of choosing 
-     the appropriate protocol.</para>
- 
--    <para>The value <constant>default</constant> refers to <constant>NT1</constant>.</para>
-+    <para>The value <constant>default</constant> refers to <constant>SMB3_11</constant>.</para>
- 
-     <para>IPC$ connections for DCERPC e.g. in winbindd, are handled by the
-     <smbconfoption name="client ipc max protocol"/> option.</para>
-diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
-index 9f32d7b27b0..3ceea50b279 100644
---- a/lib/param/loadparm.c
-+++ b/lib/param/loadparm.c
-@@ -3401,7 +3401,7 @@ int lpcfg_client_max_protocol(struct loadparm_context *lp_ctx)
- {
- 	int client_max_protocol = lpcfg__client_max_protocol(lp_ctx);
- 	if (client_max_protocol == PROTOCOL_DEFAULT) {
--		return PROTOCOL_NT1;
-+		return PROTOCOL_LATEST;
- 	}
- 	return client_max_protocol;
- }
-diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
-index 91fa85ea7b0..8f0cf5e6e03 100644
---- a/source3/param/loadparm.c
-+++ b/source3/param/loadparm.c
-@@ -4543,7 +4543,7 @@ int lp_client_max_protocol(void)
- {
- 	int client_max_protocol = lp__client_max_protocol();
- 	if (client_max_protocol == PROTOCOL_DEFAULT) {
--		return PROTOCOL_NT1;
-+		return PROTOCOL_LATEST;
- 	}
- 	return client_max_protocol;
- }
diff --git a/packages/network/samba/patches/samba-952-backport-tbd_deadlock_fix.patch b/packages/network/samba/patches/samba-952-backport-tbd_deadlock_fix.patch
deleted file mode 100644
index c270444a6b..0000000000
--- a/packages/network/samba/patches/samba-952-backport-tbd_deadlock_fix.patch
+++ /dev/null
@@ -1,215 +0,0 @@
-From 19b193ebc974efdebdf347143938b5d053e67051 Mon Sep 17 00:00:00 2001
-From: Ralph Boehme <slow@samba.org>
-Date: Tue, 14 Mar 2017 14:24:18 +0100
-Subject: [PATCH] tdb: runtime check for robust mutexes may hang in threaded
- programs
-
-The current runtime check for robust mutexes in
-tdb_runtime_check_for_robust_mutexes() is not thread-safe.
-
-When called in a multi-threaded program where any another thread doesn't
-have SIGCHLD blocked, we may end up hung in sigsuspend() waiting for a
-SIGCHLD of a child procecss and the signal was delivered to another
-thread.
-
-Revert to the previous behaviour of waiting for the child instead of
-waiting for the SIGCHLD signal.
-
-Ensure the pid we wait for is not reset to -1 in a toctou race with the
-signal handler.
-
-Check whether waitpid() returns ECHILD which can happen if the signal
-handler is run by more then one thread in parallel (yes, this can
-happen) or if tdb_robust_mutex_wait_for_child() and the signal handler
-are racing.
-
-Bug: https://bugzilla.samba.org/show_bug.cgi?id=12593
-
-Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
-
-Signed-off-by: Ralph Boehme <slow@samba.org>
-Signed-off-by: Stefan Metzmacher <metze@samba.org>
-Reviewed-by: Andreas Schneider <asn@samba.org>
----
- lib/tdb/common/mutex.c | 116 +++++++++++++++++++++++++++++--------------------
- 1 file changed, 70 insertions(+), 46 deletions(-)
-
-diff --git a/lib/tdb/common/mutex.c b/lib/tdb/common/mutex.c
-index cac3916713f..8a122d5d6a2 100644
---- a/lib/tdb/common/mutex.c
-+++ b/lib/tdb/common/mutex.c
-@@ -752,12 +752,23 @@ static bool tdb_robust_mutex_setup_sigchild(void (*handler)(int),
- 
- static void tdb_robust_mutex_handler(int sig)
- {
--	if (tdb_robust_mutex_pid != -1) {
-+	pid_t child_pid = tdb_robust_mutex_pid;
-+
-+	if (child_pid != -1) {
- 		pid_t pid;
--		int status;
- 
--		pid = waitpid(tdb_robust_mutex_pid, &status, WNOHANG);
--		if (pid == tdb_robust_mutex_pid) {
-+		pid = waitpid(child_pid, NULL, WNOHANG);
-+		if (pid == -1) {
-+			switch (errno) {
-+			case ECHILD:
-+				tdb_robust_mutex_pid = -1;
-+				return;
-+
-+			default:
-+				return;
-+			}
-+		}
-+		if (pid == child_pid) {
- 			tdb_robust_mutex_pid = -1;
- 			return;
- 		}
-@@ -776,6 +787,44 @@ static void tdb_robust_mutex_handler(int sig)
- 	tdb_robust_mutext_old_handler(sig);
- }
- 
-+static void tdb_robust_mutex_wait_for_child(pid_t *child_pid)
-+{
-+	int options = WNOHANG;
-+
-+	if (*child_pid == -1) {
-+		return;
-+	}
-+
-+	while (tdb_robust_mutex_pid > 0) {
-+		pid_t pid;
-+
-+		/*
-+		 * First we try with WNOHANG, as the process might not exist
-+		 * anymore. Once we've sent SIGKILL we block waiting for the
-+		 * exit.
-+		 */
-+		pid = waitpid(*child_pid, NULL, options);
-+		if (pid == -1) {
-+			if (errno == EINTR) {
-+				continue;
-+			} else if (errno == ECHILD) {
-+				break;
-+			} else {
-+				abort();
-+			}
-+		}
-+		if (pid == *child_pid) {
-+			break;
-+		}
-+
-+		kill(*child_pid, SIGKILL);
-+		options = 0;
-+	}
-+
-+	tdb_robust_mutex_pid = -1;
-+	*child_pid = -1;
-+}
-+
- _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- {
- 	void *ptr = NULL;
-@@ -788,9 +837,8 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- 	char c = 0;
- 	bool ok;
- 	static bool initialized;
--	sigset_t mask, old_mask, suspend_mask;
-+	pid_t saved_child_pid = -1;
- 	bool cleanup_ma = false;
--	bool cleanup_sigmask = false;
- 
- 	if (initialized) {
- 		return tdb_mutex_locking_cached;
-@@ -798,8 +846,6 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- 
- 	initialized = true;
- 
--	sigemptyset(&suspend_mask);
--
- 	ok = tdb_mutex_locking_supported();
- 	if (!ok) {
- 		return false;
-@@ -845,26 +891,13 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- 	}
- 	m = (pthread_mutex_t *)ptr;
- 
--	/*
--	 * Block SIGCHLD so we can atomically wait for it later with
--	 * sigsuspend()
--	 */
--	sigemptyset(&mask);
--	sigaddset(&mask, SIGCHLD);
--	ret = pthread_sigmask(SIG_BLOCK, &mask, &old_mask);
--	if (ret != 0) {
--		goto cleanup;
--	}
--	cleanup_sigmask = true;
--	suspend_mask = old_mask;
--	sigdelset(&suspend_mask, SIGCHLD);
--
- 	if (tdb_robust_mutex_setup_sigchild(tdb_robust_mutex_handler,
- 			&tdb_robust_mutext_old_handler) == false) {
- 		goto cleanup;
- 	}
- 
- 	tdb_robust_mutex_pid = fork();
-+	saved_child_pid = tdb_robust_mutex_pid;
- 	if (tdb_robust_mutex_pid == 0) {
- 		size_t nwritten;
- 		close(pipe_down[1]);
-@@ -914,14 +947,7 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- 		goto cleanup;
- 	}
- 
--	while (tdb_robust_mutex_pid > 0) {
--		ret = sigsuspend(&suspend_mask);
--		if (ret != -1 || errno != EINTR) {
--			abort();
--		}
--	}
--	tdb_robust_mutex_setup_sigchild(tdb_robust_mutext_old_handler, NULL);
--	tdb_robust_mutext_old_handler = SIG_ERR;
-+	tdb_robust_mutex_wait_for_child(&saved_child_pid);
- 
- 	ret = pthread_mutex_trylock(m);
- 	if (ret != EOWNERDEAD) {
-@@ -950,23 +976,21 @@ _PUBLIC_ bool tdb_runtime_check_for_robust_mutexes(void)
- 	tdb_mutex_locking_cached = true;
- 
- cleanup:
--	while (tdb_robust_mutex_pid > 0) {
--		kill(tdb_robust_mutex_pid, SIGKILL);
--		ret = sigsuspend(&suspend_mask);
--		if (ret != -1 || errno != EINTR) {
--			abort();
--		}
--	}
-+	/*
-+	 * Note that we don't reset the signal handler we just reset
-+	 * tdb_robust_mutex_pid to -1. This is ok as this code path is only
-+	 * called once per process.
-+	 *
-+	 * Leaving our signal handler avoids races with other threads potentialy
-+	 * setting up their SIGCHLD handlers.
-+	 *
-+	 * The worst thing that can happen is that the other newer signal
-+	 * handler will get the SIGCHLD signal for our child and/or reap the
-+	 * child with a wait() function. tdb_robust_mutex_wait_for_child()
-+	 * handles the case where waitpid returns ECHILD.
-+	 */
-+	tdb_robust_mutex_wait_for_child(&saved_child_pid);
- 
--	if (tdb_robust_mutext_old_handler != SIG_ERR) {
--		tdb_robust_mutex_setup_sigchild(tdb_robust_mutext_old_handler, NULL);
--	}
--	if (cleanup_sigmask) {
--		ret = pthread_sigmask(SIG_SETMASK, &old_mask, NULL);
--		if (ret != 0) {
--			abort();
--		}
--	}
- 	if (m != NULL) {
- 		pthread_mutex_destroy(m);
- 	}