FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
samba43 Free SMB/CIFS and AD/DC server and client for Unix
4.3.13_2 net on this many watch lists=5 search for ports that depend on this port This port version is marked as vulnerable. Find issues related to this port Report an issue related to this port
Maintainer: timur@FreeBSD.org search for ports maintained by this maintainer
Port Added: 30 Nov 2015 01:35:47
License: GPLv3
Samba4 is an attempt to implement an Active Directory compatible Domain
Controller.

In short, you can join a WinNT, Win2000, WinXP or Win2003 member server
to a Samba4 domain, and it will behave much as it does in AD, including
Kerberos domain logins where applicable.

WWW: http://www.samba.org/
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/net/samba43/ && make install clean
To add the package: pkg install samba43

PKGNAME: samba43

ONLY_FOR_ARCHS: nil

NOT_FOR_ARCHS: nil

distinfo:

TIMESTAMP = 1482679553
SHA256 (samba-4.3.13.tar.gz) = 876da00b42cecd340db8bad03aabe78eb34ad6ac9a99876d190be3b39a186a97
SIZE (samba-4.3.13.tar.gz) = 20590334


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. libarchive>=3.1.2 : archivers/libarchive
  2. p5-Parse-Pidl44>=4.3.1 : devel/p5-Parse-Pidl44
  3. py27-dnspython>=1.9.4 : dns/py-dnspython
  4. py27-iso8601>=0.1.11 : devel/py-iso8601
  5. talloc>=2.1.5 : devel/talloc
  6. tevent>=0.9.28 : devel/tevent
  7. tdb>=1.3.8 : databases/tdb
  8. ldb>=1.1.24 : databases/ldb
  9. pkgconf>=1.3.0_1 : devel/pkgconf
  10. python2.7 : lang/python27
  11. python2 : lang/python2
  12. perl5>=5.24<5.25 : lang/perl5.24
Runtime dependencies:
  1. libarchive>=3.1.2 : archivers/libarchive
  2. py27-dnspython>=1.9.4 : dns/py-dnspython
  3. py27-iso8601>=0.1.11 : devel/py-iso8601
  4. talloc>=2.1.5 : devel/talloc
  5. tevent>=0.9.28 : devel/tevent
  6. tdb>=1.3.8 : databases/tdb
  7. ldb>=1.1.24 : databases/ldb
  8. python2.7 : lang/python27
  9. python2 : lang/python2
Library dependencies:
  1. libpopt.so : devel/popt
  2. libinotify.so : devel/libinotify
  3. libgnutls.so : security/gnutls
  4. libsunacl.so : sysutils/libsunacl
  5. libsunacl.so : sysutils/libsunacl
  6. libiconv.so : converters/libiconv
  7. libfam.so.0 : devel/gamin
  8. libldap-2.4.so.2 : net/openldap24-client

This port is required by:

for Build for Extract for Libraries * - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...
Configuration Options
===> The following configuration options are available for samba43-4.3.13_2:
     ACL_SUPPORT=on: File system ACL support
     ADS=on: Active Directory client support
     AD_DC=on: Active Directory Domain Controller support
     AIO_SUPPORT=on: Asyncronous IO support
     CUPS=off: CUPS printing system support
     DEBUG=on: Build with debugging support
     DEVELOPER=off: With development support
     DNSUPDATE=on: Dynamic DNS update (require ADS)
     DOCS=on: Build and/or install documentation
     EXP_MODULES=off: Experimental modules
     FAM=on: File Alteration Monitor support
     LDAP=on: LDAP client support
     MANPAGES=off: Build manpages from DOCBOOK templates
     PAM_SMBPASS=off: PAM authentication via passdb backends
     PTHREADPOOL=on: Pthread pool
     QUOTAS=on: Disk quota support
     SYSLOG=on: Syslog logging support
     UTMP=on: UTMP accounting support
====> Options available for the radio DNS: you can only select none or one of them
     NSUPDATE=off: Use samba NSUPDATE utility for AD DC
     BIND99=off: Use bind99 as AD DC DNS server frontend
     BIND910=off: Use bind910 as AD DC DNS server frontend
====> Options available for the radio ZEROCONF: you can only select none or one of them
     AVAHI=off: Zeroconf support via Avahi
     MDNSRESPONDER=off: Zeroconf support via mDNSResponder
===> Use 'make config' to modify these settings

USES:
cpe compiler waf pkgconfig perl5 python:2  execinfo readline iconv shebangfix fam

Master Sites:
  1. ftp://ca.samba.org/pub/samba/rc/
  2. ftp://ca.samba.org/pub/samba/stable/
  3. ftp://de.samba.org/pub/samba/rc/
  4. ftp://de.samba.org/pub/samba/stable/
  5. http://ftp.samba.org/pub/samba/rc/
  6. http://ftp.samba.org/pub/samba/stable/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2015-11-30
    Affects: users of net/samba43
    Author: timur@FreeBSD.org
    Reason: 
      A new version of Samba server that has better integration with Windows 10.
      This is still experimental and there were reports that rolling upgrade from
      previous version of Samba fails to work.
    
      Please, backup all relevant files from /var/db/samba4/ directory, as well
      as configuration files.
    
      Follow https://wiki.samba.org/index.php/Updating_Samba for the upgrade path.
    
    
Port Moves

Number of commits found: 18

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
25 Mar 2017 23:34:37
Original commit files touched by this commit  4.3.13_2
Revision:436924 This port version is marked as vulnerable.
antoine search for other commits by this committer
Add devel/p5-Parse-Pidl44, based on samba44 sources to allow building
net/samba{42,43,44}
21 Mar 2017 21:59:31
Original commit files touched by this commit  4.3.13_2
Revision:436659 This port version is marked as vulnerable.
antoine search for other commits by this committer
- Add USES=samba to handle dependency on samba
  Valid ARGS:  build, env, lib, run (default: build,run)
- Add SAMBA_DEFAULT to bsd.default-versions.mk (default: 4.3)
- Remove obsolete samba36 ports
- Modify samba4x ports to install libsmbclient
- Convert the ports tree to USES=samba

Reviewed by:	mat
Differential Revision:	https://reviews.freebsd.org/D8919
10 Jan 2017 12:08:20
Original commit files touched by this commit  4.3.13_1
Revision:431079 This port version is marked as vulnerable.
antoine search for other commits by this committer
Remove WANT_OPENLDAP_SASL from a few ports as it prevents users from easily
installing a desktop environment and samba.
WANT_OPENLDAP_SASL must not be used in invidual ports Makefiles.
Note: there is a wip to rewrite the handling of openldap in ports

With hat:	portmgr
Reviewed by:	mat
MFH:		2017Q1
Differential Revision:	https://reviews.freebsd.org/D9083
28 Dec 2016 14:17:53
Original commit files touched by this commit  4.3.13
Revision:429774 This port version is marked as vulnerable.
adamw search for other commits by this committer
Fix packaging with DEVELOPER knob off.
28 Dec 2016 02:51:57
Original commit files touched by this commit  4.3.13
Revision:429692 This port version is marked as vulnerable.
timur search for other commits by this committer
* Upgrade net/samba43 and net/samba44 to address multiple vulnerabilities
* Switch port to use net/openldap24-sasl-client as some authorization methods
don't work with plain openldap24-client.
* Changed namespace used by vfs_fruit to be compatiable with net/netatalk3.
* Removed old DNS crypto patch, as it SEEMS it was superseded by recent code
changes. Please, notify me if you see that internal DNS
doesn't handle signed requests properly anymore.

Security:	CVE-2016-2123
		CVE-2016-2125
		CVE-2016-2126
28 Oct 2016 17:55:30
Original commit files touched by this commit  4.3.11_1
Revision:424875 This port version is marked as vulnerable.
danfe search for other commits by this committer
Do not redefine DEBUG_DESC when its meaning more or less matches the default
option description.  Those ports where it meant something more specific were
left untouched.
21 Oct 2016 12:51:41
Original commit files touched by this commit  4.3.11_1
Revision:424411  Sanity Test Failure This port version is marked as vulnerable.
mat search for other commits by this committer
${RM} already has -f.

PR:		213570
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	Absolight
20 Jul 2016 15:33:20
Original commit files touched by this commit  4.3.11_1
Revision:418840 This port version is marked as vulnerable.
mat search for other commits by this committer
Cleanup $() variables in ports Makefiles.

Mostly replace with ${}, but sometime, replace with $$() because it is
what was intended in the first place. (I think.)

Sponsored by:	Absolight
13 Jul 2016 13:03:00
Original commit files touched by this commit  4.3.11_1
Revision:418473 This port version is marked as vulnerable.
timur search for other commits by this committer
Fixed missed Python module requirement :(
12 Jul 2016 21:36:23
Original commit files touched by this commit  4.3.11
Revision:418448 This port version is marked as vulnerable.
timur search for other commits by this committer
Update Samba 4.2, 4.3 and 4.4 to the lates version to address CVE-2016-2119
(Client side SMB2/3 required signing can be downgraded).

Security:	CVE-2016-2119
07 May 2016 00:28:25
Original commit files touched by this commit  4.3.9
Revision:414751 This port version is marked as vulnerable.
timur search for other commits by this committer
Update samba42 and samba43 to the latest versions. A lot of fixes are made to
fix the fixes in the previous security fixes :)

* BUG 11841: Fix NT_STATUS_ACCESS_DENIED when accessing Windows
  public share.
* BUG 11847: Only validate MIC if "map to guest" is not being used.
* BUG 11849: auth/ntlmssp: Add ntlmssp_{client,server}:force_old_spnego
  option for testing.
* BUG 11850: NetAPP SMB servers don't negotiate NTLMSSP_SIGN.
* BUG 11858: Allow anonymous smb connections.
* BUG 11870: Fix ads_sasl_spnego_gensec_bind(KRB5).
* BUG 11872: Fix 'wbinfo -u' and 'net ads search'.
21 Apr 2016 02:19:31
Original commit files touched by this commit  4.3.8_1
Revision:413713 This port version is marked as vulnerable.
timur search for other commits by this committer
Fixed problem with the undeclared clearenv() that broke the build.
Applied additional patches to fix problem with talloc 2.1.6 and failed
provisioning, thanks to Andrey Kramarenko for pointing me to the patches and
support.

PR:		208767
		208767
12 Apr 2016 22:44:03
Original commit files touched by this commit  4.3.8
Revision:413163 This port version is marked as vulnerable.
timur search for other commits by this committer
Update Samba ports to versions 4.2.11 and 4.3.8 respectivelly, to address
BadLock vulnerability(http://badlock.org).

Security:	CVE-2016-2118
01 Apr 2016 14:16:20
Original commit files touched by this commit  4.3.3_2
Revision:412348 This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight
27 Mar 2016 14:58:00
Original commit files touched by this commit  4.3.3_2
Revision:411990 This port version is marked as vulnerable.
tijl search for other commits by this committer
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)
11 Mar 2016 11:53:42
Original commit files touched by this commit  4.3.3_1
Revision:410825 This port version is marked as vulnerable.
tijl search for other commits by this committer
Combine print/cups-base, print/cups-client and print/cups-image into
print/cups and update it to 2.1.3.  Also remove print/cups-pstoraster,
improve print/cups-filters, print/foomatic-* and update print/hplip to
3.16.2.

Long description:

First some background.  When you hand a file to cups it sets up a chain of
filter programs that converts the file to something a printer understands.
Each filter has a cost associated with it and cups tries to find the
cheapest chain.  Costs used to be configured in such a way that files were
first converted to PostScript.  This could then be manipulated further (e.g.
putting multiple pages on one sheet) before finally being sent to a
PostScript printer or another filter like pstoraster which produces a raster
format understood by non-PostScript printer drivers.  Nowadays most filters
(Only the first 15 lines of the commit message are shown above View all of this commit message)
19 Dec 2015 22:51:10
Original commit files touched by this commit  4.3.3
Revision:404031 This port version is marked as vulnerable.
timur search for other commits by this committer
A security fix release of Samba 4.1, 4.2 and 4.3. Samba 4.1 is also marked as
deprecated.

Security:	CVE-2015-3223
		CVE-2015-5252
		CVE-2015-5299
		CVE-2015-5296
		CVE-2015-8467
		CVE-2015-5330
30 Nov 2015 01:35:36
Original commit files touched by this commit  4.3.1
Revision:402642 This port version is marked as vulnerable.
timur search for other commits by this committer
A new version 4.3.1 of Samba suite. Handle with care.

Number of commits found: 18

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
samba42May 24
samba43May 24
samba44May 24
samba45May 24
samba46May 24
nvidia-driverMay 23
miniupnpcMay 22
wordpressMay 21
wordpressMay 21
wordpressMay 21
wordpressMay 21
wordpressMay 21
wordpress-zh_CNMay 21
wordpress-zh_TWMay 21
asterisk13May 19

13 vulnerabilities affecting 56 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 29927
Broken 140
Deprecated 73
Ignore 430
Forbidden 0
Restricted 207
No CDROM 84
Vulnerable 146
Expired 34
Set to expire 69
Interactive 0
new 24 hours 3
new 48 hours4
new 7 days33
new fortnight73
new month242

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.