!267 [sync] PR-266: add Obsoletes '< version' in spec

From: @openeuler-sync-bot 
Reviewed-by: @jiangheng12 
Signed-off-by: @jiangheng12

backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch

@@ -0,0 +1,37 @@
+From a00c0ebd090f69f94ce6ba7774a9fc126d7de504 Mon Sep 17 00:00:00 2001
+From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+Date: Mon, 13 May 2024 11:08:35 +1200
+Subject: [PATCH] s4:dsdb:strcasecmp_with_ldb_val() avoids overflow
+
+Reference: https://git.samba.org/?p=samba.git;a=patch;h=a00c0ebd090f69f94ce6ba7774a9fc126d7de504
+
+In the unlikely event that strlen(str) > INT_MAX, the result could
+have overflowed.
+
+This is not a sort transitivity issue, as this is not a symmetric sort
+comparison, but it would affect binary search reliability.
+
+Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
+Reviewed-by: Andrew Bartlett <abartlet@samba.org>
+---
+ source4/dsdb/schema/schema_query.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c
+index 96c5392..b2e937e 100644
+--- a/source4/dsdb/schema/schema_query.c
++++ b/source4/dsdb/schema/schema_query.c
+@@ -52,7 +52,9 @@ static int strcasecmp_with_ldb_val(const struct ldb_val *target, const char *str
+ 			}
+ 			return 1;
+ 		}
+-		return (target->length - len);
++		if (target->length < len) {
++		        return -1;
++		}
+ 	}
+ 	return ret;
+ }
+-- 
+2.27.0
+

remove-sensitive-info.patch

@@ -0,0 +1,144 @@
+From 54e951d6795bad1f0451ea2e03403e791df3856a Mon Sep 17 00:00:00 2001
+From: zhouyihang <zhouyihang3@huawei.com>
+Date: Fri, 25 Dec 2020 00:11:23 +0800
+Subject: [PATCH] remove sensitive info
+
+Conflict: NA
+Reference: NA
+
+---
+ source3/lib/netapi/examples/share/share_enum.c    | 1 -
+ source3/lib/netapi/examples/share/share_getinfo.c | 1 -
+ source3/lib/netapi/examples/user/user_getinfo.c   | 3 ---
+ source3/rpcclient/cmd_lsarpc.c                    | 3 ---
+ source3/rpcclient/cmd_srvsvc.c                    | 2 --
+ source3/utils/net_rpc.c                           | 1 -
+ source4/scripting/bin/samba3dump                  | 2 --
+ source4/torture/shell.c                           | 1 -
+ 8 files changed, 14 deletions(-)
+
+diff --git a/source3/lib/netapi/examples/share/share_enum.c b/source3/lib/netapi/examples/share/share_enum.c
+index b1f4043..ee69d60 100644
+--- a/source3/lib/netapi/examples/share/share_enum.c
++++ b/source3/lib/netapi/examples/share/share_enum.c
+@@ -118,7 +118,6 @@ int main(int argc, const char **argv)
+ 						printf("#%d max users: %d\n", i, i2->shi2_max_uses);
+ 						printf("#%d current users: %d\n", i, i2->shi2_current_uses);
+ 						printf("#%d path: %s\n", i, i2->shi2_path);
+-						printf("#%d password: %s\n", i, i2->shi2_passwd);
+ 						i2++;
+ 						break;
+ 					default:
+diff --git a/source3/lib/netapi/examples/share/share_getinfo.c b/source3/lib/netapi/examples/share/share_getinfo.c
+index 479da5c..3ef7825 100644
+--- a/source3/lib/netapi/examples/share/share_getinfo.c
++++ b/source3/lib/netapi/examples/share/share_getinfo.c
+@@ -128,7 +128,6 @@ int main(int argc, const char **argv)
+ 			printf("max users: %d\n", i2->shi2_max_uses);
+ 			printf("current users: %d\n", i2->shi2_current_uses);
+ 			printf("path: %s\n", i2->shi2_path);
+-			printf("password: %s\n", i2->shi2_passwd);
+ 			break;
+ 		case 501:
+ 			printf("netname: %s\n", i501->shi501_netname);
+diff --git a/source3/lib/netapi/examples/user/user_getinfo.c b/source3/lib/netapi/examples/user/user_getinfo.c
+index 9e95260..154aa7d 100644
+--- a/source3/lib/netapi/examples/user/user_getinfo.c
++++ b/source3/lib/netapi/examples/user/user_getinfo.c
+@@ -104,7 +104,6 @@ int main(int argc, const char **argv)
+ 		case 1:
+ 			u1 = (struct USER_INFO_1 *)buffer;
+ 			printf("name: %s\n", u1->usri1_name);
+-			printf("password: %s\n", u1->usri1_password);
+ 			printf("password_age: %d\n", u1->usri1_password_age);
+ 			printf("priv: %d\n", u1->usri1_priv);
+ 			printf("homedir: %s\n", u1->usri1_home_dir);
+@@ -115,7 +114,6 @@ int main(int argc, const char **argv)
+ 		case 2:
+ 			u2 = (struct USER_INFO_2 *)buffer;
+ 			printf("name: %s\n", u2->usri2_name);
+-			printf("password: %s\n", u2->usri2_password);
+ 			printf("password_age: %d\n", u2->usri2_password_age);
+ 			printf("priv: %d\n", u2->usri2_priv);
+ 			printf("homedir: %s\n", u2->usri2_home_dir);
+@@ -187,7 +185,6 @@ int main(int argc, const char **argv)
+ 		case 4:
+ 			u4 = (struct USER_INFO_4 *)buffer;
+ 			printf("name: %s\n", u4->usri4_name);
+-			printf("password: %s\n", u4->usri4_password);
+ 			printf("password_age: %d\n", u4->usri4_password_age);
+ 			printf("priv: %d\n", u4->usri4_priv);
+ 			printf("homedir: %s\n", u4->usri4_home_dir);
+diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
+index abb4543..81baece 100644
+--- a/source3/rpcclient/cmd_lsarpc.c
++++ b/source3/rpcclient/cmd_lsarpc.c
+@@ -1289,9 +1289,6 @@ static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
+ 	pwd 	= sess_decrypt_string(talloc_tos(), &data, &session_key);
+ 	pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key);
+ 
+-	d_printf("Password:\t%s\n", pwd);
+-	d_printf("Old Password:\t%s\n", pwd_old);
+-
+ 	talloc_free(pwd);
+ 	talloc_free(pwd_old);
+ }
+diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c
+index 9c00060..b107741 100644
+--- a/source3/rpcclient/cmd_srvsvc.c
++++ b/source3/rpcclient/cmd_srvsvc.c
+@@ -233,7 +233,6 @@ static void display_share_info_2(struct srvsvc_NetShareInfo2 *r)
+ 	printf("netname: %s\n", r->name);
+ 	printf("\tremark:\t%s\n", r->comment);
+ 	printf("\tpath:\t%s\n", r->path);
+-	printf("\tpassword:\t%s\n", r->password);
+ }
+ 
+ static void display_share_info_502(struct srvsvc_NetShareInfo502 *r)
+@@ -241,7 +240,6 @@ static void display_share_info_502(struct srvsvc_NetShareInfo502 *r)
+ 	printf("netname: %s\n", r->name);
+ 	printf("\tremark:\t%s\n", r->comment);
+ 	printf("\tpath:\t%s\n", r->path);
+-	printf("\tpassword:\t%s\n", r->password);
+ 
+ 	printf("\ttype:\t0x%x\n", r->type);
+ 	printf("\tperms:\t%d\n", r->permissions);
+diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
+index a56190f..28a1808 100644
+--- a/source3/utils/net_rpc.c
++++ b/source3/utils/net_rpc.c
+@@ -5582,7 +5582,6 @@ static NTSTATUS rpc_sh_share_info(struct net_context *c,
+ 	d_printf(_("Name:     %s\n"), info.info2->name);
+ 	d_printf(_("Comment:  %s\n"), info.info2->comment);
+ 	d_printf(_("Path:     %s\n"), info.info2->path);
+-	d_printf(_("Password: %s\n"), info.info2->password);
+ 
+  done:
+ 	return werror_to_ntstatus(result);
+diff --git a/source4/scripting/bin/samba3dump b/source4/scripting/bin/samba3dump
+index 1a5d74f..4b311c2 100755
+--- a/source4/scripting/bin/samba3dump
++++ b/source4/scripting/bin/samba3dump
+@@ -70,8 +70,6 @@ def print_samba3_secrets(secrets):
+         print("IPC Credentials:")
+         if secrets.get_auth_user():
+             print("    User: %s\n" % secrets.get_auth_user())
+-        if secrets.get_auth_password():
+-            print("    Password: %s\n" % secrets.get_auth_password())
+         if secrets.get_auth_domain():
+             print("    Domain: %s\n" % secrets.get_auth_domain())
+ 
+diff --git a/source4/torture/shell.c b/source4/torture/shell.c
+index 195149a..f63694a 100644
+--- a/source4/torture/shell.c
++++ b/source4/torture/shell.c
+@@ -240,7 +240,6 @@ static void shell_auth(const struct shell_command * command,
+ 	    printf("User Principal: %s\n", principal ? principal : "");
+ 	    printf("Domain: %s\n", domain ? domain : "");
+ 	    printf("Realm: %s\n", realm ? realm : "");
+-	    printf("Password: %s\n", password ? password : "");
+     } else if (argc == 2) {
+ 	    bool result;
+ 
+-- 
+2.23.0

samba.spec

@@ -1,5 +1,6 @@
 %bcond_with testsuite
 %bcond_without clustering
+%{?python3_sitearch: %global python3_sitearch %{python3_sitearch}}
 
 %define samba_requires_eq()  %(LC_ALL="C" echo '%*' | xargs -r rpm -q --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
 %global talloc_version 2.4.1
@@ -43,14 +44,16 @@
 
 %global with_winexe 0
 
+%ifnarch ppc64le
 %global with_vfs_io_uring 0
+%endif
 
 %global _systemd_extra "Environment=KRB5CCNAME=FILE:/run/samba/krb5cc_samba"
 %global samba_depver %{version}-%{release}
 
 Name:           samba
 Version:        4.19.3
-Release:        1
+Release:        6
 
 Summary:        A suite for Linux to interoperate with Windows
 License:        GPL-3.0-or-later AND LGPL-3.0-or-later
@@ -68,6 +71,9 @@ Source8:        usershares.conf.vendor
 
 Source201:      README.downgrade
 
+Patch1:         remove-sensitive-info.patch
+Patch2:         backport-0001-s4-dsdb-strcasecmp_with_ldb_val-avoids-overflow.patch
+
 
 BuildRequires: avahi-devel bison dbus-devel docbook-style-xsl e2fsprogs-devel flex gawk gnupg2 gnutls-devel >= 3.4.7 gpgme-devel
 BuildRequires: jansson-devel krb5-devel >= %{required_mit_krb5} libacl-devel libaio-devel libarchive-devel libattr-devel 
@@ -138,6 +144,8 @@ Requires:       libwbclient = %{samba_depver}
 
 Provides:       samba4-libs = %{samba_depver}
 Obsoletes:      samba4-libs < %{samba_depver}
+Obsoletes:      python2-samba-test < %{samba_depver}
+Obsoletes:      samba-test-libs < %{samba_depver}
 
 %description libs
 Librariesfor%{name}.
@@ -376,6 +384,7 @@ Requires:       %{name}-client-libs = %{samba_depver} %{name}-common = %{samba_d
 Requires:       python3-talloc python3-tevent python3-tdb python3-ldb python3-dns python3-requests python3-cryptography
 Requires:       %{name}-libs = %{samba_depver}
 Obsoletes:	python2-samba
+Obsoletes:      python3-samba < %{samba_depver}
 
 %if %with_libsmbclient
 Requires: libsmbclient = %{samba_depver}
@@ -397,6 +406,7 @@ Summary:        Test package for python3 binding for %{name}
 Requires:       python3-%{name} = %{samba_depver}
 Requires: 		%{name}-client-libs = %{samba_depver}
 Requires: 		%{name}-libs = %{samba_depver}
+Obsoletes:      python3-samba-test < %{samba_depver}
 
 %description -n python3-samba-test
 This package contains the Python libraries used by the test suite of Samba.
@@ -513,6 +523,7 @@ Requires:       %{name}-client-libs = %{samba_depver} %{name}-libs = %{samba_dep
 %if %with_libwbclient
 Requires:       libwbclient = %{samba_depver}
 %endif
+Obsoletes:      samba-winbind-modules < %{samba_depver}
 
 %description winbind-modules
 This package provides the NSS library and a PAM module
@@ -608,7 +619,7 @@ rm -f lib/crypto/{aes,rijndael}*.c
 
 export python_LDFLAGS="$(echo %{__global_ldflags} | sed -e 's/-Wl,-z,defs//g')"
 
-%ifnarch riscv64 loongarch64
+%ifnarch riscv64 loongarch64 ppc64le
 export LDFLAGS="%{__global_ldflags} -fuse-ld=gold"
 %else
 export LDFLAGS="%{__global_ldflags} -fuse-ld=bfd"
@@ -3584,6 +3595,36 @@ fi
 %endif
 
 %changelog
+* Tue Sep 24 2024 xinghe <xinghe2@h-partners.com> - 4.19.3-6
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:add Obsoletes '< version' in spec
+
+* Thu May 30 2024 zhangyaqi <zhangyaqi@kylinos.cn> - 4.19.3-5
+- Type:bugfis
+- ID:NA
+- SUG:NA
+- DESC:s4:dsdb:strcasecmp_with_ldb_val() avoids overflow
+
+* Thu Feb 1 2024 jiahua.yu <jiahua.yu@shingroup.cn> - 4.19.3-4
+- Type:feature
+- ID:NA
+- SUG:NA
+- DESC:init support for arch ppc64le
+
+* Fri Jan 19 2024 xinghe <xinghe2@h-partners.com> - 4.19.3-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:speeds up the creation of source rpm
+
+* Tue Jan 16 2024 xinghe <xinghe2@h-partners.com> - 4.19.3-2
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:remove sensitive info
+
 * Thu Dec 28 2023 xinghe <xinghe2@h-partners.com> - 4.19.3-1
 - Type:requirement
 - ID:NA