The Samba-Bugzilla – Attachment 10866 Details for
Bug 11135
700 testsuites are failing since backupkey changed to gnutls
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for master that handles --disable-gnutls and removes the extra linking
fix-gnutls.patch (text/plain), 5.07 KB, created by
Andrew Bartlett
on 2015-03-12 09:01:39 UTC
(
hide
)
Description:
patch for master that handles --disable-gnutls and removes the extra linking
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2015-03-12 09:01:39 UTC
Size:
5.07 KB
patch
obsolete
>From 469bdd40824909af36e54a2e969d5ca0bb909b09 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Thu, 12 Mar 2015 17:01:05 +1300 >Subject: [PATCH 1/2] lib/tls: Fix behaviour of --disable-gnutls and remove > link to gcrypt > >We no longer link against gcrypt if gnutls > 3.0.0 is found, as these versions use libnettle. > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/lib/tls/tlscert.c | 4 ++-- > source4/lib/tls/wscript | 22 +++++++++++++++++----- > source4/rpc_server/backupkey/dcesrv_backupkey.c | 4 ++-- > 3 files changed, 21 insertions(+), 9 deletions(-) > >diff --git a/source4/lib/tls/tlscert.c b/source4/lib/tls/tlscert.c >index 8a19e0a..b44d46b 100644 >--- a/source4/lib/tls/tlscert.c >+++ b/source4/lib/tls/tlscert.c >@@ -24,7 +24,7 @@ > #if ENABLE_GNUTLS > #include <gnutls/gnutls.h> > #include <gnutls/x509.h> >-#if HAVE_GCRYPT_H >+#if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) > #include <gcrypt.h> > #endif > >@@ -69,7 +69,7 @@ void tls_cert_generate(TALLOC_CTX *mem_ctx, > DEBUG(0,("Attempting to autogenerate TLS self-signed keys for https for hostname '%s'\n", > hostname)); > >-#ifdef HAVE_GCRYPT_H >+#if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) > DEBUG(3,("Enabling QUICK mode in gcrypt\n")); > gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); > #endif >diff --git a/source4/lib/tls/wscript b/source4/lib/tls/wscript >index ae96395..cbba87d 100644 >--- a/source4/lib/tls/wscript >+++ b/source4/lib/tls/wscript >@@ -17,11 +17,18 @@ def configure(conf): > conf.SET_TARGET_TYPE('gnutls', 'DISABLED') > conf.SET_TARGET_TYPE('gcrypt', 'DISABLED') > conf.SET_TARGET_TYPE('gpg-error', 'DISABLED') >+ if 'AD_DC_BUILD_IS_ENABLED' in conf.env: >+ conf.fatal("--disable-gnutls given: Building the AD DC requires GnuTLS (eg libgnutls-dev, gnutls-devel) for ldaps:// support and for the BackupKey protocol") > return > >- conf.check_cfg(package='gnutls', >- args='"gnutls >= 1.4.0 gnutls != 2.2.4 gnutls != 2.8.0 gnutls != 2.8.1" --cflags --libs', >- msg='Checking for gnutls >= 1.4.0 and broken versions', mandatory=False) >+ if conf.check_cfg(package='gnutls', >+ args='"gnutls >= 3.0.0" --cflags --libs', >+ msg='Checking for gnutls >= 3.0.0s', mandatory=False): >+ conf.DEFINE('HAVE_GNUTLS3', 1) >+ else: >+ conf.check_cfg(package='gnutls', >+ args='"gnutls >= 1.4.0 gnutls != 2.2.4 gnutls != 2.8.0 gnutls != 2.8.1" --cflags --libs', >+ msg='Checking for gnutls >= 1.4.0 and broken versions', mandatory=False) > > if 'HAVE_GNUTLS' in conf.env: > conf.DEFINE('ENABLE_GNUTLS', 1) >@@ -45,8 +52,13 @@ def configure(conf): > conf.CHECK_TYPES('gnutls_datum gnutls_datum_t', > headers='gnutls/gnutls.h', lib='gnutls') > >- conf.CHECK_FUNCS_IN('gcry_control', 'gcrypt', headers='gcrypt.h') >- conf.CHECK_FUNCS_IN('gpg_err_code_from_errno', 'gpg-error') >+ # GnuTLS3 moved to libnettle, so only do this in the < 3.0 case >+ if not 'HAVE_GNUTLS3' in conf.env: >+ conf.CHECK_FUNCS_IN('gcry_control', 'gcrypt', headers='gcrypt.h') >+ conf.CHECK_FUNCS_IN('gpg_err_code_from_errno', 'gpg-error') >+ else: >+ conf.SET_TARGET_TYPE('gcrypt', 'DISABLED') >+ conf.SET_TARGET_TYPE('gpg-error', 'DISABLED') > > > def build(bld): >diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c >index 04308bc..749e48b 100644 >--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c >+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c >@@ -43,7 +43,7 @@ > #include "lib/crypto/arcfour.h" > #include <gnutls/gnutls.h> > #include <gnutls/x509.h> >-#if HAVE_GCRYPT_H >+#if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) > #include <gcrypt.h> > #endif > >@@ -809,7 +809,7 @@ static WERROR create_heimdal_rsa_key(TALLOC_CTX *ctx, hx509_context *hctx, > *rsa = NULL; > > gnutls_global_init(); >-#ifdef HAVE_GCRYPT_H >+#if defined(HAVE_GCRYPT_H) && !defined(HAVE_GNUTLS3) > DEBUG(3,("Enabling QUICK mode in gcrypt\n")); > gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); > #endif >-- >1.9.3 > > >From eba77d80da2c855a846cc389f3ad13b64919a6da Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Thu, 12 Mar 2015 17:05:50 +1300 >Subject: [PATCH 2/2] backupkey: Explicitly link to gnutls and gcrypt > >The gcrypt link will be disabled if gnutls is > 3.0.0 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >--- > source4/rpc_server/wscript_build | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build >index c79c1827..55f45c7 100755 >--- a/source4/rpc_server/wscript_build >+++ b/source4/rpc_server/wscript_build >@@ -115,7 +115,7 @@ bld.SAMBA_MODULE('dcerpc_backupkey', > autoproto='backupkey/proto.h', > subsystem='dcerpc_server', > init_function='dcerpc_server_backupkey_init', >- deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY krb5 hx509 hcrypto' >+ deps='samdb DCERPC_COMMON NDR_BACKUPKEY RPC_NDR_BACKUPKEY krb5 hx509 hcrypto gnutls gcrypt' > ) > > >-- >1.9.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 11135
:
10820
|
10832
|
10833
|
10865
|
10866
|
10867
|
10871