From ddc4c165773ffca9b8ac5d3fc84c15aaa6e46935 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 6 Nov 2012 01:24:59 +0100 Subject: [PATCH 1/8] dsdb: Rename _res argument to _result. Newer versions of heimdal include a macro that is unfortunately named '_res'. This change prevents the clash. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett (cherry picked from commit ed6330094b47408f33c2d933e9c80b079dd891d6) --- source4/dsdb/common/util.c | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index 086f2a5..632d5bf 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -3845,7 +3845,7 @@ int dsdb_replace(struct ldb_context *ldb, struct ldb_message *msg, uint32_t dsdb */ int dsdb_search_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, - struct ldb_result **_res, + struct ldb_result **_result, struct ldb_dn *basedn, const char * const *attrs, uint32_t dsdb_flags) @@ -3890,7 +3890,7 @@ int dsdb_search_dn(struct ldb_context *ldb, return ret; } - *_res = res; + *_result = res; return LDB_SUCCESS; } @@ -3900,7 +3900,7 @@ int dsdb_search_dn(struct ldb_context *ldb, */ int dsdb_search_by_dn_guid(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, - struct ldb_result **_res, + struct ldb_result **_result, const struct GUID *guid, const char * const *attrs, uint32_t dsdb_flags) @@ -3915,7 +3915,7 @@ int dsdb_search_by_dn_guid(struct ldb_context *ldb, return ldb_oom(ldb); } - ret = dsdb_search_dn(ldb, mem_ctx, _res, dn, attrs, dsdb_flags); + ret = dsdb_search_dn(ldb, mem_ctx, _result, dn, attrs, dsdb_flags); talloc_free(tmp_ctx); return ret; } @@ -3925,7 +3925,7 @@ int dsdb_search_by_dn_guid(struct ldb_context *ldb, */ int dsdb_search(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, - struct ldb_result **_res, + struct ldb_result **_result, struct ldb_dn *basedn, enum ldb_scope scope, const char * const *attrs, @@ -4003,7 +4003,7 @@ int dsdb_search(struct ldb_context *ldb, } } - *_res = talloc_steal(mem_ctx, res); + *_result = talloc_steal(mem_ctx, res); talloc_free(tmp_ctx); return LDB_SUCCESS; -- 1.7.7 From fd6a26c5f1f5943546003859453d526a7e3abcbf Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 6 Nov 2012 01:25:00 +0100 Subject: [PATCH 2/8] ldb_secrets_tdb_sync: Add dependency on gssapi. This is required when building with the system heimdal, as gssapi/gssapi_spnego.h is included. Reviewed-by: Andrew Bartlett Signed-off-by: Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Tue Nov 6 05:12:28 CET 2012 on sn-devel-104 (cherry picked from commit 6073d214aa8bfeff8dae8cf151357f890dd37a48) --- .../dsdb/samdb/ldb_modules/wscript_build_server | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build_server b/source4/dsdb/samdb/ldb_modules/wscript_build_server index 5d09c40..c23ad16 100755 --- a/source4/dsdb/samdb/ldb_modules/wscript_build_server +++ b/source4/dsdb/samdb/ldb_modules/wscript_build_server @@ -205,7 +205,7 @@ bld.SAMBA_MODULE('ldb_secrets_tdb_sync', init_function='ldb_secrets_tdb_sync_module_init', module_init_name='ldb_init_module', internal_module=False, - deps='talloc secrets3 DSDB_MODULE_HELPERS dbwrap' + deps='talloc secrets3 DSDB_MODULE_HELPERS dbwrap gssapi' ) -- 1.7.7 From dda06e0f8d9f4a2777b3863fa587d9371f40d0a4 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 5 Nov 2012 23:33:21 +0100 Subject: [PATCH 3/8] heimdal_build: HEIMDAL_LIBRARY(): Remove unused cflags argument. (cherry picked from commit 9cf985c53eb1a4bbe8b8110f123744291026cee6) --- source4/heimdal_build/wscript_build | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/source4/heimdal_build/wscript_build b/source4/heimdal_build/wscript_build index 3dfeb2b..f4837ac 100644 --- a/source4/heimdal_build/wscript_build +++ b/source4/heimdal_build/wscript_build @@ -209,7 +209,7 @@ def HEIMDAL_GENERATOR(name, rule, source='', target='', name=name) -def HEIMDAL_LIBRARY(libname, source, deps, vnum, version_script, includes='', cflags=''): +def HEIMDAL_LIBRARY(libname, source, deps, vnum, version_script, includes=''): '''define a Heimdal library''' obj_target = libname + '.objlist' @@ -221,7 +221,6 @@ def HEIMDAL_LIBRARY(libname, source, deps, vnum, version_script, includes='', cf source = source, deps = deps, includes = includes, - cflags = cflags, group = 'main') if not SET_TARGET_TYPE(bld, libname, "LIBRARY"): -- 1.7.7 From 18a8b5a5b9567d4fa507e30e10268305bcddf9ea Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 5 Nov 2012 23:38:23 +0100 Subject: [PATCH 4/8] heimdal_build: Fix finding of system heimdal. When checking for Heimdal headers, make sure HAVE_CONFIG_H is not defined, as config.h will not be available. Reviewed-by: Andrew Bartlett Signed-off-by: Jelmer Vernooij Autobuild-User(master): Jelmer Vernooij Autobuild-Date(master): Tue Nov 6 16:27:03 CET 2012 on sn-devel-104 (cherry picked from commit da284b3765e3c73d204fe2c8b45d6fbd2c08d451) --- source4/heimdal_build/wscript_configure | 55 ++++++++++++++++-------------- 1 files changed, 29 insertions(+), 26 deletions(-) diff --git a/source4/heimdal_build/wscript_configure b/source4/heimdal_build/wscript_configure index ea854f2..168be6d 100755 --- a/source4/heimdal_build/wscript_configure +++ b/source4/heimdal_build/wscript_configure @@ -203,26 +203,31 @@ if check_system_heimdal_lib("roken", "rk_socket_set_reuseaddr", "roken.h"): conf.env.LIBPATH_ROKEN_HOSTCC = conf.env.LIBPATH_ROKEN conf.env.LIB_ROKEN_HOSTCC = "roken" conf.SET_TARGET_TYPE("ROKEN_HOSTCC", 'SYSLIB') -check_system_heimdal_lib("wind", "wind_stringprep", "wind.h", onlyif="roken") -check_system_heimdal_lib("hx509", "hx509_bitstring_print", "hx509.h", onlyif="roken wind") -check_system_heimdal_lib("asn1", "initialize_asn1_error_table", "asn1_err.h", onlyif="roken com_err") -check_system_heimdal_lib("heimbase", "heim_cmp", "heimbase.h", onlyif="roken") -check_system_heimdal_lib("hcrypto", "MD4_Init", "hcrypto/md4.h", - onlyif="asn1 roken com_err") -if check_system_heimdal_lib("krb5", "krb5_anyaddr", "krb5.h", - onlyif="roken wind asn1 hx509 hcrypto com_err heimbase"): - conf.CHECK_FUNCS_IN('krb5_free_unparsed_name', 'krb5', headers="krb5.h") -check_system_heimdal_lib("gssapi", "gss_oid_to_name", "gssapi.h", - onlyif="hcrypto asn1 roken krb5 com_err wind") -check_system_heimdal_lib("heimntlm", "heim_ntlm_ntlmv2_key", "heimntlm.h", - onlyif="roken hcrypto krb5") -if check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h", - onlyif="roken krb5 hcrypto com_err wind"): - CCDEFINES = list(conf.env.CCDEFINES) - conf.undefine("HAVE_CONFIG_H") - while "HAVE_CONFIG_H=1" in conf.env.CCDEFINES: - conf.env.CCDEFINES.remove("HAVE_CONFIG_H=1") - try: + +# Make sure HAVE_CONFIG_H is unset, as the system Heimdal headers use it +# and include config.h if it is set, resulting in failure (since config.h +# doesn't yet exist) + +CCDEFINES = list(conf.env.CCDEFINES) +conf.undefine("HAVE_CONFIG_H") +while "HAVE_CONFIG_H=1" in conf.env.CCDEFINES: + conf.env.CCDEFINES.remove("HAVE_CONFIG_H=1") +try: + check_system_heimdal_lib("wind", "wind_stringprep", "wind.h", onlyif="roken") + check_system_heimdal_lib("hx509", "hx509_bitstring_print", "hx509.h", onlyif="roken wind") + check_system_heimdal_lib("asn1", "initialize_asn1_error_table", "asn1_err.h", onlyif="roken com_err") + check_system_heimdal_lib("heimbase", "heim_cmp", "heimbase.h", onlyif="roken") + check_system_heimdal_lib("hcrypto", "MD4_Init", "hcrypto/md4.h", + onlyif="asn1 roken com_err") + if check_system_heimdal_lib("krb5", "krb5_anyaddr", "krb5.h", + onlyif="roken wind asn1 hx509 hcrypto com_err heimbase"): + conf.CHECK_FUNCS_IN('krb5_free_unparsed_name', 'krb5', headers="krb5.h") + check_system_heimdal_lib("gssapi", "gss_oid_to_name", "gssapi.h", + onlyif="hcrypto asn1 roken krb5 com_err wind") + check_system_heimdal_lib("heimntlm", "heim_ntlm_ntlmv2_key", "heimntlm.h", + onlyif="roken hcrypto krb5") + if check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h", + onlyif="roken krb5 hcrypto com_err wind"): conf.CHECK_CODE(''' #include int main(void) { hdb_enctype2key(NULL, NULL, NULL, 0, NULL); } @@ -232,13 +237,11 @@ if check_system_heimdal_lib("hdb", "hdb_db_dir", "krb5.h hdb.h", lib='hdb', msg='Checking whether hdb_enctype2key takes a keyset argument', local_include=False) - finally: - conf.env.CCDEFINES = CCDEFINES - conf.define("HAVE_CONFIG_H", "1") - -check_system_heimdal_lib("kdc", "kdc_log", "kdc.h", - onlyif="roken krb5 hdb asn1 heimntlm hcrypto com_err wind heimbase") + check_system_heimdal_lib("kdc", "kdc_log", "kdc.h", + onlyif="roken krb5 hdb asn1 heimntlm hcrypto com_err wind heimbase") +finally: + conf.env.CCDEFINES = CCDEFINES # With the proper checks in place we should be able to build against the system libtommath. #if conf.CHECK_BUNDLED_SYSTEM('tommath', checkfunctions='mp_init', headers='tommath.h'): -- 1.7.7 From 3cbce46421d78390714ea5e71969c1967e11e8c5 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 6 Nov 2012 22:24:07 +0100 Subject: [PATCH 5/8] configure: Support specifying PYTHON environment variable to run waf. This is necessary to run configure on Minix, where python is named "python2.X". Reviewed-by: Simo Sorce Signed-off-by: Jelmer Vernooij (cherry picked from commit 010fd296881aa643a4b631d57df503c9e832b35c) --- configure | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/configure b/configure index 72f758e..30858df 100755 --- a/configure +++ b/configure @@ -10,5 +10,5 @@ JOBS=1 export JOBS cd . || exit 1 -$WAF configure "$@" || exit 1 +${PYTHON:=python} $WAF configure "$@" || exit 1 cd $PREVPATH -- 1.7.7 From cb91742dac03136a1aff3ea7f2442f67cad6ce2b Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 6 Nov 2012 22:29:07 +0100 Subject: [PATCH 6/8] Makefile: Allow specifying PYTHON environment variable. This is required for Minix, where python is named "python2.X". Reviewed-by: Simo Sorce Signed-off-by: Jelmer Vernooij Autobuild-User(master): Jelmer Vernooij Autobuild-Date(master): Fri Nov 9 16:39:09 CET 2012 on sn-devel-104 (cherry picked from commit ec0104b1e0eea73331c58d26ea96b5167c2847ed) --- Makefile | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/Makefile b/Makefile index ae2fc06..5f220fa 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,7 @@ # simple makefile wrapper to run waf -WAF_BINARY=./buildtools/bin/waf +PYTHON?=python +WAF_BINARY=$(PYTHON) ./buildtools/bin/waf WAF=WAF_MAKE=1 $(WAF_BINARY) all: -- 1.7.7 From f5579b2ac696c6ae0d1702c9d26ae9d283c83ae8 Mon Sep 17 00:00:00 2001 From: Christian Ambach Date: Tue, 20 Nov 2012 09:49:46 +0100 Subject: [PATCH 7/8] build(waf): fix a typo Autobuild-User(master): Volker Lendecke Autobuild-Date(master): Tue Nov 20 11:54:51 CET 2012 on sn-devel-104 (cherry picked from commit 1fb8f8c5046cd7d0638be0d8a4b9a0e9a5799f6b) --- source3/wscript | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/source3/wscript b/source3/wscript index 9c8ebf8..97c9afc 100644 --- a/source3/wscript +++ b/source3/wscript @@ -161,7 +161,7 @@ main() { main() { exit(flock(open("/dev/null", O_RDWR), LOCK_MAND|LOCK_READ) != 0); }''', 'HAVE_KERNEL_SHARE_MODES', addmain=False, execute=True, - msg="Checking for krenel share modes") + msg="Checking for kernel share modes") # check for DMAPI libs Logs.info("Checking for DMAPI library existence") -- 1.7.7 From f189e16342a8c9da0055cf7421760501846182c9 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 23 Nov 2012 12:21:49 +0100 Subject: [PATCH 8/8] configure(waf): Fail "configure --with-ads" if ads support is not available MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix for bug #9350 This establishes the "auto" mode as default for ads-support, when neither "--with-ads" nor "--without-ads" is specified for configure. Signed-off-by: Stefan Metzmacher Signed-off-by: Björn Baumbach Signed-off-by: Michael Adam Autobuild-User(master): Michael Adam Autobuild-Date(master): Fri Nov 23 19:34:55 CET 2012 on sn-devel-104 (cherry picked from commit e4218e46c77e8d0c4f6c839024620c48f101e2f2) --- source3/wscript | 74 +++++++++++++++++++++++++++++++++++++------------------ 1 files changed, 50 insertions(+), 24 deletions(-) diff --git a/source3/wscript b/source3/wscript index 97c9afc..7a91092 100644 --- a/source3/wscript +++ b/source3/wscript @@ -24,7 +24,7 @@ def set_options(opt): opt.SAMBA3_ADD_OPTION('winbind') opt.SAMBA3_ADD_OPTION('swat') - opt.SAMBA3_ADD_OPTION('ads') + opt.SAMBA3_ADD_OPTION('ads', default=None) # None means autodetection opt.SAMBA3_ADD_OPTION('ldap') opt.SAMBA3_ADD_OPTION('cups', with_name="enable", without_name="disable") opt.SAMBA3_ADD_OPTION('iprint', with_name="enable", without_name="disable") @@ -634,55 +634,61 @@ msg.msg_acctrightslen = sizeof(fd); conf.SET_TARGET_TYPE('ldap', 'EMPTY') conf.SET_TARGET_TYPE('lber', 'EMPTY') - if Options.options.with_ads: - use_ads=True + if Options.options.with_ads == False: + use_ads = False + use_ads_krb5 = False + use_ads_ldap = False + else: + use_ads = True + use_ads_krb5 = True + use_ads_ldap = True if not conf.CONFIG_SET('HAVE_ENCTYPE_ARCFOUR_HMAC_MD5') and \ not conf.CONFIG_SET('HAVE_ENCTYPE_ARCFOUR_HMAC'): Logs.warn("arcfour-hmac-md5 encryption type not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_MK_REQ_EXTENDED'): Logs.warn("krb5_mk_req_extended not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_GET_HOST_REALM'): Logs.warn("krb5_get_host_realm not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_FREE_HOST_REALM'): Logs.warn("krb5_free_host_realm not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_FWD_TGT_CREDS'): Logs.warn("krb5_fwd_tgt_creds found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC'): Logs.warn("krb5_get_init_creds_opt_alloc not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT'): Logs.warn("krb5_get_init_creds_opt_free was not found or was too old in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_GET_RENEWED_CREDS'): Logs.warn("krb5_get_renewed_creds not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM'): Logs.warn("krb5_principal_compare_any_realm not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_C_STRING_TO_KEY') and \ not conf.CONFIG_SET('HAVE_KRB5_STRING_TO_KEY_SALT'): Logs.warn("krb5_c_string_to_key not found in -lkrb5") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL2SALT') and \ not conf.CONFIG_SET('HAVE_KRB5_GET_PW_SALT'): Logs.warn("no CREATE_KEY_FUNCTIONS detected") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_GET_PERMITTED_ENCTYPES') and \ not conf.CONFIG_SET('HAVE_KRB5_GET_DEFAULT_IN_TKT_ETYPES'): Logs.warn("no GET_ENCTYPES_FUNCTIONS detected") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_KT_FREE_ENTRY') and \ not conf.CONFIG_SET('HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS'): Logs.warn("no KT_FREE_FUNCTION detected") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_KRB5_C_VERIFY_CHECKSUM'): Logs.warn("krb5_c_verify_checksum_compare not found in -lkrb5") - use_ads=False + use_ads_krb5 = False # We don't actually use # gsskrb5_extract_authz_data_from_sec_context, but it is a @@ -692,23 +698,43 @@ msg.msg_acctrightslen = sizeof(fd); not (conf.CONFIG_SET('HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT') and \ conf.CONFIG_SET('HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID')): Logs.warn("need eiterh gss_get_name_attribute or gsskrb5_extract_authz_data_from_sec_context and gss_inquire_sec_context_by_oid in -lgssapi for PAC support") - use_ads=False + use_ads_krb5 = False if not conf.CONFIG_SET('HAVE_GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT'): Logs.warn("need gss_krb5_export_lucid_sec_context for SPNEGO and gss_wrap support") - use_ads=False + use_ads_krb5 = False - if use_ads: - conf.DEFINE('WITH_ADS', '1') + if use_ads_krb5: conf.DEFINE('HAVE_KRB5', '1') - if conf.CONFIG_SET('HAVE_LDAP'): - conf.env['HAVE_ADS'] = '1' + conf.env['HAVE_KRB5'] = '1' else: - Logs.warn("krb5 libs don't have all features required for Active Directory support") conf.undefine('HAVE_KRB5_H') conf.undefine('HAVE_GSSAPI_H') conf.undefine('HAVE_GSSAPI_GSSAPI_GENERIC_H') conf.undefine('HAVE_GSSAPI_GSSAPI_H') + use_ads = False + + if not conf.CONFIG_SET('HAVE_LDAP'): + use_ads = False + use_ads_ldap = False + + if use_ads: + conf.DEFINE('WITH_ADS', '1') + conf.env['HAVE_ADS'] = '1' + Logs.info("Building with Active Directory support.") + elif Options.options.with_ads == False: + Logs.info("Building without Active Directory support (--without-ads).") + else: + if not use_ads_krb5: + Logs.warn("Active Directory support not available: krb5 libs don't have all required features") + if not use_ads_ldap: + Logs.warn("Active Directory support not available: LDAP support ist not available.") + if Options.options.with_ads: + conf.fatal("Active Directory support not found. Use --without-ads for building without Active Directory support.") + else: + # this is the auto-mode case + Logs.warn("Building without Active Directory support.") + if Options.options.with_utmp: conf.env.with_utmp = True -- 1.7.7