git.samba.org / jra / samba / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 710ea94)
r15298: Fix the build using a few hacks in the build system.
authorJelmer Vernooij <jelmer@samba.org>
Thu, 27 Apr 2006 19:50:13 +0000 (19:50 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 19:05:04 +0000 (14:05 -0500)
Recursive dependencies are now forbidden (the build system
will bail out if there are any).

I've split up auth_sam.c into auth_sam.c and sam.c. Andrew,
please rename sam.c / move its contents to whatever/wherever you think suits
best.
(This used to be commit 6646384aaf3e7fa2aa798c3e564b94b0617ec4d0)

26 files changed:
source4/auth/auth.c patch | blob | history
source4/auth/auth.h patch | blob | history
source4/auth/auth_sam.c patch | blob | history
source4/auth/config.mk patch | blob | history
source4/auth/gensec/config.mk patch | blob | history
source4/auth/kerberos/kerberos_pac.c patch | blob | history
source4/auth/ntlmssp/config.mk patch | blob | history
source4/auth/sam.c [new file with mode: 0644] patch | blob
source4/build/smb_build/TODO patch | blob | history
source4/build/smb_build/input.pm patch | blob | history
source4/build/smb_build/main.pl patch | blob | history
source4/build/smb_build/makefile.pm patch | blob | history
source4/build/smb_build/output.pm patch | blob | history
source4/dsdb/config.mk patch | blob | history
source4/lib/charset/util_unistr.c patch | blob | history
source4/lib/ldb/config.mk patch | blob | history
source4/lib/registry/config.mk patch | blob | history
source4/lib/registry/registry.h patch | blob | history
source4/lib/socket/config.mk patch | blob | history
source4/lib/util/util_str.c patch | blob | history
source4/libcli/config.mk patch | blob | history
source4/rpc_server/config.mk patch | blob | history
source4/rpc_server/netlogon/dcerpc_netlogon.c patch | blob | history
source4/smbd/config.mk patch | blob | history
source4/torture/config.mk patch | blob | history
source4/utils/config.mk patch | blob | history

diff --git a/source4/auth/auth.c b/source4/auth/auth.c
index 140aa57b155ad54c9c15e87dd6d3be4385aee860..dfef0c8c4d6cc76983b6b2ca4542e02a81cebd1c 100644 (file)
--- a/source4/auth/auth.c
+++ b/source4/auth/auth.c
@@ -21,6 +21,7 @@
 
 #include "includes.h"
 #include "dlinklist.h"
+#include "lib/ldb/include/ldb.h"
 #include "auth/auth.h"
 #include "lib/events/events.h"
 #include "build.h"
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index 80360a7cb4fdad9d3e87371a1a1fcd50add60eb6..724ccf91cae6daee7a1e09122ee103cb575ca785 100644 (file)
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -25,6 +25,7 @@
 #include "libcli/auth/credentials.h"
 #include "auth/gensec/gensec.h"
 #include "auth/gensec/spnego.h"
+#include "lib/ldb/include/ldb.h"
 
 /* modules can use the following to determine if the interface has changed
  * please increment the version number after each interface change
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 22e093581c3f955daf0e3dab958f0d4d29b8d69d..f6b8316eb700e8722c9a18aae01b7bc6e0bed8ba 100644 (file)
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -22,246 +22,16 @@
 
 #include "includes.h"
 #include "system/time.h"
-#include "auth/auth.h"
 #include "db_wrap.h"
+#include "auth/auth.h"
+#include "auth/auth_sam.h"
 #include "dsdb/samdb/samdb.h"
 #include "libcli/security/security.h"
 #include "libcli/ldap/ldap.h"
 #include "librpc/gen_ndr/ndr_security.h"
 
-static const char *user_attrs[] = {
-       /* requried for the krb5 kdc*/
-       "objectClass",
-       "sAMAccountName",
-       "userPrincipalName",
-       "servicePrincipalName",
-       "msDS-KeyVersionNumber",
-       "krb5Key",
-
-       /* passwords */
-       "lmPwdHash", 
-       "ntPwdHash",
-
-       "userAccountControl",
-
-       "pwdLastSet",
-       "accountExpires",
-       
-       "objectSid",
-
-       /* check 'allowed workstations' */
-       "userWorkstations",
-                      
-       /* required for server_info, not access control: */
-       "displayName",
-       "scriptPath",
-       "profilePath",
-       "homeDirectory",
-       "homeDrive",
-       "lastLogon",
-       "lastLogoff",
-       "accountExpires",
-       "badPwdCount",
-       "logonCount",
-       "primaryGroupID",
-       NULL,
-};
-
-static const char *domain_ref_attrs[] =  {"nETBIOSName", "nCName", 
-                                         "dnsRoot", "objectClass", NULL};
-
-/****************************************************************************
- Do a specific test for an smb password being correct, given a smb_password and
- the lanman and NT responses.
-****************************************************************************/
-static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
-                                   TALLOC_CTX *mem_ctx,
-                                   uint16_t acct_flags,
-                                   const struct samr_Password *lm_pwd, 
-                                   const struct samr_Password *nt_pwd,
-                                   const struct auth_usersupplied_info *user_info, 
-                                   DATA_BLOB *user_sess_key, 
-                                   DATA_BLOB *lm_sess_key)
-{
-       NTSTATUS status;
-
-       if (acct_flags & ACB_PWNOTREQ) {
-               if (lp_null_passwords()) {
-                       DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
-                                user_info->mapped.account_name));
-                       return NT_STATUS_OK;
-               } else {
-                       DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", 
-                                user_info->mapped.account_name));
-                       return NT_STATUS_LOGON_FAILURE;
-               }               
-       }
-
-       switch (user_info->password_state) {
-       case AUTH_PASSWORD_PLAIN: 
-       {
-               const struct auth_usersupplied_info *user_info_temp;    
-               status = encrypt_user_info(mem_ctx, auth_context, 
-                                          AUTH_PASSWORD_HASH, 
-                                          user_info, &user_info_temp);
-               if (!NT_STATUS_IS_OK(status)) {
-                       DEBUG(1, ("Failed to convert plaintext password to password HASH: %s\n", nt_errstr(status)));
-                       return status;
-               }
-               user_info = user_info_temp;
-
-               /*fall through*/
-       }
-       case AUTH_PASSWORD_HASH:
-               *lm_sess_key = data_blob(NULL, 0);
-               *user_sess_key = data_blob(NULL, 0);
-               status = hash_password_check(mem_ctx, 
-                                            user_info->password.hash.lanman,
-                                            user_info->password.hash.nt,
-                                            user_info->mapped.account_name,
-                                            lm_pwd, nt_pwd);
-               NT_STATUS_NOT_OK_RETURN(status);
-               break;
-               
-       case AUTH_PASSWORD_RESPONSE:
-               status = ntlm_password_check(mem_ctx, user_info->logon_parameters, 
-                                            &auth_context->challenge.data, 
-                                            &user_info->password.response.lanman, 
-                                            &user_info->password.response.nt,
-                                            user_info->mapped.account_name,
-                                            user_info->client.account_name, 
-                                            user_info->client.domain_name, 
-                                            lm_pwd, nt_pwd,
-                                            user_sess_key, lm_sess_key);
-               NT_STATUS_NOT_OK_RETURN(status);
-               break;
-       }
-
-       if (user_sess_key && user_sess_key->data) {
-               talloc_steal(auth_context, user_sess_key->data);
-       }
-       if (lm_sess_key && lm_sess_key->data) {
-               talloc_steal(auth_context, lm_sess_key->data);
-       }
-
-       return NT_STATUS_OK;
-}
-
-
-/****************************************************************************
- Do a specific test for a SAM_ACCOUNT being vaild for this connection 
- (ie not disabled, expired and the like).
-****************************************************************************/
-NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
-                           struct ldb_context *sam_ctx,
-                           uint32_t logon_parameters,
-                           struct ldb_message *msg,
-                           struct ldb_message *msg_domain_ref,
-                           const char *logon_workstation,
-                           const char *name_for_logs)
-{
-       uint16_t acct_flags;
-       const char *workstation_list;
-       NTTIME acct_expiry;
-       NTTIME must_change_time;
-       NTTIME last_set_time;
-
-       struct ldb_dn *domain_dn = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", ldb_dn_new(mem_ctx));
-
-       NTTIME now;
-       DEBUG(4,("authsam_account_ok: Checking SMB password for user %s\n", name_for_logs));
-
-       acct_flags = samdb_result_acct_flags(msg, "userAccountControl");
-       
-       acct_expiry = samdb_result_nttime(msg, "accountExpires", 0);
-       must_change_time = samdb_result_force_password_change(sam_ctx, mem_ctx, 
-                                                             domain_dn, msg);
-       last_set_time = samdb_result_nttime(msg, "pwdLastSet", 0);
-
-       workstation_list = samdb_result_string(msg, "userWorkstations", NULL);
-
-       /* Quit if the account was disabled. */
-       if (acct_flags & ACB_DISABLED) {
-               DEBUG(1,("authsam_account_ok: Account for user '%s' was disabled.\n", name_for_logs));
-               return NT_STATUS_ACCOUNT_DISABLED;
-       }
-
-       /* Quit if the account was locked out. */
-       if (acct_flags & ACB_AUTOLOCK) {
-               DEBUG(1,("authsam_account_ok: Account for user %s was locked out.\n", name_for_logs));
-               return NT_STATUS_ACCOUNT_LOCKED_OUT;
-       }
-
-       /* Test account expire time */
-       unix_to_nt_time(&now, time(NULL));
-       if (now > acct_expiry) {
-               DEBUG(1,("authsam_account_ok: Account for user '%s' has expired.\n", name_for_logs));
-               DEBUG(3,("authsam_account_ok: Account expired at '%s'.\n", 
-                        nt_time_string(mem_ctx, acct_expiry)));
-               return NT_STATUS_ACCOUNT_EXPIRED;
-       }
-
-       if (!(acct_flags & ACB_PWNOEXP)) {
-               /* check for immediate expiry "must change at next logon" */
-               if (must_change_time == 0 && last_set_time != 0) {
-                       DEBUG(1,("sam_account_ok: Account for user '%s' password must change!.\n", 
-                                name_for_logs));
-                       return NT_STATUS_PASSWORD_MUST_CHANGE;
-               }
-
-               /* check for expired password */
-               if ((must_change_time != 0) && (must_change_time < now)) {
-                       DEBUG(1,("sam_account_ok: Account for user '%s' password expired!.\n", 
-                                name_for_logs));
-                       DEBUG(1,("sam_account_ok: Password expired at '%s' unix time.\n", 
-                                nt_time_string(mem_ctx, must_change_time)));
-                       return NT_STATUS_PASSWORD_EXPIRED;
-               }
-       }
-
-       /* Test workstation. Workstation list is comma separated. */
-       if (logon_workstation && workstation_list && *workstation_list) {
-               BOOL invalid_ws = True;
-               int i;
-               const char **workstations = str_list_make(mem_ctx, workstation_list, ",");
-               
-               for (i = 0; workstations && workstations[i]; i++) {
-                       DEBUG(10,("sam_account_ok: checking for workstation match '%s' and '%s'\n",
-                                 workstations[i], logon_workstation));
-
-                       if (strequal(workstations[i], logon_workstation) == 0) {
-                               invalid_ws = False;
-                               break;
-                       }
-               }
-
-               talloc_free(workstations);
-
-               if (invalid_ws) {
-                       return NT_STATUS_INVALID_WORKSTATION;
-               }
-       }
-       
-       if (acct_flags & ACB_DOMTRUST) {
-               DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", name_for_logs));
-               return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
-       }
-       
-       if (!(logon_parameters & MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT)) {
-               if (acct_flags & ACB_SVRTRUST) {
-                       DEBUG(2,("sam_account_ok: Server trust account %s denied by server\n", name_for_logs));
-                       return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
-               }
-       }
-       if (!(logon_parameters & MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT)) {
-               if (acct_flags & ACB_WSTRUST) {
-                       DEBUG(4,("sam_account_ok: Wksta trust account %s denied by server\n", name_for_logs));
-                       return NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT;
-               }
-       }
-
-       return NT_STATUS_OK;
-}
+extern const char *user_attrs[];
+extern const char *domain_ref_attrs[];
 
 /****************************************************************************
  Look for the specified user in the sam, return ldb result structures
@@ -381,6 +151,85 @@ static NTSTATUS authsam_search_account(TALLOC_CTX *mem_ctx, struct ldb_context *
        return NT_STATUS_OK;
 }
 
+/****************************************************************************
+ Do a specific test for an smb password being correct, given a smb_password and
+ the lanman and NT responses.
+****************************************************************************/
+static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
+                                   TALLOC_CTX *mem_ctx,
+                                   uint16_t acct_flags,
+                                   const struct samr_Password *lm_pwd, 
+                                   const struct samr_Password *nt_pwd,
+                                   const struct auth_usersupplied_info *user_info, 
+                                   DATA_BLOB *user_sess_key, 
+                                   DATA_BLOB *lm_sess_key)
+{
+       NTSTATUS status;
+
+       if (acct_flags & ACB_PWNOTREQ) {
+               if (lp_null_passwords()) {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
+                                user_info->mapped.account_name));
+                       return NT_STATUS_OK;
+               } else {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", 
+                                user_info->mapped.account_name));
+                       return NT_STATUS_LOGON_FAILURE;
+               }               
+       }
+
+       switch (user_info->password_state) {
+       case AUTH_PASSWORD_PLAIN: 
+       {
+               const struct auth_usersupplied_info *user_info_temp;    
+               status = encrypt_user_info(mem_ctx, auth_context, 
+                                          AUTH_PASSWORD_HASH, 
+                                          user_info, &user_info_temp);
+               if (!NT_STATUS_IS_OK(status)) {
+                       DEBUG(1, ("Failed to convert plaintext password to password HASH: %s\n", nt_errstr(status)));
+                       return status;
+               }
+               user_info = user_info_temp;
+
+               /*fall through*/
+       }
+       case AUTH_PASSWORD_HASH:
+               *lm_sess_key = data_blob(NULL, 0);
+               *user_sess_key = data_blob(NULL, 0);
+               status = hash_password_check(mem_ctx, 
+                                            user_info->password.hash.lanman,
+                                            user_info->password.hash.nt,
+                                            user_info->mapped.account_name,
+                                            lm_pwd, nt_pwd);
+               NT_STATUS_NOT_OK_RETURN(status);
+               break;
+               
+       case AUTH_PASSWORD_RESPONSE:
+               status = ntlm_password_check(mem_ctx, user_info->logon_parameters, 
+                                            &auth_context->challenge.data, 
+                                            &user_info->password.response.lanman, 
+                                            &user_info->password.response.nt,
+                                            user_info->mapped.account_name,
+                                            user_info->client.account_name, 
+                                            user_info->client.domain_name, 
+                                            lm_pwd, nt_pwd,
+                                            user_sess_key, lm_sess_key);
+               NT_STATUS_NOT_OK_RETURN(status);
+               break;
+       }
+
+       if (user_sess_key && user_sess_key->data) {
+               talloc_steal(auth_context, user_sess_key->data);
+       }
+       if (lm_sess_key && lm_sess_key->data) {
+               talloc_steal(auth_context, lm_sess_key->data);
+       }
+
+       return NT_STATUS_OK;
+}
+
+
+
 static NTSTATUS authsam_authenticate(struct auth_context *auth_context, 
                                     TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, 
                                     struct ldb_message **msgs,
@@ -424,214 +273,7 @@ static NTSTATUS authsam_authenticate(struct auth_context *auth_context,
        return nt_status;
 }
 
-NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx,
-                                 struct ldb_message *msg,
-                                 struct ldb_message *msg_domain_ref,
-                                 DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key,
-                                 struct auth_serversupplied_info **_server_info)
-{
-       struct auth_serversupplied_info *server_info;
-       struct ldb_message **group_msgs;
-       int group_ret;
-       const char *group_attrs[3] = { "sAMAccountType", "objectSid", NULL }; 
-       /* find list of sids */
-       struct dom_sid **groupSIDs = NULL;
-       struct dom_sid *account_sid;
-       struct dom_sid *primary_group_sid;
-       const char *str;
-       struct ldb_dn *ncname;
-       int i;
-       uint_t rid;
-       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-
-       group_ret = gendb_search(sam_ctx,
-                                tmp_ctx, NULL, &group_msgs, group_attrs,
-                                "(&(member=%s)(sAMAccountType=*))", 
-                                ldb_dn_linearize(tmp_ctx, msg->dn));
-       if (group_ret == -1) {
-               talloc_free(tmp_ctx);
-               return NT_STATUS_INTERNAL_DB_CORRUPTION;
-       }
-
-       server_info = talloc(mem_ctx, struct auth_serversupplied_info);
-       NT_STATUS_HAVE_NO_MEMORY(server_info);
-       
-       if (group_ret > 0) {
-               groupSIDs = talloc_array(server_info, struct dom_sid *, group_ret);
-               NT_STATUS_HAVE_NO_MEMORY(groupSIDs);
-       }
-
-       /* Need to unroll some nested groups, but not aliases */
-       for (i = 0; i < group_ret; i++) {
-               groupSIDs[i] = samdb_result_dom_sid(groupSIDs, 
-                                                   group_msgs[i], "objectSid");
-               NT_STATUS_HAVE_NO_MEMORY(groupSIDs[i]);
-       }
-
-       talloc_free(tmp_ctx);
-
-       account_sid = samdb_result_dom_sid(server_info, msg, "objectSid");
-       NT_STATUS_HAVE_NO_MEMORY(account_sid);
-
-       primary_group_sid = dom_sid_dup(server_info, account_sid);
-       NT_STATUS_HAVE_NO_MEMORY(primary_group_sid);
-
-       rid = samdb_result_uint(msg, "primaryGroupID", ~0);
-       if (rid == ~0) {
-               if (group_ret > 0) {
-                       primary_group_sid = groupSIDs[0];
-               } else {
-                       primary_group_sid = NULL;
-               }
-       } else {
-               primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid;
-       }
 
-       server_info->account_sid = account_sid;
-       server_info->primary_group_sid = primary_group_sid;
-       
-       server_info->n_domain_groups = group_ret;
-       server_info->domain_groups = groupSIDs;
-
-       server_info->account_name = talloc_steal(server_info, samdb_result_string(msg, "sAMAccountName", NULL));
-
-       server_info->domain_name = talloc_steal(server_info, samdb_result_string(msg_domain_ref, "nETBIOSName", NULL));
-
-       str = samdb_result_string(msg, "displayName", "");
-       server_info->full_name = talloc_strdup(server_info, str);
-       NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
-
-       str = samdb_result_string(msg, "scriptPath", "");
-       server_info->logon_script = talloc_strdup(server_info, str);
-       NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
-
-       str = samdb_result_string(msg, "profilePath", "");
-       server_info->profile_path = talloc_strdup(server_info, str);
-       NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
-
-       str = samdb_result_string(msg, "homeDirectory", "");
-       server_info->home_directory = talloc_strdup(server_info, str);
-       NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
-
-       str = samdb_result_string(msg, "homeDrive", "");
-       server_info->home_drive = talloc_strdup(server_info, str);
-       NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
-
-       server_info->logon_server = talloc_strdup(server_info, lp_netbios_name());
-       NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
-
-       server_info->last_logon = samdb_result_nttime(msg, "lastLogon", 0);
-       server_info->last_logoff = samdb_result_nttime(msg, "lastLogoff", 0);
-       server_info->acct_expiry = samdb_result_nttime(msg, "accountExpires", 0);
-       server_info->last_password_change = samdb_result_nttime(msg, "pwdLastSet", 0);
-
-       ncname = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", NULL);
-       if (!ncname) {
-               return NT_STATUS_INTERNAL_DB_CORRUPTION;
-       }
-       server_info->allow_password_change
-               = samdb_result_allow_password_change(sam_ctx, mem_ctx, 
-                                                    ncname, msg, "pwdLastSet");
-       server_info->force_password_change
-               = samdb_result_force_password_change(sam_ctx, mem_ctx, 
-                                                    ncname, msg);
-       
-       server_info->logon_count = samdb_result_uint(msg, "logonCount", 0);
-       server_info->bad_password_count = samdb_result_uint(msg, "badPwdCount", 0);
-
-       server_info->acct_flags = samdb_result_acct_flags(msg, "userAccountControl");
-
-       server_info->user_session_key = user_sess_key;
-       server_info->lm_session_key = lm_sess_key;
-
-       server_info->authenticated = True;
-
-       *_server_info = server_info;
-
-       return NT_STATUS_OK;
-}
-
-_PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
-                                  TALLOC_CTX *mem_ctx, const char *principal,
-                                  struct ldb_message ***msgs,
-                                  struct ldb_message ***msgs_domain_ref)
-{                         
-       struct ldb_dn *user_dn, *domain_dn;
-       NTSTATUS nt_status;
-       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-       int ret;
-
-       if (!tmp_ctx) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       nt_status = crack_user_principal_name(sam_ctx, tmp_ctx, principal, &user_dn, &domain_dn);
-       if (!NT_STATUS_IS_OK(nt_status)) {
-               talloc_free(tmp_ctx);
-               return nt_status;
-       }
-       
-       /* grab domain info from the reference */
-       ret = gendb_search(sam_ctx, tmp_ctx, NULL, msgs_domain_ref, domain_ref_attrs,
-                          "(ncName=%s)", ldb_dn_linearize(tmp_ctx, domain_dn));
-
-       if (ret != 1) {
-               talloc_free(tmp_ctx);
-               return NT_STATUS_INTERNAL_DB_CORRUPTION;
-       }
-       
-       /* pull the user attributes */
-       ret = gendb_search_dn(sam_ctx, tmp_ctx, 
-                             user_dn, msgs, user_attrs);
-       if (ret != 1) {
-               talloc_free(tmp_ctx);
-               return NT_STATUS_INTERNAL_DB_CORRUPTION;
-       }
-       talloc_steal(mem_ctx, *msgs);
-       talloc_steal(mem_ctx, *msgs_domain_ref);
-       talloc_free(tmp_ctx);
-       
-       return NT_STATUS_OK;
-}
-                                  
-/* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
-NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, const char *principal,
-                                      struct auth_serversupplied_info **server_info)
-{
-       NTSTATUS nt_status;
-       DATA_BLOB user_sess_key = data_blob(NULL, 0);
-       DATA_BLOB lm_sess_key = data_blob(NULL, 0);
-
-       struct ldb_message **msgs;
-       struct ldb_message **msgs_domain_ref;
-       struct ldb_context *sam_ctx;
-
-       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
-       if (!tmp_ctx) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       sam_ctx = samdb_connect(tmp_ctx, system_session(tmp_ctx));
-       if (sam_ctx == NULL) {
-               talloc_free(tmp_ctx);
-               return NT_STATUS_INVALID_SYSTEM_SERVICE;
-       }
-
-       nt_status = sam_get_results_principal(sam_ctx, tmp_ctx, principal, 
-                                             &msgs, &msgs_domain_ref);
-       if (!NT_STATUS_IS_OK(nt_status)) {
-               return nt_status;
-       }
-
-       nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], msgs_domain_ref[0],
-                                            user_sess_key, lm_sess_key,
-                                            server_info);
-       if (NT_STATUS_IS_OK(nt_status)) {
-               talloc_steal(mem_ctx, *server_info);
-       }
-       talloc_free(tmp_ctx);
-       return nt_status;
-}
 
 static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx,
                                                 TALLOC_CTX *mem_ctx,
diff --git a/source4/auth/config.mk b/source4/auth/config.mk
index 6586fbfe5dc5313ac204617425d14fd46218cb1a..7e2a0ea2cc71a34ca56bab09e1e9e84f35ff9431 100644 (file)
--- a/source4/auth/config.mk
+++ b/source4/auth/config.mk
@@ -4,19 +4,23 @@ include kerberos/config.mk
 include ntlmssp/config.mk
 include credentials/config.mk
 
+[SUBSYSTEM::auth_sam]
+PRIVATE_PROTO_HEADER = auth_sam.h
+OBJ_FILES = \
+               sam.o \
+               auth_sam_reply.o
+PUBLIC_DEPENDENCIES = \
+               SAMDB
+
 #######################
 # Start MODULE auth_sam
-[MODULE::auth_sam]
+[MODULE::auth_sam_module]
 # gensec_krb5 and gensec_gssapi depend on it
-OUTPUT_TYPE = MERGEDOBJ
-PRIVATE_PROTO_HEADER = auth_sam.h
 INIT_FUNCTION = auth_sam_init
 SUBSYSTEM = auth
-OBJ_FILES = \
-               auth_sam.o \
-               auth_sam_reply.o
+OBJ_FILES = auth_sam.o
 PUBLIC_DEPENDENCIES = \
-               SAMDB
+               SAMDB auth_sam
 # End MODULE auth_sam
 #######################
 
diff --git a/source4/auth/gensec/config.mk b/source4/auth/gensec/config.mk
index 38351c7efbbb996148115e4d7cf890328e11f1c1..2aad8eb4b1936628a935a9e41142ac7ba414cbd6 100644 (file)
--- a/source4/auth/gensec/config.mk
+++ b/source4/auth/gensec/config.mk
@@ -52,7 +52,7 @@ INIT_FUNCTION = gensec_schannel_init
 OBJ_FILES = schannel.o \
                        schannel_sign.o
 PUBLIC_DEPENDENCIES = auth SCHANNELDB NDR_SCHANNEL
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 # End MODULE gensec_schannel
 ################################################
 
diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 673137fd5ce202976aa2608570ffddd7466b56ad..c0733297a44f55b1dd395059ad626df9f0a16179 100644 (file)
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -28,6 +28,7 @@
 #include "system/kerberos.h"
 #include "auth/kerberos/kerberos.h"
 #include "librpc/gen_ndr/ndr_krb5pac.h"
+#include "auth/auth.h"
 #include "auth/auth_sam.h"
 
 static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, 
diff --git a/source4/auth/ntlmssp/config.mk b/source4/auth/ntlmssp/config.mk
index fc9ccd91f6972ecb58f79a55fabd3db08e7edbf7..b1b00166e62972848703edf6e054a9189fb63800 100644 (file)
--- a/source4/auth/ntlmssp/config.mk
+++ b/source4/auth/ntlmssp/config.mk
@@ -13,6 +13,6 @@ OBJ_FILES = ntlmssp.o \
                ntlmssp_client.o \
                ntlmssp_server.o
 PUBLIC_DEPENDENCIES = auth MSRPC_PARSE
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 # End MODULE gensec_ntlmssp
 ################################################
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
new file mode 100644 (file)
index 0000000..a40e844
--- /dev/null
+++ b/source4/auth/sam.c
@@ -0,0 +1,395 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2004
+   Copyright (C) Gerald Carter                             2003
+   Copyright (C) Stefan Metzmacher                         2005
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "system/time.h"
+#include "auth/auth.h"
+#include "db_wrap.h"
+#include "dsdb/samdb/samdb.h"
+#include "libcli/security/security.h"
+#include "libcli/ldap/ldap.h"
+#include "librpc/gen_ndr/ndr_security.h"
+
+const char *user_attrs[] = {
+       /* required for the krb5 kdc */
+       "objectClass",
+       "sAMAccountName",
+       "userPrincipalName",
+       "servicePrincipalName",
+       "msDS-KeyVersionNumber",
+       "krb5Key",
+
+       /* passwords */
+       "lmPwdHash", 
+       "ntPwdHash",
+
+       "userAccountControl",
+
+       "pwdLastSet",
+       "accountExpires",
+       
+       "objectSid",
+
+       /* check 'allowed workstations' */
+       "userWorkstations",
+                      
+       /* required for server_info, not access control: */
+       "displayName",
+       "scriptPath",
+       "profilePath",
+       "homeDirectory",
+       "homeDrive",
+       "lastLogon",
+       "lastLogoff",
+       "accountExpires",
+       "badPwdCount",
+       "logonCount",
+       "primaryGroupID",
+       NULL,
+};
+
+const char *domain_ref_attrs[] =  {"nETBIOSName", "nCName", 
+                                         "dnsRoot", "objectClass", NULL};
+
+
+/****************************************************************************
+ Do a specific test for a SAM_ACCOUNT being vaild for this connection 
+ (ie not disabled, expired and the like).
+****************************************************************************/
+_PUBLIC_ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
+                           struct ldb_context *sam_ctx,
+                           uint32_t logon_parameters,
+                           struct ldb_message *msg,
+                           struct ldb_message *msg_domain_ref,
+                           const char *logon_workstation,
+                           const char *name_for_logs)
+{
+       uint16_t acct_flags;
+       const char *workstation_list;
+       NTTIME acct_expiry;
+       NTTIME must_change_time;
+       NTTIME last_set_time;
+
+       struct ldb_dn *domain_dn = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", ldb_dn_new(mem_ctx));
+
+       NTTIME now;
+       DEBUG(4,("authsam_account_ok: Checking SMB password for user %s\n", name_for_logs));
+
+       acct_flags = samdb_result_acct_flags(msg, "userAccountControl");
+       
+       acct_expiry = samdb_result_nttime(msg, "accountExpires", 0);
+       must_change_time = samdb_result_force_password_change(sam_ctx, mem_ctx, 
+                                                             domain_dn, msg);
+       last_set_time = samdb_result_nttime(msg, "pwdLastSet", 0);
+
+       workstation_list = samdb_result_string(msg, "userWorkstations", NULL);
+
+       /* Quit if the account was disabled. */
+       if (acct_flags & ACB_DISABLED) {
+               DEBUG(1,("authsam_account_ok: Account for user '%s' was disabled.\n", name_for_logs));
+               return NT_STATUS_ACCOUNT_DISABLED;
+       }
+
+       /* Quit if the account was locked out. */
+       if (acct_flags & ACB_AUTOLOCK) {
+               DEBUG(1,("authsam_account_ok: Account for user %s was locked out.\n", name_for_logs));
+               return NT_STATUS_ACCOUNT_LOCKED_OUT;
+       }
+
+       /* Test account expire time */
+       unix_to_nt_time(&now, time(NULL));
+       if (now > acct_expiry) {
+               DEBUG(1,("authsam_account_ok: Account for user '%s' has expired.\n", name_for_logs));
+               DEBUG(3,("authsam_account_ok: Account expired at '%s'.\n", 
+                        nt_time_string(mem_ctx, acct_expiry)));
+               return NT_STATUS_ACCOUNT_EXPIRED;
+       }
+
+       if (!(acct_flags & ACB_PWNOEXP)) {
+               /* check for immediate expiry "must change at next logon" */
+               if (must_change_time == 0 && last_set_time != 0) {
+                       DEBUG(1,("sam_account_ok: Account for user '%s' password must change!.\n", 
+                                name_for_logs));
+                       return NT_STATUS_PASSWORD_MUST_CHANGE;
+               }
+
+               /* check for expired password */
+               if ((must_change_time != 0) && (must_change_time < now)) {
+                       DEBUG(1,("sam_account_ok: Account for user '%s' password expired!.\n", 
+                                name_for_logs));
+                       DEBUG(1,("sam_account_ok: Password expired at '%s' unix time.\n", 
+                                nt_time_string(mem_ctx, must_change_time)));
+                       return NT_STATUS_PASSWORD_EXPIRED;
+               }
+       }
+
+       /* Test workstation. Workstation list is comma separated. */
+       if (logon_workstation && workstation_list && *workstation_list) {
+               BOOL invalid_ws = True;
+               int i;
+               const char **workstations = str_list_make(mem_ctx, workstation_list, ",");
+               
+               for (i = 0; workstations && workstations[i]; i++) {
+                       DEBUG(10,("sam_account_ok: checking for workstation match '%s' and '%s'\n",
+                                 workstations[i], logon_workstation));
+
+                       if (strequal(workstations[i], logon_workstation) == 0) {
+                               invalid_ws = False;
+                               break;
+                       }
+               }
+
+               talloc_free(workstations);
+
+               if (invalid_ws) {
+                       return NT_STATUS_INVALID_WORKSTATION;
+               }
+       }
+       
+       if (acct_flags & ACB_DOMTRUST) {
+               DEBUG(2,("sam_account_ok: Domain trust account %s denied by server\n", name_for_logs));
+               return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
+       }
+       
+       if (!(logon_parameters & MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT)) {
+               if (acct_flags & ACB_SVRTRUST) {
+                       DEBUG(2,("sam_account_ok: Server trust account %s denied by server\n", name_for_logs));
+                       return NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT;
+               }
+       }
+       if (!(logon_parameters & MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT)) {
+               if (acct_flags & ACB_WSTRUST) {
+                       DEBUG(4,("sam_account_ok: Wksta trust account %s denied by server\n", name_for_logs));
+                       return NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT;
+               }
+       }
+
+       return NT_STATUS_OK;
+}
+
+_PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx,
+                                 struct ldb_message *msg,
+                                 struct ldb_message *msg_domain_ref,
+                                 DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key,
+                                 struct auth_serversupplied_info **_server_info)
+{
+       struct auth_serversupplied_info *server_info;
+       struct ldb_message **group_msgs;
+       int group_ret;
+       const char *group_attrs[3] = { "sAMAccountType", "objectSid", NULL }; 
+       /* find list of sids */
+       struct dom_sid **groupSIDs = NULL;
+       struct dom_sid *account_sid;
+       struct dom_sid *primary_group_sid;
+       const char *str;
+       struct ldb_dn *ncname;
+       int i;
+       uint_t rid;
+       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+
+       group_ret = gendb_search(sam_ctx,
+                                tmp_ctx, NULL, &group_msgs, group_attrs,
+                                "(&(member=%s)(sAMAccountType=*))", 
+                                ldb_dn_linearize(tmp_ctx, msg->dn));
+       if (group_ret == -1) {
+               talloc_free(tmp_ctx);
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+
+       server_info = talloc(mem_ctx, struct auth_serversupplied_info);
+       NT_STATUS_HAVE_NO_MEMORY(server_info);
+       
+       if (group_ret > 0) {
+               groupSIDs = talloc_array(server_info, struct dom_sid *, group_ret);
+               NT_STATUS_HAVE_NO_MEMORY(groupSIDs);
+       }
+
+       /* Need to unroll some nested groups, but not aliases */
+       for (i = 0; i < group_ret; i++) {
+               groupSIDs[i] = samdb_result_dom_sid(groupSIDs, 
+                                                   group_msgs[i], "objectSid");
+               NT_STATUS_HAVE_NO_MEMORY(groupSIDs[i]);
+       }
+
+       talloc_free(tmp_ctx);
+
+       account_sid = samdb_result_dom_sid(server_info, msg, "objectSid");
+       NT_STATUS_HAVE_NO_MEMORY(account_sid);
+
+       primary_group_sid = dom_sid_dup(server_info, account_sid);
+       NT_STATUS_HAVE_NO_MEMORY(primary_group_sid);
+
+       rid = samdb_result_uint(msg, "primaryGroupID", ~0);
+       if (rid == ~0) {
+               if (group_ret > 0) {
+                       primary_group_sid = groupSIDs[0];
+               } else {
+                       primary_group_sid = NULL;
+               }
+       } else {
+               primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid;
+       }
+
+       server_info->account_sid = account_sid;
+       server_info->primary_group_sid = primary_group_sid;
+       
+       server_info->n_domain_groups = group_ret;
+       server_info->domain_groups = groupSIDs;
+
+       server_info->account_name = talloc_steal(server_info, samdb_result_string(msg, "sAMAccountName", NULL));
+
+       server_info->domain_name = talloc_steal(server_info, samdb_result_string(msg_domain_ref, "nETBIOSName", NULL));
+
+       str = samdb_result_string(msg, "displayName", "");
+       server_info->full_name = talloc_strdup(server_info, str);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
+
+       str = samdb_result_string(msg, "scriptPath", "");
+       server_info->logon_script = talloc_strdup(server_info, str);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
+
+       str = samdb_result_string(msg, "profilePath", "");
+       server_info->profile_path = talloc_strdup(server_info, str);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
+
+       str = samdb_result_string(msg, "homeDirectory", "");
+       server_info->home_directory = talloc_strdup(server_info, str);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
+
+       str = samdb_result_string(msg, "homeDrive", "");
+       server_info->home_drive = talloc_strdup(server_info, str);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
+
+       server_info->logon_server = talloc_strdup(server_info, lp_netbios_name());
+       NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
+
+       server_info->last_logon = samdb_result_nttime(msg, "lastLogon", 0);
+       server_info->last_logoff = samdb_result_nttime(msg, "lastLogoff", 0);
+       server_info->acct_expiry = samdb_result_nttime(msg, "accountExpires", 0);
+       server_info->last_password_change = samdb_result_nttime(msg, "pwdLastSet", 0);
+
+       ncname = samdb_result_dn(mem_ctx, msg_domain_ref, "nCName", NULL);
+       if (!ncname) {
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+       server_info->allow_password_change
+               = samdb_result_allow_password_change(sam_ctx, mem_ctx, 
+                                                    ncname, msg, "pwdLastSet");
+       server_info->force_password_change
+               = samdb_result_force_password_change(sam_ctx, mem_ctx, 
+                                                    ncname, msg);
+       
+       server_info->logon_count = samdb_result_uint(msg, "logonCount", 0);
+       server_info->bad_password_count = samdb_result_uint(msg, "badPwdCount", 0);
+
+       server_info->acct_flags = samdb_result_acct_flags(msg, "userAccountControl");
+
+       server_info->user_session_key = user_sess_key;
+       server_info->lm_session_key = lm_sess_key;
+
+       server_info->authenticated = True;
+
+       *_server_info = server_info;
+
+       return NT_STATUS_OK;
+}
+
+_PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
+                                  TALLOC_CTX *mem_ctx, const char *principal,
+                                  struct ldb_message ***msgs,
+                                  struct ldb_message ***msgs_domain_ref)
+{                         
+       struct ldb_dn *user_dn, *domain_dn;
+       NTSTATUS nt_status;
+       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+       int ret;
+
+       if (!tmp_ctx) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       nt_status = crack_user_principal_name(sam_ctx, tmp_ctx, principal, &user_dn, &domain_dn);
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               talloc_free(tmp_ctx);
+               return nt_status;
+       }
+       
+       /* grab domain info from the reference */
+       ret = gendb_search(sam_ctx, tmp_ctx, NULL, msgs_domain_ref, domain_ref_attrs,
+                          "(ncName=%s)", ldb_dn_linearize(tmp_ctx, domain_dn));
+
+       if (ret != 1) {
+               talloc_free(tmp_ctx);
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+       
+       /* pull the user attributes */
+       ret = gendb_search_dn(sam_ctx, tmp_ctx, user_dn, msgs, user_attrs);
+       if (ret != 1) {
+               talloc_free(tmp_ctx);
+               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+       }
+       talloc_steal(mem_ctx, *msgs);
+       talloc_steal(mem_ctx, *msgs_domain_ref);
+       talloc_free(tmp_ctx);
+       
+       return NT_STATUS_OK;
+}
+                                  
+/* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
+NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, const char *principal,
+                                      struct auth_serversupplied_info **server_info)
+{
+       NTSTATUS nt_status;
+       DATA_BLOB user_sess_key = data_blob(NULL, 0);
+       DATA_BLOB lm_sess_key = data_blob(NULL, 0);
+
+       struct ldb_message **msgs;
+       struct ldb_message **msgs_domain_ref;
+       struct ldb_context *sam_ctx;
+
+       TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+       if (!tmp_ctx) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       sam_ctx = samdb_connect(tmp_ctx, system_session(tmp_ctx));
+       if (sam_ctx == NULL) {
+               talloc_free(tmp_ctx);
+               return NT_STATUS_INVALID_SYSTEM_SERVICE;
+       }
+
+       nt_status = sam_get_results_principal(sam_ctx, tmp_ctx, principal, 
+                                             &msgs, &msgs_domain_ref);
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               return nt_status;
+       }
+
+       nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], msgs_domain_ref[0],
+                                            user_sess_key, lm_sess_key,
+                                            server_info);
+       if (NT_STATUS_IS_OK(nt_status)) {
+               talloc_steal(mem_ctx, *server_info);
+       }
+       talloc_free(tmp_ctx);
+       return nt_status;
+}
diff --git a/source4/build/smb_build/TODO b/source4/build/smb_build/TODO
index 3ded8265396e8fd562d76d72ae05846af980898f..c21c3b8082bad932fa3b2c9843a8344b18b47144 100644 (file)
--- a/source4/build/smb_build/TODO
+++ b/source4/build/smb_build/TODO
@@ -1,4 +1,6 @@
 - let the build system implement some make functions($(patsubst),$(wildcard),...) and use our own implementations where `make' does not support them
+- include extra_flags.txt using Makefile construction if 
+  supported by current make
 - change default subsystem/library build type to STATIC_LIBRARY
  - fix order of UNIQUE_DEPENDENCIES
 - make --enable-dso the default
diff --git a/source4/build/smb_build/input.pm b/source4/build/smb_build/input.pm
index 09721f3a494190c4a50eb67fa822ed03bb4bc17d..887677243d44fa23ffe62e0e80a2ec48a90a1b52 100644 (file)
--- a/source4/build/smb_build/input.pm
+++ b/source4/build/smb_build/input.pm
@@ -65,10 +65,7 @@ sub check_module($$$)
                $mod->{INIT_FUNCTION_TYPE} = "NTSTATUS (*) (void)";
        }
 
-       if (defined($mod->{CHOSEN_BUILD}) and $mod->{CHOSEN_BUILD} ne "DEFAULT") 
-       {
-               $mod->{OUTPUT_TYPE} = $mod->{CHOSEN_BUILD};
-       } elsif (not defined($mod->{OUTPUT_TYPE})) {
+       if (not defined($mod->{OUTPUT_TYPE})) {
                $mod->{OUTPUT_TYPE} = $default_ot;
        }
 
@@ -76,8 +73,7 @@ sub check_module($$$)
                $mod->{INSTALLDIR} = "MODULESDIR/$mod->{SUBSYSTEM}";
                push (@{$mod->{PRIVATE_DEPENDENCIES}}, $mod->{SUBSYSTEM}) unless 
                        $INPUT->{$mod->{SUBSYSTEM}}->{TYPE} eq "BINARY";
-       } else {
-               push (@{$INPUT->{$mod->{SUBSYSTEM}}{PRIVATE_DEPENDENCIES}}, $mod->{NAME});
+       } else { 
                push (@{$INPUT->{$mod->{SUBSYSTEM}}{INIT_FUNCTIONS}}, $mod->{INIT_FUNCTION}) if defined($mod->{INIT_FUNCTION});
        }
 }
@@ -118,17 +114,33 @@ sub check_binary($$)
        $bin->{OUTPUT_TYPE} = "BINARY";
 }
 
+
+sub import_integrated($$)
+{
+       my ($lib, $depend) = @_;
+
+       foreach my $mod (values %$depend) {
+               next if(not defined($mod->{SUBSYSTEM}));
+               next if($mod->{SUBSYSTEM} ne $lib->{NAME});
+               next if($mod->{ENABLE} ne "YES");
+
+               push (@{$lib->{FULL_OBJ_LIST}}, "\$($mod->{TYPE}_$mod->{NAME}_OBJ_LIST)");
+               push (@{$lib->{LINK_FLAGS}}, "\$($mod->{TYPE}_$mod->{NAME}_LINK_FLAGS)");
+               push (@{$lib->{PRIVATE_DEPENDENCIES}}, @{$mod->{PUBLIC_DEPENDENCIES}}) if defined($mod->{PUBLIC_DEPENDENCIES});
+               push (@{$lib->{PRIVATE_DEPENDENCIES}}, @{$mod->{PRIVATE_DEPENDENCIES}}) if defined($mod->{PRIVATE_DEPENDENCIES});
+
+               $mod->{ENABLE} = "NO";
+       }
+}
+
 sub calc_unique_deps($$$$$$)
 {
        sub calc_unique_deps($$$$$$);
        my ($name, $INPUT, $deps, $udeps, $withlibs, $busy) = @_;
 
        foreach my $n (@$deps) {
-               if (grep (/^$n$/, @$busy)) {
-               #       print "($name) BUSY: $n, list: " . join(',', @$busy) . "\n";
-               #       die("Recursive dependency for $dep->{NAME}");
-                       next;
-               }
+               die("Dependency unknown: $n") unless (defined($INPUT->{$n}));
+               die("Recursive dependency: $n, list: " . join(',', @$busy)) if (grep (/^$n$/, @$busy));
                next if (grep /^$n$/, @$udeps);
                my $dep = $INPUT->{$n};
 
@@ -136,6 +148,7 @@ sub calc_unique_deps($$$$$$)
                        ($withlibs or 
                        ($dep->{OUTPUT_TYPE} eq "OBJ_LIST") or 
                        ($dep->{OUTPUT_TYPE} eq "MERGEDOBJ") or 
+                       ($dep->{OUTPUT_TYPE} eq "INTEGRATED") or 
                        ($dep->{OUTPUT_TYPE} eq "STATIC_LIBRARY"))) {
                                push (@$busy, $dep->{NAME});
                                calc_unique_deps($dep->{NAME}, $INPUT, $dep->{PUBLIC_DEPENDENCIES}, $udeps, $withlibs, $busy);
@@ -143,9 +156,7 @@ sub calc_unique_deps($$$$$$)
                                pop (@$busy);
                }
 
-               # FIXME: Insert at the right position
-               push (@{$udeps}, $dep->{NAME});
-
+               unshift (@{$udeps}, $dep->{NAME});
        }
 }
 
@@ -191,12 +202,18 @@ sub check($$$$$)
        foreach my $k (keys %$INPUT) {
                my $part = $INPUT->{$k};
 
+               $part->{FULL_OBJ_LIST} = ["\$($part->{TYPE}_$part->{NAME}_OBJ_LIST)"];
+
                check_subsystem($INPUT, $part, $subsys_ot) if ($part->{TYPE} eq "SUBSYSTEM");
                check_module($INPUT, $part, $module_ot) if ($part->{TYPE} eq "MODULE");
                check_library($INPUT, $part, $lib_ot) if ($part->{TYPE} eq "LIBRARY");
                check_binary($INPUT, $part) if ($part->{TYPE} eq "BINARY");
        }
 
+       foreach my $part (values %$INPUT) {
+               import_integrated($part, $INPUT);
+       }
+
        foreach my $part (values %$INPUT) {
                $part->{UNIQUE_DEPENDENCIES} = [];
                calc_unique_deps($part->{NAME}, $INPUT, $part->{PUBLIC_DEPENDENCIES}, $part->{UNIQUE_DEPENDENCIES}, 0, []);
diff --git a/source4/build/smb_build/main.pl b/source4/build/smb_build/main.pl
index 4f6787eaf8f79eefcd85d81e20d9fb9aae29999d..ec4ad0995e1c600f721adbd316e7491381102531 100644 (file)
--- a/source4/build/smb_build/main.pl
+++ b/source4/build/smb_build/main.pl
@@ -45,10 +45,8 @@ if (defined($ENV{"MODULE_OUTPUT_TYPE"})) {
        $module_output_type = $ENV{MODULE_OUTPUT_TYPE};
 } elsif ($config::config{BLDSHARED} eq "true") {
        $module_output_type = "SHARED_LIBRARY";
-} elsif ($config::config{BLDMERGED} eq "true") {
-       $module_output_type = "MERGEDOBJ";
 } else {
-       $module_output_type = "OBJ_LIST";
+       $module_output_type = "INTEGRATED";
 }
 
 my $DEPEND = smb_build::input::check($INPUT, \%config::enabled, 
@@ -59,6 +57,13 @@ $config::config{LIBRARY_OUTPUT_TYPE} = $library_output_type;
 $config::config{MODULE_OUTPUT_TYPE} = $module_output_type;
 my $mkenv = new smb_build::makefile(\%config::config, $mkfile);
 
+
+foreach my $key (values %$OUTPUT) {
+       next unless defined $key->{OUTPUT_TYPE};
+
+       $mkenv->Integrated($key) if $key->{OUTPUT_TYPE} eq "INTEGRATED";
+}
+
 foreach my $key (values %$OUTPUT) {
        next unless defined $key->{OUTPUT_TYPE};
 
diff --git a/source4/build/smb_build/makefile.pm b/source4/build/smb_build/makefile.pm
index aa9f93fc2d2d71caf2003f22dc35c56de5c9ccd9..83a1f28b0ca0264576f03e553b63a1a9baf9407f 100644 (file)
--- a/source4/build/smb_build/makefile.pm
+++ b/source4/build/smb_build/makefile.pm
@@ -197,6 +197,14 @@ sub _prepare_list($$$)
        $self->output("$ctx->{TYPE}\_$ctx->{NAME}_$var =$tmplist\n");
 }
 
+sub Integrated($$)
+{
+       my ($self,$ctx) = @_;
+
+       $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "LINK_FLAGS");
+}
+
 sub SharedLibrary($$)
 {
        my ($self,$ctx) = @_;
@@ -231,11 +239,11 @@ sub SharedLibrary($$)
        }
 
        $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "FULL_OBJ_LIST");
        $self->_prepare_list($ctx, "DEPEND_LIST");
-       $self->_prepare_list($ctx, "LINK_LIST");
        $self->_prepare_list($ctx, "LINK_FLAGS");
 
-       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)");
+       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)");
 
        if ($ctx->{TYPE} eq "MODULE" and defined($ctx->{INIT_FUNCTION})) {
                my $init_fn = $ctx->{INIT_FUNCTION_TYPE};
@@ -270,12 +278,12 @@ __EOD__
                $self->output(<< "__EOD__"
 #
 
-$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) $init_obj
+$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST) $init_obj
        \@echo Linking \$\@
        \@mkdir -p $ctx->{DEBUGDIR}
        \@\$(SHLD) \$(SHLD_FLAGS) -o \$\@ \$(LOCAL_LINK_FLAGS) \\
                \$($ctx->{TYPE}_$ctx->{NAME}_LINK_FLAGS) $soarg \\
-               $init_obj \$($ctx->{TYPE}_$ctx->{NAME}_LINK_LIST)$soargdebug
+               $init_obj $soargdebug
 __EOD__
 );
                if (defined($ctx->{ALIASES})) {
@@ -297,12 +305,12 @@ __EOD__
        $self->output(<< "__EOD__"
 #
 
-$installdir/$ctx->{LIBRARY_REALNAME}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) $init_obj
+$installdir/$ctx->{LIBRARY_REALNAME}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST) $init_obj
        \@echo Linking \$\@
        \@mkdir -p $installdir
        \@\$(SHLD) \$(SHLD_FLAGS) -o \$\@ \$(INSTALL_LINK_FLAGS) \\
                \$($ctx->{TYPE}_$ctx->{NAME}_LINK_FLAGS) $soarg \\
-               $init_obj \$($ctx->{TYPE}_$ctx->{NAME}_LINK_LIST)$singlesoarg
+               $init_obj $singlesoarg
 
 __EOD__
 );
@@ -312,17 +320,18 @@ sub MergedObj($$)
 {
        my ($self,$ctx) = @_;
 
-       return unless $ctx->{TARGET};
-
        $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "FULL_OBJ_LIST");
        $self->_prepare_list($ctx, "DEPEND_LIST");
 
-       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)");
+       return unless $ctx->{TARGET};
+
+       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)");
                
-       $self->output("$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)\n");
+       $self->output("$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)\n");
 
        $self->output("\t\@echo \"Pre-Linking $ctx->{TYPE} $ctx->{NAME}\"\n");
-       $self->output("\t@\$(LD) -r \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) -o $ctx->{TARGET}\n");
+       $self->output("\t@\$(LD) -r \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST) -o $ctx->{TARGET}\n");
        $self->output("\n");
 }
 
@@ -332,12 +341,13 @@ sub ObjList($$)
 
        return unless $ctx->{TARGET};
 
-       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)");
+       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)");
                
        $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "FULL_OBJ_LIST");
        $self->_prepare_list($ctx, "DEPEND_LIST");
        $self->output("$ctx->{TARGET}: ");
-       $self->output("\$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)\n");
+       $self->output("\$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)\n");
        $self->output("\t\@touch $ctx->{TARGET}\n");
 }
 
@@ -348,19 +358,17 @@ sub StaticLibrary($$)
        push (@{$self->{static_libs}}, $ctx->{TARGET});
 
        $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "FULL_OBJ_LIST");
 
-       $self->_prepare_list($ctx, "DEPEND_LIST");
-       $self->_prepare_list($ctx, "LINK_LIST");
        $self->_prepare_list($ctx, "LINK_FLAGS");
 
-       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)");
+       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)");
                
        $self->output(<< "__EOD__"
 #
-$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) 
+$ctx->{TARGET}: \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)
        \@echo Linking \$@
-       \@\$(STLD) \$(STLD_FLAGS) \$@ \\
-               \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)
+       \@\$(STLD) \$(STLD_FLAGS) \$@ \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)
 
 __EOD__
 );
@@ -391,7 +399,7 @@ sub Binary($$)
                $installdir = "bin";
        }
 
-       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST)");
+       push(@{$self->{all_objs}}, "\$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST)");
                
        unless (defined($ctx->{INSTALLDIR})) {
        } elsif ($ctx->{INSTALLDIR} eq "SBINDIR") {
@@ -403,17 +411,16 @@ sub Binary($$)
        push (@{$self->{binaries}}, "bin/$ctx->{BINARY}");
 
        $self->_prepare_list($ctx, "OBJ_LIST");
+       $self->_prepare_list($ctx, "FULL_OBJ_LIST");
        $self->_prepare_list($ctx, "DEPEND_LIST");
-       $self->_prepare_list($ctx, "LINK_LIST");
        $self->_prepare_list($ctx, "LINK_FLAGS");
 
        if ($self->{duplicate_build}) {
        $self->output(<< "__EOD__"
 #
-bin/$ctx->{BINARY}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) 
+bin/$ctx->{BINARY}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST) 
        \@echo Linking \$\@
        \@\$(CC) \$(LDFLAGS) -o \$\@ \$(LOCAL_LINK_FLAGS) \$(INSTALL_LINK_FLAGS) \\
-               \$\($ctx->{TYPE}_$ctx->{NAME}_LINK_LIST) \\
                \$\($ctx->{TYPE}_$ctx->{NAME}_LINK_FLAGS) 
 
 __EOD__
@@ -421,10 +428,9 @@ __EOD__
        }
 
 $self->output(<< "__EOD__"
-$installdir/$ctx->{BINARY}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_OBJ_LIST) 
+$installdir/$ctx->{BINARY}: \$($ctx->{TYPE}_$ctx->{NAME}_DEPEND_LIST) \$($ctx->{TYPE}_$ctx->{NAME}_FULL_OBJ_LIST) 
        \@echo Linking \$\@
        \@\$(CC) \$(LDFLAGS) -o \$\@ \$(INSTALL_LINK_FLAGS) \\
-               \$\($ctx->{TYPE}_$ctx->{NAME}_LINK_LIST) \\
                \$\($ctx->{TYPE}_$ctx->{NAME}_LINK_FLAGS) 
 
 __EOD__
diff --git a/source4/build/smb_build/output.pm b/source4/build/smb_build/output.pm
index de122ee9a08142a08020d3e8b9d16e7d56068234..ba8359a72b5edc98f093d9da3df09c823862d768 100644 (file)
--- a/source4/build/smb_build/output.pm
+++ b/source4/build/smb_build/output.pm
@@ -16,8 +16,10 @@ sub add_dir($$)
        $dir =~ s/^\.\///g;
        
        foreach (@$files) {
-               $_ = "$dir/$_";
-               s/([^\/\.]+)\/\.\.\///g;
+               if (substr($_, 0, 1) ne "\$") {
+                       $_ = "$dir/$_";
+                       s/([^\/\.]+)\/\.\.\///g;
+               }
                push (@ret, $_);
        }
        
@@ -45,8 +47,8 @@ sub generate_shared_library($)
        my $link_name;
        my $lib_name;
 
-       @{$lib->{DEPEND_LIST}} = ();
-       @{$lib->{LINK_LIST}} = ("\$($lib->{TYPE}_$lib->{NAME}\_OBJ_LIST)");
+       $lib->{DEPEND_LIST} = [];
+       $lib->{LINK_FLAGS} = ["\$($lib->{TYPE}_$lib->{NAME}\_OBJ_LIST)"];
 
        $link_name = lc($lib->{NAME});
        $lib_name = $link_name;
@@ -77,8 +79,8 @@ sub generate_shared_library($)
        }
 
        if (defined($lib->{VERSION})) {
-               $lib->{LIBRARY_SONAME} = $lib->{LIBRARY_REALNAME}.".$lib->{SO_VERSION}";
-               $lib->{LIBRARY_REALNAME} = $lib->{LIBRARY_REALNAME}.".$lib->{VERSION}";
+               $lib->{LIBRARY_SONAME} = "$lib->{LIBRARY_REALNAME}.$lib->{SO_VERSION}";
+               $lib->{LIBRARY_REALNAME} = "$lib->{LIBRARY_REALNAME}.$lib->{VERSION}";
        } 
        
        $lib->{TARGET} = "$lib->{DEBUGDIR}/$lib->{LIBRARY_REALNAME}";
@@ -90,14 +92,13 @@ sub generate_static_library($)
        my $lib = shift;
        my $link_name;
 
-       @{$lib->{DEPEND_LIST}} = ();
+       $lib->{DEPEND_LIST} = [];
 
        $link_name = $lib->{NAME};
        $link_name =~ s/^LIB//;
 
        $lib->{LIBRARY_NAME} = "lib".lc($link_name).".a";
-       @{$lib->{LINK_LIST}} = ("\$($lib->{TYPE}_$lib->{NAME}\_OBJ_LIST)");
-       @{$lib->{LINK_FLAGS}} = ();
+       $lib->{LINK_FLAGS} = ["\$($lib->{TYPE}_$lib->{NAME}\_OBJ_LIST)"];
 
        $lib->{TARGET} = "bin/$lib->{LIBRARY_NAME}";
        $lib->{OUTPUT} = "-l".lc($link_name);
@@ -107,9 +108,8 @@ sub generate_binary($)
 {
        my $bin = shift;
 
-       @{$bin->{DEPEND_LIST}} = ();
-       @{$bin->{LINK_LIST}} = ("\$($bin->{TYPE}_$bin->{NAME}\_OBJ_LIST)");
-       @{$bin->{LINK_FLAGS}} = ();
+       $bin->{DEPEND_LIST} = [];
+       $bin->{LINK_FLAGS} = ["\$($bin->{TYPE}_$bin->{NAME}\_OBJ_LIST)"];
 
        $bin->{RELEASEDIR} = "bin/install";
        $bin->{DEBUGDIR} = "bin/";
@@ -117,17 +117,16 @@ sub generate_binary($)
        $bin->{BINARY} = $bin->{NAME};
 }
 
+
 sub create_output($$)
 {
        my ($depend, $config) = @_;
        my $part;
 
        foreach $part (values %{$depend}) {
-               next if not defined($part->{OUTPUT_TYPE});
+               next unless(defined($part->{OUTPUT_TYPE}));
 
                # Combine object lists
-               push(@{$part->{OBJ_LIST}}, add_dir($part->{BASEDIR}, $part->{INIT_OBJ_FILES})) if defined($part->{INIT_OBJ_FILES});
-               push(@{$part->{OBJ_LIST}}, add_dir($part->{BASEDIR}, $part->{ADD_OBJ_FILES})) if defined($part->{ADD_OBJ_FILES});
                push(@{$part->{OBJ_LIST}}, add_dir($part->{BASEDIR}, $part->{OBJ_FILES})) if defined($part->{OBJ_FILES});
 
                if ((not defined($part->{OBJ_LIST}) or 
@@ -161,7 +160,7 @@ sub create_output($$)
                        my $elem = $depend->{$_};
                        next if $elem == $part;
 
-                       push(@{$part->{LINK_LIST}}, $elem->{OUTPUT}) if defined($elem->{OUTPUT});
+                       push(@{$part->{LINK_FLAGS}}, $elem->{OUTPUT}) if defined($elem->{OUTPUT});
                        push(@{$part->{LINK_FLAGS}}, @{$elem->{LIBS}}) if defined($elem->{LIBS});
                        push(@{$part->{LINK_FLAGS}},@{$elem->{LDFLAGS}}) if defined($elem->{LDFLAGS});
                        push(@{$part->{DEPEND_LIST}}, $elem->{TARGET}) if defined($elem->{TARGET});
@@ -177,6 +176,7 @@ sub create_output($$)
                }
        }
 
+
        return $depend;
 }
 
diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk
index e0426167e3ace29dd537bdc34f2a7258af6ba492..5d7029b77ade76113fffdc220e08119372b8dd0b 100644 (file)
--- a/source4/dsdb/config.mk
+++ b/source4/dsdb/config.mk
@@ -7,7 +7,7 @@ include samdb/ldb_modules/config.mk
 [SUBSYSTEM::SAMDB]
 PUBLIC_PROTO_HEADER = samdb/samdb_proto.h
 PUBLIC_HEADERS = samdb/samdb.h
-PUBLIC_DEPENDENCIES = ldb LIBCLI_LDAP
+PUBLIC_DEPENDENCIES = ldb LIBCLI_LDAP HEIMDAL_KRB5
 OBJ_FILES = \
                samdb/samdb.o \
                samdb/samdb_privilege.o \
diff --git a/source4/lib/charset/util_unistr.c b/source4/lib/charset/util_unistr.c
index faa1398eac71e024dc3c6ed178c7cd608883dc77..f55e39085667713bf3b56e8c4c45eae24ef47278 100644 (file)
--- a/source4/lib/charset/util_unistr.c
+++ b/source4/lib/charset/util_unistr.c
@@ -613,3 +613,22 @@ _PUBLIC_ void strupper_m(char *s)
        *d = 0;
 }
 
+
+/**
+ Find the number of 'c' chars in a string
+**/
+_PUBLIC_ size_t count_chars_w(const char *s, char c)
+{
+       size_t count = 0;
+
+       while (*s) {
+               size_t size;
+               codepoint_t c2 = next_codepoint(s, &size);
+               if (c2 == c) count++;
+               s += size;
+       }
+
+       return count;
+}
+
+
diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk
index 00344f68f68563a115ff28ea9071c0f85d5a5dac..224dd32142f8827c252007f859aafb483d5ca105 100644 (file)
--- a/source4/lib/ldb/config.mk
+++ b/source4/lib/ldb/config.mk
@@ -177,7 +177,7 @@ OBJ_FILES = \
 OBJ_FILES= \
                tools/cmdline.o
 PUBLIC_DEPENDENCIES = ldb LIBSAMBA-UTIL LIBPOPT POPT_SAMBA POPT_CREDENTIALS
-PRIVATE_DEPENDENCIES = gensec
+PRIVATE_DEPENDENCIES = gensec LIBCLI_RESOLVE
 # End SUBSYSTEM LIBLDB_CMDLINE
 ################################################
 
diff --git a/source4/lib/registry/config.mk b/source4/lib/registry/config.mk
index 44437dfa69eac77b382c10c8031cd25e78387644..89a77c231ead14b8f4808461dc26b877641bb55a 100644 (file)
--- a/source4/lib/registry/config.mk
+++ b/source4/lib/registry/config.mk
@@ -53,7 +53,7 @@ PUBLIC_DEPENDENCIES = LIBTALLOC
 [MODULE::registry_rpc]
 INIT_FUNCTION = registry_rpc_init
 PRIVATE_PROTO_HEADER = reg_backend_rpc.h
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 SUBSYSTEM = registry
 OBJ_FILES = \
                reg_backend_rpc.o
diff --git a/source4/lib/registry/registry.h b/source4/lib/registry/registry.h
index b556829880b0de83a67f635ed3e73ccc27d5dc19..385b0e7d6f92915c250ea434ebeb9ceb9417ff63 100644 (file)
--- a/source4/lib/registry/registry.h
+++ b/source4/lib/registry/registry.h
@@ -169,6 +169,7 @@ struct reg_diff
 };
 
 struct auth_session_info;
+struct event_context;
 
 #include "lib/registry/registry_proto.h"
 
diff --git a/source4/lib/socket/config.mk b/source4/lib/socket/config.mk
index 25838c58cc6416da29b93be4c4ddb5bff3deaa7c..bbac1ff6d19151a14d966b7732b64d6ca690e8d5 100644 (file)
--- a/source4/lib/socket/config.mk
+++ b/source4/lib/socket/config.mk
@@ -3,7 +3,7 @@
 # Start MODULE socket_ipv4
 [MODULE::socket_ipv4]
 SUBSYSTEM = SOCKET
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 OBJ_FILES = \
                socket_ipv4.o
 PUBLIC_DEPENDENCIES = EXT_SOCKET
@@ -15,7 +15,7 @@ PRIVATE_DEPENDENCIES = LIBSAMBA-ERRORS
 # Start MODULE socket_ipv6
 [MODULE::socket_ipv6]
 SUBSYSTEM = SOCKET
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 OBJ_FILES = \
                socket_ipv6.o
 PUBLIC_DEPENDENCIES = EXT_SOCKET
@@ -26,7 +26,7 @@ PUBLIC_DEPENDENCIES = EXT_SOCKET
 # Start MODULE socket_unix
 [MODULE::socket_unix]
 SUBSYSTEM = SOCKET
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 OBJ_FILES = \
                socket_unix.o
 PUBLIC_DEPENDENCIES = EXT_SOCKET
@@ -42,6 +42,7 @@ OBJ_FILES = \
                connect_multi.o \
                connect.o
 PUBLIC_DEPENDENCIES = LIBTALLOC
-PRIVATE_DEPENDENCIES = SOCKET_WRAPPER LIBCLI_COMPOSITE
+PRIVATE_DEPENDENCIES = SOCKET_WRAPPER LIBCLI_COMPOSITE 
+#LIBCLI_RESOLVE
 # End SUBSYSTEM SOCKET
 ################################################
diff --git a/source4/lib/util/util_str.c b/source4/lib/util/util_str.c
index 9de27c07771df2e0ee7fa2b68cc1b345e2406468..60419e0510ab7f3c04919c065626b1f9c4056a8f 100644 (file)
--- a/source4/lib/util/util_str.c
+++ b/source4/lib/util/util_str.c
@@ -81,15 +81,15 @@ _PUBLIC_ size_t count_chars(const char *s, char c)
        size_t count = 0;
 
        while (*s) {
-               size_t size;
-               codepoint_t c2 = next_codepoint(s, &size);
-               if (c2 == c) count++;
-               s += size;
+               if (*s == c) count++;
+               s ++;
        }
 
        return count;
 }
 
+
+
 /**
  Safe string copy into a known length string. maxlength does not
  include the terminating zero.
@@ -433,12 +433,12 @@ _PUBLIC_ void rfc1738_unescape(char *buf)
 {
        char *p=buf;
 
-       while ((p=strchr_m(p,'+')))
+       while ((p=strchr(p,'+')))
                *p = ' ';
 
        p = buf;
 
-       while (p && *p && (p=strchr_m(p,'%'))) {
+       while (p && *p && (p=strchr(p,'%'))) {
                int c1 = p[1];
                int c2 = p[2];
 
diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk
index c62f30dd20cff88bf95c7c120acc8116e3e55e91..a75cf3bace0e2af22def5eff24c33ac07dce93aa 100644 (file)
--- a/source4/libcli/config.mk
+++ b/source4/libcli/config.mk
@@ -86,11 +86,12 @@ PUBLIC_DEPENDENCIES = NDR_WINSREPL SOCKET LIBEVENTS
 PRIVATE_PROTO_HEADER = resolve/proto.h
 OBJ_FILES = \
        resolve/resolve.o \
-       resolve/nbtlist.o \
        resolve/bcast.o \
+       resolve/nbtlist.o \
        resolve/wins.o \
        resolve/host.o
-PUBLIC_DEPENDENCIES = LIBCLI_NBT LIBNETIF
+PUBLIC_DEPENDENCIES = LIBNETIF
+PRIVATE_DEPENDENCIES = LIBCLI_NBT 
 
 [SUBSYSTEM::LIBCLI_FINDDCS]
 PRIVATE_PROTO_HEADER = finddcs.h
@@ -120,6 +121,7 @@ OBJ_FILES = clireadwrite.o \
 
 [SUBSYSTEM::LIBCLI_RAW]
 PRIVATE_PROTO_HEADER = raw/raw_proto.h
+PRIVATE_DEPENDENCIES = LIBCLI_COMPOSITE
 PUBLIC_DEPENDENCIES = LIBCLI_RAW_KRB5
 OBJ_FILES = raw/rawfile.o \
                raw/smb_signing.o \
diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk
index c187cfdb49593013d767b40728d988fa95a928fa..b85700528cfe1949e25352c5eecde84f7c243b1f 100644 (file)
--- a/source4/rpc_server/config.mk
+++ b/source4/rpc_server/config.mk
@@ -123,7 +123,7 @@ PUBLIC_DEPENDENCIES = \
 [MODULE::dcerpc_winreg]
 INIT_FUNCTION = dcerpc_server_winreg_init
 SUBSYSTEM = dcerpc_server
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 OBJ_FILES = \
                winreg/rpc_winreg.o
 PUBLIC_DEPENDENCIES = \
@@ -141,7 +141,8 @@ OBJ_FILES = \
 PUBLIC_DEPENDENCIES = \
                DCERPC_COMMON \
                SCHANNELDB \
-               NDR_NETLOGON
+               NDR_NETLOGON \
+               auth_sam
 # End MODULE dcerpc_netlogon
 ################################################
 
@@ -164,7 +165,7 @@ PUBLIC_DEPENDENCIES = \
 [MODULE::dcerpc_spoolss]
 INIT_FUNCTION = dcerpc_server_spoolss_init
 SUBSYSTEM = dcerpc_server
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 OBJ_FILES = \
                spoolss/dcesrv_spoolss.o
 PUBLIC_DEPENDENCIES = \
@@ -218,8 +219,7 @@ OBJ_FILES = \
 PUBLIC_DEPENDENCIES = \
                LIBCLI_AUTH \
                LIBNDR \
-               dcerpc \
-               service
+               dcerpc
 #
 # End SUBSYSTEM DCERPC
 ################################################
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 9f1b84f77efe5a7ef0841eb710b0ed986ff39416..dc9537e66c09f438dbace05eb78a1ed5022d87e4 100644 (file)
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -25,6 +25,7 @@
 #include "rpc_server/dcerpc_server.h"
 #include "rpc_server/common/common.h"
 #include "lib/ldb/include/ldb.h"
+#include "auth/auth_sam.h"
 #include "auth/auth.h"
 #include "dsdb/samdb/samdb.h"
 #include "rpc_server/samr/proto.h"
diff --git a/source4/smbd/config.mk b/source4/smbd/config.mk
index 3033ed1bb0f35859e27c4f59a6912142510152a6..8238fe53840d7f19c067d37e92042411da47e5ea 100644 (file)
--- a/source4/smbd/config.mk
+++ b/source4/smbd/config.mk
@@ -14,7 +14,7 @@ PUBLIC_DEPENDENCIES = \
 # Start MODULE service_smb
 [MODULE::service_smb]
 INIT_FUNCTION = server_service_smb_init
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 SUBSYSTEM = service
 PUBLIC_DEPENDENCIES = \
                SMB_SERVER
@@ -26,7 +26,7 @@ PUBLIC_DEPENDENCIES = \
 [MODULE::service_rpc]
 INIT_FUNCTION = server_service_rpc_init
 SUBSYSTEM = service
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 PUBLIC_DEPENDENCIES = \
                dcerpc_server
 # End MODULE server_rpc
@@ -129,6 +129,10 @@ PRIVATE_DEPENDENCIES = \
                LIBSAMBA-UTIL \
                PIDFILE \
                POPT_SAMBA \
-               LIBPOPT
+               LIBPOPT \
+               gensec \
+               registry \
+               ntptr \
+               ntvfs
 # End BINARY smbd
 #################################
diff --git a/source4/torture/config.mk b/source4/torture/config.mk
index bf5b6ef2fb53229f83cd7153091dd50f910ef7e7..09790a686d394fadd4f79457823240462143b782 100644 (file)
--- a/source4/torture/config.mk
+++ b/source4/torture/config.mk
@@ -103,7 +103,7 @@ PUBLIC_DEPENDENCIES = \
 
 [MODULE::torture_rpc]
 # TORTURE_NET and TORTURE_NBT use functions from torture_rpc...
-OUTPUT_TYPE = MERGEDOBJ
+OUTPUT_TYPE = INTEGRATED
 SUBSYSTEM = torture
 INIT_FUNCTION = torture_rpc_init
 PRIVATE_PROTO_HEADER = \
diff --git a/source4/utils/config.mk b/source4/utils/config.mk
index 9ffe72352e0c4cd666d312fb77b15e5b3e8bf2e4..cafa022d94ba839d4b64ff3e87586b13ffca1f4b 100644 (file)
--- a/source4/utils/config.mk
+++ b/source4/utils/config.mk
@@ -29,7 +29,8 @@ PRIVATE_DEPENDENCIES = \
                LIBPOPT \
                POPT_SAMBA \
                POPT_CREDENTIALS \
-               gensec
+               gensec \
+               LIBCLI_RESOLVE
 MANPAGE = man/ntlm_auth.1
 # End BINARY ntlm_auth
 #################################
@@ -81,7 +82,8 @@ PRIVATE_DEPENDENCIES = \
                LIBCLI_NBT \
                LIBPOPT \
                POPT_SAMBA \
-               LIBNETIF
+               LIBNETIF \
+               LIBCLI_RESOLVE
 # End BINARY nmblookup
 #################################
 
@@ -96,6 +98,8 @@ PRIVATE_DEPENDENCIES = \
                LIBSAMBA-UTIL \
                LIBPOPT \
                SOCKET \
-               POPT_SAMBA
+               POPT_SAMBA \
+               LIBCLI_RESOLVE \
+               CHARSET
 # End BINARY testparm
 #################################
Experimental branches for jra