git.samba.org / gd / samba-autobuild / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
auth/gensec: align common elements between gse_context and gensec_gssapi_state
[gd/samba-autobuild/.git] / source3 / wscript
diff --git a/source3/wscript b/source3/wscript
index 4432585ae0862d12935641d15bbb62dad33392b3..1a5a5c4b2390ef421313d217faad24644c8a454f 100644 (file)
--- a/source3/wscript
+++ b/source3/wscript
@@ -82,7 +82,7 @@ def configure(conf):
     conf.CHECK_FUNCS('initgroups select poll rdchk getgrnam getgrent pathconf')
     conf.CHECK_FUNCS('setpriv setgidx setuidx setgroups sysconf stat64 fstat64')
     conf.CHECK_FUNCS('lstat64 fopen64 atexit grantpt lseek64 ftruncate64 fallocate fallocate64 posix_fallocate posix_fallocate64')
-    conf.CHECK_FUNCS('fseek64 fseeko64 ftell64 ftello64 setluid')
+    conf.CHECK_FUNCS('fseeko fseek64 fseeko64 ftell64 ftello64 setluid')
     conf.CHECK_FUNCS('getpwnam', headers='sys/types.h pwd.h')
     conf.CHECK_FUNCS('opendir64 readdir64 seekdir64 telldir64 rewinddir64 closedir64')
     conf.CHECK_FUNCS('fdopendir fdopendir64')
@@ -117,8 +117,9 @@ long ret = splice(0,0,1,0,400,0);
     # Check for inotify support
     conf.CHECK_HEADERS('linux/inotify.h asm/unistd.h sys/inotify.h')
     conf.CHECK_FUNCS('inotify_init')
-    if "HAVE_LINUX_INOTIFY_H" in conf.env and "HAVE_INOTIFY_INIT" in conf.env:
-        conf.DEFINE('HAVE_INOTIFY', 1)
+    if "HAVE_INOTIFY_INIT" in conf.env:
+        if "HAVE_LINUX_INOTIFY_H" in conf.env or "HAVE_SYS_INOTIFY_H" in conf.env:
+            conf.DEFINE('HAVE_INOTIFY', 1)
 
     # Check for kernel change notify support
     conf.CHECK_CODE('''
@@ -234,7 +235,7 @@ extattr_get_link extattr_list_fd extattr_list_file extattr_list_link
 extattr_set_fd extattr_set_file extattr_set_link _facl __facl _fchdir
 __fchdir fchmod fchown _fcntl __fcntl fcvt fcvtl fdatasync
 fdelproplist fgetea fgetproplist fgetxattr flistea flistxattr fopen64
-_fork __fork fremoveea fremovexattr fseek64 fseeko64 fsetea
+_fork __fork fremoveea fremovexattr fseeko fseek64 fseeko64 fsetea
 fsetproplist fsetxattr _fstat __fstat fstat64 _fstat64 __fstat64 fsync
 ftell64 ftello64 ftruncate64 futimens futimes __fxstat getauthuid
 getcwd _getcwd __getcwd getdents __getdents getdents64 getdirentries
@@ -255,7 +256,7 @@ seekdir64 select setea setenv setgidx setgroups setlocale setluid
 setmntent setpgid setpriv setproplist setsid setuidx
 setxattr shmget shm_open sigaction sigblock sigprocmask sigset
 sizeof_proplist_entry _stat __stat stat64 _stat64 __stat64 statvfs
-strcasecmp strchr strpbrk strsignal strtol strupr sysconf sysctlbyname
+strcasecmp strchr strpbrk strsignal strtol strupr sysconf sysctl sysctlbyname
 __sys_llseek syslog _telldir __telldir telldir64 textdomain timegm
 utimensat vsyslog _write __write __xstat
 ''')
@@ -487,7 +488,7 @@ msg.msg_acctrightslen = sizeof(fd);
             # gssapi_krb5 and other libraries to its --libs output. That breaks the use
             # of an in-tree heimdal kerberos
            conf.check_cfg(path=conf.env.CUPS_CONFIG, args="--cflags --ldflags",
-                           package="", uselib_store="cups")
+                           package="", uselib_store="CUPS")
         conf.CHECK_HEADERS('cups/cups.h cups/language.h', lib='cups')
         conf.CHECK_FUNCS_IN('httpConnect httpConnectEncrypt', 'cups')
         if conf.CONFIG_SET('HAVE_CUPS_CUPS_H') and conf.CONFIG_SET('HAVE_CUPS_LANGUAGE_H'):
@@ -554,7 +555,7 @@ msg.msg_acctrightslen = sizeof(fd);
         conf.find_program('krb5-config', var='KRB5_CONFIG')
         if conf.env.KRB5_CONFIG:
             conf.check_cfg(path="krb5-config", args="--cflags --libs",
-                       package="gssapi", uselib_store="krb5")
+                       package="gssapi", uselib_store="KRB5")
         conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
         conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h com_err.h', lib='krb5')
 
@@ -569,21 +570,22 @@ msg.msg_acctrightslen = sizeof(fd);
         if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
            conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
             have_gssapi=True
-        conf.CHECK_FUNCS_IN('gss_wrap_iov gss_krb5_import_cred gss_get_name_attribute gss_mech_krb5 gss_oid_equal gss_inquire_sec_context_by_oid', 'gssapi gssapi_krb5 krb5')
+        conf.CHECK_FUNCS_IN('''gss_wrap_iov gss_krb5_import_cred gss_get_name_attribute gss_mech_krb5 gss_oid_equal
+gss_inquire_sec_context_by_oid gsskrb5_extract_authz_data_from_sec_context''', 'gssapi gssapi_krb5 krb5')
         conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
         conf.CHECK_FUNCS('''
-krb5_set_real_time krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
+krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
 krb5_set_default_tgs_ktypes krb5_principal2salt krb5_use_enctype
 krb5_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
 krb5_auth_con_setuseruserkey krb5_locate_kdc krb5_get_permitted_enctypes
 krb5_get_default_in_tkt_etypes krb5_free_data_contents
 krb5_principal_get_comp_string krb5_free_unparsed_name
 krb5_free_keytab_entry_contents krb5_kt_free_entry krb5_krbhst_init
-krb5_krbhst_get_addrinfo krb5_c_enctype_compare krb5_enctypes_compatible_keys
+krb5_krbhst_get_addrinfo krb5_c_enctype_compare
 krb5_crypto_init krb5_crypto_destroy krb5_decode_ap_req free_AP_REQ
-krb5_verify_checksum krb5_c_verify_checksum krb5_principal_compare_any_realm
+krb5_c_verify_checksum krb5_principal_compare_any_realm
 krb5_parse_name_norealm krb5_princ_size krb5_get_init_creds_opt_set_pac_request
-krb5_get_renewed_creds krb5_get_kdc_cred krb5_free_error_contents
+krb5_get_renewed_creds krb5_free_error_contents
 initialize_krb5_error_table krb5_get_init_creds_opt_alloc
 krb5_get_init_creds_opt_free krb5_get_init_creds_opt_get_error
 krb5_enctype_to_string krb5_fwd_tgt_creds krb5_auth_con_set_req_cksumtype
@@ -597,6 +599,9 @@ krb5_get_credentials_for_user krb5_get_host_realm krb5_free_host_realm''',
         conf.CHECK_VARIABLE('KV5M_KEYTAB', headers='krb5.h')
         conf.CHECK_VARIABLE('KRB5_KU_OTHER_CKSUM', headers='krb5.h')
         conf.CHECK_VARIABLE('KRB5_KEYUSAGE_APP_DATA_CKSUM', headers='krb5.h')
+       conf.CHECK_VARIABLE('ENCTYPE_AES128_CTS_HMAC_SHA1_96', headers='krb5.h')
+       conf.CHECK_VARIABLE('ENCTYPE_AES256_CTS_HMAC_SHA1_96', headers='krb5.h')
+       conf.CHECK_DECLS('KRB5_PDU_NONE', reverse=True, headers='krb5.h')
         conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'key', headers='krb5.h',
                                     define='HAVE_KRB5_KEYTAB_ENTRY_KEY')
         conf.CHECK_STRUCTURE_MEMBER('krb5_keytab_entry', 'keyblock', headers='krb5.h',
@@ -693,14 +698,6 @@ int main(void) {
                         headers='krb5.h', lib='krb5',
                         addmain=False,
                         msg="Checking whether krb5_principal_get_realm is defined")
-        if conf.CHECK_CODE('''krb5_verify_checksum(0, 0, 0, 0, 0, 0, 0);''',
-                        'KRB5_VERIFY_CHECKSUM_ARGS',
-                        headers='krb5.h', lib='krb5',
-                       msg="Checking whether krb5_verify_checksum takes 7 arguments"):
-            conf.DEFINE('KRB5_VERIFY_CHECKSUM_ARGS', '7')
-       else:
-            conf.DEFINE('KRB5_VERIFY_CHECKSUM_ARGS', '6')
-
        conf.CHECK_CODE('''
 krb5_enctype enctype;
 enctype = ENCTYPE_ARCFOUR_HMAC_MD5;
@@ -752,6 +749,33 @@ return krb5_kt_resolve(context, "WRFILE:api", &keytab);
         if not conf.CONFIG_SET('HAVE_KRB5_MK_REQ_EXTENDED'):
             Logs.warn("krb5_mk_req_extended not found in -lkrb5")
             use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_C_ENCTYPE_COMPARE'):
+            Logs.warn("krb5_c_enctype_compare not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_GET_HOST_REALM'):
+            Logs.warn("krb5_get_host_realm not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_FREE_HOST_REALM'):
+            Logs.warn("krb5_free_host_realm not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_FWD_TGT_CREDS'):
+            Logs.warn("krb5_fwd_tgt_creds found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC'):
+            Logs.warn("krb5_get_init_creds_opt_alloc not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT'):
+            Logs.warn("krb5_get_init_creds_opt_free was not found or was too old in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_GET_RENEWED_CREDS'):
+            Logs.warn("krb5_get_renewed_creds not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM'):
+            Logs.warn("krb5_principal_compare_any_realm not found in -lkrb5")
+            use_ads=False
+        if not conf.CONFIG_SET('HAVE_KRB5_STRING_TO_KEY'):
+            Logs.warn("krb5_string_to_key not found in -lkrb5")
+            use_ads=False
         if not conf.CONFIG_SET('HAVE_KRB5_PRINCIPAL2SALT') and \
            not conf.CONFIG_SET('HAVE_KRB5_GET_PW_SALT'):
             Logs.warn("no CREATE_KEY_FUNCTIONS detected")
@@ -764,9 +788,8 @@ return krb5_kt_resolve(context, "WRFILE:api", &keytab);
            not conf.CONFIG_SET('HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS'):
             Logs.warn("no KT_FREE_FUNCTION detected")
             use_ads=False
-        if not conf.CONFIG_SET('HAVE_KRB5_C_VERIFY_CHECKSUM') and \
-           not conf.CONFIG_SET('HAVE_KRB5_VERIFY_CHECKSUM'):
-            Logs.warn("no KRB5_VERIFY_CHECKSUM_FUNCTION detected")
+        if not conf.CONFIG_SET('HAVE_KRB5_C_VERIFY_CHECKSUM'):
+            Logs.warn("krb5_c_verify_checksum_compare not found in -lkrb5")
             use_ads=False
         if not conf.CONFIG_SET('KRB5_TICKET_HAS_KEYINFO'):
             # We only need the following functions if we can't get the enctype
@@ -777,6 +800,17 @@ return krb5_kt_resolve(context, "WRFILE:api", &keytab);
             if not conf.CONFIG_SET('HAVE_KRB5_DECODE_AP_REQ'):
                 Logs.warn("no KRB5_AP_REQ_DECODING_FUNCTION detected")
                 use_ads=False
+
+        # We don't actually use
+        # gsskrb5_extract_authz_data_from_sec_context, but it is a
+        # clue that this Heimdal, which does the PAC processing we
+        # need on the standard gss_inquire_sec_context_by_oid
+        if not conf.CONFIG_SET('HAVE_GSS_GET_NAME_ATTRIBUTE') and \
+            not (conf.CONFIG_SET('HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT') and \
+                     conf.CONFIG_SET('HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID')):
+            Logs.warn("need eiterh gss_get_name_attribute or gsskrb5_extract_authz_data_from_sec_context and gss_inquire_sec_context_by_oid in -lgssapi for PAC support")
+            use_ads=False
+
         if use_ads:
             conf.DEFINE('WITH_ADS', '1')
             conf.DEFINE('HAVE_KRB5', '1')
@@ -1357,11 +1391,6 @@ main() {
         msg="getcwd takes a NULL argument")
 
 
-    conf.CHECK_CODE('''enum TDB_ERROR err = TDB_ERR_NESTING''',
-                   'HAVE_TDB_ERR_NESTING',
-                   headers='tdb.h',
-                   msg='Checking whether we have TDB_ERR_NESTING')
-
     # UnixWare 7.x has its getspnam in -lgen
     conf.CHECK_FUNCS_IN('getspnam', 'gen')
     conf.CHECK_FUNCS_IN('getspnam', 'security')
@@ -1549,6 +1578,35 @@ main() {
                 includes=includes,
                 msg='Checking for ctdb ipv6 support')
 
+        if have_cluster_support:
+            conf.CHECK_CODE('''
+                #define NO_CONFIG_H
+                #include "replace.h"
+                #include "system/wait.h"
+                #include "system/network.h"
+                #include <talloc.h>
+                #include <tdb.h>
+                #include <ctdb.h>
+                #include <ctdb_private.h>
+
+                int main(void)
+                {
+                    int i = (int)CTDB_CONTROL_CHECK_SRVIDS;
+                    return 0;
+                }
+                ''',
+                'HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL',
+                addmain=False,
+                includes=includes,
+               msg='Checking for CHECK_SRVIDS control')
+
+            if not conf.CONFIG_SET('HAVE_CTDB_CONTROL_CHECK_SRVIDS_DECL'):
+                if not Options.options.enable_old_ctdb:
+                    have_cluster_support = False
+                    ctdb_broken = "CHECK_SRVIDS control missing"
+                else:
+                    Logs.warn("ignoring missing CHECK_SRVIDS control (--enable-old-ctdb)")
+
     if have_cluster_support:
         Logs.info("building with cluster support")
         conf.DEFINE('CLUSTER_SUPPORT', 1);
@@ -1638,6 +1696,8 @@ main() {
     if Options.options.developer:
         default_static_modules.extend(TO_LIST('pdb_ads auth_netlogond charset_weird'))
         default_shared_modules.extend(TO_LIST('perfcount_test'))
+        default_shared_modules.extend(TO_LIST('vfs_skel_opaque vfs_skel_transparent vfs_shadow_copy_test'))
+        default_shared_modules.extend(TO_LIST('auth_skel pdb_test'))
 
     default_static_modules.extend(TO_LIST('pdb_samba4 auth_samba4 vfs_dfs_samba4'))
 
@@ -1656,6 +1716,9 @@ main() {
     if conf.CONFIG_SET('HAVE_AIO') and (conf.CONFIG_SET('HAVE_MSGHDR_MSG_CONTROL') or conf.CONFIG_SET('HAVE_MSGHDR_MSG_ACCTRIGHTS')):
        default_shared_modules.extend(TO_LIST('vfs_aio_fork'))
 
+    if conf.CONFIG_SET('HAVE_AIO') and Options.options.with_pthreadpool:
+       default_shared_modules.extend(TO_LIST('vfs_aio_pthread'))
+
     if conf.CONFIG_SET('HAVE_LDAP'):
         default_static_modules.extend(TO_LIST('pdb_ldap idmap_ldap'))
 
Unnamed repository; edit this file 'description' to name the repository.