summaryrefslogtreecommitdiff
path: root/wscript_configure_system_mitkrb5
Commit message (Collapse)AuthorAgeFilesLines
* wscript_configure_system_mitkrb5: reject a system heimdal krb5-configStefan Metzmacher2018-12-061-19/+21
| | | | | | | | | | Review with: git show -w Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Dec 6 16:53:33 CET 2018 on sn-devel-144
* wscript_configure_system_mitkrb5: update to handle waf 2.0.4Alexander Bokovoy2018-09-051-4/+5
| | | | | Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* build:wafsamba: Remove unnecessary parameters to cmd_and_logThomas Nagy2018-09-051-2/+2
| | | | | | Signed-off-by: Thomas Nagy <tnagy@waf.io> Reviewed-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* krb5_plugin: Add winbind localauth plugin for MIT KerberosAndreas Schneider2018-06-211-0/+1
| | | | | | | | | | | | | | | | | | Applications (like OpenSSH) don't know about users and and their relationship to Kerberos principals. This plugin allows that Kerberos principals can be validated against local user accounts. Administrator@WURST.WORLD -> WURST\Administrator https://web.mit.edu/kerberos/krb5-latest/doc/plugindev/localauth.html BUG: https://bugzilla.samba.org/show_bug.cgi?id=13480 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Thu Jun 21 15:52:02 CEST 2018 on sn-devel-144
* Remove unsupported colon from configure msg.Zentaro Kavanagh2017-12-121-1/+1
| | | | | | | | | | | | | | | - When cross-compiling an answers file must be supplied via --cross-compile --cross-answers=<path to answers>. - The lines in the answer file have the form; Config Msg: Answer - The colon is used to delimit the msg and the answer when reading the answers file. - WAF doesn't support the message containing a colon. - It's not possible to override this variable so cross compile fails. Signed-off-by: Zentaro Kavanagh <zentaro@google.com> Reviewed-by: Uri Simchoni <uri@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: Improve log errors for MIT buildChristian Ambach2017-05-021-3/+3
| | | | | Signed-off-by: Christian Ambach <ambi@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* waf: Search for MIT kadm-server libraryAndreas Schneider2017-04-291-0/+4
| | | | | | | | This is needed for plugin registration in the KDC. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* waf: Check for MIT KDC binaryAndreas Schneider2017-04-291-0/+13
| | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* waf: Require MIT Kerberos 1.15.1 for Samba ADAndreas Schneider2017-04-291-9/+21
| | | | | | | | Are build without AD DC still only requried MIT Kerberos 1.9. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* gssapi: check for gss_acquire_cred_fromAlexander Bokovoy2017-03-081-0/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12611 Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* waf: Check for the correct function nameAndreas Schneider2016-08-311-1/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Wrap krb5_cc_copy_creds and krb5_cc_copy_cacheAlexander Bokovoy2016-07-251-0/+1
| | | | | | | | | | | Heimdal and MIT Kerberos have different API to copy credentials from a ccache. Wrap it via lib/krb5_wrap/. Signed-off-by: Alexander Bokovoy <ab@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Mon Jul 25 21:27:58 CEST 2016 on sn-devel-144
* wscript: detect if we have libkdb5 and kdb.h.Günther Deschner2016-03-171-0/+5
| | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wscript_configure_system_mitkrb5: add configure checks for ↵Stefan Metzmacher2016-03-101-1/+3
| | | | | | | | | | GSS_KRB5_CRED_NO_CI_FLAGS_X Newer MIT versions (maybe krb5-1.14) will also support this. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* krb5_wrap: Do not use deprecated KRB5 functionsAndreas Schneider2016-03-071-0/+2
| | | | | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Mon Mar 7 17:57:39 CET 2016 on sn-devel-144
* s3-kerberos: avoid entering a password change dialogue also when using MIT.Günther Deschner2016-02-231-0/+1
| | | | | | | | | | | | | | | Without this fix, for accounts with an expired password, a password change process is initiated and - due to the prompter - this fails with a confusing error message: "kerberos_kinit_password Administrator@W2K12DOM.BER.REDHAT.COM failed: Password mismatch Failed to join domain: failed to connect to AD: Password mismatch" Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* kerberos: make sure we only use prompter type when available.Günther Deschner2015-10-021-0/+2
| | | | | | | | | | | | | We also verified that we cannot simply remove the prompter as several older versions of Heimdal would crash. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Oct 2 07:29:43 CEST 2015 on sn-devel-104
* krb5_wrap: add smb_krb5_principal_set_type().Günther Deschner2015-03-271-0/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Transition to waf 1.8: wrapped conf.check_cfgThomas Nagy2015-03-161-3/+3
| | | | | | | | Reviewed-By: Jelmer Vernooij <jelmer@samba.org> (forward ported to current master by abartlet) Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* waf: add k5crypto to the list of system libraries if they are reported by ↵Matthieu Patou2014-10-031-0/+4
| | | | | | | | | | | | the krb5config but not found as requied by the different tests Otherwise on some systems we have error message like "Implied dependency k5crypto in winbind_krb5_locator is of type EMPTY" Even though krb5config indicated that this library is needed and the library is present Signed-off-by: Matthieu Patou <mat@matws.net> Reviewed-by: Michael Adam <obnox@samba.org>
* lib/krb5_wrap: provide krb5_warnx() replacement.Günther Deschner2014-08-081-0/+1
| | | | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Fri Aug 8 08:30:50 CEST 2014 on sn-devel-104
* lib/krb5_wrap: add smb_krb5_principal_get_type().Günther Deschner2014-08-081-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib/krb5_wrap: add smb_krb5_principal_set_realm().Günther Deschner2014-08-081-1/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* wscript: add check for krb5_keyblock_init.Günther Deschner2014-08-081-0/+1
| | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib/krb5_wrap: add krb5_copy_data_contents.Günther Deschner2014-08-081-0/+1
| | | | | | | | | | | This reuses krb5_data_copy() if available, choosed not to call it krb5_data_copy as that is easily mixed up with krb5_copy_data (which allocs the krb5_data pointer). Thanks Simo for proposing the better name. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* lib/krb5_wrap: add smb_krb5_get_allowed_weak_crypto().Günther Deschner2014-08-081-1/+5
| | | | | | | | Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Andreas Schneider <asn@samba.org>
* wafbuild: use WERROR_FLAGS in wscript_configure_system_mitkrb5Björn Jacke2012-10-301-2/+2
|
* waf: fix parsing krb5-config --version for MIT krb5Alexander Bokovoy2012-06-071-2/+8
| | | | | | | | | krb5-config --version may return a string that ends with a suffix after version number (1.X-prerelease or 1.X-beta1, for example). Detect and ignore the suffix. Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Thu Jun 7 17:03:01 CEST 2012 on sn-devel-104
* waf: check for krb5_create_checksum and krb5_creds.flags for some Heimdal ↵Alexander Bokovoy2012-06-011-3/+12
| | | | | | | | | versions Signed-off-by: Andreas Schneider <asn@samba.org> Autobuild-User: Andreas Schneider <asn@cryptomilk.org> Autobuild-Date: Fri Jun 1 11:23:21 CEST 2012 on sn-devel-104
* freebsd9: support both WAF MIT krb5 build and autoconf build against MIT krb5Alexander Bokovoy2012-05-281-8/+19
| | | | | | | | | | | | | | | | | | | | | | System-provided Heimdal Kerberos in FreeBSD 9 lacks proper support for parsing MS PAC. This leaves us with MIT krb5 package from ports or embedded Heimdal in source4. MIT krb5 from ports is 1.9.2, it supports all needed features for AD support in smbd, as well as WAF MIT krb5 build. In order to use it, one needs to install 'krb5' package. Autoconf build: --with-krb5=/usr/local WAF build: --with-system-mitkrb5 /usr/local or otherwise krb5-config from system Heimdal will overtake and break the detection, leaving you with a mixture of Kerberos libraries from different locations. WAF build accepts multiple paths as sub-arguments of the --with-system-mitkrb5 and searches through them for krb5-config, i.e. /usr/local /usr/kerberos ... Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Mon May 28 23:40:30 CEST 2012 on sn-devel-104
* waf: for MIT krb5 build require kerberos version above 1.9Alexander Bokovoy2012-05-241-1/+8
| | | | | | | | | MIT krb5 implementation provides sufficient support for features used in Samba 4 starting with 1.9. Require version above when using system MIT krb5 build. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Thu May 24 18:15:36 CEST 2012 on sn-devel-104
* Introduce system MIT krb5 build with --with-system-mitkrb5 option.Alexander Bokovoy2012-05-231-0/+224
System MIT krb5 build also enabled by specifying --without-ad-dc When --with-system-mitkrb5 (or --withou-ad-dc) option is passed to top level configure in WAF build we are trying to detect and use system-wide MIT krb5 libraries. As result, Samba 4 DC functionality will be disabled due to the fact that it is currently impossible to implement embedded KDC server with MIT krb5. Thus, --with-system-mitkrb5/--without-ad-dc build will only produce * Samba 4 client libraries and their Python bindings * Samba 3 server (smbd, nmbd, winbindd from source3/) * Samba 3 client libraries In addition, Samba 4 DC server-specific tests will not be compiled into smbtorture. This in particular affects spoolss_win, spoolss_notify, and remote_pac rpc tests.
View Lorry Controller Status