From 7b72d7e937b73411e476ec2926b862b1c9a8e5d4 Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Wed, 30 Oct 2019 13:15:48 -0700 Subject: [PATCH 1/7] wscript: Fix build with system heimdal Ubuntu has heimdal include files in /usr/include/heimdal. As the kerberos include files are pulled into many files through indirect includes, add the discovered include paths to EXTRA_INCLUDES to always have them available. Also set USING_SYSTEM_KRB5 when enabling the system heimdal build, to correctly handle the inclusion of the krb5-types.h file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit be2d90b60d19eca408b60fe4e1b49f9b418f1b97) --- wscript_configure_system_heimdal | 3 +++ 1 file changed, 3 insertions(+) diff --git a/wscript_configure_system_heimdal b/wscript_configure_system_heimdal index 0ff6dad2f55..235fa1912b7 100644 --- a/wscript_configure_system_heimdal +++ b/wscript_configure_system_heimdal @@ -18,6 +18,7 @@ if krb5_config: elif l.startswith("includedir="): include_path = l.strip()[len("includedir="):] heimdal_includedirs.append(include_path) + conf.ADD_EXTRA_INCLUDES(include_path) conf.define('HEIMDAL_KRB5_TYPES_PATH', include_path + "/krb5-types.h") finally: @@ -97,3 +98,5 @@ finally: check_system_heimdal_binary("compile_et") check_system_heimdal_binary("asn1_compile") + +conf.define('USING_SYSTEM_KRB5', 1) -- 2.17.0 From 69f44201c5d57af76c8e4d0459b1364bec65b508 Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Sat, 9 Nov 2019 15:36:32 +0000 Subject: [PATCH 2/7] selftest: system-heimdal: workaround upstream "host" canon bug BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Isaac Boukris Reviewed-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit 15ddd95d94688ed742a2965c4b269d7c84e2d858) --- selftest/target/Samba.pm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm index c30f6fe33ce..2d0378d1b92 100644 --- a/selftest/target/Samba.pm +++ b/selftest/target/Samba.pm @@ -252,6 +252,7 @@ sub mk_krb5_conf($$) $ctx->{dnsname}, $ctx->{domain}, $ctx->{kdc_ipv4}); + my $lc_domain = lc($ctx->{domain}); print KRB5CONF " #Generated krb5.conf for $ctx->{realm} @@ -263,6 +264,11 @@ sub mk_krb5_conf($$) forwardable = yes allow_weak_crypto = yes + name_canon_rules=as-is:realm=$ctx->{realm} + name_canon_rules=as-is:realm=$ctx->{dnsname} + name_canon_rules=as-is:realm=$ctx->{domain} + name_canon_rules=as-is:realm=$lc_domain + # We are running on the same machine, do not correct # system clock differences kdc_timesync = 0 -- 2.17.0 From 8a7c93985bf904bca7722ad8e771887003e7fc4d Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Mon, 11 Nov 2019 13:08:28 -0700 Subject: [PATCH 3/7] krb5_plugin: Use C99 initializer BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit 1aef796e302058ad3327613964fa89abaf940c1c) --- nsswitch/krb5_plugin/winbind_krb5_locator.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nsswitch/krb5_plugin/winbind_krb5_locator.c b/nsswitch/krb5_plugin/winbind_krb5_locator.c index 518c871b248..a31c0822370 100644 --- a/nsswitch/krb5_plugin/winbind_krb5_locator.c +++ b/nsswitch/krb5_plugin/winbind_krb5_locator.c @@ -409,10 +409,10 @@ static krb5_error_code smb_krb5_locator_lookup(void *private_data, #endif const krb5plugin_service_locate_ftable SMB_KRB5_LOCATOR_SYMBOL_NAME = { - 0, /* version */ - smb_krb5_locator_init, - smb_krb5_locator_close, - smb_krb5_locator_lookup, + .minor_version = 0, + .init = smb_krb5_locator_init, + .fini = smb_krb5_locator_close, + .lookup = smb_krb5_locator_lookup, }; #endif -- 2.17.0 From 89b1233735d0791f2a27d43ddc7c19afbb4959d1 Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Mon, 11 Nov 2019 13:37:25 -0700 Subject: [PATCH 4/7] krb5_plugin: Fix developer build with newer heimdal system library Newer heimdal versions provide a different locator plugin interface. The function pointer for the old method has been renamed. Use an ifdef to initialize the correct pointer. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit 85d23236200dbe013c09a4f23d982ef1baac240d) --- nsswitch/krb5_plugin/winbind_krb5_locator.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nsswitch/krb5_plugin/winbind_krb5_locator.c b/nsswitch/krb5_plugin/winbind_krb5_locator.c index a31c0822370..d08cdf72a59 100644 --- a/nsswitch/krb5_plugin/winbind_krb5_locator.c +++ b/nsswitch/krb5_plugin/winbind_krb5_locator.c @@ -412,7 +412,11 @@ const krb5plugin_service_locate_ftable SMB_KRB5_LOCATOR_SYMBOL_NAME = { .minor_version = 0, .init = smb_krb5_locator_init, .fini = smb_krb5_locator_close, +#ifdef KRB5_PLUGIN_LOCATE_VERSION_2 + .old_lookup = smb_krb5_locator_lookup, +#else .lookup = smb_krb5_locator_lookup, +#endif }; #endif -- 2.17.0 From d532b1182ca67cc9b99aefc795aa5e486ea43f54 Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Wed, 30 Oct 2019 13:45:55 -0700 Subject: [PATCH 5/7] autobuild: Add test for build with system heimdal library The configure option --with-system-heimdalkrb5 requires --without-ad-dc. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit 7965a204d68196acddf553959bb3407125baf31d) --- script/autobuild.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/script/autobuild.py b/script/autobuild.py index ef75f507add..cf665bd6a7c 100755 --- a/script/autobuild.py +++ b/script/autobuild.py @@ -124,6 +124,7 @@ builddirs = { "samba": ".", "samba-nt4": ".", "samba-fileserver": ".", + "samba-ktest-heimdal": ".", "samba-ad-member": ".", "samba-xc": ".", "samba-o3": ".", @@ -293,6 +294,17 @@ tasks = { ("check-clean-tree", "script/clean-source-tree.sh"), ], + "samba-ktest-heimdal": [ + ("random-sleep", random_sleep(300, 900)), + ("configure", "./configure.developer --without-ad-dc --with-system-heimdalkrb5 --with-selftest-prefix=./bin/ab" + samba_configure_params), + ("make", "make -j"), + ("test", make_test(include_envs=[ + "ktest", + ])), + ("lcov", LCOV_CMD), + ("check-clean-tree", "script/clean-source-tree.sh"), + ], + "samba-ad-member": [ ("random-sleep", random_sleep(300, 900)), ("configure", "./configure.developer --with-selftest-prefix=./bin/ab" + samba_configure_params), -- 2.17.0 From 91d2d92fb840fa03e897659d1dd242dc314c3d2b Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Wed, 30 Oct 2019 13:49:55 -0700 Subject: [PATCH 6/7] bootstrap: Add heimdal-multidev for Debian and Ubuntu This is required for testing the build with the configure option --with-system-heimdalkrb5. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett (cherry picked from commit 2efc243f1ad09eae46f6f99fb0646ecd4356c3f9) --- .gitlab-ci.yml | 2 +- bootstrap/config.py | 1 + bootstrap/generated-dists/debian7/bootstrap.sh | 1 + bootstrap/generated-dists/debian7/packages.yml | 1 + bootstrap/generated-dists/debian8/bootstrap.sh | 1 + bootstrap/generated-dists/debian8/packages.yml | 1 + bootstrap/generated-dists/debian9/bootstrap.sh | 1 + bootstrap/generated-dists/debian9/packages.yml | 1 + bootstrap/generated-dists/ubuntu1404/bootstrap.sh | 1 + bootstrap/generated-dists/ubuntu1404/packages.yml | 1 + bootstrap/generated-dists/ubuntu1604/bootstrap.sh | 1 + bootstrap/generated-dists/ubuntu1604/packages.yml | 1 + bootstrap/generated-dists/ubuntu1804/bootstrap.sh | 1 + bootstrap/generated-dists/ubuntu1804/packages.yml | 1 + bootstrap/sha1sum.txt | 2 +- 15 files changed, 15 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 313ae01fa69..263a13738e2 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,7 +22,7 @@ variables: # Set this to the contents of bootstrap/sha1sum.txt # which is generated by bootstrap/template.py --render # - SAMBA_CI_CONTAINER_TAG: 339a70ba1881feec94109c5c4eafacf4ff6c43bc + SAMBA_CI_CONTAINER_TAG: 970e3a86b8a9dc10a0a3ec716ab355eb9664dc38 # # We use the ubuntu1804 image as default as # it matches what we have on sn-devel-184. diff --git a/bootstrap/config.py b/bootstrap/config.py index 9126961fc93..a83a3efb983 100644 --- a/bootstrap/config.py +++ b/bootstrap/config.py @@ -102,6 +102,7 @@ PKGS = [ ('libunwind-dev', 'libunwind-devel'), # for back trace ('libglib2.0-dev', 'glib2-devel'), ('libicu-dev', 'libicu-devel'), + ('heimdal-multidev', ''), # NAME1, NAME2 # for debian, locales provide locale support with language packs diff --git a/bootstrap/generated-dists/debian7/bootstrap.sh b/bootstrap/generated-dists/debian7/bootstrap.sh index 4e126cf5e8e..fcba67cb16f 100755 --- a/bootstrap/generated-dists/debian7/bootstrap.sh +++ b/bootstrap/generated-dists/debian7/bootstrap.sh @@ -30,6 +30,7 @@ apt-get -y install \ git \ glusterfs-common \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/debian7/packages.yml b/bootstrap/generated-dists/debian7/packages.yml index 667825c283e..62fd54b1197 100644 --- a/bootstrap/generated-dists/debian7/packages.yml +++ b/bootstrap/generated-dists/debian7/packages.yml @@ -19,6 +19,7 @@ packages: - git - glusterfs-common - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/generated-dists/debian8/bootstrap.sh b/bootstrap/generated-dists/debian8/bootstrap.sh index 4c8c65223f9..54e3f78db93 100755 --- a/bootstrap/generated-dists/debian8/bootstrap.sh +++ b/bootstrap/generated-dists/debian8/bootstrap.sh @@ -30,6 +30,7 @@ apt-get -y install \ git \ glusterfs-common \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/debian8/packages.yml b/bootstrap/generated-dists/debian8/packages.yml index a2d4bdb0638..a65ca2f5d05 100644 --- a/bootstrap/generated-dists/debian8/packages.yml +++ b/bootstrap/generated-dists/debian8/packages.yml @@ -19,6 +19,7 @@ packages: - git - glusterfs-common - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/generated-dists/debian9/bootstrap.sh b/bootstrap/generated-dists/debian9/bootstrap.sh index fa7051a67e1..4bc421437e6 100755 --- a/bootstrap/generated-dists/debian9/bootstrap.sh +++ b/bootstrap/generated-dists/debian9/bootstrap.sh @@ -30,6 +30,7 @@ apt-get -y install \ git \ glusterfs-common \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/debian9/packages.yml b/bootstrap/generated-dists/debian9/packages.yml index 1e3bd0c380c..0021d64db62 100644 --- a/bootstrap/generated-dists/debian9/packages.yml +++ b/bootstrap/generated-dists/debian9/packages.yml @@ -19,6 +19,7 @@ packages: - git - glusterfs-common - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/generated-dists/ubuntu1404/bootstrap.sh b/bootstrap/generated-dists/ubuntu1404/bootstrap.sh index 65625604f4b..34c7726e50c 100755 --- a/bootstrap/generated-dists/ubuntu1404/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu1404/bootstrap.sh @@ -29,6 +29,7 @@ apt-get -y install \ gdb \ git \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/ubuntu1404/packages.yml b/bootstrap/generated-dists/ubuntu1404/packages.yml index 8838828d7b8..5dd5d008c6e 100644 --- a/bootstrap/generated-dists/ubuntu1404/packages.yml +++ b/bootstrap/generated-dists/ubuntu1404/packages.yml @@ -18,6 +18,7 @@ packages: - gdb - git - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/generated-dists/ubuntu1604/bootstrap.sh b/bootstrap/generated-dists/ubuntu1604/bootstrap.sh index a47ef984cb5..8923e06d257 100755 --- a/bootstrap/generated-dists/ubuntu1604/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu1604/bootstrap.sh @@ -29,6 +29,7 @@ apt-get -y install \ gdb \ git \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/ubuntu1604/packages.yml b/bootstrap/generated-dists/ubuntu1604/packages.yml index 23939c38e80..d42971db3b5 100644 --- a/bootstrap/generated-dists/ubuntu1604/packages.yml +++ b/bootstrap/generated-dists/ubuntu1604/packages.yml @@ -18,6 +18,7 @@ packages: - gdb - git - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/generated-dists/ubuntu1804/bootstrap.sh b/bootstrap/generated-dists/ubuntu1804/bootstrap.sh index 45212ccfb81..3ec8f714aa0 100755 --- a/bootstrap/generated-dists/ubuntu1804/bootstrap.sh +++ b/bootstrap/generated-dists/ubuntu1804/bootstrap.sh @@ -30,6 +30,7 @@ apt-get -y install \ git \ glusterfs-common \ gzip \ + heimdal-multidev \ hostname \ htop \ krb5-config \ diff --git a/bootstrap/generated-dists/ubuntu1804/packages.yml b/bootstrap/generated-dists/ubuntu1804/packages.yml index f2c981fba83..8778af2bafb 100644 --- a/bootstrap/generated-dists/ubuntu1804/packages.yml +++ b/bootstrap/generated-dists/ubuntu1804/packages.yml @@ -19,6 +19,7 @@ packages: - git - glusterfs-common - gzip + - heimdal-multidev - hostname - htop - krb5-config diff --git a/bootstrap/sha1sum.txt b/bootstrap/sha1sum.txt index 52cf7350bc0..0a3dbf1adf0 100644 --- a/bootstrap/sha1sum.txt +++ b/bootstrap/sha1sum.txt @@ -1 +1 @@ -339a70ba1881feec94109c5c4eafacf4ff6c43bc +970e3a86b8a9dc10a0a3ec716ab355eb9664dc38 -- 2.17.0 From 7e3e0f6c6b192fb6d69f895f7b620b4e6e7f909e Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Wed, 30 Oct 2019 14:24:58 -0700 Subject: [PATCH 7/7] gitlab-ci: Run samba-fileserver-heimdalkrb5 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179 Signed-off-by: Christof Schmitt Reviewed-by: Andrew Bartlett Autobuild-User(master): Christof Schmitt Autobuild-Date(master): Wed Nov 13 19:14:25 UTC 2019 on sn-devel-184 (cherry picked from commit 5343cec5f0a5531af85d72021dba30c31a4a3f1b) --- .gitlab-ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 263a13738e2..67a86d2b0c8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -176,6 +176,9 @@ samba-ad-dc-backup: samba-fileserver: extends: .private_template +samba-ktest-heimdal: + extends: .private_template + samba-ad-dc-1: extends: .private_template -- 2.17.0