sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

Merge 2610c05b5b95cc7036b3d6dfb894c6cfbdb68483 as Samba-4.0alpha16

Browse Source
This commit is contained in:
Andrew Bartlett 2011-06-24 16:26:23 +10:00
commit 6da26870e0
1484 changed files with 78439 additions and 25430 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -71,8 +71,8 @@ source3/exports/libtalloc.syms
source3/exports/libtdb.syms
source3/exports/libwbclient.syms
source3/include/build_env.h
source3/include/config.h
source3/include/config.h.in
source3/include/autoconf/config.h
source3/include/autoconf/config.h.in
source3/include/includes.h.gch
source3/include/stamp-h
source3/include/version.h

2
Makefile
View File

@ -68,7 +68,7 @@ ctags:
# this allows for things like "make bin/smbtorture"
bin/%:: FORCE
$(WAF) --targets=`basename $@`
$(WAF) --targets=$@
FORCE:
pydoctor:

2
VERSION
View File

@ -57,7 +57,7 @@ SAMBA_VERSION_TP_RELEASE=
# e.g. SAMBA_VERSION_ALPHA_RELEASE=1 #
# -> "4.0.0alpha1" #
########################################################
SAMBA_VERSION_ALPHA_RELEASE=15
SAMBA_VERSION_ALPHA_RELEASE=16
########################################################
# For 'pre' releases the version will be #

307
WHATSNEW.txt
View File

@ -1,212 +1,129 @@
=================================
Release Notes for Samba 3.6.0pre1
July 28, 2010
=================================
What's new in Samba 4 alpha16
=============================
Samba 4.0 will be the next version of the Samba suite and incorporates
all the technology found in both the Samba4 alpha series and the
stable 3.x series. The primary additional features over Samba 3.6 are
support for the Active Directory logon protocols used by Windows 2000
and above.
WARNINGS
========
Samba4 alpha16 is not a final Samba release, however we are now making
good progress towards a Samba 4.0 release, of which this is a preview.
Be aware the this release contains both the technology of Samba 3.6
(that you can reasonably expect to upgrade existing Samba 3.x releases
to) and the AD domain controller work previously known as 'samba4'.
No migration path is currently provided between these two sets of
technology. These missing migration paths will be the focus of
development between now and a Samba 4.0 release.
While binaries for the stable file server are provided in this
release, for a stable, supported file server, Samba3 domain or AD
domain member installation, please run a Samba 3.x release, as we are
still bedding down the new single build system.
Samba4 is subjected to an awesome battery of tests on an automated
basis, we have found Samba 4.0 to be very stable in it's behavior.
However, we still recommend against upgrading production servers from
Samba 3.x release to Samba 4.0 alpha at this stage.
If you are upgrading, or looking to develop, test or deploy Samba 4.0
alpha releases, you should backup all configuration and data.
NEW FEATURES
============
Samba 4.0 alpha supports the server-side of the Active Directory logon
environment used by Windows 2000 and later, so we can do full domain
join and domain logon operations with these clients.
Our Domain Controller (DC) implementation includes our own built-in
LDAP server and Kerberos Key Distribution Center (KDC) as well as the
Samba3-like logon services provided over CIFS. We correctly generate
the infamous Kerberos PAC, and include it with the Kerberos tickets we
issue.
Samba 4.0 alpha ships with two distinct file servers. The file server
from the Samba 3.x series is 'smbd', and works with the binaries users
would expect from that series (nmbd, winbindd, smbpasswd).
Samba 4.0 also ships with a new file server, which is tuned to match
the requirements of an AD domain controller. Users should not use the
file server in the 'samba' binary for non-DC related tasks.
A new scripting interface has been added to Samba 4, allowing Python
programs to interface to Samba's internals, and many tools and
internal workings of the DC code is now implemented in python.
This is the first preview release of Samba 3.6. This is *not*
intended for production environments and is designed for testing
purposes only. Please report any defects via the Samba bug reporting
system at https://bugzilla.samba.org/.
CHANGES SINCE alpha15
=====================
For a list of changes since alpha 15, please see the git log.
Major enhancements in Samba 3.6.0 include:
$ git clone git://git.samba.org/samba.git
$ cd samba.git
$ git log release-4-0-0alpha15..release-4-0-0alpha16
The biggest user-visible change is that binaries from the Samba 3.x
series of development are now built and installed. These binaries
(smbd, nmbd, winbindd, net, testparm, etc) operate much as they do in
the Samba 3.6 release candidates.
Changed security defaults
-------------------------
Samba 3.6 has adopted a number of improved security defaults that will
impact on existing users of Samba.
client ntlmv2 auth = yes
client use spnego principal = no
send spnego principal = no
The impact of 'client ntlmv2 auth = yes' is that by default we will not
use NTLM authentication as a client. This applies to the Samba client
tools such as smbclient and winbind, but does not change the separately
released in-kernel CIFS client. To re-enable the poorer NTLM encryption
set '--option=clientusentlmv2auth=no' on your smbclient command line, or
set 'client ntlmv2 auth = no' in your smb.conf
The impact of 'client use spnego principal = no' is that we may be able
to use Kerberos to communicate with a server less often in smbclient,
winbind and other Samba client tools. We may fall back to NTLMSSP in
more situations where we would previously rely on the insecure
indication from the 'NegProt' CIFS packet. This mostly occursed when
connecting to a name alias not recorded as a servicePrincipalName for
the server. This indication is not available from Windows 2008 or later
in any case, and is not used by modern Windows clients, so this makes
Samba's behaviour consistent with other clients and against all servers.
The impact of 'send spnego principal = no' is to match Windows 2008 and
not to send this principal, making existing clients give more consistent
behaviour (more likely to fall back to NTLMSSP) between Samba and
Windows 2008, and between Windows versions that did and no longer use
this insecure hint.
SMB2 support
------------
SMB2 support in 3.6.0 is fully functional (with one omission),
and can be enabled by setting:
max protocol = SMB2
in the [global] section of your smb.conf and re-starting
Samba. All features should work over SMB2 except the modification
of user quotas using the Windows quota management tools.
As this is the first release containing what we consider
to be a fully featured SMB2 protocol, we are not enabling
this by default, but encourage users to enable SMB2 and
test it. Once we have enough confirmation from Samba
users and OEMs that SMB2 support is stable in wide user
testing we will enable SMB2 by default in a future Samba
release.
Internal Winbind passdb changes
-------------------------------
Winbind has been changed to use the internal samr and lsa rpc pipe to get
local user and group information instead of calling passdb functions. The
reason is to use more of our infrastructure and test this infrastructure by
using it. With this approach more code in Winbind is shared.
New Spoolss code
----------------
The spoolss and the old RAP printing code have been completely
overhauled and refactored.
All calls from lanman/printing code has been changed to go through the
spoolss RPC interfaces, this allows us to keep all checks in one place
and avoid special cases in the main printing code.
Printing code has been therefore confined within the spoolss code.
All the printing code, including the spoolss RPC interfaces has been
changed to use the winreg RPC interfaces to store all data.
All data has been migrated from custom, arbitrary TDB files to the
registry interface. This transition allow us to present correct data to
windows client accessing the server registry through the winreg RPC
interfaces to query for printer data. Data is served out from a real
registry implementation and therefore arguably 100% forward compatible.
Migration code from the previous TDB files formats is provided. This
code is automatically invoked the first time the new code is run on the
server. Although manual migration is also available using the 'net
printer migrate' command.
These changes not only make all the spoolss code much more closer to
"the spec", it also greatly improves our internal testing of both
spoolss and winreg interfaces, and reduces overall code duplication.
As part of this work, new tests have been also added to increase
coverage.
This code will also allow, in future, an easy transition to split out
the spooling functions into a separate daemon for those OEMs that do not
need printing functionality in their appliances, reducing the code
footprint.
ID Mapping Changes
------------------
The id mapping configuration has been a source of much grief in the past.
For this release, id mapping has ben rewritten yet again with the goal
of making the configuration more simple and more coherent while keeping
the needed flexibility and even adding to the flexibility in some respects.
The major change that implies the configuration simplifications is at
the heart of the id mapping system: The separation of the "idmap alloc
system" that is responsible for the unix id counters in the tdb, tdb2
and ldap idmap backends from the id mapping code itself has been removed.
The sids_to_unixids operation is now atomic and encapsulates (if needed)
the action of allocating a unix id for a mapping that is to be created.
Consequently all idmap alloc configuration parameters have vanished and
it is hence now also not possible any more to specify an idmap alloc
backend different from the idmap backend. Each idmap backend uses its
own idmap unixid creation mechanism transparently.
As a consequence of the id mapping changes, the methods that are used
for storing and deleting id mappings have been removed from the winbindd
API. The "net idmap dump/restore" commands have been rewritten to
not speak through winbindd any more but directly act on the databases.
This is currently available for the tdb and tdb2 backends, the implementation
for ldap still missing.
The allocate_id functionality is preserved for the unix id creator of the
default idmap configuration is also used as the source of unix ids
for the group mapping database and for the posix attributes in a
ldapsam:editposix setup.
As part of the changes, the default idmap configuration has been
changed to be more coherent with the per-domain configuration.
The parameters "idmap uid", "idmap gid" and "idmap range" are now
deprecated in favour of the systematic "idmap config * : range"
and "idmap config * : backend" parameters. The reason for this change
is that the old options only provided an incomplete and hence deceiving
backwards compatibility, which was a source of many problems with
updgrades. By introducing this change in configuration, it should be
brought to the conciousness of the users that even the simple
id mapping is not working exactly as in Samba 3.0 versions any more.
SMB Traffic Analyzer
--------------------
Added the new SMB Traffic Analyzer (SMBTA) VFS module protocol 2
featuring encryption, multiple arguments, and easier parseability. A new
tool 'smbta-util' has been created to control the encryption behaviour
of SMBTA. For compatibility, SMBTA by default operates on version 1.
There are programs consuming the data that the module sends.
More information can be found on
http://holger123.wordpress.com/smb-traffic-analyzer/
NFS quota backend on Linux
--------------------------
A new nfs quota backend for Linux has been added that is based
on the existing Solaris/FreeBSD implementation. This allows samba
to communicate correct diskfree information for nfs imports that
are re-exported as samba shares.
######################################################################
Changes
#######
CHANGES
=======
smb.conf changes
----------------
Parameter Name Description Default
-------------- ----------- -------
announce version Removed
announce as Removed
async smb echo handler New No
client ntlmv2 auth Changed Default Yes
client use spnego principal New No
ctdb locktime warn threshold New 0
idmap alloc backend Removed
log writeable files on exit New No
multicast dns register New Yes
ncalrpc dir New
send spnego principal New No
smb2 max credits New 128
smb2 max read New 1048576
smb2 max trans New 1048576
smb2 max write New 1048576
username map cache time New 0
winbind max clients New 200
Those familiar with Samba 3 can find a list of user-visible changes
between the two technology sets provided in the NEWS file.
KNOWN ISSUES
============
######################################################################
- Domain member support in the 'samba' binary is in it's infancy, and
is not comparable to the support found in winbindd. As such, do not
use the 'samba' binary (provided for the AD server) on a member
server.
- There is no printing support in the 'samba' binary (use smbd instead)
- There is no NetBIOS browsing support in the 'samba' binary (use nmbd
and smbd instead)
- Clock Synchronisation is critical. Many 'wrong password' errors are
actually due to Kerberos objecting to a clock skew between client
and server. (The NTP work in the previous alphas are partly to assist
with this problem).
- The DRS replication code may fail. Please contact the team if you
experience issues with DRS replication, as we have fixed many issues
here in response to feedback from our production users.
- Users upgrading existing databases to Samba4 should carefully
consult upgrading-samba4.txt. We have made a number of changes in
this release that should make it easier to upgrade in future.
Btw: there exists also a script under the "setup" directory of the
source distribution called "upgrade_from_s3" which should allow a step-up
from Samba3 to Samba4. It's not included yet in the binary distributions
since it's completely experimental!
RUNNING Samba 4.0 as an AD DC
=============================
A short guide to setting up Samba 4 as an AD DC can be found on the wiki:
http://wiki.samba.org/index.php/Samba4/HOWTO
#######################################
Reporting bugs & Development Discussion
#######################################
@ -216,7 +133,7 @@ joining the #samba-technical IRC channel on irc.freenode.net.
If you do report problems then please try to send high quality
feedback. If you don't provide vital information to help us track down
the problem then you will probably be ignored. All bug reports should
be filed under the Samba 3.6 product in the project's Bugzilla
be filed under the Samba 4.0 product in the project's Bugzilla
database (https://bugzilla.samba.org/).

132
WHATSNEW4.txt
View File

@ -1,132 +0,0 @@
What's new in Samba 4 alpha15
=============================
Samba 4 is the ambitious next version of the Samba suite that is being
developed in parallel to the stable 3.x series. The main emphasis in
this branch is support for the Active Directory logon protocols used
by Windows 2000 and above.
Samba4 alpha15 follows on from the alpha release series we have been
publishing since September 2007.
WARNINGS
========
Samba4 alpha15 is not a final Samba release. That is more a reference
to Samba4's lack of the features we expect you will need than a
statement of code quality, but clearly it hasn't seen a broad
deployment yet. If you were to upgrade Samba3 (or indeed Windows) to
Samba4, you would find many things work, but that other key features
you may have relied on simply are not there yet.
For example, while Samba 3 is an excellent member of a Active
Directory domain, Samba4 is happier as a domain controller, and it is
in this role where it has seen deployment into production.
Samba4 is subjected to an awesome battery of tests on an
automated basis, we have found Samba4 to be very stable in it's
behaviour. We have to recommend against upgrading production servers
from Samba 3 to Samba 4 at this stage, because there may be the features on
which you may rely that are not present, or the mapping of
your configuration and user database may not be complete.
If you are upgrading, or looking to develop, test or deploy Samba4, you should
backup all configuration and data.
NEW FEATURES
============
Samba4 supports the server-side of the Active Directory logon environment
used by Windows 2000 and later, so we can do full domain join
and domain logon operations with these clients.
Our Domain Controller (DC) implementation includes our own built-in
LDAP server and Kerberos Key Distribution Center (KDC) as well as the
Samba3-like logon services provided over CIFS. We correctly generate
the infamous Kerberos PAC, and include it with the Kerberos tickets we
issue.
The new VFS features in Samba 4 adapts the filesystem on the server to
match the Windows client semantics, allowing Samba 4 to better match
windows behaviour and application expectations. This includes file
annotation information (in streams) and NT ACLs in particular. The
VFS is backed with an extensive automated test suite.
A new scripting interface has been added to Samba 4, allowing
Python programs to interface to Samba's internals.
The Samba 4 architecture is based around an LDAP-like database that
can use a range of modular backends. One of the backends supports
standards compliant LDAP servers (including OpenLDAP), and we are
working on modules to map between AD-like behaviours and this backend.
We are aiming for Samba 4 to be powerful frontend to large
directories.
CHANGES SINCE alpha14
=====================
For a list of changes since alpha 14, please see the git log.
$ git clone git://git.samba.org/samba.git
$ cd samba.git
$ git log release-4-0-0alpha14..release-4-0-0alpha15
CHANGES
=======
Those familiar with Samba 3 can find a list of user-visible changes
since that release series in the NEWS file.
KNOWN ISSUES
============
- Domain member support is in it's infancy, and is not comparable to
the support found in Samba3.
- There is no printing support in the current release.
- There is no NetBIOS browsing support in the current release
- The Samba4 port of the CTDB clustering support is not yet complete
- Clock Synchronisation is critical. Many 'wrong password' errors are
actually due to Kerberos objecting to a clock skew between client
and server. (The NTP work in the previous alphas are partly to assist
with this problem).
- The DRS replication code fails, and is very new
- Users upgrading existing databases to Samba4 should carefully
consult upgrading-samba4.txt. We have made a number of changes in
this release that should make it easier to upgrade in future.
Btw: there exists also a script under the "setup" directory of the
source distribution called "upgrade_from_s3" which should allow a step-up
from Samba3 to Samba4. It's not included yet in the binary distributions
since it's completely experimental!
RUNNING Samba4
==============
A short guide to setting up Samba 4 can be found on the wiki:
http://wiki.samba.org/index.php/Samba4/HOWTO
DEVELOPMENT and FEEDBACK
========================
We need your help! Projects as Samba 4 live from the community feedback. If you
provide expressive bug reports, some documentation snippets on the wiki or some
real code patches - all is appreciated if it meets our quality criterias. Here
you can find further references:
Bugs can be filed at https://bugzilla.samba.org/ but please be aware
that many features are simply not expected to work at this stage.
The Samba Wiki at http://wiki.samba.org should detail some of these
development plans.
Development and general discussion about Samba 4 happens mainly on
the #samba-technical IRC channel (on irc.freenode.net) and
the samba-technical mailing list (see http://lists.samba.org/ for
details).

22
auth/auth_sam_reply.h
View File

@ -1,3 +1,25 @@
/*
Unix SMB/CIFS implementation.
Convert a server info struct into the form for PAC and NETLOGON replies
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
Copyright (C) Stefan Metzmacher <metze@samba.org> 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __AUTH_AUTH_SAM_REPLY_H__
#define __AUTH_AUTH_SAM_REPLY_H__

5
auth/common_auth.h
View File

@ -17,6 +17,9 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef AUTH_COMMON_AUTH_H
#define AUTH_COMMON_AUTH_H
#define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
#define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
#define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* don't check unix account status */
@ -59,3 +62,5 @@ struct auth_usersupplied_info
} password;
uint32_t flags;
};
#endif

152
auth/kerberos/gssapi_pac.c Normal file
View File

@ -0,0 +1,152 @@
/*
Unix SMB/CIFS implementation.
kerberos authorization data (PAC) utility library
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2011
Copyright (C) Simo Sorce 2010.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#ifdef HAVE_KRB5
#include "libcli/auth/krb5_wrap.h"
#if 0
/* FIXME - need proper configure/waf test
* to determine if gss_mech_krb5 and friends
* exist. JRA.
*/
/*
* These are not exported by Solaris -lkrb5
* Maybe move to libreplace somewhere?
*/
static const gss_OID_desc krb5_gss_oid_array[] = {
/* this is the official, rfc-specified OID */
{ 9, "\052\206\110\206\367\022\001\002\002" },
/* this is the pre-RFC mech OID */
{ 5, "\053\005\001\005\002" },
/* this is the unofficial, incorrect mech OID emitted by MS */
{ 9, "\052\206\110\202\367\022\001\002\002" },
{ 0, 0 }
};
const gss_OID_desc * const gss_mech_krb5 = krb5_gss_oid_array+0;
const gss_OID_desc * const gss_mech_krb5_old = krb5_gss_oid_array+1;
const gss_OID_desc * const gss_mech_krb5_wrong = krb5_gss_oid_array+2;
#endif
/* The Heimdal OID for getting the PAC */
#define EXTRACT_PAC_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH 8
/* EXTRACTION OID AUTHZ ID */
#define EXTRACT_PAC_AUTHZ_DATA_FROM_SEC_CONTEXT_OID "\x2a\x85\x70\x2b\x0d\x03" "\x81\x00"
NTSTATUS gssapi_obtain_pac_blob(TALLOC_CTX *mem_ctx,
gss_ctx_id_t gssapi_context,
gss_name_t gss_client_name,
DATA_BLOB *pac_blob)
{
NTSTATUS status;
OM_uint32 gss_maj, gss_min;
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
gss_buffer_desc pac_buffer;
gss_buffer_desc pac_display_buffer;
gss_buffer_desc pac_name = {
.value = discard_const("urn:mspac:"),
.length = sizeof("urn:mspac:")-1
};
int more = -1;
int authenticated = false;
int complete = false;
gss_maj = gss_get_name_attribute(
&gss_min, gss_client_name, &pac_name,
&authenticated, &complete,
&pac_buffer, &pac_display_buffer, &more);
if (gss_maj != 0) {
DEBUG(0, ("obtaining PAC via GSSAPI gss_get_name_attribute failed: %s\n",
gssapi_error_string(mem_ctx, gss_maj, gss_min, gss_mech_krb5)));
return NT_STATUS_ACCESS_DENIED;
} else if (authenticated && complete) {
/* The PAC blob is returned directly */
*pac_blob = data_blob_talloc(mem_ctx, pac_buffer.value,
pac_buffer.length);
if (!pac_blob->data) {
status = NT_STATUS_NO_MEMORY;
} else {
status = NT_STATUS_OK;
}
gss_maj = gss_release_buffer(&gss_min, &pac_buffer);
gss_maj = gss_release_buffer(&gss_min, &pac_display_buffer);
return status;
} else {
DEBUG(0, ("obtaining PAC via GSSAPI failed: authenticated: %s, complete: %s, more: %s\n",
authenticated ? "true" : "false",
complete ? "true" : "false",
more ? "true" : "false"));
return NT_STATUS_ACCESS_DENIED;
}
#elif defined(HAVE_GSS_INQUIRE_SEC_CONTEXT_BY_OID)
gss_OID_desc pac_data_oid = {
.elements = discard_const(EXTRACT_PAC_AUTHZ_DATA_FROM_SEC_CONTEXT_OID),
.length = EXTRACT_PAC_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH
};
gss_buffer_set_t set = GSS_C_NO_BUFFER_SET;
/* If we didn't have the routine to get a verified, validated
* PAC (supplied only by MIT at the time of writing), then try
* with the Heimdal OID (fetches the PAC directly and always
* validates) */
gss_maj = gss_inquire_sec_context_by_oid(
&gss_min, gssapi_context,
&pac_data_oid, &set);
/* First check for the error MIT gives for an unknown OID */
if (gss_maj == GSS_S_UNAVAILABLE) {
DEBUG(1, ("unable to obtain a PAC against this GSSAPI library. "
"GSSAPI secured connections are available only with Heimdal or MIT Kerberos >= 1.8\n"));
} else if (gss_maj != 0) {
DEBUG(2, ("obtaining PAC via GSSAPI gss_inqiure_sec_context_by_oid (Heimdal OID) failed: %s\n",
gssapi_error_string(mem_ctx, gss_maj, gss_min, gss_mech_krb5)));
} else {
if (set == GSS_C_NO_BUFFER_SET) {
DEBUG(0, ("gss_inquire_sec_context_by_oid returned unknown "
"data in results.\n"));
return NT_STATUS_INTERNAL_ERROR;
}
/* The PAC blob is returned directly */
*pac_blob = data_blob_talloc(mem_ctx, set->elements[0].value,
set->elements[0].length);
if (!pac_blob->data) {
status = NT_STATUS_NO_MEMORY;
} else {
status = NT_STATUS_OK;
}
gss_maj = gss_release_buffer_set(&gss_min, &set);
return status;
}
#else
DEBUG(1, ("unable to obtain a PAC against this GSSAPI library. "
"GSSAPI secured connections are available only with Heimdal or MIT Kerberos >= 1.8\n"));
#endif
return NT_STATUS_ACCESS_DENIED;
}
#endif

98
libcli/auth/kerberos_pac.c → auth/kerberos/kerberos_pac.c
View File

@ -279,61 +279,67 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
return status;
}
/* verify by service_key */
ret = check_pac_checksum(mem_ctx,
modified_pac_blob, srv_sig_ptr,
context,
service_keyblock);
if (ret) {
DEBUG(1, ("PAC Decode: Failed to verify the service "
"signature: %s\n", error_message(ret)));
return NT_STATUS_ACCESS_DENIED;
if (service_keyblock) {
/* verify by service_key */
ret = check_pac_checksum(mem_ctx,
modified_pac_blob, srv_sig_ptr,
context,
service_keyblock);
if (ret) {
DEBUG(1, ("PAC Decode: Failed to verify the service "
"signature: %s\n", error_message(ret)));
return NT_STATUS_ACCESS_DENIED;
}
if (krbtgt_keyblock) {
/* verify the service key checksum by krbtgt_key */
ret = check_pac_checksum(mem_ctx,
srv_sig_ptr->signature, kdc_sig_ptr,
context, krbtgt_keyblock);
if (ret) {
DEBUG(1, ("PAC Decode: Failed to verify the KDC signature: %s\n",
smb_get_krb5_error_message(context, ret, mem_ctx)));
return NT_STATUS_ACCESS_DENIED;
}
}
}
if (krbtgt_keyblock) {
/* verify the service key checksum by krbtgt_key */
ret = check_pac_checksum(mem_ctx,
srv_sig_ptr->signature, kdc_sig_ptr,
context, krbtgt_keyblock);
if (ret) {
DEBUG(1, ("PAC Decode: Failed to verify the KDC signature: %s\n",
smb_get_krb5_error_message(context, ret, mem_ctx)));
if (tgs_authtime) {
/* Convert to NT time, so as not to loose accuracy in comparison */
unix_to_nt_time(&tgs_authtime_nttime, tgs_authtime);
if (tgs_authtime_nttime != logon_name->logon_time) {
DEBUG(2, ("PAC Decode: "
"Logon time mismatch between ticket and PAC!\n"));
DEBUG(2, ("PAC Decode: PAC: %s\n",
nt_time_string(mem_ctx, logon_name->logon_time)));
DEBUG(2, ("PAC Decode: Ticket: %s\n",
nt_time_string(mem_ctx, tgs_authtime_nttime)));
return NT_STATUS_ACCESS_DENIED;
}
}
/* Convert to NT time, so as not to loose accuracy in comparison */
unix_to_nt_time(&tgs_authtime_nttime, tgs_authtime);
if (client_principal) {
ret = smb_krb5_parse_name_norealm(context,
logon_name->account_name,
&client_principal_pac);
if (ret) {
DEBUG(2, ("Could not parse name from PAC: [%s]:%s\n",
logon_name->account_name, error_message(ret)));
return NT_STATUS_INVALID_PARAMETER;
}
if (tgs_authtime_nttime != logon_name->logon_time) {
DEBUG(2, ("PAC Decode: "
"Logon time mismatch between ticket and PAC!\n"));
DEBUG(2, ("PAC Decode: PAC: %s\n",
nt_time_string(mem_ctx, logon_name->logon_time)));
DEBUG(2, ("PAC Decode: Ticket: %s\n",
nt_time_string(mem_ctx, tgs_authtime_nttime)));
return NT_STATUS_ACCESS_DENIED;
}
bool_ret = smb_krb5_principal_compare_any_realm(context,
client_principal,
client_principal_pac);
ret = smb_krb5_parse_name_norealm(context,
logon_name->account_name,
&client_principal_pac);
if (ret) {
DEBUG(2, ("Could not parse name from PAC: [%s]:%s\n",
logon_name->account_name, error_message(ret)));
return NT_STATUS_INVALID_PARAMETER;
}
krb5_free_principal(context, client_principal_pac);
bool_ret = smb_krb5_principal_compare_any_realm(context,
client_principal,
client_principal_pac);
krb5_free_principal(context, client_principal_pac);
if (!bool_ret) {
DEBUG(2, ("Name in PAC [%s] does not match principal name "
"in ticket\n", logon_name->account_name));
return NT_STATUS_ACCESS_DENIED;
if (!bool_ret) {
DEBUG(2, ("Name in PAC [%s] does not match principal name "
"in ticket\n", logon_name->account_name));
return NT_STATUS_ACCESS_DENIED;
}
}
DEBUG(3,("Found account name from PAC: %s [%s]\n",

3
auth/kerberos/wscript_build Normal file
View File

@ -0,0 +1,3 @@
bld.SAMBA_SUBSYSTEM('KRB5_PAC',
source='gssapi_pac.c kerberos_pac.c',
deps='gssapi_krb5 krb5 ndr-krb5pac')

11
auth/wscript_build
View File

@ -1,7 +1,8 @@
#!/usr/bin/env python
bld.SAMBA_SUBSYSTEM('auth_sam_reply',
source='auth_sam_reply.c',
deps='talloc',
autoproto='auth_sam_reply.h'
)
bld.SAMBA_LIBRARY('auth_sam_reply',
source='auth_sam_reply.c',
deps='talloc security samba-util',
autoproto='auth_sam_reply.h',
private_library=True
)

2
buildtools/scripts/Makefile.waf
View File

@ -62,7 +62,7 @@ ctags:
$(WAF) ctags
bin/%:: FORCE
$(WAF) --targets=`basename $@`
$(WAF) --targets=$@
FORCE:
configure: autogen-waf.sh BUILDTOOLS/scripts/configure.waf

1
buildtools/wafsamba/pkgconfig.py
View File

@ -53,6 +53,7 @@ def PKG_CONFIG_FILES(bld, pc_files, vnum=None):
rule=subst_at_vars,
source=f+'.in',
target=f)
bld.add_manual_dependency(bld.path.find_or_declare(f), bld.env['PREFIX'])
t.vars = []
if t.env.RPATH_ON_INSTALL:
t.env.LIB_RPATH = t.env.RPATH_ST % t.env.LIBDIR

14
buildtools/wafsamba/samba3.py
View File

@ -51,14 +51,18 @@ def s3_fix_kwargs(bld, kwargs):
s3reldir = os_path_relpath(s3dir, bld.curdir)
# the extra_includes list is relative to the source3 directory
extra_includes = [ '.', 'include', 'lib' ]
extra_includes = [ '.', 'include', 'lib', '../lib/tdb_compat' ]
if bld.env.use_intree_heimdal:
extra_includes += [ '../source4/heimdal/lib/com_err',
'../source4/heimdal/lib/gssapi',
'../source4/heimdal_build' ]
if not bld.CONFIG_SET('USING_SYSTEM_TDB'):
extra_includes += [ '../lib/tdb/include' ]
if bld.CONFIG_SET('BUILD_TDB2'):
if not bld.CONFIG_SET('USING_SYSTEM_TDB2'):
extra_includes += [ '../lib/tdb2' ]
else:
if not bld.CONFIG_SET('USING_SYSTEM_TDB'):
extra_includes += [ '../lib/tdb/include' ]
if not bld.CONFIG_SET('USING_SYSTEM_TEVENT'):
extra_includes += [ '../lib/tevent' ]
@ -89,13 +93,13 @@ def s3_fix_kwargs(bld, kwargs):
def SAMBA3_LIBRARY(bld, name, *args, **kwargs):
s3_fix_kwargs(bld, kwargs)
kwargs['allow_undefined_symbols'] = True
return bld.SAMBA_LIBRARY(name, *args, **kwargs)
Build.BuildContext.SAMBA3_LIBRARY = SAMBA3_LIBRARY
def SAMBA3_MODULE(bld, name, *args, **kwargs):
s3_fix_kwargs(bld, kwargs)
kwargs['allow_undefined_symbols'] = True
if not 'allow_undefined_symbols' in kwargs:
kwargs['allow_undefined_symbols'] = True
return bld.SAMBA_MODULE(name, *args, **kwargs)
Build.BuildContext.SAMBA3_MODULE = SAMBA3_MODULE

2
buildtools/wafsamba/samba_autoconf.py
View File

@ -597,7 +597,7 @@ def SAMBA_CONFIG_H(conf, path=None):
if Options.options.developer:
# we add these here to ensure that -Wstrict-prototypes is not set during configure
conf.ADD_CFLAGS('-Wall -g -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-align -Wwrite-strings -Werror-implicit-function-declaration -Wformat=2 -Wno-format-y2k -Wmissing-prototypes',
conf.ADD_CFLAGS('-Wall -g -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-align -Wwrite-strings -Werror-implicit-function-declaration -Wformat=2 -Wno-format-y2k -Wmissing-prototypes -fno-common',
testflags=True)
if os.getenv('TOPLEVEL_BUILD'):
conf.ADD_CFLAGS('-Wcast-qual', testflags=True)

4
buildtools/wafsamba/samba_deps.py
View File

@ -89,6 +89,10 @@ def build_dependencies(self):
for f in self.env.undefined_ldflags:
self.ldflags.remove(f)
if getattr(self, 'allow_undefined_symbols', False) and self.env.undefined_ignore_ldflags:
for f in self.env.undefined_ignore_ldflags:
self.ldflags.append(f)
debug('deps: computed dependencies for target %s: uselib=%s uselib_local=%s add_objects=%s',
self.sname, self.uselib, self.uselib_local, self.add_objects)

4
buildtools/wafsamba/samba_install.py
View File

@ -137,9 +137,9 @@ def install_library(self):
os.path.join(self.path.abspath(bld.env), inst_name))
if install_link and install_link != install_name:
# and the symlink if needed
bld.symlink_as(os.path.join(install_path, install_link), install_name)
bld.symlink_as(os.path.join(install_path, install_link), os.path.basename(install_name))
if dev_link:
bld.symlink_as(os.path.join(install_path, dev_link), install_name)
bld.symlink_as(os.path.join(install_path, dev_link), os.path.basename(install_name))
@feature('cshlib')

3
buildtools/wafsamba/samba_patterns.py
View File

@ -10,7 +10,7 @@ def write_version_header(task):
src = task.inputs[0].srcpath(task.env)
tgt = task.outputs[0].bldpath(task.env)
version = samba_version_file(src, task.env.srcdir, env=task.env)
version = samba_version_file(src, task.env.srcdir, env=task.env, is_install=task.env.is_install)
string = str(version)
f = open(tgt, 'w')
@ -26,4 +26,5 @@ def SAMBA_MKVERSION(bld, target):
source= 'VERSION',
target=target,
always=True)
t.env.is_install = bld.is_install
Build.BuildContext.SAMBA_MKVERSION = SAMBA_MKVERSION

15
buildtools/wafsamba/samba_version.py
View File

@ -90,7 +90,7 @@ def git_version_summary(path, env=None):
class SambaVersion(object):
def __init__(self, version_dict, path, env=None):
def __init__(self, version_dict, path, env=None, is_install=True):
'''Determine the version number of samba
See VERSION for the format. Entries on that file are
@ -152,7 +152,10 @@ also accepted as dictionary entries here
SAMBA_VERSION_STRING += ("rc%u" % self.RC_RELEASE)
if self.IS_SNAPSHOT:
if os.path.exists(os.path.join(path, ".git")):
if not is_install:
suffix = "DEVELOPERBUILD"
self.vcs_fields = {}
elif os.path.exists(os.path.join(path, ".git")):
suffix, self.vcs_fields = git_version_summary(path, env=env)
elif os.path.exists(os.path.join(path, ".bzr")):
suffix, self.vcs_fields = bzr_version_summary(path)
@ -234,7 +237,7 @@ also accepted as dictionary entries here
return string
def samba_version_file(version_file, path, env=None):
def samba_version_file(version_file, path, env=None, is_install=True):
'''Parse the version information from a VERSION file'''
f = open(version_file, 'r')
@ -254,16 +257,16 @@ def samba_version_file(version_file, path, env=None):
print("Failed to parse line %s from %s" % (line, version_file))
raise
return SambaVersion(version_dict, path, env=env)
return SambaVersion(version_dict, path, env=env, is_install=is_install)
def load_version(env=None):
def load_version(env=None, is_install=True):
'''load samba versions either from ./VERSION or git
return a version object for detailed breakdown'''
if not env:
env = samba_utils.LOAD_ENVIRONMENT()
version = samba_version_file("./VERSION", ".", env)
version = samba_version_file("./VERSION", ".", env, is_install=is_install)
Utils.g_module.VERSION = version.STRING
return version

35
buildtools/wafsamba/samba_wildcard.py
View File

@ -17,7 +17,7 @@ def run_task(t, k):
def run_named_build_task(cmd):
'''run a named build task, matching the cmd name using fnmatch
wildcards against inputs and outputs of all build tasks'''
bld = fake_build_environment()
bld = fake_build_environment(info=False)
found = False
cwd_node = bld.root.find_dir(os.getcwd())
top_node = bld.root.find_dir(bld.srcnode.abspath())
@ -50,6 +50,28 @@ def run_named_build_task(cmd):
raise Utils.WafError("Unable to find build target matching %s" % cmd)
def rewrite_compile_targets():
'''cope with the bin/ form of compile target'''
if not Options.options.compile_targets:
return
bld = fake_build_environment(info=False)
targets = LOCAL_CACHE(bld, 'TARGET_TYPE')
tlist = []
for t in Options.options.compile_targets.split(','):
if not os.path.islink(t):
tlist.append(t)
continue
link = os.readlink(t)
list = link.split('/')
for name in [list[-1], '/'.join(list[-2:])]:
if name in targets:
tlist.append(name)
continue
Options.options.compile_targets = ",".join(tlist)
def wildcard_main(missing_cmd_fn):
'''this replaces main from Scripting, allowing us to override the
@ -60,6 +82,9 @@ def wildcard_main(missing_cmd_fn):
'''
Scripting.commands = Options.arg_line[:]
# rewrite the compile targets to cope with the bin/xx form
rewrite_compile_targets()
while Scripting.commands:
x = Scripting.commands.pop(0)
@ -99,7 +124,7 @@ def wildcard_main(missing_cmd_fn):
def fake_build_environment():
def fake_build_environment(info=True, flush=False):
"""create all the tasks for the project, but do not run the build
return the build context in use"""
bld = getattr(Utils.g_module, 'build_context', Utils.Context)()
@ -119,10 +144,12 @@ def fake_build_environment():
bld.load_dirs(proj[SRCDIR], proj[BLDDIR])
bld.load_envs()
Logs.info("Waf: Entering directory `%s'" % bld.bldnode.abspath())
if info:
Logs.info("Waf: Entering directory `%s'" % bld.bldnode.abspath())
bld.add_subdirs([os.path.split(Utils.g_module.root_path)[0]])
bld.pre_build()
bld.flush()
if flush:
bld.flush()
return bld

2
buildtools/wafsamba/symbols.py
View File

@ -447,7 +447,7 @@ def check_dependencies(bld, t):
deps = set(t.samba_deps)
for d in t.samba_deps:
if targets[d] in [ 'EMPTY', 'DISABLED', 'SYSLIB' ]:
if targets[d] in [ 'EMPTY', 'DISABLED', 'SYSLIB', 'GENERATOR' ]:
continue
bld.ASSERT(d in bld.env.public_symbols, "Failed to find symbol list for dependency '%s'" % d)
diff = remaining.intersection(bld.env.public_symbols[d])

29
buildtools/wafsamba/wafsamba.py
View File

@ -628,17 +628,6 @@ def ENABLE_TIMESTAMP_DEPENDENCIES(conf):
Utils.h_file = h_file
t = Task.simple_task_type('copy_script', 'rm -f "${LINK_TARGET}" && ln -s "${SRC[0].abspath(env)}" ${LINK_TARGET}',
shell=True, color='PINK', ext_in='.bin')
t.quiet = True
@feature('copy_script')
@before('apply_link')
def copy_script(self):
tsk = self.create_task('copy_script', self.allnodes[0])
tsk.env.TARGET = self.target
def SAMBA_SCRIPT(bld, name, pattern, installdir, installname=None):
'''used to copy scripts from the source tree into the build directory
for use by selftest'''
@ -653,15 +642,17 @@ def SAMBA_SCRIPT(bld, name, pattern, installdir, installname=None):
target = os.path.join(installdir, iname)
tgtdir = os.path.dirname(os.path.join(bld.srcnode.abspath(bld.env), '..', target))
mkdir_p(tgtdir)
t = bld(features='copy_script',
source = s,
target = target,
always = True,
install_path = None)
t.env.LINK_TARGET = target
link_src = os.path.normpath(os.path.join(bld.curdir, s))
link_dst = os.path.join(tgtdir, os.path.basename(iname))
if os.path.islink(link_dst) and os.readlink(link_dst) == link_src:
continue
if os.path.exists(link_dst):
os.unlink(link_dst)
Logs.info("symlink: %s -> %s/%s" % (s, installdir, iname))
os.symlink(link_src, link_dst)
Build.BuildContext.SAMBA_SCRIPT = SAMBA_SCRIPT
def copy_and_fix_python_path(task):
pattern='sys.path.insert(0, "bin/python")'
if task.env["PYTHONARCHDIR"] in sys.path and task.env["PYTHONDIR"] in sys.path:
@ -701,6 +692,8 @@ def install_file(bld, destdir, file, chmod=MODE_644, flat=False,
rule=copy_and_fix_python_path,
source=file,
target=inst_file)
bld.add_manual_dependency(bld.path.find_or_declare(inst_file), bld.env["PYTHONARCHDIR"])
bld.add_manual_dependency(bld.path.find_or_declare(inst_file), bld.env["PYTHONDIR"])
file = inst_file
if base_name:
file = os.path.join(base_name, file)

7
docs-xml/manpages-3/idmap_ad.8.xml
View File

@ -34,7 +34,7 @@
to configure it separately for each domain for which one wants
to use it, using disjoint ranges. One usually needs to configure
a writeable default idmap range, using for example the
<parameter>tdb</parameter> or <parameter>ldap</parameter>)
<parameter>tdb</parameter> or <parameter>ldap</parameter>
backend, in order to be able to map the BUILTIN sids and
possibly other trusted domains. The writeable default config
is also needed in order to be able to create group mappings.
@ -85,9 +85,8 @@
<programlisting>
[global]
idmap backend = tdb
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config CORP : backend = ad
idmap config CORP : range = 1000-999999

5
docs-xml/manpages-3/idmap_adex.8.xml
View File

@ -66,9 +66,8 @@
<programlisting>
[global]
idmap backend = adex
idmap uid = 1000-4000000000
idmap gid = 1000-4000000000
idmap config * : backend = adex
idmap config * : range = 1000-4000000000
winbind nss info = adex
winbind normalize names = yes

14
docs-xml/manpages-3/idmap_autorid.8.xml
View File

@ -88,9 +88,8 @@
workgroup = CUSTOMER
realm = CUSTOMER.COM
idmap backend = autorid
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = autorid
idmap config * : range = 1000000-1999999
</programlisting>
@ -98,7 +97,7 @@
This example shows how to configure idmap_autorid as default
for all domains with a potentially large amount of users
plus a specific configuration for a trusted domain
that uses the SFU mapping scheme. Please note that idmap uid/gid
that uses the SFU mapping scheme. Please note that idmap
ranges and sfu ranges are not allowed to overlap.
</para>
@ -108,10 +107,9 @@
workgroup = CUSTOMER
realm = CUSTOMER.COM
idmap backend = autorid
autorid:rangesize = 1000000
idmap uid = 1000000-19999999
idmap gid = 1000000-19999999
idmap config * : backend = autorid
idmap config * : range = 1000000-19999999
idmap config * : rangesize = 1000000
idmap config TRUSTED : backend = ad
idmap config TRUSTED : range = 50000 - 99999

5
docs-xml/manpages-3/idmap_hash.8.xml
View File

@ -52,9 +52,8 @@
<programlisting>
[global]
idmap backend = hash
idmap uid = 1000-4000000000
idmap gid = 1000-4000000000
idmap config * : backend = hash
idmap config * : range = 1000-4000000000
winbind nss info = hash
winbind normalize names = yes

107
docs-xml/manpages-3/idmap_ldap.8.xml
View File

@ -27,26 +27,9 @@
<para>
In contrast to read only backends like idmap_rid, it is an allocating
backend: This means that it needs to allocate new user and group IDs in
order to create new mappings. The allocator can be provided by the
idmap_ldap backend itself or by any other allocating backend like
idmap_tdb or idmap_tdb2. This is configured with the
parameter <parameter>idmap alloc backend</parameter>.
order to create new mappings.
</para>
<para>
Note that in order for this (or any other allocating) backend to
function at all, the default backend needs to be writeable.
The ranges used for uid and gid allocation are the default ranges
configured by &quot;idmap uid&quot; and &quot;idmap gid&quot;.
</para>
<para>
Furthermore, since there is only one global allocating backend
responsible for all domains using writeable idmap backends,
any explicitly configured domain with idmap backend ldap
should have the same range as the default range, since it needs
to use the global uid / gid allocator. See the example below.
</para>
</refsynopsisdiv>
<refsect1>
@ -56,7 +39,7 @@
<varlistentry>
<term>ldap_base_dn = DN</term>
<listitem><para>
Defines the directory base suffix to use when searching for
Defines the directory base suffix to use for
SID/uid/gid mapping entries. If not defined, idmap_ldap will default
to using the &quot;ldap idmap suffix&quot; option from smb.conf.
</para></listitem>
@ -65,15 +48,21 @@
<varlistentry>
<term>ldap_user_dn = DN</term>
<listitem><para>
Defines the user DN to be used for authentication. If absent an
anonymous bind will be performed.
Defines the user DN to be used for authentication.
The secret for authenticating this user should be
stored with net idmap secret
(see <citerefentry><refentrytitle>net</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>).
If absent, the ldap credentials from the ldap passdb configuration
are used, and if these are also absent, an anonymous
bind will be performed as last fallback.
</para></listitem>
</varlistentry>
<varlistentry>
<term>ldap_url = ldap://server/</term>
<listitem><para>
Specifies the LDAP server to use when searching for existing
Specifies the LDAP server to use for
SID/uid/gid map entries. If not defined, idmap_ldap will
assume that ldap://localhost/ should be used.
</para></listitem>
@ -84,64 +73,50 @@
<listitem><para>
Defines the available matching uid and gid range for which the
backend is authoritative.
If the parameter is absent, Winbind fails over to use the
&quot;idmap uid&quot; and &quot;idmap gid&quot; options
from smb.conf.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>IDMAP ALLOC OPTIONS</title>
<variablelist>
<varlistentry>
<term>ldap_base_dn = DN</term>
<listitem><para>
Defines the directory base suffix under which new SID/uid/gid mapping
entries should be stored. If not defined, idmap_ldap will default
to using the &quot;ldap idmap suffix&quot; option from smb.conf.
</para></listitem>
</varlistentry>
<varlistentry>
<term>ldap_user_dn = DN</term>
<listitem><para>
Defines the user DN to be used for authentication. If absent an
anonymous bind will be performed.
</para></listitem>
</varlistentry>
<varlistentry>
<term>ldap_url = ldap://server/</term>
<listitem><para>
Specifies the LDAP server to which modify/add/delete requests should
be sent. If not defined, idmap_ldap will assume that ldap://localhost/
should be used.
</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>EXAMPLES</title>
<para>
The follow sets of a LDAP configuration which uses two LDAP
directories, one for storing the ID mappings and one for retrieving
new IDs.
The following example shows how an ldap directory is used as the
default idmap backend. It also configures the idmap range and base
directory suffix. The secret for the ldap_user_dn has to be set with
&quot;net idmap secret '*' password&quot;.
</para>
<programlisting>
[global]
idmap backend = ldap:ldap://localhost/
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = ldap
idmap config * : range = 1000000-1999999
idmap config * : ldap_url = ldap://localhost/
idmap config * : ldap_base_dn = ou=idmap,dc=example,dc=com
idmap config * : ldap_user_dn = cn=idmap_admin,dc=example,dc=com
</programlisting>
idmap alloc backend = ldap
idmap alloc config : ldap_url = ldap://id-master/
idmap alloc config : ldap_base_dn = ou=idmap,dc=example,dc=com
<para>
This example shows how ldap can be used as a readonly backend while
tdb is the default backend used to store the mappings.
It adds an explicit configuration for some domain DOM1, that
uses the ldap idmap backend. Note that a range disjoint from the
default range is used.
</para>
<programlisting>
[global]
# "backend = tdb" is redundant here since it is the default
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config DOM1 : backend = ldap
idmap config DOM1 : range = 2000000-2999999
idmap config DOM1 : read only = yes
idmap config DOM1 : ldap_url = ldap://server/
idmap config DOM1 : ldap_base_dn = ou=idmap,dc=dom1,dc=example,dc=com
idmap config DOM1 : ldap_user_dn = cn=idmap_admin,dc=dom1,dc=example,dc=com
</programlisting>
</refsect1>

5
docs-xml/manpages-3/idmap_nss.8.xml
View File

@ -38,9 +38,8 @@
<programlisting>
[global]
idmap backend = tdb
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config SAMBA : backend = nss
idmap config SAMBA : range = 1000-999999

7
docs-xml/manpages-3/idmap_rid.8.xml
View File

@ -28,7 +28,7 @@
Currently, there should to be an explicit idmap configuration for each
domain that should use the idmap_rid backend, using disjoint ranges.
One usually needs to define a writeable default idmap range, using
a backent like <parameter>tdb</parameter> or <parameter>ldap</parameter>
a backend like <parameter>tdb</parameter> or <parameter>ldap</parameter>
that can create unix ids, in order to be able to map the BUILTIN sids
and other domains, and also in order to be able to create group mappings.
See the example below.
@ -106,9 +106,8 @@
security = domain
workgroup = MAIN
idmap backend = tdb
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config MAIN : backend = rid
idmap config MAIN : range = 10000 - 49999

55
docs-xml/manpages-3/idmap_tdb.8.xml
View File

@ -27,25 +27,7 @@
<para>
In contrast to read only backends like idmap_rid, it is an allocating
backend: This means that it needs to allocate new user and group IDs in
order to create new mappings. The allocator can be provided by the
idmap_tdb backend itself or by any other allocating backend like
idmap_ldap or idmap_tdb2. This is configured with the
parameter <parameter>idmap alloc backend</parameter>.
</para>
<para>
Note that in order for this (or any other allocating) backend to
function at all, the default backend needs to be writeable.
The ranges used for uid and gid allocation are the default ranges
configured by &quot;idmap uid&quot; and &quot;idmap gid&quot;.
</para>
<para>
Furthermore, since there is only one global allocating backend
responsible for all domains using writeable idmap backends,
any explicitly configured domain with idmap backend tdb
should have the same range as the default range, since it needs
to use the global uid / gid allocator. See the example below.
order to create new mappings.
</para>
</refsynopsisdiv>
@ -58,9 +40,6 @@
<listitem><para>
Defines the available matching uid and gid range for which the
backend is authoritative.
If the parameter is absent, Winbind fails over to use
the &quot;idmap uid&quot; and &quot;idmap gid&quot; options
from smb.conf.
</para></listitem>
</varlistentry>
</variablelist>
@ -71,38 +50,14 @@
<para>
This example shows how tdb is used as a the default idmap backend.
It configures the idmap range through the global options for all
domains encountered. This same range is used for uid/gid allocation.
This configured range is used for uid and gid allocation.
</para>
<programlisting>
[global]
# "idmap backend = tdb" is redundant here since it is the default
idmap backend = tdb
idmap uid = 1000000-2000000
idmap gid = 1000000-2000000
</programlisting>
<para>
This (rather theoretical) example shows how tdb can be used as the
allocating backend while ldap is the default backend used to store
the mappings.
It adds an explicit configuration for some domain DOM1, that
uses the tdb idmap backend. Note that the same range as the
default uid/gid range is used, since the allocator has to serve
both the default backend and the explicitly configured domain DOM1.
</para>
<programlisting>
[global]
idmap backend = ldap
idmap uid = 1000000-2000000
idmap gid = 1000000-2000000
# use a different uid/gid allocator:
idmap alloc backend = tdb
idmap config DOM1 : backend = tdb
idmap config DOM1 : range = 1000000-2000000
# "backend = tdb" is redundant here since it is the default
idmap config * : backend = tdb
idmap config * : range = 1000000-2000000
</programlisting>
</refsect1>

30
docs-xml/manpages-3/idmap_tdb2.8.xml
View File

@ -28,25 +28,7 @@
<para>
In contrast to read only backends like idmap_rid, it is an allocating
backend: This means that it needs to allocate new user and group IDs in
order to create new mappings. The allocator can be provided by the
idmap_tdb2 backend itself or by any other allocating backend like
idmap_tdb or idmap_ldap. This is configured with the
parameter <parameter>idmap alloc backend</parameter>.
</para>
<para>
Note that in order for this (or any other allocating) backend to
function at all, the default backend needs to be writeable.
The ranges used for uid and gid allocation are the default ranges
configured by &quot;idmap uid&quot; and &quot;idmap gid&quot;.
</para>
<para>
Furthermore, since there is only one global allocating backend
responsible for all domains using writeable idmap backends,
any explicitly configured domain with idmap backend tdb2
should have the same range as the default range, since it needs
to use the global uid / gid allocator. See the example below.
order to create new mappings.
</para>
</refsynopsisdiv>
@ -59,9 +41,6 @@
<listitem><para>
Defines the available matching uid and gid range for which the
backend is authoritative.
If the parameter is absent, Winbind fails over to use
the &quot;idmap uid&quot; and &quot;idmap gid&quot; options
from smb.conf.
</para></listitem>
</varlistentry>
</variablelist>
@ -108,14 +87,13 @@
<para>
This example shows how tdb2 is used as a the default idmap backend.
It configures the idmap range through the global options for all
domains encountered. This same range is used for uid/gid allocation.
domains encountered.
</para>
<programlisting>
[global]
idmap backend = tdb2
idmap uid = 1000000-2000000
idmap gid = 1000000-2000000
idmap config * : backend = tdb2
idmap config * : range = 1000000-2000000
</programlisting>
</refsect1>

131
docs-xml/manpages-3/net.8.xml
View File

@ -795,7 +795,121 @@ appear in your system.
<para>List all interdomain trust relationships.</para>
</refsect3>
</refsect2>
<refsect2>
<title>RPC TRUST</title>
<refsect3>
<title>RPC TRUST CREATE</title>
<para>Create a trust object by calling lsaCreateTrustedDomainEx2.
The can be done on a single server or on two servers at once with the
possibility to use a random trust password.</para>
<variablelist><title>Options:</title>
<varlistentry>
<term>otherserver</term>
<listitem><para>Domain controller of the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>otheruser</term>
<listitem><para>Admin user in the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>otherdomainsid</term>
<listitem><para>SID of the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>other_netbios_domain</term>
<listitem><para>NetBIOS (short) name of the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>otherdomain</term>
<listitem><para>DNS (full) name of the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>trustpw</term>
<listitem><para>Trust password</para></listitem>
</varlistentry>
</variablelist>
<variablelist><title>Examples:</title>
<varlistentry>
<term>Create a trust object on srv1.dom1.dom for the domain dom2</term>
<listitem><literallayout>
net rpc trust create \
otherdomainsid=S-x-x-xx-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxx \
other_netbios_domain=dom2 \
otherdomain=dom2.dom \
trustpw=12345678 \
-S srv1.dom1.dom
</literallayout></listitem>
</varlistentry>
<varlistentry>
<term>Create a trust relationship between dom1 and dom2</term>
<listitem><literallayout>
net rpc trust create \
otherserver=srv2.dom2.test \
otheruser=dom2adm \
-S srv1.dom1.dom
</literallayout></listitem>
</varlistentry>
</variablelist>
</refsect3>
<refsect3>
<title>RPC TRUST DELETE</title>
<para>Delete a trust trust object by calling lsaDeleteTrustedDomain.
The can be done on a single server or on two servers at once.</para>
<variablelist><title>Options:</title>
<varlistentry>
<term>otherserver</term>
<listitem><para>Domain controller of the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>otheruser</term>
<listitem><para>Admin user in the second domain</para></listitem>
</varlistentry>
<varlistentry>
<term>otherdomainsid</term>
<listitem><para>SID of the second domain</para></listitem>
</varlistentry>
</variablelist>
<variablelist><title>Examples:</title>
<varlistentry>
<term>Delete a trust object on srv1.dom1.dom for the domain dom2</term>
<listitem><literallayout>
net rpc trust delete \
otherdomainsid=S-x-x-xx-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxx \
-S srv1.dom1.dom
</literallayout></listitem>
</varlistentry>
<varlistentry>
<term>Delete a trust relationship between dom1 and dom2</term>
<listitem><literallayout>
net rpc trust delete \
otherserver=srv2.dom2.test \
otheruser=dom2adm \
-S srv1.dom1.dom
</literallayout></listitem>
</varlistentry>
</variablelist>
</refsect3>
</refsect2>
<refsect2>
<refsect3>
<title>RPC RIGHTS</title>
@ -1734,8 +1848,10 @@ Manipulate Samba's registry.
<para>The registry commands are:
<simplelist>
<member>net registry enumerate - Enumerate registry keys and values.</member>
<member>net registry enumerate_recursive - Enumerate registry key and its subkeys.</member>
<member>net registry createkey - Create a new registry key.</member>
<member>net registry deletekey - Delete a registry key.</member>
<member>net registry deletekey_recursive - Delete a registry key with subkeys.</member>
<member>net registry getvalue - Print a registry value.</member>
<member>net registry getvalueraw - Print a registry value (raw format).</member>
<member>net registry setvalue - Set a new registry value.</member>
@ -1758,7 +1874,13 @@ string.</member>
<refsect3>
<title>REGISTRY ENUMERATE <replaceable>key</replaceable> </title>
<para>Enumerate subkeys and values of <emphasis>key</emphasis>
<para>Enumerate subkeys and values of <emphasis>key</emphasis>.
</para>
</refsect3>
<refsect3>
<title>REGISTRY ENUMERATE_RECURSIVE <replaceable>key</replaceable> </title>
<para>Enumerate values of <emphasis>key</emphasis> and its subkeys.
</para>
</refsect3>
@ -1770,6 +1892,13 @@ string.</member>
<refsect3>
<title>REGISTRY DELETEKEY <replaceable>key</replaceable> </title>
<para>Delete the given <emphasis>key</emphasis> and its
values from the registry, if it has no subkeys.
</para>
</refsect3>
<refsect3>
<title>REGISTRY DELETEKEY_RECURSIVE <replaceable>key</replaceable> </title>
<para>Delete the given <emphasis>key</emphasis> and all of its
subkeys and values from the registry.
</para>

4
docs-xml/manpages-3/smb.conf.5.xml
View File

@ -503,12 +503,16 @@ chmod 1770 /usr/local/samba/lib/usershares
<varlistentry>
<term>%I</term>
<listitem><para>the IP address of the client machine.</para>
<para>Before 3.6.0 it could contain IPv4 mapped IPv6 addresses,
now it only contains IPv4 or IPv6 addresses.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>%i</term>
<listitem><para>the local IP address to which a client connected.</para>
<para>Before 3.6.0 it could contain IPv4 mapped IPv6 addresses,
now it only contains IPv4 or IPv6 addresses.</para>
</listitem>
</varlistentry>

20
docs-xml/manpages-3/vfs_gpfs.8.xml
View File

@ -276,6 +276,26 @@
</listitem>
</varlistentry>
<varlistentry>
<term>gpfs:syncio = [yes|no]</term>
<listitem>
<para>This parameter makes Samba open all files with O_SYNC.
This triggers optimizations in GPFS for workloads that
heavily share files.</para>
<para>Following is the behaviour of Samba for different
values:
</para>
<itemizedlist>
<listitem><para><command>yes</command>Open files with O_SYNC
</para></listitem>
<listitem><para><command>no (default)</command>Open files as
normal Samba would do
</para></listitem>
</itemizedlist>
</listitem>
</varlistentry>
</variablelist>
</refsect1>

14
docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml
View File

@ -45,6 +45,8 @@
protocol, supporting only a small list of VFS operations, and had
several drawbacks. The protocol version 2 is a try to solve the
problems version 1 had while at the same time adding new features.
With the release of Samba 3.6.0, the module will run protocol version 2
by default.
</para>
</refsect1>
@ -77,6 +79,7 @@
<listitem><para><command>SHARE</command> - the name of the share on which the VFS operation occured</para></listitem>
<listitem><para><command>FILENAME</command> - the name of the file that was used by the VFS operation</para></listitem>
<listitem><para><command>TIMESTAMP</command> - a timestamp, formatted as "yyyy-mm-dd hh-mm-ss.ms" indicating when the VFS operation occured</para></listitem>
<listitem><para><command>IP</command> - The IP Address (v4 or v6) of the client machine that initiated the VFS operation.</para></listitem>
</itemizedlist>
</para>
@ -136,7 +139,7 @@
The module now can identify itself against the receiver with a sub-release number, where
the receiver may run with a different sub-release number than the module. However, as
long as both run on the V2.x protocol, the receiver will not crash, even if the module
uses features only implemented in the newer subrelease. Ultimativly, if the module uses
uses features only implemented in the newer subrelease. Ultimatively, if the module uses
a new feature from a newer subrelease, and the receiver runs an older protocol, it is just
ignoring the functionality. Of course it is best to have both the receiver and the module
running the same subrelease of the protocol.
@ -150,7 +153,7 @@
</listitem>
<listitem>
<para>
The module now potientially has the ability to create data on every VFS function. As of
The module now potentially has the ability to create data on every VFS function. As of
protocol V2.0, there is support for 8 VFS functions, namely write,read,pread,pwrite,
rename,chdir,mkdir and rmdir. Supporting more VFS functions is one of the targets for the
upcoming sub-releases.
@ -224,9 +227,9 @@
<varlistentry>
<term>smb_traffic_analyzer:protocol_version = STRING</term>
<listitem>
<para>If STRING matches to V1 or is not given at all, the module
will use version 1 of the protocol. If STRING matches to "V2"
the module will use version 2 of the protocol.
<para>If STRING matches to V1, the module will use version 1 of the
protocol. If STRING is not given, the module will use version 2 of the
protocol, which is the default.
</para>
</listitem>
</varlistentry>
@ -241,7 +244,6 @@
<smbconfsection name="[example_share]"/>
<smbconfoption name="path">/data/example</smbconfoption>
<smbconfoption name="vfs_objects">smb_traffic_analyzer</smbconfoption>
<smbconfoption name="smb_traffic_analyzer:protocol_version">V2</smbconfoption>
<smbconfoption name="smb_traffic_analyzer:host">examplehost</smbconfoption>
<smbconfoption name="smb_traffic_analyzer:port">3491</smbconfoption>
</programlisting>

2
docs-xml/manpages-3/wbinfo.1.xml
View File

@ -423,7 +423,7 @@
<term>-U|--uid-to-sid <replaceable>uid</replaceable></term>
<listitem><para>Try to convert a UNIX user id to a Windows NT
SID. If the uid specified does not refer to one within
the idmap uid range then the operation will fail. </para></listitem>
the idmap range then the operation will fail. </para></listitem>
</varlistentry>
<varlistentry>

18
docs-xml/manpages-3/winbindd.8.xml
View File

@ -45,10 +45,9 @@
<para>Even if winbind is not used for nsswitch, it still provides a
service to <command>smbd</command>, <command>ntlm_auth</command>
and the <command>pam_winbind.so</command> PAM module, by managing connections to
domain controllers. In this configuraiton the
<smbconfoption name="idmap uid"/> and
<smbconfoption name="idmap gid"/>
parameters are not required. (This is known as `netlogon proxy only mode'.)</para>
domain controllers. In this configuration the
<smbconfoption name="idmap config * : range"/>
parameter is not required. (This is known as `netlogon proxy only mode'.)</para>
<para> The Name Service Switch allows user
and system information to be obtained from different databases
@ -246,11 +245,9 @@ hosts: files wins
<listitem><para>
<smbconfoption name="winbind separator"/></para></listitem>
<listitem><para>
<smbconfoption name="idmap uid"/></para></listitem>
<smbconfoption name="idmap config * : range"/></para></listitem>
<listitem><para>
<smbconfoption name="idmap gid"/></para></listitem>
<listitem><para>
<smbconfoption name="idmap backend"/></para></listitem>
<smbconfoption name="idmap config * : backend"/></para></listitem>
<listitem><para>
<smbconfoption name="winbind cache time"/></para></listitem>
<listitem><para>
@ -340,8 +337,7 @@ auth required /lib/security/pam_unix.so \
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
idmap uid = 10000-20000
idmap gid = 10000-20000
idmap config * : range = 10000-20000
workgroup = DOMAIN
security = domain
password server = *
@ -374,7 +370,7 @@ auth required /lib/security/pam_unix.so \
<para>If more than one UNIX machine is running <command>winbindd</command>,
then in general the user and groups ids allocated by winbindd will not
be the same. The user and group ids will only be valid for the local
machine, unless a shared <smbconfoption name="idmap backend"/> is configured.</para>
machine, unless a shared <smbconfoption name="idmap config * : backend"/> is configured.</para>
<para>If the the Windows NT SID to UNIX user and group id mapping
file is damaged or destroyed then the mappings will be lost. </para>

2
docs-xml/smbdotconf/logon/enableprivileges.xml
View File

@ -5,7 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
This parameter controls whether or not smbd will honor privileges assigned to specific SIDs via either
This deprecated parameter controls whether or not smbd will honor privileges assigned to specific SIDs via either
<command>net rpc rights</command> or one of the Windows user and group manager tools. This parameter is
enabled by default. It can be disabled to prevent members of the Domain Admins group from being able to
assign privileges to users or groups which can then result in certain smbd operations running as root that

15
docs-xml/smbdotconf/misc/asyncsmbechohandler.xml Normal file
View File

@ -0,0 +1,15 @@
<samba:parameter name="async smb echo handler"
context="G"
type="boolean"
advanced="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter specifies whether Samba should fork the
async smb echo handler. It can be beneficial if your file
system can block syscalls for a very long time. In some
circumstances, it prolongs the timeout that Windows uses to
determine whether a connection is dead.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

13
docs-xml/smbdotconf/misc/ncalrpcdir.xml Normal file
View File

@ -0,0 +1,13 @@
<samba:parameter name="ncalrpc dir"
context="G"
advanced="1" developer="1"
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This directory will hold a series of named pipes to allow RPC over inter-process communication. </para>.
<para>This will allow Samba and other unix processes to interact over DCE/RPC without using TCP/IP. Additionally a sub-directory 'np' has restricted permissions, and allows a trusted communication channel between Samba processes</para>
</description>
<value type="default">${prefix}/var/ncalrpc</value>
<value type="example">/var/run/samba/ncalrpc</value>
</samba:parameter>

15
docs-xml/smbdotconf/misc/timeoffset.xml
View File

@ -1,15 +0,0 @@
<samba:parameter name="time offset"
context="G"
type="integer"
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter is a setting in minutes to add
to the normal GMT to local time conversion. This is useful if
you are serving a lot of PCs that have incorrect daylight
saving time handling.</para>
</description>
<value type="default">0</value>
<value type="example">60</value>
</samba:parameter>

21
docs-xml/smbdotconf/protocol/announceas.xml
View File

@ -1,21 +0,0 @@
<samba:parameter name="announce as"
context="G"
type="string"
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This specifies what type of server <citerefentry><refentrytitle>nmbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> will announce itself as, to a network neighborhood browse
list. By default this is set to Windows NT. The valid options
are : &quot;NT Server&quot; (which can also be written as &quot;NT&quot;),
&quot;NT Workstation&quot;, &quot;Win95&quot; or &quot;WfW&quot; meaning Windows NT Server,
Windows NT Workstation, Windows 95 and Windows for Workgroups
respectively. Do not change this parameter unless you have a
specific need to stop Samba appearing as an NT server as this
may prevent Samba servers from participating as browser servers
correctly.</para>
</description>
<value type="default">NT Server</value>
<value type="example">Win95</value>
</samba:parameter>

14
docs-xml/smbdotconf/protocol/announceversion.xml
View File

@ -1,14 +0,0 @@
<samba:parameter name="announce version"
context="G"
developer="1"
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This specifies the major and minor version numbers
that nmbd will use when announcing itself as a server. The default
is 4.9. Do not change this parameter unless you have a specific
need to set a Samba server to be a downlevel server.</para>
</description>
<value type="default">4.9</value>
<value type="example">2.0</value>
</samba:parameter>

2
docs-xml/smbdotconf/protocol/eventloglist.xml
View File

@ -6,7 +6,7 @@
<para>This option defines a list of log names that Samba will
report to the Microsoft EventViewer utility. The listed
eventlogs will be associated with tdb file on disk in the
<filename>$(lockdir)/eventlog</filename>.
<filename>$(statedir)/eventlog</filename>.
</para>
<para>

2
docs-xml/smbdotconf/protocol/usespnego.xml
View File

@ -4,7 +4,7 @@
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This variable controls controls whether samba will try
<para>This deprecated variable controls controls whether samba will try
to use Simple and Protected NEGOciation (as specified by rfc2478) with
WindowsXP and Windows2000 clients to agree upon an authentication mechanism.
</para>

2
docs-xml/smbdotconf/security/passwordlevel.xml
View File

@ -13,7 +13,7 @@
text passwords even when NT LM 0.12 selected by the protocol
negotiation request/response.</para>
<para>This parameter defines the maximum number of characters
<para>This deprecated parameter defines the maximum number of characters
that may be upper case in passwords.</para>
<para>For example, say the password given was &quot;FRED&quot;. If <parameter moreinfo="none">

98
docs-xml/smbdotconf/security/passwordserver.xml
View File

@ -10,54 +10,24 @@
it is possible to get Samba
to do all its username/password validation using a specific remote server.</para>
<para>This option sets the name or IP address of the password server to use.
New syntax has been added to support defining the port to use when connecting
to the server the case of an ADS realm. To define a port other than the
default LDAP port of 389, add the port number using a colon after the
name or IP address (e.g. 192.168.1.100:389). If you do not specify a port,
Samba will use the standard LDAP port of tcp/389. Note that port numbers
have no effect on password servers for Windows NT 4.0 domains or netbios
connections.</para>
<para>If parameter is a name, it is looked up using the
parameter <smbconfoption name="name resolve order"/> and so may resolved
by any method and order described in that parameter.</para>
<para>The password server must be a machine capable of using
the &quot;LM1.2X002&quot; or the &quot;NT LM 0.12&quot; protocol, and it must be in
user level security mode.</para>
<note><para>Using a password server means your UNIX box (running
Samba) is only as secure as your password server. <emphasis>DO NOT
CHOOSE A PASSWORD SERVER THAT YOU DON'T COMPLETELY TRUST</emphasis>.
</para></note>
<para>Never point a Samba server at itself for password serving.
This will cause a loop and could lock up your Samba server!</para>
<para>The name of the password server takes the standard
substitutions, but probably the only useful one is <parameter moreinfo="none">%m
</parameter>, which means the Samba server will use the incoming
client as the password server. If you use this then you better
trust your clients, and you had better restrict them with hosts allow!</para>
<para>If the <parameter moreinfo="none">security</parameter> parameter is set to
<constant>domain</constant> or <constant>ads</constant>, then the list of machines in this
option must be a list of Primary or Backup Domain controllers for the
Domain or the character '*', as the Samba server is effectively
in that domain, and will use cryptographically authenticated RPC calls
to authenticate the user logging on. The advantage of using <command moreinfo="none">
security = domain</command> is that if you list several hosts in the
<parameter moreinfo="none">password server</parameter> option then <command moreinfo="none">smbd
</command> will try each in turn till it finds one that responds. This
is useful in case your primary server goes down.</para>
<constant>domain</constant> or <constant>ads</constant>, then this option
<emphasis>should not</emphasis> be used, as the default '*' indicates to Samba
to determine the best DC to contact dynamically, just as all other hosts in an
AD domain do. This allows the domain to be maintained without modification to
the smb.conf file. The cryptograpic protection on the authenticated RPC calls
used to verify passwords ensures that this default is safe.</para>
<para>If the <parameter moreinfo="none">password server</parameter> option is set
to the character '*', then Samba will attempt to auto-locate the
Primary or Backup Domain controllers to authenticate against by
doing a query for the name <constant>WORKGROUP&lt;1C&gt;</constant>
and then contacting each server returned in the list of IP
addresses from the name resolution source. </para>
<para><emphasis>It is strongly recommended that you use the
default of '*'</emphasis>, however if in your particular
environment you have reason to specify a particular DC list, then
the list of machines in this option must be a list of names or IP
addresses of Domain controllers for the Domain. If you use the
default of '*', or list several hosts in the <parameter
moreinfo="none">password server</parameter> option then <command
moreinfo="none">smbd </command> will try each in turn till it
finds one that responds. This is useful in case your primary
server goes down.</para>
<para>If the list of servers contains both names/IP's and the '*'
character, the list is treated as a list of preferred
@ -65,10 +35,12 @@
will be added to the list as well. Samba will not attempt to optimize
this list by locating the closest DC.</para>
<para>If parameter is a name, it is looked up using the
parameter <smbconfoption name="name resolve order"/> and so may resolved
by any method and order described in that parameter.</para>
<para>If the <parameter moreinfo="none">security</parameter> parameter is
set to <constant>server</constant>, then there are different
restrictions that <command moreinfo="none">security = domain</command> doesn't
suffer from:</para>
set to <constant>server</constant>, these additional restrictions apply:</para>
<itemizedlist>
<listitem>
@ -82,12 +54,34 @@
</listitem>
<listitem>
<para>If you are using a Windows NT server as your
password server then you will have to ensure that your users
<para>You will have to ensure that your users
are able to login from the Samba server, as when in <command moreinfo="none">
security = server</command> mode the network logon will appear to
come from there rather than from the users workstation.</para>
come from the Samba server rather than from the users workstation.</para>
</listitem>
<listitem>
<para>The client must not select NTLMv2 authentication.</para>
</listitem>
<listitem>
<para>The password server must be a machine capable of using
the &quot;LM1.2X002&quot; or the &quot;NT LM 0.12&quot; protocol, and it must be in
user level security mode.</para>
</listitem>
<listitem>
<para>Using a password server means your UNIX box (running
Samba) is only as secure as (a host masqurading as) your password server. <emphasis>DO NOT
CHOOSE A PASSWORD SERVER THAT YOU DON'T COMPLETELY TRUST</emphasis>.
</para>
</listitem>
<listitem>
<para>Never point a Samba server at itself for password serving.
This will cause a loop and could lock up your Samba server!</para>
</listitem>
</itemizedlist>
</description>

145
docs-xml/smbdotconf/security/security.xml
View File

@ -22,32 +22,18 @@
the most common setting needed when talking to Windows 98 and
Windows NT.</para>
<para>The alternatives are <command moreinfo="none">security = share</command>,
<command moreinfo="none">security = server</command> or <command moreinfo="none">security = domain
</command>.</para>
<para>The alternatives are
<command moreinfo="none">security = ads</command> or <command moreinfo="none">security = domain
</command>, which support joining Samba to a Windows domain, along with <command moreinfo="none">security = share</command> and <command moreinfo="none">security = server</command>, both of which are deprecated.</para>
<para>In versions of Samba prior to 2.0.0, the default was
<command moreinfo="none">security = share</command> mainly because that was
the only option at one stage.</para>
<para>There is a bug in WfWg that has relevance to this
setting. When in user or server level security a WfWg client
will totally ignore the username and password you type in the &quot;connect
drive&quot; dialog box. This makes it very difficult (if not impossible)
to connect to a Samba service as anyone except the user that
you are logged into WfWg as.</para>
<para>If your PCs use usernames that are the same as their
usernames on the UNIX machine then you will want to use
<command moreinfo="none">security = user</command>. If you mostly use usernames
that don't exist on the UNIX box then use <command moreinfo="none">security =
share</command>.</para>
<para>You should also use <command moreinfo="none">security = share</command> if you
<para>You should use <command moreinfo="none">security = user</command> and
<smbconfoption name="map to guest"/> if you
want to mainly setup shares without a password (guest shares). This
is commonly used for a shared printer server. It is more difficult
to setup guest shares with <command moreinfo="none">security = user</command>, see
the <smbconfoption name="map to guest"/> parameter for details.</para>
is commonly used for a shared printer server. </para>
<para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis>
hybrid mode</emphasis> where it is offers both user and share
@ -56,7 +42,62 @@
<para>The different settings will now be explained.</para>
<para><anchor id="SECURITYEQUALSUSER"/><emphasis>SECURITY = USER</emphasis></para>
<para>This is the default security setting in Samba.
With user-level security a client must first &quot;log-on&quot; with a
valid username and password (which can be mapped using the <smbconfoption name="username map"/>
parameter). Encrypted passwords (see the <smbconfoption name="encrypted passwords"/> parameter) can also
be used in this security mode. Parameters such as <smbconfoption name="user"/> and <smbconfoption
name="guest only"/> if set are then applied and
may change the UNIX user to use on this connection, but only after
the user has been successfully authenticated.</para>
<para><emphasis>Note</emphasis> that the name of the resource being
requested is <emphasis>not</emphasis> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
the server to automatically map unknown users into the <smbconfoption name="guest account"/>.
See the <smbconfoption name="map to guest"/> parameter for details on doing this.</para>
<para>See also the section <link linkend="VALIDATIONSECT">NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para>
<para><anchor id="SECURITYEQUALSDOMAIN"/><emphasis>SECURITY = DOMAIN</emphasis></para>
<para>This mode will only work correctly if <citerefentry><refentrytitle>net</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> has been used to add this
machine into a Windows NT Domain. It expects the <smbconfoption name="encrypted passwords"/>
parameter to be set to <constant>yes</constant>. In this
mode Samba will try to validate the username/password by passing
it to a Windows NT Primary or Backup Domain Controller, in exactly
the same way that a Windows NT Server would do.</para>
<para><emphasis>Note</emphasis> that a valid UNIX user must still
exist as well as the account on the Domain Controller to allow
Samba to have a valid UNIX account to map file access to.</para>
<para><emphasis>Note</emphasis> that from the client's point
of view <command moreinfo="none">security = domain</command> is the same
as <command moreinfo="none">security = user</command>. It only
affects how the server deals with the authentication,
it does not in any way affect what the client sees.</para>
<para><emphasis>Note</emphasis> that the name of the resource being
requested is <emphasis>not</emphasis> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
the server to automatically map unknown users into the <smbconfoption name="guest account"/>.
See the <smbconfoption name="map to guest"/> parameter for details on doing this.</para>
<para>See also the section <link linkend="VALIDATIONSECT">
NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para>
<para>See also the <smbconfoption name="password server"/> parameter and
the <smbconfoption name="encrypted passwords"/> parameter.</para>
<para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para>
<note><para>This option is deprecated as it is incompatible with SMB2</para></note>
<para>When clients connect to a share level security server, they
need not log onto the server with a valid username and password before
@ -135,63 +176,10 @@
<para>See also the section <link linkend="VALIDATIONSECT">
NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para>
<para><anchor id="SECURITYEQUALSUSER"/><emphasis>SECURITY = USER</emphasis></para>
<para>This is the default security setting in Samba 3.0.
With user-level security a client must first &quot;log-on&quot; with a
valid username and password (which can be mapped using the <smbconfoption name="username map"/>
parameter). Encrypted passwords (see the <smbconfoption name="encrypted passwords"/> parameter) can also
be used in this security mode. Parameters such as <smbconfoption name="user"/> and <smbconfoption
name="guest only"/> if set are then applied and
may change the UNIX user to use on this connection, but only after
the user has been successfully authenticated.</para>
<para><emphasis>Note</emphasis> that the name of the resource being
requested is <emphasis>not</emphasis> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
the server to automatically map unknown users into the <smbconfoption name="guest account"/>.
See the <smbconfoption name="map to guest"/> parameter for details on doing this.</para>
<para>See also the section <link linkend="VALIDATIONSECT">NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para>
<para><anchor id="SECURITYEQUALSDOMAIN"/><emphasis>SECURITY = DOMAIN</emphasis></para>
<para>This mode will only work correctly if <citerefentry><refentrytitle>net</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> has been used to add this
machine into a Windows NT Domain. It expects the <smbconfoption name="encrypted passwords"/>
parameter to be set to <constant>yes</constant>. In this
mode Samba will try to validate the username/password by passing
it to a Windows NT Primary or Backup Domain Controller, in exactly
the same way that a Windows NT Server would do.</para>
<para><emphasis>Note</emphasis> that a valid UNIX user must still
exist as well as the account on the Domain Controller to allow
Samba to have a valid UNIX account to map file access to.</para>
<para><emphasis>Note</emphasis> that from the client's point
of view <command moreinfo="none">security = domain</command> is the same
as <command moreinfo="none">security = user</command>. It only
affects how the server deals with the authentication,
it does not in any way affect what the client sees.</para>
<para><emphasis>Note</emphasis> that the name of the resource being
requested is <emphasis>not</emphasis> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
the server to automatically map unknown users into the <smbconfoption name="guest account"/>.
See the <smbconfoption name="map to guest"/> parameter for details on doing this.</para>
<para>See also the section <link linkend="VALIDATIONSECT">
NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para>
<para>See also the <smbconfoption name="password server"/> parameter and
the <smbconfoption name="encrypted passwords"/> parameter.</para>
<para><anchor id="SECURITYEQUALSSERVER"/><emphasis>SECURITY = SERVER</emphasis></para>
<para>
In this mode Samba will try to validate the username/password by passing it to another SMB server, such as an
In this depicted mode Samba will try to validate the username/password by passing it to another SMB server, such as an
NT box. If this fails it will revert to <command moreinfo="none">security = user</command>. It expects the
<smbconfoption name="encrypted passwords"/> parameter to be set to <constant>yes</constant>, unless the remote
server does not support them. However note that if encrypted passwords have been negotiated then Samba cannot
@ -203,19 +191,24 @@
<note><para>This mode of operation has
significant pitfalls since it is more vulnerable to
man-in-the-middle attacks and server impersonation. In particular,
this mode of operation can cause significant resource consuption on
this mode of operation can cause significant resource consumption on
the PDC, as it must maintain an active connection for the duration
of the user's session. Furthermore, if this connection is lost,
there is no way to reestablish it, and futher authentications to the
there is no way to reestablish it, and further authentications to the
Samba server may fail (from a single client, till it disconnects).
</para></note>
<note><para>If the client selects NTLMv2 authentication, then this mode of operation <emphasis>will fail</emphasis>
</para></note>
<note><para>From the client's point of
view, <command moreinfo="none">security = server</command> is the
same as <command moreinfo="none">security = user</command>. It
only affects how the server deals with the authentication, it does
not in any way affect what the client sees.</para></note>
<note><para>This option is deprecated, and may be removed in future</para></note>
<para><emphasis>Note</emphasis> that the name of the resource being
requested is <emphasis>not</emphasis> sent to the server until after
the server has successfully authenticated the client. This is why

2
docs-xml/smbdotconf/security/username.xml
View File

@ -9,7 +9,7 @@
list, in which case the supplied password will be tested against
each username in turn (left to right).</para>
<para>The <parameter moreinfo="none">username</parameter> line is needed only when
<para>The deprecated <parameter moreinfo="none">username</parameter> line is needed only when
the PC is unable to supply its own username. This is the case
for the COREPLUS protocol or where your users have different WfWg
usernames to UNIX usernames. In both these cases you may also be

14
docs-xml/smbdotconf/winbind/idmapallocconfig.xml
View File

@ -1,14 +0,0 @@
<samba:parameter name="idmap alloc config"
context="G"
type="string"
advanced="1" developer="1" hide="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
The idmap alloc config prefix provides a means of managing settings
for the backend defined by the <smbconfoption name="idmap alloc backend"/>
parameter. Refer to the man page for each idmap plugin regarding
specific configuration details.
</para>
</description>
</samba:parameter>

35
docs-xml/smbdotconf/winbind/idmapbackend.xml
View File

@ -11,39 +11,8 @@
<para>
This option specifies the default backend that is used when no special
configuration set by <smbconfoption name="idmap config"/> matches the
specific request.
</para>
<para>
This default backend also specifies the place where winbind-generated
idmap entries will be stored. So it is highly recommended that you
specify a writable backend like <citerefentry>
<refentrytitle>idmap_tdb</refentrytitle> <manvolnum>8</manvolnum>
</citerefentry> or <citerefentry>
<refentrytitle>idmap_ldap</refentrytitle> <manvolnum>8</manvolnum>
</citerefentry> as the idmap backend. The <citerefentry>
<refentrytitle>idmap_rid</refentrytitle> <manvolnum>8</manvolnum>
</citerefentry> and <citerefentry>
<refentrytitle>idmap_ad</refentrytitle> <manvolnum>8</manvolnum>
</citerefentry> backends are not writable and thus will generate
unexpected results if set as idmap backend.
</para>
<para>
To use the rid and ad backends, please specify them via the
<smbconfoption name="idmap config"/> parameter, possibly also for the
domain your machine is member of, specified by <smbconfoption
name="workgroup"/>.
</para>
<para>Examples of SID/uid/gid backends include tdb (<citerefentry>
<refentrytitle>idmap_tdb</refentrytitle><manvolnum>8</manvolnum></citerefentry>),
ldap (<citerefentry><refentrytitle>idmap_ldap</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>), rid (<citerefentry>
<refentrytitle>idmap_rid</refentrytitle><manvolnum>8</manvolnum></citerefentry>),
and ad (<citerefentry><refentrytitle>idmap_ad</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>).
configuration set, but it is now deprecated in favour of the new
spelling <smbconfoption name="idmap config * : backend"/>.
</para>
</description>

103
docs-xml/smbdotconf/winbind/idmapconfig.xml
View File

@ -6,44 +6,108 @@
<description>
<para>
The idmap config prefix provides a means of managing each trusted
domain separately. The idmap config prefix should be followed by the
name of the domain, a colon, and a setting specific to the chosen
backend. There are three options available for all domains:
ID mapping in Samba is the mapping between Windows SIDs and Unix user
and group IDs. This is performed by Winbindd with a configurable plugin
interface. Samba's ID mapping is configured by options starting with the
<smbconfoption name="idmap config"/> prefix.
An idmap option consists of the <smbconfoption name="idmap config"/>
prefix, followed by a domain name or the asterisk character (*),
a colon, and the name of an idmap setting for the chosen domain.
</para>
<variablelist>
<para>
The idmap configuration is hence divided into groups, one group
for each domain to be configured, and one group with the the
asterisk instead of a proper domain name, which speifies the
default configuration that is used to catch all domains that do
not have an explicit idmap configuration of their own.
</para>
<para>
There are three general options available:
</para>
<variablelist>
<varlistentry>
<term>backend = backend_name</term>
<listitem><para>
Specifies the name of the idmap plugin to use as the
SID/uid/gid backend for this domain.
This specifies the name of the idmap plugin to use as the
SID/uid/gid backend for this domain. The standard backends are
tdb
(<citerefentry><refentrytitle>idmap_tdb</refentrytitle> <manvolnum>8</manvolnum> </citerefentry>),
tdb2
(<citerefentry><refentrytitle>idmap_tdb2</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
ldap
(<citerefentry><refentrytitle>idmap_ldap</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
rid
(<citerefentry><refentrytitle>idmap_rid</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
hash
(<citerefentry><refentrytitle>idmap_hash</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
autorid
(<citerefentry><refentrytitle>idmap_autorid</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
ad
(<citerefentry><refentrytitle>idmap_ad</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
adex
(<citerefentry><refentrytitle>idmap_adex</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
,
and nss.
(<citerefentry><refentrytitle>idmap_nss</refentrytitle> <manvolnum>8</manvolnum></citerefentry>),
The corresponding manual pages contain the details, but
here is a summary.
</para>
<para>
The first three of these create mappings of their own using
internal unixid counters and store the mappings in a database.
These are suitable for use in the default idmap configuration.
The rid and hash backends use a pure algorithmic calculation
to determine the unixid for a SID. The autorid module is a
mixture of the tdb and rid backend. It creates ranges for
each domain encountered and then uses the rid algorithm for each
of these automatically configured domains individually.
The ad and adex
backends both use unix IDs stored in Active Directory via
the standard schema extensions. The nss backend reverses
the standard winbindd setup and gets the unixids via names
from nsswitch which can be useful in an ldap setup.
</para></listitem>
</varlistentry>
<varlistentry>
<term>range = low - high</term>
<listitem><para>
<listitem><para>
Defines the available matching uid and gid range for which the
backend is authoritative. Note that the range commonly
matches the allocation range due to the fact that the same
backend will store and retrieve SID/uid/gid mapping entries.
</para>
backend is authoritative. For allocating backends, this also
defines the start and the end of the range for allocating
new unid IDs.
</para>
<para>
winbind uses this parameter to find the backend that is
authoritative for a unix ID to SID mapping, so it must be set
for each individually configured domain, and it must be
disjoint from the ranges set via <smbconfoption name="idmap
uid"/> and <smbconfoption name="idmap gid"/>.
authoritative for a unix ID to SID mapping, so it must be set
for each individually configured domain and for the default
configuration. The configured ranges must be mutually disjoint.
</para></listitem>
</varlistentry>
<varlistentry>
<term>read only = yes|no</term>
<listitem><para>
This option can be used to turn the writing backends
tdb, tdb2, and ldap into read only mode. This can be useful
e.g. in cases where a pre-filled database exists that should
not be extended automatically.
</para></listitem>
</varlistentry>
</variablelist>
<para>
The following example illustrates how to configure the <citerefentry>
<refentrytitle>idmap_ad</refentrytitle> <manvolnum>8</manvolnum>
</citerefentry> for the CORP domain and the
</citerefentry> backend for the CORP domain and the
<citerefentry><refentrytitle>idmap_tdb</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> backend for all other
domains. This configuration assumes that the admin of CORP assigns
@ -53,9 +117,8 @@
</para>
<programlisting>
idmap backend = tdb
idmap uid = 1000000-1999999
idmap gid = 1000000-1999999
idmap config * : backend = tdb
idmap config * : range = 1000000-1999999
idmap config CORP : backend = ad
idmap config CORP : range = 1000-999999

13
docs-xml/smbdotconf/winbind/idmapgid.xml
View File

@ -5,16 +5,13 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>winbind gid</synonym>
<description>
<para>The idmap gid parameter specifies the range of group ids
that are allocated for the purpose of mapping UNX groups to NT group
SIDs. This range of group ids should have no
existing local or NIS groups within it as strange conflicts can
occur otherwise.</para>
<para>See also the <smbconfoption name="idmap backend"/>, and
<smbconfoption name="idmap config"/> options.
<para>
The idmap gid parameter specifies the range of group ids
for the default idmap configuration. It is now deprecated
in favour of <smbconfoption name="idmap config * : range"/>.
</para>
<para>See the <smbconfoption name="idmap config"/> option.</para>
</description>
<value type="default"></value>

12
docs-xml/smbdotconf/winbind/idmapuid.xml
View File

@ -6,14 +6,12 @@
<synonym>winbind uid</synonym>
<description>
<para>
The idmap uid parameter specifies the range of user ids that are
allocated for use in mapping UNIX users to NT user SIDs. This
range of ids should have no existing local
or NIS users within it as strange conflicts can occur otherwise.</para>
<para>See also the <smbconfoption name="idmap backend"/> and
<smbconfoption name="idmap config"/> options.
The idmap uid parameter specifies the range of user ids for
the default idmap configuration. It is now deprecated in favour
of <smbconfoption name="idmap config * : range"/>.
</para>
<para>See the <smbconfoption name="idmap config"/> option.</para>
</description>
<value type="default"></value>

20
source4/dynconfig/dynconfig.c → dynconfig/dynconfig.c
View File

@ -1,24 +1,25 @@
/*
/*
Unix SMB/CIFS implementation.
Copyright (C) 2001 by Martin Pool <mbp@samba.org>
Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003.
Copyright (C) Stefan Metzmacher 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "nsswitch/winbind_struct_protocol.h"
/**
* @file dynconfig.c
@ -41,6 +42,9 @@
**/
#include "dynconfig.h"
#ifdef strdup
#undef strdup
#endif
#define DEFINE_DYN_CONFIG_PARAM(name) \
const char *dyn_##name = name; \
@ -99,13 +103,15 @@ DEFINE_DYN_CONFIG_PARAM(SMB_PASSWD_FILE)
DEFINE_DYN_CONFIG_PARAM(PRIVATE_DIR)
DEFINE_DYN_CONFIG_PARAM(LOCALEDIR)
DEFINE_DYN_CONFIG_PARAM(NMBDSOCKETDIR)
/* these are not in s3 */
DEFINE_DYN_CONFIG_PARAM(DATADIR)
DEFINE_DYN_CONFIG_PARAM(SETUPDIR)
DEFINE_DYN_CONFIG_PARAM(WINBINDD_SOCKET_DIR)
DEFINE_DYN_CONFIG_PARAM(WINBINDD_SOCKET_DIR) /* from winbind_struct_protocol.h in s3 autoconf */
/* these are not in s3 */
#if (_SAMBA_BUILD_ >= 4)
DEFINE_DYN_CONFIG_PARAM(WINBINDD_PRIVILEGED_SOCKET_DIR)
DEFINE_DYN_CONFIG_PARAM(NTP_SIGND_SOCKET_DIR)
DEFINE_DYN_CONFIG_PARAM(PYTHONDIR)
DEFINE_DYN_CONFIG_PARAM(PYTHONARCHDIR)
DEFINE_DYN_CONFIG_PARAM(SCRIPTSBINDIR)
#endif

10
source4/dynconfig/dynconfig.h → dynconfig/dynconfig.h
View File

@ -1,19 +1,19 @@
/*
/*
Unix SMB/CIFS implementation.
Copyright (C) 2001 by Martin Pool <mbp@samba.org>
Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/

78
source4/dynconfig/wscript → dynconfig/wscript
View File

@ -5,12 +5,15 @@ from samba_utils import EXPAND_VARIABLES, os_path_relpath
# list of directory options to offer in configure
dir_options = {
'with-piddir' : [ '${PREFIX}/var/run', 'where to put pid files' ],
'with-piddir' : [ '${LOCALSTATEDIR}/run', 'where to put pid files' ],
'with-privatedir' : [ '${PREFIX}/private', 'Where to put sam.ldb and other private files' ],
'with-winbindd-socket-dir' : [ '${PREFIX}/var/lib/winbindd', 'winbind socket directory' ],
'with-winbindd-privileged-socket-dir' : [ '${PREFIX}/var/lib/winbindd_privileged', 'winbind privileged socket directory'],
'with-ntp-signd-socket-dir' : [ '${PREFIX}/var/run/ntp_signd', 'NTP signed directory'],
'with-lockdir' : [ '${PREFIX}/var/locks', 'where to put lock files' ]
'with-sockets-dir' : [ '${LOCALSTATEDIR}/run', 'sockets directory' ],
'with-winbindd-privileged-socket-dir' : [ '${LOCALSTATEDIR}/lib/winbindd_privileged', 'winbind privileged socket directory'],
'with-lockdir' : [ '${LOCALSTATEDIR}/lock', 'where to put short term disposable state files' ],
'with-cachedir' : [ '${LOCALSTATEDIR}/cache', 'where to put cache files' ],
'with-logfilebase' : [ '${LOCALSTATEDIR}', 'Where to put log files' ],
'with-pammodulesdir' : [ '${LIBDIR}', 'Which directory to use for PAM modules' ],
'with-statedir' : [ '${LOCALSTATEDIR}/locks', 'where to put persistent state files' ],
}
# list of cflags to use for dynconfig.c
@ -22,56 +25,30 @@ dyn_cflags = {
'CONFIGFILE' : '${SYSCONFDIR}/smb.conf',
'LMHOSTSFILE' : '${SYSCONFDIR}/lmhosts',
'PRIVATE_DIR' : '${PRIVATEDIR}',
'LOGFILEBASE' : '${LOCALSTATEDIR}',
'LOCKDIR' : '${LOCALSTATEDIR}/locks',
'PIDDIR' : '${LOCALSTATEDIR}/run',
'LOGFILEBASE' : '${LOGFILEBASE}',
'LOCKDIR' : '${LOCKDIR}',
'PIDDIR' : '${PIDDIR}',
'DATADIR' : '${DATADIR}',
'LOCALEDIR' : '${LOCALEDIR}',
'SETUPDIR' : '${DATADIR}/setup',
'WINBINDD_SOCKET_DIR' : '${WINBINDD_SOCKET_DIR}',
'WINBINDD_SOCKET_DIR' : '${SOCKETS_DIR}/winbindd',
'WINBINDD_PRIVILEGED_SOCKET_DIR' : '${WINBINDD_PRIVILEGED_SOCKET_DIR}',
'NTP_SIGND_SOCKET_DIR' : '${NTP_SIGND_SOCKET_DIR}',
'NCALRPCDIR' : '${LOCALSTATEDIR}/ncalrpc',
'NTP_SIGND_SOCKET_DIR' : '${SOCKETS_DIR}/ntp_signd',
'NCALRPCDIR' : '${SOCKETS_DIR}/ncalrpc',
'PYTHONDIR' : '${PYTHONDIR}',
'PYTHONARCHDIR' : '${PYTHONARCHDIR}',
'MODULESDIR' : '${PREFIX}/modules',
'INCLUDEDIR' : '${PREFIX}/include',
'PKGCONFIGDIR' : '${LIBDIR}/pkgconfig',
'SWATDIR' : '${DATADIR}/swat',
'CODEPAGEDIR' : '${LIBDIR}/samba',
'CODEPAGEDIR' : '${DATADIR}/codepages',
'LIBDIR' : '${LIBDIR}',
'LIBEXECDIR' : '${MODULESDIR}',
'STATEDIR' : '${LOCALSTATEDIR}',
'CACHEDIR' : '${LOCKDIR}',
'LIBEXECDIR' : '${LIBEXECDIR}',
'STATEDIR' : '${STATEDIR}',
'CACHEDIR' : '${CACHEDIR}',
'SMB_PASSWD_FILE' : '${PRIVATEDIR}/smbpasswd',
'NMBDSOCKETDIR' : '${LOCALSTATEDIR}/nmbd',
}
# changes for when FHS is enabled
dyn_cflags_fhs = {
'BINDIR' : '${BINDIR}',
'SBINDIR' : '${SBINDIR}',
'SCRIPTSBINDIR' : '${SBINDIR}',
'CONFIGDIR' : '${SYSCONFDIR}/samba',
'CONFIGFILE' : '${SYSCONFDIR}/samba/smb.conf',
'LMHOSTSFILE' : '${SYSCONFDIR}/samba/lmhosts',
'PRIVATE_DIR' : '${LOCALSTATEDIR}/lib/samba/private',
'LOGFILEBASE' : '${LOCALSTATEDIR}/log/samba',
'LOCKDIR' : '${LOCALSTATEDIR}/lib/samba',
'PIDDIR' : '${LOCALSTATEDIR}/run/samba',
'SETUPDIR' : '${DATADIR}/samba/setup',
'WINBINDD_SOCKET_DIR' : '${LOCALSTATEDIR}/run/samba/winbindd',
'WINBINDD_PRIVILEGED_SOCKET_DIR' : '${LOCALSTATEDIR}/run/samba/winbindd_privileged',
'NTP_SIGND_SOCKET_DIR' : '${LOCALSTATEDIR}/run/samba/ntp_signd',
'NCALRPCDIR' : '${LOCALSTATEDIR}/run/samba/ncalrpc',
'PYTHONARCHDIR' : '${PYTHONARCHDIR}',
'MODULESDIR' : '${LIBDIR}/samba',
'LIBEXECDIR' : '${MODULESDIR}',
'INCLUDEDIR' : '${INCLUDEDIR}/samba-4.0',
'PKGCONFIGDIR' : '${LIBDIR}/pkgconfig',
'SWATDIR' : '${DATADIR}/swat',
'CODEPAGEDIR' : '${DATADIR}/samba',
'NMBDSOCKETDIR' : '${LOCALSTATEDIR}/run/samba/nmbd',
'NMBDSOCKETDIR' : '${SOCKETS_DIR}/nmbd',
'PAMMODULESDIR' : '${PAMMODULESDIR}',
}
def get_varname(v):
@ -85,9 +62,6 @@ def get_varname(v):
def set_options(opt):
# get all the basic GNU options from the gnu_dirs tool
opt.add_option('--enable-fhs',
help=("Use FHS-compliant paths (default no)"),
action="store_true", dest='ENABLE_FHS', default=False)
for option in dir_options.keys():
default = dir_options[option][0]
help = dir_options[option][1]
@ -110,18 +84,6 @@ def configure(conf):
conf.ASSERT(v != '', "Empty dynconfig value for %s" % f)
conf.env[f] = v
if Options.options.ENABLE_FHS:
for f in dyn_cflags_fhs.keys():
v = EXPAND_VARIABLES(conf, dyn_cflags_fhs[f])
conf.ASSERT(v != '', "Empty dynconfig value for %s" % f)
conf.env[f] = v
if (not Options.options.ENABLE_FHS and
(conf.env.PREFIX == '/usr' or conf.env.PREFIX == '/usr/local')):
print("ERROR: Don't install directly under /usr or /usr/local without using the FHS option (--enable-fhs)")
sys.exit(1)
def dynconfig_cflags(bld, list=None):
'''work out the extra CFLAGS for dynconfig.c'''
cflags = []

69
examples/LDAP/samba-nds.schema
View File

@ -35,7 +35,7 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE )
##
## Password timestamps & policies
@ -128,7 +128,7 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.47 NAME 'sambaMungedDial' DESC 'Base64 en
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' DESC 'Concatenated MD4 hashes of the unicode passwords used on this account' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' DESC 'Concatenated MD5 hashes of the salted NT passwords used on this account' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{1024} )
##
## SID, of any type
@ -137,7 +137,7 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.54 NAME 'sambaPasswordHistory' DESC 'Conc
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID' DESC 'Security ID' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
##
## Primary group SID, compatible with ntSid
@ -287,47 +287,13 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.67 NAME 'sambaRefuseMachinePwdChange' DES
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.70 NAME 'sambaTrustType' DESC 'Type of trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.68 NAME 'sambaClearTextPassword' DESC 'Clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.71 NAME 'sambaTrustAttributes' DESC 'Trust attributes for a trusted domain' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.72 NAME 'sambaTrustDirection' DESC 'Direction of a trust' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.73 NAME 'sambaTrustPartner' DESC 'Fully qualified name of the domain with which a trust exists' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.74 NAME 'sambaFlatName' DESC 'NetBIOS name of a domain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.75 NAME 'sambaTrustAuthOutgoing' DESC 'Authentication information for the outgoing portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.76 NAME 'sambaTrustAuthIncoming' DESC 'Authentication information for the incoming portion of a trust' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.77 NAME 'sambaSecurityIdentifier' DESC 'SID of a trusted domain' EQUALITY caseIgnoreIA5Match SUBSTR caseExactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.78 NAME 'sambaTrustForestTrustInfo' DESC 'Forest trust information for a trusted domain object' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1050} )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.69 NAME 'sambaPreviousClearTextPassword' DESC 'Previous clear text password (used for trusted domain passwords)' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
#######################################################################
## objectClasses used by Samba 3.0 schema ##
@ -356,6 +322,16 @@ changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' DESC 'Samba Trust Password' SUP top STRUCTURAL MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ))
##
## Trust password for trusted domains
## (to be stored beneath the trusting sambaDomain object in the DIT)
##
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ))
##
## Whole-of-domain info
##
@ -372,22 +348,22 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' DESC 'Samba Domain In
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ))
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' DESC 'Pool for allocating UNIX uids/gids' SUP top AUXILIARY MUST ( uidNumber $ gidNumber ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ))
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.8 NAME 'sambaIdmapEntry' DESC 'Mapping from a SID to an ID' SUP top AUXILIARY MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST ( sambaSID ))
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.9 NAME 'sambaSidEntry' DESC 'Structural Class for a SID' SUP top STRUCTURAL MUST ( sambaSID ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.10 NAME 'sambaConfig' DESC 'Samba Configuration Section' SUP top AUXILIARY MAY ( description ))
objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.10 NAME 'sambaConfig' DESC 'Samba Configuration Section' SUP top AUXILIARY MAY ( description ))
dn: cn=schema
changetype: modify
@ -403,8 +379,3 @@ dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.13 NAME 'sambaPrivilege' DESC 'Samba Privilege' SUP top AUXILIARY MUST ( sambaSID ) MAY ( sambaPrivilegeList ))
dn: cn=schema
changetype: modify
add: objectClasses
objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )

2
examples/LDAP/samba-schema-FDS.ldif
View File

@ -183,4 +183,4 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP t
##
## used for IPA_ldapsam
##
objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustType $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )

2
examples/LDAP/samba-schema-netscapeds5.x
View File

@ -36,7 +36,7 @@ objectClasses: ( 1.3.6.1.4.1.7165.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY
objectClasses: ( 1.3.6.1.4.1.7165.2.2.8 NAME 'sambaIdmapEntry' SUP top AUXILIARY DESC 'Mapping from a SID to an ID' MUST ( sambaSID ) MAY ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.9 NAME 'sambaSidEntry' SUP top STRUCTURAL DESC 'Structural Class for a SID' MUST ( sambaSID ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.15 NAME 'sambaTrustedDomainPassword' SUP top STRUCTURAL DESC 'Samba Trusted Domain Password' MUST ( sambaDomainName $ sambaSID $ sambaClearTextPassword $ sambaPwdLastSet ) MAY ( sambaPreviousClearTextPassword ) X-ORIGIN 'user defined')
objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) X-ORIGIN 'user defined' )
objectClasses: ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustType $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.24 NAME 'sambaLMPassword' DESC 'LanManager Password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.25 NAME 'sambaNTPassword' DESC 'MD4 hash of the unicode password' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32} SINGLE-VALUE X-ORIGIN 'user defined' )
attributeTypes: ( 1.3.6.1.4.1.7165.2.1.26 NAME 'sambaAcctFlags' DESC 'Account Flags' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{16} SINGLE-VALUE X-ORIGIN 'user defined' )

4
examples/LDAP/samba.schema
View File

@ -621,10 +621,10 @@ objectclass ( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTURA
##
## used for IPA_ldapsam
##
objectclasses ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL
objectclass ( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL
DESC 'Samba Trusted Domain Object'
MUST ( cn )
MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $
MAY ( sambaTrustType $ sambaTrustAttributes $ sambaTrustDirection $
sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $
sambaTrustAuthIncoming $ sambaSecurityIdentifier $
sambaTrustForestTrustInfo) )

2
examples/LDAP/samba.schema.oc.IBM-DS
View File

@ -20,4 +20,4 @@ objectclasses=( 1.3.6.1.4.1.7165.2.2.12 NAME 'sambaConfigOption' SUP top STRUCTU
objectclasses=( 1.3.6.1.4.1.7165.2.2.14 NAME 'sambaTrustPassword' SUP top STRUCTURAL DESC 'Samba Trust Password' MUST ( sambaDomainName $ sambaNTPassword $ sambaTrustFlags ) MAY ( sambaSID $ sambaPwdLastSet ))
objectclasses=( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustTyp e $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )
objectclasses=( 1.3.6.1.4.1.7165.2.2.16 NAME 'sambaTrustedDomain' SUP top STRUCTURAL DESC 'Samba Trusted Domain Object' MUST ( cn ) MAY ( sambaTrustType $ sambaTrustAttributes $ sambaTrustDirection $ sambaTrustPartner $ sambaFlatName $ sambaTrustAuthOutgoing $ sambaTrustAuthIncoming $ sambaSecurityIdentifier $ sambaTrustForestTrustInfo ) )

2
examples/VFS/shadow_copy_test.c
View File

@ -59,7 +59,7 @@ static int test_get_shadow_copy_data(vfs_handle_struct *handle, files_struct *fs
if (labels) {
if (num) {
shadow_copy_data->labels = TALLOC_ZERO_ARRAY(shadow_copy_data->mem_ctx,SHADOW_COPY_LABEL,num);
shadow_copy_data->labels = talloc_zero_array(shadow_copy_data->mem_ctx,SHADOW_COPY_LABEL,num);
} else {
shadow_copy_data->labels = NULL;
}

2
examples/VFS/skel_opaque.c
View File

@ -293,7 +293,7 @@ static int skel_chdir(vfs_handle_struct *handle, const char *path)
return -1;
}
static char *skel_getwd(vfs_handle_struct *handle, char *buf)
static char *skel_getwd(vfs_handle_struct *handle)
{
errno = ENOSYS;
return NULL;

4
examples/VFS/skel_transparent.c
View File

@ -280,9 +280,9 @@ static int skel_chdir(vfs_handle_struct *handle, const char *path)
return SMB_VFS_NEXT_CHDIR(handle, path);
}
static char *skel_getwd(vfs_handle_struct *handle, char *buf)
static char *skel_getwd(vfs_handle_struct *handle)
{
return SMB_VFS_NEXT_GETWD(handle, buf);
return SMB_VFS_NEXT_GETWD(handle);
}
static int skel_ntimes(vfs_handle_struct *handle,

131
howto-ol-backend-s4.txt
View File

@ -1,131 +0,0 @@
Samba4 OpenLDAP-Backend Quick-Howto
====================================
oliver@itc.li - August 2009
This Mini-Howto describes in a very simplified way
how to setup Samba 4 (S4) (pre)Alpha 13 with the
OpenLDAP (OL) -Backend.
Use of OpenLDAP from CVS after 2010-04-22 is required
The current instructions are at:
http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP
1.) Download and compile OpenLDAP.
The use of (older) Versions shipped with Distributions often
causes trouble, so dont use them. Configure-Example:
#> ./configure --enable-overlays=yes --with-tls=yes --with-cyrus-sasl=yes
#> make depend && make && make install
Note: openssl and cyrus-sasl libs should be installed
before compilation.
2.) Final provision:
(you can add --adminpass=<yourpass> to the parameters,
otherwise a random password will be generated for
cn=Administrator,cn=users,<Your Base-DN>):
#> setup/provision \
--ldap-backend-type=openldap \
--slapd-path="/usr/local/libexec/slapd"
--username=samba-admin --realm=ldap.local.site \
--domain=LDAP --server-role='domain controller'\
--adminpass=linux
At the End of the final provision you should get
the following output (only partial here). Read it carefully:
--------
...
A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf
Use later the following commandline to start slapd, then Samba:
/usr/local/libexec/slapd -f /usr/local/samba/private/ldap/slapd.conf -h ldapi://%2Fusr%2Flocal%2Fsamba%2Fprivate%2Fldap%2Fldapi
This slapd-Commandline is also stored under: /usr/local/samba/private/ldap/slapd_command_file.sh
Please install the phpLDAPadmin configuration located at /usr/local/samba/private/phpldapadmin-config.php into /etc/phpldapadmin/config.php
Once the above files are installed, your Samba4 server will be ready to use
Server Role: domain controller
Hostname: ldapmaster
NetBIOS Domain: LDAP
DNS Domain: ldap.local.site
DOMAIN SID: S-1-5-21-429312062-2328781357-2130201529
Admin password: linux
--------
Our slapd in "provision-mode" wiil be shut down automatically
after final provision ends.
3.) Run OL and S4:
After you completed the other necessary steps (krb and named-specific),
start first OL with the commandline displayed in the output under (3),
(remember: the slapd-Commandline is also stored in the file ../slapd_command_file.sh)
then S4.
4.) Special Setup-Types:
OpenLDAP-Online Configuration is now in use by default (olc):
The olc will be setup automatically
under ../private/slapd.d/.
olc is accessible via "cn=samba-admin,cn=samba" and Base-DN "cn=config"
olc is intended primarily for use in conjunction with MMR
Attention: You have to start OL with the commandline
displayed in the output under (3), but you have to set a
listening port of slapd manually:
(e.g. -h ldap://ldapmaster.ldap.local.site:9000)
Attention: You _should_not_ edit the olc-Sections
"config" and "ldif", as these are vital to the olc itself.
b) MultiMaster-Configuration (MMR):
Use the provision Parameter:
--ol-mmr-urls=<list of whitespace separated ldap-urls (and Ports <> 389!).
e.g.:
--ol-mmr-urls="ldap://ldapmaster1.ldap.local.site:9000 \
ldap://ldapmaster2.ldap.local.site:9000"
Attention: You have to start OL with the commandline
displayed in the output under (3), but you have to set a
listening port of slapd manually
(e.g. -h ldap://ldapmaster1.ldap.local.site:9000)
The Ports must be different from 389, as these are occupied by S4.

41
install_with_python.sh Normal file
View File

@ -0,0 +1,41 @@
#!/bin/sh
# this script installs a private copy of python in the same prefix as Samba
if [ $# -lt 1 ]; then
cat <<EOF
Usage: install_with_python.sh PREFIX [CONFIGURE OPTIONS]
EOF
exit 1;
fi
PREFIX="$1"
shift
PATH=$PREFIX/python/bin:$PATH
export PATH
VERSION="Python-2.6.5"
do_install_python() {
mkdir -p python_install || exit 1
rsync -avz samba.org::ftp/tridge/python/$VERSION.tar python_install || exit 1
cd python_install || exit 1;
rm -rf $VERSION || exit 1
tar -xf $VERSION.tar || exit 1
cd $VERSION || exit 1
./configure --prefix=$PREFIX/python --enable-shared --disable-ipv6 || exit 1
make || exit 1
make install || exit 1
cd ../.. || exit 1
rm -rf python_install || exit 1
}
if ! test -d $PREFIX/python; then
# needs to be installed
do_install_python
fi
`dirname $0`/configure --prefix=$PREFIX $@ || exit 1
make -j || exit 1
make install || exit 1

4
lib/addns/dnsgss.c
View File

@ -92,7 +92,7 @@ static DNS_ERROR dns_negotiate_gss_ctx_int( TALLOC_CTX *mem_ctx,
DNS_ERROR err;
gss_OID_desc krb5_oid_desc =
{ 9, (char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
{ 9, (const char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
*ctx = GSS_C_NO_CONTEXT;
input_ptr = NULL;
@ -222,7 +222,7 @@ DNS_ERROR dns_negotiate_sec_ctx( const char *target_realm,
gss_name_t targ_name;
gss_OID_desc nt_host_oid_desc =
{10, (char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"};
{10, (const char *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"};
TALLOC_CTX *mem_ctx;

18
lib/addns/dnsmarshall.c
View File

@ -39,7 +39,7 @@ struct dns_buffer *dns_create_buffer(TALLOC_CTX *mem_ctx)
*/
result->size = 2;
if (!(result->data = TALLOC_ARRAY(result, uint8, result->size))) {
if (!(result->data = talloc_array(result, uint8, result->size))) {
TALLOC_FREE(result);
return NULL;
}
@ -78,7 +78,7 @@ void dns_marshall_buffer(struct dns_buffer *buf, const uint8 *data,
new_size += (64 - (new_size % 64));
if (!(new_data = TALLOC_REALLOC_ARRAY(buf, buf->data, uint8,
if (!(new_data = talloc_realloc(buf, buf->data, uint8,
new_size))) {
buf->error = ERROR_DNS_NO_MEMORY;
return;
@ -223,7 +223,7 @@ static void dns_unmarshall_label(TALLOC_CTX *mem_ctx,
label->len = len;
if (!(label->label = TALLOC_ARRAY(label, char, len+1))) {
if (!(label->label = talloc_array(label, char, len+1))) {
buf->error = ERROR_DNS_NO_MEMORY;
goto error;
}
@ -329,7 +329,7 @@ static void dns_unmarshall_rr(TALLOC_CTX *mem_ctx,
if (!(ERR_DNS_IS_OK(buf->error))) return;
if (r->data_length != 0) {
if (!(r->data = TALLOC_ARRAY(r, uint8, r->data_length))) {
if (!(r->data = talloc_array(r, uint8, r->data_length))) {
buf->error = ERROR_DNS_NO_MEMORY;
return;
}
@ -390,7 +390,7 @@ DNS_ERROR dns_unmarshall_request(TALLOC_CTX *mem_ctx,
uint16 i;
DNS_ERROR err;
if (!(req = TALLOC_ZERO_P(mem_ctx, struct dns_request))) {
if (!(req = talloc_zero(mem_ctx, struct dns_request))) {
return ERROR_DNS_NO_MEMORY;
}
@ -406,22 +406,22 @@ DNS_ERROR dns_unmarshall_request(TALLOC_CTX *mem_ctx,
err = ERROR_DNS_NO_MEMORY;
if ((req->num_questions != 0) &&
!(req->questions = TALLOC_ARRAY(req, struct dns_question *,
!(req->questions = talloc_array(req, struct dns_question *,
req->num_questions))) {
goto error;
}
if ((req->num_answers != 0) &&
!(req->answers = TALLOC_ARRAY(req, struct dns_rrec *,
!(req->answers = talloc_array(req, struct dns_rrec *,
req->num_answers))) {
goto error;
}
if ((req->num_auths != 0) &&
!(req->auths = TALLOC_ARRAY(req, struct dns_rrec *,
!(req->auths = talloc_array(req, struct dns_rrec *,
req->num_auths))) {
goto error;
}
if ((req->num_additionals != 0) &&
!(req->additionals = TALLOC_ARRAY(req, struct dns_rrec *,
!(req->additionals = talloc_array(req, struct dns_rrec *,
req->num_additionals))) {
goto error;
}

16
lib/addns/dnsrecord.c
View File

@ -31,8 +31,8 @@ DNS_ERROR dns_create_query( TALLOC_CTX *mem_ctx, const char *name,
struct dns_question *q;
DNS_ERROR err;
if (!(req = TALLOC_ZERO_P(mem_ctx, struct dns_request)) ||
!(req->questions = TALLOC_ARRAY(req, struct dns_question *, 1)) ||
if (!(req = talloc_zero(mem_ctx, struct dns_request)) ||
!(req->questions = talloc_array(req, struct dns_question *, 1)) ||
!(req->questions[0] = talloc(req->questions,
struct dns_question))) {
TALLOC_FREE(req);
@ -64,8 +64,8 @@ DNS_ERROR dns_create_update( TALLOC_CTX *mem_ctx, const char *name,
struct dns_zone *z;
DNS_ERROR err;
if (!(req = TALLOC_ZERO_P(mem_ctx, struct dns_update_request)) ||
!(req->zones = TALLOC_ARRAY(req, struct dns_zone *, 1)) ||
if (!(req = talloc_zero(mem_ctx, struct dns_update_request)) ||
!(req->zones = talloc_array(req, struct dns_zone *, 1)) ||
!(req->zones[0] = talloc(req->zones, struct dns_zone))) {
TALLOC_FREE(req);
return ERROR_DNS_NO_MEMORY;
@ -131,8 +131,8 @@ DNS_ERROR dns_create_a_record(TALLOC_CTX *mem_ctx, const char *host,
return ERROR_DNS_SUCCESS;
}
ip = ((struct sockaddr_in *)pss)->sin_addr;
if (!(data = (uint8 *)TALLOC_MEMDUP(mem_ctx, (const void *)&ip.s_addr,
ip = ((const struct sockaddr_in *)pss)->sin_addr;
if (!(data = (uint8 *)talloc_memdup(mem_ctx, (const void *)&ip.s_addr,
sizeof(ip.s_addr)))) {
return ERROR_DNS_NO_MEMORY;
}
@ -240,7 +240,7 @@ DNS_ERROR dns_unmarshall_tkey_record(TALLOC_CTX *mem_ctx, struct dns_rrec *rec,
if (!ERR_DNS_IS_OK(buf.error)) goto error;
if (tkey->key_length) {
if (!(tkey->key = TALLOC_ARRAY(tkey, uint8, tkey->key_length))) {
if (!(tkey->key = talloc_array(tkey, uint8, tkey->key_length))) {
buf.error = ERROR_DNS_NO_MEMORY;
goto error;
}
@ -308,7 +308,7 @@ DNS_ERROR dns_add_rrec(TALLOC_CTX *mem_ctx, struct dns_rrec *rec,
{
struct dns_rrec **new_records;
if (!(new_records = TALLOC_REALLOC_ARRAY(mem_ctx, *records,
if (!(new_records = talloc_realloc(mem_ctx, *records,
struct dns_rrec *,
(*num_records)+1))) {
return ERROR_DNS_NO_MEMORY;

8
lib/addns/dnssock.c
View File

@ -250,7 +250,7 @@ static DNS_ERROR dns_receive_tcp(TALLOC_CTX *mem_ctx,
DNS_ERROR err;
uint16 len;
if (!(buf = TALLOC_ZERO_P(mem_ctx, struct dns_buffer))) {
if (!(buf = talloc_zero(mem_ctx, struct dns_buffer))) {
return ERROR_DNS_NO_MEMORY;
}
@ -262,7 +262,7 @@ static DNS_ERROR dns_receive_tcp(TALLOC_CTX *mem_ctx,
buf->size = ntohs(len);
if (buf->size) {
if (!(buf->data = TALLOC_ARRAY(buf, uint8, buf->size))) {
if (!(buf->data = talloc_array(buf, uint8, buf->size))) {
TALLOC_FREE(buf);
return ERROR_DNS_NO_MEMORY;
}
@ -287,7 +287,7 @@ static DNS_ERROR dns_receive_udp(TALLOC_CTX *mem_ctx,
struct dns_buffer *buf;
ssize_t received;
if (!(buf = TALLOC_ZERO_P(mem_ctx, struct dns_buffer))) {
if (!(buf = talloc_zero(mem_ctx, struct dns_buffer))) {
return ERROR_DNS_NO_MEMORY;
}
@ -295,7 +295,7 @@ static DNS_ERROR dns_receive_udp(TALLOC_CTX *mem_ctx,
* UDP based DNS can only be 512 bytes
*/
if (!(buf->data = TALLOC_ARRAY(buf, uint8, 512))) {
if (!(buf->data = talloc_array(buf, uint8, 512))) {
TALLOC_FREE(buf);
return ERROR_DNS_NO_MEMORY;
}

4
lib/addns/dnsutils.c
View File

@ -53,7 +53,7 @@ static DNS_ERROR LabelList( TALLOC_CTX *mem_ctx,
return ERROR_DNS_INVALID_NAME;
}
if (!(result = TALLOC_ZERO_P(mem_ctx, struct dns_domain_label))) {
if (!(result = talloc_zero(mem_ctx, struct dns_domain_label))) {
return ERROR_DNS_NO_MEMORY;
}
@ -138,7 +138,7 @@ char *dns_generate_keyname( TALLOC_CTX *mem_ctx )
/*
* uuid_unparse gives 36 bytes plus '\0'
*/
if (!(result = TALLOC_ARRAY(mem_ctx, char, 37))) {
if (!(result = talloc_array(mem_ctx, char, 37))) {
return NULL;
}

38
lib/async_req/async_sock.c
View File

@ -386,6 +386,7 @@ struct writev_state {
int count;
size_t total_size;
uint16_t flags;
bool err_on_readability;
};
static void writev_trigger(struct tevent_req *req, void *private_data);
@ -413,10 +414,8 @@ struct tevent_req *writev_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
if (state->iov == NULL) {
goto fail;
}
state->flags = TEVENT_FD_WRITE;
if (err_on_readability) {
state->flags |= TEVENT_FD_READ;
}
state->flags = TEVENT_FD_WRITE|TEVENT_FD_READ;
state->err_on_readability = err_on_readability;
if (queue == NULL) {
struct tevent_fd *fde;
@ -462,8 +461,35 @@ static void writev_handler(struct tevent_context *ev, struct tevent_fd *fde,
to_write = 0;
if ((state->flags & TEVENT_FD_READ) && (flags & TEVENT_FD_READ)) {
tevent_req_error(req, EPIPE);
return;
int ret, value;
if (state->err_on_readability) {
/* Readable and the caller wants an error on read. */
tevent_req_error(req, EPIPE);
return;
}
/* Might be an error. Check if there are bytes to read */
ret = ioctl(state->fd, FIONREAD, &value);
/* FIXME - should we also check
for ret == 0 and value == 0 here ? */
if (ret == -1) {
/* There's an error. */
tevent_req_error(req, EPIPE);
return;
}
/* A request for TEVENT_FD_READ will succeed from now and
forevermore until the bytes are read so if there was
an error we'll wait until we do read, then get it in
the read callback function. Until then, remove TEVENT_FD_READ
from the flags we're waiting for. */
state->flags &= ~TEVENT_FD_READ;
TEVENT_FD_NOT_READABLE(fde);
/* If not writable, we're done. */
if (!(flags & TEVENT_FD_WRITE)) {
return;
}
}
for (i=0; i<state->count; i++) {

508
lib/ccan/array_size/LICENSE Normal file
View File

@ -0,0 +1,508 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations
below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it
becomes a de-facto standard. To achieve this, non-free programs must
be allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control
compilation and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at least
three years, to give the same user the materials specified in
Subsection 6a, above, for a charge no more than the cost of
performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply, and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License
may add an explicit geographical distribution limitation excluding those
countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms
of the ordinary General Public License).
To apply these terms, attach the following notices to the library.
It is safest to attach them to the start of each source file to most
effectively convey the exclusion of warranty; and each file should
have at least the "copyright" line and a pointer to where the full
notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or
your school, if any, to sign a "copyright disclaimer" for the library,
if necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James
Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

46
lib/ccan/array_size/_info Normal file
View File

@ -0,0 +1,46 @@
#include <stdio.h>
#include <string.h>
#include "config.h"
/**
* array_size - routine for safely deriving the size of a visible array.
*
* This provides a simple ARRAY_SIZE() macro, which (given a good compiler)
* will also break compile if you try to use it on a pointer.
*
* This can ensure your code is robust to changes, without needing a gratuitous
* macro or constant.
*
* Example:
* // Outputs "Initialized 32 values"
* #include <ccan/array_size/array_size.h>
* #include <stdlib.h>
* #include <stdio.h>
*
* // We currently use 32 random values.
* static unsigned int vals[32];
*
* int main(void)
* {
* unsigned int i;
* for (i = 0; i < ARRAY_SIZE(vals); i++)
* vals[i] = random();
* printf("Initialized %u values\n", i);
* return 0;
* }
*
* License: LGPL (2 or any later version)
* Author: Rusty Russell <rusty@rustcorp.com.au>
*/
int main(int argc, char *argv[])
{
if (argc != 2)
return 1;
if (strcmp(argv[1], "depends") == 0) {
printf("ccan/build_assert\n");
return 0;
}
return 1;
}

25
lib/ccan/array_size/array_size.h Normal file
View File

@ -0,0 +1,25 @@
#ifndef CCAN_ARRAY_SIZE_H
#define CCAN_ARRAY_SIZE_H
#include "config.h"
#include <ccan/build_assert/build_assert.h>
/**
* ARRAY_SIZE - get the number of elements in a visible array
* @arr: the array whose size you want.
*
* This does not work on pointers, or arrays declared as [], or
* function parameters. With correct compiler support, such usage
* will cause a build error (see build_assert).
*/
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]) + _array_size_chk(arr))
#if HAVE_BUILTIN_TYPES_COMPATIBLE_P && HAVE_TYPEOF
/* Two gcc extensions.
* &a[0] degrades to a pointer: a different type from an array */
#define _array_size_chk(arr) \
BUILD_ASSERT_OR_ZERO(!__builtin_types_compatible_p(typeof(arr), \
typeof(&(arr)[0])))
#else
#define _array_size_chk(arr) 0
#endif
#endif /* CCAN_ALIGNOF_H */

24
lib/ccan/array_size/test/compile_fail-function-param.c Normal file
View File

@ -0,0 +1,24 @@
#include <ccan/array_size/array_size.h>
#include <stdlib.h>
struct foo {
unsigned int a, b;
};
int check_parameter(const struct foo array[4]);
int check_parameter(const struct foo array[4])
{
#ifdef FAIL
return (ARRAY_SIZE(array) == 4);
#if !HAVE_TYPEOF || !HAVE_BUILTIN_TYPES_COMPATIBLE_P
#error "Unfortunately we don't fail if _array_size_chk is a noop."
#endif
#else
return sizeof(array) == 4 * sizeof(struct foo);
#endif
}
int main(int argc, char *argv[])
{
return check_parameter(NULL);
}

14
lib/ccan/array_size/test/compile_fail.c Normal file
View File

@ -0,0 +1,14 @@
#include <ccan/array_size/array_size.h>
int main(int argc, char *argv[8])
{
char array[100];
#ifdef FAIL
return ARRAY_SIZE(argv) + ARRAY_SIZE(array);
#if !HAVE_TYPEOF || !HAVE_BUILTIN_TYPES_COMPATIBLE_P
#error "Unfortunately we don't fail if _array_size_chk is a noop."
#endif
#else
return ARRAY_SIZE(array);
#endif
}

33
lib/ccan/array_size/test/run.c Normal file
View File

@ -0,0 +1,33 @@
#include <ccan/array_size/array_size.h>
#include <ccan/tap/tap.h>
static char array1[1];
static int array2[2];
static unsigned long array3[3][5];
struct foo {
unsigned int a, b;
char string[100];
};
static struct foo array4[4];
/* Make sure they can be used in initializers. */
static int array1_size = ARRAY_SIZE(array1);
static int array2_size = ARRAY_SIZE(array2);
static int array3_size = ARRAY_SIZE(array3);
static int array4_size = ARRAY_SIZE(array4);
int main(int argc, char *argv[])
{
plan_tests(8);
ok1(array1_size == 1);
ok1(array2_size == 2);
ok1(array3_size == 3);
ok1(array4_size == 4);
ok1(ARRAY_SIZE(array1) == 1);
ok1(ARRAY_SIZE(array2) == 2);
ok1(ARRAY_SIZE(array3) == 3);
ok1(ARRAY_SIZE(array4) == 4);
return exit_status();
}

508
lib/ccan/asearch/LICENSE Normal file
View File

@ -0,0 +1,508 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations
below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it
becomes a de-facto standard. To achieve this, non-free programs must
be allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control
compilation and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at least
three years, to give the same user the materials specified in
Subsection 6a, above, for a charge no more than the cost of
performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply, and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License
may add an explicit geographical distribution limitation excluding those
countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms
of the ordinary General Public License).
To apply these terms, attach the following notices to the library.
It is safest to attach them to the start of each source file to most
effectively convey the exclusion of warranty; and each file should
have at least the "copyright" line and a pointer to where the full
notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or
your school, if any, to sign a "copyright disclaimer" for the library,
if necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James
Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

58
lib/ccan/asearch/_info Normal file
View File

@ -0,0 +1,58 @@
#include <stdio.h>
#include <string.h>
#include "config.h"
/**
* asearch - typesafe binary search (bsearch)
*
* An ordered array of objects can be efficiently searched using a binary
* search algorithm; the time taken is around log(number of elements).
*
* This version uses macros to be typesafe on platforms which support it.
*
* License: LGPL
* Author: Rusty Russell <rusty@rustcorp.com.au>
*
* Example:
* #include <ccan/asearch/asearch.h>
* #include <stdio.h>
* #include <string.h>
*
* static int cmp(const char *key, char *const *elem)
* {
* return strcmp(key, *elem);
* }
*
* int main(int argc, char *argv[])
* {
* char **p;
*
* if (argc < 2) {
* fprintf(stderr, "Usage: %s <key> <list>...\n"
* "Print position of key in (sorted) list\n",
* argv[0]);
* exit(1);
* }
*
* p = asearch(argv[1], &argv[2], argc-2, cmp);
* if (!p) {
* printf("Not found!\n");
* return 1;
* }
* printf("%u\n", p - &argv[2]);
* return 0;
* }
*/
int main(int argc, char *argv[])
{
if (argc != 2)
return 1;
if (strcmp(argv[1], "depends") == 0) {
printf("ccan/typesafe_cb\n");
printf("ccan/array_size\n");
return 0;
}
return 1;
}

37
lib/ccan/asearch/asearch.h Normal file
View File

@ -0,0 +1,37 @@
#ifndef CCAN_ASEARCH_H
#define CCAN_ASEARCH_H
#include <stdlib.h>
#include <ccan/typesafe_cb/typesafe_cb.h>
/**
* asearch - search an array of elements
* @key: pointer to item being searched for
* @base: pointer to data to sort
* @num: number of elements
* @cmp: pointer to comparison function
*
* This function does a binary search on the given array. The
* contents of the array should already be in ascending sorted order
* under the provided comparison function.
*
* Note that the key need not have the same type as the elements in
* the array, e.g. key could be a string and the comparison function
* could compare the string with the struct's name field. However, if
* the key and elements in the array are of the same type, you can use
* the same comparison function for both sort() and asearch().
*/
#if HAVE_TYPEOF
#define asearch(key, base, num, cmp) \
((__typeof__(*(base))*)(bsearch((key), (base), (num), sizeof(*(base)), \
typesafe_cb_cast(int (*)(const void *, const void *), \
int (*)(const __typeof__(*(key)) *, \
const __typeof__(*(base)) *), \
(cmp)))))
#else
#define asearch(key, base, num, cmp) \
(bsearch((key), (base), (num), sizeof(*(base)), \
(int (*)(const void *, const void *))(cmp)))
#endif
#endif /* CCAN_ASEARCH_H */

25
lib/ccan/asearch/test/compile_fail-return-value-const.c Normal file
View File

@ -0,0 +1,25 @@
#include <ccan/asearch/asearch.h>
#include <ccan/array_size/array_size.h>
#include <string.h>
static int cmp(const char *key, const char *const *elem)
{
return strcmp(key, *elem);
}
int main(void)
{
const char key[] = "key";
const char *elems[] = { "a", "big", "list", "of", "things" };
#ifdef FAIL
char **p;
#if !HAVE_TYPEOF
#error "Unfortunately we don't fail if no typeof."
#endif
#else
const char **p;
#endif
p = asearch(key, elems, ARRAY_SIZE(elems), cmp);
return p ? 0 : 1;
}

22
lib/ccan/asearch/test/compile_fail-return-value.c Normal file
View File

@ -0,0 +1,22 @@
#include <ccan/asearch/asearch.h>
static int cmp(const char *key, char *const *elem)
{
return 0;
}
int main(int argc, char **argv)
{
const char key[] = "key";
#ifdef FAIL
int **p;
#if !HAVE_TYPEOF
#error "Unfortunately we don't fail if no typeof."
#endif
#else
char **p;
#endif
p = asearch(key, argv+1, argc-1, cmp);
return p ? 0 : 1;
}

22
lib/ccan/asearch/test/run-strings.c Normal file
View File

@ -0,0 +1,22 @@
#include <ccan/asearch/asearch.h>
#include <ccan/array_size/array_size.h>
#include <ccan/tap/tap.h>
#include <stdlib.h>
static int cmp(const int *key, const char *const *elem)
{
return *key - atoi(*elem);
}
int main(void)
{
const char *args[] = { "1", "4", "7", "9" };
int key = 7;
const char **p;
plan_tests(1);
p = asearch(&key, args, ARRAY_SIZE(args), cmp);
ok1(p == &args[2]);
return exit_status();
}

40
lib/ccan/asearch/test/run.c Normal file
View File

@ -0,0 +1,40 @@
#include <ccan/asearch/asearch.h>
#include <ccan/array_size/array_size.h>
#include <ccan/tap/tap.h>
#include <limits.h>
static int test_cmp(const int *key, const int *elt)
{
if (*key < *elt)
return -1;
else if (*key > *elt)
return 1;
return 0;
}
int main(void)
{
const int arr[] = { INT_MIN, 0, 1, 2, 3, 4, 5, 6, INT_MAX };
unsigned int start, num, i, total = 0;
int key;
plan_tests(285);
for (start = 0; start < ARRAY_SIZE(arr); start++) {
for (num = 0; num < ARRAY_SIZE(arr) - start; num++) {
key = 7;
ok1(asearch(&key, &arr[start], num, test_cmp) == NULL);
total++;
for (i = start; i < start+num; i++) {
const int *ret;
key = arr[i];
ret = asearch(&key, &arr[start], num, test_cmp);
ok1(ret);
ok1(ret && *ret == key);
total++;
}
}
}
diag("Tested %u searches\n", total);
return exit_status();
}

508
lib/ccan/build_assert/LICENSE Normal file
View File

@ -0,0 +1,508 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations
below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it
becomes a de-facto standard. To achieve this, non-free programs must
be allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control
compilation and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at least
three years, to give the same user the materials specified in
Subsection 6a, above, for a charge no more than the cost of
performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply, and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License
may add an explicit geographical distribution limitation excluding those
countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms
of the ordinary General Public License).
To apply these terms, attach the following notices to the library.
It is safest to attach them to the start of each source file to most
effectively convey the exclusion of warranty; and each file should
have at least the "copyright" line and a pointer to where the full
notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or
your school, if any, to sign a "copyright disclaimer" for the library,
if necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James
Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

49
lib/ccan/build_assert/_info Normal file
View File

@ -0,0 +1,49 @@
#include <stdio.h>
#include <string.h>
#include "config.h"
/**
* build_assert - routines for build-time assertions
*
* This code provides routines which will cause compilation to fail should some
* assertion be untrue: such failures are preferable to run-time assertions,
* but much more limited since they can only depends on compile-time constants.
*
* These assertions are most useful when two parts of the code must be kept in
* sync: it is better to avoid such cases if possible, but seconds best is to
* detect invalid changes at build time.
*
* For example, a tricky piece of code might rely on a certain element being at
* the start of the structure. To ensure that future changes don't break it,
* you would catch such changes in your code like so:
*
* Example:
* #include <stddef.h>
* #include <ccan/build_assert/build_assert.h>
*
* struct foo {
* char string[5];
* int x;
* };
*
* static char *foo_string(struct foo *foo)
* {
* // This trick requires that the string be first in the structure
* BUILD_ASSERT(offsetof(struct foo, string) == 0);
* return (char *)foo;
* }
*
* License: LGPL (2 or any later version)
* Author: Rusty Russell <rusty@rustcorp.com.au>
*/
int main(int argc, char *argv[])
{
if (argc != 2)
return 1;
if (strcmp(argv[1], "depends") == 0)
/* Nothing. */
return 0;
return 1;
}

39
lib/ccan/build_assert/build_assert.h Normal file
View File

@ -0,0 +1,39 @@
#ifndef CCAN_BUILD_ASSERT_H
#define CCAN_BUILD_ASSERT_H
/**
* BUILD_ASSERT - assert a build-time dependency.
* @cond: the compile-time condition which must be true.
*
* Your compile will fail if the condition isn't true, or can't be evaluated
* by the compiler. This can only be used within a function.
*
* Example:
* #include <stddef.h>
* ...
* static char *foo_to_char(struct foo *foo)
* {
* // This code needs string to be at start of foo.
* BUILD_ASSERT(offsetof(struct foo, string) == 0);
* return (char *)foo;
* }
*/
#define BUILD_ASSERT(cond) \
do { (void) sizeof(char [1 - 2*!(cond)]); } while(0)
/**
* BUILD_ASSERT_OR_ZERO - assert a build-time dependency, as an expression.
* @cond: the compile-time condition which must be true.
*
* Your compile will fail if the condition isn't true, or can't be evaluated
* by the compiler. This can be used in an expression: its value is "0".
*
* Example:
* #define foo_to_char(foo) \
* ((char *)(foo) \
* + BUILD_ASSERT_OR_ZERO(offsetof(struct foo, string) == 0))
*/
#define BUILD_ASSERT_OR_ZERO(cond) \
(sizeof(char [1 - 2*!(cond)]) - 1)
#endif /* CCAN_BUILD_ASSERT_H */

10
lib/ccan/build_assert/test/compile_fail-expr.c Normal file
View File

@ -0,0 +1,10 @@
#include <ccan/build_assert/build_assert.h>
int main(int argc, char *argv[])
{
#ifdef FAIL
return BUILD_ASSERT_OR_ZERO(1 == 0);
#else
return 0;
#endif
}

9
lib/ccan/build_assert/test/compile_fail.c Normal file
View File

@ -0,0 +1,9 @@
#include <ccan/build_assert/build_assert.h>
int main(int argc, char *argv[])
{
#ifdef FAIL
BUILD_ASSERT(1 == 0);
#endif
return 0;
}

7
lib/ccan/build_assert/test/compile_ok.c Normal file
View File

@ -0,0 +1,7 @@
#include <ccan/build_assert/build_assert.h>
int main(int argc, char *argv[])
{
BUILD_ASSERT(1 == 1);
return 0;
}

9
lib/ccan/build_assert/test/run-BUILD_ASSERT_OR_ZERO.c Normal file
View File

@ -0,0 +1,9 @@
#include <ccan/build_assert/build_assert.h>
#include <ccan/tap/tap.h>
int main(int argc, char *argv[])
{
plan_tests(1);
ok1(BUILD_ASSERT_OR_ZERO(1 == 1) == 0);
return exit_status();
}

9
lib/ccan/build_assert/test/run-EXPR_BUILD_ASSERT.c Normal file
View File

@ -0,0 +1,9 @@
#include <ccan/build_assert/build_assert.h>
#include <ccan/tap/tap.h>
int main(int argc, char *argv[])
{
plan_tests(1);
ok1(EXPR_BUILD_ASSERT(1 == 1) == 0);
return exit_status();
}

165
lib/ccan/cast/LICENSE Normal file
View File

@ -0,0 +1,165 @@
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
This version of the GNU Lesser General Public License incorporates
the terms and conditions of version 3 of the GNU General Public
License, supplemented by the additional permissions listed below.
0. Additional Definitions.
As used herein, "this License" refers to version 3 of the GNU Lesser
General Public License, and the "GNU GPL" refers to version 3 of the GNU
General Public License.
"The Library" refers to a covered work governed by this License,
other than an Application or a Combined Work as defined below.
An "Application" is any work that makes use of an interface provided
by the Library, but which is not otherwise based on the Library.
Defining a subclass of a class defined by the Library is deemed a mode
of using an interface provided by the Library.
A "Combined Work" is a work produced by combining or linking an
Application with the Library. The particular version of the Library
with which the Combined Work was made is also called the "Linked
Version".
The "Minimal Corresponding Source" for a Combined Work means the
Corresponding Source for the Combined Work, excluding any source code
for portions of the Combined Work that, considered in isolation, are
based on the Application, and not on the Linked Version.
The "Corresponding Application Code" for a Combined Work means the
object code and/or source code for the Application, including any data
and utility programs needed for reproducing the Combined Work from the
Application, but excluding the System Libraries of the Combined Work.
1. Exception to Section 3 of the GNU GPL.
You may convey a covered work under sections 3 and 4 of this License
without being bound by section 3 of the GNU GPL.
2. Conveying Modified Versions.
If you modify a copy of the Library, and, in your modifications, a
facility refers to a function or data to be supplied by an Application
that uses the facility (other than as an argument passed when the
facility is invoked), then you may convey a copy of the modified
version:
a) under this License, provided that you make a good faith effort to
ensure that, in the event an Application does not supply the
function or data, the facility still operates, and performs
whatever part of its purpose remains meaningful, or
b) under the GNU GPL, with none of the additional permissions of
this License applicable to that copy.
3. Object Code Incorporating Material from Library Header Files.
The object code form of an Application may incorporate material from
a header file that is part of the Library. You may convey such object
code under terms of your choice, provided that, if the incorporated
material is not limited to numerical parameters, data structure
layouts and accessors, or small macros, inline functions and templates
(ten or fewer lines in length), you do both of the following:
a) Give prominent notice with each copy of the object code that the
Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the object code with a copy of the GNU GPL and this license
document.
4. Combined Works.
You may convey a Combined Work under terms of your choice that,
taken together, effectively do not restrict modification of the
portions of the Library contained in the Combined Work and reverse
engineering for debugging such modifications, if you also do each of
the following:
a) Give prominent notice with each copy of the Combined Work that
the Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the Combined Work with a copy of the GNU GPL and this license
document.
c) For a Combined Work that displays copyright notices during
execution, include the copyright notice for the Library among
these notices, as well as a reference directing the user to the
copies of the GNU GPL and this license document.
d) Do one of the following:
0) Convey the Minimal Corresponding Source under the terms of this
License, and the Corresponding Application Code in a form
suitable for, and under terms that permit, the user to
recombine or relink the Application with a modified version of
the Linked Version to produce a modified Combined Work, in the
manner specified by section 6 of the GNU GPL for conveying
Corresponding Source.
1) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (a) uses at run time
a copy of the Library already present on the user's computer
system, and (b) will operate properly with a modified version
of the Library that is interface-compatible with the Linked
Version.
e) Provide Installation Information, but only if you would otherwise
be required to provide such information under section 6 of the
GNU GPL, and only to the extent that such information is
necessary to install and execute a modified version of the
Combined Work produced by recombining or relinking the
Application with a modified version of the Linked Version. (If
you use option 4d0, the Installation Information must accompany
the Minimal Corresponding Source and Corresponding Application
Code. If you use option 4d1, you must provide the Installation
Information in the manner specified by section 6 of the GNU GPL
for conveying Corresponding Source.)
5. Combined Libraries.
You may place library facilities that are a work based on the
Library side by side in a single library together with other library
facilities that are not Applications and are not covered by this
License, and convey such a combined library under terms of your
choice, if you do both of the following:
a) Accompany the combined library with a copy of the same work based
on the Library, uncombined with any other library facilities,
conveyed under the terms of this License.
b) Give prominent notice with the combined library that part of it
is a work based on the Library, and explaining where to find the
accompanying uncombined form of the same work.
6. Revised Versions of the GNU Lesser General Public License.
The Free Software Foundation may publish revised and/or new versions
of the GNU Lesser General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the
Library as you received it specifies that a certain numbered version
of the GNU Lesser General Public License "or any later version"
applies to it, you have the option of following the terms and
conditions either of that published version or of any later version
published by the Free Software Foundation. If the Library as you
received it does not specify a version number of the GNU Lesser
General Public License, you may choose any version of the GNU Lesser
General Public License ever published by the Free Software Foundation.
If the Library as you received it specifies that a proxy can decide
whether future versions of the GNU Lesser General Public License shall
apply, that proxy's public statement of acceptance of any version is
permanent authorization for you to choose that version for the
Library.

84
lib/ccan/cast/_info Normal file
View File

@ -0,0 +1,84 @@
#include <string.h>
#include "config.h"
/**
* cast - routines for safer casting.
*
* Often you want to cast in a limited way, such as removing a const or
* switching between integer types. However, normal casts will work on
* almost any type, making them dangerous when the code changes.
*
* These C++-inspired macros serve two purposes: they make it clear the
* exact reason for the cast, and they also (with some compilers) cause
* errors when misused.
*
* Based on Jan Engelhardt's libHX macros: http://libhx.sourceforge.net/
*
* Author: Jan Engelhardt
* Maintainer: Rusty Russell <rusty@rustcorp.com.au>
* License: LGPL
*
* Example:
* // Given "test" contains "3 t's in 'test string'
* #include <ccan/cast/cast.h>
* #include <stdint.h>
* #include <stdio.h>
*
* // Find char @orig in @str, if @repl, replace them. Return number.
* static size_t find_chars(char *str, char orig, char repl)
* {
* size_t i, count = 0;
* for (i = 0; str[i]; i++) {
* if (str[i] == orig) {
* count++;
* if (repl)
* str[i] = repl;
* }
* }
* return count;
* }
*
* // Terrible hash function.
* static uint64_t hash_string(const unsigned char *str)
* {
* size_t i;
* uint64_t hash = 0;
* for (i = 0; str[i]; i++)
* hash += str[i];
* return hash;
* }
*
* int main(int argc, char *argv[])
* {
* uint64_t hash;
*
* // find_chars wants a non-const string, but doesn't
* // need it if repl == 0.
* printf("%zu %c's in 'test string'\n",
* find_chars(cast_const(char *, "test string"),
* argv[1][0], 0),
* argv[1][0]);
*
* // hash_string wants an unsigned char.
* hash = hash_string(cast_signed(unsigned char *, argv[1]));
*
* // Need a long long to hand to printf.
* printf("Hash of '%s' = %llu\n", argv[1],
* cast_static(unsigned long long, hash));
* return 0;
* }
*
*/
int main(int argc, char *argv[])
{
/* Expect exactly one argument */
if (argc != 2)
return 1;
if (strcmp(argv[1], "depends") == 0) {
printf("ccan/build_assert\n");
return 0;
}
return 1;
}

129
lib/ccan/cast/cast.h Normal file
View File

@ -0,0 +1,129 @@
#ifndef CCAN_CAST_H
#define CCAN_CAST_H
#include "config.h"
#include <stdint.h>
#include <ccan/build_assert/build_assert.h>
/**
* cast_signed - cast a (const) char * to/from (const) signed/unsigned char *.
* @type: some char * variant.
* @expr: expression (of some char * variant) to cast.
*
* Some libraries insist on an unsigned char in various places; cast_signed
* makes sure (with suitable compiler) that the expression you are casting
* only differs in signed/unsigned, not in type or const-ness.
*/
#define cast_signed(type, expr) \
((type)(expr) \
+ BUILD_ASSERT_OR_ZERO(cast_sign_compatible(type, (expr))))
/**
* cast_const - remove a const qualifier from a pointer.
* @type: some pointer type.
* @expr: expression to cast.
*
* This ensures that you are only removing the const qualifier from an
* expression. The expression must otherwise match @type.
*
* If @type is a pointer to a pointer, you must use cast_const2 (etc).
*
* Example:
* // Dumb open-coded strstr variant.
* static char *find_needle(const char *haystack)
* {
* size_t i;
* for (i = 0; i < strlen(haystack); i++)
* if (memcmp("needle", haystack+i, strlen("needle")) == 0)
* return cast_const(char *, haystack+i);
* return NULL;
* }
*/
#define cast_const(type, expr) \
((type)((intptr_t)(expr) \
+ BUILD_ASSERT_OR_ZERO(cast_const_compat1((expr), type))))
/**
* cast_const2 - remove a const qualifier from a pointer to a pointer.
* @type: some pointer to pointer type.
* @expr: expression to cast.
*
* This ensures that you are only removing the const qualifier from an
* expression. The expression must otherwise match @type.
*/
#define cast_const2(type, expr) \
((type)((intptr_t)(expr) \
+ BUILD_ASSERT_OR_ZERO(cast_const_compat2((expr), type))))
/**
* cast_const3 - remove a const from a pointer to a pointer to a pointer..
* @type: some pointer to pointer to pointer type.
* @expr: expression to cast.
*
* This ensures that you are only removing the const qualifier from an
* expression. The expression must otherwise match @type.
*/
#define cast_const3(type, expr) \
((type)((intptr_t)(expr) \
+ BUILD_ASSERT_OR_ZERO(cast_const_compat3((expr), type))))
/**
* cast_static - explicit mimic of implicit cast.
* @type: some type.
* @expr: expression to cast.
*
* This ensures that the cast is not to or from a pointer: it can only be
* an implicit cast, such as a pointer to a similar const pointer, or between
* integral types.
*/
#if HAVE_COMPOUND_LITERALS
#define cast_static(type, expr) \
((struct { type x; }){(expr)}.x)
#else
#define cast_static(type, expr) \
((type)(expr))
#endif
/* Herein lies the gcc magic to evoke compile errors. */
#if HAVE_BUILTIN_CHOOSE_EXPR && HAVE_BUILTIN_TYPES_COMPATIBLE_P && HAVE_TYPEOF
#define cast_sign_compatible(t, e) \
__builtin_choose_expr( \
__builtin_types_compatible_p(__typeof__(t), char *) || \
__builtin_types_compatible_p(__typeof__(t), signed char *) || \
__builtin_types_compatible_p(__typeof__(t), unsigned char *), \
/* if type is not const qualified */ \
__builtin_types_compatible_p(__typeof__(e), char *) || \
__builtin_types_compatible_p(__typeof__(e), signed char *) || \
__builtin_types_compatible_p(__typeof__(e), unsigned char *), \
/* and if it is... */ \
__builtin_types_compatible_p(__typeof__(e), const char *) || \
__builtin_types_compatible_p(__typeof__(e), const signed char *) || \
__builtin_types_compatible_p(__typeof__(e), const unsigned char *) ||\
__builtin_types_compatible_p(__typeof__(e), char *) || \
__builtin_types_compatible_p(__typeof__(e), signed char *) || \
__builtin_types_compatible_p(__typeof__(e), unsigned char *) \
)
#define cast_const_strip1(expr) \
__typeof__(*(struct { int z; __typeof__(expr) x; }){0}.x)
#define cast_const_strip2(expr) \
__typeof__(**(struct { int z; __typeof__(expr) x; }){0}.x)
#define cast_const_strip3(expr) \
__typeof__(***(struct { int z; __typeof__(expr) x; }){0}.x)
#define cast_const_compat1(expr, type) \
__builtin_types_compatible_p(cast_const_strip1(expr), \
cast_const_strip1(type))
#define cast_const_compat2(expr, type) \
__builtin_types_compatible_p(cast_const_strip2(expr), \
cast_const_strip2(type))
#define cast_const_compat3(expr, type) \
__builtin_types_compatible_p(cast_const_strip3(expr), \
cast_const_strip3(type))
#else
#define cast_sign_compatible(type, expr) \
(sizeof(*(type)0) == 1 && sizeof(*(expr)) == 1)
#define cast_const_compat1(expr, type) (1)
#define cast_const_compat2(expr, type) (1)
#define cast_const_compat3(expr, type) (1)
#endif
#endif /* CCAN_CAST_H */

29
lib/ccan/cast/test/compile_fail-cast_const.c Normal file
View File

@ -0,0 +1,29 @@
#include <ccan/cast/cast.h>
#include <stdlib.h>
/* Note: this *isn't* sizeof(char) on all platforms. */
struct char_struct {
char c;
};
int main(int argc, char *argv[])
{
char *uc;
const
#ifdef FAIL
struct char_struct
#else
char
#endif
*p = NULL;
uc = cast_const(char *, p);
(void) uc; /* Suppress unused-but-set-variable warning. */
return 0;
}
#ifdef FAIL
#if !HAVE_TYPEOF||!HAVE_BUILTIN_CHOOSE_EXPR||!HAVE_BUILTIN_TYPES_COMPATIBLE_P
#error "Unfortunately we don't fail if cast_const can only use size"
#endif
#endif

29
lib/ccan/cast/test/compile_fail-cast_const2.c Normal file
View File

@ -0,0 +1,29 @@
#include <ccan/cast/cast.h>
#include <stdlib.h>
/* Note: this *isn't* sizeof(char) on all platforms. */
struct char_struct {
char c;
};
int main(int argc, char *argv[])
{
char **uc;
const
#ifdef FAIL
struct char_struct
#else
char
#endif
**p = NULL;
uc = cast_const2(char **, p);
(void) uc; /* Suppress unused-but-set-variable warning. */
return 0;
}
#ifdef FAIL
#if !HAVE_TYPEOF||!HAVE_BUILTIN_CHOOSE_EXPR||!HAVE_BUILTIN_TYPES_COMPATIBLE_P
#error "Unfortunately we don't fail if cast_const can only use size"
#endif
#endif

29
lib/ccan/cast/test/compile_fail-cast_const3.c Normal file
View File

@ -0,0 +1,29 @@
#include <ccan/cast/cast.h>
#include <stdlib.h>
/* Note: this *isn't* sizeof(char) on all platforms. */
struct char_struct {
char c;
};
int main(int argc, char *argv[])
{
char ***uc;
const
#ifdef FAIL
struct char_struct
#else
char
#endif
***p = NULL;
uc = cast_const3(char ***, p);
(void) uc; /* Suppress unused-but-set-variable warning. */
return 0;
}
#ifdef FAIL
#if !HAVE_TYPEOF||!HAVE_BUILTIN_CHOOSE_EXPR||!HAVE_BUILTIN_TYPES_COMPATIBLE_P
#error "Unfortunately we don't fail if cast_const can only use size"
#endif
#endif

Some files were not shown because too many files have changed in this diff Show More