1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

109 Commits

Author SHA1 Message Date
Simo Sorce
15efcbaa09 s4:lib: use tevent_ fns names instead of legcay event_ ones 2011-08-13 09:54:16 -04:00
Andrew Bartlett
af5f494bd2 build: provide tevent-util as a public library
This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced
by generated PIDL output.

Andrew Bartlett
2011-08-08 13:34:06 +02:00
Matthias Dieter Wallnöfer
22fcb8e494 s4:lib/tls/wscript - exclude known broken GNUTLS releases
This definitely fixes bug #7218.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Mar 10 11:58:27 CET 2011 on sn-devel-104
2011-03-10 11:58:27 +01:00
Stefan Metzmacher
93733e4e31 s4:tls_tstream: also use a dynamic buffer for the pull side
Maybe that fixes the remaining issues with some gnutls versions.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jan 18 17:26:08 CET 2011 on sn-devel-104
2011-01-18 17:26:08 +01:00
Stefan Metzmacher
361b4ed016 s4:tls_tstream: fix partial reads, so that the gnutls layer doesn't read the same data twice
metze
2011-01-18 16:34:28 +01:00
Stefan Metzmacher
69ad3f7f90 tls_tstream: use a dynamic buffer for the push case
Some versions of gnutls doesn't handle EAGAIN correctly,
so we better allow sending buffers without a low size limitation,
the limit is now UINT16_MAX (0xFFFF) and we allocate the buffer
with talloc each time.

metze
2010-12-04 12:12:21 +01:00
Matthieu Patou
a42ccab929 tls_tstream: increase the buffer size
The problem is that with certain version of gnutls are not working
properly if the server is sending in different packet things like (at
least)

* Certificate
* Server Key exchange
* Client certificate

Somehow it really expect this to be done in one packet as some
structures used _gnutls_send_handshake are reinitialized at every
packet exchange and intermediate steps didn't expect it

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-12-04 12:12:21 +01:00
Matthias Dieter Wallnöfer
6ce63655ef s4:lib/tls/tls_tstream.c - quiet warning on Solaris "cc" by casts 2010-11-29 14:48:13 +01:00
Jelmer Vernooij
3deece5591 s4: Remove the old perl/m4/make/mk-based build system.
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-31 02:01:44 +00:00
Matthieu Patou
f8d49958b2 tls: Inform the user if the cert/ca/private key can't be saved
Most of the time this problem is due to a missing <private>/tls dir.
Should close bug 7640.

Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Oct 27 20:08:54 UTC 2010 on sn-devel-104
2010-10-27 20:08:54 +00:00
Jelmer Vernooij
8cf61377aa waf: Remove lib prefix from libraries manually. 2010-10-26 10:17:17 -07:00
Jelmer Vernooij
833480d3ad s4: Rename LIBSAMBA-* to libsamba-* 2010-10-24 00:20:04 +00:00
Jelmer Vernooij
614c8ea986 tls: add missing dependency on util_tevent. 2010-10-10 23:08:12 +02:00
Stefan Metzmacher
9300f922ae s4:lib/tls: buffer writes in tstream_tls_push_function()
This works arround bugs in gnutls_handshake(),
which diesn't handle EAGAIN correctly, when they use the
push function.

Thanks to Marcel.Ritter@rrze.uni-erlangen.de and
Matthieu Patou <mat@samba.org> for the debugging work
on bug #7218.

metze
2010-10-08 11:53:08 +02:00
Stefan Metzmacher
a3d44d5504 s4:lib/tls: make more clear what the immediate event is for
metze
2010-10-08 11:53:06 +02:00
Stefan Metzmacher
cce2f9dde4 s4:lib/tls: fix enabled logic in tstream_tls_params_server()
metze
2010-10-08 11:53:06 +02:00
Stefan Metzmacher
ca360fba10 s4:lib/tls: add gnutls backend for tstream
metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Sep 28 02:29:42 UTC 2010 on sn-devel-104
2010-09-28 02:29:42 +00:00
Andrew Tridgell
6b266b85cf s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-16 18:24:27 +10:00
Andrew Tridgell
f9eae32f4b s4-waf: mark the wscript files as python so vim/emacs knows how to highlight them 2010-04-06 20:27:11 +10:00
Andrew Tridgell
17f4485722 s4-waf: disable_gnutls is gone 2010-04-06 20:27:05 +10:00
Andrew Tridgell
a6ce1c3dce build: need to mark disabled libraries as DISABLED 2010-04-06 20:27:05 +10:00
Andrew Tridgell
9df6c86123 build: honor both --enable-gnutls and --disable-gnutls
This shows how we can do the dual-boolean rules we use so much with
autoconf
2010-04-06 20:27:04 +10:00
Andrew Tridgell
0632fac52e build: add cflags from pkg_config results to header/function tests
When we find a package with pkg_config we may need to use the
resulting ccflags and ldflags in later tests.

Support this by adding lib= options to CHECK_FUNC and CHECK_HEADER

This gets gnutls on FreeBSD working
2010-04-06 20:27:01 +10:00
Andrew Tridgell
9730166fd6 build: configure fixes for opensolaris 2010-04-06 20:27:01 +10:00
Andrew Tridgell
00649a9c62 build: updated configure checks or new syntax 2010-04-06 20:27:00 +10:00
Andrew Tridgell
54941c86e7 build: fixed gnutls check 2010-04-06 20:26:58 +10:00
Andrew Tridgell
8f1b809d2c build: nearly there on samba4 build 2010-04-06 20:26:47 +10:00
Andrew Tridgell
332553d8ab build: check for libgpg-error 2010-04-06 20:26:44 +10:00
Andrew Tridgell
a2c866a5e6 build: gcrypt functions 2010-04-06 20:26:43 +10:00
Andrew Tridgell
aac8aec0d1 build: more config checks 2010-04-06 20:26:43 +10:00
Andrew Tridgell
8bae4823f2 build: waf build for lib/tls 2010-04-06 20:26:41 +10:00
Brian Lu
f346079083 s4:tls: fix the build on Solaris
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-12-15 12:56:50 +01:00
Matthias Dieter Wallnöfer
e9686985cb s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
2009-10-14 10:50:43 +02:00
Andrew Tridgell
c6936ab00f raise the debug level for a common message
when a client disconnects we expect this to happen, so don't print an
error each time
2009-08-12 15:19:42 +10:00
Stefan Metzmacher
6f40637ca8 s4:tls: avoid using talloc_reference() in tls_init_client()
metze
2009-07-31 14:42:04 +02:00
Stefan Metzmacher
d866497b18 s4:tls: avoid using talloc_reference() in tls_init_server()
metze
2009-07-31 14:42:03 +02:00
Andrew Bartlett
bfda910a20 s4:tls Enable GnuTLS back to version 1.4 (an into the future)
We think we have the bug fixed.

Andrew Bartlett
2009-07-28 14:11:18 +10:00
Matthias Dieter Wallnöfer
2627c6c0c2 Fixed some uninitialised variables
I tried hard to not change the program logic. Should fix bug #6439.
2009-06-19 11:32:01 +10:00
Jeremy Allison
a028e9640b Make S4 build on OpenSolaris.
Jeremy.
2009-02-24 15:27:47 -08:00
Andrew Tridgell
b1ff79dbb2 fixed some of the TLS problems
This fixes two things in the TLS support for Samba4. The first is to
use a somewhat more correct hostname instead of 'Samba' when
generating the test certificates. That allows TLS test clients (such
as gnutls-cli) to connect to Samba4 using auto-generated certificates.

The second fix is to add a call to gcry_control() to tell gcrypt to
use /dev/urandom instead of /dev/random (on systems that support
that). That means that test certificate generation is now very fast,
which was previously an impediment to putting the TLS tests on the
build farm.
2009-02-18 14:46:57 +11:00
Jelmer Vernooij
0cbce777a3 Fix indentation for some configure options. 2009-01-15 21:17:56 +01:00
Jelmer Vernooij
d44a6982f3 Don't attempt to use GNUTLS >= 2.6, as it is known broken with the socket-tls backend. 2009-01-08 13:15:10 +01:00
Stefan Metzmacher
183c379fe5 s4:lib/tevent: rename structs
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"

for s in $list; do
	o=`echo $s | cut -d ':' -f1`
	n=`echo $s | cut -d ':' -f2`
	r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
	files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
	for f in $files; do
		cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
		mv $f.tmp $f
	done
done

metze
2008-12-29 20:46:40 +01:00
Jelmer Vernooij
1feab85be6 Rename samba-socket -> samba_socket to fix a couple more compiler
warnings.
2008-12-24 00:15:43 +01:00
Jelmer Vernooij
dcc4081f75 Fix more compiler warnings. 2008-12-23 23:22:57 +01:00
Jelmer Vernooij
9d2d666109 Make lp_tls_* return absolute paths. 2008-10-23 21:49:40 +02:00
Jelmer Vernooij
87ec1d2532 Make sure prototypes are always included, make some functions static and
remove some unused functions.
2008-10-20 18:59:51 +02:00
Jelmer Vernooij
1b99d8fbb5 Use common util_file code. 2008-10-12 17:34:43 +02:00
Simo Sorce
4a0582438f Make it possible to disable gnutls at configure time,
until someone will finally decide to fix it.
(This used to be commit 0671dce355)
2008-06-08 19:16:26 -04:00
Jelmer Vernooij
333c169529 Use variables for source directory in remaining subsystems.
(This used to be commit 6b6b2196a8)
2008-05-18 20:30:46 +02:00