mirror of
https://github.com/samba-team/samba.git
synced 2025-01-21 18:04:06 +03:00
2d2da2af26
Split Windows PAC signing and verification logic, as the signing has to be when the ticket is ready. Create sign and verify the PAC KDC signature if the plugin did not, allowing for S4U2Proxy to work, instead of KRB5SignedPath. Use the header key to verify PAC server signature, as the same key used to encrypt/decrypt the ticket should be used for PAC server signature, like U2U tickets are signed witht the tgt session-key and not with the longterm key, and so krbtgt should be no different and the header key should be used. Lookup the delegated client in DB instead of passing the delegator DB entry. Add PAC ticket-signatures and related functions. Note: due to the change from KRB5SignedPath to PAC, S4U2Proxy requests against new KDC will not work if the evidence ticket was acquired from an old KDC, and vide versa. Closes: #767 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14642 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14881 [jsutton@samba.org Backported from Heimdal commit 2ffaba9401d19c718764d4bd24180960290238e9 - Removed tests - Adapted to Samba's version of Heimdal - Addressed build failures with -O3 - Added knownfails ] Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> [abartlet@samba.org backported from commit d7b03394a9012960d71489e775d40d10fd6f5232 due to conflicts in knownfail due to missing tests that crash the MIT KDC]
961 lines
41 KiB
Python
961 lines
41 KiB
Python
#!/usr/bin/env python
|
|
|
|
import os
|
|
from waflib import Context
|
|
from samba_utils import SET_TARGET_TYPE
|
|
from samba_autoconf import CURRENT_CFLAGS
|
|
from samba_utils import LOAD_ENVIRONMENT
|
|
|
|
def to_list(str):
|
|
'''Split a list, preserving quoted strings and existing lists'''
|
|
if str is None:
|
|
return []
|
|
if isinstance(str, list):
|
|
return str
|
|
return str.split(None)
|
|
|
|
def heimdal_path(p, absolute=False):
|
|
hpath = os.path.join("../heimdal", p)
|
|
if not absolute:
|
|
return hpath
|
|
return os.path.normpath(os.path.join(bld.path.abspath(), hpath))
|
|
|
|
def heimdal_paths(ps):
|
|
return [heimdal_path(p) for p in to_list(ps)]
|
|
|
|
# waf build tool for building .et files with compile_et
|
|
def HEIMDAL_ASN1(name, source,
|
|
options='',
|
|
directory='',
|
|
option_file=None,
|
|
includes=''):
|
|
'''Build a ASN1 file using the asn1 compiler.
|
|
This will produce 2 output files'''
|
|
source = heimdal_path(source)
|
|
bname = os.path.basename(source)[0:-5];
|
|
dname = os.path.dirname(source)
|
|
asn1name = "%s_asn1" % bname
|
|
|
|
if option_file:
|
|
option_file = heimdal_path(option_file)
|
|
|
|
if not SET_TARGET_TYPE(bld, name, 'ASN1'):
|
|
return
|
|
|
|
# for ASN1 compilation, I always put it in build_source, as it doesn't make
|
|
# sense elsewhere
|
|
bld.set_group('build_source')
|
|
|
|
out_files = heimdal_paths([
|
|
"%s/asn1_%s_asn1.x" % (directory, bname),
|
|
"%s/%s_asn1.hx" % (directory, bname),
|
|
"%s/%s_asn1-priv.hx" % (directory, bname),
|
|
])
|
|
|
|
# the ${TGT[0].parent.abspath(env)} expression gives us the parent directory of
|
|
# the first target in the build directory
|
|
# SRC[0].abspath(env) gives the absolute path to the source directory for the first
|
|
# source file. Note that in the case of a option_file, we have more than
|
|
# one source file
|
|
cd_rule = 'cd "${TGT[0].parent.abspath(env)}" &&'
|
|
env = LOAD_ENVIRONMENT()
|
|
if env.ADDRESS_SANITIZER:
|
|
# If address sanitizer is enabled, we need to suppress leak checking
|
|
# in the asn1 tool.
|
|
no_leak_check = " ASAN_OPTIONS=detect_leaks=0"
|
|
else:
|
|
no_leak_check = ""
|
|
|
|
asn1_rule = cd_rule + no_leak_check + ' "${ASN1_COMPILE}" ${OPTION_FILE} ${ASN1OPTIONS} --one-code-file "${SRC[0].abspath(env)}" ${ASN1NAME}'
|
|
|
|
source = to_list(source)
|
|
|
|
if option_file is not None:
|
|
source.append(option_file)
|
|
|
|
deps = ''
|
|
if not bld.CONFIG_SET('USING_SYSTEM_ASN1_COMPILE'):
|
|
deps = 'asn1_compile'
|
|
|
|
t = bld(rule=asn1_rule,
|
|
ext_out = '.x',
|
|
before = 'c',
|
|
update_outputs = True,
|
|
shell = True,
|
|
source = source,
|
|
target = out_files,
|
|
depends_on = deps,
|
|
name=name + '_ASN1')
|
|
|
|
t.env.ASN1NAME = asn1name
|
|
t.env.ASN1OPTIONS = options
|
|
t.env.BLDBIN = os.path.normpath(os.path.join(bld.srcnode.abspath(bld.env), '..'))
|
|
if option_file is not None:
|
|
t.env.OPTION_FILE = "--option-file='%s'" % \
|
|
os.path.normpath(os.path.join(bld.path.abspath(), option_file))
|
|
|
|
cfile = out_files[0][0:-2] + '.c'
|
|
hfile = out_files[1][0:-3] + '.h'
|
|
hpriv = out_files[2][0:-3] + '.h'
|
|
|
|
# now generate a .c file from the .x file
|
|
t = bld(rule='''( echo '#include "config.h"' && cat ${SRC} ) > ${TGT}''',
|
|
source = out_files[0],
|
|
target = cfile,
|
|
shell = True,
|
|
update_outputs=True,
|
|
ext_out = '.c',
|
|
ext_in = '.x',
|
|
depends_on = name + '_ASN1',
|
|
name = name + '_C')
|
|
|
|
# and generate a .h file from the .hx file
|
|
t = bld(rule='cp ${SRC} ${TGT}',
|
|
source = out_files[1],
|
|
ext_out = '.c',
|
|
ext_in = '.x',
|
|
update_outputs=True,
|
|
target = hfile,
|
|
depends_on = name + '_ASN1',
|
|
name = name + '_H')
|
|
|
|
# and generate a .h file from the .hx file
|
|
t = bld(rule='cp ${SRC} ${TGT}',
|
|
source = out_files[2],
|
|
ext_out = '.c',
|
|
ext_in = '.x',
|
|
update_outputs=True,
|
|
target = hpriv,
|
|
depends_on = name + '_ASN1',
|
|
name = name + '_PRIV_H')
|
|
|
|
bld.set_group('main')
|
|
|
|
includes = to_list(includes)
|
|
includes.append(os.path.dirname(out_files[0]))
|
|
|
|
t = bld(features = 'c',
|
|
source = cfile,
|
|
target = name,
|
|
samba_cflags = CURRENT_CFLAGS(bld, name, ''),
|
|
depends_on = '',
|
|
samba_deps = to_list('roken replace'),
|
|
samba_includes = includes,
|
|
local_include = True)
|
|
|
|
|
|
def HEIMDAL_ERRTABLE(name, source):
|
|
'''Build a heimdal errtable from a .et file'''
|
|
|
|
source = heimdal_path(source)
|
|
|
|
bname = source[0:-3]; # strip off the .et suffix
|
|
|
|
if not SET_TARGET_TYPE(bld, name, 'ET'):
|
|
return
|
|
|
|
bld.set_group('build_source')
|
|
|
|
out_files = []
|
|
out_files.append('%s.c' % bname)
|
|
out_files.append('%s.h' % bname)
|
|
|
|
sources = [source, 'et_compile_wrapper.sh']
|
|
|
|
deps = ''
|
|
if not bld.CONFIG_SET('USING_SYSTEM_COMPILE_ET'):
|
|
deps = 'compile_et'
|
|
|
|
t = bld(rule='"${SRC[1].abspath(env)}" "${TGT[0].parent.abspath(env)}" "${COMPILE_ET}" "${SRC[0].abspath(env)}" ${TGT[0].bldpath(env)}',
|
|
ext_out = '.c',
|
|
before = 'c',
|
|
update_outputs = True,
|
|
shell = True,
|
|
source = sources,
|
|
target = out_files,
|
|
depends_on = deps,
|
|
name = name)
|
|
|
|
def HEIMDAL_AUTOPROTO(header, source, options=None, group='prototypes'):
|
|
'''rule for heimdal prototype generation'''
|
|
header = heimdal_path(header)
|
|
bld.set_group(group)
|
|
if options is None:
|
|
options='-q -P comment -o'
|
|
SET_TARGET_TYPE(bld, header, 'PROTOTYPE')
|
|
source = heimdal_paths(source)
|
|
t = bld(rule='${PERL} "${HEIMDAL}/cf/make-proto.pl" ${OPTIONS} "${TGT[0].abspath(env)}" ${SRC}',
|
|
source=source,
|
|
target=header,
|
|
update_outputs=True,
|
|
ext_out='.c',
|
|
before='c')
|
|
t.env.HEIMDAL = os.path.join(bld.srcnode.abspath(), 'source4/heimdal')
|
|
t.env.OPTIONS = options
|
|
|
|
|
|
def HEIMDAL_AUTOPROTO_PRIVATE(header, source):
|
|
'''rule for private heimdal prototype generation'''
|
|
HEIMDAL_AUTOPROTO(header, source, options='-q -P comment -p')
|
|
|
|
|
|
def HEIMDAL_GENERATOR(name, rule, source='', target='',
|
|
group='generators'):
|
|
'''A generic source generator target'''
|
|
|
|
if not SET_TARGET_TYPE(bld, name, 'GENERATOR'):
|
|
return
|
|
|
|
bld.set_group(group)
|
|
return bld(
|
|
rule=rule,
|
|
source=source,
|
|
target=target,
|
|
shell=isinstance(rule, str),
|
|
update_outputs=True,
|
|
before='c',
|
|
ext_out='.c',
|
|
vars=[rule],
|
|
samba_type='GENERATOR',
|
|
name=name)
|
|
|
|
|
|
def HEIMDAL_LIBRARY(libname, source, deps, vnum, version_script, includes=''):
|
|
'''define a Heimdal library'''
|
|
|
|
obj_target = libname + '.objlist'
|
|
|
|
# first create a target for building the object files for this library
|
|
# by separating in this way, we avoid recompiling the C files
|
|
# separately for the install library and the build library
|
|
HEIMDAL_SUBSYSTEM(obj_target,
|
|
source = source,
|
|
deps = deps,
|
|
includes = includes,
|
|
group = 'main')
|
|
|
|
if not SET_TARGET_TYPE(bld, libname, "LIBRARY"):
|
|
return
|
|
|
|
# the library itself will depend on that object target
|
|
deps = to_list(deps)
|
|
deps.append(obj_target)
|
|
|
|
ldflags = []
|
|
|
|
# FIXME: When building upstream heimdal, we should not be adding this
|
|
# suffix.
|
|
bundled_build = True
|
|
if bundled_build:
|
|
bundled_name = libname + '-samba4'
|
|
else:
|
|
bundled_name = libname
|
|
version = "%s_%s" % (Context.g_module.APPNAME, Context.g_module.VERSION)
|
|
|
|
features = 'c cshlib symlink_lib install_lib'
|
|
|
|
bld.set_group('main')
|
|
t = bld(
|
|
features = features,
|
|
source = [],
|
|
target = bundled_name,
|
|
samba_deps = deps,
|
|
samba_includes = includes,
|
|
vnum = vnum,
|
|
install_path = None,
|
|
name = libname,
|
|
ldflags = ldflags,
|
|
vars = [version],
|
|
private_library = bundled_build,
|
|
version_script = heimdal_path(version_script, absolute=True),
|
|
)
|
|
|
|
|
|
def HEIMDAL_SUBSYSTEM(modname, source,
|
|
deps='',
|
|
includes='',
|
|
cflags='',
|
|
group='main',
|
|
use_hostcc=False,
|
|
use_global_deps=True):
|
|
'''define a Heimdal subsystem'''
|
|
|
|
if not SET_TARGET_TYPE(bld, modname, 'SUBSYSTEM'):
|
|
return
|
|
|
|
source = heimdal_paths(source)
|
|
|
|
bld.set_group(group)
|
|
|
|
# If we found the -Wno-error options we need then build without
|
|
# allowing warnings, otherwise permit them
|
|
if bld.env.enable_heimdal_warnings:
|
|
samba_cflags = CURRENT_CFLAGS(bld, modname, cflags) + \
|
|
bld.env.HEIMDAL_PICKY_CFLAGS
|
|
else:
|
|
samba_cflags = CURRENT_CFLAGS(bld, modname, cflags,
|
|
allow_warnings=True)
|
|
|
|
return bld(
|
|
features = 'c',
|
|
source = source,
|
|
target = modname,
|
|
samba_cflags = samba_cflags,
|
|
depends_on = '',
|
|
samba_deps = to_list(deps),
|
|
samba_includes = includes,
|
|
local_include = True,
|
|
local_include_first = True,
|
|
samba_use_hostcc = use_hostcc,
|
|
samba_use_global_deps = use_global_deps
|
|
)
|
|
|
|
|
|
def HEIMDAL_BINARY(binname, source,
|
|
deps='',
|
|
includes='',
|
|
cflags='',
|
|
use_hostcc=False,
|
|
use_global_deps=True,
|
|
compiler=None,
|
|
group='main',
|
|
install=True,
|
|
install_path=None):
|
|
'''define a Samba binary'''
|
|
|
|
source = heimdal_paths(source)
|
|
|
|
bld.SAMBA_BINARY(binname,
|
|
source = source,
|
|
deps = deps,
|
|
includes = includes,
|
|
cflags = cflags,
|
|
group = group,
|
|
use_hostcc = use_hostcc,
|
|
use_global_deps= use_global_deps,
|
|
install_path = None,
|
|
install = install,
|
|
allow_warnings = True)
|
|
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_ROKEN'):
|
|
|
|
if not bld.CONFIG_SET('HAVE_IFADDRS_H'):
|
|
HEIMDAL_GENERATOR(
|
|
name="HEIMDAL_IFADDRS_H",
|
|
rule="rm -f ${TGT} && ln ${SRC} ${TGT}",
|
|
source = 'ifaddrs.hin',
|
|
target = 'ifaddrs.h',
|
|
)
|
|
|
|
if not bld.CONFIG_SET('HAVE_ERR_H'):
|
|
HEIMDAL_GENERATOR(
|
|
group='build_compiler_source',
|
|
name="HEIMDAL_ERR_H",
|
|
rule="rm -f ${TGT} && ln ${SRC} ${TGT}",
|
|
source = '../heimdal/lib/roken/err.hin',
|
|
target = '../heimdal/lib/roken/err.h',
|
|
)
|
|
|
|
ROKEN_COMMON_SOURCE = '''
|
|
lib/roken/base64.c
|
|
lib/roken/ct.c
|
|
lib/roken/hex.c
|
|
lib/roken/bswap.c
|
|
lib/roken/dumpdata.c
|
|
lib/roken/emalloc.c
|
|
lib/roken/ecalloc.c
|
|
lib/roken/getarg.c
|
|
lib/roken/get_window_size.c
|
|
lib/roken/getdtablesize.c
|
|
lib/roken/h_errno.c
|
|
lib/roken/issuid.c
|
|
lib/roken/net_read.c
|
|
lib/roken/net_write.c
|
|
lib/roken/parse_time.c
|
|
lib/roken/parse_units.c
|
|
lib/roken/vis.c
|
|
lib/roken/strlwr.c
|
|
lib/roken/strsep_copy.c
|
|
lib/roken/strsep.c
|
|
lib/roken/strupr.c
|
|
lib/roken/strpool.c
|
|
lib/roken/estrdup.c
|
|
lib/roken/erealloc.c
|
|
lib/roken/simple_exec.c
|
|
lib/roken/strcollect.c
|
|
lib/roken/rtbl.c
|
|
lib/roken/rand.c
|
|
lib/roken/cloexec.c
|
|
lib/roken/xfree.c
|
|
../heimdal_build/replace.c
|
|
'''
|
|
|
|
ROKEN_HOSTCC_SOURCE = ROKEN_COMMON_SOURCE
|
|
|
|
ROKEN_SOURCE = ROKEN_COMMON_SOURCE + '''
|
|
lib/roken/resolve.c
|
|
lib/roken/socket.c
|
|
lib/roken/roken_gethostby.c
|
|
'''
|
|
|
|
HEIMDAL_LIBRARY('roken',
|
|
ROKEN_SOURCE,
|
|
includes='../heimdal/lib/roken ../heimdal/include ../heimdal_build/include',
|
|
deps='resolv util replace',
|
|
vnum='19.0.1',
|
|
version_script='lib/roken/version-script.map',
|
|
)
|
|
|
|
HEIMDAL_SUBSYSTEM('ROKEN_HOSTCC',
|
|
ROKEN_HOSTCC_SOURCE,
|
|
use_hostcc=True,
|
|
use_global_deps=False,
|
|
includes='../heimdal/lib/roken ../heimdal/include ../heimdal_build/include',
|
|
cflags='-DSOCKET_WRAPPER_DISABLE=1 -D_SAMBA_HOSTCC_',
|
|
group='compiler_libraries',
|
|
deps='LIBREPLACE_HOSTCC',
|
|
)
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_KDC"):
|
|
HEIMDAL_ASN1('HEIMDAL_KX509_ASN1',
|
|
'lib/asn1/kx509.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
HEIMDAL_ASN1('HEIMDAL_DIGEST_ASN1',
|
|
'lib/asn1/digest.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
KDC_SOURCE='kdc/default_config.c kdc/kerberos5.c kdc/krb5tgs.c kdc/pkinit.c kdc/log.c kdc/misc.c kdc/digest.c kdc/process.c kdc/windc.c kdc/kx509.c'
|
|
|
|
HEIMDAL_LIBRARY('kdc', source=KDC_SOURCE,
|
|
includes='../heimdal/kdc',
|
|
deps='roken krb5 hdb asn1 HEIMDAL_DIGEST_ASN1 HEIMDAL_KX509_ASN1 heimntlm hcrypto com_err wind heimbase',
|
|
vnum='2.0.0',
|
|
version_script='kdc/version-script.map')
|
|
HEIMDAL_AUTOPROTO('kdc/kdc-protos.h', KDC_SOURCE)
|
|
HEIMDAL_AUTOPROTO_PRIVATE('kdc/kdc-private.h', KDC_SOURCE)
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_HEIMNTLM"):
|
|
HEIMDAL_ERRTABLE('HEIMNTLM_ET',
|
|
'lib/ntlm/ntlm_err.et')
|
|
|
|
HEIMNTLM_SOURCE = 'lib/ntlm/ntlm.c'
|
|
HEIMDAL_LIBRARY('heimntlm',
|
|
source=HEIMNTLM_SOURCE,
|
|
includes='../heimdal/lib/ntlm',
|
|
deps='roken hcrypto krb5',
|
|
vnum='1.0.1',
|
|
version_script='lib/ntlm/version-script.map',
|
|
)
|
|
HEIMDAL_AUTOPROTO('lib/ntlm/heimntlm-protos.h', HEIMNTLM_SOURCE)
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_HDB"):
|
|
HEIMDAL_ASN1('HEIMDAL_HDB_ASN1', 'lib/hdb/hdb.asn1',
|
|
directory='lib/asn1',
|
|
options="--sequence=HDB-Ext-KeySet --sequence=Keys",
|
|
includes='../heimdal/lib/asn1')
|
|
|
|
HDB_KEYS_SOURCE = 'lib/hdb/keys.c'
|
|
|
|
HEIMDAL_SUBSYSTEM('HEIMDAL_HDB_KEYS',
|
|
HDB_KEYS_SOURCE,
|
|
includes='../heimdal/lib/hdb',
|
|
deps='roken hcrypto krb5 HEIMDAL_HDB_ASN1',
|
|
)
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_HDB_ERR_ET', 'lib/hdb/hdb_err.et')
|
|
|
|
HDB_SOURCE = '''lib/hdb/db.c lib/hdb/dbinfo.c lib/hdb/hdb.c
|
|
lib/hdb/ext.c lib/hdb/keytab.c lib/hdb/hdb-keytab.c
|
|
lib/hdb/mkey.c lib/hdb/ndbm.c lib/hdb/hdb_err.c
|
|
../heimdal_build/hdb-glue.c'''
|
|
|
|
HEIMDAL_LIBRARY('hdb',
|
|
version_script='lib/hdb/version-script.map',
|
|
source=HDB_SOURCE,
|
|
includes='../heimdal/lib/hdb',
|
|
deps='krb5 HEIMDAL_HDB_KEYS roken hcrypto com_err HEIMDAL_HDB_ASN1 wind',
|
|
vnum='11.0.2',
|
|
)
|
|
HEIMDAL_AUTOPROTO('lib/hdb/hdb-protos.h', HDB_SOURCE + " " + HDB_KEYS_SOURCE)
|
|
HEIMDAL_AUTOPROTO_PRIVATE('lib/hdb/hdb-private.h', HDB_SOURCE + " " + HDB_KEYS_SOURCE)
|
|
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_GSSAPI"):
|
|
HEIMDAL_ERRTABLE('HEIMDAL_GKRB5_ERR_ET', 'lib/gssapi/krb5/gkrb5_err.et')
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_GSSAPI_ASN1',
|
|
'lib/gssapi/mech/gssapi.asn1',
|
|
includes='../heimdal/lib/asn1',
|
|
directory='lib/gssapi'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_SPNEGO_ASN1',
|
|
source='lib/gssapi/spnego/spnego.asn1',
|
|
options='--sequence=MechTypeList',
|
|
includes='../heimdal/lib/asn1',
|
|
directory='lib/gssapi'
|
|
)
|
|
|
|
HEIMDAL_GSSAPI_SPNEGO_SOURCE = '''
|
|
lib/gssapi/spnego/init_sec_context.c
|
|
lib/gssapi/spnego/external.c
|
|
lib/gssapi/spnego/compat.c
|
|
lib/gssapi/spnego/context_stubs.c
|
|
lib/gssapi/spnego/cred_stubs.c
|
|
lib/gssapi/spnego/accept_sec_context.c
|
|
'''
|
|
|
|
HEIMDAL_AUTOPROTO_PRIVATE('lib/gssapi/spnego/spnego-private.h',
|
|
HEIMDAL_GSSAPI_SPNEGO_SOURCE)
|
|
|
|
HEIMDAL_GSSAPI_KRB5_SOURCE = '''
|
|
lib/gssapi/krb5/copy_ccache.c
|
|
lib/gssapi/krb5/delete_sec_context.c
|
|
lib/gssapi/krb5/init_sec_context.c
|
|
lib/gssapi/krb5/context_time.c
|
|
lib/gssapi/krb5/init.c
|
|
lib/gssapi/krb5/address_to_krb5addr.c
|
|
lib/gssapi/krb5/get_mic.c
|
|
lib/gssapi/krb5/inquire_context.c
|
|
lib/gssapi/krb5/add_cred.c
|
|
lib/gssapi/krb5/inquire_cred.c
|
|
lib/gssapi/krb5/inquire_cred_by_oid.c
|
|
lib/gssapi/krb5/inquire_cred_by_mech.c
|
|
lib/gssapi/krb5/inquire_mechs_for_name.c
|
|
lib/gssapi/krb5/inquire_names_for_mech.c
|
|
lib/gssapi/krb5/indicate_mechs.c
|
|
lib/gssapi/krb5/inquire_sec_context_by_oid.c
|
|
lib/gssapi/krb5/export_sec_context.c
|
|
lib/gssapi/krb5/import_sec_context.c
|
|
lib/gssapi/krb5/duplicate_name.c
|
|
lib/gssapi/krb5/import_name.c
|
|
lib/gssapi/krb5/compare_name.c
|
|
lib/gssapi/krb5/export_name.c
|
|
lib/gssapi/krb5/canonicalize_name.c
|
|
lib/gssapi/krb5/unwrap.c
|
|
lib/gssapi/krb5/wrap.c
|
|
lib/gssapi/krb5/release_name.c
|
|
lib/gssapi/krb5/cfx.c
|
|
lib/gssapi/krb5/8003.c
|
|
lib/gssapi/krb5/arcfour.c
|
|
lib/gssapi/krb5/encapsulate.c
|
|
lib/gssapi/krb5/display_name.c
|
|
lib/gssapi/krb5/sequence.c
|
|
lib/gssapi/krb5/display_status.c
|
|
lib/gssapi/krb5/release_buffer.c
|
|
lib/gssapi/krb5/external.c
|
|
lib/gssapi/krb5/compat.c
|
|
lib/gssapi/krb5/creds.c
|
|
lib/gssapi/krb5/acquire_cred.c
|
|
lib/gssapi/krb5/release_cred.c
|
|
lib/gssapi/krb5/store_cred.c
|
|
lib/gssapi/krb5/set_cred_option.c
|
|
lib/gssapi/krb5/decapsulate.c
|
|
lib/gssapi/krb5/verify_mic.c
|
|
lib/gssapi/krb5/accept_sec_context.c
|
|
lib/gssapi/krb5/set_sec_context_option.c
|
|
lib/gssapi/krb5/process_context_token.c
|
|
lib/gssapi/krb5/prf.c
|
|
lib/gssapi/krb5/aeap.c
|
|
lib/gssapi/krb5/pname_to_uid.c
|
|
lib/gssapi/krb5/authorize_localname.c
|
|
'''
|
|
|
|
HEIMDAL_AUTOPROTO_PRIVATE('lib/gssapi/krb5/gsskrb5-private.h',
|
|
HEIMDAL_GSSAPI_KRB5_SOURCE)
|
|
|
|
HEIMDAL_LIBRARY('gssapi',
|
|
HEIMDAL_GSSAPI_SPNEGO_SOURCE + HEIMDAL_GSSAPI_KRB5_SOURCE + '''
|
|
lib/gssapi/mech/context.c lib/gssapi/mech/gss_krb5.c lib/gssapi/mech/gss_mech_switch.c
|
|
lib/gssapi/mech/gss_process_context_token.c lib/gssapi/mech/gss_buffer_set.c
|
|
lib/gssapi/mech/gss_aeap.c lib/gssapi/mech/gss_add_cred.c lib/gssapi/mech/gss_cred.c
|
|
lib/gssapi/mech/gss_add_oid_set_member.c lib/gssapi/mech/gss_compare_name.c lib/gssapi/mech/gss_release_oid_set.c
|
|
lib/gssapi/mech/gss_create_empty_oid_set.c lib/gssapi/mech/gss_decapsulate_token.c lib/gssapi/mech/gss_inquire_cred_by_oid.c
|
|
lib/gssapi/mech/gss_canonicalize_name.c lib/gssapi/mech/gss_inquire_sec_context_by_oid.c lib/gssapi/mech/gss_inquire_names_for_mech.c
|
|
lib/gssapi/mech/gss_inquire_mechs_for_name.c lib/gssapi/mech/gss_wrap_size_limit.c lib/gssapi/mech/gss_names.c
|
|
lib/gssapi/mech/gss_verify.c lib/gssapi/mech/gss_display_name.c
|
|
lib/gssapi/mech/gss_duplicate_oid.c lib/gssapi/mech/gss_display_status.c lib/gssapi/mech/gss_release_buffer.c
|
|
lib/gssapi/mech/gss_release_oid.c lib/gssapi/mech/gss_test_oid_set_member.c
|
|
lib/gssapi/mech/gss_release_cred.c
|
|
lib/gssapi/mech/gss_set_sec_context_option.c lib/gssapi/mech/gss_export_name.c lib/gssapi/mech/gss_seal.c
|
|
lib/gssapi/mech/gss_acquire_cred.c lib/gssapi/mech/gss_unseal.c lib/gssapi/mech/gss_verify_mic.c
|
|
lib/gssapi/mech/gss_accept_sec_context.c lib/gssapi/mech/gss_inquire_cred_by_mech.c lib/gssapi/mech/gss_indicate_mechs.c
|
|
lib/gssapi/mech/gss_delete_sec_context.c lib/gssapi/mech/gss_sign.c lib/gssapi/mech/gss_utils.c
|
|
lib/gssapi/mech/gss_init_sec_context.c lib/gssapi/mech/gss_oid_equal.c lib/gssapi/mech/gss_oid.c
|
|
lib/gssapi/mech/gss_oid_to_str.c lib/gssapi/mech/gss_mo.c
|
|
lib/gssapi/mech/gss_context_time.c lib/gssapi/mech/gss_encapsulate_token.c lib/gssapi/mech/gss_get_mic.c
|
|
lib/gssapi/mech/gss_import_sec_context.c lib/gssapi/mech/gss_inquire_cred.c lib/gssapi/mech/gss_wrap.c
|
|
lib/gssapi/mech/gss_import_name.c lib/gssapi/mech/gss_duplicate_name.c lib/gssapi/mech/gss_unwrap.c
|
|
lib/gssapi/mech/gss_export_sec_context.c lib/gssapi/mech/gss_inquire_context.c lib/gssapi/mech/gss_release_name.c
|
|
lib/gssapi/mech/gss_set_cred_option.c lib/gssapi/mech/gss_pseudo_random.c ../heimdal_build/gssapi-glue.c''',
|
|
includes='../heimdal/lib/gssapi ../heimdal/lib/gssapi/gssapi ../heimdal/lib/gssapi/spnego ../heimdal/lib/gssapi/krb5 ../heimdal/lib/gssapi/mech',
|
|
deps='hcrypto asn1 HEIMDAL_SPNEGO_ASN1 HEIMDAL_GSSAPI_ASN1 roken krb5 com_err wind heimbase',
|
|
vnum='2.0.0',
|
|
version_script='lib/gssapi/version-script.map',
|
|
)
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_KRB5"):
|
|
# expand_path.c needs some of the install paths
|
|
HEIMDAL_SUBSYSTEM('HEIMDAL_CONFIG',
|
|
'lib/krb5/expand_path.c lib/krb5/plugin.c lib/krb5/context.c',
|
|
includes='../heimdal/lib/krb5 ../heimdal/lib/asn1 ../heimdal/include',
|
|
cflags=bld.dynconfig_cflags('LIBDIR BINDIR LIBEXECDIR SBINDIR'),
|
|
deps='hcrypto heimbase wind hx509 com_err'
|
|
)
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_KRB5_ERR_ET', 'lib/krb5/krb5_err.et')
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_KRB_ERR_ET', 'lib/krb5/krb_err.et')
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_K524_ERR_ET', 'lib/krb5/k524_err.et')
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_HEIM_ERR_ET', 'lib/krb5/heim_err.et')
|
|
|
|
KRB5_SOURCE = [os.path.join('lib/krb5/', x) for x in to_list(
|
|
'''acache.c add_et_list.c
|
|
addr_families.c appdefault.c
|
|
asn1_glue.c auth_context.c authdata.c
|
|
build_ap_req.c build_auth.c cache.c
|
|
changepw.c codec.c config_file.c
|
|
constants.c convert_creds.c
|
|
copy_host_realm.c crc.c creds.c
|
|
crypto.c crypto-aes.c crypto-algs.c
|
|
crypto-arcfour.c crypto-des3.c crypto-des.c
|
|
crypto-des-common.c crypto-evp.c
|
|
crypto-null.c crypto-pk.c crypto-rand.c
|
|
data.c eai_to_heim_errno.c
|
|
error_string.c expand_hostname.c
|
|
fcache.c free.c free_host_realm.c
|
|
generate_seq_number.c generate_subkey.c
|
|
get_addrs.c get_cred.c
|
|
get_default_principal.c
|
|
get_default_realm.c get_for_creds.c
|
|
get_host_realm.c get_in_tkt.c
|
|
get_port.c init_creds.c init_creds_pw.c
|
|
kcm.c keyblock.c keytab.c keytab_any.c
|
|
keytab_file.c keytab_memory.c
|
|
keytab_keyfile.c krbhst.c log.c
|
|
mcache.c misc.c mk_error.c mk_priv.c
|
|
mk_rep.c mk_req.c mk_req_ext.c
|
|
mit_glue.c n-fold.c padata.c pkinit.c
|
|
principal.c prog_setup.c pac.c
|
|
pcache.c prompter_posix.c rd_cred.c rd_error.c
|
|
rd_priv.c rd_rep.c rd_req.c replay.c
|
|
salt.c salt-aes.c salt-arcfour.c salt-des3.c salt-des.c
|
|
send_to_kdc.c set_default_realm.c
|
|
store.c store-int.c store_emem.c store_fd.c
|
|
store_mem.c ticket.c time.c transited.c
|
|
version.c warn.c krb5_err.c
|
|
aname_to_localname.c kuserok.c
|
|
heim_err.c k524_err.c krb_err.c''')] + ["../heimdal_build/krb5-glue.c"]
|
|
|
|
HEIMDAL_LIBRARY('krb5', KRB5_SOURCE,
|
|
version_script='lib/krb5/version-script.map',
|
|
includes='../heimdal/lib/krb5 ../heimdal/lib/asn1 ../heimdal/include',
|
|
deps='roken wind asn1 hx509 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl',
|
|
vnum='26.0.0',
|
|
)
|
|
KRB5_PROTO_SOURCE = KRB5_SOURCE + ['lib/krb5/expand_path.c', 'lib/krb5/plugin.c', 'lib/krb5/context.c']
|
|
|
|
HEIMDAL_AUTOPROTO_PRIVATE('lib/krb5/krb5-private.h', KRB5_PROTO_SOURCE)
|
|
HEIMDAL_AUTOPROTO('lib/krb5/krb5-protos.h', KRB5_PROTO_SOURCE,
|
|
options='-E KRB5_LIB -q -P comment -o')
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_ASN1"):
|
|
HEIMDAL_HEIM_ASN1_DER_SOURCE = '''
|
|
lib/asn1/der_get.c
|
|
lib/asn1/der_put.c
|
|
lib/asn1/der_free.c
|
|
lib/asn1/der_format.c
|
|
lib/asn1/der_length.c
|
|
lib/asn1/der_copy.c
|
|
lib/asn1/der_cmp.c
|
|
'''
|
|
|
|
HEIMDAL_AUTOPROTO('lib/asn1/der-protos.h',
|
|
HEIMDAL_HEIM_ASN1_DER_SOURCE,
|
|
group = 'compiler_prototypes',
|
|
options="-q -P comment -o")
|
|
|
|
|
|
HEIMDAL_AUTOPROTO('lib/asn1/der-private.h',
|
|
HEIMDAL_HEIM_ASN1_DER_SOURCE,
|
|
group = 'compiler_prototypes',
|
|
options="-q -P comment -p")
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_ASN1_ERR_ET', 'lib/asn1/asn1_err.et')
|
|
|
|
heimdal_heim_asn1_cflags = ''
|
|
if bld.CONFIG_SET('HAVE_WNO_FORMAT_TRUNCATION'):
|
|
heimdal_heim_asn1_cflags = '-Wno-format-truncation'
|
|
|
|
HEIMDAL_SUBSYSTEM('HEIMDAL_HEIM_ASN1',
|
|
HEIMDAL_HEIM_ASN1_DER_SOURCE + 'lib/asn1/extra.c lib/asn1/timegm.c lib/asn1/asn1_err.c',
|
|
includes='../heimdal/lib/asn1',
|
|
cflags=heimdal_heim_asn1_cflags,
|
|
deps='roken com_err'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_RFC2459_ASN1',
|
|
'lib/asn1/rfc2459.asn1',
|
|
options='--preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_KRB5_ASN1',
|
|
'lib/asn1/krb5.asn1',
|
|
option_file='lib/asn1/krb5.opt',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_PKINIT_ASN1',
|
|
'lib/asn1/pkinit.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_CMS_ASN1',
|
|
'lib/asn1/cms.asn1',
|
|
option_file='lib/asn1/cms.opt',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
HEIMDAL_LIBRARY('asn1',
|
|
version_script='lib/asn1/version-script.map',
|
|
deps="HEIMDAL_HEIM_ASN1 HEIMDAL_RFC2459_ASN1 HEIMDAL_KRB5_ASN1 HEIMDAL_PKINIT_ASN1 HEIMDAL_CMS_ASN1",
|
|
source='',
|
|
vnum='8.0.0')
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_HCRYPTO'):
|
|
if not bld.CONFIG_SET("USING_SYSTEM_TOMMATH"):
|
|
HEIMDAL_SUBSYSTEM('tommath',
|
|
'lib/hcrypto/libtommath/bncore.c lib/hcrypto/libtommath/bn_mp_init.c lib/hcrypto/libtommath/bn_mp_clear.c lib/hcrypto/libtommath/bn_mp_exch.c lib/hcrypto/libtommath/bn_mp_grow.c lib/hcrypto/libtommath/bn_mp_shrink.c lib/hcrypto/libtommath/bn_mp_clamp.c lib/hcrypto/libtommath/bn_mp_zero.c lib/hcrypto/libtommath/bn_mp_zero_multi.c lib/hcrypto/libtommath/bn_mp_set.c lib/hcrypto/libtommath/bn_mp_set_int.c lib/hcrypto/libtommath/bn_mp_init_size.c lib/hcrypto/libtommath/bn_mp_copy.c lib/hcrypto/libtommath/bn_mp_init_copy.c lib/hcrypto/libtommath/bn_mp_abs.c lib/hcrypto/libtommath/bn_mp_neg.c lib/hcrypto/libtommath/bn_mp_cmp_mag.c lib/hcrypto/libtommath/bn_mp_cmp.c lib/hcrypto/libtommath/bn_mp_cmp_d.c lib/hcrypto/libtommath/bn_mp_rshd.c lib/hcrypto/libtommath/bn_mp_lshd.c lib/hcrypto/libtommath/bn_mp_mod_2d.c lib/hcrypto/libtommath/bn_mp_div_2d.c lib/hcrypto/libtommath/bn_mp_mul_2d.c lib/hcrypto/libtommath/bn_mp_div_2.c lib/hcrypto/libtommath/bn_mp_mul_2.c lib/hcrypto/libtommath/bn_s_mp_add.c lib/hcrypto/libtommath/bn_s_mp_sub.c lib/hcrypto/libtommath/bn_fast_s_mp_mul_digs.c lib/hcrypto/libtommath/bn_s_mp_mul_digs.c lib/hcrypto/libtommath/bn_fast_s_mp_mul_high_digs.c lib/hcrypto/libtommath/bn_s_mp_mul_high_digs.c lib/hcrypto/libtommath/bn_fast_s_mp_sqr.c lib/hcrypto/libtommath/bn_s_mp_sqr.c lib/hcrypto/libtommath/bn_mp_add.c lib/hcrypto/libtommath/bn_mp_sub.c lib/hcrypto/libtommath/bn_mp_karatsuba_mul.c lib/hcrypto/libtommath/bn_mp_mul.c lib/hcrypto/libtommath/bn_mp_karatsuba_sqr.c lib/hcrypto/libtommath/bn_mp_sqr.c lib/hcrypto/libtommath/bn_mp_div.c lib/hcrypto/libtommath/bn_mp_mod.c lib/hcrypto/libtommath/bn_mp_add_d.c lib/hcrypto/libtommath/bn_mp_sub_d.c lib/hcrypto/libtommath/bn_mp_mul_d.c lib/hcrypto/libtommath/bn_mp_div_d.c lib/hcrypto/libtommath/bn_mp_mod_d.c lib/hcrypto/libtommath/bn_mp_expt_d.c lib/hcrypto/libtommath/bn_mp_addmod.c lib/hcrypto/libtommath/bn_mp_submod.c lib/hcrypto/libtommath/bn_mp_mulmod.c lib/hcrypto/libtommath/bn_mp_sqrmod.c lib/hcrypto/libtommath/bn_mp_gcd.c lib/hcrypto/libtommath/bn_mp_lcm.c lib/hcrypto/libtommath/bn_fast_mp_invmod.c lib/hcrypto/libtommath/bn_mp_invmod.c lib/hcrypto/libtommath/bn_mp_reduce.c lib/hcrypto/libtommath/bn_mp_montgomery_setup.c lib/hcrypto/libtommath/bn_fast_mp_montgomery_reduce.c lib/hcrypto/libtommath/bn_mp_montgomery_reduce.c lib/hcrypto/libtommath/bn_mp_exptmod_fast.c lib/hcrypto/libtommath/bn_mp_exptmod.c lib/hcrypto/libtommath/bn_mp_2expt.c lib/hcrypto/libtommath/bn_mp_n_root.c lib/hcrypto/libtommath/bn_mp_jacobi.c lib/hcrypto/libtommath/bn_reverse.c lib/hcrypto/libtommath/bn_mp_count_bits.c lib/hcrypto/libtommath/bn_mp_read_unsigned_bin.c lib/hcrypto/libtommath/bn_mp_read_signed_bin.c lib/hcrypto/libtommath/bn_mp_to_unsigned_bin.c lib/hcrypto/libtommath/bn_mp_to_signed_bin.c lib/hcrypto/libtommath/bn_mp_unsigned_bin_size.c lib/hcrypto/libtommath/bn_mp_signed_bin_size.c lib/hcrypto/libtommath/bn_mp_xor.c lib/hcrypto/libtommath/bn_mp_and.c lib/hcrypto/libtommath/bn_mp_or.c lib/hcrypto/libtommath/bn_mp_rand.c lib/hcrypto/libtommath/bn_mp_montgomery_calc_normalization.c lib/hcrypto/libtommath/bn_mp_prime_is_divisible.c lib/hcrypto/libtommath/bn_prime_tab.c lib/hcrypto/libtommath/bn_mp_prime_fermat.c lib/hcrypto/libtommath/bn_mp_prime_miller_rabin.c lib/hcrypto/libtommath/bn_mp_prime_is_prime.c lib/hcrypto/libtommath/bn_mp_prime_next_prime.c lib/hcrypto/libtommath/bn_mp_find_prime.c lib/hcrypto/libtommath/bn_mp_isprime.c lib/hcrypto/libtommath/bn_mp_dr_reduce.c lib/hcrypto/libtommath/bn_mp_dr_is_modulus.c lib/hcrypto/libtommath/bn_mp_dr_setup.c lib/hcrypto/libtommath/bn_mp_reduce_setup.c lib/hcrypto/libtommath/bn_mp_toom_mul.c lib/hcrypto/libtommath/bn_mp_toom_sqr.c lib/hcrypto/libtommath/bn_mp_div_3.c lib/hcrypto/libtommath/bn_s_mp_exptmod.c lib/hcrypto/libtommath/bn_mp_reduce_2k.c lib/hcrypto/libtommath/bn_mp_reduce_is_2k.c lib/hcrypto/libtommath/bn_mp_reduce_2k_setup.c lib/hcrypto/libtommath/bn_mp_reduce_2k_l.c lib/hcrypto/libtommath/bn_mp_reduce_is_2k_l.c lib/hcrypto/libtommath/bn_mp_reduce_2k_setup_l.c lib/hcrypto/libtommath/bn_mp_radix_smap.c lib/hcrypto/libtommath/bn_mp_read_radix.c lib/hcrypto/libtommath/bn_mp_toradix.c lib/hcrypto/libtommath/bn_mp_radix_size.c lib/hcrypto/libtommath/bn_mp_fread.c lib/hcrypto/libtommath/bn_mp_fwrite.c lib/hcrypto/libtommath/bn_mp_cnt_lsb.c lib/hcrypto/libtommath/bn_error.c lib/hcrypto/libtommath/bn_mp_init_multi.c lib/hcrypto/libtommath/bn_mp_clear_multi.c lib/hcrypto/libtommath/bn_mp_exteuclid.c lib/hcrypto/libtommath/bn_mp_toradix_n.c lib/hcrypto/libtommath/bn_mp_prime_random_ex.c lib/hcrypto/libtommath/bn_mp_get_int.c lib/hcrypto/libtommath/bn_mp_sqrt.c lib/hcrypto/libtommath/bn_mp_is_square.c lib/hcrypto/libtommath/bn_mp_init_set.c lib/hcrypto/libtommath/bn_mp_init_set_int.c lib/hcrypto/libtommath/bn_mp_invmod_slow.c lib/hcrypto/libtommath/bn_mp_prime_rabin_miller_trials.c lib/hcrypto/libtommath/bn_mp_to_signed_bin_n.c lib/hcrypto/libtommath/bn_mp_to_unsigned_bin_n.c',
|
|
includes='../heimdal/lib/hcrypto/libtommath'
|
|
)
|
|
|
|
HEIMDAL_LIBRARY('hcrypto',
|
|
'lib/hcrypto/aes.c lib/hcrypto/bn.c lib/hcrypto/dh.c lib/hcrypto/dh-ltm.c lib/hcrypto/des.c lib/hcrypto/dsa.c lib/hcrypto/engine.c lib/hcrypto/md2.c lib/hcrypto/md4.c lib/hcrypto/md5.c lib/hcrypto/rsa.c lib/hcrypto/rsa-ltm.c lib/hcrypto/rc2.c lib/hcrypto/rc4.c lib/hcrypto/rijndael-alg-fst.c lib/hcrypto/rnd_keys.c lib/hcrypto/sha.c lib/hcrypto/sha256.c lib/hcrypto/sha512.c lib/hcrypto/ui.c lib/hcrypto/evp.c lib/hcrypto/evp-hcrypto.c lib/hcrypto/pkcs5.c lib/hcrypto/pkcs12.c lib/hcrypto/rand.c lib/hcrypto/rand-egd.c lib/hcrypto/rand-unix.c lib/hcrypto/rand-fortuna.c lib/hcrypto/rand-timer.c lib/hcrypto/hmac.c lib/hcrypto/camellia.c lib/hcrypto/camellia-ntt.c lib/hcrypto/common.c lib/hcrypto/validate.c',
|
|
includes='../heimdal/lib/hcrypto ../heimdal/lib ../heimdal/include',
|
|
deps='roken asn1 tommath replace',
|
|
version_script='lib/hcrypto/version-script.map',
|
|
vnum='5.0.1',
|
|
)
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_HEIMBASE'):
|
|
HEIMDAL_LIBRARY('heimbase',
|
|
'base/array.c base/bool.c base/dict.c base/heimbase.c base/string.c base/number.c base/null.c',
|
|
includes='../heimdal/base ../heimdal/include',
|
|
deps='roken replace',
|
|
version_script='base/version-script.map',
|
|
vnum='1.0.0',
|
|
)
|
|
|
|
|
|
if not bld.CONFIG_SET("USING_SYSTEM_HX509"):
|
|
HEIMDAL_ASN1('HEIMDAL_OCSP_ASN1',
|
|
'lib/hx509/ocsp.asn1',
|
|
options='--preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData',
|
|
includes='../heimdal/lib/asn1',
|
|
directory='lib/hx509'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_PKCS8_ASN1',
|
|
'lib/asn1/pkcs8.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_PKCS9_ASN1',
|
|
'lib/asn1/pkcs9.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_PKCS12_ASN1',
|
|
'lib/asn1/pkcs12.asn1',
|
|
directory='lib/asn1'
|
|
)
|
|
|
|
HEIMDAL_ASN1('HEIMDAL_PKCS10_ASN1',
|
|
'lib/hx509/pkcs10.asn1',
|
|
options='--preserve-binary=CertificationRequestInfo',
|
|
includes='../heimdal/lib/asn1',
|
|
directory='lib/hx509'
|
|
)
|
|
|
|
HEIMDAL_ERRTABLE('HEIMDAL_HX509_ERR_ET',
|
|
'lib/hx509/hx509_err.et')
|
|
|
|
HEIMDAL_HX509_OBJH_SOURCE = '''
|
|
lib/hx509/ca.c
|
|
lib/hx509/cert.c
|
|
lib/hx509/cms.c
|
|
lib/hx509/collector.c
|
|
lib/hx509/crypto.c
|
|
lib/hx509/error.c
|
|
lib/hx509/env.c
|
|
lib/hx509/file.c
|
|
lib/hx509/keyset.c
|
|
lib/hx509/ks_dir.c
|
|
lib/hx509/ks_file.c
|
|
lib/hx509/ks_keychain.c
|
|
lib/hx509/ks_mem.c
|
|
lib/hx509/ks_null.c
|
|
lib/hx509/ks_p11.c
|
|
lib/hx509/ks_p12.c
|
|
lib/hx509/lock.c
|
|
lib/hx509/name.c
|
|
lib/hx509/peer.c
|
|
lib/hx509/print.c
|
|
lib/hx509/req.c
|
|
lib/hx509/revoke.c
|
|
lib/hx509/sel.c
|
|
lib/hx509/hx509_err.c
|
|
'''
|
|
|
|
HEIMDAL_AUTOPROTO('lib/hx509/hx509-protos.h',
|
|
HEIMDAL_HX509_OBJH_SOURCE,
|
|
options="-R '^(_|^C)' -E HX509_LIB -q -P comment -o")
|
|
|
|
HEIMDAL_AUTOPROTO('lib/hx509/hx509-private.h',
|
|
HEIMDAL_HX509_OBJH_SOURCE,
|
|
options="-q -P comment -p")
|
|
|
|
HEIMDAL_LIBRARY('hx509',
|
|
'lib/hx509/ca.c lib/hx509/cert.c lib/hx509/cms.c lib/hx509/collector.c lib/hx509/crypto.c lib/hx509/error.c lib/hx509/env.c lib/hx509/file.c lib/hx509/keyset.c lib/hx509/ks_dir.c lib/hx509/ks_file.c lib/hx509/ks_keychain.c lib/hx509/ks_mem.c lib/hx509/ks_null.c lib/hx509/ks_p11.c lib/hx509/ks_p12.c lib/hx509/lock.c lib/hx509/name.c lib/hx509/peer.c lib/hx509/print.c lib/hx509/req.c lib/hx509/revoke.c lib/hx509/sel.c lib/hx509/hx509_err.c lib/hx509/sel-lex.l lib/hx509/sel-gram.c',
|
|
includes='../heimdal/lib/hx509',
|
|
deps='roken com_err asn1 hcrypto asn1 HEIMDAL_OCSP_ASN1 HEIMDAL_PKCS8_ASN1 HEIMDAL_PKCS9_ASN1 HEIMDAL_PKCS12_ASN1 HEIMDAL_PKCS10_ASN1 wind',
|
|
vnum='5.0.0',
|
|
version_script='lib/hx509/version-script.map',
|
|
)
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_WIND'):
|
|
HEIMDAL_ERRTABLE('WIND_ERR_ET',
|
|
'lib/wind/wind_err.et')
|
|
|
|
HEIMDAL_GENERATOR(
|
|
name="HEIMDAL_ERRORLIST",
|
|
rule="${PYTHON} '${SRC[0].abspath()}' '${SRC[1].abspath()}' '${SRC[1].parent.abspath(env)}'",
|
|
source = '../heimdal/lib/wind/gen-errorlist.py ../heimdal/lib/wind/rfc3454.txt ../heimdal/lib/wind/stringprep.py',
|
|
target = '../heimdal/lib/wind/errorlist_table.c ../heimdal/lib/wind/errorlist_table.h'
|
|
)
|
|
|
|
|
|
HEIMDAL_GENERATOR(
|
|
name = 'HEIMDAL_NORMALIZE_TABLE',
|
|
rule="${PYTHON} '${SRC[0].abspath()}' '${SRC[1].abspath()}' '${SRC[2].abspath()}' '${SRC[1].parent.abspath(env)}'",
|
|
source = '../heimdal/lib/wind/gen-normalize.py ../heimdal/lib/wind/UnicodeData.txt ../heimdal/lib/wind/CompositionExclusions-3.2.0.txt',
|
|
target = '../heimdal/lib/wind/normalize_table.h ../heimdal/lib/wind/normalize_table.c'
|
|
)
|
|
|
|
HEIMDAL_GENERATOR(
|
|
name = 'HEIMDAL_COMBINING_TABLE',
|
|
rule="${PYTHON} '${SRC[0].abspath()}' '${SRC[1].abspath()}' '${SRC[1].parent.abspath(env)}'",
|
|
source = '../heimdal/lib/wind/gen-combining.py ../heimdal/lib/wind/UnicodeData.txt',
|
|
target = '../heimdal/lib/wind/combining_table.h ../heimdal/lib/wind/combining_table.c'
|
|
)
|
|
|
|
HEIMDAL_GENERATOR(
|
|
name = 'HEIMDAL_BIDI_TABLE',
|
|
rule="${PYTHON} '${SRC[0].abspath()}' '${SRC[1].abspath()}' '${SRC[1].parent.abspath(env)}'",
|
|
source = '../heimdal/lib/wind/gen-bidi.py ../heimdal/lib/wind/rfc3454.txt',
|
|
target = '../heimdal/lib/wind/bidi_table.h ../heimdal/lib/wind/bidi_table.c'
|
|
)
|
|
|
|
|
|
HEIMDAL_GENERATOR(
|
|
name = 'HEIMDAL_MAP_TABLE',
|
|
rule="${PYTHON} '${SRC[0].abspath()}' '${SRC[2].abspath()}' '${SRC[2].parent.abspath(env)}'",
|
|
source = '../heimdal/lib/wind/gen-map.py ../heimdal/lib/wind/stringprep.py ../heimdal/lib/wind/rfc3454.txt',
|
|
target = '../heimdal/lib/wind/map_table.h ../heimdal/lib/wind/map_table.c'
|
|
)
|
|
|
|
HEIMDAL_LIBRARY('wind',
|
|
'lib/wind/wind_err.c lib/wind/stringprep.c lib/wind/errorlist.c lib/wind/errorlist_table.c lib/wind/normalize.c lib/wind/normalize_table.c lib/wind/combining.c lib/wind/combining_table.c lib/wind/utf8.c lib/wind/bidi.c lib/wind/bidi_table.c lib/wind/ldap.c lib/wind/map.c lib/wind/map_table.c',
|
|
includes='../heimdal/lib/wind',
|
|
deps='roken com_err',
|
|
vnum='0.0.0',
|
|
version_script='lib/wind/version-script.map',
|
|
)
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_COM_ERR'):
|
|
HEIMDAL_LIBRARY('com_err',
|
|
'lib/com_err/com_err.c lib/com_err/error.c',
|
|
includes='../heimdal/lib/com_err',
|
|
deps='roken samba_intl',
|
|
vnum='0.25',
|
|
version_script='lib/com_err/version-script.map',
|
|
)
|
|
|
|
HEIMDAL_SUBSYSTEM('HEIMDAL_VERS_HOSTCC',
|
|
'lib/vers/print_version.c ../heimdal_build/version.c',
|
|
group='build_compilers',
|
|
deps='LIBREPLACE_HOSTCC ROKEN_HOSTCC',
|
|
use_global_deps=False,
|
|
use_hostcc=True)
|
|
|
|
HEIMDAL_SUBSYSTEM('HEIMDAL_VERS',
|
|
'lib/vers/print_version.c ../heimdal_build/version.c',
|
|
group='build_compilers',
|
|
deps='roken replace')
|
|
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_ASN1_COMPILE'):
|
|
# here is the asn1 compiler build rule
|
|
HEIMDAL_BINARY('asn1_compile',
|
|
'lib/asn1/gen.c lib/asn1/gen_copy.c '
|
|
'lib/asn1/gen_decode.c lib/asn1/gen_encode.c lib/asn1/gen_free.c '
|
|
'lib/asn1/gen_glue.c lib/asn1/gen_length.c lib/asn1/gen_seq.c '
|
|
'lib/asn1/gen_template.c lib/asn1/hash.c lib/asn1/symbol.c '
|
|
'lib/asn1/asn1parse.c lib/asn1/lex.l lib/asn1/main.c',
|
|
use_hostcc=True,
|
|
use_global_deps=False,
|
|
cflags='-DSOCKET_WRAPPER_DISABLE=1 -D_SAMBA_HOSTCC_',
|
|
includes='../heimdal/lib/asn1',
|
|
group='build_compilers',
|
|
deps='ROKEN_HOSTCC LIBREPLACE_HOSTCC HEIMDAL_VERS_HOSTCC',
|
|
install=False
|
|
)
|
|
bld.env['ASN1_COMPILE'] = os.path.join(bld.bldnode.parent.abspath(), 'asn1_compile')
|
|
|
|
|
|
if not bld.CONFIG_SET('USING_SYSTEM_COMPILE_ET'):
|
|
HEIMDAL_BINARY('compile_et',
|
|
'lib/com_err/parse.c lib/com_err/lex.l lib/com_err/compile_et.c',
|
|
use_hostcc=True,
|
|
use_global_deps=False,
|
|
includes='../heimdal/lib/com_err',
|
|
group='build_compilers',
|
|
cflags='-DSOCKET_WRAPPER_DISABLE=1 -D_SAMBA_HOSTCC_',
|
|
deps='ROKEN_HOSTCC LIBREPLACE_HOSTCC HEIMDAL_VERS_HOSTCC',
|
|
install=False
|
|
)
|
|
bld.env['COMPILE_ET'] = os.path.join(bld.bldnode.parent.abspath(), 'compile_et')
|
|
|
|
HEIMDAL_BINARY('samba4kinit',
|
|
'kuser/kinit.c',
|
|
deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto',
|
|
install=False
|
|
)
|
|
|
|
HEIMDAL_BINARY('samba4kgetcred',
|
|
'kuser/kgetcred.c',
|
|
deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto asn1',
|
|
install=False
|
|
)
|
|
|
|
HEIMDAL_BINARY('samba4kpasswd',
|
|
'kpasswd/kpasswd.c',
|
|
deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto',
|
|
install=False
|
|
)
|
|
|
|
# Alias subsystem to allow common kerberos code that will
|
|
# otherwise link against MIT's gssapi_krb5 and k5crypto
|
|
#
|
|
# Note: that we also need this if we use system heimdal libraries
|
|
HEIMDAL_SUBSYSTEM('gssapi_krb5', '', deps='gssapi')
|
|
HEIMDAL_SUBSYSTEM('k5crypto', '', deps='krb5')
|