Control: tag -1 patch Control: forwarded -1 https://gitlab.com/samba-team/samba/-/merge_requests/3021
Hi, My investigation has reveald that the built in version of Heimdall is perfectly(?) capable of supporting KEYRING ccache. However it needs to be properly configured. The configuration code is there in autoconf/automake files of Heimdal but is missing from samba wscript* files. I am attaching a patch I've made against debian/2%4.17.7+dfsg-1_bpo11+1. With this patch applied and LD_LIBRARY_PATH set to LD_LIBRARY_PATH=${HOME}/src/debian/samba/samba/debian/tmp/usr/lib/x86_64-linux-gnu/samba smbclient from the original debian package (2:4.17.7+dfsg-1~bpo11+1) is capable of using KEYRING ccache. The patch applies cleanly to master too (e437c9288a3c as of now). -- Łukasz Stelmach Samsung R&D Institute Poland Samsung Electronics
From d76344ee0cefcf8adb42928537ba031dd585f797 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Stelmach?= <l.stelm...@samsung.com> Date: Mon, 3 Apr 2023 10:07:30 +0200 Subject: [PATCH] Configure builtin heimdal to support KEYRING ccache MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Organization: Samsung R&D Institute Poland Signed-off-by: Åukasz Stelmach <l.stelm...@samsung.com> --- third_party/heimdal_build/wscript_build | 8 ++++++-- third_party/heimdal_build/wscript_configure | 2 ++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/third_party/heimdal_build/wscript_build b/third_party/heimdal_build/wscript_build index 1518afe9ef4..8aea52b55f5 100644 --- a/third_party/heimdal_build/wscript_build +++ b/third_party/heimdal_build/wscript_build @@ -710,7 +710,7 @@ if not bld.CONFIG_SET("USING_SYSTEM_KRB5"): get_port.c init_creds.c init_creds_pw.c kcm.c keyblock.c keytab.c keytab_any.c keytab_file.c keytab_memory.c - keytab_keyfile.c krbhst.c log.c + keytab_keyfile.c krbhst.c krcache.c log.c mcache.c misc.c mk_error.c mk_priv.c mk_rep.c mk_req.c mk_req_ext.c mit_glue.c net_read.c net_write.c n-fold.c padata.c pkinit.c pkinit-ec.c @@ -726,10 +726,14 @@ if not bld.CONFIG_SET("USING_SYSTEM_KRB5"): mk_cred.c kx509_err.c k524_err.c krb_err.c k5e1_err.c''')] + ["../heimdal_build/krb5-glue.c"] + krb5_keyutils_dep = '' + if bld.CONFIG_SET('HAVE_KEYCTL_GET_PERSISTENT'): + krb5_keyutils_dep = ' keyutils' + HEIMDAL_LIBRARY('krb5', KRB5_SOURCE, version_script='lib/krb5/version-script.map', includes='../heimdal/lib/krb5 ../heimdal/lib/asn1 ../heimdal/include', - deps='roken wind asn1 hx509 HEIMDAL_KX509_ASN1 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl HEIMDAL_IPC_CLIENT KRB5_CRYPTO', + deps='roken wind asn1 hx509 HEIMDAL_KX509_ASN1 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl HEIMDAL_IPC_CLIENT KRB5_CRYPTO' + krb5_keyutils_dep, cflags=['-DLOCALSTATEDIR="/2"'] + bld.dynconfig_cflags(), ) KRB5_PROTO_SOURCE = KRB5_SOURCE + ['lib/krb5/expand_path.c', 'lib/krb5/plugin.c', 'lib/krb5/context.c', 'lib/krb5/crypto.c'] diff --git a/third_party/heimdal_build/wscript_configure b/third_party/heimdal_build/wscript_configure index a97a1b9baa8..36ba02d25ad 100644 --- a/third_party/heimdal_build/wscript_configure +++ b/third_party/heimdal_build/wscript_configure @@ -65,6 +65,8 @@ conf.DEFINE('HAVE_KRB5',1) conf.CHECK_FUNCS('dirfd', headers='dirent.h') conf.CHECK_DECLS('dirfd', reverse=True, headers='dirent.h') conf.CHECK_STRUCTURE_MEMBER('DIR', 'dd_fd', define='HAVE_DIR_DD_FD', headers='dirent.h') +conf.CHECK_FUNCS_IN('add_key keyctl_get_persistent', 'keyutils', headers='keyutils.h') +conf.CHECK_SIZEOF('key_serial_t', headers='keyutils.h') heimdal_no_error_flags = ['-Wno-error=discarded-qualifiers', '-Wno-error=cast-qual', -- 2.30.2
signature.asc
Description: PGP signature