The branch, master has been updated via d459ca04fc4 libcli:smb: Improve check for gnutls_aead_cipher_(en|de)cryptv2 via 4258f805f4a selftest: simplify logic in setup_env via 131bfc8ce2f selftest: avoid comparison against undefined value via 7334d575a9c selftest/target/samba: do not look for undef environment via d087f74d45d selftest/target/samba: add missing methods via 213e237e390 selftest/s3: prefer empty string over undef to add nothing to config via e50c5b80bfc selftest/s3: actually close parent copy of smbd's STDIN via 314b59fbeff selftest/s4: remove illegal function signature via 18efb47a8ff selftest/s4: don't put pcap file in / by default via 7a65a26a2fb selftest/s4: properly initialise an empty hash via 6c4ee5282e0 selftest: avoid redeclaring perl variables via 467abee4eed selftest/target/samba: avoid overwriting $pkinitdir via 8f17d481630 selftest: enable perl warnings via cf4984947b3 build: Do not check if system perl modules should be bundled from 6be818b47b9 vfs_gpfs: Remove discard_const_p() from gpfswrap_quotactl() calls
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d459ca04fc46a52276a860e73ae9ec8f813c260e Author: Andreas Schneider <a...@samba.org> Date: Fri Jan 24 16:34:42 2020 +0100 libcli:smb: Improve check for gnutls_aead_cipher_(en|de)cryptv2 This is available since version 3.6.10, but 3.6.10 has a bug which got fixed in 3.6.11, see: https://gitlab.com/gnutls/gnutls/-/merge_requests/1085 BUG: https://bugzilla.samba.org/show_bug.cgi?id=14250 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Tue Feb 4 06:44:00 UTC 2020 on sn-devel-184 commit 4258f805f4aefaac43ca938e3a0a11dc85340512 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:22:45 2019 +1300 selftest: simplify logic in setup_env Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 131bfc8ce2f04f1888e3d9a36f3ac65b70ef0e84 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sun Feb 2 20:57:17 2020 +1300 selftest: avoid comparison against undefined value Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7334d575a9ccab7cd9a26cb0933dbd390a38a02a Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:20:29 2019 +1300 selftest/target/samba: do not look for undef environment Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d087f74d45d024055766068e4e57fa9b92662a08 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:17:26 2019 +1300 selftest/target/samba: add missing methods These methods are being called but have not been provided. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 213e237e390fc9a18f6f3b53663373edaa25bac8 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:08:48 2019 +1300 selftest/s3: prefer empty string over undef to add nothing to config To fix a warning. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e50c5b80bfcfd917be3095d8124a17c84b5d82c2 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:05:03 2019 +1300 selftest/s3: actually close parent copy of smbd's STDIN Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 314b59fbeff1fc788a8841c58defd530bd551261 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 22:56:00 2019 +1300 selftest/s4: remove illegal function signature The character ':' has no meaning in function signatures. Perhaps ';' was intended, which would have marked the later arguments as optional -- which is the default with no signature. All callers always provide all the arguments anyway. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 18efb47a8ff8b3e9251f9b2df8ef18b571ee1807 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 22:48:42 2019 +1300 selftest/s4: don't put pcap file in / by default If the SOCKET_WRAPPER_PCAP_DIR is not defined, let's assume it wasn't wanted rather than choosing /. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7a65a26a2fb355d34801b5559c59cd82388646a8 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 22:45:47 2019 +1300 selftest/s4: properly initialise an empty hash The '%ret = {}' construction was bad because '{}' is a hash-ref, which counts as a single scalar value, but a true hash like '%ret' must be initialised with an even number of scalar values (usually in pairs, like '($a => $b, $c => $d)'). I think this meant %ret was initialised as something harmless like '(<HASH(0x55ce39781278)> => undef)'. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6c4ee5282e024b5cdeca30ffd0b29adcdeed1ab2 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 22:38:30 2019 +1300 selftest: avoid redeclaring perl variables None of these ones are doing any harm, we just want to silence these warnings. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 467abee4eed9f7da95326e2ccd8120440378b58f Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 23:15:00 2019 +1300 selftest/target/samba: avoid overwriting $pkinitdir We were declaring the same variable twice with two different paths, "$cadir/Users/$pkinitprincipalname" here and "$ctx->{prefix_abs}/pkinit" about 5 lines down. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 8f17d48163014266c191f8035c5c72fb4f8a5a01 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Sat Dec 7 22:37:00 2019 +1300 selftest: enable perl warnings After this we will see more noise with each test run, and these warnings will be addressed in following commits. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit cf4984947b39e9f6f8afd29de8a760703bf9e092 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Feb 3 09:51:12 2020 +1300 build: Do not check if system perl modules should be bundled We do not ship any perl modules in third_party at this time, so this check is pointless and breaks the build for --bundled-libraries=ALL. As reported by aaptel on https://gitlab.com/samba-team/samba/-/merge_requests/1104#note_281050331 This changes our autobuild script to cover this case in the samba-static job. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> ----------------------------------------------------------------------- Summary of changes: libcli/smb/smb2_signing.c | 7 ++----- pidl/wscript | 7 ------- script/autobuild.py | 2 +- selftest/SocketWrapper.pm | 1 + selftest/Subunit.pm | 1 + selftest/selftest.pl | 21 ++++++++++++--------- selftest/target/Samba.pm | 26 +++++++++++++++++++++++--- selftest/target/Samba3.pm | 15 +++++++++------ selftest/target/Samba4.pm | 41 ++++++++++++++++++++++++----------------- wscript_configure_system_gnutls | 15 +++++++++++++-- 10 files changed, 86 insertions(+), 50 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 7561a7a858d..7b33a42526e 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -478,9 +478,7 @@ NTSTATUS smb2_signing_encrypt_pdu(struct smb2_signing_key *encryption_key, 0, 16 - iv_size); -/* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */ -#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \ - GNUTLS_VERSION_NUMBER > 0x03060a +#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) { uint8_t tag[tag_size]; giovec_t auth_iov[1]; @@ -682,8 +680,7 @@ NTSTATUS smb2_signing_decrypt_pdu(struct smb2_signing_key *decryption_key, } /* gnutls_aead_cipher_encryptv2() has a bug in version 3.6.10 */ -#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) && \ - GNUTLS_VERSION_NUMBER > 0x03060a +#if defined(HAVE_GNUTLS_AEAD_CIPHER_ENCRYPTV2) { giovec_t auth_iov[1]; diff --git a/pidl/wscript b/pidl/wscript index 88cb9132fd6..50fe12c013d 100644 --- a/pidl/wscript +++ b/pidl/wscript @@ -6,23 +6,16 @@ from waflib import Logs, Errors # This function checks if a perl module is installed on the system. def check_system_perl_module(conf, module, version=None): - bundle_name = module.replace('::', '_') module_check = module # Create module string with version if version: module_check = module + ' ' + str(version) - # Check if we have to bundle it. - if conf.LIB_MUST_BE_BUNDLED(bundle_name.lower()): - return False - # Check for system perl module if conf.check_perl_module(module_check) is None: return False - conf.define('USING_SYSTEM_%s' % bundle_name.upper(), 1) - return True def options(opt): diff --git a/script/autobuild.py b/script/autobuild.py index 2a0b7da53e5..f5cf2a85ca0 100755 --- a/script/autobuild.py +++ b/script/autobuild.py @@ -623,7 +623,7 @@ tasks = { # retry with nonshared smbd and smbtorture ("nonshared-distclean", "make distclean"), - ("nonshared-configure", "./configure.developer " + samba_configure_params + " --bundled-libraries=talloc,tdb,pytdb,ldb,pyldb,tevent,pytevent --with-static-modules=ALL --nonshared-binary=smbtorture,smbd/smbd"), + ("nonshared-configure", "./configure.developer " + samba_configure_params + " --bundled-libraries=ALL --with-static-modules=ALL --nonshared-binary=smbtorture,smbd/smbd"), ("nonshared-make", "make -j") ], diff --git a/selftest/SocketWrapper.pm b/selftest/SocketWrapper.pm index ef8058da794..67a4ec96ca6 100644 --- a/selftest/SocketWrapper.pm +++ b/selftest/SocketWrapper.pm @@ -24,6 +24,7 @@ use Exporter; @EXPORT_OK = qw(setup_dir setup_pcap set_default_iface); use strict; +use warnings; use FindBin qw($RealBin); sub setup_dir($$) diff --git a/selftest/Subunit.pm b/selftest/Subunit.pm index 07f4b8ff97d..07f3ac28ddf 100644 --- a/selftest/Subunit.pm +++ b/selftest/Subunit.pm @@ -22,6 +22,7 @@ require Exporter; @ISA = qw(Exporter); use strict; +use warnings; sub start_test($) { diff --git a/selftest/selftest.pl b/selftest/selftest.pl index b6094fef3b9..087fcefc502 100755 --- a/selftest/selftest.pl +++ b/selftest/selftest.pl @@ -17,6 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. use strict; +use warnings; use FindBin qw($RealBin $Script); use File::Spec; @@ -582,7 +583,7 @@ sub write_clientconf($$$) # USER-${USER_PRINCIPAL_NAME}-private-key.pem symlink # We make a copy here and make the certificated easily # accessable in the client environment. - my $mask = umask; + $mask = umask; umask 0077; opendir USERS, "${ca_users_dir}" or die "Could not open dir '${ca_users_dir}': $!"; for my $d (readdir USERS) { @@ -855,17 +856,19 @@ sub setup_env($$) } } else { $testenv_vars = $target->setup_env($envname, $prefix); - if (defined($testenv_vars) and $testenv_vars eq "UNKNOWN") { - return $testenv_vars; - } elsif (defined($testenv_vars) && not defined($testenv_vars->{target})) { - $testenv_vars->{target} = $target; - } if (not defined($testenv_vars)) { + my $msg = "$opt_target can't start up known environment '$envname'"; if ($opt_one) { - die("$opt_target can't start up known environment '$envname'"); - } else { - warn("$opt_target can't start up known environment '$envname'"); + die($msg); } + warn $msg; + return; + } + if (ref $testenv_vars ne "HASH") { + return $testenv_vars; + } + if (defined($testenv_vars->{target})) { + $testenv_vars->{target} = $target; } } diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm index a908a7ade7c..b7b46413b68 100644 --- a/selftest/target/Samba.pm +++ b/selftest/target/Samba.pm @@ -6,6 +6,7 @@ package Samba; use strict; +use warnings; use target::Samba3; use target::Samba4; use POSIX; @@ -94,6 +95,9 @@ sub setup_env($$$) $target->{vars}->{$envname}->{target} = $target; foreach(@{$ENV_DEPS_POST{$envname}}) { + if (not defined $_) { + continue; + } my $vars = $self->setup_env($_, $path); if (not defined($vars)) { return undef; @@ -161,9 +165,9 @@ sub prepare_keyblobs($) my $admincert = "$admindir/USER-$adminprincipalname-cert.pem"; my $adminkey_private = "$admindir/USER-$adminprincipalname-private-key.pem"; my $pkinitprincipalname = "pkinit\@$ctx->{dnsname}"; - my $pkinitdir = "$cadir/Users/$pkinitprincipalname"; - my $pkinitcert = "$pkinitdir/USER-$pkinitprincipalname-cert.pem"; - my $pkinitkey_private = "$pkinitdir/USER-$pkinitprincipalname-private-key.pem"; + my $ca_pkinitdir = "$cadir/Users/$pkinitprincipalname"; + my $pkinitcert = "$ca_pkinitdir/USER-$pkinitprincipalname-cert.pem"; + my $pkinitkey_private = "$ca_pkinitdir/USER-$pkinitprincipalname-private-key.pem"; my $tlsdir = "$ctx->{tlsdir}"; my $pkinitdir = "$ctx->{prefix_abs}/pkinit"; @@ -925,4 +929,20 @@ sub ns_exec_preargs } } + +sub check_env { + my ($self, $envvars) = @_; + return 1; +} + +sub teardown_env { + my ($self, $env) = @_; + return 1; +} + + +sub getlog_env { + return ''; +} + 1; diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 991963b6074..a3e2129b185 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -9,6 +9,7 @@ package Samba3; use strict; +use warnings; use Cwd qw(abs_path); use FindBin qw($RealBin); use POSIX; @@ -49,7 +50,7 @@ sub get_fs_specific_conf($$) return "vfs objects = $mods"; } - return undef; + return ''; } sub new($$) { @@ -303,7 +304,9 @@ sub setup_nt4_member print "PROVISIONING MEMBER..."; my $require_mutexes = "dbwrap_tdb_require_mutexes:* = yes"; - $require_mutexes = "" if ($ENV{SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT} eq "1"); + if ($ENV{SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT} // '' eq "1") { + $require_mutexes = ""; + } my $member_options = " security = domain @@ -348,7 +351,7 @@ sub setup_nt4_member } # Add hosts file for name lookups - my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' "; + $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' "; $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" "; $cmd .= "$net $ret->{CONFIGURATION} primarytrust dumpinfo | grep -q 'REDACTED SECRET VALUES'"; @@ -1371,7 +1374,7 @@ sub check_or_start($$$$$) { if ($winbindd ne "yes") { $daemon_ctx->{SKIP_DAEMON} = 1; } - my $pid = Samba::fork_and_exec($self, $env_vars, $daemon_ctx, $STDIN_READER); + $pid = Samba::fork_and_exec($self, $env_vars, $daemon_ctx, $STDIN_READER); $env_vars->{WINBINDD_TL_PID} = $pid; write_pid($env_vars, "winbindd", $pid); @@ -1392,13 +1395,13 @@ sub check_or_start($$$$$) { $daemon_ctx->{SKIP_DAEMON} = 1; } - my $pid = Samba::fork_and_exec($self, $env_vars, $daemon_ctx, $STDIN_READER); + $pid = Samba::fork_and_exec($self, $env_vars, $daemon_ctx, $STDIN_READER); $env_vars->{SMBD_TL_PID} = $pid; write_pid($env_vars, "smbd", $pid); # close the parent's read-end of the pipe - close(STDIN_READER); + close($STDIN_READER); return $self->wait_for_start($env_vars, $nmbd, $winbindd, $smbd); } diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index da9f0a00e91..e181289b66b 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -9,6 +9,7 @@ package Samba4; use strict; +use warnings; use Cwd qw(abs_path); use FindBin qw($RealBin); use POSIX; @@ -322,10 +323,14 @@ sub setup_dns_hub_internal($$$) FULL_CMD => [ @full_cmd ], LOG_FILE => $env->{DNS_HUB_LOG}, TEE_STDOUT => 1, - PCAP_FILE => "$ENV{SOCKET_WRAPPER_PCAP_DIR}/env-$hostname$.pcap", ENV_VARS => {}, }; + my $pcap_dir = $ENV{SOCKET_WRAPPER_PCAP_DIR}; + if (defined $pcap_dir) { + $daemon_ctx->{PCAP_FILE} = "$pcap_dir/env-$hostname$.pcap", + } + # use a pipe for stdin in the child processes. This allows # those processes to monitor the pipe for EOF to ensure they # exit when the test script exits @@ -389,7 +394,7 @@ sub get_cmd_env_vars # Sets up a forest trust namespace. # (Note this is different to kernel namespaces, setup by the # USE_NAMESPACES=1 option) -sub setup_namespaces($$:$$) +sub setup_namespaces { my ($self, $localenv, $upn_array, $spn_array) = @_; @@ -938,7 +943,7 @@ servicePrincipalName: host/testallowed return undef; } - my $user_dn = "cn=testdenied,cn=users,$base_dn"; + $user_dn = "cn=testdenied,cn=users,$base_dn"; open(LDIF, "|$ldbmodify -H $ctx->{privatedir}/sam.ldb"); print LDIF "dn: $user_dn changetype: modify @@ -958,7 +963,7 @@ userPrincipalName: testdenied_upn\@$ctx->{realm}.upn return undef; } - my $user_dn = "cn=testupnspn,cn=users,$base_dn"; + $user_dn = "cn=testupnspn,cn=users,$base_dn"; open(LDIF, "|$ldbmodify -H $ctx->{privatedir}/sam.ldb"); print LDIF "dn: $user_dn changetype: modify @@ -1012,7 +1017,7 @@ servicePrincipalName: http/testupnspn.$ctx->{dnsname} } # Add user joe to group "Samba Users" - my $samba_tool_cmd = ""; + $samba_tool_cmd = ""; my $group = "Samba Users"; my $user_account = "joe"; @@ -1025,9 +1030,9 @@ servicePrincipalName: http/testupnspn.$ctx->{dnsname} return undef; } - my $samba_tool_cmd = ""; - my $group = "Samba Users"; - my $user_account = "joe"; + $samba_tool_cmd = ""; + $group = "Samba Users"; + $user_account = "joe"; $samba_tool_cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; $samba_tool_cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; @@ -1039,13 +1044,13 @@ servicePrincipalName: http/testupnspn.$ctx->{dnsname} } # Change the userPrincipalName for jane - my $ldbmodify = ""; + $ldbmodify = ""; $ldbmodify .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; $ldbmodify .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; $ldbmodify .= Samba::bindir_path($self, "ldbmodify"); $ldbmodify .= " --configfile=$ctx->{smb_conf}"; - my $base_dn = "DC=".join(",DC=", split(/\./, $ctx->{realm})); - my $user_dn = "cn=jane,cn=users,$base_dn"; + $base_dn = "DC=".join(",DC=", split(/\./, $ctx->{realm})); + $user_dn = "cn=jane,cn=users,$base_dn"; open(LDIF, "|$ldbmodify -H $ctx->{privatedir}/sam.ldb"); print LDIF "dn: $user_dn @@ -1407,8 +1412,8 @@ sub provision_promoted_dc($$$) return undef; } - my $samba_tool = Samba::bindir_path($self, "samba-tool"); - my $cmd = $self->get_cmd_env_vars($ret); + $samba_tool = Samba::bindir_path($self, "samba-tool"); + $cmd = $self->get_cmd_env_vars($ret); $cmd .= "$samba_tool domain dcpromo $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}"; $cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}"; $cmd .= " --machinepass=machine$ret->{PASSWORD} --dns-backend=BIND9_DLZ"; @@ -1755,7 +1760,7 @@ sub provision_rodc($$$) sub read_config_h($) { my ($name) = @_; - my %ret = {}; + my %ret; open(LF, "<$name") or die("unable to read $name: $!"); while (<LF>) { chomp; @@ -1785,7 +1790,9 @@ sub provision_ad_dc($$$$$$) my $conffile="$prefix_abs/etc/smb.conf"; my $require_mutexes = "dbwrap_tdb_require_mutexes:* = yes"; - $require_mutexes = "" if ($ENV{SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT} eq "1"); + if ($ENV{SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT} // '' eq "1") { + $require_mutexes = ""; + } my $config_h = {}; @@ -2343,13 +2350,13 @@ sub setup_generic_vampire_dc } # Pull in a full set of changes from the main DC - my $base_dn = "DC=".join(",DC=", split(/\./, $dc_vars->{REALM})); + $base_dn = "DC=".join(",DC=", split(/\./, $dc_vars->{REALM})); $cmd = $self->get_cmd_env_vars($env); $cmd .= " $samba_tool drs replicate $env->{SERVER} $env->{DC_SERVER}"; $cmd .= " $dc_vars->{CONFIGURATION}"; $cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}"; # replicate Configuration NC - my $cmd_repl = "$cmd \"CN=Configuration,$base_dn\""; + $cmd_repl = "$cmd \"CN=Configuration,$base_dn\""; unless(system($cmd_repl) == 0) { warn("Failed to replicate\n$cmd_repl"); return undef; diff --git a/wscript_configure_system_gnutls b/wscript_configure_system_gnutls index f6d9ac3c65e..b2b955f3c90 100644 --- a/wscript_configure_system_gnutls +++ b/wscript_configure_system_gnutls @@ -1,5 +1,8 @@ from waflib import Options +def parse_version(v): + return tuple(map(int, (v.split(".")))) + gnutls_min_required_version = "3.4.7" gnutls_required_version = gnutls_min_required_version @@ -9,14 +12,22 @@ conf.CHECK_CFG(package='gnutls', msg='Checking for GnuTLS >= %s' % gnutls_required_version, mandatory=True) +gnutls_version = conf.cmd_and_log(conf.env.PKGCONFIG + ['--modversion', 'gnutls']).strip() + # Define gnutls as a system library conf.SET_TARGET_TYPE('gnutls', 'SYSLIB') # Check for gnutls_pkcs7_get_embedded_data_oid (>= 3.5.5) required by libmscat conf.CHECK_FUNCS_IN('gnutls_pkcs7_get_embedded_data_oid', 'gnutls') -# Check for gnutls_aead_cipher_encryptv2 (>= 3.6.10) -conf.CHECK_FUNCS_IN('gnutls_aead_cipher_encryptv2', 'gnutls') +# Check for gnutls_aead_cipher_encryptv2 +# +# This is available since version 3.6.10, but 3.6.10 has a bug which got fixed +# in 3.6.11, see: +# +# https://gitlab.com/gnutls/gnutls/-/merge_requests/1085 +if (parse_version('3.6.10') != parse_version(gnutls_version)): + conf.CHECK_FUNCS_IN('gnutls_aead_cipher_encryptv2', 'gnutls') if conf.CHECK_VALUEOF('GNUTLS_CIPHER_AES_128_CFB8', headers='gnutls/gnutls.h'): conf.DEFINE('HAVE_GNUTLS_AES_CFB8', 1) -- Samba Shared Repository