# Set this to the contents of bootstrap/sha1sum.txt
# which is generated by bootstrap/template.py --render
#
- SAMBA_CI_CONTAINER_TAG: cfddaa8d36c3f512827bd96fe05c30f7f8337f4b
+ SAMBA_CI_CONTAINER_TAG: 6f4e1c3f1eb3b3236ae793c11def2135386a0ee9
#
# We use the ubuntu2204 image as default as
# it matches what we have on atb-devel-224
# rpm has no pkg for docbook-xml
('docbook-xml', 'docbook-dtds'),
('docbook-xsl', 'docbook-style-xsl'),
- ('', 'keyutils-libs-devel'),
+ ('libkeyutils-dev', 'keyutils-libs-devel'),
('', 'which'),
('xz-utils', 'xz')
]
libjansson-dev \
libjs-jquery \
libjson-perl \
+ libkeyutils-dev \
libkrb5-dev \
libldap2-dev \
liblmdb-dev \
- libjansson-dev
- libjs-jquery
- libjson-perl
+ - libkeyutils-dev
- libkrb5-dev
- libldap2-dev
- liblmdb-dev
libjansson-dev \
libjs-jquery \
libjson-perl \
+ libkeyutils-dev \
libkrb5-dev \
libldap2-dev \
liblmdb-dev \
- libjansson-dev
- libjs-jquery
- libjson-perl
+ - libkeyutils-dev
- libkrb5-dev
- libldap2-dev
- liblmdb-dev
libjansson-dev \
libjs-jquery \
libjson-perl \
+ libkeyutils-dev \
libkrb5-dev \
libldap2-dev \
liblmdb-dev \
- libjansson-dev
- libjs-jquery
- libjson-perl
+ - libkeyutils-dev
- libkrb5-dev
- libldap2-dev
- liblmdb-dev
libjansson-dev \
libjs-jquery \
libjson-perl \
+ libkeyutils-dev \
libkrb5-dev \
libldap2-dev \
liblmdb-dev \
- libjansson-dev
- libjs-jquery
- libjson-perl
+ - libkeyutils-dev
- libkrb5-dev
- libldap2-dev
- liblmdb-dev
libjansson-dev \
libjs-jquery \
libjson-perl \
+ libkeyutils-dev \
libkrb5-dev \
libldap2-dev \
liblmdb-dev \
- libjansson-dev
- libjs-jquery
- libjson-perl
+ - libkeyutils-dev
- libkrb5-dev
- libldap2-dev
- liblmdb-dev
-cfddaa8d36c3f512827bd96fe05c30f7f8337f4b
+6f4e1c3f1eb3b3236ae793c11def2135386a0ee9
get_port.c init_creds.c init_creds_pw.c
kcm.c keyblock.c keytab.c keytab_any.c
keytab_file.c keytab_memory.c
- keytab_keyfile.c krbhst.c log.c
+ keytab_keyfile.c krbhst.c krcache.c log.c
mcache.c misc.c mk_error.c mk_priv.c
mk_rep.c mk_req.c mk_req_ext.c
mit_glue.c net_read.c net_write.c n-fold.c padata.c pkinit.c pkinit-ec.c
mk_cred.c kx509_err.c
k524_err.c krb_err.c k5e1_err.c''')] + ["../heimdal_build/krb5-glue.c"]
+ krb5_keyutils_dep = ''
+ if bld.CONFIG_SET('HAVE_KEYCTL_GET_PERSISTENT'):
+ krb5_keyutils_dep = ' keyutils'
+
HEIMDAL_LIBRARY('krb5', KRB5_SOURCE,
version_script='lib/krb5/version-script.map',
includes='../heimdal/lib/krb5 ../heimdal/lib/asn1 ../heimdal/include',
- deps='roken wind asn1 hx509 HEIMDAL_KX509_ASN1 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl HEIMDAL_IPC_CLIENT KRB5_CRYPTO',
+ deps='roken wind asn1 hx509 HEIMDAL_KX509_ASN1 hcrypto com_err HEIMDAL_CONFIG heimbase execinfo samba_intl HEIMDAL_IPC_CLIENT KRB5_CRYPTO' + krb5_keyutils_dep,
cflags=['-DLOCALSTATEDIR="/2"'] + bld.dynconfig_cflags(),
)
KRB5_PROTO_SOURCE = KRB5_SOURCE + ['lib/krb5/expand_path.c', 'lib/krb5/plugin.c', 'lib/krb5/context.c', 'lib/krb5/crypto.c']
conf.CHECK_DECLS('dirfd', reverse=True, headers='dirent.h')
conf.CHECK_STRUCTURE_MEMBER('DIR', 'dd_fd', define='HAVE_DIR_DD_FD', headers='dirent.h')
+if conf.env['WITH_KERNEL_KEYRING'] != False:
+ require_keyutils = False
+ if conf.env['WITH_KERNEL_KEYRING'] == True:
+ require_keyutils = True
+ conf.CHECK_FUNCS_IN('add_key keyctl_get_persistent',
+ 'keyutils', headers='keyutils.h',
+ mandatory=require_keyutils)
+ conf.CHECK_SIZEOF('key_serial_t', headers='keyutils.h',
+ critical=require_keyutils)
+
heimdal_no_error_flags = ['-Wno-error=discarded-qualifiers',
'-Wno-error=cast-qual',
'-Wno-error=missing-field-initializers',
help=("Disable RELRO builds"),
action="store_false", dest='enable_relro')
+ opt.add_option('--with-kernel-keyring',
+ help=('Enable kernely keyring support for credential storage ' +
+ '(default if keyutils libraries are available)'),
+ action='store_true', dest='enable_keyring')
+ opt.add_option('--without-kernel-keyring',
+ help=('Disable kernely keyring support for credential storage'),
+ action='store_false', dest='enable_keyring')
+
gr = opt.option_group('developer options')
opt.load('python') # options for disabling pyc or pyo compilation
mandatory=True)
conf.CHECK_FUNCS_IN('inflateInit2', 'z')
+ if Options.options.enable_keyring != False:
+ conf.env['WITH_KERNEL_KEYRING'] = 'auto'
+ if Options.options.enable_keyring == True:
+ conf.env['WITH_KERNEL_KEYRING'] = True
+ else:
+ conf.env['WITH_KERNEL_KEYRING'] = False
+
if conf.CHECK_FOR_THIRD_PARTY():
conf.RECURSE('third_party')
else: