From: Stefan Metzmacher Date: Fri, 5 Apr 2024 15:23:54 +0000 (+0200) Subject: s3:libads: always require ber_sockbuf_add_io() and LDAP_OPT_SOCKBUF X-Git-Tag: tdb-1.4.11~948 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1a83feb0eec6fc6e4663edcc9fd71d2321123a2;p=thirdparty%2Fsamba.git s3:libads: always require ber_sockbuf_add_io() and LDAP_OPT_SOCKBUF There's no point in trying to support --with-ads, but only use plaintext ldap without sign/seal. Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index cf40633d127..0ae1eceb7d4 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -31,7 +31,7 @@ sub have_ads($) { open(IN, $smbd_build_options) or die("Unable to run $smbd_build_options: $!"); while () { - if (/WITH_ADS/) { + if (/HAVE_ADS/) { $found_ads = 1; } } diff --git a/source3/include/includes.h b/source3/include/includes.h index ee05b93c07d..b33f86a9565 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -105,11 +105,6 @@ #include #endif -/* we support ADS if we want it and have krb5 and ldap libs */ -#if defined(WITH_ADS) && defined(HAVE_KRB5) && defined(HAVE_LDAP) -#define HAVE_ADS -#endif - /* * Define additional missing types */ diff --git a/source3/libads/sasl_wrapping.c b/source3/libads/sasl_wrapping.c index 7f079478948..b976cbfff21 100644 --- a/source3/libads/sasl_wrapping.c +++ b/source3/libads/sasl_wrapping.c @@ -25,9 +25,9 @@ void ndr_print_ads_saslwrap_struct(struct ndr_print *ndr, const char *name, cons ndr_print_struct(ndr, name, "saslwrap"); ndr->depth++; ndr_print_uint16(ndr, "wrap_type", r->wrap_type); -#ifdef HAVE_LDAP_SASL_WRAPPING +#ifdef HAVE_ADS ndr_print_ptr(ndr, "sbiod", r->sbiod); -#endif /* HAVE_LDAP_SASL_WRAPPING */ +#endif /* HAVE_ADS */ ndr_print_ptr(ndr, "mem_ctx", r->mem_ctx); ndr_print_ptr(ndr, "wrap_ops", r->wrap_ops); ndr_print_ptr(ndr, "wrap_private_data", r->wrap_private_data); @@ -52,7 +52,7 @@ void ndr_print_ads_saslwrap_struct(struct ndr_print *ndr, const char *name, cons ndr->depth--; } -#ifdef HAVE_LDAP_SASL_WRAPPING +#ifdef HAVE_ADS static int ads_saslwrap_setup(Sockbuf_IO_Desc *sbiod, void *arg) { @@ -348,4 +348,4 @@ ADS_STATUS ads_setup_sasl_wrapping(struct ads_saslwrap *wrap, LDAP *ld, { return ADS_ERROR_NT(NT_STATUS_NOT_SUPPORTED); } -#endif /* HAVE_LDAP_SASL_WRAPPING */ +#endif /* HAVE_ADS */ diff --git a/source3/librpc/idl/ads.idl b/source3/librpc/idl/ads.idl index b7658ca19ea..4a63ace7c23 100644 --- a/source3/librpc/idl/ads.idl +++ b/source3/librpc/idl/ads.idl @@ -92,9 +92,9 @@ interface ads typedef [nopull,nopush] struct { ads_saslwrap_type wrap_type; [ignore] ads_saslwrap_ops *wrap_ops; -#ifdef HAVE_LDAP_SASL_WRAPPING +#ifdef HAVE_ADS [ignore] struct sockbuf_io_desc *sbiod; /* lowlevel state for LDAP wrapping */ -#endif /* HAVE_LDAP_SASL_WRAPPING */ +#endif /* HAVE_ADS */ [ignore] TALLOC_CTX *mem_ctx; [ignore] void *wrap_private_data; ads_ldap_buf_in in; @@ -118,11 +118,11 @@ interface ads /* info derived from the servers config */ ads_config config; -#ifdef HAVE_LDAP +#ifdef HAVE_ADS ads_saslwrap ldap_wrap_data; /* info about the current LDAP connection */ ads_ldap ldap; -#endif /* HAVE_LDAP */ +#endif /* HAVE_ADS */ } ads_struct; } diff --git a/source3/wscript b/source3/wscript index b98ad733f38..4048ec5aad5 100644 --- a/source3/wscript +++ b/source3/wscript @@ -723,13 +723,13 @@ msg.msg_accrightslen = sizeof(fd); conf.undefine('HAVE_GSSAPI_GSSAPI_H') use_ads = False - if not conf.CONFIG_SET('HAVE_LDAP'): + if not conf.CONFIG_SET('HAVE_LDAP_TRANSPORT_WRAPPING'): + Logs.warn("need ber_sockbuf_add_io() and LDAP_OPT_SOCKBUF for SASL and TLS support") use_ads = False use_ads_ldap = False if use_ads: - conf.DEFINE('WITH_ADS', '1') - conf.env['HAVE_ADS'] = '1' + conf.DEFINE('HAVE_ADS', '1') Logs.info("Building with Active Directory support.") # these have broken dependencies forced_shared_modules.extend(['idmap_ad', 'idmap_rfc2307']) diff --git a/source4/scripting/bin/wscript_build b/source4/scripting/bin/wscript_build index d31afb2f132..5de0d6ff3c8 100644 --- a/source4/scripting/bin/wscript_build +++ b/source4/scripting/bin/wscript_build @@ -9,6 +9,6 @@ if bld.CONFIG_SET('AD_DC_BUILD_IS_ENABLED'): 'gen_output.py', 'samba_downgrade_db']: bld.SAMBA_SCRIPT(script, pattern=script, installdir='.') -if bld.CONFIG_SET('WITH_ADS'): +if bld.CONFIG_SET('HAVE_ADS'): bld.SAMBA_SCRIPT('samba-tool', pattern='samba-tool', installdir='.') bld.SAMBA_SCRIPT('samba-gpupdate', pattern='samba-gpupdate', installdir='.') diff --git a/source4/scripting/wscript_build b/source4/scripting/wscript_build index 6728dec998e..72e4653c5f7 100644 --- a/source4/scripting/wscript_build +++ b/source4/scripting/wscript_build @@ -16,7 +16,7 @@ if sbin_files: if 'XSLTPROC_MANPAGES' in bld.env and bld.env['XSLTPROC_MANPAGES']: bld.MANPAGES(man_files, True) -if bld.CONFIG_SET('WITH_ADS'): +if bld.CONFIG_SET('HAVE_ADS'): bld.INSTALL_FILES('${BINDIR}', 'bin/samba-tool', chmod=MODE_755, python_fixup=True, flat=True) diff --git a/wscript b/wscript index 57545c6a571..c833764e8fe 100644 --- a/wscript +++ b/wscript @@ -291,7 +291,7 @@ def configure(conf): # SASL wrapping hooks if conf.CONFIG_SET('HAVE_BER_SOCKBUF_ADD_IO') and \ conf.CONFIG_SET('HAVE_LDAP_OPT_SOCKBUF'): - conf.DEFINE('HAVE_LDAP_SASL_WRAPPING', '1') + conf.DEFINE('HAVE_LDAP_TRANSPORT_WRAPPING', 1) conf.env.ENABLE_LDAP_BACKEND = True else: conf.fatal("LDAP support not found. "