Age | Commit message (Collapse) | Author | Files | Lines |
|
This works around an artificial limitation in socket_wrapper that breaks
some versions of GnuTLS when we return a short write.
Instead, keep pushing until the OS will not take it.
The correct solution will be to use tls_tstream, but the client code
for this is not yet tested and needs the ldap client layer changed
to use it.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul 18 11:23:55 CEST 2012 on sn-devel-104
|
|
These are system-specific.
Reviewed-by: Jelmer
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Feb 18 00:43:58 CET 2012 on sn-devel-104
|
|
Found by callcatcher: http://www.skynet.ie/~caolan/Packages/callcatcher.html
Andrew Bartlett
|
|
This function call together with the lowat feature has been removed in release
3.0 as described in this mailing list post:
http://old.nabble.com/gnutls_transport_set_lowat-deprecated-td32554230.html.
Since we do not make any use of lowat (esprimed by each function call)
we are free to simply omit it on v3.0 and later.
This addresses bug #8537.
Reviewed by: abartlet + metze
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Nov 30 20:11:14 CET 2011 on sn-devel-104
|
|
|
|
This is needed so that OpenChange can get at _tevent_req_nterr(), which is referenced
by generated PIDL output.
Andrew Bartlett
|
|
This definitely fixes bug #7218.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Mar 10 11:58:27 CET 2011 on sn-devel-104
|
|
Maybe that fixes the remaining issues with some gnutls versions.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jan 18 17:26:08 CET 2011 on sn-devel-104
|
|
same data twice
metze
|
|
Some versions of gnutls doesn't handle EAGAIN correctly,
so we better allow sending buffers without a low size limitation,
the limit is now UINT16_MAX (0xFFFF) and we allocate the buffer
with talloc each time.
metze
|
|
The problem is that with certain version of gnutls are not working
properly if the server is sending in different packet things like (at
least)
* Certificate
* Server Key exchange
* Client certificate
Somehow it really expect this to be done in one packet as some
structures used _gnutls_send_handshake are reinitialized at every
packet exchange and intermediate steps didn't expect it
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
The new waf-based build system now has all the same functionality, and
the old build system has been broken for quite some time.
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
|
|
Most of the time this problem is due to a missing <private>/tls dir.
Should close bug 7640.
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Wed Oct 27 20:08:54 UTC 2010 on sn-devel-104
|
|
|
|
|
|
|
|
This works arround bugs in gnutls_handshake(),
which diesn't handle EAGAIN correctly, when they use the
push function.
Thanks to Marcel.Ritter@rrze.uni-erlangen.de and
Matthieu Patou <mat@samba.org> for the debugging work
on bug #7218.
metze
|
|
metze
|
|
metze
|
|
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Sep 28 02:29:42 UTC 2010 on sn-devel-104
|
|
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
them
|
|
|
|
|
|
This shows how we can do the dual-boolean rules we use so much with
autoconf
|
|
When we find a package with pkg_config we may need to use the
resulting ccflags and ldflags in later tests.
Support this by adding lib= options to CHECK_FUNC and CHECK_HEADER
This gets gnutls on FreeBSD working
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
|
|
when a client disconnects we expect this to happen, so don't print an
error each time
|
|
metze
|
|
metze
|
|
We think we have the bug fixed.
Andrew Bartlett
|
|
I tried hard to not change the program logic. Should fix bug #6439.
|
|
Jeremy.
|
|
This fixes two things in the TLS support for Samba4. The first is to
use a somewhat more correct hostname instead of 'Samba' when
generating the test certificates. That allows TLS test clients (such
as gnutls-cli) to connect to Samba4 using auto-generated certificates.
The second fix is to add a call to gcry_control() to tell gcrypt to
use /dev/urandom instead of /dev/random (on systems that support
that). That means that test certificate generation is now very fast,
which was previously an impediment to putting the TLS tests on the
build farm.
|
|
|
|
socket-tls backend.
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
warnings.
|
|
|
|
|