[SCM] Samba Shared Repository - branch v4-16-test updated
Jule Anger
janger at samba.org
Mon Mar 14 15:25:01 UTC 2022
The branch, v4-16-test has been updated
via 1fcb5ed30f9 s4-kdc: Fix memory leak in FAST cookie handling
via 9d819c9359f third_party/heimdal: import lorikeet-heimdal-202203101710 (commit df8d801544144949931cd742169be1207b239c3d)
via e6196c456c1 selftest: use 'kdc enable fast = no' for fl2000 fl2003
via 46435367394 s4:kdc: make use of the 'kdc enable fast' option
via 9aa78f15fd6 docs-xml: add 'kdc enable fast' option
via 2aa95f78203 third_party/heimdal: import lorikeet-heimdal-202203101709 (commit 47863866da25cc21d292ce335a976b8b33fa1864)
from 8ac427eed2c VERSION: Bump version up to Samba 4.16.0rc6...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -----------------------------------------------------------------
commit 1fcb5ed30f9a2b2fd7e02be66ab6052ae960aeed
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 8 22:46:02 2022 +1300
s4-kdc: Fix memory leak in FAST cookie handling
The call to sdb_free_entry() was forgotten.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15000
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Mar 11 11:05:55 UTC 2022 on sn-devel-184
(cherry picked from commit b7bc1f6dddc1c5fee8a39422823f167db1f24bb2)
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Mon Mar 14 15:24:28 UTC 2022 on sn-devel-184
commit 9d819c9359f35758219ee78ef0ade3828a9d8135
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Mar 10 17:49:52 2022 +0100
third_party/heimdal: import lorikeet-heimdal-202203101710 (commit df8d801544144949931cd742169be1207b239c3d)
This fixes the regressions against KDCs without FAST support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Fri Mar 11 18:06:47 UTC 2022 on sn-devel-184
(cherry picked from commit 9b48e7f7eda5e368c1192d562c268885c1f68d8b)
commit e6196c456c1d9635376fcc5565b9f67e2e7cf65a
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Mar 9 12:53:18 2022 +0100
selftest: use 'kdc enable fast = no' for fl2000 fl2003
This makes sure we still run tests against KDCs without FAST support
and it already found a few regressions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
(cherry picked from commit f1a71e24864367a55a30813dd642e7ef392b5ac9)
commit 4643536739464a1f1c49ca780ae34a1c8f6df360
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Mar 9 12:39:07 2022 +0100
s4:kdc: make use of the 'kdc enable fast' option
This will useful to test against a KDC without FAST support
and find/prevent regressions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
(cherry picked from commit 2db7589d69abebad16b66d933114367f815d5fc3)
commit 9aa78f15fd6f4796657246d09dab883a717de6f6
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Mar 9 12:39:07 2022 +0100
docs-xml: add 'kdc enable fast' option
This will be useful to test against a KDC without FAST support
and find/prevent regressions.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
(cherry picked from commit 12b623088cf48cf9e4a046441810ef20e1f079b8)
commit 2aa95f782037be279b093df5b3f9cbe4f1c44ab3
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Mar 10 16:12:43 2022 +0100
third_party/heimdal: import lorikeet-heimdal-202203101709 (commit 47863866da25cc21d292ce335a976b8b33fa1864)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15002
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15005
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
(cherry picked from commit 67bdc922f9836779f1b37805575c5c4eea9ba3e6)
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/security/kdcenablefast.xml | 15 +++
lib/param/loadparm.c | 2 +
selftest/target/Samba4.pm | 2 +
source3/param/loadparm.c | 2 +
source4/kdc/db-glue.c | 8 +-
source4/kdc/hdb-samba4.c | 1 +
source4/kdc/kdc-heimdal.c | 7 +
source4/selftest/tests.py | 5 +-
third_party/heimdal/.github/workflows/coverity.yml | 68 ++++++++++
third_party/heimdal/.github/workflows/linux.yml | 146 +++++++++++++++++++++
third_party/heimdal/.github/workflows/osx.yml | 122 +++++++++++++++++
.../heimdal/.github/workflows/scanbuild.yml | 67 ++++++++++
third_party/heimdal/.github/workflows/valgrind.yml | 71 ++++++++++
third_party/heimdal/.github/workflows/windows.yml | 92 +++++++++++++
third_party/heimdal/kdc/default_config.c | 9 ++
third_party/heimdal/kdc/fast.c | 3 +
third_party/heimdal/kdc/kdc.h | 1 +
third_party/heimdal/kdc/krb5tgs.c | 3 +
third_party/heimdal/lib/krb5/fast.c | 98 ++++++++++++--
third_party/heimdal/lib/krb5/get_cred.c | 76 +++++++----
third_party/heimdal/lib/krb5/init_creds_pw.c | 1 -
third_party/heimdal/lib/krb5/krb5.conf.5 | 2 +
third_party/heimdal/lib/krb5/pac.c | 12 +-
third_party/heimdal/tests/gss/check-context.in | 4 -
24 files changed, 763 insertions(+), 54 deletions(-)
create mode 100644 docs-xml/smbdotconf/security/kdcenablefast.xml
create mode 100644 third_party/heimdal/.github/workflows/coverity.yml
create mode 100644 third_party/heimdal/.github/workflows/linux.yml
create mode 100644 third_party/heimdal/.github/workflows/osx.yml
create mode 100644 third_party/heimdal/.github/workflows/scanbuild.yml
create mode 100644 third_party/heimdal/.github/workflows/valgrind.yml
create mode 100644 third_party/heimdal/.github/workflows/windows.yml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/security/kdcenablefast.xml b/docs-xml/smbdotconf/security/kdcenablefast.xml
new file mode 100644
index 00000000000..e47ca3b0bd4
--- /dev/null
+++ b/docs-xml/smbdotconf/security/kdcenablefast.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="kdc enable fast"
+ type="boolean"
+ context="G"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>With the Samba 4.16 the embedded Heimdal KDC brings
+ support for RFC6113 FAST, which wasn't available in
+ older Samba versions.</para>
+
+ <para>This option is mostly for testing and currently only applies
+ if the embedded Heimdal KDC is used.</para>
+</description>
+
+<value type="default">yes</value>
+</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index cae763b44ea..d6d845391e6 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2695,6 +2695,8 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "krb5 port", "88");
lpcfg_do_global_parameter(lp_ctx, "kpasswd port", "464");
+ lpcfg_do_global_parameter(lp_ctx, "kdc enable fast", "True");
+
lpcfg_do_global_parameter(lp_ctx, "nt status support", "True");
lpcfg_do_global_parameter(lp_ctx, "max wins ttl", "518400"); /* 6 days */
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index da6b2de488b..4c263f55de4 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1655,6 +1655,7 @@ sub provision_fl2000dc($$)
print "PROVISIONING DC WITH FOREST LEVEL 2000...\n";
my $extra_conf_options = "
+ kdc enable fast = no
spnego:simulate_w2k=yes
ntlmssp_server:force_old_spnego=yes
";
@@ -1698,6 +1699,7 @@ sub provision_fl2003dc($$$)
print "PROVISIONING DC WITH FOREST LEVEL 2003...\n";
my $extra_conf_options = "allow dns updates = nonsecure and secure
+ kdc enable fast = no
dcesrv:header signing = no
dcesrv:max auth states = 0
dns forwarder = $ip_addr1 [$ip_addr2]:54";
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index a366870d1fe..21e061939e3 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -942,6 +942,8 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
Globals.kpasswd_port = 464;
+ Globals.kdc_enable_fast = true;
+
Globals.aio_max_threads = 100;
lpcfg_string_set(Globals.ctx,
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 8d17038cfe6..bdadc1278c3 100644
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -448,11 +448,15 @@ static krb5_error_code samba_kdc_message2entry_keys(krb5_context context,
*supported_enctypes_out = 0;
if (rid == DOMAIN_RID_KRBTGT || is_rodc) {
+ bool enable_fast;
+
/* KDCs (and KDCs on RODCs) use AES */
supported_enctypes |= ENC_HMAC_SHA1_96_AES128 | ENC_HMAC_SHA1_96_AES256;
- /* KDCs support FAST */
- supported_enctypes |= ENC_FAST_SUPPORTED;
+ enable_fast = lpcfg_kdc_enable_fast(kdc_db_ctx->lp_ctx);
+ if (enable_fast) {
+ supported_enctypes |= ENC_FAST_SUPPORTED;
+ }
} else if (userAccountControl & (UF_PARTIAL_SECRETS_ACCOUNT|UF_SERVER_TRUST_ACCOUNT)) {
/* DCs and RODCs comptuer accounts use AES */
supported_enctypes |= ENC_HMAC_SHA1_96_AES128 | ENC_HMAC_SHA1_96_AES256;
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index 3f573f297f8..96e88423528 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -229,6 +229,7 @@ static krb5_error_code hdb_samba4_fetch_fast_cookie(krb5_context context,
ret = sdb_entry_ex_to_hdb_entry_ex(context,
&sdb_entry_ex,
entry_ex);
+ sdb_free_entry(&sdb_entry_ex);
TALLOC_FREE(mem_ctx);
return ret;
diff --git a/source4/kdc/kdc-heimdal.c b/source4/kdc/kdc-heimdal.c
index ddf3b649da2..0d2a410fc3b 100644
--- a/source4/kdc/kdc-heimdal.c
+++ b/source4/kdc/kdc-heimdal.c
@@ -422,6 +422,13 @@ static void kdc_post_fork(struct task_server *task, struct process_details *pd)
kdc_config->require_pac = true;
+ /*
+ * By default we enable RFC6113/FAST support,
+ * but we have an option to disable in order to
+ * test against a KDC with FAST support.
+ */
+ kdc_config->enable_fast = lpcfg_kdc_enable_fast(task->lp_ctx);
+
/*
* Match Windows and RFC6113 and Windows but break older
* Heimdal clients.
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 829eda82979..a7572b53cad 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -1666,12 +1666,15 @@ plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '
'--option=torture:krb5-service=http'],
"samba4.krb5.kdc with account having identical UPN and SPN")
for env in ["fl2008r2dc", "fl2003dc"]:
+ fast_support = have_fast_support
+ if env in ["fl2003dc"]:
+ fast_support = 0
planoldpythontestsuite(env, "samba.tests.krb5.as_req_tests",
environ={
'ADMIN_USERNAME': '$USERNAME',
'ADMIN_PASSWORD': '$PASSWORD',
'STRICT_CHECKING': '0',
- 'FAST_SUPPORT': have_fast_support,
+ 'FAST_SUPPORT': fast_support,
'TKT_SIG_SUPPORT': tkt_sig_support,
'EXPECT_PAC': expect_pac,
'EXPECT_EXTRA_PAC_BUFFERS': extra_pac_buffers,
diff --git a/third_party/heimdal/.github/workflows/coverity.yml b/third_party/heimdal/.github/workflows/coverity.yml
new file mode 100644
index 00000000000..5a175f52a8c
--- /dev/null
+++ b/third_party/heimdal/.github/workflows/coverity.yml
@@ -0,0 +1,68 @@
+name: Linux Coverity Build
+
+on:
+ push:
+ # Pushes to this branch get the scan-build treatment
+ branches:
+ - 'coverity*'
+
+jobs:
+ linux:
+ if: secrets.COVERITY_SCAN_TOKEN != ''
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ name: [linux-clang]
+ include:
+ - name: linux-clang
+ os: ubuntu-18.04
+ compiler: clang
+ steps:
+ - name: Clone repository
+ uses: actions/checkout at v1
+ - name: Install packages
+ if: startsWith(matrix.os, 'ubuntu')
+ run: |
+ sudo apt-get update -qq
+ sudo apt-get install -y bison comerr-dev flex libcap-ng-dev libdb-dev libedit-dev libjson-perl libldap2-dev libncurses5-dev libperl4-corelibs-perl libsqlite3-dev libkeyutils-dev pkg-config python ss-dev texinfo unzip netbase keyutils ldap-utils gdb apport curl libmicrohttpd-dev clang-tools clang-format jq valgrind
+ # Temporary workaround for:
+ # https://github.com/actions/virtual-environments/issues/3185
+ sudo hostname localhost
+ - name: Download Coverity Build Tool
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ run: |
+ wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=ruby" -O cov-analysis-linux64.tar.gz
+ mkdir cov-analysis-linux64
+ tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+ - name: Build
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ CONFIGURE_OPTS: ${{ matrix.configureopts }}
+ run: |
+ /bin/sh ./autogen.sh
+ mkdir build
+ cd build
+ ../configure --srcdir=`dirname "$PWD"` --enable-maintainer-mode --enable-developer --with-ldap $CONFIGURE_OPTS --prefix=$HOME/inst CFLAGS="-Wno-error=shadow -Wno-error=bad-function-cast -Wno-error=unused-function -Wno-error=unused-result -Wno-error=deprecated-declarations"
+ ulimit -c unlimited
+ # We don't want to scan-build libedit nor SQLite3 because ETOOSLOW
+ (cd lib/libedit && make -j4)
+ (cd lib/sqlite && make -j4)
+ export PATH=`pwd`/cov-analysis-linux64/bin:$PATH
+ cov-build --dir cov-int make -j4
+ - name: Submit the result to Coverity Scan
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
+ PROJECT: ${{ secrets.COVERITY_SCAN_PROJECT }}
+ run: |
+ tar czvf heimdal.tgz cov-int
+ curl \
+ --form project=ruby \
+ --form token=$TOKEN \
+ --form email=$EMAIL \
+ --form file=@heimdal.tgz \
+ --form version=trunk \
+ --form description="`./ruby -v`" "https://scan.coverity.com/builds?project=$PROJECT"
diff --git a/third_party/heimdal/.github/workflows/linux.yml b/third_party/heimdal/.github/workflows/linux.yml
new file mode 100644
index 00000000000..48e4c80dc3c
--- /dev/null
+++ b/third_party/heimdal/.github/workflows/linux.yml
@@ -0,0 +1,146 @@
+name: Linux Build
+
+on:
+ push:
+ branches:
+ - 'master'
+ - 'heimdal-7-1-branch'
+ paths:
+ - '!docs/**'
+ - '!**.md'
+ - '!**.[1-9]'
+ - '**.[chly]'
+ - '**.hin'
+ - '**.in'
+ - '**.am'
+ - '**.m4'
+ - '**.ac'
+ - '**.pl'
+ - '**.py'
+ - '**.asn1'
+ - '**.opt'
+ - '**/COPYING'
+ - '**/INSTALL'
+ - '**/README*'
+ - '.github/workflows/linux.yml'
+ - '!appveyor.yml'
+ - '!.travis.yml'
+
+ pull_request:
+ paths:
+ - '!docs/**'
+ - '!**.md'
+ - '!**.[1-9]'
+ - '**.[chly]'
+ - '**.hin'
+ - '**.in'
+ - '**.am'
+ - '**.m4'
+ - '**.ac'
+ - '**.pl'
+ - '**.py'
+ - '**.asn1'
+ - '**.opt'
+ - '**/COPYING'
+ - '**/INSTALL'
+ - '**/README*'
+ - '.github/workflows/linux.yml'
+ - '!appveyor.yml'
+ - '!.travis.yml'
+
+jobs:
+ unix:
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ name: [linux-clang, linux-gcc]
+ include:
+ - name: linux-clang
+ os: ubuntu-18.04
+ compiler: clang
+ cflags: ''
+ - name: linux-gcc
+ os: ubuntu-18.04
+ compiler: gcc
+ cflags: '-Wnonnull'
+ steps:
+ - name: Clone repository
+ uses: actions/checkout at v1
+ - name: Install packages
+ if: startsWith(matrix.os, 'ubuntu')
+ run: |
+ sudo apt-get update -qq
+ sudo apt-get install -y bison comerr-dev flex doxygen
+ sudo apt-get install -y libcap-ng-dev libdb-dev libedit-dev libjson-perl
+ sudo apt-get install -y libldap2-dev libncurses5-dev libperl4-corelibs-perl
+ sudo apt-get install -y libsqlite3-dev libkeyutils-dev pkg-config python
+ sudo apt-get install -y ss-dev texinfo unzip netbase keyutils ldap-utils
+ sudo apt-get install -y gdb apport curl libmicrohttpd-dev jq valgrind
+ # Temporary workaround for:
+ # https://github.com/actions/virtual-environments/issues/3185
+ sudo hostname localhost
+ - name: Build
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ run: |
+ /bin/sh ./autogen.sh
+ mkdir build
+ cd build
+ ../configure --srcdir=`dirname "$PWD"` --enable-maintainer-mode --enable-developer --with-ldap $CONFIGURE_OPTS --prefix=$HOME/inst CFLAGS="${{ matrix.cflags }} -Wno-error=shadow -Wno-error=bad-function-cast -Wno-error=unused-function -Wno-error=unused-result -Wno-error=deprecated-declarations"
+ make -j4
+ - name: Test
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ run: |
+ cd build
+ ulimit -c unlimited
+ make check
+ - name: Make Install
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ run: |
+ cd build || true
+ make DESTDIR=/tmp/h5l install
+ cd /tmp/h5l
+ tar czf $HOME/heimdal-install-linux-${{ matrix.compiler }}.tgz .
+ - name: Core dump stacks
+ run: |
+ echo "thread apply all bt" > /tmp/x
+ find . -name core -print | while read core; do gdb -batch -x x `file "$core"|sed -e "s/^[^']*'//" -e "s/[ '].*$//"` "$core"; done
+ if [ "$(find . -name core -print | wc -l)" -gt 0 ]; then false; fi
+ - name: Test logs
+ run: |
+ find build -depth -name \*.trs | xargs grep -lw FAIL | sed -e 's/trs$/log/' | tar -czf $HOME/logs-linux-${{ matrix.compiler }}.tgz --verbatim-files-from --files-from -
+ find build -name \*.trs | xargs grep -lw FAIL | sed -e 's/trs$/log/' | xargs cat
+ - name: Failed Test logs
+ if: ${{ failure() }}
+ run: |
+ find build -name \*.trs | xargs grep -lw FAIL | sed -e 's/trs$/log/' | xargs cat
+ - name: Make Dist
+ run: |
+ cd build
+ make dist
+ make distclean
+ if [ "$(git ls-files -o|grep -v ^build/ | wc -l)" -ne 0 ]; then
+ echo "Files not removed by make distclean:"
+ git ls-files -o|grep -v ^build/
+ fi
+ - name: Upload Install Tarball
+ uses: actions/upload-artifact at v2
+ with:
+ name: Install Tarball
+ path: '~/heimdal-install-linux-${{ matrix.compiler }}.tgz'
+ - name: Upload Dist Tarball
+ uses: actions/upload-artifact at v2
+ with:
+ name: Dist Tarball
+ path: 'build/heimdal-*.tar.gz'
+ - name: Upload Logs Tarball
+ uses: actions/upload-artifact at v2
+ with:
+ name: Test Logs
+ path: '~/logs-linux-${{ matrix.compiler }}.tgz'
diff --git a/third_party/heimdal/.github/workflows/osx.yml b/third_party/heimdal/.github/workflows/osx.yml
new file mode 100644
index 00000000000..342f850f1c7
--- /dev/null
+++ b/third_party/heimdal/.github/workflows/osx.yml
@@ -0,0 +1,122 @@
+name: OS X Build
+
+on:
+ push:
+ branches:
+ - 'master'
+ - 'osx-build'
+ - 'heimdal-7-1-branch'
+ paths:
+ - '!docs/**'
+ - '!**.md'
+ - '!**.[1-9]'
+ - '**.[chly]'
+ - '**.hin'
+ - '**.in'
+ - '**.am'
+ - '**.m4'
+ - '**.ac'
+ - '**.pl'
+ - '**.py'
+ - '**.asn1'
+ - '**.opt'
+ - '**/COPYING'
+ - '**/INSTALL'
+ - '**/README*'
+ - '.github/workflows/osx.yml'
+ - '!appveyor.yml'
+ - '!.travis.yml'
+
+ pull_request:
+ paths:
+ - '!docs/**'
+ - '!**.md'
+ - '!**.[1-9]'
+ - '**.[chly]'
+ - '**.hin'
+ - '**.in'
+ - '**.am'
+ - '**.m4'
+ - '**.ac'
+ - '**.pl'
+ - '**.py'
+ - '**.asn1'
+ - '**.opt'
+ - '**/COPYING'
+ - '**/INSTALL'
+ - '**/README*'
+ - '.github/workflows/osx.yml'
+ - '!appveyor.yml'
+ - '!.travis.yml'
+
+jobs:
+ osx:
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ name: [osx-clang]
+ include:
+ - name: osx-clang
+ os: macos-latest
+ compiler: clang
+ steps:
+ - name: Install packages
+ run: |
+ echo "bison, flex, ncurses, texinfo, and unzip are in the base OS."
+ echo "berkeley-db, perl, python, curl, and jq are installed in the"
+ echo "base image already."
+ brew install autoconf automake libtool cpanm
+ sudo cpanm install JSON
+ - name: Clone repository
+ uses: actions/checkout at v1
+ - name: Build
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ CONFIGURE_OPTS: ${{ matrix.configureopts }}
+ run: |
+ /bin/sh ./autogen.sh
+ mkdir build
+ cd build
+ ../configure --srcdir=`dirname "$PWD"` --disable-afs-support --enable-maintainer-mode --enable-developer $CONFIGURE_OPTS --prefix=$HOME/inst CFLAGS="-Wno-error=shadow -Wno-error=bad-function-cast -Wno-error=unused-function -Wno-error=unused-result -Wno-error=deprecated-declarations" CFLAGS="-O0 -g -ggdb3"
+ ulimit -c unlimited
+ make -j4
+ #- name: Setup upterm session
+ # uses: lhotari/action-upterm at v1
+ # with:
+ # limit-access-to-actor: true
+ - name: Test
+ env:
+ CC: ${{ matrix.compiler }}
+ MAKEVARS: ${{ matrix.makevars }}
+ CONFIGURE_OPTS: ${{ matrix.configureopts }}
+ run: |
+ set -vx
+ sudo lsof -nP -i:49188 || true
+ cd build
+ make check
+ - name: Install
+ run: |
+ cd build || true
+ make DESTDIR=/tmp/h5l install
+ cd /tmp/h5l
+ tar czf $HOME/heimdal-install-osx.tgz .
+ - name: Test logs
+ run: |
+ find build -depth -name \*.trs|xargs grep -lw FAIL|sed -e 's/trs$/log/' | cpio -o > $HOME/logs-osx.cpio
+ find build -name \*.trs|xargs grep -lw FAIL|sed -e 's/trs$/log/'|xargs cat
+ - name: Failed Test logs
+ if: ${{ failure() }}
+ run: |
+ find build -name \*.trs|xargs grep -lw FAIL|sed -e 's/trs$/log/'|xargs cat
+ - name: Upload Install Tarball
+ uses: actions/upload-artifact at v2
+ with:
+ name: Install Tarball
+ path: '~/heimdal-install-osx.tgz'
+ - name: Upload Artifacts
+ uses: actions/upload-artifact at v2
+ with:
+ name: Upload Test Logs
+ path: '~/logs-osx.cpio'
diff --git a/third_party/heimdal/.github/workflows/scanbuild.yml b/third_party/heimdal/.github/workflows/scanbuild.yml
new file mode 100644
index 00000000000..678ccfd8046
--- /dev/null
+++ b/third_party/heimdal/.github/workflows/scanbuild.yml
@@ -0,0 +1,67 @@
--
Samba Shared Repository
More information about the samba-cvs
mailing list