Logs.info("Looking for kerberos features")
conf.find_program('krb5-config.heimdal', var='HEIMDAL_KRB5_CONFIG')
-conf.find_program('krb5-config', var='KRB5_CONFIG')
+
+if isinstance(Options.options.with_system_mitkrb5, list):
+ path_krb5_config = [x+'/bin' for x in Options.options.with_system_mitkrb5]
+else:
+ path_krb5_config = None
+
+conf.find_program('krb5-config', path_list=path_krb5_config, var='KRB5_CONFIG')
if conf.env.KRB5_CONFIG:
- conf.check_cfg(path="krb5-config", args="--cflags --libs",
+ conf.CHECK_CFG(path=conf.env.KRB5_CONFIG, args="--cflags --libs",
package="", uselib_store="KRB5")
krb5_define_syslib(conf, "krb5", conf.env['LIB_KRB5'])
- for lib in conf.env['LIB_KRB5']:
- krb5_define_syslib(conf, lib, lib)
- conf.check_cfg(path="krb5-config", args="--cflags --libs",
+ conf.CHECK_CFG(path=conf.env.KRB5_CONFIG, args="--cflags --libs",
+ package="kdb", uselib_store="KDB5")
+ krb5_define_syslib(conf, "kdb5", conf.env['LIB_KDB5'])
+
+ conf.CHECK_CFG(path=conf.env.KRB5_CONFIG, args="--cflags --libs",
package="gssapi", uselib_store="GSSAPI")
krb5_define_syslib(conf, "gssapi", conf.env['LIB_GSSAPI'])
+ if 'k5crypto' in conf.env['LIB_GSSAPI']:
+ krb5_define_syslib(conf, "k5crypto", conf.env['LIB_GSSAPI'])
+ if 'com_err' in conf.env['LIB_GSSAPI']:
+ krb5_define_syslib(conf, "com_err", conf.env['LIB_GSSAPI'])
+ if 'gssapi_krb5' in conf.env['LIB_GSSAPI']:
+ krb5_define_syslib(conf, "gssapi_krb5", conf.env['LIB_GSSAPI'])
vendor = conf.cmd_and_log("%(path)s --vendor" % dict(path=conf.env.KRB5_CONFIG), dict())
conf.env.KRB5_VENDOR = vendor.strip().lower()
conf.define('USING_SYSTEM_KRB5', 1)
del conf.env.HEIMDAL_KRB5_CONFIG
kversion = conf.cmd_and_log("%(path)s --version" % dict(path=conf.env.KRB5_CONFIG), dict()).strip()
- kversion_split = map(int, kversion.split(" ")[-1].split("."))
- if kversion_split < [1, 9]:
+ kversion_split = kversion.split(' ')[-1].split('.')
+ # drop '-prerelease' suffix
+ if kversion_split[-1].find('-') > 0:
+ last_digit = kversion_split[-1].split('-')[0]
+ kversion_split[-1] = last_digit
+ kversion_check = map(int, kversion_split)
+ if kversion_check < [1, 9]:
Logs.error('ERROR: MIT krb5 build requires at least 1.9.0. %s is found and cannot be used' % (kversion))
+ Logs.error('ERROR: You may try to build with embedded Heimdal Kerebros by not specifying --with-system-mitkrb5')
sys.exit(1)
else:
Logs.info('%s is detected, MIT krb5 build can proceed' % (kversion))
-conf.check_cfg(args="--cflags --libs", package="com_err", uselib_store="com_err")
+conf.CHECK_CFG(args="--cflags --libs", package="com_err", uselib_store="com_err")
conf.CHECK_FUNCS_IN('_et_list', 'com_err')
conf.CHECK_HEADERS('com_err.h', lib='com_err')
+conf.CHECK_HEADERS('kdb.h', lib='kdb5')
conf.CHECK_HEADERS('krb5.h krb5/locate_plugin.h', lib='krb5')
-conf.CHECK_HEADERS('gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h', lib='gssapi')
+possible_gssapi_headers="gssapi.h gssapi/gssapi_generic.h gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h gssapi/gssapi_oid.h"
+conf.CHECK_HEADERS(possible_gssapi_headers, lib='gssapi')
conf.CHECK_FUNCS_IN('krb5_encrypt_data', 'k5crypto')
conf.CHECK_FUNCS_IN('des_set_key','crypto')
conf.CHECK_FUNCS_IN('copy_Authenticator', 'asn1')
conf.CHECK_FUNCS_IN('roken_getaddrinfo_hostspec', 'roken')
-if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi') or \
- conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi_krb5'):
+
+conf.CHECK_HEADERS('profile.h')
+
+if conf.CHECK_FUNCS_IN('gss_display_status', 'gssapi gssapi_krb5'):
have_gssapi=True
+
+if not have_gssapi:
+ if conf.env.KRB5_CONFIG and conf.env.KRB5_CONFIG != 'heimdal':
+ Logs.error("ERROR: WAF build with MIT Krb5 requires working GSSAPI implementation")
+ sys.exit(1)
+
conf.CHECK_FUNCS_IN('''
gss_wrap_iov
gss_krb5_import_cred
gsskrb5_extract_authz_data_from_sec_context
gss_krb5_export_lucid_sec_context
gss_import_cred gss_export_cred
- ''', 'gssapi gssapi_krb5 krb5')
+ ''', 'gssapi gssapi_krb5')
+conf.CHECK_VARIABLE('GSS_KRB5_CRED_NO_CI_FLAGS_X', headers=possible_gssapi_headers)
conf.CHECK_FUNCS_IN('krb5_mk_req_extended krb5_kt_compare', 'krb5')
conf.CHECK_FUNCS('''
+ krb5_auth_con_getrecvsubkey
+ krb5_auth_con_getsendsubkey
krb5_set_default_in_tkt_etypes krb5_set_default_tgs_enctypes
krb5_set_default_tgs_ktypes krb5_principal2salt
krb5_c_string_to_key krb5_get_pw_salt krb5_string_to_key_salt krb5_auth_con_setkey
krb5_get_init_creds_keyblock krb5_get_init_creds_keytab
krb5_make_principal krb5_build_principal_alloc_va
krb5_cc_get_lifetime krb5_cc_retrieve_cred
- krb5_free_checksum_contents krb5_c_make_checksum''',
+ krb5_cc_copy_creds
+ krb5_free_checksum_contents krb5_c_make_checksum krb5_create_checksum
+ krb5_config_get_bool_default krb5_get_profile
+ krb5_data_copy
+ krb5_init_keyblock krb5_principal_set_realm krb5_principal_get_type
+ krb5_principal_set_type
+ krb5_warnx
+ krb5_get_prompt_types
+ ''',
lib='krb5 k5crypto')
conf.CHECK_DECLS('''krb5_get_credentials_for_user
krb5_auth_con_set_req_cksumtype''',
define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
+conf.CHECK_STRUCTURE_MEMBER('krb5_prompt', 'type', headers='krb5.h',
+ define='HAVE_KRB5_PROMPT_TYPE')
conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
}''',
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG',
headers='krb5.h', lib='krb5 k5crypto',
- addmain=False, cflags='-Werror',
+ addmain=False, cflags=conf.env['WERROR_CFLAGS'],
msg="Checking whether krb5_enctype_to_string takes size_t argument")
conf.CHECK_CODE('''
}''',
'HAVE_KRB5_ENCTYPE_TO_STRING_WITH_KRB5_CONTEXT_ARG',
headers='krb5.h stdlib.h', lib='krb5',
- addmain=False, cflags='-Werror',
+ addmain=False, cflags=conf.env['WERROR_CFLAGS'],
msg="Checking whether krb5_enctype_to_string takes krb5_context argument")
conf.CHECK_CODE('''
int main(void) {
'HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER', addmain=False,
link=False,
msg="Checking for KRB5_DEPRECATED define taking an identifier")
+
+conf.CHECK_CODE('''
+ krb5_creds creds;
+ creds.flags.b.initial = 0;
+ ''',
+ 'HAVE_FLAGS_IN_KRB5_CREDS',
+ headers='krb5.h', lib='krb5', execute=False,
+ msg="Checking whether krb5_creds have flags property")
git.samba.org / samba.git / blobdiff